From 202e197f90e45f02fece78d8883b5d020ac55556 Mon Sep 17 00:00:00 2001 From: Sean Molenaar Date: Mon, 1 Jul 2024 22:55:16 +0200 Subject: [PATCH] Use PentabarfKit --- .swiftlint.yml | 4 + Fosdem.xcodeproj/project.pbxproj | 148 +- .../xcshareddata/xcschemes/Fosdem.xcscheme | 2 +- .../xcschemes/FosdemTests.xcscheme | 2 +- Fosdem/AppDelegate.swift | 71 +- Fosdem/Fosdem.xcdatamodeld/.xccurrentversion | 8 - .../Fosdem 1.1.xcdatamodel/contents | 60 - .../Fosdem.xcdatamodel/contents | 60 - Fosdem/Import/DataImporter.swift | 52 - Fosdem/Import/RemoteScheduleFetcher.swift | 90 +- Fosdem/Import/RoomStatusImporter.swift | 14 +- Fosdem/Info.plist | 2 +- Fosdem/Models/Conference.swift | 68 +- Fosdem/Models/Event.swift | 225 +- Fosdem/Models/EventType.swift | 86 +- Fosdem/Models/EventUserInfo.swift | 21 +- Fosdem/Models/Link.swift | 83 +- Fosdem/Models/Person.swift | 57 +- Fosdem/Models/Room.swift | 50 +- Fosdem/Models/Track.swift | 58 +- Fosdem/Utils/HTMLFormattedText.swift | 4 +- Fosdem/Utils/PreviewEvent.swift | 88 +- Fosdem/Utils/SettingsHelper.swift | 46 + Fosdem/Utils/UrlHelper.swift | 7 +- Fosdem/Utils/YearHelper.swift | 22 - Fosdem/Views/EventDetailHeader.swift | 10 +- Fosdem/Views/EventDetailView.swift | 70 +- Fosdem/Views/EventListView.swift | 115 +- Fosdem/Views/EventTypeColor.swift | 15 + Fosdem/Views/EventTypeIcon.swift | 38 + Fosdem/Views/ListItem.swift | 25 +- Fosdem/Views/ListPredicate.swift | 112 +- Fosdem/Views/SettingsView.swift | 50 + Fosdem/Views/TrackColor.swift | 15 + Fosdem/Views/VideoPlayer.swift | 7 +- FosdemTests/schedule_2019.xml | 21706 ------------- FosdemTests/schedule_2022.xml | 25544 ---------------- FosdemTests/schedule_2023.xml | 119 - Localizable.xcstrings | 299 + Package.resolved | 33 +- Package.swift | 6 +- 41 files changed, 1200 insertions(+), 48292 deletions(-) delete mode 100644 Fosdem/Fosdem.xcdatamodeld/.xccurrentversion delete mode 100644 Fosdem/Fosdem.xcdatamodeld/Fosdem 1.1.xcdatamodel/contents delete mode 100644 Fosdem/Fosdem.xcdatamodeld/Fosdem.xcdatamodel/contents delete mode 100644 Fosdem/Import/DataImporter.swift create mode 100644 Fosdem/Utils/SettingsHelper.swift delete mode 100644 Fosdem/Utils/YearHelper.swift create mode 100644 Fosdem/Views/EventTypeColor.swift create mode 100644 Fosdem/Views/EventTypeIcon.swift create mode 100644 Fosdem/Views/TrackColor.swift delete mode 100644 FosdemTests/schedule_2019.xml delete mode 100644 FosdemTests/schedule_2022.xml delete mode 100644 FosdemTests/schedule_2023.xml create mode 100644 Localizable.xcstrings diff --git a/.swiftlint.yml b/.swiftlint.yml index c3b7576..b0002a3 100644 --- a/.swiftlint.yml +++ b/.swiftlint.yml @@ -2,3 +2,7 @@ opt_in_rules: # some rules are turned off by default, so you need to opt-in - empty_count analyzer_rules: # Rules run by `swiftlint analyze` - explicit_self +included: + - Fosdem + - FosdemTests + - FosdemUITests diff --git a/Fosdem.xcodeproj/project.pbxproj b/Fosdem.xcodeproj/project.pbxproj index 5e3f96c..308e25d 100644 --- a/Fosdem.xcodeproj/project.pbxproj +++ b/Fosdem.xcodeproj/project.pbxproj @@ -3,7 +3,7 @@ archiveVersion = 1; classes = { }; - objectVersion = 56; + objectVersion = 60; objects = { /* Begin PBXBuildFile section */ @@ -14,17 +14,14 @@ 146A86702205EFE9008A61AD /* Person.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A86682205EFE8008A61AD /* Person.swift */; }; 146A86732205EFE9008A61AD /* Conference.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A866B2205EFE9008A61AD /* Conference.swift */; }; 146A86742205EFE9008A61AD /* Event.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A866C2205EFE9008A61AD /* Event.swift */; }; - 146A8677220601DD008A61AD /* XmlFinder.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A8676220601DD008A61AD /* XmlFinder.swift */; }; 146A86792206ED84008A61AD /* Track.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A86782206ED84008A61AD /* Track.swift */; }; 146A867E22089497008A61AD /* Link.swift in Sources */ = {isa = PBXBuildFile; fileRef = 146A867D22089497008A61AD /* Link.swift */; }; 14D277192205D07200740042 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14D277182205D07200740042 /* AppDelegate.swift */; }; - 14D2771C2205D07200740042 /* Fosdem.xcdatamodeld in Sources */ = {isa = PBXBuildFile; fileRef = 14D2771A2205D07200740042 /* Fosdem.xcdatamodeld */; }; 14D277252205D07500740042 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 14D277242205D07500740042 /* Assets.xcassets */; }; 14D277332205D07500740042 /* FosdemTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14D277322205D07500740042 /* FosdemTests.swift */; }; 14D2773E2205D07500740042 /* FosdemUITests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14D2773D2205D07500740042 /* FosdemUITests.swift */; }; 14D2774C2205D19D00740042 /* RemoteScheduleFetcher.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14D2774B2205D19D00740042 /* RemoteScheduleFetcher.swift */; }; - 14DA228E220C6B9000CBE015 /* ManagedObjectProtocol.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14DA228D220C6B9000CBE015 /* ManagedObjectProtocol.swift */; }; - 14DA2290220C735600CBE015 /* DataImporter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 14DA228F220C735600CBE015 /* DataImporter.swift */; }; + 9203845F2B5B0A2100B793AA /* PentabarfKit in Frameworks */ = {isa = PBXBuildFile; productRef = 9203845E2B5B0A2100B793AA /* PentabarfKit */; }; 92077D5128FF01C600BF8A03 /* EventDetailView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92077D5028FF01C600BF8A03 /* EventDetailView.swift */; }; 924E15BC2922C637005A8EA2 /* RoomStatusImporter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 924E15BB2922C637005A8EA2 /* RoomStatusImporter.swift */; }; 924E15BE2922CCA9005A8EA2 /* RoomState.swift in Sources */ = {isa = PBXBuildFile; fileRef = 924E15BD2922CCA9005A8EA2 /* RoomState.swift */; }; @@ -32,15 +29,16 @@ 925321602925716A004C7E5C /* EventUserInfo.swift in Sources */ = {isa = PBXBuildFile; fileRef = 9253215F2925716A004C7E5C /* EventUserInfo.swift */; }; 925B0261298EAE0E00AFA83D /* LiveIcon.swift in Sources */ = {isa = PBXBuildFile; fileRef = 925B0260298EAE0E00AFA83D /* LiveIcon.swift */; }; 925B0263298EB2A400AFA83D /* VideoPlayer.swift in Sources */ = {isa = PBXBuildFile; fileRef = 925B0262298EB2A400AFA83D /* VideoPlayer.swift */; }; + 925F4A7D2B2863D8007E9D1D /* Localizable.xcstrings in Resources */ = {isa = PBXBuildFile; fileRef = 925F4A7C2B285A70007E9D1D /* Localizable.xcstrings */; }; 9268D79A298F251E0067A6B1 /* ListPredicate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 9268D799298F251E0067A6B1 /* ListPredicate.swift */; }; - 92A2BDF82948CAE50034864F /* schedule_2019.xml in Resources */ = {isa = PBXBuildFile; fileRef = 92A2BDF72948CAE50034864F /* schedule_2019.xml */; }; - 92A2BDFC2948D4AC0034864F /* schedule_2023.xml in Resources */ = {isa = PBXBuildFile; fileRef = 92A2BDFA2948D4AC0034864F /* schedule_2023.xml */; }; - 92A2BDFD2948D4AC0034864F /* schedule_2022.xml in Resources */ = {isa = PBXBuildFile; fileRef = 92A2BDFB2948D4AC0034864F /* schedule_2022.xml */; }; 92B987FC2981CD10007574EB /* AboutView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92B987FB2981CD10007574EB /* AboutView.swift */; }; - 92C22E6029806C70006D7B5C /* SwiftyXMLParser in Frameworks */ = {isa = PBXBuildFile; productRef = 92C22E5F29806C70006D7B5C /* SwiftyXMLParser */; }; + 92BB58562B5FB84400C54292 /* SettingsView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92BB58552B5FB84400C54292 /* SettingsView.swift */; }; + 92BD1D2E2B5C345700DB8FC1 /* EventTypeIcon.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92BD1D2D2B5C345700DB8FC1 /* EventTypeIcon.swift */; }; + 92BD1D302B5C34F100DB8FC1 /* EventTypeColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92BD1D2F2B5C34F100DB8FC1 /* EventTypeColor.swift */; }; + 92BD1D322B5C374A00DB8FC1 /* TrackColor.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92BD1D312B5C374A00DB8FC1 /* TrackColor.swift */; }; 92C22E6229806F61006D7B5C /* privacy.md in Resources */ = {isa = PBXBuildFile; fileRef = 92C22E6129806F61006D7B5C /* privacy.md */; }; 92C271D02922292500E8C25D /* PreviewEvent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92C271CF2922292500E8C25D /* PreviewEvent.swift */; }; - 92CE31AF28FC49DC0073813E /* YearHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92CE31AE28FC49DC0073813E /* YearHelper.swift */; }; + 92CE31AF28FC49DC0073813E /* SettingsHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92CE31AE28FC49DC0073813E /* SettingsHelper.swift */; }; 92CE31B128FC4A940073813E /* EventListView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92CE31B028FC4A940073813E /* EventListView.swift */; }; 92D9E7B8291D7B9B007D203D /* HTMLFormattedText.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92D9E7B7291D7B9B007D203D /* HTMLFormattedText.swift */; }; 92D9E7BA291D95E1007D203D /* EventDetailHeader.swift in Sources */ = {isa = PBXBuildFile; fileRef = 92D9E7B9291D95E1007D203D /* EventDetailHeader.swift */; }; @@ -72,12 +70,10 @@ 146A86682205EFE8008A61AD /* Person.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Person.swift; sourceTree = ""; }; 146A866B2205EFE9008A61AD /* Conference.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Conference.swift; sourceTree = ""; }; 146A866C2205EFE9008A61AD /* Event.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Event.swift; sourceTree = ""; }; - 146A8676220601DD008A61AD /* XmlFinder.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = XmlFinder.swift; sourceTree = ""; }; 146A86782206ED84008A61AD /* Track.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Track.swift; sourceTree = ""; }; 146A867D22089497008A61AD /* Link.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Link.swift; sourceTree = ""; }; 14D277152205D07200740042 /* Fosdem.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Fosdem.app; sourceTree = BUILT_PRODUCTS_DIR; }; 14D277182205D07200740042 /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; - 14D2771B2205D07200740042 /* Fosdem.xcdatamodel */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcdatamodel; path = Fosdem.xcdatamodel; sourceTree = ""; }; 14D277242205D07500740042 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; 14D277292205D07500740042 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 14D2772E2205D07500740042 /* FosdemTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = FosdemTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; @@ -87,8 +83,6 @@ 14D2773D2205D07500740042 /* FosdemUITests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FosdemUITests.swift; sourceTree = ""; }; 14D2773F2205D07500740042 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 14D2774B2205D19D00740042 /* RemoteScheduleFetcher.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RemoteScheduleFetcher.swift; sourceTree = ""; }; - 14DA228D220C6B9000CBE015 /* ManagedObjectProtocol.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ManagedObjectProtocol.swift; sourceTree = ""; }; - 14DA228F220C735600CBE015 /* DataImporter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DataImporter.swift; sourceTree = ""; }; 92077D5028FF01C600BF8A03 /* EventDetailView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventDetailView.swift; sourceTree = ""; }; 924E15BB2922C637005A8EA2 /* RoomStatusImporter.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RoomStatusImporter.swift; sourceTree = ""; }; 924E15BD2922CCA9005A8EA2 /* RoomState.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RoomState.swift; sourceTree = ""; }; @@ -96,19 +90,19 @@ 9253215F2925716A004C7E5C /* EventUserInfo.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventUserInfo.swift; sourceTree = ""; }; 925B0260298EAE0E00AFA83D /* LiveIcon.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LiveIcon.swift; sourceTree = ""; }; 925B0262298EB2A400AFA83D /* VideoPlayer.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = VideoPlayer.swift; sourceTree = ""; }; + 925F4A7C2B285A70007E9D1D /* Localizable.xcstrings */ = {isa = PBXFileReference; lastKnownFileType = text.json.xcstrings; path = Localizable.xcstrings; sourceTree = ""; }; 9268D799298F251E0067A6B1 /* ListPredicate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ListPredicate.swift; sourceTree = ""; }; - 92A2BDF72948CAE50034864F /* schedule_2019.xml */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = schedule_2019.xml; sourceTree = ""; }; 92A2BDF92948CC5E0034864F /* FosdemTests.xctestplan */ = {isa = PBXFileReference; lastKnownFileType = text; name = FosdemTests.xctestplan; path = Fosdem.xcodeproj/FosdemTests.xctestplan; sourceTree = ""; }; - 92A2BDFA2948D4AC0034864F /* schedule_2023.xml */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = schedule_2023.xml; sourceTree = ""; }; - 92A2BDFB2948D4AC0034864F /* schedule_2022.xml */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = schedule_2022.xml; sourceTree = ""; }; 92A57B392988FD1C00C0BB78 /* Package.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Package.swift; sourceTree = ""; }; 92B987FB2981CD10007574EB /* AboutView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AboutView.swift; sourceTree = ""; }; + 92BB58552B5FB84400C54292 /* SettingsView.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SettingsView.swift; sourceTree = ""; }; + 92BD1D2D2B5C345700DB8FC1 /* EventTypeIcon.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventTypeIcon.swift; sourceTree = ""; }; + 92BD1D2F2B5C34F100DB8FC1 /* EventTypeColor.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = EventTypeColor.swift; sourceTree = ""; }; + 92BD1D312B5C374A00DB8FC1 /* TrackColor.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = TrackColor.swift; sourceTree = ""; }; 92C22E6129806F61006D7B5C /* privacy.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = privacy.md; sourceTree = ""; }; 92C271CF2922292500E8C25D /* PreviewEvent.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PreviewEvent.swift; sourceTree = ""; }; - 92CE31AE28FC49DC0073813E /* YearHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = YearHelper.swift; sourceTree = ""; }; - 92CE31B028FC4A940073813E /* EventListView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventListView.swift; sourceTree = ""; }; - 92D2EC51298C486A0047A437 /* Fosdem 1.1.xcdatamodel */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcdatamodel; path = "Fosdem 1.1.xcdatamodel"; sourceTree = ""; }; - 92D2EC52298C4DE90047A437 /* Migration1.1.xcmappingmodel */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcmappingmodel; name = Migration1.1.xcmappingmodel; path = "../../Library/Developer/Xcode/DerivedData/Fosdem-cwvcjrfyxyxsrkdiimbbbikwtjsl/SourcePackages/checkouts/SwiftyXMLParser/Migration1.1.xcmappingmodel"; sourceTree = ""; }; + 92CE31AE28FC49DC0073813E /* SettingsHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SettingsHelper.swift; sourceTree = ""; }; + 92CE31B028FC4A940073813E /* EventListView.swift */ = {isa = PBXFileReference; explicitFileType = sourcecode.swift; path = EventListView.swift; sourceTree = ""; }; 92D9E7B7291D7B9B007D203D /* HTMLFormattedText.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = HTMLFormattedText.swift; sourceTree = ""; }; 92D9E7B9291D95E1007D203D /* EventDetailHeader.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = EventDetailHeader.swift; sourceTree = ""; }; 92F70A9F2922B49A000BE6CB /* UrlHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UrlHelper.swift; sourceTree = ""; }; @@ -119,7 +113,7 @@ isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( - 92C22E6029806C70006D7B5C /* SwiftyXMLParser in Frameworks */, + 9203845F2B5B0A2100B793AA /* PentabarfKit in Frameworks */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -145,8 +139,6 @@ children = ( 924E15BB2922C637005A8EA2 /* RoomStatusImporter.swift */, 14D2774B2205D19D00740042 /* RemoteScheduleFetcher.swift */, - 146A8676220601DD008A61AD /* XmlFinder.swift */, - 14DA228F220C735600CBE015 /* DataImporter.swift */, ); path = Import; sourceTree = ""; @@ -161,7 +153,6 @@ 146A866C2205EFE9008A61AD /* Event.swift */, 146A86672205EFE8008A61AD /* Room.swift */, 146A86682205EFE8008A61AD /* Person.swift */, - 14DA228D220C6B9000CBE015 /* ManagedObjectProtocol.swift */, 924E15BD2922CCA9005A8EA2 /* RoomState.swift */, 9253215F2925716A004C7E5C /* EventUserInfo.swift */, ); @@ -171,6 +162,7 @@ 146A867C220745BF008A61AD /* Views */ = { isa = PBXGroup; children = ( + 92BB58552B5FB84400C54292 /* SettingsView.swift */, 92CE31B028FC4A940073813E /* EventListView.swift */, 92077D5028FF01C600BF8A03 /* EventDetailView.swift */, 92D9E7B9291D95E1007D203D /* EventDetailHeader.swift */, @@ -179,6 +171,9 @@ 925B0260298EAE0E00AFA83D /* LiveIcon.swift */, 925B0262298EB2A400AFA83D /* VideoPlayer.swift */, 9268D799298F251E0067A6B1 /* ListPredicate.swift */, + 92BD1D2D2B5C345700DB8FC1 /* EventTypeIcon.swift */, + 92BD1D2F2B5C34F100DB8FC1 /* EventTypeColor.swift */, + 92BD1D312B5C374A00DB8FC1 /* TrackColor.swift */, ); path = Views; sourceTree = ""; @@ -186,7 +181,7 @@ 14D2770C2205D07200740042 = { isa = PBXGroup; children = ( - 92D2EC52298C4DE90047A437 /* Migration1.1.xcmappingmodel */, + 925F4A7C2B285A70007E9D1D /* Localizable.xcstrings */, 92A57B392988FD1C00C0BB78 /* Package.swift */, 92A2BDF92948CC5E0034864F /* FosdemTests.xctestplan */, 14D277172205D07200740042 /* Fosdem */, @@ -216,7 +211,6 @@ 14D277182205D07200740042 /* AppDelegate.swift */, 14D277242205D07500740042 /* Assets.xcassets */, 14D277292205D07500740042 /* Info.plist */, - 14D2771A2205D07200740042 /* Fosdem.xcdatamodeld */, 92C22E6129806F61006D7B5C /* privacy.md */, ); path = Fosdem; @@ -225,9 +219,6 @@ 14D277312205D07500740042 /* FosdemTests */ = { isa = PBXGroup; children = ( - 92A2BDFB2948D4AC0034864F /* schedule_2022.xml */, - 92A2BDFA2948D4AC0034864F /* schedule_2023.xml */, - 92A2BDF72948CAE50034864F /* schedule_2019.xml */, 14D277322205D07500740042 /* FosdemTests.swift */, 14D277342205D07500740042 /* Info.plist */, ); @@ -248,7 +239,7 @@ children = ( 142A873C2224651F0034F6D7 /* Hash.swift */, 142A8741222473A40034F6D7 /* UIColor+hexstring.swift */, - 92CE31AE28FC49DC0073813E /* YearHelper.swift */, + 92CE31AE28FC49DC0073813E /* SettingsHelper.swift */, 92D9E7B7291D7B9B007D203D /* HTMLFormattedText.swift */, 92C271CF2922292500E8C25D /* PreviewEvent.swift */, 92F70A9F2922B49A000BE6CB /* UrlHelper.swift */, @@ -271,11 +262,11 @@ buildRules = ( ); dependencies = ( - 925FE1B5298680F700686A4D /* PBXTargetDependency */, + 92FC930A2B5C2DA100C2D13D /* PBXTargetDependency */, ); name = Fosdem; packageProductDependencies = ( - 92C22E5F29806C70006D7B5C /* SwiftyXMLParser */, + 9203845E2B5B0A2100B793AA /* PentabarfKit */, ); productName = Fosdem; productReference = 14D277152205D07200740042 /* Fosdem.app */; @@ -323,8 +314,9 @@ 14D2770D2205D07200740042 /* Project object */ = { isa = PBXProject; attributes = { + BuildIndependentTargetsInParallel = YES; LastSwiftUpdateCheck = 1010; - LastUpgradeCheck = 1410; + LastUpgradeCheck = 1600; ORGANIZATIONNAME = "Sean Molenaar"; TargetAttributes = { 14D277142205D07200740042 = { @@ -344,16 +336,18 @@ }; }; buildConfigurationList = 14D277102205D07200740042 /* Build configuration list for PBXProject "Fosdem" */; - compatibilityVersion = "Xcode 14.0"; + compatibilityVersion = "Xcode 15.0"; developmentRegion = en; hasScannedForEncodings = 0; knownRegions = ( en, Base, + nl, + uk, ); mainGroup = 14D2770C2205D07200740042; packageReferences = ( - 92C22E5E29806C70006D7B5C /* XCRemoteSwiftPackageReference "SwiftyXMLParser" */, + 9203845D2B5B0A2100B793AA /* XCRemoteSwiftPackageReference "PentabarfKit" */, ); productRefGroup = 14D277162205D07200740042 /* Products */; projectDirPath = ""; @@ -373,6 +367,7 @@ files = ( 14D277252205D07500740042 /* Assets.xcassets in Resources */, 92C22E6229806F61006D7B5C /* privacy.md in Resources */, + 925F4A7D2B2863D8007E9D1D /* Localizable.xcstrings in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -380,9 +375,6 @@ isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; files = ( - 92A2BDFD2948D4AC0034864F /* schedule_2022.xml in Resources */, - 92A2BDF82948CAE50034864F /* schedule_2019.xml in Resources */, - 92A2BDFC2948D4AC0034864F /* schedule_2023.xml in Resources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -427,31 +419,31 @@ 146A86792206ED84008A61AD /* Track.swift in Sources */, 925321602925716A004C7E5C /* EventUserInfo.swift in Sources */, 142A8742222473A40034F6D7 /* UIColor+hexstring.swift in Sources */, - 146A8677220601DD008A61AD /* XmlFinder.swift in Sources */, - 92CE31AF28FC49DC0073813E /* YearHelper.swift in Sources */, + 92CE31AF28FC49DC0073813E /* SettingsHelper.swift in Sources */, 9268D79A298F251E0067A6B1 /* ListPredicate.swift in Sources */, 92C271D02922292500E8C25D /* PreviewEvent.swift in Sources */, 925B0263298EB2A400AFA83D /* VideoPlayer.swift in Sources */, - 14D2771C2205D07200740042 /* Fosdem.xcdatamodeld in Sources */, - 14DA2290220C735600CBE015 /* DataImporter.swift in Sources */, 146A867E22089497008A61AD /* Link.swift in Sources */, 924E15C329238AA5005A8EA2 /* ListItem.swift in Sources */, 92CE31B128FC4A940073813E /* EventListView.swift in Sources */, 146A86732205EFE9008A61AD /* Conference.swift in Sources */, + 92BD1D2E2B5C345700DB8FC1 /* EventTypeIcon.swift in Sources */, 924E15BC2922C637005A8EA2 /* RoomStatusImporter.swift in Sources */, 142A873D2224651F0034F6D7 /* Hash.swift in Sources */, 924E15BE2922CCA9005A8EA2 /* RoomState.swift in Sources */, 146A866F2205EFE9008A61AD /* Room.swift in Sources */, 146A86742205EFE9008A61AD /* Event.swift in Sources */, - 14DA228E220C6B9000CBE015 /* ManagedObjectProtocol.swift in Sources */, 146A86702205EFE9008A61AD /* Person.swift in Sources */, + 92BD1D302B5C34F100DB8FC1 /* EventTypeColor.swift in Sources */, 14D2774C2205D19D00740042 /* RemoteScheduleFetcher.swift in Sources */, 925B0261298EAE0E00AFA83D /* LiveIcon.swift in Sources */, + 92BB58562B5FB84400C54292 /* SettingsView.swift in Sources */, 92B987FC2981CD10007574EB /* AboutView.swift in Sources */, 92077D5128FF01C600BF8A03 /* EventDetailView.swift in Sources */, 92F70AA02922B49A000BE6CB /* UrlHelper.swift in Sources */, 92D9E7B8291D7B9B007D203D /* HTMLFormattedText.swift in Sources */, 142A87442224752E0034F6D7 /* EventType.swift in Sources */, + 92BD1D322B5C374A00DB8FC1 /* TrackColor.swift in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -484,9 +476,9 @@ target = 14D277142205D07200740042 /* Fosdem */; targetProxy = 14D2773A2205D07500740042 /* PBXContainerItemProxy */; }; - 925FE1B5298680F700686A4D /* PBXTargetDependency */ = { + 92FC930A2B5C2DA100C2D13D /* PBXTargetDependency */ = { isa = PBXTargetDependency; - productRef = 925FE1B4298680F700686A4D /* SwiftyXMLParser */; + productRef = 92FC93092B5C2DA100C2D13D /* PentabarfKit */; }; /* End PBXTargetDependency section */ @@ -495,6 +487,8 @@ isa = XCBuildConfiguration; buildSettings = { ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_GENERATE_SWIFT_ASSET_SYMBOL_EXTENSIONS = YES; + CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; CLANG_ANALYZER_NONNULL = YES; CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -529,6 +523,7 @@ DEBUG_INFORMATION_FORMAT = dwarf; ENABLE_STRICT_OBJC_MSGSEND = YES; ENABLE_TESTABILITY = YES; + ENABLE_USER_SCRIPT_SANDBOXING = YES; GCC_C_LANGUAGE_STANDARD = gnu11; GCC_DYNAMIC_NO_PIC = NO; GCC_NO_COMMON_BLOCKS = YES; @@ -543,12 +538,13 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 16.0; + IPHONEOS_DEPLOYMENT_TARGET = 17.0; MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; ONLY_ACTIVE_ARCH = YES; SDKROOT = iphoneos; SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; + SWIFT_EMIT_LOC_STRINGS = YES; SWIFT_OPTIMIZATION_LEVEL = "-Onone"; }; name = Debug; @@ -557,6 +553,8 @@ isa = XCBuildConfiguration; buildSettings = { ALWAYS_SEARCH_USER_PATHS = NO; + ASSETCATALOG_COMPILER_GENERATE_SWIFT_ASSET_SYMBOL_EXTENSIONS = YES; + CLANG_ANALYZER_LOCALIZABILITY_NONLOCALIZED = YES; CLANG_ANALYZER_NONNULL = YES; CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -591,6 +589,7 @@ DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_NS_ASSERTIONS = NO; ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_USER_SCRIPT_SANDBOXING = YES; GCC_C_LANGUAGE_STANDARD = gnu11; GCC_NO_COMMON_BLOCKS = YES; GCC_WARN_64_TO_32_BIT_CONVERSION = YES; @@ -599,11 +598,12 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 16.0; + IPHONEOS_DEPLOYMENT_TARGET = 17.0; MTL_ENABLE_DEBUG_INFO = NO; MTL_FAST_MATH = YES; SDKROOT = iphoneos; SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_EMIT_LOC_STRINGS = YES; SWIFT_OPTIMIZATION_LEVEL = "-O"; VALIDATE_PRODUCT = YES; }; @@ -616,16 +616,17 @@ ASSETCATALOG_COMPILER_INCLUDE_ALL_APPICON_ASSETS = YES; CLANG_ENABLE_MODULES = YES; CODE_SIGN_STYLE = Automatic; - DEVELOPMENT_TEAM = B6S5V56E82; + DEVELOPMENT_TEAM = ""; + ENABLE_USER_SCRIPT_SANDBOXING = NO; INFOPLIST_FILE = Fosdem/Info.plist; INFOPLIST_KEY_CFBundleDisplayName = FOSDEM; INFOPLIST_KEY_LSApplicationCategoryType = "public.app-category.reference"; - IPHONEOS_DEPLOYMENT_TARGET = 16.0; + IPHONEOS_DEPLOYMENT_TARGET = 17.1; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.2.0; + MARKETING_VERSION = 1.3.0; PRODUCT_BUNDLE_IDENTIFIER = eu.seanmolenaar.Fosdem; PRODUCT_NAME = "$(TARGET_NAME)"; SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; @@ -644,16 +645,17 @@ ASSETCATALOG_COMPILER_INCLUDE_ALL_APPICON_ASSETS = YES; CLANG_ENABLE_MODULES = YES; CODE_SIGN_STYLE = Automatic; - DEVELOPMENT_TEAM = B6S5V56E82; + DEVELOPMENT_TEAM = ""; + ENABLE_USER_SCRIPT_SANDBOXING = NO; INFOPLIST_FILE = Fosdem/Info.plist; INFOPLIST_KEY_CFBundleDisplayName = FOSDEM; INFOPLIST_KEY_LSApplicationCategoryType = "public.app-category.reference"; - IPHONEOS_DEPLOYMENT_TARGET = 16.0; + IPHONEOS_DEPLOYMENT_TARGET = 17.1; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/Frameworks", ); - MARKETING_VERSION = 1.2.0; + MARKETING_VERSION = 1.3.0; PRODUCT_BUNDLE_IDENTIFIER = eu.seanmolenaar.Fosdem; PRODUCT_NAME = "$(TARGET_NAME)"; SUPPORTED_PLATFORMS = "iphoneos iphonesimulator"; @@ -667,7 +669,6 @@ 14D277462205D07500740042 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { - ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; BUNDLE_LOADER = "$(TEST_HOST)"; CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = B6S5V56E82; @@ -691,7 +692,6 @@ 14D277472205D07500740042 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { - ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; BUNDLE_LOADER = "$(TEST_HOST)"; CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = B6S5V56E82; @@ -715,7 +715,6 @@ 14D277492205D07500740042 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { - ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = B6S5V56E82; INFOPLIST_FILE = FosdemUITests/Info.plist; @@ -738,7 +737,6 @@ 14D2774A2205D07500740042 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { - ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; CODE_SIGN_STYLE = Automatic; DEVELOPMENT_TEAM = B6S5V56E82; INFOPLIST_FILE = FosdemUITests/Info.plist; @@ -800,42 +798,28 @@ /* End XCConfigurationList section */ /* Begin XCRemoteSwiftPackageReference section */ - 92C22E5E29806C70006D7B5C /* XCRemoteSwiftPackageReference "SwiftyXMLParser" */ = { + 9203845D2B5B0A2100B793AA /* XCRemoteSwiftPackageReference "PentabarfKit" */ = { isa = XCRemoteSwiftPackageReference; - repositoryURL = "https://github.com/yahoojapan/SwiftyXMLParser"; + repositoryURL = "https://github.com/SMillerDev/PentabarfKit"; requirement = { - kind = upToNextMajorVersion; - minimumVersion = 5.0.0; + branch = main; + kind = branch; }; }; /* End XCRemoteSwiftPackageReference section */ /* Begin XCSwiftPackageProductDependency section */ - 925FE1B4298680F700686A4D /* SwiftyXMLParser */ = { + 9203845E2B5B0A2100B793AA /* PentabarfKit */ = { isa = XCSwiftPackageProductDependency; - package = 92C22E5E29806C70006D7B5C /* XCRemoteSwiftPackageReference "SwiftyXMLParser" */; - productName = SwiftyXMLParser; + package = 9203845D2B5B0A2100B793AA /* XCRemoteSwiftPackageReference "PentabarfKit" */; + productName = PentabarfKit; }; - 92C22E5F29806C70006D7B5C /* SwiftyXMLParser */ = { + 92FC93092B5C2DA100C2D13D /* PentabarfKit */ = { isa = XCSwiftPackageProductDependency; - package = 92C22E5E29806C70006D7B5C /* XCRemoteSwiftPackageReference "SwiftyXMLParser" */; - productName = SwiftyXMLParser; + package = 9203845D2B5B0A2100B793AA /* XCRemoteSwiftPackageReference "PentabarfKit" */; + productName = PentabarfKit; }; /* End XCSwiftPackageProductDependency section */ - -/* Begin XCVersionGroup section */ - 14D2771A2205D07200740042 /* Fosdem.xcdatamodeld */ = { - isa = XCVersionGroup; - children = ( - 92D2EC51298C486A0047A437 /* Fosdem 1.1.xcdatamodel */, - 14D2771B2205D07200740042 /* Fosdem.xcdatamodel */, - ); - currentVersion = 92D2EC51298C486A0047A437 /* Fosdem 1.1.xcdatamodel */; - path = Fosdem.xcdatamodeld; - sourceTree = ""; - versionGroupType = wrapper.xcdatamodel; - }; -/* End XCVersionGroup section */ }; rootObject = 14D2770D2205D07200740042 /* Project object */; } diff --git a/Fosdem.xcodeproj/xcshareddata/xcschemes/Fosdem.xcscheme b/Fosdem.xcodeproj/xcshareddata/xcschemes/Fosdem.xcscheme index e0ea9df..53a904b 100644 --- a/Fosdem.xcodeproj/xcshareddata/xcschemes/Fosdem.xcscheme +++ b/Fosdem.xcodeproj/xcshareddata/xcschemes/Fosdem.xcscheme @@ -1,6 +1,6 @@ Bool { let paths = NSSearchPathForDirectoriesInDomains(.documentDirectory, .userDomainMask, true) debugPrint(paths[0]) - DataImporter.context = persistentContainer.newBackgroundContext() - RemoteScheduleFetcher.fetchScheduleForYear(YearHelper().year) - return true } @@ -42,49 +53,9 @@ class AppDelegate: UIResponder, UIApplicationDelegate { func applicationDidEnterBackground(_ application: UIApplication) {} - func applicationWillEnterForeground(_ application: UIApplication) { - RoomStatusFetcher.fetchRoomStatus() - RemoteScheduleFetcher.fetchScheduleForYear(YearHelper().year) - } + func applicationWillEnterForeground(_ application: UIApplication) {} func applicationDidBecomeActive(_ application: UIApplication) {} - func applicationWillTerminate(_ application: UIApplication) { - self.saveContext() - } - - // MARK: - Core Data stack - - lazy var persistentContainer: NSPersistentContainer = { - /* - The persistent container for the application. This implementation - creates and returns a container, having loaded the store for the - application to it. This property is optional since there are legitimate - error conditions that could cause the creation of the store to fail. - */ - let container = NSPersistentContainer(name: "Fosdem") - container.loadPersistentStores(completionHandler: { (_, error) in - container.viewContext.mergePolicy = NSMergePolicy(merge: .overwriteMergePolicyType) - container.viewContext.automaticallyMergesChangesFromParent = true - if let error = error as NSError? { - fatalError("Unresolved error \(error), \(error.userInfo)") - } - }) - return container - }() - - // MARK: - Core Data Saving support - - func saveContext () { - let context = persistentContainer.viewContext - if context.hasChanges { - do { - try context.save() - } catch { - // Replace this implementation with code to handle the error appropriately. - let nserror = error as NSError - fatalError("Unresolved error \(nserror), \(nserror.userInfo)") - } - } - } + func applicationWillTerminate(_ application: UIApplication) {} } diff --git a/Fosdem/Fosdem.xcdatamodeld/.xccurrentversion b/Fosdem/Fosdem.xcdatamodeld/.xccurrentversion deleted file mode 100644 index b2fea99..0000000 --- a/Fosdem/Fosdem.xcdatamodeld/.xccurrentversion +++ /dev/null @@ -1,8 +0,0 @@ - - - - - _XCCurrentVersionName - Fosdem 1.1.xcdatamodel - - diff --git a/Fosdem/Fosdem.xcdatamodeld/Fosdem 1.1.xcdatamodel/contents b/Fosdem/Fosdem.xcdatamodeld/Fosdem 1.1.xcdatamodel/contents deleted file mode 100644 index 46c7dc9..0000000 --- a/Fosdem/Fosdem.xcdatamodeld/Fosdem 1.1.xcdatamodel/contents +++ /dev/null @@ -1,60 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/Fosdem/Fosdem.xcdatamodeld/Fosdem.xcdatamodel/contents b/Fosdem/Fosdem.xcdatamodeld/Fosdem.xcdatamodel/contents deleted file mode 100644 index cd59213..0000000 --- a/Fosdem/Fosdem.xcdatamodeld/Fosdem.xcdatamodel/contents +++ /dev/null @@ -1,60 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/Fosdem/Import/DataImporter.swift b/Fosdem/Import/DataImporter.swift deleted file mode 100644 index d687c0a..0000000 --- a/Fosdem/Import/DataImporter.swift +++ /dev/null @@ -1,52 +0,0 @@ -// -// XmlParser.swift -// Fosdem -// -// Created by Sean Molenaar on 07/02/2019. -// Copyright © 2019 Sean Molenaar. All rights reserved. -// - -import Foundation -import SwiftyXMLParser -import CoreData - -class DataImporter { - static var conference: Conference! - static var context: NSManagedObjectContext! - static var handler: (Conference) -> Void = { _ in } - - static func process(_ value: Data) { - print("📲 Importing Fosdem data") - let data = XML.parse(value) - - context.perform { - data.element?.childElements.first?.childElements.forEach { child in - switch child.name { - case Conference.elementName: - guard let conf = Conference.build(child) as? Conference else { - print("❌ No conference found") - return - } - DataImporter.conference = conf - case "day": - let date = XmlFinder.parseDateString(child.attributes["date"]!, timezone: "+01:00") - child.childElements.forEach { element in - element.childElements.forEach { child in - let event = Event.build(child, date: date!) as? Event - event?.conference = conference - } - } - default: - print("Data change") - } - } - do { - print("📲 Imported Fosdem data") - handler(self.conference) - try context.save() - } catch { - print("Error saving context: \(error)") - } - } - } -} diff --git a/Fosdem/Import/RemoteScheduleFetcher.swift b/Fosdem/Import/RemoteScheduleFetcher.swift index 958f287..9e2f6e3 100644 --- a/Fosdem/Import/RemoteScheduleFetcher.swift +++ b/Fosdem/Import/RemoteScheduleFetcher.swift @@ -7,36 +7,84 @@ // import Foundation -import CoreData +import PentabarfKit +import SwiftData class RemoteScheduleFetcher { - static func fetchSchedule() { - RemoteScheduleFetcher.fetchScheduleForYear(YearHelper().year) + + static var conference: Conference? + static var context: ModelContext! + + static func fetchSchedule() async { + await RemoteScheduleFetcher.fetchScheduleForYear(SettingsHelper().year) } - static func fetchScheduleForYear(_ year: String) { + static func fetchScheduleForYear(_ year: String) async { let url = URL(string: "https://fosdem.org/\(year)/schedule/xml")! - print("📲 Getting FOSDEM schedule for \(year): \(url)") - let task = URLSession.shared.dataTask(with: url) { data, response, error in - print("📲 Got FOSDEM schedule for \(year): \(url)") + guard var conference = try? await PentabarfLoader.fetchConference(url) else { + return + } - guard let data = data, error == nil else { - print("❌ Failed to fetch schedule, \(error?.localizedDescription ?? "")") - return - } - if let response = response as? HTTPURLResponse, - let etag: String = response.allHeaderFields["Etag"] as? String { - if UserDefaults.standard.string(forKey: "etag_year") == year && - UserDefaults.standard.string(forKey: "etag") == etag { - print("✅ No new data in FOSDEM schedule for \(year): \(url)") - return + let rooms = updateOrStore(rooms: conference.rooms) + let events = updateOrStore(events: conference.events, with: rooms) + + if let conf = Conference.fetchWith(name: conference.title, context) { + conf.events = events + conf.rooms = rooms + + RemoteScheduleFetcher.conference = conf + } else { + RemoteScheduleFetcher.conference = Conference(conference, rooms: rooms, events: events) + } + + print("💾 Saving schedule") + do { + try context.save() + } catch { + debugPrint(error) + } + print("💾 Saved schedule") + } + + private static func updateOrStore(events: [PentabarfKit.Event], with rooms: [Room]) -> [Event] { + let events: [Event] = events.map { eventBase in + var event: Event? = Event.fetchWith(id: eventBase.id, context) + if event == nil { + let room = rooms.first { room in + room.name == eventBase.room } - UserDefaults.standard.set(year, forKey: "etag_year") - UserDefaults.standard.set(etag, forKey: "etag") + event = Event(eventBase, room: room!, context) + } + + context.insert(event!) + return event! + } + do { + try context.save() + } catch { + debugPrint(error) + } + + return events + } + private static func updateOrStore(rooms: [PentabarfKit.Room]) -> [Room] { + let rooms: [Room] = rooms.map { roomBase in + var room: Room? = Room.fetchWith(name: roomBase.name, context) + if room == nil { + room = Room(roomBase) } - DataImporter.process(data) + + context.insert(room!) + return room! } - task.resume() + + do { + try context.save() + } catch { + debugPrint(error) + } + + return rooms } } diff --git a/Fosdem/Import/RoomStatusImporter.swift b/Fosdem/Import/RoomStatusImporter.swift index 9613909..f8c5bdd 100644 --- a/Fosdem/Import/RoomStatusImporter.swift +++ b/Fosdem/Import/RoomStatusImporter.swift @@ -9,20 +9,16 @@ import Foundation class RoomStatusFetcher { - static func fetchRoomStatus() { + static func fetchRoomStatus() async { let url = URL(string: BaseURL.roomStatus.rawValue)! print("📲 Getting FOSDEM room data") - let task = URLSession.shared.dataTask(with: url) { data, _, error in + do { + let (data, _): (Data, URLResponse) = try await URLSession.shared.data(from: url) print("📲 Got FOSDEM room data") - - guard let data = data, error == nil else { - print("❌ Failed to fetch room data, \(error?.localizedDescription ?? "")") - return - } - RoomStatusFetcher.processRoomData(data) + } catch { + print("❌ Failed to fetch room data") } - task.resume() } static func processRoomData(_ value: Data) { diff --git a/Fosdem/Info.plist b/Fosdem/Info.plist index 8346843..5d4a2c2 100644 --- a/Fosdem/Info.plist +++ b/Fosdem/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType APPL CFBundleShortVersionString - 1.2 + 1.3 CFBundleVersion 1 ITSAppUsesNonExemptEncryption diff --git a/Fosdem/Models/Conference.swift b/Fosdem/Models/Conference.swift index 6dd91a8..b5251e4 100644 --- a/Fosdem/Models/Conference.swift +++ b/Fosdem/Models/Conference.swift @@ -7,44 +7,48 @@ // import Foundation -import CoreData -import SwiftyXMLParser +import SwiftData +import PentabarfKit -@objc(Conference) -public class Conference: NSManagedObject, Identifiable { - static let elementName = "conference" +@Model +public class Conference { + @Attribute(.unique) + public var name: String + public var venue: String + public var start: Date + public var end: Date - @NSManaged public var name: String - @NSManaged public var venue: String - @NSManaged public var start: Date - @NSManaged public var end: Date - @NSManaged public var events: Set + @Relationship(deleteRule: .cascade) + public var events: [Event] = [] + + @Relationship(deleteRule: .cascade) + public var rooms: [Room] = [] static var roomStates: [RoomState] = [] - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "Conference") + init(name: String, venue: String, start: Date, end: Date, events: [Event] = [], rooms: [Room] = []) { + self.name = name + self.venue = venue + self.start = start + self.end = end + self.events = events + self.rooms = rooms + } + + convenience init(_ base: PentabarfKit.Conference, rooms: [Room], events: [Event] = []) { + self.init(name: base.title, venue: base.venue, start: base.start, end: base.end, events: events, rooms: rooms) } +} + +extension Conference { + static func fetchWith(name: String, _ context: ModelContext) -> Conference? { + var descriptor = FetchDescriptor(predicate: #Predicate { base in + base.name == name + }) + descriptor.fetchLimit = 1 + + let items = try? context.fetch(descriptor) - static func build(_ element: XML.Element) -> NSManagedObject { - guard let name = XmlFinder.getChildString(element, element: "title") else { - return Conference(context: DataImporter.context) - } - let req: NSFetchRequest = Conference.fetchRequest() - req.predicate = NSComparisonPredicate(format: "name==%@", name) - let item: Conference - if let conf = try? req.execute().first { - item = conf - } else { - item = Conference(context: DataImporter.context) - } - - item.name = XmlFinder.getChildString(element, element: "title")! - item.venue = XmlFinder.getChildString(element, element: "venue")! - item.start = XmlFinder.getChildDate(element, element: "start")! - item.end = XmlFinder.getChildDate(element, element: "end")! - item.events = Set() - - return item + return items?.first } } diff --git a/Fosdem/Models/Event.swift b/Fosdem/Models/Event.swift index 5d699e1..99dc481 100644 --- a/Fosdem/Models/Event.swift +++ b/Fosdem/Models/Event.swift @@ -7,56 +7,131 @@ // import Foundation -import CoreData -import SwiftyXMLParser - -@objc(Event) -public class Event: NSManagedObject, ManagedObjectProtocol, Identifiable { - static let elementName = "event" - - @NSManaged public var id: String - @NSManaged public var title: String - @NSManaged public var slug: String - @NSManaged public var subtitle: String? - @NSManaged public var desc: String? - @NSManaged public var date: Date - @NSManaged public var start: Date - @NSManaged public var duration: TimeInterval - @NSManaged public var lastUpdated: Date - - @NSManaged public var room: Room - @NSManaged public var conference: Conference - @NSManaged public var track: Track - @NSManaged public var type: EventType - @NSManaged public var userInfo: EventUserInfo - @NSManaged public var authors: Set - @NSManaged public var links: Set - - @objc public var authorName: String { +import SwiftData +import PentabarfKit + +@Model +public class Event { + + @Attribute(.unique) public var id: Int + public var title: String + public var slug: String + public var subtitle: String? + public var desc: String? + public var start: Date + public var duration: TimeInterval + public var lastUpdated: Date = Date() + + public var room: Room + public var track: Track? + public var type: EventType? + + public var userInfo: EventUserInfo? + + public var authors: [Person] = [] + public var links: [Link] = [] + + @Transient + public var authorName: String { return authors.first!.name } + @Transient var year: String { return startInFormat("yyyy") } - @objc public var day: Int { + @Transient + public var day: Int { return Int(startInFormat("dd")) ?? 0 } + @Transient public var end: Date { return start.addingTimeInterval(duration) } + @Transient public var isOngoing: Bool { let date = Date() return date > start && date < end } + @Transient public var isEnded: Bool { return end < Date() } + @Transient + public var isFavourite: Bool { + get { return userInfo?.favorite ?? false } + set { userInfo?.favorite = newValue } + } + + @Transient + public var hasHTMLDescription: Bool { + return (try? desc?.firstMatch(of: Regex("(<(.*)>(.*))"))) != nil + } + + internal init(id: Int, + title: String, + slug: String, + subtitle: String? = nil, + desc: String? = nil, + start: Date, + duration: TimeInterval, + lastUpdated: Date, + room: Room + ) { + self.id = id + self.title = title + self.slug = slug + self.subtitle = subtitle + self.desc = desc + self.start = start + self.duration = duration + self.lastUpdated = lastUpdated + self.room = room + } + + convenience init(_ base: PentabarfKit.Event, room: Room, _ context: ModelContext) { + self.init(id: base.id, + title: base.title, + slug: base.slug, + subtitle: base.subtitle, + desc: base.description, + start: base.start, + duration: base.duration, + lastUpdated: Date(), + room: room) + self.userInfo = EventUserInfo(event: self) + + self.track = Track.fetchWith(name: base.track.name, context) ?? Track(name: base.track.name) + modelContext?.insert(self.track!) + + self.type = EventType.fetchWith(name: base.type, context) ?? EventType(name: base.type) + modelContext?.insert(self.type!) + + self.authors = base.authors.map { authorBase in + let person = Person.fetchWith(id: authorBase.id, context) ?? Person(authorBase) + modelContext?.insert(person) + + return person + } + + self.links = base.links.map { linkBase in + let link = Link.fetchWith(url: linkBase.url, context) ?? Link(linkBase) + modelContext?.insert(link) + + return link + } + base.attachments.map { linkBase in + let link = Link.fetchWith(url: linkBase.url, context) ?? Link(linkBase) + modelContext?.insert(link) + + return link + } + } + func startInFormat(_ format: String) -> String { let dateFormatter = DateFormatter() dateFormatter.dateFormat = format @@ -75,96 +150,14 @@ public class Event: NSManagedObject, ManagedObjectProtocol, Identifiable { } extension Event { - class func build(_ element: SwiftyXMLParser.XML.Element) -> NSManagedObject? { - return nil - } - - class func build(_ element: XML.Element, date: Date) -> NSManagedObject? { - guard let id = element.attributes["id"] else { - return Event(context: DataImporter.context) - } - - let req: NSFetchRequest = NSFetchRequest(entityName: "Event") - req.predicate = NSComparisonPredicate(format: "id==%@", id) - let item: Event - if let event = try? req.execute().first { - item = event - } else { - item = Event(context: DataImporter.context) - item.userInfo = EventUserInfo(context: DataImporter.context) - item.userInfo.notificationUUID = UUID() - } - - item.id = id - item.lastUpdated = Date() - item.title = XmlFinder.getChildString(element, element: "title")! - .trimmingCharacters(in: .whitespacesAndNewlines) - item.slug = XmlFinder.getChildString(element, element: "slug")! - .trimmingCharacters(in: .whitespacesAndNewlines) - item.subtitle = XmlFinder.getChildString(element, element: "subtitle")? - .trimmingCharacters(in: .whitespacesAndNewlines) - if let desc = XmlFinder.getChildString(element, element: "description") { item.desc = desc } - if let abstract = XmlFinder.getChildString(element, element: "abstract") { item.desc = abstract } - - if let room = XmlFinder.getChildElement(element, element: "room"), - let roomObj = Room.build(room) as? Room { - item.room = roomObj - } - - if let trackElement = XmlFinder.getChildElement(element, element: "track"), - let track = Track.build(trackElement) as? Track { - item.track = track - } - - if let typeObj = XmlFinder.getChildElement(element, element: "type"), - let type = EventType.build(typeObj) as? EventType { - item.type = type - } - - if let startString = XmlFinder.getChildString(element, element: "start"), - let start = XmlFinder.parseTimeString(startString) { - item.date = date - item.start = date.addingTimeInterval(start) - } - - if let durationString = XmlFinder.getChildString(element, element: "duration"), - let duration = XmlFinder.parseTimeString(durationString) { - item.duration = duration - } - - item.authors = parsePeopleElement(element) - item.links = parseLinksElement(element) + static func fetchWith(id: Int, _ context: ModelContext) -> Event? { + var descriptor = FetchDescriptor(predicate: #Predicate { event in + event.id == id + }) + descriptor.fetchLimit = 1 - return item - } - - class func parsePeopleElement(_ element: XML.Element) -> Set { - var returnVal = Set() - guard let people = XmlFinder.getChildElement(element, element: "persons") else { - return returnVal - } - - people.childElements.forEach { element in - if let person = Person.build(element) as? Person { - returnVal.insert(person) - } - } - - return returnVal - } - - class func parseLinksElement(_ element: XML.Element) -> Set { - var returnVal = Set() - guard let links = XmlFinder.getChildElement(element, element: "links") else { - return returnVal - } - - links.childElements.forEach { element in - if let link = Link.build(element) as? Link { - returnVal.insert(link) - } - } + let items = try? context.fetch(descriptor) - return returnVal + return items?.first } } diff --git a/Fosdem/Models/EventType.swift b/Fosdem/Models/EventType.swift index 500e60a..5e88cf8 100644 --- a/Fosdem/Models/EventType.swift +++ b/Fosdem/Models/EventType.swift @@ -7,76 +7,40 @@ // import Foundation -import CoreData -import SwiftyXMLParser -import SwiftUI +import SwiftData -enum EventTypeIcon: String { - case devroom = "keyboard" - case keynotes = "sparkles.tv" - case lightningtalk = "bolt" - case maintrack = "road.lanes" - case certification = "checkmark.seal" - case bof = "bird" - case none = "questionmark.circle" +@Model +public class EventType { + @Attribute(.unique) public var name: String - static func getIconFor(_ string: String) -> EventTypeIcon { - switch string.lowercased() { - case "devroom": - return .devroom - case "keynotes": - return .keynotes - case "lightningtalk": - return .lightningtalk - case "maintrack": - return .maintrack - case "bof": - return .bof - case "certification": - return .certification - default: - return .none - } - } -} - -@objc(EventType) -public class EventType: NSManagedObject, Identifiable { - static let elementName = "type" - static var context: NSManagedObjectContext! - - @NSManaged public var name: String - @NSManaged public var color: String - @NSManaged public var events: Set - - var colorObject: Color { - return Color(hexString: color) - } + @Relationship(deleteRule: .cascade, inverse: \Event.type) + public var events: [Event] = [] - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "EventType") + @Transient + public var color: String { + let hash = Hash.sha256(name) + return String(hash[hash.startIndex...hash.index(hash.startIndex, offsetBy: 5)]) } + @Transient public var icon: String { return EventTypeIcon.getIconFor(name.lowercased()).rawValue } - static func build(_ element: XML.Element) -> NSManagedObject? { - guard let name = element.text?.trimmingCharacters(in: .whitespacesAndNewlines) else { - return nil - } - let req: NSFetchRequest = EventType.fetchRequest() - req.predicate = NSComparisonPredicate(format: "name==%@", name) - let item: EventType - if let type = try? req.execute().first { - item = type - } else { - item = EventType(context: DataImporter.context) - let hash = Hash.sha256(name) - item.color = String(hash[hash.startIndex...hash.index(hash.startIndex, offsetBy: 5)]) - } + init(name: String) { + self.name = name + } +} + +extension EventType { + static func fetchWith(name: String, _ context: ModelContext) -> EventType? { + var descriptor = FetchDescriptor(predicate: #Predicate { type in + type.name == name + }) + descriptor.fetchLimit = 1 + + let items = try? context.fetch(descriptor) - item.name = name - return item + return items?.first } } diff --git a/Fosdem/Models/EventUserInfo.swift b/Fosdem/Models/EventUserInfo.swift index 6ecd285..c0f7424 100644 --- a/Fosdem/Models/EventUserInfo.swift +++ b/Fosdem/Models/EventUserInfo.swift @@ -7,18 +7,25 @@ // import Foundation -import CoreData +import SwiftData -@objc(EventUserInfo) +@Model /// Contains user data relating to an event -public class EventUserInfo: NSManagedObject, Identifiable { - @NSManaged public var favorite: Bool - @NSManaged public var notificationUUID: UUID? - @NSManaged public var lastSeen: Date? - @NSManaged public var event: Event +public class EventUserInfo { + public var favorite: Bool + public var notificationUUID: UUID? + public var lastSeen: Date? + public var event: Event public func ensureUUID() { if notificationUUID != nil { return } notificationUUID = UUID() } + + init(favorite: Bool = false, notificationUUID: UUID? = nil, lastSeen: Date? = nil, event: Event) { + self.favorite = favorite + self.notificationUUID = notificationUUID + self.lastSeen = lastSeen + self.event = event + } } diff --git a/Fosdem/Models/Link.swift b/Fosdem/Models/Link.swift index b867a52..39541c7 100644 --- a/Fosdem/Models/Link.swift +++ b/Fosdem/Models/Link.swift @@ -7,55 +7,58 @@ // import Foundation -import CoreData -import SwiftyXMLParser - -@objc(Link) -public class Link: NSManagedObject, Identifiable { - static let elementName = "link" - static var context: NSManagedObjectContext! - - @NSManaged public var icon: String - @NSManaged public var name: String - @NSManaged public var href: String - @NSManaged public var event: Event - - public func url() -> URL? { - guard let url = URL(string: href) else { - return nil - } +import SwiftData +import PentabarfKit - return url - } +@Model +public class Link { + public var name: String + @Attribute(originalName: "href") public var url: URL + public var type: String + + @Relationship(deleteRule: .nullify, inverse: \Event.links) + public var event: Event! - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "Link") + @Transient + public var isVideo: Bool { + return type.contains(/video/) || name.lowercased().contains(/video recording/) } - static func build(name: String, href: String, icon: String? = nil) -> NSManagedObject? { - let req: NSFetchRequest = Link.fetchRequest() - req.predicate = NSComparisonPredicate(format: "name==%@", name) - let item: Link - if let link = try? req.execute().first { - item = link + @Transient + public var icon: String { + if isVideo { + return "video" + } else if type.contains(/slides/) { + return "rectangle.inset.filled.and.person.filled" } else { - item = Link(context: DataImporter.context) + return "link" } + } - item.name = name - item.href = href - if let icon = icon { - item.icon = icon - } - return item + init(name: String, url: URL, type: String?) { + self.name = name + self.url = url + self.type = type ?? "text/url" } - static func build(_ element: XML.Element) -> NSManagedObject? { - guard let name = element.text, - let url = element.attributes["href"] else { - return nil - } + convenience init(_ base: PentabarfKit.Link) { + self.init(name: base.title, url: base.url, type: nil) + } + + convenience init(_ base: PentabarfKit.Attachment) { + self.init(name: base.title, url: base.url, type: base.type) + } +} + +extension Link { + static func fetchWith(url: URL, _ context: ModelContext) -> Link? { + var descriptor = FetchDescriptor(predicate: #Predicate { link in + link.url == url + }) + descriptor.fetchLimit = 1 + + let items = try? context.fetch(descriptor) - return Link.build(name: name, href: url) + return items?.first } } diff --git a/Fosdem/Models/Person.swift b/Fosdem/Models/Person.swift index 2f0b20b..1e570bd 100644 --- a/Fosdem/Models/Person.swift +++ b/Fosdem/Models/Person.swift @@ -7,44 +7,45 @@ // import Foundation -import CoreData -import SwiftyXMLParser +import SwiftData +import PentabarfKit -@objc(Person) -public class Person: NSManagedObject, ManagedObjectProtocol, Identifiable { - static let elementName = "person" - static var context: NSManagedObjectContext! +@Model +public class Person { - @NSManaged public var id: String - @NSManaged public var name: String - @NSManaged public var events: Set + @Attribute(.unique) public var id: Int + public var name: String + @Relationship(deleteRule: .cascade, inverse: \Event.authors) + public var events: [Event] + + @Transient var slug: String { return name.folding(options: .diacriticInsensitive, locale: .current) .lowercased() .replacingOccurrences(of: " ", with: "_") } - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "Person") + init(id: Int, name: String, events: [Event] = []) { + self.id = id + self.name = name + self.events = events + } + + convenience init(_ base: PentabarfKit.Person) { + self.init(id: base.id, name: base.name) } +} + +extension Person { + static func fetchWith(id: Int, _ context: ModelContext) -> Person? { + var descriptor = FetchDescriptor(predicate: #Predicate { person in + person.id == id + }) + descriptor.fetchLimit = 1 + + let items = try? context.fetch(descriptor) - static func build(_ element: XML.Element) -> NSManagedObject? { - guard let id = element.attributes["id"], - let name = element.text?.trimmingCharacters(in: .whitespacesAndNewlines) else { - return nil - } - let req: NSFetchRequest = Person.fetchRequest() - req.predicate = NSComparisonPredicate(format: "id==%@", id) - let item: Person - if let person = try? req.execute().first { - item = person - } else { - item = Person(context: DataImporter.context) - } - - item.id = id - item.name = name - return item + return items?.first } } diff --git a/Fosdem/Models/Room.swift b/Fosdem/Models/Room.swift index 2a6e68e..15100af 100644 --- a/Fosdem/Models/Room.swift +++ b/Fosdem/Models/Room.swift @@ -7,23 +7,27 @@ // import Foundation -import CoreData -import SwiftyXMLParser +import SwiftData +import PentabarfKit -@objc(Room) -public class Room: NSManagedObject, ManagedObjectProtocol, Identifiable { - static let elementName = "room" +@Model +public class Room { + @Attribute(.unique) public var name: String - @NSManaged public var name: String - @NSManaged public var events: Set + @Relationship(deleteRule: .cascade, inverse: \Event.room) + public var events: [Event] = [] + @Transient var shortName: String { return String(describing: name.split(separator: " ").first ?? "UNKNOWN") } + + @Transient var urlName: String { return String(describing: shortName.replacingOccurrences(of: ".", with: "").lowercased()) } + @Transient var building: String? { let regex = try? Regex("^[A-Za-z]*") guard let result = try? regex?.firstMatch(in: shortName) else { @@ -32,30 +36,28 @@ public class Room: NSManagedObject, ManagedObjectProtocol, Identifiable { return String(shortName[result.range]) } + convenience init(_ base: PentabarfKit.Room) { + self.init(name: base.name) + } + + init(name: String) { + self.name = name + } + func isVirtual() -> Bool { return ["D", "M"].contains { $0 == building } } } extension Room { - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "Room") - } + static func fetchWith(name: String, _ context: ModelContext) -> Room? { + var descriptor = FetchDescriptor(predicate: #Predicate { room in + room.name == name + }) + descriptor.fetchLimit = 1 - static func build(_ element: XML.Element) -> NSManagedObject? { - let req: NSFetchRequest = Room.fetchRequest() - guard let name = element.text else { - return nil - } - req.predicate = NSComparisonPredicate(format: "name==%@", name) - let item: Room - if let room = try? req.execute().first { - item = room - } else { - item = Room(context: DataImporter.context) - } + let items = try? context.fetch(descriptor) - item.name = name - return item + return items?.first } } diff --git a/Fosdem/Models/Track.swift b/Fosdem/Models/Track.swift index ad63063..abbb811 100644 --- a/Fosdem/Models/Track.swift +++ b/Fosdem/Models/Track.swift @@ -7,46 +7,40 @@ // import Foundation -import CoreData -import SwiftyXMLParser -import SwiftUI +import SwiftData -@objc(Track) -public class Track: NSManagedObject, Identifiable { - static let elementName = "track" - static var context: NSManagedObjectContext! +@Model +public class Track { + @Attribute(.unique) public var name: String - @NSManaged public var name: String - @NSManaged public var color: String - @NSManaged public var events: Set? + @Relationship(deleteRule: .cascade, inverse: \Event.track) + public var events: [Event] = [] - public var eventArray: [Event] { - let events = self.events ?? [] - return events.sorted(by: { $0.title < $1.title }) + @Transient + public var color: String { + let hash = Hash.sha256(name) + return String(hash[hash.startIndex...hash.index(hash.startIndex, offsetBy: 5)]) } - @nonobjc public class func fetchRequest() -> NSFetchRequest { - return NSFetchRequest(entityName: "Track") + @Transient + public var eventArray: [Event] { + return events.sorted { $0.title < $1.title } } - var colorObject: Color { - return Color(hexString: color) + init(name: String) { + self.name = name } +} + +extension Track { + static func fetchWith(name: String, _ context: ModelContext) -> Track? { + var descriptor = FetchDescriptor(predicate: #Predicate { track in + track.name == name + }) + descriptor.fetchLimit = 1 + + let items = try? context.fetch(descriptor) - static func build(_ element: XML.Element) -> NSManagedObject { - let name = element.text!.trimmingCharacters(in: .whitespacesAndNewlines) - let req: NSFetchRequest = Track.fetchRequest() - req.predicate = NSComparisonPredicate(format: "name==%@", name) - let item: Track - if let track = try? req.execute().first { - item = track - } else { - item = Track(context: DataImporter.context) - let hash = Hash.sha256(name) - item.color = String(hash[hash.startIndex...hash.index(hash.startIndex, offsetBy: 5)]) - } - - item.name = name - return item + return items?.first } } diff --git a/Fosdem/Utils/HTMLFormattedText.swift b/Fosdem/Utils/HTMLFormattedText.swift index 238c7c2..c09e547 100644 --- a/Fosdem/Utils/HTMLFormattedText.swift +++ b/Fosdem/Utils/HTMLFormattedText.swift @@ -53,9 +53,7 @@ struct HTMLFormattedText: UIViewRepresentable { """ - guard let data = "\(css)\n \(text)".data(using: .utf8) else { return nil } - - if let string = try? NSAttributedString(data: data, + if let string = try? NSAttributedString(data: Data("\(css)\n \(text)".utf8), options: [.documentType: NSAttributedString.DocumentType.html], documentAttributes: nil) { return string diff --git a/Fosdem/Utils/PreviewEvent.swift b/Fosdem/Utils/PreviewEvent.swift index b80b2d0..a0dfcb9 100644 --- a/Fosdem/Utils/PreviewEvent.swift +++ b/Fosdem/Utils/PreviewEvent.swift @@ -4,43 +4,53 @@ // // Created by Sean Molenaar on 14/11/2022. // Copyright © 2022 Sean Molenaar. All rights reserved. -// swiftlint:disable line_length import Foundation +extension Event { + convenience init(id: Int, + title: String, + slug: String, + subtitle: String? = nil, + desc: String? = nil, + start: Date, + duration: TimeInterval, + lastUpdated: Date, + track: Track, + eventType: EventType, + room: Room, + authors: [Person], + links: [Link]) { + self.init(id: id, + title: title, + slug: slug, + subtitle: subtitle, + desc: desc, + start: start, + duration: duration, + lastUpdated: lastUpdated, + room: room) + self.authors = authors + self.links = links + } +} + struct PreviewEvent { static func getEvent(_ subtitle: Bool) -> Event { - let event = Event(context: DataImporter.context) - let person = Person(context: DataImporter.context) - person.name = "John Doe" - person.id = "1010" - let person2 = Person(context: DataImporter.context) - person2.name = "Jane Doei" - person2.id = "1011" - event.authors = Set([person, person2]) - - event.track = Track(context: DataImporter.context) - event.track.name = "Mozilla Devroom" - event.track.color = "#0057B8" - - event.type = EventType(context: DataImporter.context) - event.type.name = "keynote" - event.type.color = "#0057B8" - - event.room = Room(context: DataImporter.context) - event.room.name = "UD2.120 (Chavanne)" - - let link = Link(context: DataImporter.context) - link.name = "Some Link" - link.icon = "link.circle" - link.href = "https://fosdem.org" - event.links = Set([link]) - - event.start = Date() - event.duration = TimeInterval(150) - event.title = "Welcome to the Free Software Radio Devroom" - event.subtitle = subtitle ? "This presentation will give you an overview what to expect in the Free Software Radio devroom at FOSDEM 2022." : nil - event.desc = """ + let authors = [Person(id: 1010, name: "John Doe"), Person(id: 1011, name: "Jane Doe")] + + let track = Track(name: "Mozilla Devroom") + let type = EventType(name: "keynote") + + let room = Room(name: "UD2.120 (Chavanne)") + + let links = [Link(name: "Some Link", url: URL(string: "https://fosdem.org")!, type: nil)] + + let start = Date() + let duration = TimeInterval(150) + // swiftlint:disable line_length + let subtitle = subtitle ? "This presentation will give you an overview what to expect in the Free Software Radio devroom at FOSDEM 2022." : nil + let desc = """ The FOSS community suffers deeply from a fundamental paradox: every day, there are more lines of freely licensed code than ever in history, but, every day, it also becomes slightly more difficult to operate productively using only Open Source and Free Software. In one sense, we live in the paramount of success of FOSS: developers can easily find jobs writing mostly freely licensed software. Companies, charities, trade associations, and individual actors collaborate together on the same code bases in (relative) harmony. The entire Internet would cease to function without FOSS. Yet, the "last mile" of the most critical software that we rely on in our daily lives is usually proprietary. @@ -55,6 +65,18 @@ struct PreviewEvent { """ - return event + return Event(id: 10, + title: "Welcome to the Free Software Radio Devroom", + slug: "welcome", + subtitle: subtitle, + desc: desc, + start: start, duration: duration, + lastUpdated: Date(), + track: track, + eventType: type, + room: room, + authors: authors, + links: links) + // swiftlint:enable line_length } } diff --git a/Fosdem/Utils/SettingsHelper.swift b/Fosdem/Utils/SettingsHelper.swift new file mode 100644 index 0000000..7bb3c80 --- /dev/null +++ b/Fosdem/Utils/SettingsHelper.swift @@ -0,0 +1,46 @@ +// +// YearHelper.swift +// Fosdem +// +// Created by Sean Molenaar on 16/10/2022. +// Copyright © 2022 Sean Molenaar. All rights reserved. +// + +import Foundation + +class SettingsHelper: ObservableObject { + + public static let DEFAULTBOOL: Bool = false + public static let DEFAULTYEAR: String = "2024" + + @Published var bookmarks: Bool { + didSet { + UserDefaults.standard.set(bookmarks, forKey: "bookmarks") + } + } + + @Published var future: Bool { + didSet { + UserDefaults.standard.set(future, forKey: "future") + } + } + + @Published var localTime: Bool { + didSet { + UserDefaults.standard.set(localTime, forKey: "localTime") + } + } + + @Published var year: String { + didSet { + UserDefaults.standard.set(year, forKey: "year") + } + } + + init() { + year = UserDefaults.standard.string(forKey: "year") ?? SettingsHelper.DEFAULTYEAR + bookmarks = UserDefaults.standard.bool(forKey: "bookmarks") + future = UserDefaults.standard.bool(forKey: "future") + localTime = UserDefaults.standard.bool(forKey: "localTime") + } +} diff --git a/Fosdem/Utils/UrlHelper.swift b/Fosdem/Utils/UrlHelper.swift index 5af8a0f..322398d 100644 --- a/Fosdem/Utils/UrlHelper.swift +++ b/Fosdem/Utils/UrlHelper.swift @@ -18,18 +18,19 @@ extension Room { } func chatLink() -> URL { - return URL(string: "https://chat.fosdem.org/#/room/%23\(YearHelper().year)-\(shortName.lowercased()):fosdem.org")! + return URL(string: + "https://chat.fosdem.org/#/room/%23\(SettingsHelper().year)-\(shortName.lowercased()):fosdem.org")! } } - extension Event { func getPublicLink() -> URL { return URL(string: "https://fosdem.org/\(year)/schedule/event/\(slug)/")! } func chatLink() -> URL { - return URL(string: "https://chat.fosdem.org/#/room/\(room.name.lowercased())-\(type.name.lowercased()):fosdem.org")! + let type = type?.name.lowercased() ?? "UNKNOWN" + return URL(string: "https://chat.fosdem.org/#/room/\(room.name.lowercased())-\(type):fosdem.org")! } } diff --git a/Fosdem/Utils/YearHelper.swift b/Fosdem/Utils/YearHelper.swift deleted file mode 100644 index 55f3c8b..0000000 --- a/Fosdem/Utils/YearHelper.swift +++ /dev/null @@ -1,22 +0,0 @@ -// -// YearHelper.swift -// Fosdem -// -// Created by Sean Molenaar on 16/10/2022. -// Copyright © 2022 Sean Molenaar. All rights reserved. -// - -import Foundation - -class YearHelper: ObservableObject { - - @Published var year: String { - didSet { - UserDefaults.standard.set(year, forKey: "year") - } - } - - init() { - year = UserDefaults.standard.string(forKey: "year") ?? "2023" - } -} diff --git a/Fosdem/Views/EventDetailHeader.swift b/Fosdem/Views/EventDetailHeader.swift index 00536a7..9a4a105 100644 --- a/Fosdem/Views/EventDetailHeader.swift +++ b/Fosdem/Views/EventDetailHeader.swift @@ -17,10 +17,10 @@ struct EventDetailHeader: View { var body: some View { VStack(alignment: .leading, spacing: 0) { - GroupBox(event.track.name) { + GroupBox(event.track?.name ?? "UNKNOWN_TRACK") { VStack(alignment: .leading) { - Text(event.type.name.capitalized) - .foregroundColor(event.type.colorObject) + Text(event.type?.name.capitalized ?? "UNKNOWN_TYPE") + .foregroundColor(event.type?.colorObject ?? .gray) if let subtitle = event.subtitle { Text(subtitle) .foregroundColor(.secondary) @@ -41,12 +41,12 @@ struct EventDetailHeader: View { Divider() } SwiftUI.Link(destination: event.room.chatLink()) { - Label("button.chat", systemImage: "bubble.left.circle") + Label("Chat", systemImage: "bubble.left.circle") } if let item = Conference.roomStates.first(where: { $0.roomname == event.room.name }) { Divider() - Text(item.full ? "room.full" : "room.available") + Text(item.full ? "Room full" : "Room available") .foregroundColor(item.full ? .red : .green) } } diff --git a/Fosdem/Views/EventDetailView.swift b/Fosdem/Views/EventDetailView.swift index cee0e3c..6356847 100644 --- a/Fosdem/Views/EventDetailView.swift +++ b/Fosdem/Views/EventDetailView.swift @@ -9,10 +9,12 @@ import SwiftUI struct EventDetailView: View { - @ObservedObject private var event: Event + @Bindable private var event: Event @State private var selectedTabIndex = 0 @State private var permissionGranted = false + @State private var shouldPresentSheet = false + @State private var urlPlaying: Link? @Environment(\.colorScheme) var colorScheme: ColorScheme @Environment(\.managedObjectContext) var context @@ -39,8 +41,10 @@ struct EventDetailView: View { let trigger = UNTimeIntervalNotificationTrigger(timeInterval: event.start.timeIntervalSinceNow + 300, repeats: false) - event.userInfo.ensureUUID() - return UNNotificationRequest(identifier: event.userInfo.notificationUUID!.uuidString, content: notificationContent, trigger: trigger) + event.userInfo!.ensureUUID() + return UNNotificationRequest(identifier: event.userInfo!.notificationUUID!.uuidString, + content: notificationContent, + trigger: trigger) } var body: some View { @@ -48,7 +52,7 @@ struct EventDetailView: View { ScrollView { EventDetailHeader(event).frame(maxWidth: .infinity) - Picker("Test", selection: $selectedTabIndex, content: { + Picker("Details", selection: $selectedTabIndex, content: { Text("Description").tag(0) Text("Links").disabled(event.links.isEmpty).tag(1) if event.isOngoing { @@ -61,39 +65,71 @@ struct EventDetailView: View { ZStack { if selectedTabIndex == 0 { - HTMLFormattedText(event.desc ?? "", colorScheme: colorScheme) + if event.hasHTMLDescription { + HTMLFormattedText(event.desc ?? "", colorScheme: colorScheme) + } else { + if let desc = event.desc { + Text(LocalizedStringKey(desc)).padding() + } else { + Text("No description").foregroundColor(.gray) + .font(.title2) + .padding() + } + } } if selectedTabIndex == 1 { VStack(alignment: .leading) { if event.links.isEmpty { - Text("No links").foregroundColor(.gray).font(.title2).padding() + Text("No links").foregroundColor(.gray) + .font(.title2) + .padding() } else { - ForEach(Array(event.links)) { link in - SwiftUI.Link(destination: URL(string: link.href)!) { - Label(link.name, systemImage: "link") - }.padding() + ForEach(event.links) { link in + if link.isVideo { + Button(action: { + urlPlaying = link + shouldPresentSheet.toggle() + }, label: { + Label(link.name, systemImage: link.icon) + }) + } else { + SwiftUI.Link(destination: link.url) { + Label(link.name, systemImage: link.icon) + }.padding() + } } } } } if selectedTabIndex == 2 { VStack { - VideoPlayer(event.room.liveStreamLink()) + VideoPlayer(Link(name: "Livestream", url: event.room.liveStreamLink(), type: "video")) } } } } }.navigationTitle(Text(event.title)) .navigationBarTitleDisplayMode(.inline) + .sheet(isPresented: $shouldPresentSheet) { + print("Sheet dismissed!") + } content: { + if let url = urlPlaying { + VideoPlayer(url) + } else { + Text("No video available 😔") + } + } .toolbar { ToolbarItem(placement: .automatic) { ShareLink("Share web link", item: event.getPublicLink(), message: Text(event.title)) } ToolbarItem(placement: .primaryAction) { - Toggle(isOn: $event.userInfo.favorite, label: { - Label("Favorite", systemImage: event.userInfo.favorite ? "bookmark.fill" : "bookmark").backgroundStyle(.clear) + Toggle(isOn: $event.isFavourite, label: { + Label("Favorite", + systemImage: event.userInfo!.favorite ? "bookmark.fill" : "bookmark") + .backgroundStyle(.clear) }).onTapGesture(count: 1, perform: { - let _ = debugPrint(event.userInfo.favorite) + debugPrint(event.userInfo!.favorite) if event.start.timeIntervalSinceNow <= 0 { return } @@ -103,8 +139,10 @@ struct EventDetailView: View { if permissionGranted { UNUserNotificationCenter.current().add(notificationRequest()) } - event.userInfo.ensureUUID() - UNUserNotificationCenter.current().removePendingNotificationRequests(withIdentifiers: [event.userInfo.notificationUUID!.uuidString]) + event.userInfo!.ensureUUID() + UNUserNotificationCenter.current() + .removePendingNotificationRequests(withIdentifiers: + [event.userInfo!.notificationUUID!.uuidString]) }) } } diff --git a/Fosdem/Views/EventListView.swift b/Fosdem/Views/EventListView.swift index 38f7436..c704f72 100644 --- a/Fosdem/Views/EventListView.swift +++ b/Fosdem/Views/EventListView.swift @@ -7,53 +7,31 @@ // import SwiftUI +import SwiftData struct EventListView: View { @State private var query = "" private var listPredicate: ListPredicate = ListPredicate() @State private var isSheetPresented: Bool = false - @State private var bookmarks: Bool = false - @State private var future: Bool = false - @State private var localTime: Bool = false + @State private var bookmarks: Bool = SettingsHelper().bookmarks + @State private var future: Bool = SettingsHelper().future + @State private var localTime: Bool = SettingsHelper().localTime + @State private var year: String = SettingsHelper().year @State private var visibility: NavigationSplitViewVisibility = .doubleColumn - var suffix = "" + @Environment(\.modelContext) var modelContext - @FetchRequest( - sortDescriptors: [ - SortDescriptor(\.name, order: .forward) - ] - ) var personEvents: FetchedResults - - @FetchRequest( - sortDescriptors: [ - SortDescriptor(\.start, order: .forward) - ], - predicate: NSPredicate(format: "userInfo.favorite == YES", []) - ) var myEvents: FetchedResults - - @SectionedFetchRequest( - sectionIdentifier: \.track.name, - sortDescriptors: [ - SortDescriptor(\.track.name, order: .forward), - SortDescriptor(\.start, order: .forward) - ], - predicate: nil - ) var trackEvents: SectionedFetchResults - - @SectionedFetchRequest( - sectionIdentifier: \.room.name, - sortDescriptors: [ - SortDescriptor(\.room.name, order: .forward), - SortDescriptor(\.start, order: .forward) - ], - predicate: nil - ) var roomEvents: SectionedFetchResults + @Query(sort: \Person.name) var personEvents: [Person] + @Query(filter: #Predicate { event in + event.userInfo?.favorite == true + }, sort: \Event.start, order: .forward) var myEvents: [Event] + @Query(sort: [SortDescriptor(\Track.name)]) var trackEvents: [Track] + @Query(sort: \Room.name) var roomEvents: [Room] var trackList: some View { - List(trackEvents) { section in - Section(header: Text("\(section.id)")) { - ForEach(section) { event in + List(trackEvents) { track in + Section(header: Text("\(track.name)")) { + ForEach(track.events.sorted { $0.start >= $1.start }) { event in NavigationLink(value: event, label: { ListItem(event, bookmarkEmphasis: bookmarks) }) } } @@ -65,12 +43,12 @@ struct EventListView: View { } var roomList: some View { - List(roomEvents) { section in - Section(header: Text("\(section.id)")) { - ForEach(section) { event in - NavigationLink(value: event, label: { ListItem(event, bookmarkEmphasis: bookmarks) }) - } - } + List(roomEvents) { _ in +// Section(header: Text("\(room.name)")) { +// ForEach(room.events.sorted { $0.start >= $1.start }) { event in +// NavigationLink(value: event, label: { ListItem(event, bookmarkEmphasis: bookmarks) }) +// } +// } }.overlay(Group { if trackEvents.isEmpty && query.isEmpty { ProgressView("Still loading events").progressViewStyle(CircularProgressViewStyle()) @@ -81,7 +59,7 @@ struct EventListView: View { var personList: some View { List(personEvents) { person in Section(person.name) { - ForEach(Array(person.events)) { event in + ForEach(Array(person.events.sorted { $0.start >= $1.start })) { event in NavigationLink(value: event, label: { ListItem(event, bookmarkEmphasis: bookmarks) }) } } @@ -110,30 +88,23 @@ struct EventListView: View { Label("No Bookmarks yet", systemImage: "bookmark.slash") } }) - }.onChange(of: bookmarks, perform: { value in - listPredicate.bookmarks = bookmarks - trackEvents.nsPredicate = listPredicate.predicate(.track) - roomEvents.nsPredicate = listPredicate.predicate(.room) - personEvents.nsPredicate = listPredicate.predicate(.person) - }).onChange(of: future, perform: { value in - listPredicate.future = future - trackEvents.nsPredicate = listPredicate.predicate(.track) - roomEvents.nsPredicate = listPredicate.predicate(.room) - personEvents.nsPredicate = listPredicate.predicate(.person) - }).onChange(of: query) { newValue in - listPredicate.searchQuery = newValue - trackEvents.nsPredicate = listPredicate.predicate(.track) - roomEvents.nsPredicate = listPredicate.predicate(.room) - personEvents.nsPredicate = listPredicate.predicate(.person) + }.onChange(of: year) { + Task { + await RoomStatusFetcher.fetchRoomStatus() + await RemoteScheduleFetcher.fetchSchedule() + } }.searchable( text: $query, placement: .navigationBarDrawer ).refreshable { - RoomStatusFetcher.fetchRoomStatus() - RemoteScheduleFetcher.fetchSchedule() + Task { + await RoomStatusFetcher.fetchRoomStatus() + await RemoteScheduleFetcher.fetchSchedule() + } }.navigationDestination(for: Event.self, destination: { event in EventDetailView(event) - }).toolbar { + }) + .toolbar { ToolbarItem(placement: .secondaryAction) { NavigationLink { AboutView() } label: { Label("About", systemImage: "questionmark.bubble.fill") @@ -142,20 +113,18 @@ struct EventListView: View { ToolbarItem(placement: .primaryAction) { Button(action: { isSheetPresented.toggle() - }, label: { Label("Filter", systemImage: "slider.horizontal.2.square.on.square")}) + }, label: { Label("Filter lists", systemImage: "slider.horizontal.2.square.on.square")}) .sheet(isPresented: $isSheetPresented, content: { - Form { - Section("Filters") { - Toggle(isOn: $bookmarks, label: { Label("Bookmarks only", systemImage: "bookmark")}) - Toggle(isOn: $future, label: { Label("Future events only", systemImage: "clock")}) - } - Section("Settings") { - Toggle(isOn: $localTime, label: { Label("button.timezone.local", systemImage: "globe")}) - } - }.presentationDetents([.fraction(0.3)]) + SettingsView().presentationDetents([.medium]) }) } - }.navigationTitle("Fosdem \(YearHelper().year)") + }.navigationTitle("Fosdem \(year)") + .task { + if personEvents.isEmpty && trackEvents.isEmpty { + await RoomStatusFetcher.fetchRoomStatus() + await RemoteScheduleFetcher.fetchSchedule() + } + } } } } diff --git a/Fosdem/Views/EventTypeColor.swift b/Fosdem/Views/EventTypeColor.swift new file mode 100644 index 0000000..80e453f --- /dev/null +++ b/Fosdem/Views/EventTypeColor.swift @@ -0,0 +1,15 @@ +// +// EventTypeIcon.swift +// Fosdem +// +// Created by Sean Molenaar on 20/01/2024. +// Copyright © 2024 Sean Molenaar. All rights reserved. +// + +import SwiftUI + +extension EventType { + var colorObject: Color { + return Color(hexString: color) + } +} diff --git a/Fosdem/Views/EventTypeIcon.swift b/Fosdem/Views/EventTypeIcon.swift new file mode 100644 index 0000000..2223adf --- /dev/null +++ b/Fosdem/Views/EventTypeIcon.swift @@ -0,0 +1,38 @@ +// +// EventTypeIcon.swift +// Fosdem +// +// Created by Sean Molenaar on 20/01/2024. +// Copyright © 2024 Sean Molenaar. All rights reserved. +// + +import Foundation + +enum EventTypeIcon: String { + case devroom = "keyboard" + case keynotes = "sparkles.tv" + case lightningtalk = "bolt" + case maintrack = "road.lanes" + case certification = "checkmark.seal" + case bof = "bird" + case none = "questionmark.circle" + + static func getIconFor(_ string: String) -> EventTypeIcon { + switch string.lowercased() { + case "devroom": + return .devroom + case "keynotes": + return .keynotes + case "lightningtalk": + return .lightningtalk + case "maintrack": + return .maintrack + case "bof": + return .bof + case "certification": + return .certification + default: + return .none + } + } +} diff --git a/Fosdem/Views/ListItem.swift b/Fosdem/Views/ListItem.swift index 7372452..f6e473f 100644 --- a/Fosdem/Views/ListItem.swift +++ b/Fosdem/Views/ListItem.swift @@ -9,7 +9,7 @@ import SwiftUI struct ListItem: View { - @ObservedObject private var event: Event + private var event: Event private var bookmarkEmphasis: Bool @Environment(\.managedObjectContext) var context @@ -22,7 +22,7 @@ struct ListItem: View { var body: some View { HStack { ZStack(alignment: .topLeading) { - if let lastSeen = event.userInfo.lastSeen, + if let lastSeen = event.userInfo?.lastSeen, event.lastUpdated > lastSeen && !event.isEnded { Circle() .foregroundColor(.accentColor) @@ -41,31 +41,32 @@ struct ListItem: View { if event.isOngoing { LiveIcon() } Text(event.title) - .bold(event.userInfo.favorite && bookmarkEmphasis) + .bold(event.userInfo?.favorite ?? false && bookmarkEmphasis) .foregroundColor(!event.isEnded ? .primary : .gray) }.contextMenu { - Label(event.track.name.capitalized, systemImage: event.type.icon) + Label(event.track?.name.capitalized ?? "TRACK", systemImage: event.type?.icon ?? "questionmark.app") Label(event.formatTime(), systemImage: "calendar.badge.clock") - if event.room.isVirtual() { - Label(event.room.name, systemImage: "message.fill") + let room = event.room + if room.isVirtual() { + Label(room.name, systemImage: "message.fill") } else { - SwiftUI.Link(destination: event.room.getNavigationLink()) { - Label(event.room.name, systemImage: "location.circle") + SwiftUI.Link(destination: room.getNavigationLink()) { + Label(room.name, systemImage: "location.circle") } } - if let item = Conference.roomStates.first(where: { $0.roomname == event.room.name }), item.full { + if let item = Conference.roomStates.first(where: { $0.roomname == room.name }), item.full { Label("Room full", systemImage: "hand.raised").foregroundColor(.red) } ShareLink("Share web link", item: event.getPublicLink(), message: Text(event.title)) }.swipeActions { - Button(action: { event.userInfo.favorite.toggle() }, label: { - Label("Favorite", systemImage: event.userInfo.favorite ? "star.fill" : "star") + Button(action: { event.userInfo?.favorite.toggle() }, label: { + Label("Favorite", systemImage: event.userInfo?.favorite ?? false ? "star.fill" : "star") }).tint(.orange) } .onAppear { - event.userInfo.lastSeen = Date() + event.userInfo?.lastSeen = Date() try? context.save() } } diff --git a/Fosdem/Views/ListPredicate.swift b/Fosdem/Views/ListPredicate.swift index cdfe828..df6d3a3 100644 --- a/Fosdem/Views/ListPredicate.swift +++ b/Fosdem/Views/ListPredicate.swift @@ -13,58 +13,66 @@ class ListPredicate: ObservableObject { public var future: Bool = false public var searchQuery: String = "" - public func predicate(_ type: ListPredicateType) -> NSPredicate? { - if !future && !bookmarks && searchQuery.isEmpty { - return nil - } - - var predicates: [NSPredicate] = [] - if bookmarks { - switch(type) { - case .person: - predicates.append(NSPredicate(format: "ANY events.userInfo.favorite == YES")) - default: - predicates.append(NSPredicate(format: "userInfo.favorite == YES")) - } - - } - - if future { - let date = NSDate() - switch(type) { - case .person: - predicates.append(NSPredicate(format: "ANY events.start > %@", argumentArray: [date])) - default: - predicates.append(NSPredicate(format: "start > %@", argumentArray: [date])) - } - } - - if !searchQuery.isEmpty { - switch(type) { - case .person: - predicates.append(searchPredicate(keypaths: [#keyPath(Person.name)])) - case .room: - predicates.append(searchPredicate(keypaths: [#keyPath(Event.room.name), #keyPath(Event.title)])) - case .track: - predicates.append(searchPredicate(keypaths: [#keyPath(Event.track.name), #keyPath(Event.title)])) - default: - break - } - } - - return NSCompoundPredicate(andPredicateWithSubpredicates: predicates) - } - - private func searchPredicate(keypaths: [String]) -> NSPredicate { - var format: [String] = [] - var queries: [String] = [] - keypaths.forEach { keypath in - format.append("%K CONTAINS[cd] %@") - queries.append(keypath) - queries.append(searchQuery) - } - return NSPredicate(format: format.joined(separator: " OR "), argumentArray: queries) - } +// public func predicate(_ type: ListPredicateType) -> Predicate? { +// if !future && !bookmarks && searchQuery.isEmpty { +// return nil +// } +// +// var predicates: [Predicate] = [] +// if future { +// self.minDatePredicateSelector(type: type, date: Date(), predicates: &predicates) +// } +// +// if bookmarks { +// self.bookmarkedPredicateSelector(type: type, predicates: &predicates) +// } +// +// if !searchQuery.isEmpty { +// self.searchPredicateSelector(type: type, predicates: &predicates) +// } +// +// return CompoundPredicate(andPredicateWithSubpredicates: predicates) +// } +// +// private func bookmarkedPredicateSelector(type: ListPredicateType, predicates: inout [Predicate]) { +// switch type { +// case .person: +// predicates.append(Predicate(format: "ANY events.userInfo.favorite == YES")) +// default: +// predicates.append(Predicate(format: "userInfo.favorite == YES")) +// } +// } +// +// private func minDatePredicateSelector(type: ListPredicateType, date: Date, predicates: inout [Predicate]) { +// switch type { +// case .person: +// predicates.append(Predicate(format: "ANY events.start > %@", argumentArray: [date])) +// default: +// predicates.append(Predicate(format: "start > %@", argumentArray: [date])) +// } +// } +// +// private func searchPredicateSelector(type: ListPredicateType, predicates: inout [Predicate]) { +// switch type { +// case .person: +// predicates.append(searchPredicate(keypaths: [#keyPath(Person.name)])) +// case .room: +// predicates.append(searchPredicate(keypaths: [#keyPath(Event.room.name), #keyPath(Event.title)])) +// case .track: +// predicates.append(searchPredicate(keypaths: [#keyPath(Event.track.name), #keyPath(Event.title)])) +// } +// } +// +// private func searchPredicate(keypaths: [String]) -> Predicate { +// var format: [String] = [] +// var queries: [String] = [] +// keypaths.forEach { keypath in +// format.append("%K CONTAINS[cd] %@") +// queries.append(keypath) +// queries.append(searchQuery) +// } +// return Predicate(format: format.joined(separator: " OR "), argumentArray: queries) +// } } enum ListPredicateType { diff --git a/Fosdem/Views/SettingsView.swift b/Fosdem/Views/SettingsView.swift index b5e146b..b987718 100644 --- a/Fosdem/Views/SettingsView.swift +++ b/Fosdem/Views/SettingsView.swift @@ -8,12 +8,62 @@ import Foundation import SwiftUI +import SwiftData struct SettingsView: View { + @State private var bookmarks: Bool = SettingsHelper().bookmarks + @State private var future: Bool = SettingsHelper().future + @State private var localTime: Bool = SettingsHelper().localTime + @State private var year: String = SettingsHelper().year + + @Environment(\.modelContext) private var modelContext + var body: some View { Form { + Section("Filters") { + Toggle(isOn: $bookmarks, label: { Label("Bookmarks only", systemImage: "bookmark")}) + Toggle(isOn: $future, label: { Label("Future events only", systemImage: "clock")}) + } + Section("Settings") { + Toggle(isOn: $localTime, + label: { + Label("Local timezone", systemImage: "globe") + } + ) + Picker(selection: $year) { + ForEach(getYears(), id: \.self) { + Text($0) + } + } label: { + Label("Year", systemImage: "calendar") + } + } + }.presentationDetents([.fraction(0.3)]) + .onChange(of: year) { _, value in + SettingsHelper().year = value + do { + try modelContext.delete(model: Conference.self) + } catch { + debugPrint("Failed to clear") + } + } + } + private func getYears() -> [String] { + let cal = Calendar.current + let start = try? Date("2020-01-01T00:00:00Z", strategy: .iso8601) + let last = cal.date(byAdding: .yearForWeekOfYear, value: 1, to: Date())! + + let formatter = DateFormatter() + formatter.dateFormat = "Y" + formatter.timeZone = .gmt + + var years: [String] = [] + for date in Int(formatter.string(from: start!))!...Int(formatter.string(from: last))! { + years.append(String(date)) } + + return years } } diff --git a/Fosdem/Views/TrackColor.swift b/Fosdem/Views/TrackColor.swift new file mode 100644 index 0000000..06f6735 --- /dev/null +++ b/Fosdem/Views/TrackColor.swift @@ -0,0 +1,15 @@ +// +// EventTypeIcon.swift +// Fosdem +// +// Created by Sean Molenaar on 20/01/2024. +// Copyright © 2024 Sean Molenaar. All rights reserved. +// + +import SwiftUI + +extension Track { + var colorObject: Color { + return Color(hexString: color) + } +} diff --git a/Fosdem/Views/VideoPlayer.swift b/Fosdem/Views/VideoPlayer.swift index 400e842..74057c5 100644 --- a/Fosdem/Views/VideoPlayer.swift +++ b/Fosdem/Views/VideoPlayer.swift @@ -11,8 +11,8 @@ import AVKit struct VideoPlayer: View { private var player: AVPlayer - init(_ url: URL) { - let player = AVPlayer(url: url) + init(_ link: Link) { + let player = AVPlayer(url: link.url) player.audiovisualBackgroundPlaybackPolicy = .continuesIfPossible player.allowsExternalPlayback = true @@ -37,6 +37,7 @@ struct VideoPlayer: View { struct VideoPlayer_Previews: PreviewProvider { static var previews: some View { - VideoPlayer(URL(string: "https://github.com")!) + let link = Link(name: "A", url: URL(string: "https://github.com")!, type: nil) + VideoPlayer(link) } } diff --git a/FosdemTests/schedule_2019.xml b/FosdemTests/schedule_2019.xml deleted file mode 100644 index 8e92a97..0000000 --- a/FosdemTests/schedule_2019.xml +++ /dev/null @@ -1,21706 +0,0 @@ - - - - FOSDEM 2019 - - ULB (Université Libre de Bruxelles) - Brussels - 2019-02-02 - 2019-02-03 - 2 - 09:00:00 - 00:05:00 - - - - - 09:30 - 00:25 - Janson - keynotes_welcome - Welcome to FOSDEM 2019 - - Keynotes - keynote - - <p>FOSDEM welcome and opening talk.</p> - <p>Welcome to FOSDEM 2019!</p> - - FOSDEM Staff - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:50 - Janson - full_software_freedom - Can Anyone Live in Full Software Freedom Today? - Confessions of Activists Who Try But Fail to Avoid Proprietary Software - Keynotes - keynote - - <p>The FOSS community suffers deeply from a fundamental paradox: every day, there are more lines of freely licensed code than ever in history, but, every day, it also becomes slightly more difficult to operate productively using only Open Source and Free Software.</p> - <p>In one sense, we live in the paramount of success of FOSS: developers can easily find jobs writing mostly freely licensed software. Companies, charities, trade associations, and individual actors collaborate together on the same code bases in (relative) harmony. The entire Internet would cease to function without FOSS. Yet, the "last mile" of the most critical software that we rely on in our daily lives is usually proprietary.</p> - -<p>We, the presenters of this talk, live as the canaries in the coalmine of proprietary software. We have spent our lives seeking to actively avoid proprietary software but both personally and professionally, we find ourselves making compromises. In this talk, we will report the results of our diligent efforts to use only FOSS in our daily work.</p> - -<p>Ideally, it would be possible to live a software freedom lifestyle in the way a vegetarian lives a vegetarian lifestyle: minor inconveniences at some restaurants and stores, but generally most industrialized societies provide opportunity and resources to support that moral choice. Not so with proprietary software: often, the compromise is between "spend hours or days for a task that would take mere minutes with proprietary software". In other cases, important opportunities are simply not offered to those who chose software freedom.</p> - -<p>The advent of network services, which mix server-side secret software, and proprietary Javascript or "Apps", are central to the decline in the ability to live a productive, convenient life in software freedom. However, few in our community focus on the implications of this and related problems, and few now even try to resist. We have tried to resist, and while we have succeeded occasionally, we have failed overall to live life in software freedom.</p> - -<p>In this talk, we will report on where the resistance fails the most and why. Finally, we will make suggestions of where volunteer developers can most strategically focus their efforts to build a world where all can live in software freedom.</p> - - Bradley M. Kuhn - Karen Sandler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - Janson - floss_internet_future - FLOSS, the Internet and the Future - - Keynotes - keynote - - <p>The FLOSS movement is not just about convenience; our DNA includes a set of values that bring life to FLOSS. We’ve seen some of these values encoded in the infrastructure of the Internet and online life. We’ve also seen very troubling characteristics emerge online, where individuals and society face new and sometimes explosive risk. This talk explores how the FLOSS movement might reevaluate our values and seek to apply the lessons to our own projects and perhaps more broadly to online life as well.</p> - <p>Today FLOSS software is everywhere. In some ways the dream of 20 years ago has been realized. FLOSS software is the norm, GitHub is mainstream. The technology that dominates our era — the internet — is firmly based in FLOSS software, open standards, and interoperability. These are victories, and we should celebrate them. FLOSS was radical idea, and we proved its value.</p> - -<p>However, Internet life is increasingly run by a handful of organizations. Many of these, like Facebook, google and amazon have FLOSS software at the core of they systems. However, the layers on top are not FLOSS and there is little openness in the systems they create and run. Today a common refrain is “the Internet is broken. What can we do?”</p> - -<p>One part of the answer to this is to be found in FLOSS software. That’s because FLOSS is not just a matter of convenience, of grabbing a library somewhere because it’s quick and efficient. FLOSS is not something of the past. FLOSS is not something settled, and comfortable and run of the mill.</p> - -<pre><code>FLOSS is about freedom. It’s about the choice of the individual to not accept what we are given, the freedom to branch off, to fork off and create something different. -Floss software is not about wringing the very last cent of value out of a piece of software for the benefit of a small set of people. FLOSS software is about creating value for everyone. -FLOSS software is about collaboration. -</code></pre> - -<p>We need all of these values in digital life today. We don’t have them, just as we didn’t have them in desktop computing in the windows era. We didn’t have them until FLOSSS made them real. Starting with developer tools and compilers and building to operating systems,systems, and then browsers and then all sorts of software. We need that journey in digital life as well.</p> - -<p>It won’t be easy. Facebook and Google and Amazon and Alibaba are powerful monopolies just as Microsoft was in the previous era. It won’t be easy— there will be a period of building developer tool s and libraries before the FLOSS movement generates a raft of full fledged complex products. - It may not be easy, but its worthwhile. its’ beyond worthwhile — its critical. And it can be wildly rewarding.</p> - -<p>FLOSS advocates and developers can not solve all the problems of digital life. But we can play an important role, a critical role. The world needs technologists who show that a better way is possible. We show a better ways possible by building a better way. By building tools and libraries and products that give a meaningful choice. Some will protect privacy, others will be algorithms and data sets that are transparent and verifiable. Others you will dream up. or perhaps you are working on them now.</p> - -<p>For many people today technology is becoming frightening. the world is looking for technologists who with values, and technologies who actually live by their values. The FLOSS world does this. We have licenses that we don’t change whenever it’s convenient or might bring us more money than fame. We live with them because we have decided as a community that our licenses reflect enduring values that are bigger than we are.</p> - -<p>We need FLOSS communities and projects in an every larger variety of the tech world. Perhaps that means reaching outside our own comfort zones. Or perhaps it means expanding the circle to include colleagues in open data, AI and other new technologies. We should be examples, support examples, and demand that more and more of online life incorporate the values that draw us to FLOSS. And we build and support those people and projects that are doing so.</p> - - Mitchell Baker - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - Janson - blockchain_ethics - Blockchain: The Ethical Considerations - - Keynotes - keynote - - <p>What kind of world do we want to see blockchain make? Upsides like increased transparency, distributed control and the elimination of duplicative administrative work are appealing, but where are the potential downsides? We no longer live in a world where we can put off a conversation about the social impact of our work. Old industries used to call negative effects of their work "externalities" and it would sometimes take decades to discover the negative social effects and environmental destruction that had been wreaked by a new technological process.</p> - <p>What kind of world do we want to see blockchain make? Upsides like increased transparency, distributed control and the elimination of duplicative administrative work are appealing, but where are the potential downsides? We no longer live in a world where we can put off a conversation about the social impact of our work. Old industries used to call negative effects of their work "externalities" and it would sometimes take decades to discover the negative social effects and environmental destruction that had been wreaked by a new technological process.</p> - -<p>Software is collaborative and fast which means early technical decisions have a huge impact on the way we grow. Is the heavy amount of computing power required for bitcoin widening the global wealth gap in a way that best resembles a fictional dystopia? Is the decentralization promised only available to certain kinds of players because of certification gate-keeping or network effects that rely on huge amounts of existing capital?</p> - -<p>Given the power and ubiquity of software, nothing is truly "external" to our work. Once we identify the ways that blockchain could potentially be used to build a nightmarish dystopia, what do we do? How can we ensure that the power and potential to improve lives is as evenly distributed as possible?</p> - - Deb Nicholson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:50 - Janson - mattermost_layered_extensibility - Mattermost’s Approach to Layered Extensibility in Open Source - - Communications - maintrack - - <p>Mattermost is an open source, enterprise-grade messaging platform with thousands of contributors. At Mattermost, we set out to build a platform that would support a variety of extensions. Ranging from simple webhooks accepting curl commands, to bot and integration frameworks, a rich plug-in architecture across server and client experiences, to full access to system APIs with language-specific drivers. All of this is built on top of an open source engine with an open and accessible data model in SQL. We’ll chat about our approach to extending the platform as well as tools, technologies, and best practices for developers writing integrations with our developer toolkit.</p> - - - Corey Hulen - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - Janson - matrix_french_state - Matrix in the French State - What happens when a government adopts open source & open standards for all its internal communication? - Communications - maintrack - - <p>At the beginning of 2018, the French Government reached out to Matrix.org to discuss the idea of creating an entirely open source, standards-based encrypted messaging app as the official means of instant messaging and VoIP communication across the government; replacing adhoc usage of centralised proprietary services such as Telegram and WhatsApp. As of summer 2018, their app exists (a public fork of Riot.im), and there is now a massive federation of Matrix servers deployed throughout the government serving up to 5.5M users, spanning over 30 clusters, letting each ministry run and admin their own operationally independent deployment. In this talk we'll tell the adventure of rolling out FOSS communications at this scale, and give a tour of the architecture and all the work that's gone into Matrix along the way to reach a 1.0 capable of powering government-grade communication.</p> - <p>Matrix is an open source project that defines a protocol for secure, decentralised real-time communication - providing simple HTTP+JSON APIs for sending and receiving instant messages, VoIP calls, file transfers, and any other arbitrary realtime data. In this talk we'll tell the tale of how the French Government has deployed Matrix at massive scale, show off their app and its capabilities, and dive into all the challenges and solutions which came up along the way. Particularly, we'll cover what was needed to finalise Matrix's end-to-end encryption such that it can be turned on by default for all conversations; designing whole new extensions to Matrix to support content-scanning of E2E encrypted attachments, and the pleasures of high-availability clustering and management of Matrix server farms by Ansible.</p> - -<p>Meanwhile, Matrix itself is rushing towards a 1.0 release (as of Oct 2018) - defining stable releases of the spec across all API surfaces; defining the long-term open governance process for Matrix; iterating on the room state merge resolution protocol which lies at the core of Matrix's decentralisation; and massive amounts of performance work: reducing disk space by 10x thanks to improved state compression; switching from O(N) to O(1) state resolution via memoization; reducing sync sizes and client RAM by 3-5x via lazy-loading members; saving 2-3x RAM in Synapse by migrating from Python 2 to Python 3 etc. We'll give a tour of Matrix 1.0, and talk about what comes next!</p> - - Matthew Hodgson - - - Matrix.org Homepage - The Matrix.org Spec - Matrix and Riot confirmed as the basis for France’s Secure Instant Messenger app - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - Janson - dns_over_http - DNS over HTTPS - the good, the bad and the ugly - Why, how, when and who gets to control how names are resolved - Communications - maintrack - - <p>DNS over HTTPS (aka "DoH", RFC 8484) introduces a new transport protocol to do secure and private DNS messaging. Why was it made, how does it work and how users are free (to resolve names).</p> - <p>The presentation will discuss reasons why DoH was deemed necessary and interesting to ship and deploy and how it compares to alternative technologies that offer similar properties. It will discuss how this protocol "liberates" users and offers stronger privacy (than the typical status quo).</p> - -<p>How to enable and start using DoH today.</p> - -<p>It will also discuss some downsides with DoH and what you should consider before you decide to use a random DoH server on the Internet.</p> - - Daniel Stenberg - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - Janson - netflix_freebsd - Netflix and FreeBSD - Using Open Source to Deliver Streaming Video - Communications - maintrack - - <p>Netflix has built a CDN to distribute streaming media through most of the world. The content caches run a lightly customized version of the FreeBSD operating system. This presentation will describe how Netflix uses FreeBSD, and the benefits to both FreeBSD and Netflix.</p> - <p>Netflix has built a CDN, called <a href="https://openconnect.netflix.com/">Open Connect</a>, to distribute streaming media through most of the world. According to <a href="https://www.sandvine.com/phenomena">Sandvine</a>, Netflix accounts for approximately 15% of all downstream traffic volume across the entire internet. The content caches in the Netflix CDN, also known as <a href="https://openconnect.netflix.com/appliances/">Open Connect Appliances</a> (or, simply, OCAs), run a lightly customized version of FreeBSD.</p> - -<p>In some ways, this is nothing special: many products are based on an open-source operating system. However, Netflix does something slightly unusual, in that its OCA operating system code closely tracks the FreeBSD "head" branch (their development branch). In fact, a commit to the upstream FreeBSD development branch will usually be fully deployed across Netflix's CDN within 5-15 weeks.</p> - -<p>The Netflix development team strives for monthly releases for the content caches. We try to synchronize the latest code from FreeBSD's head branch at least once during each monthly release cycle. We then test this code thoroughly before deploying it across the Open Connect network. It is common that we find at least some bugs; however, we are able to work with upstream developers to fix these while the commits are fresh in their mind. This early (and widespread) use of the code gives the upstream FreeBSD Project the benefit of quick deployment and validation of their development-branch code across a wide fleet of servers. Netflix gets the benefit of being able to quickly use new features, and of getting quick bug fixes.</p> - -<p>Although it might seem scary to run "development" code in production, we find that it works very well in practice. The FreeBSD development branch is usually quite stable. Additionally, we expect that we will find some bugs. However, we find that it is much better to find and fix those sooner, rather than later. Also, Netflix is committed to upstreaming most of our customizations that have general applicability. Tracking the upstream development branch keeps us in the best position to easily upstream our changes.</p> - -<p>In this presentation, Jonathan Looney will explain how Netflix uses the FreeBSD development branch code to help Netflix produce the robust operating system which supports the Netflix CDN, and the synergies Netflix and FreeBSD see through this use.</p> - - Jonathan Looney - - - Open Connect Website - FreeBSD Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:50 - Janson - tpm2 - The TPM2 software community - Getting started as a user, becoming a contributor - Hardware - maintrack - - <p>Security is and has been a hot topic in recent history. Software and hardware systems are increasingly complex, vulnerabilities increasingly publicised and attack methodologies increasingly sophisticated. This trend began long ago as did efforts to design and implement foundational technologies to curtail it. The trusted platform module (TPM) is one such technology. It was specifically designed to thwart attacks that aim to steal or misuse sensitive cryptographic keys. Despite its obvious benefits, TPM adoption on OSS platforms was historically minimal.</p> - -<p>The next iteration of TPM implementations (TPM2) is quickly reaching critical mass in consumer computing platforms. Aiming to capitalize on the availability of TPM2 hardware, the tpm2-software organization on Github (https://github.com/tpm2-software) has coalesced as a community around the implementation of the TCG standard APIs, and their integration into common software tool and infrastructure. This talk will start with an overview of the tpm2-software community, it's history, it's current direction and how new users can get involved. The talk will then shift to discuss the technical details of the TPM2 software stack (TSS2) infrastructure and programming APIs and our current efforts to improve the security properties of OSS through their adoption. Finally, we'll conclude by presenting a use case driving the implementation of a new TPM2 Command Transmission Interface (TCTI) module enabling use of the TPM2 from with the SGX trusted execution environment.</p> - <p>Security is and has been a hot topic in recent history. Software and hardware systems are increasingly complex, vulnerabilities increasingly publicised and attack methodologies increasingly sophisticated. This trend began long ago as did efforts to design and implement foundational technologies to curtail it. The trusted platform module (TPM) is one such technology. It was specifically designed to thwart attacks that aim to steal or misuse sensitive cryptographic keys. Despite its obvious benefits, TPM adoption on OSS platforms was historically minimal.</p> - -<p>The next iteration of TPM implementations (TPM2) is quickly reaching critical mass in consumer computing platforms. Aiming to capitalize on the availability of TPM2 hardware, the tpm2-software organization on Github (https://github.com/tpm2-software) has coalesced as a community around the implementation of the TCG standard APIs, and their integration into common software tool and infrastructure. This talk will start with an overview of the tpm2-software community, it's history, it's current direction and how new users can get involved. The talk will then shift to discuss the technical details of the TPM2 software stack (TSS2) infrastructure and programming APIs and our current efforts to improve the security properties of OSS through their adoption. Finally, we'll conclude by presenting a use case driving the implementation of a new TPM2 Command Transmission Interface (TCTI) module enabling use of the TPM2 from with the SGX trusted execution environment.</p> - - Philip Tricca - Andreas Fuchs - - - tpm2-software github organization - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:50 - Janson - mender - Mender - an open source OTA software update manager for IoT - - Hardware - maintrack - - <p>Robust software updates on Embedded Linux devices is complex, and doing robust software updates over-the-air adds to the complexity. The hardships come of course from the embedded environment which differ in many ways compared to desktop or server Linux installations, where you must handle poor mobile network connectivity, sudden power-loss and never leave a device in a unusable state (brick) when doing the update OTA.</p> - -<p>There are a lot of examples that have gotten attention in media, where unstable software update solutions have caused real-life problems which could have been mitigated by a robust software solution that is able to handle the corner cases that exist in the embedded environment.</p> - -<p>In this talk Mirza Krak will present Mender, Apache 2.0 licensed end-to-end software update solution. This is a deep-dive session that will cover:</p> - -<p>Mender project ecosystem -Insights to technical solutions/choices -Security model/approach -Community</p> - -<p>Drew will also present some of the features that are being worked on and what lays ahead for the project.</p> - <p>Benefit of Open Source Ecosystem</p> - -<p>This presentation will help the open source community get detailed insight of the Mender project and general knowledge of designing an software update system for IoT devices.</p> - - Drew Moseley - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 11:00 - 00:50 - K.1.105 (La Fontaine) - nbdkit - Better loop mounts with NBD - Take your loop mounts to the next level with nbdkit - Storage - maintrack - - <p>Loop mounts let you mount a simple file as a device. But imagine having "FUSE for loop mounts". Linux Network Block Device (NBD) with the nbdkit server takes the concept of loop mounting to the next level, giving you a flexible, scriptable loop device, useful for end users, and for developers wanting to test anything involving a block device.</p> - <p>Loop mounts let you mount a simple file as a device. Network Block Device (NBD) with the nbdkit server takes this concept to the next level. You can mount compressed files. Turn multiple files into a partitioned device. Mount esoteric formats like VMDK. NBD can also be used for testing: You can create giant devices up to 2^63 bytes in RAM and find out how filesystems cope. Inject errors on demand into your block devices to test error detection and recovery. Add delays to make disks deliberately slow. I will also show you how to write useful block devices using 10 line shell scripts, and show some advanced live visualizations of how the kernel and filesystems use block devices.</p> - - Richard Jones - - - nbdkit home page - Author's blog - git repo containing paper, slides, etc - Test presentation - Video recording (WebM/VP9) - Video recording (mp4) - Blog entry - Video subtitles - Submit feedback - - - - 12:00 - 00:50 - K.1.105 (La Fontaine) - zfs_caching - ELI5: ZFS Caching - Explain Like I'm 5: How the ZFS Adaptive Replacement Cache works - Storage - maintrack - - <p>An in-depth look at how caching works in ZFS, specifically the Adaptive Replacement Cache (ARC) algorithm. -Assumes no prior knowledge of ZFS or operating system internals.</p> - <p>ZFS does not use the standard buffer cache provided by the operating system, but instead uses the more advanced "Adaptive Replacement Cache" (ARC).</p> - -<ul> -<li>What is a cache</li> -<li>How most caches work (LRU)</li> -<li>Pros</li> -<li>Cons</li> -<li>What makes the ARC different?</li> -<li>Recently Used</li> -<li>Frequently Used</li> -<li>Ghost Lists</li> -<li>What makes the ARC Adaptive?</li> -<li>Access Patterns (How the ARC adjusts over time)</li> -<li>Compressed ARC</li> -<li>Advantages over compressed memory or swapcache</li> -<li>Tuning for...</li> -<li>File Server</li> -<li>iSCSI Target</li> -<li>Database</li> -<li>Hypervisor</li> -</ul> - - - Allan Jude - - - ZFS Books - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:50 - K.1.105 (La Fontaine) - security_flaws - AMENDMENT Handling Security Flaws in an Open Source Project - Jeremy Allison - - Miscellaneous - maintrack - - <p>Please note that this replaces the talk by Sage Weil which has been rescheduled to 09.00 Sunday in Room Ferrer H.2215 (Ferrer).</p> - - - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - K.1.105 (La Fontaine) - square_kilometre_array - Square Kilometre Array and its Software Defined Supercomputer - ... and a very fast parallel file system - Storage - maintrack - - <p>The next generation of research infrastructure and large scale scientific instruments will face new magnitudes of data. StackHPC have been working with Cambridge University on the Square Kilometre Array (SKA) radio telescope project (in collaboration with both CERN and Cambridge University) to build a performance prototype using OpenSource tools such as OpenStack and Kubernetes.</p> - <p>One of the biggest challenges is building storage fast enough to deal with the expected 4Tb/s Read and 0.5 Tb/s Write, yet flexible enough to deal with the expected variety of workloads being run on the system. This has involved much collaboration with CERN given the shared challenges posed by the High-Luminosity LHC upgrade.</p> - -<p>The second aspect is making a system that keep up with the ever changing nature of the workloads running on the system. Key ideas from this project are being deployed in production on Cambridge University's Cumulus supercomputer (#87 in the Nov18 top500 https://www.top500.org/system/179577). We explore how this move away from a single Slurm cluster is helping meet a broader range of research computing needs.</p> - - John Garbutt - - - https://rse-cambridge.github.io/data-acc/ - https://github.com/openstack/kayobe - https://www.iris.ac.uk - OpenStack presentation joint with CERN and SKA - https://www.skatelescope.org - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - K.1.105 (La Fontaine) - postgresql11 - PostgreSQL Goes to 11! - - Databases - maintrack - - <p>The latest and greatest version of PostgreSQL is PostgreSQL 11.</p> - <p>This talk will start off with some history of the community and a description of the development process including some metrics trends. It will then cover a high level overview of the features which will be part of PostgreSQL 11, and prognosticate a bit about the future of PostgreSQL.</p> - -<p>Community -* History -* Development Process -PostgreSQL 11 -* Patches committed -12 and Beyond -* Actively worked items -* Under active discussion</p> - - Joe Conway - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - K.1.105 (La Fontaine) - hugepages_databases - Hugepages and databases - working with abundant memory in modern servers - Databases - maintrack - - <p>The introduction of the 64-bit version of the x86 architecture allowed servers to operate with much larger amounts of memory and the use of memory pages of different sizes. This talk will explore the Linux kernel implementation of HugePages in view of two of the most popular open source RDBMS, MySQL and PostgreSQL. We will be looking at how HugePages works, what is necessary to configure to make use of it, and whether it is really worth and under which circumstances.</p> - <p>The turn of the century saw the introduction of the 64-bit version of the popular x86 instruction set. The flagship feature of this new architecture specification was the use of a larger physical (and virtual) address space, increasing the practical memory limit of 4GB (or 64GB when in PAE mode) found in 32-bit x86 processors to values expressed in the order of Terabytes. Beyond the obvious advantage of operating with more memory, a bigger address space allowed programs to store larger amounts of data in memory: in many cases it made possible the mapping of entire files (instead of only fragments of it) in the respective process' address space.</p> - -<p>Another important factor to consider in this context is the translation of virtual memory (divided in "pages") into physical memory. This direct mapping is maintained in a data structure called "page table". However, each lookup made there is an expensive operation, thus the Memory Management Unit (MMU) employs a caching mechanism named Translation Lookaside Buffer (TLB) for faster lookups. Whenever a translation from virtual memory to physical memory is necessary the TLB is verified first. If the target entry is found to be there the physical address is promptly returned, otherwise a TLB miss is computed and a more costly lookup in the page table is made. But as any other cache, it can only fit a limited number of entries. Making optimal usage of this space is important: the bigger the page size is the most of the memory area will be mapped by the TLB. Applications that perform a lot of memory accesses may obtain performance improvements by using large pages due to reduced TLB misses (https://dev.mysql.com/doc/refman/8.0/en/large-page-support.html).</p> - -<p>A class of software that potentially benefits from operating with huge pages is that of database systems with their particular caching mechanisms. The PostgreSQL manual (https://www.postgresql.org/docs/9.6/static/kernel-resources.html) states that "using huge pages reduces overhead when using large contiguous chunks of memory, as PostgreSQL does, particularly when using large values of shared_buffers".</p> - -<p>While MySQL and PostgreSQL do have support for huge pages MongoDB doesn't. Applications running in userland that do not natively support huge pages may indirectly make use of them through a kernel feature named Transparent HugePages (THP). But does it works the same ?</p> - -<p>Furthermore, the enabling and use of huge pages is not made through a simple configuration flag that may be turned on or off: one needs to specify the number of huge pages needed in advance as well as the preferable page size. How should a database administrator makes this choice, and based in which factors ? Is there any tweaks necessary in the database side in order to benefit from huge pages ? What are the possible drawbacks in its use ? In this presentation we'll have a look at how this applies to MySQL and PostgreSQL.</p> - - Fernando Laudares - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:50 - K.1.105 (La Fontaine) - postgresql_fsync - PostgreSQL vs. fsync - How is it possible that PostgreSQL used fsync incorrectly for 20 years, and what we'll do about it. - Databases - maintrack - - <p>About a year ago the PostgreSQL community discovered that fsync (on Linux and some BSD systems) may not work the way we always thought it is, with possibly disastrous consequences for data durability/consistency (which is something the PostgreSQL community really values).</p> - <p>I'll walk you through fsync basics, explain how we always thought/assumed it works and how it actually behaves. I'll also discuss where the misunderstanding likely comes from - which is a mix of cultural and technical reasons rooted in the past. We'll see how this issue impacts current PostgreSQL deployments, what you can (and can't) do about it, and finally outline some plans for addressing it properly in the future.</p> - - Tomas Vondra - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:50 - K.1.105 (La Fontaine) - raft_in_scylla - Raft in Scylla - Consensus in an eventually consistent database - Databases - maintrack - - <p>This talk will cover the characteristics and requirements of Scylla's Raft implementation, how it enables strongly consistent updates, and how it improves the reliability and safety of internal processes, such as schema changes, node membership, and range movements.</p> - <p>Eventually consistent databases choose to remain available under failure, allowing for conflicting data to be stored in different replicas (later repaired by background processes). Weakening the consistency guarantees improves not only availability, but also performance, as the number of replicas involved in a given operation can be minimized. There are, however, use-cases that require the opposite trade-off. Indeed, Apache Cassandra and Scylla provide Lightweight Transactions (LWT), which allow single-key linearizable updates. The mechanism underlying LWT is asynchronous consensus in the form of the Raft algorithm. In this talk, we'll describe the characteristics and requirements of Scylla's consensus implementation, and how it enables strongly consistent updates. We will also cover how consensus can be applied to other aspects of the system, such as schema changes, node membership, and range movements, in order to improve their reliability and safety. We will thus show that an eventually consistent database can leverage consensus without compromising either availability or performance.</p> - - Duarte Nunes - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 12:00 - 00:15 - H.2215 (Ferrer) - decentralizing_web_freedombox - Creating a Computing Revolution: from Personal Computers to Personal Servers - - Lightning Talks - lightningtalk - - <p>The rise of cloud computing in the 2010’s accelerated a process that had been going on since the dot-com boom: the centralization of the internet. In February 2010, Eben Moglen predicted the wide-scale data-mining brought about by the centralization of our network infrastructure and launched the FreedomBox project. In the eight years since, FreedomBox has become a device that can decentralize the web one box at a time. Join this session to learn about FreedomBox’s approach to decentralization and the importance of three elements of its design: hardware neutrality, software freedom, and user interface.</p> - <p>In this 15-minute session, I will lecture for the full 15 minutes. I will discuss the FreedomBox project, the role of hardware neutrality in the FreedomBox project, and the role of user interface in the FreedomBox project.</p> - -<p>FreedomBox is an immensely flexible and secure private server system that builds freedom into the internet by empowering regular people to host their own internet services, like encrypted messengers, a VoIP server, websites, VPN, a metasearch engine, and much more. To that end, it couples a free software system with always-on, inexpensive, and power-efficient hardware about the size of a pocket dictionary. The hardware is a single-board computer that costs about 60 USD and offers the computing power of a smart phone in a case about the size of a deck of cards. The software is a 100% free and open source system available for download at no cost preloaded with many useful apps and tools designed to protect your freedom, privacy, and user rights. These private servers are designed to create and protect freedom on the internet using a bundle of software packed inside one small, inexpensive box: a FreedomBox.</p> - - Danny Haidar - - - FreedomBox Software - FreedomBox Foundation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:20 - 00:15 - H.2215 (Ferrer) - cogito_identity - Cogito - Privacy starts with Identity - Lightning Talks - lightningtalk - - <p>We present Cogito, a mobile app that helps you remain in control of your -identity. It supports a friendly way to identify yourself to websites, perform -blockchain transactions and encryption. But most importantly, it guarantees that -your identity is really owned by you. We believe this to be a good starting -point for true privacy online.</p> - <p>Identity may seem like a boring topic. Haven't we solved the problem of how to -identify ourselves to websites a hundred different ways? Isn't this a solved -problem?</p> - -<p>We argue that in order to guarantee true privacy it is essential to introduce -new ways to identify ourselves.</p> - -<p>We present Cogito, a mobile app that helps you remain in control of your -identity. Use it to create multiple facets of your identity to separate for -instance your working life from your personal life.</p> - -<p>Traditionally, identities are bestowed on you by others. Your passport is issued -to you by your government. Your bank account is given to you by a bank. Website -credentials are given to you by the owner of the website.</p> - -<p>These identities are ultimately not under your control. You get them on loan -from the institutes that issue them, and they are free to retract them as they -deem necessary. This is no basis for true control over your data. This is no -basis for privacy.</p> - -<p>With Cogito we've taken a cue from blockchains and PGP and use cryptographic -identities. This involves generating a public-private key pair in which the -public part is used as your identity (similar to a passport number or bank -account number). The private key you keep to yourself because you can use it to -prove that you are the owner of the identity.</p> - -<p>These self-sovereign identities are created and maintained by their owners. They -can not be taken away from them and are therefore completely under their -control. We believe that this is a prerequisite for true privacy.</p> - -<p>With Cogito we aim to make these self-sovereign identities very easy to use. -Using a Cogito identity on a website is therefore as simple as scanning a QR -code. Signing a blockchain transaction or decrypting data is as simple as -pressing the 'accept' button.</p> - -<p>In our FOSDEM session, we will demonstrate not only how Cogito works, but also -what developers can do with Cogito. We will discuss the architecture, show the -demo app and the tutorial. We invite those who are interested to help develop -Cogito further.</p> - - Mark Spanbroek - Marcin Czenko - Stefan van den Oord - - - Cogito website - A previous presentation on Cogito - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:40 - 00:15 - H.2215 (Ferrer) - emitter_pubsub - Emitter: Scalable, fast and secure pub/sub in Go - - Lightning Talks - lightningtalk - - <p>Emitter: scalable and real-time networking for IoT, web apps and gaming. Open source or cloud based.</p> - <p>Emitter.io is a real-time messaging service for connecting online devices. It is a scalable, fast and secure pub/sub in Go.</p> - -<p>Emitter.io is a real-time messaging service for connecting online devices. - scalable: Built to handle millions of messages per second and to scale horizontally. - Fast: Designed to ensure reliable, speed-of-light message delivery and high throughput. - Secure: Supports TLS encryption, binary messages, expirable channel keys and permissions. - Open source: Source code is available on GitHub and packaged as a docker container. - Persistent: Messages can be stored for a period of time and sent to subscribers on demand. - No more limits: Uses standard MQTT protocol, supports message filtering.</p> - - Florimond Husquinet - - - Emitter's official website - Emitter on Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:15 - H.2215 (Ferrer) - leela_chess - Leela Chess Zero - Learning chess from scratch - Lightning Talks - lightningtalk - - <p>This talk presents an overview of the open source project "Leela Chess Zero" (Lc0), a new type of chess engine based on the AlphaZero paper released by DeepMind. Lc0 learns to play chess solely by playing against itself without any human knowledge or intervention. Starting from scratch with random moves, its play improves each iteration using a powerful combination of reinforcement learning and neural networks. We rely both on an active open community for the code and computing resources as many petaflops are required to train a solid neural network. Currently the engine is among the four best in the world.</p> - - - Folkert Huizinga - - - main website - source repos - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:20 - 00:15 - H.2215 (Ferrer) - malt_malloc - MALT, A Malloc Tracker - - Lightning Talks - lightningtalk - - <p>In HPC the memory available is still growing a lot with now soon TB of memory on one server. This is means more stress for the allocator and to underlying OS. This lead to more performance issue and mistakes on memory amangement handling in large applications.</p> - -<p>Memory missusage is also an issue for more common application like desktop applications with large code base.</p> - -<p>MALT is a memory profiling tool dedicated to memory management to provide temporal charts, global metrics and source code annotations. It comes with a nice web graphical interface to dig into the profile.</p> - <p>I made my PhD. developing a memory allocator for HPC application on large scale supercomputers. During this period I observed a lot of unperformant patterns and issues on existing HPC app. Mostly on a multi-million line simulation and worked a lot to support this in my memory allocator to improve things.</p> - -<p>During my postdoc at the Exascale Computing Research Lab, I focused on implementing a memory profiler trying to show the user what the app is doing with the allocator and trying to provide ways to observe the common issues an mistakes in large scale apps.</p> - -<p>It also uses an uncommon approach for such tools in HPC as it provides a web-based interface using tools like D3JS/Bootstrap/Angular and exposed by a small nodejs webserver. It permits to fix a big issue in HPC when running remotely as the GUI of the profiler needs to be X-forwared which make it slow, badly themed. Or to run locally without having our source code at the same place. The web server permit to easily ssh-port-forward the interface and eventually to work at many people remotely looking at the same profile. This also provides quickly a nicer rendering with less development overhead.</p> - -<p>I used it a lot on my own development at CERN for a code scaling on 500 nodes and also shortly made a try on a large scale ~1.5 million line C++ application used by physicists there to check it didn't crash at this challenging scale. The tool currently limits himself to process analysis which means for an MPI app it dumps a profile file for each rank. But this is what is meaningful for memory management as a first step.</p> - - Sébastien Valat - - - Website - Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:15 - H.2215 (Ferrer) - structured_concurrency - Structured Concurrency - Finding our way out of callback hell - Lightning Talks - lightningtalk - - <p>We've got rid of GOTO and the spaghetti code it leads to in 1970's. However, we are encoutering very much the same problems when writing concurrent code even now, 50 years later. Programmers are still stuck deep in the callback hell or state machine hell. Concurrent code still looks like spaghetti. And while Go language provided a tool to write unspaghettified concurrent code to the masses, by no way are all the pieces of the puzzle in place.</p> - -<p>This talk focuses on what's missing. It explains where the current mainstream paradigms break the vital principles of encapsulation, separation of concerns and correspondence between layout of the code and the execution flow.</p> - -<p>It introduces a bunch of current approaches covered by the umbrella term of "structured concurrency" that attempt to solve these problems.</p> - -<p>The talk may be interesting to anyone who has to deal with concurrency, irrespective of the language they are using.</p> - <p>Besides looking at the problems at hand, the talk will show examples of structured concurrency in Python (Trio) and C (libdill).</p> - - Martin Sustrik - - - Notes on structured concurrency, or: Go statement considered harmful - Strcutured concurrency - “Concurrency made easy”: coming soon to a programming language near you - Exceptions vs Structured Concurrency - Timeouts and cancellation for humans - Coroutine Cancellation and Structured Concurrency - libdill (C) - Trio (Python) - Structured Concurrency (Kotlin) - Venice (Swift) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:15 - H.2215 (Ferrer) - vboard_3d_vr - VBoard, making web dashboards in 3D and VR - - Lightning Talks - lightningtalk - - <p>There are plenty of tools that can analyze data in many ways, but just a few of them try to visualize this data in new ways. This is the aim of VBoard, a 100% open source web application that allows building visualizations and dashboards in 3D and VR using A-Frame as its core render library. The data is retrieved in real time using a ElasticSearch, and VBoard saves its objects (visualizations, dashboards) in it.</p> - -<p>In this talk I will show the functionality of VBoard, starting with a general overview, its installation steps and a simple step by step user guide. All of this in order to build a 3D and VR dashboard from scratch. To finish, I will show examples of what kind of visualization/dashboard you can build with VBoard using data retrieved with GrimoreLab related to open source projects (e.g., commits, usernames, repositories, etc.).</p> - <p>The goal of VBoard is to have a complex data visualization system in a 3D and VR environment. It started as my master's thesis and finally became a web application that uses A-Frame as the visualization render engine and ElasticSearch as a database and search engine. Specifically, VBoard rests on A-FrameDC to show these data visualizations, A-FrameDC is a JavaScript library to create different kind of data visualizations based on A-Frame. A-FrameDC extends A-Frame, encapsulating it in another library so that the construction of 3D elements is focused on data visualization graphics and it allows the creation and interaction with them in a simple way. This library allows the creation of different kinds of charts, from the simplest 2D charts like pies to 3D charts like bubbles. VBoard takes advantage of A-FrameDC using it in a web interface, making the visualization building process easy and scalable, permitting also the persistence of the objects (visualization and dashboards) saving it in the same ElasticSearch that it does the queries.</p> - -<p>The talk will show how to create visualization and dashboards with VBoard. I will start by explaining how to install it in a few steps. I will show how to import open source project data (e.g., commits, usernames, repositories, organizations, etc.) to ElasticSearch using GrimoireLab in order to build the visualization with it. Then, I will build visualizations from scratch, showing its features and usability. You will see how simple it is to create a 3D and VR dashboard that relates useful data like the relation of users with repositories, organizations, etc.</p> - - David Moreno - - - Master thesis - GrimoireLab - VBoard main page - VBoard repo - VBoard user guide - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:15 - H.2215 (Ferrer) - microcontrollers_python - MicroPython – Python for Microcontrollers - How high-level scripting languages make your hardware project beautifuly easy - Lightning Talks - lightningtalk - - <p>MicroPython is an implementation of Python designed to run on microcontrollers and embedded systems. These devices don’t have many resources (CPU, RAM) and so it’s important to write efficient scripts. -This talk shows how to make the most of your resources in MicroPython, and has some fun demos!</p> - <p>MicroPython is a reimplementation of Python which is specifically designed to run on computing devices that have very few resources, such as CPU power, RAM and storage. -Often when you write scripts in MicroPython you want to make the most of your available resources, and have code run as fast as possible (faster code usually saves power, which is important when running from a battery!) and there are certain ways of writing MicroPython code that are more efficient than others. In this talk I will go over the tricks and techniques for writing fast and efficient Python code in MicroPython. -The talk will also include some hardware demos to show off these techniques.</p> - - Christine Spindler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:15 - H.2215 (Ferrer) - cross_community_collaboration - A brief story about friendship - What we learned from cross-community collaboration - Lightning Talks - lightningtalk - - <p>CMS Garden is a not-for-profit association run by currently 12 open source content management systems. This talk will show you what is possible when you work together instead of competing each other.</p> - <p>The story about CMS Garden is a story about trust and friendship. Before CMS garden we (as people from different cms communities) thought we were competitors. There was no real comparability between the cms and the most often heard argument was: don't take that $CMS. Take mine (because it's the best). After the first joint event (CeBIT 2013) we knew it's not true. There is no best CMS in the world. There are only good tools for the needs of a project. Sometimes my CMS. In other projects yours CMS.</p> - -<p>That event changed everything. Later in 2013 we founded a not-for-profit association and our journey began.</p> - -<p>This Lightning Talk wants to share some of the magic moments and try to invite other open source communities to join the garden and adopt the idea of collaboration.</p> - - Stephan Luckow - - - official CMS Garden Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:15 - H.2215 (Ferrer) - fossasia - My 10 year journey with FOSSASIA: A woman's pathway to open source - - Lightning Talks - lightningtalk - - <p>I grew up in the Mekong Delta, South of Vietnam. I first learned about free software at a FOSS event in Hanoi in 2007. I started to engage with the local Linux User Group in Singapore during my study time. Later on, I co-founded FOSSASIA - a community devoted to improving people’s lives through sharing Open Technologies and knowledge. I especially wanted to connect people together and to encourage developers from the region to participate in the Free and Open Source Software movement. Since then, FOSSASIA has become one of the largest open source communities in Asia.</p> - -<p>During this session, I will speak about challenges and lessons learned in the last 10 years of building FOSS community in Asia.</p> - - - Hong Phuc Dang - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:20 - 00:15 - H.2215 (Ferrer) - autocrypt_email - Autocrypt - Automating E-Mail Encryption - What E-Mail can learn from the success of end-to-end encrypted messengers - Lightning Talks - lightningtalk - - <p>A short talk about Autocrypt, a standard for decentralized and automated public-key management for e-mail encryption, built on OpenPGP.</p> - <p>Autocrypt is a set of guidelines for developers to achieve convenient end-to-end-encryption of e-mails. It specifies how e-mail programs negotiate encryption capabilities using regular e-mails. For users, Autocrypt Level 1 offers single-click, opt-in encryption, eases encrypted group communications, and provides a way to setup encryption on multiple devices. It builds on the OpenPGP standard for compatibility, but tries to automate key management for the user as much as possible, without relying on provider support or centralized infrastructure. It is supported in Enigmail as well as K-9 Mail, among others. In a short talk, we'll go over our technical as well as our cultural approach.</p> - -<p>https://autocrypt.org/</p> - - Vincent Breitmoser - - - Autocrypt Homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:15 - H.2215 (Ferrer) - email_standards - IMAP, JMAP and the future of open email standards - a look at what's new in the IMAP world and the upcoming JMAP standard - Lightning Talks - lightningtalk - - <p>In the past couple of years there's been renewed enthusiasm for improving the open source email client standards, with multiple new IMAP standards becoming RFCs, and a revision of the base IMAP standards currently in evaluation.</p> - <p>As the working group co-chair of both the JMAP (new email standard) and EXTRA (updating existing standards) working groups at IETF, I've been following email standards closely. I'll talk about what's happening in both working groups, how to find the specifications, and some cool new things you can do as an email client (or server) author.</p> - - Bron Gondwana - - - JMAP working group - EXTRA working group - JMAP protocol website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:15 - H.2215 (Ferrer) - eventyay_event_system - Eventyay! An event system for community organizers - - Lightning Talks - lightningtalk - - <p>Eventyay is built based on the experiences and lesson learned from organizers of FOSSASIA Summit after a several years searching for suitable solution.</p> - -<p>This is a update on the current development of eventyay, the tech stack and feature set.</p> - -<p>(Please note that it was originally advertised that Hong Phuc Dang would be giving this talk.)</p> - - - Mario Behling - - - Eventyay - Open Event Server Repository - Open Event Frontend Repository - Open Event Android Attendee App - Open Event Android Organizer App - Open Event Website Generator - Twitter of Eventyay - FOSSASIA Twitter - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:20 - 00:15 - H.2215 (Ferrer) - open_hardware - Open Software deserves Open Hardware - How Europe is taking the lead in Open Hardware - Lightning Talks - lightningtalk - - <p>This proposed talk would focus on how Europe is taking the lead deploying and supporting Open Hardware technologies. Large enterprises are looking for best practices gleamed from hyper-scale companies like Facebook, Microsoft and Google who run highly efficient private and public clouds. The sharing of open hardware and data centre designs is a core strategy for these companies and the basis for the Open Compute Project (OCP).</p> - <p>The Open Compute Project (OCP) was started by Facebook in 2011 with the idea of delivering the most efficient designs for scalable computing through an open source hardware community. We believe that openly sharing ideas, specifications, and other intellectual property is the key to maximizing innovation and reducing complexity in technology components.</p> - -<p>In this topical discussion we would discuss the recent research that highlights how efficiency plays a role in the data centre transformation from conventional gear to OCP and open source. We would provide specific examples of how local European VAR’s and Solution Providers are capitalising on the open hardware business model and how "Open Source Software deserves Open Hardware".</p> - - Steve Helvie - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:15 - H.2215 (Ferrer) - skulls_coreboot - The Skulls project - coreboot your Laptop - The easy way - Lightning Talks - lightningtalk - - <p>Skulls makes it easy to install an unlocked, up-to-date and easy to use coreboot-based BIOS on your laptop. It should be a starter drug to more advanced systems like Heads.</p> - - - Martin Kepplinger - - - Skulls project source - Official coreboot website with Skulls in the list of Custom ROMs - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:15 - H.2215 (Ferrer) - baseboard_management - bmclib: A Baseboard Management Controller library - One library to rule them all? - Lightning Talks - lightningtalk - - <p>This talk is about a library written to help manage a fleet of bare metal servers, -it leverages existing (mostly undocumented) APIs on Baseboard Management Controllers, -and exposes a consistent API interface to,</p> - -<ul> -<li>Inventorize bare metal hardware</li> -<li>Manage BMC/BIOS configuration</li> -<li>Reliably Power cycle/PXE boot bare metal.</li> -<li>Update firmware on BMCs</li> -</ul> - - -<p>https://github.com/bmc-toolbox/bmclib</p> - <p>This talk is about bmclib, a library written to perform asset lifecycle management, -across a fleet of bare metal servers, it leverages existing (mostly undocumented) APIs on Baseboard Management Controllers, -and exposes a consistent API interface to,</p> - -<ul> -<li>Inventorize bare metal hardware</li> -<li>Manage BMC/BIOS configuration</li> -<li>Reliably Power cycle/PXE boot bare metal.</li> -<li>Update firmware on BMCs</li> -</ul> - - -<p>https://github.com/bmc-toolbox/bmclib</p> - -<p>While all of the above seems obvious functions of bare metal server hardware that should just work, -in reality they do not - when dealing with ~45k units of bare metal server hardware from various vendors, -this is a lesson we learned and hence we developed bmclib and all of the various tools that is part of the bmc-toolbox.</p> - -<p>https://github.com/bmc-toolbox</p> - -<p>We intend to talk about the current state of BMCs, the current vendor solutions to have a single API (Redfish) -and the various tools that are part of the bmc-toolbox which were possible thanks to bmclib.</p> - -<p>Another interesting project (which we intend to talk about) was to implement a service on top of bmclib to retrieve thumbnails from the BMC, -of the screen of the server and run image classification on it to infer what state a bare metal is currently in, -thanks to bmclib this was easy since we implemented a common method to grab "Screen previews" through the BMC.</p> - -<p>The bmc-toolbox is built and maintained in Booking.com.</p> - - Joel Rebello - Juliano Martinez - - - Baseboard management controller library - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:20 - 00:15 - H.2215 (Ferrer) - maemo_leste_mobile - Maemo Leste - A Debian/Devuan based mobile hacker OS - Lightning Talks - lightningtalk - - <p>Maemo Leste is community a Debian/Devuan based GNU/Linux distribution for -smartphones and tablets aimed at free software hackers. In spirit and look it is -similar to the Maemo Fremantle OS for the famous Nokia N900 phone. This talk -will present the current (alpha) state of Maemo Leste, the presently supported -devices, our development setups, the present and upcoming challenges and lay out -the future plans for software and hardware (device) support.</p> - <p>This lecture will introduce Maemo Leste, a free Debian/Devuan based GNU/Linux -hacker distribution for smartphones and tablets. We will cover the history of -Maemo and explain what drove us to work on and create Maemo Leste.</p> - -<p>We will provide a technical overview of the software stack, show off and discuss -the current status software stack, how we got there, our upcoming milestones and -the challenges that lie ahead.</p> - -<p>Additionally, we'll take some time to discuss the "hacker" aspect of Maemo -Leste. such as (only) supporting mainline Linux, future (first class) Tor and -Wireguard integration, bleeding edge open GPU drivers and the availability of -all the packages of Debian.</p> - -<p>Next to that, we will explain the development setups, build servers and -infrastructure, provide some information on how to port Maemo Leste to a new -device, dive into possible Android compatibility and hardware and driver issues -difficulties (such as mobile GPU drivers and the current open source solutions).</p> - -<p>Resources:</p> - -<ul> -<li>Website+News: https://maemo-leste.github.io/</li> -<li>Github: https://github.com/maemo-leste</li> -<li>Wiki: https://leste.maemo.org/</li> -<li>Nokia N900 status of Maemo Leste: https://leste.maemo.org/Nokia_N900</li> -<li>Motorola Droid 4 status of Maemo Leste: https://leste.maemo.org/Motorola<em>Droid</em>4</li> -<li>Lima driver (Linux 4.19 + patches) running Maemo Leste on Allwinner A33 tablets: https://www.youtube.com/watch?v=ihCVsaEMNzY</li> -</ul> - - - Merlijn B. W. Wajer - - - Maemo Leste Blog - Maemo Leste Wiki - Maemo Leste Source/Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:40 - 00:15 - H.2215 (Ferrer) - android_pi - Running Android on the Raspberry Pi - Android Pie meets Raspberry Pi - Lightning Talks - lightningtalk - - <p>You can run Android on a wide range of devices, not just phones and tablets. Building Android from scratch is fun and a great way to learn about the lower levels of the operating system. Imagine - here is a chance to create ANY Android configuration you want.</p> - <p>In this presentation, I will describe how to take a Raspberry Pi 3 and build Android completely from scratch, using source code from the AOSP (Android Open Source Project). One issue is finding an implementation of the OpenGL ES libraries and GPU drivers with the appropriate Android additions. Luckily, there is a cross-platform graphics layer called SwiftShader that we can use. Another pain point is that the Raspberry Pi doesn’t have a USB OTG port, so we can’t use adb in the normal way. No problem, we can use adb over Ethernet instead.</p> - -<p>This presentation focuses on the Raspberry Pi, but in a similar way you can port Android to many other devices. If it can run Linux, there is a good chance it can run Android.</p> - - Chris Simmonds - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:15 - H.2215 (Ferrer) - test_case_management - 10 years of open source test case management - with Kiwi TCMS - Lightning Talks - lightningtalk - - <p>In the world of professional QA there are many proprietary test management tools but very few open source ones. This lightning talk will tell the audience why and how we resurrected Kiwi TCMS and what are we doing to make it the best open source test case management system!</p> - -<p>FOSDEM marks 10 years since the first version was released and our team will celebrate at the Open Source Test Management stand, Building K, Level 2, stand 10!</p> - - - Alexander Todorov - - - Kiwi TCMS website - Open Source Test Management - Building K, Level 2, Stand 10 - Project mission and goals for 2019 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:20 - 00:15 - H.2215 (Ferrer) - cloud_security - Cloud Native Security 101 - - Lightning Talks - lightningtalk - - <p>Cloud native environments such as Kubernetes or AWS Lambda come with new challenges around security and in this talk we will review the environments and their properties, highlight common features and look at attack vectors and how to potentially reduce them.</p> - <p>Cloud native environments such as Kubernetes or AWS Lambda come with new challenges around security: short-lived entities (containers, functions), untrusted environments/public clouds, high velocity, etc.. In this talk we will review the environments and their properties, highlight common features and table stakes (e.g., mutual TLS), and look at attack vectors and how to potentially reduce them. Focus areas are: managing confidential data in untrusted environments, container (image) and runtime security, Kubernetes control plane, as well as Function-as-a-Service execution isolation and considerations.</p> - - Michael Hausenblas - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:40 - 00:15 - H.2215 (Ferrer) - userspace_network_stacks - AMENDMENT The brief case for User-space Network Stacks (DPDK and friends) - The case for DPDK, FD.io VPP, Snabb, F-Stack and friends. - Lightning Talks - lightningtalk - - <p>The Userspace networking ecosystems has really matured since DPDK (the Data Plane Development Kit) was first open sourced in March 2013. Since then, a whole ecosystem of technologies developed with it or seeking to becoming a better DPDK has emerged.</p> - -<p>Sometimes controversially data plane networking (the packet processing) which was once the sole responsibility of the Operating System Kernel is now being handled entirely in Userspace, by applications built with tools such as DPDK.</p> - -<p>This talks discusses:-</p> - -<ol> -<li>Why the phenomenon exists? Where did it come from? Why are people eager to re-invent the wheel?</li> -<li>A (very) brief survey of user space data plane networking projects.</li> -<li>The case for better inter-operability, need the Kernel and Userspace data plane really be two separate Islands?</li> -<li>How to collaborate to achieve a better future?</li> -</ol> - - -<p>Please note that this talk was originally scheduled to be given on Sunday at 14:00. The talk originally in this slot, Theo: The Authorized Keys Manager by Michele Azzolari will now take place on Sunday at 14:00.</p> - - - Ray Kinsella - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:10 - H.1301 (Cornil) - mysql_mariadb_welcome - Welcome to the MySQL, MariaDB & Friends Devroom - opening the Community Day - MySQL, MariaDB and Friends - devroom - - <p>Opening the MySQL, MariaDB &amp; Friends Devroom !</p> - - - Frédéric Descamps - Ian Gilfillan - - - Submit feedback - - - - 10:40 - 00:20 - H.1301 (Cornil) - patterns_anti_patterns - Patterns and anti-patterns in OSS participation - Lessons from MySQL AB, the MariaDB Foundation, and others - MySQL, MariaDB and Friends - devroom - - <p><strong>"Don't expect patches to the core. It's just too complex for external developers."</strong> Nearly twenty years ago, that was the broadly-held opinion at MySQL AB. Now, with MariaDB, there are 174 contributors to the server alone and Monty isn't the top contributor by commits or even LoC. Clearly, some things have changed, but what are they and how much impact have they had? In this fast-paced session Zak Greant, MySQL's first community advocate, will walk through some of the critical changes over the years and share some of the best (and worst) practices.</p> - <p>In the early days of MySQL, we had the idea that people didn't contribute to the core because the code base was too difficult to get into. Perhaps this was correct at the time, perhaps not. Nearly twenty years later, the MariaDB project sees contributions from a wide range of contributors and to many different parts of the project - including the MariaDB server. Clearly, many things have changed in this time. In this session, I'll present some of the key macro and micro changes, and present conclusions about how they have come about.</p> - -<p>For instance, if the server was the most difficult part of the MySQL/MariaDB code to contribute to, why are there so many more contributors and contributions now? Potential causes could include:</p> - -<ul> -<li>the widespread adoption of MySQL and MariaDB</li> -<li>the popularity and maturity of the projects</li> -<li>the change in corporate control</li> -<li>maturation of the broad Free Software/Open Source community</li> -<li>improvements in collaborative development infrastructure</li> -<li>better community management practices</li> -<li>more senior project members or senior project members having more time to mentor contributors</li> -<li>better incentives for contribution</li> -<li>better contribution management processes</li> -<li>the long time span has let people learn the code base better (as many contributors were or are MySQL/Oracle/MariaDB Corp. staff)</li> -</ul> - - -<p>I'll support the talk with a written report and I'll share my research, including:</p> - -<ul> -<li>analysis of commits and contributors over time</li> -<li>maps of contributors journeys over time (eg. what did one have to do to get a patch into MySQL in ca. 2000 vs. MariaDB in 2018)</li> -<li>a timeline of changes to key policies, contribution infrastructure, corporate involvement, etc.</li> -</ul> - - - Zak Greant - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:10 - 00:20 - H.1301 (Cornil) - mysql_replication_faster - Making Your MySQL Replication Setup Run Faster! - - MySQL, MariaDB and Friends - devroom - - <p>Designing and operating high-performance, efficient, manageable and - reliable MySQL replication deployments requires knowledge of the - intricacies of the underlying technologies. MySQL Replication is no - exception to this rule, even if it is becoming simpler to manage and - operate by every release.</p> - -<p> This session will provide insights on the main areas that affect the - performance of Asynchronous Replication and Group Replication, and how - to configure them to make the most out of the underlying computing - system. We will also demonstrate the practical improvements that can - be seen by going through various benchmarks. You will then understand - when and how it would apply to your usage, allowing you to provide - a better MySQL database service. Join us for an interesting dive into - the always exciting world of MySQL Replication performance.</p> - - - Vitor Oliveira - - - Blog posts on MySQL High-Availability - Submit feedback - - - - 11:40 - 00:20 - H.1301 (Cornil) - unplitmysql - AMENDMENT Un-split brain (aka Move Back in Time) MySQL - - MySQL, MariaDB and Friends - devroom - - <p>Un-split brain (aka Move Back in Time) MySQL. -This brings to light some of our recent work on disaster mitigation at @github.</p> - -<p>Please note that this talk replace Jean-François Gagné's talk entitled "The consequences of sync_binlog != 1" as he wasn't able to join us in Brussels.</p> - - - Shlomi Noach - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:10 - 00:20 - H.1301 (Cornil) - mysql_replication_advance - MySQL Replication - Advanced Features - - MySQL, MariaDB and Friends - devroom - - <p>MySQL Replication is powerful and has added a lot of advanced features through the years. In this presentation we will look into replication technology in MySQL 8 and variants focusing on advanced features, what do they mean, when to use them and when not, Including</p> - -<p>When should you use STATEMENT, ROW or MIXED binary log format ?</p> - -<p>What is GTID in MySQL and MariaDB and why do you want to use them ?</p> - -<p>What is semi-sync replication and how is it different from lossless semi-sync ?</p> - -<p>What are the different parallel replication options and when do they excell ?</p> - -<p>Why delaying transaction commits can improve your application performance ?</p> - -<p>How is MySQL Group Replication is different from standard replication and Galera ?</p> - -<p>This presentation is for audience well familiar with MySQL Replication and looking to expand their knowledge in deeper replication topics.</p> - - - Peter Zaitsev - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:40 - 00:20 - H.1301 (Cornil) - tapping_binlogs - Tapping Into the Binary Log Change Stream - - MySQL, MariaDB and Friends - devroom - - <p>Row-based binary log is mostly used as a logical replication log for -MySQL. However, ever since row-based replication was introduced, it -has also been widely used as an integration point between a MySQL -server and other components in an IT infrastructure. It is often used -as a capture-data-changes stream, as a source of data for -extract-transform-load operations or even as an event notification -trigger (e.g., propagating transaction information to proxy layers).</p> - -<p>Commonly deployed setups revolve around collecting/subscribing to data -changes and propagating these to downstream consumers through a -message bus, like Kafka for instance.</p> - -<p>This session will present such use cases, highlighting the additional -metadata added to the binary log in the latest releases, explain how -to efficiently make the most out of these and how to optimize the -implementation of a change capture procedure. We will also showcase -a couple of example plugins that tap into the server's binary log -stream and export it even before it reaches the binary log files.</p> - - - Luis Soares - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:20 - H.1301 (Cornil) - multiplexing_proxysql - The art of multiplexing MySQL connections with ProxySQL - - MySQL, MariaDB and Friends - devroom - - <p>Handling tens of thousands of database connections poses seriously performance issues on any database system because resources are poorly utilized. -ProxySQL, a MySQL protocol aware, reverse proxy for database servers using the MySQL protocol, is able to track connections statuses and utilize very few connections to MySQL server to serve traffic from thousands of client connections. -This session will focus on explaining implementation details and how this algorithm is able to boost performance.</p> - - - René Cannaò - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:20 - H.1301 (Cornil) - improve_sql - Improve your SQL - Common Table Expressions (CTE) and Window Functions - MySQL, MariaDB and Friends - devroom - - <p>What are Common Table Expressions (CTEs) and Window Functions? Why do you need them? How to use them?</p> - <p>Correlated subselects are a pain, but your software needs them? You still could need recursive queries? You want an easy way for finding lagging or leading rows? The keywords are Common Table Expressions (CTE) and Window Functions. Finally, both, MariaDB and MySQL support them. After explaining functionality and use cases, the talk also will show the ease of use.</p> - - Susanne Holzgraefe - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:10 - 00:20 - H.1301 (Cornil) - lateral_mysql - LATERAL derived table in MySQL - - MySQL, MariaDB and Friends - devroom - - <p>MySQL 8.0 supports SQL feature T491 LATERAL derived table, also called the "for each" loop of SQL. What is it? How does it work? How can you use it? What is it good for? Learn all about it in this talk!</p> - - - Norvald H. Ryeng - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:20 - H.1301 (Cornil) - dbdeployer - Test complex database systems in a laptop with dbdeployer - The friendly tool that makes DBA and developers life easy - MySQL, MariaDB and Friends - devroom - - <p>Meet dbdeployer, a tool that helps developers and DBA to deploy and test simple and complex database systems from the oldest versions to the latest ones.</p> - <p>dbdeployer is a tool that helps developers and DBAs to quickly deploy a single MySQL server of any version, without affecting existing servers in the same host. It can also deploy, in a single machine, a test system for replication in several topologies (master/slave, single or multi primary group replication, multi-source replication). -The tool creates sandboxes that are equipped with customised scripts that allow users to manipulate and test all the deployed databases. -This talk will show the main scenarios where dbdeployer is useful, with examples of usage and tips for a quick start.</p> - - Giuseppe Maxia - - - dbdeployer - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:05 - H.1302 (Depage) - java_welcome_2019 - Welcome - - Free Java - devroom - - <p>Welcome to the Free Java DevRoom</p> - - - Mario Torre - - - Submit feedback - - - - 10:35 - 00:40 - H.1302 (Depage) - state_openjdk - State of OpenJDK - - Free Java - devroom - - <p>A review of the past year in the life of the OpenJDK Community, and a look at what's ahead.</p> - - - Mark Reinhold - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:25 - H.1302 (Depage) - java_jungle - Rumble in the Java Jungle - - Free Java - devroom - - <p>Rumble in the Java Jungle</p> - <p>OracleJDK, OpenJDK, AdoptOpenJDK, OpenJ9, Zulu, IcedTea, Liberica, -SapMachine, GraalVM, SubstrateVM. 8, 9, 10, 11, 12, 18.3, 18.9, -short-term, mid-term, long-term support release, security updates. -GPLv2, Classpath Exception, Oracle Binary Code License, Technology -Network License Agreement. Field of use restriction, private and -commercial use, reference implementation, substantially derived, -TCK/JCK, Oracle Contribution Agreement, OpenJDK Community TCK License -Agreement (OCTLA), Java Community Process (JCP), Java Specification -Request (JSR), Java Enhancement Proposal (JEP), Preview Features, -Incubator Modules, Java (TM), Java SE compatibility, OpenJDK trademark -notice.</p> - -<p>Confused? Come and hear from Java and OpenJDK veteran Volker Simonis -how the Java world has been radically turned inside out in the last -year and how this impacts you as a Java user or developer. After the -talk you'll have a clear understanding what's going on in the Java -ecosystem and you'll be ready to plan your or your companies future -Java strategy.</p> - - Volker Simonis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:50 - 00:25 - H.1302 (Depage) - loom_weaving_executions - Loom: Weaving executions - - Free Java - devroom - - <p>Project Loom’s mission is to make it easier to write, debug, profile and maintain concurrent applications under heavy load. Threads are a natural and convenient concurrency construct which is being supplanted by less convenient abstractions because their implementation as OS kernel threads is insufficient for meeting performance demands and wasteful in computing resources. Project Loom will introduce fibers as lightweight, efficient threads managed by the Java Virtual Machine, that let developers use the same simple abstraction but with significantly better performance and lower footprint. Fibers are implemented in the JDK libraries on top of scoped, stackful delimited continuations in the JVM. This session will present the current status and challenges of the project -- both of implementation and design -- one year in.</p> - - - Ron Pressler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:20 - 00:25 - H.1302 (Depage) - checkpoint_restore - Java Checkpoint/Restore - - Free Java - devroom - - <p>Java has evolved significantly in the past 20+ years. Users still -want to run highly scalable monolithic applications, but now they also -want to run in the cloud with fast startup and small footprint. -Checkpointing will solve at least half of that problem. I'll show you -how to checkpoint your java application and then restore it on a -different machine, or several different machines. An application that -might take minutes to warm up, can be warmed up, garbage collected, -etc and then checkpointed. Users can restore Java processes in ms. -I'll give an overview of CRIU (Checkpoint Restore In Userspace) a -Linux utility that Java checkpointing is based on, present the -proposed Java API, and then demo some interesting use cases.</p> - - - Christine H Flood - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:50 - 00:25 - H.1302 (Depage) - java_docker - Java with Docker: How to Make it Work - - Free Java - devroom - - <p>Ever tried developing Java applications in containers?</p> - -<p>Of course not. You're a sensible person.</p> - -<p>From a small footprint to a super-fast spin-up time, the reality of containers is a far cry from the reality of an OpenJDK binary execution.</p> - -<p>So how do we bring these two disparate visions closer together?</p> - -<p>Simple! We jlink the required JDK modules to generate a smaller footprint, then leverage alternate JVMs for performant startup!</p> - -<p>I promise, the reality is simpler than that sentence. :)</p> - -<p>Drop by and see what I mean.</p> - - - Adam Farley - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:20 - 00:25 - H.1302 (Depage) - performance_graal - Performance tuning Twitter services with Graal and Machine Learning - - Free Java - devroom - - <p>Running Twitter services on Graal has been very successful and saved Twitter a lot of money on datacenter cost. But we would like to run more efficient to reduce cost even more. I mean, who doesn’t? In order to do this we are using our Machine Learning framework called Autotune to tune Graal inlining parameters. This talk will show how much performance improvement we got by autotuning Graal.</p> - - - Christian Thalinger - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:50 - 00:25 - H.1302 (Depage) - securing_jvm - Securing the JVM, neither for fun nor for profit, but do you really have a choice? - - Free Java - devroom - - <p>Consider a Java application in a private banking system. A new network -administrator is hired, and while going around, he notices that the app is -making network calls to an unknown external endpoint. After some -investigation, it’s found that this app has been sending for years -confidential data to a competitor (or a state, or hackers, whatever). This -is awkward. Especially since it could have been avoided.</p> - -<p>Code reviews are good to improve the hardening of an application, but what -if the malicious code was planted purposely? Some code buried in a commit -could extract code from binary content, compile it on the fly, and then -execute the code in the same JVM run… By default, the JVM is not secured! -Securing the JVM for a non-trivial application is complex and -time-consuming but the risks of not securing it could be disastrous. In -this talk, I’ll show some of the things you could do in an unsecured JVM. -I’ll also explain the basics of securing it, and finally demo a working -process on how to do it.</p> - - - Nicolas Frankel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:25 - H.1302 (Depage) - deep_learning_openjdk - Learning about Deep Learning: Applications for OpenJDK/Java Verification - - Free Java - devroom - - <p>In this talk, we identify some well-known software verification problems, -using real-world examples from open-source projects and see how we might -apply some deep learning principles to address them. In the various points -where we may test the Java runtime, we find candidates for deep learning. What -is required? We need a problem to solve, a model that describes it, and a -large amount of data to feed the neural network.</p> - - - Shelley Lambert - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:50 - 00:25 - H.1302 (Depage) - imc - An introduction to Middleware Application Monitoring with Java Mission Control and Flight Recorder - - Free Java - devroom - - <p>Recently open sourced, JDK Mission Control is the industry standard tool for Java performance analysis in production environments. This presentation will introduce the tool and explain how to use it to solve various production time problems with very little overhead.</p> - -<p>We will also discuss how application developers can extend their applications to take advantage of the event recording capabilities of the JDK Flight Recorder, now included in OpenJDK 11, and how to create custom tools based on the extensive Mission Control API to analyse specific issues beyond what is offered by default by the Eclipse based tool.</p> - -<p>At the end a demo will be shown using the JDK Flight Recorder, JDK Mission Control and OpenTracing together to facilitate deep distributed tracing capabilities.</p> - - - Mario Torre - Marcus Hirt - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:20 - 00:25 - H.1302 (Depage) - memory_benchmark - The Missing Benchmark Metric: Memory Consumption - - Free Java - devroom - - <p>When doing benchmarks we are usually interested in comparing the throughput of -different solutions. However, when the code under investigation is not -trivial, memory consumption may vary significantly, because using more memory -to achieve better throughput is a typical design trade off.</p> - -<p>The talk discusses what memory metrics are more or less meaningful and what -approaches can be used to track memory consumption alongside JMH benchmarks. A -special focus will be given on dynamic effects on the interaction with the -garbage collector and whether it is possible to get some stable benchmark -results.</p> - - - Jens Wilke - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:25 - H.1302 (Depage) - compiler_instrinsic - A walkthrough guide to implementing a compiler intrinsic - - Free Java - devroom - - <p>One of the ways Java achieves high performance is to provide a route for -accelerated, hand-crafted compilation of certain critical methods via -the JIT. This optimization path is available both for native methods -implemented as callouts to C code and for methods that are defined in -Java. In both cases the method needs to be flagged as a HotspotIntrinsic -and provided with a JITted code implementation. The intrinsic -implementation defines the hand-crafted definition of as a high-level -intermediate representation (IR) graph for the C2 JIT. This means it can -be inlined into the IR graph for caller methods, providing even greater -opportunities for optimization.</p> - -<p>This talk will demonstrate how to implement an intrinsic by walking -through a specific real-life example that is currently under review as a -JEP candidate. It will start by motivating the need for the intrinsic -and defining the candidate as a Java method which relies on an -underlying native implementation. It will then show how the candidate -can be replaced with an intrinsic implementation, working through the -changes required in the VM, the JIT compiler front and back end and, -ultimately, the assemblers for x86 and AArch64.</p> - - - Andrew Dinn - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:20 - 00:25 - H.1302 (Depage) - build_gc_minutes - Build your own GC with OpenJDK in 20 minutes - - Free Java - devroom - - <p>A new Garbage Collector interface has been introduced in OpenJDK 10, and -has been further improved in OpenJDK 11 and 12. This talk will give a -short sight-seeing tour through its design and its important interfaces -and should give you an idea where to start, if you'd want to make your -own Garbage Collector or want to get started with OpenJDKs existing -collectors.</p> - - - Roman Kennke - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:50 - 00:25 - H.1302 (Depage) - jit_cloud - Making the JIT part of the cloud - - Free Java - devroom - - <p>Many language runtimes like the JVM rely on JIT compilation to improve -application performance, but JIT compilers actively compete with -applications for CPU and memory resources. Because of this, a JIT -compiler's activities may hinder application throughput and create -performance hiccups that can affect quality of service while also -complicating resource provisioning. On top of that, it takes a while even -for the best JIT compilers to fully compile the performance critical -methods of an application to deliver the steady state performance we all -expect from the JVM. An approach we are exploring is to decouple the JIT -compiler from the rest of the JVM so that JIT compilation can operate as a -separate, remote service. This approach opens up the possibility of an -elastic, cloud based service offering JIT compilation for many -applications, languages, and even different architectures simultaneously.</p> - -<p>In this talk we will present our experience building an open source -JIT-as-a-service prototype based on the Eclipse OpenJ9 JVM. We will discuss -some of the engineering challenges we encountered, demonstrate the -advantages we've seen thus far, and present performance data for enterprise -grade Java EE benchmarks.</p> - - - Irwin D'Souza - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:20 - 00:25 - H.1302 (Depage) - tested_business - Tested for Business: An Open and Transparent Quality Kit - - Free Java - devroom - - <p>With the proliferation of OpenJDK binaries for a developer or a business to -choose from, one factor in determining the selection is quality. How do -you know your choice is up to snuff? The AdoptOpenJDK Quality Kit is an -open and transparent verification story for OpenJDK binaries. A robust and -adaptable test kit that can be utilized by any OpenJDK implementor, and -represents the quality bar required by large-scale customers in enterprise -environments. We test multiple freely available JDK implementations at -AdoptOpenJDK and continue to refine this suite of tests to give the -community access to high-quality binaries.</p> - -<p>Beyond a frank discussion starter on the criteria by which we measure -quality, this talk summarizes the real quality requirements of enterprise -customers and presents a compelling story for verifying and/or selecting -your OpenJDK implementation.</p> - - - Shelley Lambert - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:50 - 00:25 - H.1302 (Depage) - java_language_futures - Java Language Futures - - Free Java - devroom - - <p>With the new more rapid cadence, improvements are coming to Java faster than ever. Join Java Language Architect Brian Goetz on a whirlwind tour of some of the features that are coming to Java in the coming months and years.</p> - - - Brian Goetz - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:20 - 00:40 - H.1302 (Depage) - openjdk_gb - OpenJDK Governing Board Q&A - - Free Java - devroom - - <p>An open Q&amp;A session with members of the OpenJDK Governing Board.</p> - - - Mark Reinhold - Mario Torre - Andrew Haley - Georges Saab - Doug Lea - John Duimovich - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:40 - H.1308 (Rolin) - graph_weaviate_knowledge_graph - AMENDMENT Introduction of OSS Weaviate, the Decentralised Knowledge Graph - What is a decentralised knowledge graph and what is the contextionary that powers it? - Graph Processing - devroom - - <p>Weaviate is an open source decentralized knowledge graph. During this talk, I will introduce the software Weaviate, present specific use cases, present Weaviate's architecture, and introduce one of the core features: the contextionary. More info about Weaviate: https://github.com/creativesoftwarefdn/weaviate</p> - - - Etienne Dilocker - - - Weaviate on Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:15 - 00:40 - H.1308 (Rolin) - graph_gephi_js - Gephi JS: Exploring the dystopian future of a Javascript Gephi - - Graph Processing - devroom - - <p>Gephi is a popular network analysis open source software written in Java. This talk about its future is a joint effort by the Gephi dev team and Javascript experts to explore the issues and opportunities of web technologies for large-scale network analysis and visualization.</p> - -<p>Gephi relies on the Swing library for the general user interface plus an OpenGL insert for network visualization. This choice made more than 10 years ago was one of the very few options available for a multiplatform software able to harness GPU power for displaying millions of nodes and edges. Despite a number of issues, the situation was considered relatively satisfying.</p> - -<p>However two long-term trends force the Gephi dev team to reconsider its future: computer infrastructures are moving away from true multiplatform software to web-based interfaces, and Java is moving away from user interface development to server-side computation. Most if not all UX developers agree that web technologies are better supporting modern UX design than the Java ecosystem. However the specific use of OpenGL puts Gephi is a special situation. We know from user surveys that scaling up your network is key to most users. No Gephi user has only small networks, and many of them has tried to analyze networks with hundred thousands nodes or more. This use case is far from usual in the world of web technologies. Is WebGL up to the task of visualizing such amount of objects?</p> - -<p>We used existing Javascript libraries to build a stack comparable to the basic features of Gephi. Graphology was used as a Javascript equivalent of Gephi's GraphStore library, and a tweaked version of Sigma JS WebGL renderer was used as display engine. We used this prototype to benchmark the performance of web technologies for rendering large graphs in OpenGL.</p> - -<p>In parallel we explored the possibility to keep the project in the Java world but stop relying on the JOGL library that is at risk of being less and less maintained. In this mind we developed a new OpenGL visualisation engine prototype, with a better code base and better performance than current implementation.</p> - -<p>In this talk we will showcase both the Javascript proof-of-concept and the new Java prototype. We will present state of our reflections and the results of our benchmarks. Of course technological choices are not only (and even not primarily) a question of performance, and we will take the time to discuss the various issues and limits we met in this exercise of prospective technological exploration. we will conclude with a broader reflection on how Gephi as an open source project tries to adapt to global technological changes.</p> - -<p>We expect this talk to be useful to Java and/or Javascript developers/engineers dealing with graphs.</p> - -<p>Eduardo Ramos Ibáñez is lead developer of Gephi -Mathieu Jacomy is co-author of Gephi -Alexis Jacomy is co-author of the Sigma JS library -Guillaume Plique is author of Graphology and co-author of Sigma JS</p> - - - Mathieu Jacomy - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:40 - H.1308 (Rolin) - graph_real_time_streaming_kafka_neo4j - Leveraging real-time streaming with Neo4j-Streams - - Graph Processing - devroom - - <p>Nowadays real-time Messaging Systems has become widely used, covering a variety of use-cases, from log aggregation to real-time Stream Processing (in combination with Big Data Processing Frameworks). -In this talk we'll introduce how to use Apache Kafka (the most used Message Brocker) in combination with Neo4j through the Neo4j-Streams project, demonstrating via simple use-cases how you can leverage the information driven by the Change Data Capture Module and how to add Neo4j in your streaming flow by using the Sink module.</p> - <p>Nowadays real-time Messaging Systems has become widely used, covering a variety of use-cases, from log aggregation to real-time Stream Processing (in combination with Big Data Processing Frameworks). -In this talk we'll introduce how to use Apache Kafka (the most used Message Brocker) in combination with Neo4j through the Neo4j-Streams project, demonstrating via simple use-cases how you can leverage the information driven by the Change Data Capture Module and how to add Neo4j in your streaming flow by using the Sink module.</p> - - Andrea Santurbano - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:45 - 00:20 - H.1308 (Rolin) - graph_usage_efl - Graph usage in EFL - using graphs to navigate a UI - Graph Processing - devroom - - <p>EFL is a graphical framework that is used on a lot of TVs. The challenge with a TV is, that it needs to be operated with a remote control. Which means, every selectable element on the screen has to be connected to a parent element (i.e. it needs to have a way to navigate to and from itself). In other words, it can be accessed just by pressing the 4 navigation keys on your remote control.</p> - -<p>To achieve this, graphical elements on the screen are grouped into graphs, which are then connected together after the creation process.</p> - -<p>The talk will cover:</p> - -<p>· how the set of graphical components (or elements) on the screen are separated into smaller graphs; -· look at how they are connected together; and -· show why caching calculation results is now easier to cache, than in the previous system.</p> - - - Marcel Hollerbach - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:40 - H.1308 (Rolin) - graph_french_trade_study - Using networks to study 18th century French trade - - Graph Processing - devroom - - <p>France started to compile statistics about its trade in 1716. -The "Bureau de la Balance du Commerce" (Balance of Trade's Office) centralized local reports of imports/exports by commodities produced by french tax regions. -Many statistical manuscript volumes produced by this process have been preserved in French archives. -This communication will relate how and why we used network technologies to create a research instrument based on the transcriptions of those archives in the <a href="https://toflit18.hypotheses.org">TOFLIT18 research project</a>. -Our corpus composed of more than 500k yearly trade transactions of one commodity between a French local tax region or a foreign country between 1718 and 1838. -We used a graph database to modelize it as a trade network where trade flows are edges between trade partners. -We will explain why we had to design a classification system to reduce the heterogeneity of the commodity names and how such a system introduce the need for hyperedges. -Our research instruments aiming at providing exploratory data analysis means to researchers, we will present <a href="http://toflit18.medialab.sciences-po.fr">the web application</a> we've built on top of the neo4j database using JavaScript technologies (Decypher, Express, React, Baobab, SigmaJS). -We will finally show how graph model was not only a convenient way to store and query our data but also a poweful visual object to explore trade geographical structures and trade products' specialization patterns.</p> - -<p>By Paul Girard and Guillaume Plique. -Sciences Po, médialab, Paris, France</p> - -<p>Project funded by the French Agence Nationale de la Recherche (TOFLIT18)</p> - - - Paul Girard - - - our slides : http://medialab.github.io/toflit18/fosdem2019/#/ - our web application http://toflit18.medialab.sciences-po.fr - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:55 - 00:40 - H.1308 (Rolin) - graph_access_control_tinkerpop - Differentiated access control to graph data - Applied to TinkerPop-compatible graph databases - Graph Processing - devroom - - <p>JanusGraph provides access to persisted graph data in a way that is scalable in data size and graph traversal length. Graphs become more valuable if data from multiple sources is ingested, but in general not all users will be authorized to access all data in the graph, given privacy laws on personal data and corporate policies. Since it is not practical to maintain separate copies of large graphs for the different authorization groups, a technical solution for access control is required. This presentation deals with this issue and discusses techniques to provide access to graph data under heterogeneous confidentiality regimes. In particular, an add-on TinkerPop API is presented that provides an abstration to the required filtering and supports the auditing of gremlin queries for validity.</p> - - - Marc De Lignie - - - Presentation at BNAIC2008 - Presentation at a 2017 Utrecht Data Science meetup - Personal blog - Contribution to Apache TinkerPop on Kerberos authentication - Contribution to Apache TinkerPop on usage with Spark on Yarn - Contribution to Apache TinkerPop on querying connected components with gremlin - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:40 - H.1308 (Rolin) - graph_multiplex_analysis_graphblas - Multiplex graph analysis with GraphBLAS - - Graph Processing - devroom - - <h2>Introduction</h2> - -<p>Graph analysis workloads present resource-intensive computations that require a large amount of memory and CPU time. -Consequently, there an abundance of graph processing tools which build on distributed data processing frameworks, including <a href="https://spark.apache.org/graphx/">Spark GraphX</a>, <a href="https://flink.apache.org/news/2015/08/24/introducing-flink-gelly.html">Flink Gelly</a> and <a href="https://giraph.apache.org/">Giraph</a> (which runs on Hadoop). -According to a <a href="https://arxiv.org/abs/1607.02646">recent survey</a>, most of these systems build on the <em>vertex-centric programming model</em>, originally introduced in Google’s <a href="https://ai.google/research/pubs/pub37252">Pregel paper</a>. -This model defines graph analytical algorithms in terms of vertices communicating with their neighbours through message passing, which allows both easy parallelization (for the systems) and intuitive formalization of the computation (for developers). While these systems indeed exhibit horizontal scalability, they introduce numerous inefficiencies requiring a large amount of resources even for moderately sized graphs. -Most practical applications only use graphs up to a few hundred million vertices and edges, which can now be stored comfortably on a single machine. For such graphs, it is worth investigating techniques that allow their evaluation without the additional cost and complexity of operating a distributed cluster.</p> - -<h2>GraphBLAS</h2> - -<p>The <a href="http://graphblas.org/">GraphBLAS</a> initiative is an effort to design a set of standard building blocks that allow users to formulate graph computations <a href="http://bookstore.siam.org/se22/">in the language of linear algebra</a>, using operations on sparse adjacency matrices defined on custom semirings. Since its inception, GraphBLAS has been implemented for multiple languages (e.g. <a href="http://faculty.cse.tamu.edu/davis/suitesparse.html">C</a>, <a href="https://github.com/cmu-sei/gbtl">C++</a>, and <a href="https://github.com/Accla/graphulo">Java</a>). -Additionally, GraphBLAS is being designed in collaboration with hardware vendors (such as Intel and Nvidia) to define a standardized set of interfaces, which will allow building specialized hardware components for graph processing in the future.</p> - -<h2>Multiplex graph metrics</h2> - -<p>Graph analysis has a significant overlap with <em>network science</em>, a field that aims to uncover the hidden structural properties of graphs and determine the interplay between their vertices. Most works in network science only study homogeneous (<em>monoplex</em>) graphs, and do not distinguish between different types of vertices and edges. We believe this abstraction is wasteful for most real-life networks, which are heterogeneous (<em>multiplex</em>) and emerge by different types of interactions. To illustrate such analyses, we calculated <a href="https://arxiv.org/abs/1308.3182">multiplex clustering metrics</a> on the <a href="https://offshoreleaks.icij.org/pages/database">Paradise papers data set</a> to find interesting entities that were engaged in disproportionately high levels of activities with their interconnected neighbours. We found that even on this relatively small data set (2M vertices and 3M edges), naive implementations did not terminate <em>in days</em>. Hence, we adapted techniques from GraphBLAS to optimize the computations to finish in a few minutes.</p> - -<h2>Outline of the talk</h2> - -<p>This talk gives a brief overview of how linear algebra can be used to define graph computations on monoplex graphs, and how we applied it to <a href="https://www.db.bme.hu/preprints/tdk2018-matrix-based-analysis-of-multiplex-graphs.pdf">speedup the calculation of multiplex graph metrics</a>. We present the lessons learnt while experimenting with sparse matrix libraries in -<a href="https://github.com/jluttine/suitesparse">C</a>, -<a href="https://softwarerecs.stackexchange.com/questions/51330/sparse-matrix-library-for-java">Java</a>, and -<a href="https://docs.julialang.org/en/v1/stdlib/SparseArrays/index.html">Julia</a>. Our <a href="https://github.com/FTSRG/graph-analyzer">graph analyzer framework</a> is available as open-source.</p> - <p><strong>Intended audience:</strong> users interested in applying multiplex graph analytical techniques for their problems and developers who strive to implement high-performing graph analytical computations.</p> - -<p><strong>Speaker biography.</strong></p> - -<p>Gabor Szarnyas is a researcher working on graph processing techniques. His core research areas are live graph pattern matching, benchmarking graph queries, and analyzing large-scale multiplex networks. His main research project is <a href="http://docs.inf.mit.bme.hu/ingraph/">ingraph</a>, an openCypher-compatible query engine supporting live query evaluation. His research team was the first to <a href="http://cyprusconferences.org/adbis2017/acceptedpapers.html">publish</a> a <a href="https://link.springer.com/chapter/10.1007/978-3-319-66917-5_13">formalisation that captures the semantics of a core subset of the openCypher language</a>.</p> - -<p>Gabor works at the Budapest University of Technology and Economics, teaching system modelling and database theory. He conducted research visits at the <a href="https://www.york.ac.uk/">University of York</a>, <a href="http://www.mcgill.ca/">McGill University</a> and the <a href="https://uwaterloo.ca/">University of Waterloo</a>. He is a member of the <a href="http://www.opencypher.org/ocig">openCypher Implementers Group</a> and the <a href="http://ldbcouncil.org/">LDBC</a> <a href="http://ldbcouncil.org/developer/snb">Social Network Benchmark</a> task force. -He received -1st prize in the <a href="https://src.acm.org/candidates/2017">MODELS 2016 ACM Student Research Competition</a> conference and -2nd prize at the <a href="https://src.acm.org/winners/2018">SIGMOD 2018 competition</a>. -He is a frequent speaker at industrial conferences (<a href="https://archive.fosdem.org/2017/schedule/event/graph_incremental_queries_open_cypher/">FOSDEM</a>, <a href="http://graphconnect.com/speaker/gabor-szarnyas/">GraphConnect</a>) and meetups (<a href="https://www.meetup.com/nycneo4j/events/243464557/">openCypher meetup NYC</a>, <a href="https://www.meetup.com/neo4j-budapest-users/events/240363389/">Budapest Neo4j meetup</a>).</p> - - Gabor Szarnyas - - - Graph analyzer library - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:25 - 00:40 - H.1308 (Rolin) - graph_mgmt_config - Mgmt Config: A tale of three graphs - Real-time, autonomous, automation with graphs (mostly DAG's) - Graph Processing - devroom - - <p>Mgmt is a real-time automation tool that is fast and safe. It works by running a DAG (graph) of resources. -The DAG is built in real-time, by running a graph-based DSL (language). -We'll fill this talk with a number of exciting real-time demos that show how some cleverly applied graph algorithms can solve an incredibly difficult set of problems. -We'll finish this off by including a demo of building a real-time, distributed, finite state machine (a distributed graph) using our tool.</p> - <p>Mgmt is a real-time automation tool that is fast and safe. It works by running a DAG (graph) of resources. -The DAG is built in real-time, by running a graph-based DSL (language). -We'll fill this talk with a number of exciting real-time demos that show how some cleverly applied graph algorithms can solve an incredibly difficult set of problems. -We'll finish this off by including a demo of building a real-time, distributed, finite state machine (a distributed graph) using our tool.</p> - -<p>A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ -Attendees are encouraged to read some before the talk if they want a preview!</p> - - James Shubin - - - Project homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:40 - H.1308 (Rolin) - ceph_msgrv2 - Ceph wire protocol revisited - Messenger V2 - - Software Defined Storage - devroom - - <p>In this talk we will present an overview of the current design and implementation of the new wire protocol of Ceph, named Messenger V2, that aims to overcome the limitations of the current protocol.</p> - <p>In this talk we will present an overview of the current design and implementation of the new wire protocol (the protocol used for communication between pairs of daemons and daemons and clients), named Messenger V2, that aims to overcome the limitations of the current protocol. -We will start by describing the current wire protocol design and pinpoint its limitations, which will pave the way to present the new protocol features. -Then we will present the details of the new protocol design and talk about some of the possible future features that can be implemented by extending the base protocol.</p> - - Ricardo Dias - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:15 - 00:25 - H.1308 (Rolin) - monitoring_distributed_storage_tendrl - Challenges in Monitoring Distributed Storage Environment and how Tendrl addresses them - - Software Defined Storage - devroom - - <p>Monitoring involves dynamically extracting, disseminating, interpreting and presenting system information to the user. The advent of distributed storage environments brings in new challenges to the monitoring world. Going through logs of a large volume of data over geographically distributed nodes simultaneously to detect the point of failure is becoming infeasible and time-consuming. There is a dire need to replace the standard monitoring techniques and practices used to monitor centralized storage with a centralized monitoring system, which obtains exact information required to track the health, performance, load and capacity of system objects or software processes in the distributed systems and present it to the users in real time and in useful formats.</p> - -<p>In this talk, Rishubh and Gowtham will discuss the challenges faced by sys-admins in monitoring distributed systems and will discuss how tendrl an open source monitoring tool aids them in monitoring a distributed storage system with the help of a scale-out open source software defined storage (SDS) - Gluster. You will get an in-depth explanation on how tendrl monitors each system in the distributed environment and get a glimpse of its modern web interface. They will also show the audience how metric virtualization provided by grafana makes monitoring rudimentary and fast. Their talk will conclude with a demo on how tendrl helps vendors in capacity planning, detecting and alerting the failure conditions, and keeping track of performance and health of the system.</p> - <p>Monitoring involves dynamically extracting, disseminating, interpreting and presenting system information to the user. The advent of distributed storage brought in a lot of new challenges in monitoring the storage systems. It has become impractical for the sys-admins to go through logs of each storage systems distributed across geographically dispersed nodes to detect points of failure. It’s also infeasible to keep a track of health, performance, and capacity of each system by tracking logs obtained via fetching information over terminal using CLI commands.</p> - -<p>In order to monitor the environment efficiently, the monitoring system should be able to get information about each component on every node in the distributed storage environment. Gathering so much data can flood it with a lot of information all of which is not required by the user. The monitoring system should be able to filter the information and display only relevant information to the user when it’s required.</p> - -<p>Monitoring should:</p> - -<ol> -<li>Help users find out why and when did their system fail?</li> -<li>Help users to predict future problems.</li> -<li>Help users make decisions based on real data and trends instead of hunches.</li> -<li>Avoid outage costs.</li> -<li>Observe and check the status of processes and resources over a period of time and keep them under systematic review.</li> -</ol> - - -<p>Tendrl facilitates:</p> - -<ol> -<li>Monitoring distributed storage system with ease.</li> -<li>Operational consistency and efficiency (streamlined provisioning, enhanced discovery, and management via the integrated service dashboard).</li> -<li>Getting important information about storage utilization to help troubleshoot and diagnose issues (noisy neighbor, flaky disks, network bottlenecks)</li> -<li>Proactively monitor and manage health, performance, and capacity utilization and gain operational intelligence at scale. Receive alerts for operational issues requiring intervention.</li> -<li>Alert on operational issues: (OSD state, Cluster state, Failed Drive etc)</li> -</ol> - - -<p>For better understanding, in the presentation we also include interactive demos that show the challenges faced by users and how they can overcome these challenges.</p> - - Rishubh Jain - Gowtham Shanmugasundaram - - - Tendrl main site. - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:45 - 00:25 - H.1308 (Rolin) - ceph_deepsea - What's new in DeepSea - An overview of new features - Software Defined Storage - devroom - - <p>Ceph is a highly distributed software-defined storage solution. It provides allows you to store and access your data via interfaces for block, file and object storage. It aims primarily for completely distributed operation without a single point of failure, while being scalable to the exabyte level. -Deployment and management of a cluster not rarely consisting of hundreds of nodes can be a challenge. That's why we, at SUSE, provide a salt based tool called 'DeepSea' that tries to help you manage your cluster with ease. We designed our product with scalability in mind so that our users don't have to care about the size of their data-center but can concentrate on the important tasks. -This Talk will give a short introduction to DeepSea and highlight the new features we added.</p> - <p>Ceph is a highly distributed software-defined storage solution. It provides allows you to store and access your data via interfaces for block, file and object storage. It aims primarily for completely distributed operation without a single point of failure, while being scalable to the exabyte level. -Deployment and management of a cluster not rarely consisting of hundreds of nodes can be a challenge. That's why we, at SUSE, provide a salt based tool called 'DeepSea' that tries to help you manage your cluster with ease. We designed our product with scalability in mind so that our users don't have to care about the size of their data-center but can concentrate on the important tasks. -This Talk will give a short introduction to DeepSea and highlight the new features we added.</p> - - Joshua Schmid - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:15 - 00:40 - H.1308 (Rolin) - replicated_sds_drbd_linstor - Replicated SDS with DRBD & LINSTOR - An Open Source SDS for the automated management of storage clusters - Software Defined Storage - devroom - - <p>Presentation of the LINSTOR SDS system, which automates the management of different types of block storage volumes on a cluster of storage servers, with a focus on replicated storage for high availability and disaster recovery.</p> - -<p>Focus on architecture &amp; implementation of the system, integration with other software and the development process.</p> - -<p>Intended audience:</p> - -<ul> -<li>Operators, Architects, Developers of cloud &amp; virtualization environments</li> -<li>Operators of systems based on software defined storage</li> -<li>Operators of OpenStack, OpenNebula, Proxmox virtualization platforms</li> -<li>Operators of Kubernetes/Docker containerization</li> -</ul> - - <p>Focus of the lecture &amp; discussion:</p> - -<ul> -<li>Existing storage technologies, focus on Linux: block devices in general, device mapper/LVM, ZFS, DRBD, dmcrypt, etc.</li> -<li>Challenges of automating storage management (allocation/modification (resizing, ...)/deallocation of volumes)</li> -<li>Challenges of managing clusters (parallelization, networking, ...)</li> -<li>Our solutions - how the system works, protocols involved, security model, configuration persistence, transaction safety, etc.</li> -<li>Some interesting implementation details</li> -<li>How the development team works - methods, processes, project management, the tools that we like to use</li> -</ul> - - - Robert Altnoeder - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:25 - H.1309 (Van Rijn) - media_vlc - VLC 4.0 - 4.0++ - Open Media - devroom - - <p>A presentation about the next version of VLC, called <em>4.0</em>.</p> - -<p>This is a continuation of the talk from last year, to explain exactly what was indeed implemented in the VLC core codebase.</p> - <p>A presentation about the next version of VLC, called <em>4.0</em>, codename <strong>Otto Chriek</strong>.</p> - -<p>This is a continuation of the talk from last year, to explain exactly what was indeed implemented in the VLC core codebase.</p> - -<p>It notably speak about the results of the VLC 3.0 release, and speak about the following changes for 4.0: -- the media library, -- the core clock changes, -- the new playlist, -- the VR support, -- and the new interface for Linux and Windows, using Qt5/qml.</p> - - Jean-Baptiste Kempf - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - H.1309 (Van Rijn) - media_kodi - The final release of Kodi v18 - A two year development story - Open Media - devroom - - <p>Kodi v18 has been in development for over two and finally it is released. During this presentation we go through the most important parts that were added or changed and what this actually means for the future.</p> - <p>During past two years developers in and outside of the Kodi Team have been steadily refactoring and working on new features that will be included in Kodi v18. Although we initially thought about doing a RERO release it ended up being quite the opposite. In this presentation we will go through the most important parts that are actually included and why it took so long to come to a final release. Additionally we will briefly cover some parts that we already know will go into v19 at the moment we branched of the current v18 release.</p> - - Martijn Kaijser - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - H.1309 (Van Rijn) - media_gstreamer_1_16 - GStreamer 1.16 and beyond - - Open Media - devroom - - <p>This talk will take a look at what's been happening in the GStreamer multimedia framework as of late: What's new in the latest GStreamer 1.16 release and what features you can expect to land in the near future.</p> - -<p>It will be fairly high-level and is targeted at both application developers and anyone interested in cross-platform multimedia.</p> - <p>GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, macOS, Windows, iOS and Android.</p> - -<p>Whether WebRTC, RTP, RTSP, SRT or RTMP, decoding or encoding, streaming or recording, we have it all!</p> - -<p>Join us to find out what's new and improved!</p> - - Tim-Philipp Müller - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - H.1309 (Van Rijn) - media_gstreamer_rust - Fearless Multimedia Programming - using GStreamer & Rust - Open Media - devroom - - <p>GStreamer is a popular framework of choice for multimedia programming in the Linux world, especially for embedded. Since efficiency is a typical core requirement for embedded solutions, traditionally C/C++ have been the languages of choice for writing GStreamer applications and plugins. Unfortunately, this efficiency comes at the price of safety. Even the most skilled C/C++ developers make mistakes with memory management and the results could potentially be catastrophic. Thread safety is another aspect that is central to multimedia solutions but is extremely difficult to achieve with C/C++.</p> - -<p>Rust language is designed to be both efficient and safe at the same time. In this talk, Zeeshan will present how GStreamer's Rust bindings not only make multimedia programming a lot safer, easier and fun but also allow developers to write even more efficient code than C/C++ in certain cases.</p> - - - Zeeshan Ali - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - H.1309 (Van Rijn) - media_gstreamer_embedded - GStreamer embedded state of the union 2019 - - Open Media - devroom - - <p>GStreamer is the de-facto multimedia framework used for embedded Linux systems. I will focus on recent improvements relevant to the embedded community. I'll explain our progress in the Video4Linux support, in particular support for encoders. I'll talk about various optimizations thas have been happening and how they can help embedded developer deliver better devices. Finally, I'll will look forward at the next releases. I'll also discuss the on-going effort to add embedded systems into GStreamer's Continuous Integration &amp; Automated Testing system.</p> - -<p>GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, Solaris, macOS, Windows, iOS and Android.</p> - -<p>This talks targets everyone who cares about Free and Open Source multimedia on embedded systems. GStreamer is the standard multimedia framework, not only on the Linux desktop, but most importantly, in embedded Linux products.</p> - - - Olivier Crête - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:10 - H.1309 (Van Rijn) - media_gstreamer_wpe - Inject the Web into your GStreamer pipeline with WPE - using a GStreamer/WebKit source element - Open Media - devroom - - <p>This lightning talk will showcase a new GStreamer plugin that allows applications to overlay HTML pages on top of video content. This plugin also allows to capture and interact with an HTML page in a live GStreamer pipeline, for recording purposes for instance.</p> - <p>Overlaying content on top of live video is common practice in the broadcasting industry nowadays. What if you could use HTML and Javascript for your overlay implementations? This would be possible with GStreamer and WebKit's WPE port combined in a GStreamer plugin.</p> - -<p>GstWPE receives EGLImages from WPE and shares them as GstMemory objects attached to buffers injected into the pipeline. This approach enables applications to perform overlaying directly in the GPU using shaders. Alternatively the EGLImages can be downloaded to the CPU main memory using the GStreamer gldownload element and processed there.</p> - -<p>GStreamer is an extremely powerful and versatile framework for creating streaming media applications. -WPE WebKit allows embedders to create simple and performant systems based on Web platform technologies. It is designed with hardware acceleration in mind, leveraging common 3D graphics APIs for best performance.</p> - - Philippe Normand - - - WPE WebKit port - GStreamer Multimedia framework - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:15 - 00:10 - H.1309 (Van Rijn) - media_radio - Voice Controlled Radio - Enabling broadcast reception for Smart Speakers - Open Media - devroom - - <p>https://tech.ebu.ch/news/2018/09/voice-controlled-hybrid-radio-demonstrated-at-2018-ibc</p> - -<p>The EBU and NAB co-funded a project to create a demonstrator for a radio device able to be entirely controlled by voice. This demonstrates the concept of the 'Single Voice Service List', and uses openly-standardized metadata from the broadcaster (using RadioDNS lookup, ETSI 103 270, and the Service and Programme Information data, ETSI TS 102 818) to automatically select between DAB+/IP/FM. The project was implemented by hacking the underlying Alexa Voice Service SDK.</p> - - - Ben Poor - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - H.1309 (Van Rijn) - media_ebus - EBUs - Live IP Software Toolkit - Open Source Software in professional media - Open Media - devroom - - <p>With the upcoming change from a dedicated technology called SDI towards IP. The goal is to move from dedicated boxes to pure software based broadcast. -Our Toolkit can help you on your way to discover SMPTE ST 2110, AMWA interface specifications, and many more.</p> - - - Willem Vermost - - - LIST - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - H.1309 (Van Rijn) - media_rist - RIST - an evolutionary video transport protocol - - Open Media - devroom - - <p>This presentation will explain RIST (Reliable Internet Stream Transport), a new protocol for professional video transport that is evolutionary. It is a protocol designed to allow for packet retransmissions between broadcast equipment, something which in the past had been vendor specific. Unusually for professional standards, it has a public specification and thus has already been implemented in a number of open source projects. This talk will took about the good parts and the bad parts as well as comparing it with traditional transport protocols such as TCP.</p> - - - Kieran Kunhya - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - H.1309 (Van Rijn) - media_scene_changes - Video Analysis using CUDA and OpenCV - Detecting scene changes in videos using CUDA and OpenCV - Open Media - devroom - - <p>CUDA has gained popularity as the programming language for GPUs.</p> - -<p>OpenCV remains the most popular library for computer vision.</p> - -<p>The aim of the talk is to introduce people to harness both the technologies to build high performance models for image and video processing, by using the simple problem of detecting scene changes in a video.</p> - <p>Detecting scene changes in videos using CUDA and OpenCV.</p> - -<p>CUDA is a parallel computing platform and application programming interface (API) model created by Nvidia. It allows software developers and software engineers to use a CUDA-enabled graphics processing unit (GPU) for GPGPU (General-Purpose computing on Graphics Processing Units).</p> - -<p>OpenCV stands for Open Source Computer Vision Library. It has C++, python and Java interfaces.</p> - -<p>The scene change detection problem is can be defined formally as - given two frames, do they belong to the same scene, or different scenes? The content-aware scene change detection finds all areas in a video where the difference between two subsequent frames exceeds a threshold value. This allows to detect cuts between scenes.</p> - -<p>The proposed algorithm has the following steps - - * Decode the video. - * For each frame -</p> - -<pre><code> * Convert the frame to HSV colour space. - * For each channel, find the average pixel by pixel difference with the previous frame - * Average the difference over the number of channels. - * If greater than a given threshold declare the frame as a scene change -</code></pre> - -<p>The pixel-by-pixel operation of each channel can be optimised to execute in parallel. This can be achieved using CUDA.</p> - -<p>The simple algorithm above can be optimised to execute on a GPU and achieve 10x improvements in speed.</p> - -<p>All the code is written in C++</p> - - Sam Radhakrishnan - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - H.1309 (Van Rijn) - media_futatabi - Futatabi: Multi-camera instant replay with slow motion - - Open Media - devroom - - <p>Futatabi is a free software solution for doing instant replay, e.g. for sports production. It supports multiple cameras, high-quality realtime slow motion on the GPU through optical flow, and seamless integration with Nageru, my live video mixer. We'll talk a bit about how interpolation through optical flow works, challenges in transporting the streams back and forth, and demonstrate a real-world sports production done last year using Nageru and Futatabi.</p> - - - Steinar H. Gunderson - - - Nageru and Futatabi home page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - H.1309 (Van Rijn) - media_sreview - The SReview review system - - Open Media - devroom - - <p>SReview is a conference video review system, originally written for FOSDEM 2017, that is now being used for the third time at FOSDEM 2019. It is also in active use by the debconf video team.</p> - -<p>This talk will explain the background in which it was written, and will also give a somewhat detailed explanation of its inner workings.</p> - -<p>For an explanation of the detailed UI design work we did to the review page over the last year, see the companion talk in the open source design devroom.</p> - - - Wouter Verhelst - - - source code - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - H.1309 (Van Rijn) - media_libre - How libre can you go? - Reaching as many viewers as possible using only libre video technologies. - Open Media - devroom - - <p>Streaming video on the internet in 2019 is littered with a cacophony of proprietary, patent encumbered technologies. As the landscape of the internet evolves libre video technologies are becoming more prominent in browsers and on devices, but we’re still a long way from a complete solution.</p> - -<p>In this session we’ll walk through the state of libre video on the internet and pick technologies to reach as many users and devices as possible while suggesting workarounds for the problems we find. We’ll also explore how we can leverage adaptive bitrate technologies within a libre video technology stack to provide a seamless user experience.</p> - -<p>Finally we’ll also take a forward facing look at the future of online video and how AV1 can help bring libre video to the masses.</p> - - - Phil Cluff - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:55 - H.1309 (Van Rijn) - media_migrating - Migrating from Adobe Connect - the Victory of FOSS Over Proprietary Software - - Open Media - devroom - - <p>Adobe Connect is a proprietary platform for virtual presentations, conferencing sessions and screen recordings. -Recently, one of our customers has requested our assistance in migrating their content from Adobe Connect to Kaltura. -We've released the <a href="https://github.com/kaltura/adobe-connect-to-mkv-to-kaltura">project</a> as FOSS [licensed under AGPLv3]. -This session will cover the challenges we faced and the FOSS tools we used to overcome them.</p> - <p>During the session, we will review the steps the code takes in order to extract and process the data associated with an Adobe Connect recording [video and audio files, metadata, etc]. -We'll walk attendees through our use of FFmpeg, Selenium, Mozilla's Geckodriver and OpenCV and demonstrate how they were harnessed for the purpose of migrating the content.</p> - -<p>We will conclude with a live demo of the migration process.</p> - - Jess Portnoy - - - Adobe Connect migration project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:55 - H.1309 (Van Rijn) - media_ossia - ossia ecosystem workshop - Combining media of all kinds with libossia and ossia score - Open Media - devroom - - <p>We propose a workshop on the usage of the various software of the ossia ecosystem (https://ossia.io), which are a set of tools to be used in a creative coding context, in order to create art, in particular shows, artistic installations, or museum exhibitions.</p> - -<p>We will present the usage of two tools. First, the library libossia (https://github.com/OSSIA/libossia), which allows exposure and control of the parameters of a creative software over the network across many different languages and environments (C++, Java, C#, PureData, Python, SuperCollider, Qt/QML, Faust...). -Then, we will show and teach the usage of the software ossia score (https://github.com/OSSIA/score), which allows to score the parameters of these creative applications in time, as well as include media, sound effects, hardware peripherals, robots, DMX lightning, etc. In particular, the interactive features, which allow for non-interactive timelines and scoring will be showcased and explained.</p> - -<p>The OSCQuery protocol will be discussed (https://github.com/Vidvox/OSCQueryProposal). It has been conceived in collaboration with the authors of multiple industrial-grade media software companies such as VDMX, Vezér, Millumin and others. This protocol is implemented in libossia and allows extensive interoperability amongst this kind of software, in particular between websites and traditional desktop software thanks to the use of WebSockets.</p> - - - Jean-Michaël Celerier - - - ossia website - link to the latest release - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - - - 10:30 - 00:30 - H.2213 - vai_enlightening_kvm - "Enlightening" KVM - Hyper-V emulation - Virtualization and IaaS - devroom - - <p>Is running a Windows guest any different from Linux from KVM's perspective? -KVM can pretend being Hyper-V and this is actively used for running Windows -guests. Following Hyper-V naming convention, individual features are named -"enlightenments": some of them are already mature, some of them were just -added to KVM and some are still waiting to be implemented. What are these -features and how Windows guests use them? How is it different from Linux?</p> - <p>Attendees of the talk will get to know the current status and the ongoing -work for Hyper-V emulation in KVM, how this impacts Windows guests. Some -benchmarks won't be missing too. -The talk is intended for virtualization development engineers as well as -system administration running KVM in production. In the talk both the internals -of Hyper-V emulation in KVM and practical advises on how to run Windows guests -on KVM will be discussed.</p> - - Vitaly Kuznetsov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - H.2213 - vai_getting_to_blinky - Getting To Blinky: Virt Edition - Making device pass-through work on embedded ARM - Virtualization and IaaS - devroom - - <p>Virtualization, including safe pass-through guest access to devices, is a well-known and mature technology on servers. With the increasing complexity and abilities of SoCs, virtualization is gaining importance on embedded systems, too. -In this presentation, Geert will explore virtualization and device pass-through (VFIO) using QEMU and KVM on a Device Tree-based embedded ARM system, pursuing the holy grail of embedded developers: the ability to blink a connected LED. -While seemingly too trivial and inapplicable, Geert will show how relevant such a contrived example is to more complex real-world uses of device pass-through. -He will talk about the obstacles he encountered, and how they were overcome, enabling the use of device pass-through for real on-SoC devices using DMA. -Finally, Geert will discuss when to use device pass-through, and when other virtualization techniques offer a better solution.</p> - <p>In this presentation, embedded developers will get a grasp of virtualization, and can expect a hands-on report of getting device pass-through working on DT-based systems, enabling them to accelerate implementing virtualization in their own projects and products. -Understanding the differences between traditional PCI-based servers, and relatively new embedded systems with DT, will help software developers improve support for device pass-through, in both Linux and virtualization environments like QEMU/KVM. -Hardware (SoC and board) designers will learn about the impact of their design decisions on virtualization, and what to take into account to allow efficient virtualization of hardware devices.</p> - - Geert Uytterhoeven - - - Device Pass-Through Using VFIO on R-Car SoCs - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - H.2213 - vai_towards_exploring_virtual_disks - Toward exploring virtual disks using a file manager! - - Virtualization and IaaS - devroom - - <p>How many times did you need to start a virtual machine and either provide it with a directory on the host or use some file-sharing service (e.g., dropbox) or your email, just to copy a resource that resides within the virtual disk? In this session, Arik presents the upcoming integration between the muCommander file-manager and libguestfs. This produces an alternative to that complex process by enabling to browse/copy-from/copy-to various virtual disk formats directly using a user-friendly interface. Come to see the planned functionality and hear about the technical complexity of this integration.</p> - <p>muCommander is an open source cross-platform file manager that supports a variety of file formats (e.g., zip, tar) and file protocols (e.g., sftp, smb). These days muCommander is extended with a pluggable framework to ease the process of supporting more file formats and protocols.</p> - -<p>This session focuses on a specific plugin for virtual disks. The plugin wraps the libguestfs library that provides an API for accessing and modifying various formats of virtual disks, such as vmdk and qcow. Libguestfs is a powerful library that is used by a variety of tools, e.g., the conversion utility virt-v2v. However, libguestfs lacks a user-friendly interface for those who wish to inspect and modify virtual disks as ordinary archive files. The plugin for muCommander aims to provide that via a dual-pane graphical interface.</p> - -<p>The on-going development of this plugin exposes some of the complexity of integrating virtual disks, and libguestfs in particular, into a file-manager. For instance, unlike ordinary archive files, the operating system needs to be inspected in order to produce the tree structure of the file system(s). As another example, muCommander uses a stream based approach to copying files while libguestfs assumes local files or standard input/output. This session would cover not only the functional side of the integration, that will be demonstrated with images that resides on oVirt's storage domains, but also interesting sides of its implementation.</p> - - Arik Hadas - - - Demonstration of the provided functionality - muCommander's website - libguestfs's website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - H.2213 - vai_its_time_for_the_populator - It's Time for the Populator - Declarative initialization of kubernetes persistent storage - Virtualization and IaaS - devroom - - <p>Kubernetes clusters increasingly host applications that manipulate data in persistent storage. Preserving that data is important but how does it get there in the first place? Unless it can generate its own data, the application should expect the volume to be populated prior to initialization. This may seem like a trivial problem with many simple solutions but we can build on kubernetes design principles to produce a superior solution. In this session you will discover a declarative PV population pattern, observe some concrete examples how this can be applied to different sources of data, learn about some common problems in this area and how kubernetes can help to solve them. After the session you will be ready to contribute your own populator to the kubernetes community.</p> - - - Adam Litke - - - Slides - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - H.2213 - vai_bare_metal_in_the_cloud - Bare Metal In The Cloud: Isn’t it Ironic? - Explaining OpenStack bare metal provisioning service - Virtualization and IaaS - devroom - - <p>With IaaS, common way to provide compute resources is to ask the hypervisor to allocate a bunch of VMs for you. Sometimes, however, allocating a bare metal machine could be essential to withstand higher workloads or harden data security. Running a container engine (like k8s) inside of a bare metal machine avoids double resource management and achieves higher density.</p> - -<p>In this talk we will introduce the OpenStack project called Ironic - the bare metal provisioning and life cycle service that can also act as a hypervisor for the OpenStack compute service.. We will explain system design, typical hardware management workflow, upcoming features and future challenges.</p> - - - Dmitry Tantsur - Ilya Etingof - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - H.2213 - vai_managing_vms_and_containers - Managing VMs and Containers in a Deeply Integrated UI - - Virtualization and IaaS - devroom - - <p>Interested in managing virtual machines and containers using single integrated UI? -See Kubevirt's web-based user interface in action.</p> - <p>Kubevirt Web UI will be presented.</p> - -<p>Create, monitor and access VMs easily in a Kubernetes cluster. -Discover k8s API objects relationships graphically. -Enjoy wizards for common tasks.</p> - - Marek Libra - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - H.2213 - vai_monitoring_kubernetes - Monitoring Kubernetes and Virtualization - - Virtualization and IaaS - devroom - - <p>Now that Kubevirt, -a converged infrastructure that brings virtualization on top of Kubernetes came into the world, -it’s time to take a look on the monitoring aspects of this solution. -This talk will go through some of the popular monitoring solutions and integrations that exist for Kubernetes, -a sneak peak of how monitoring is done for Virtual machines on oVirt's open-source distributed virtualization solution -and how could it be applied on Kubevirt. -Attendees with Kubernetes experience could learn more on monitoring solutions for both Kubernetes and virtualization.</p> - - - Yanir Quinn - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - H.2213 - vai_make_room - Make Room! Make Room! - Space saving techniques in oVirt - Virtualization and IaaS - devroom - - <p>The whole idea of virtualization is to utilize resources as heaviliy as possible. oVirt, an open- source virtualization solution, comes with several techniques, that require every VM to actually fight for each byte it needs, thus keeping disk usage as small as possible. oVirt uses different types of thin provisioning, data compression and data deduplication, to improve disk space utilization.</p> - - - Denis Chaplygin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - H.2213 - vai_use_kcli - Use kcli with all your virtualization solutions! - - Virtualization and IaaS - devroom - - <p>What if you could use the same tooling to interact with libvirt, kubevirt, gcp, aws ovirt or openstack ? -In this talk, I will present kcli, the tool I initially wrote to ease my work on libvirt and which evolved into a multiprovider abstraction tool -We will detail installation, typical workflow and advanced features I use every day.</p> - - - Karim Boumedhel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - H.2213 - vai_high_preformance_vms - High performance virtual machines in oVirt - Explain oVirt solution for easy creation of virtual machines running in highest possible performance - Virtualization and IaaS - devroom - - <p>Running a virtual machine enables the user with a high level of flexibility in the expense of the virtual machine's performance. Users are sometimes required to run applications on a virtual machine but still gain performance metrics as close to bare metal as possible. Until now this wasn't a straightforward mission to accomplish in oVirt. A new feature was now added to introduce a simple to manage solution for running a new/existing virtual machine in high performance. In this session we will talk about the essential requirements, functionality, limitations and assumptions for improving virtual machine performance, including host pinning and live migration enabled functionality. Attendees with virtualization knowledge (without necessarily oVirt experience) can learn from this session.</p> - <p>Support a new type of virtual machine in oVirt destined for running a virtual machine with highest possible performance and performance metrics as close to bare metal as possible. -By choosing this new High Performance virtual machine type, the virtual machine will be per-configured with a set of suggested and recommended configuration settings for reaching the best efficiency.</p> - -<p>Before this feature was implemented in oVirt, configure a virtual machine to run with high performance workloads was not an easy straightforward mission to do and required the user to manually set the virtual machine as such by going over all settings and check what is relevant and how to configure it. -In addition, live migration was usually not supported for such virtual machines due to pinning constraints. Furthermore, few required features essential for improving virtual machine performance were not supported at all by oVirt (for example: using huge pages, IO and Emulator threads pinning, CPU cache layer 3 support, USV and other devices disabling, headless mode, enable Multi Queues per Virtual Interface etc).<br/> -All these new features and more can now be leveraged to suggest one solution of the best recommended configuration according to virtual machine usage requirements.</p> - -<p>We will explain why increasing performance will decrease flexibility of the virtual machine, discuss how to set the virtual machine's devices, pass through host CPU mode, io/cpu/emulator threads pinning typologies, paravirtualized random number generator, virtual NUMA nodes and NUMA pinning topology and more settings. We will also explain how to combine all settings together wisely, what are the requirements from the physical hosts running those virtual machines and what are the limitations. We will also discuss virtual machines' pinned hosts limitations</p> - -<p>We will explain out solution for supporting migration for those high performance virtual machines which include pinning configuration, migration constraints to handle and hosts scheduler requirements. In addition we will talk about affinity rules for managing groups of high performance virtual machines and physical hosts.</p> - - Sharon Gratch - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - H.2213 - vai_ppeeding_up_the_booting_time_of_a_toro_appliance - Speeding up the Booting Time of a Toro Appliance - - Virtualization and IaaS - devroom - - <p>Microservices propose a new paradigm to split monolithic cloud infrastructure into unitary services which allow better scaling of the global infrastructure by integrating heterogeneous technologies. Current cloud infrastructure allows to implement cheap microservices by hosting them in VMs. To leverage host resources, VMs are launched on demand, i.e., when the microservice is idle, the VM is shutdown and it is only powered on when a request arrives. In this context, the time that takes the VM to be ready and serves incoming requests becomes very important. We have identified two problems that prevent VMs to start up on time: first, the initialization of the hypervisor, and second, the size of the image. In this talk, we present three approaches that work around on these problems, i.e., Qboot, NEMU and Firecracker. We evaluate these approaches on a Toro appliance that is a unikernel dedicated to microservices. In Toro, the kernel and the microservice are compiled together and the result is a single image that can be used to launch a Virtual Machine (VM) on different hypervisors like Xen, KVM or HyperV.</p> - - - Matias Vara - - - Linkedin - http://matiasvara.github.io - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - H.2213 - vai_apply_complex_network_configuration_to_your_kubernetes - Apply complex network configuration to your Kubernetes cluster hosts by declaring it - - Virtualization and IaaS - devroom - - <p>Classical Kubernetes workload consists of microservices, that are relatively cheap to restart and reschedule. With the expansion of containerized application technologies, heavier, longer-living applications are looking to leverage Kubernetes. These applications may keep a complex state that is hard to relocate and may have strong hardware requirement. Thus, stopping and rescheduling them is more expensive and disruptive to the application. For such applications, an administrator would like to modify the configuration of the cluster nodes on-the-fly. In particular, this is important for network-related changes, such as setting SR-IOV cards or defining bonds. In this talk you will learn about kubernetes-nmstate. A tool that allows Kubernetes administrators to dynamically configure networking on cluster nodes.</p> - -<p>Attendees will learn how to configure node network from the Kubernetes API</p> - - - Petr Horáček - - - nmstate - kubernetes-nmstate - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - H.2213 - vai_real_time_virtualization_automation - Real-time virtualization automation - Mgmt Config: Virtualization - Virtualization and IaaS - devroom - - <p>Mgmt is a next gen config management tool that takes a fresh look at automation. -It has tight integration with a number of virtualization related functionality. -This presentation will demo our virt resource and other virtualization related features! -We'll demo live scaling a cluster of virtual machines, hot swapping the cpu count dynamically in seconds, and automatic load adjustment of vm's. -We'll also show some unique integrations of these virtual machines with the existing mgmt language functions. -We'll include many interactive examples showing you how to build reactive, autonomous, real-time systems with vm's! -Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project.</p> - <p>Mgmt is a next gen config management tool that takes a fresh look at automation. -It has tight integration with a number of virtualization related functionality. -This presentation will demo our virt resource and other virtualization related features! -We'll demo live scaling a cluster of virtual machines, hot swapping the cpu count dynamically in seconds, and automatic load adjustment of vm's. -We'll also show some unique integrations of these virtual machines with the existing mgmt language functions. -We'll include many interactive examples showing you how to build reactive, autonomous, real-time systems with vm's! -Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project.</p> - -<p>A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ -Attendees are encouraged to read some before the talk if they want a preview!</p> - - James Shubin - - - Project homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:30 - H.2213 - vai_implementing_uefi_variable_services_in_qemu - Securing Secure Boot on Xen - - Virtualization and IaaS - devroom - - <p>UEFI is a replacement for the BIOS. It supports Secure Boot which is signature verification of bootloaders and OS kernels which helps prevent attacks where malware injects itself into the bootloader or kernel so that it can be loaded during startup. Despite the poor reputation that Secure Boot has in the free software community (mostly due to non-technical reasons), this would be useful to have for VMs running on Xen. It is also required for features in guests such as Windows Credential Guard. This talk describes how Secure Boot support has been added to Xen.</p> - <p>Xen has long had support for running guests booted with UEFI using a build of edk2/Tianocore built for VMs called OVMF.</p> - -<p>Systems that use UEFI boot have a small amount of NVRAM that stores variables critical for booting the system. Secure Boot is built upon the concepts of authenticated variables and a set of keys. Authenticated variables require updates to be signed by particular keys. These keys themselves are stored in authenticated variables.</p> - -<p>Verifying updates to authenticated variables needs to be performed in a way that cannot be tampered with by the guest which may have been infected by malware. There are a few ways of dealing with this. The talk will look at the approach taken by bare metal, KVM, and finally how we have implemented it for Xen. This is done by introducing a new component called varstored which runs outside of the context of the guest. It acts as an interface to the guest's NVRAM and verifies updates to it. Actual storage of the NVRAM is delegated to a number of backends to support different uses cases. For example, for a single host it could store the NVRAM in a simple file. For a pool of hosts it could store the NVRAM in database server accessible poolwide.</p> - - Ross Lagerwall - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:30 - H.2213 - vai_xcp_ng_building_an_open_source_and_turnkey_virtualization_platform - XCP-ng: building an Open Source and turnkey virtualization platform - From Kickstarter to the datacenter, a Xen based solution - Virtualization and IaaS - devroom - - <p>Creating a new virtualization platform in 2018 seems intriguing. Why doing something like this? Is anyone would be interested? XCP-ng answered those questions in a clear manner. Initially a fork of XenServer, XCP-ng made something some people thought would be impossible: gathering a large community around a new virtualization platform in those modern days, where containers and serverless are advertised as the only way to build a decent IT infrastructure.</p> - <p>XCP-ng is a fully Open Source and turnkey virtualization platform. In other words, a specialized Linux distro, with everything you need to run your virtual machines on it, without complicated installation and configuration. We'll see why it was born in the first place, what happened since and the future of it.</p> - - Olivier Lambert - - - XCP-ng website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:30 - H.2213 - vai_rust_vmm - rust-vmm - shared virtualization crates - Virtualization and IaaS - devroom - - <p>rust-vmm aims to create a common base of virtual machine monitor (vmm) components written in Rust. It's organized as a shared-effort, shared-ownership open-source project that includes (so far) the crosvm, Kata Containers, and Firecracker teams . We believe that Rust is a great fit for a vmm: its memory management guarantees simplify the task of security hardening, while its roots as a system programming language ensure C-like performance. So far, we've started with the initial KVM wrapper crate, and, while separating out a few more basic functionality crates is underway, we still have to answer questions like "can independent teams compose reliable yet different vmms out of a set of decoupled components?", "how much can be decoupled?", "what's the right way to import/build these components into the larger vmm projects?", or, "does the world even need that many vmms?". During this talk, we'll look at some ways to answer these questions, but we're really here to get the room's feedback and opinions!</p> - - - Andreea Florescu - - - Rust VMM Organization on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:30 - H.2213 - vai_iommu_implementation_using_hw_nested_paging - Virtual IOMMU Implementation using HW Nested Paging - - Virtualization and IaaS - devroom - - <p>Direct device assignment allows a virtual machine to directly interact with a host device. The device DMA registers are programmed by the guest with guest physical addresses (GPAs) and the virtualizer uses a physical IOMMU to map the GPAs to the actual host physical addresses (HPAs) backing the virtual machine RAM space. The physical IOMMU guarantees the DMA transfers initiated by the guest are properly translated and isolated.</p> - -<p>When a virtual IOMMU is exposed to a guest, the physical IOMMU needs to be programmed with the combination of two mappings: the IOVA/GPA mapping programmed by the guest OS and the former GPA/HPA mapping programmed by the hypervisor.</p> - -<p>Some IOMMU architectures implement nested paging, including the ARM SMMUv3. This talk aims to describe the work recently done to set up the two translation stages at the Linux and QEMU levels. This integration allows a guest exposed with a virtual SMMUv3 to get the full benefit of the underlying physical SMMUv3, avoiding the need to implement shadow page tables.</p> - -<p>The principles of the integration will be explained and the APIs will be covered. IOMMU nested paging will be compared with the existing virtual Intel IOMMU integration relying on shadow page tables. Remaining challenges will be presented.</p> - - - Eric Auger - - - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:50 - H.2214 - xdp_overview_and_update - XDP (eXpress Data Path) as a building block for other FOSS projects - - Software Defined Networking - devroom - - <p>The eXpress Data Path (XDP) is a Linux kernel feature, that have gain -a lot of traction over the last couple of years. This talk is focused -on how other FOSS projects can leverage XDP. How we believe XDP -should be seen as a software offload for the kernel network stack.</p> - -<p>The motivation is to plant FOSS seeds for collaboration by describing -that XDP offers of facilities and capabilities. But also explain that -XDP is not the magic-bullet by framing the XDP design and what layer -it operates at (e.g. no de-fragmentation) and what limits XDP impose -when enabled (e.g. no jumbo-frames).</p> - -<p>In the second part of this talk we will focus on AF_XDP and how it can -be leveraged by the DPDK project. AF_XDP is a new socket type -introduced in Linux 4.18, that allow the XDP driver hook to deliver -raw frames into userspace. This offers new opportunities for -e.g. integrating with DPDK via a Poll Mode Driver (PMD) for AF_XDP.</p> - - - Magnus Karlsson - Jesper Brouer - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:20 - H.2214 - cilium_overview_and_updates - Cilium - overview and recent updates - - Software Defined Networking - devroom - - <p>Cilium is on open source project which provides networking, security and load balancing for containers by using eBPF and XDP technologies in the Linux kernel. It provides eBPF and XDP features to CRI-O, Docker and Kubernetes. This talk will present an overview on Cilium, explain the concepts behind it and then provide the project update, as it reached the 1.0 milestone last year.</p> - <p>Bio: -Michal Rostecki is a Software Engineer working at SUSE. He's contributing to Cilium on daily basis, sometimes to Kubernetes and several projects related to containers and networking. He used to be a core reviewer for OpenStack Kolla project.</p> - - Michal Rostecki - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:30 - H.2214 - merging_system_and_network_monitoring_with_bpf - Merging System and Network Monitoring with BPF - Merging packets with system events using eBPF - Software Defined Networking - devroom - - <p>Network traffic monitoring is traditionally based on packet analysis. While this approach still makes sense in many contexts, it is unable to provide detailed visibility when containers or virtual systems are used. This talk describes how the advent of eBPF enables the creation of monitor rich applications that can provide both network and application monitoring information to provide detailed information for both monitoring and troubleshooting. It shows how eBPF has been used in ntopng, an opensource monitoring application, and what are the challenges and pitfalls when integrating packets with system monitoring events.</p> - <p>This talk describes how packet monitoring and system-based event monitoring work and how they could be merged together to provide increased visibility. From the network administrator perspective the advantage is that monitoring does not stop at network level but it can also identify the application/username that has generated traffic. From a security standpoint this enables to identify suspicious network traffic and bind it to applications, for network administrators it allows faulty applications misbehaving users to be identified and tracked. System visibility is yet another layer of observability on top of traditional packet traffic monitoring and deep-packet-inspection.</p> - - Luca Deri - Samuele Sabella - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:10 - 00:20 - H.2214 - network_filtering_with_bpf - Unifying network filtering rules for the Linux kernel with eBPF - - Software Defined Networking - devroom - - <p>At the core of fast network packet processing lies the ability to filter packets, or in other words, to apply a set of rules on packets, usually consisting of a pattern to match (L2 to L4 source and destination addresses and ports, protocols, etc.) and corresponding actions (redirect to a given queue, or drop the packet, etc.). Over the years, several filtering frameworks have been added to Linux. While at the lower level, ethtool can be used to configure N-tuple rules on the receive side for the hardware, the upper layers of the stack got equipped with rules for firewalling (Netfilter), traffic shaping (TC), or packet switching (Open vSwitch for example).</p> - -<p>This presentation reviews the needs for those filtering frameworks and the particularities of each one. Then it focuses on the changes brought by eBPF and XDP in this landscape: as BPF programs allow for very flexible processing and can be attached very low in the stack—at the driver level, or even run on the NIC itself—they offer filtering capabilities with no precedent in terms of performance and versatility in the kernel. Lastly, the third part would explore potential leads in order to create bridges between the different rule formats and to make it easier for users to build their filtering eBPF programs.</p> - - - Quentin Monnet - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:15 - H.2214 - oko_open_vswitch_extensions_with_bpf - Oko: Open vSwitch Extensions with BPF - Getting the best of Flow Table and Code-based approaches to network programmability - Software Defined Networking - devroom - - <p>The widely adopted Open vSwitch implements the OpenFlow forwarding model. Its simple match-action abstraction eases network management, while providing enough flexibility to define complex forwarding pipelines. OpenFlow, however, cannot express the many packets processing algorithms required for traffic measurement, network security, or congestion diagnosis because it lacks a persistent state and basic arithmetic and logic operations.</p> - -<p>This talk presents Oko, an extension of Open vSwitch with support for BPF actions. We implemented a first userspace prototype over Open vSwitch-DPDK. Our userspace BPF VM relies on the ubpf project, extended with a rudimentary verifier and support for persistent data structures (BPF's maps).</p> - -<p>We compare the performance of our prototype for several packet processing applications with a second setup in which applications run as secondary DPDK processes exchanging packets with Open vSwitch over a shared memory (zero-copy DPDK Ring Port setup). Our Oko setup offers a near 2x performance improvement over this alternative setup.</p> - - - Paul Chaignon - - - Submit feedback - - - - 12:45 - 00:15 - H.2214 - virtio_update - An update on Virtio - What happened recently and what's coming soon? - Software Defined Networking - devroom - - <p>Virtio 1.1 was released recently and it brings some exciting new features, pushing forward performance and hardware implmementations of Virtio. -In this talk we will look into what happened since FOSDEM 2018 and also look at which features are on the horizon and can be expected soon.</p> - <p>Virtio is a common framework for IO virtualization in hypervisors. It is part of DPDK accelerated Open vSwitch and allows for hardware abstracted VNFs. In the past year version 1.1 of the Standard document was released and the additions focused on support for hardware implementations and performcance improvements. This talk will give an overview of new features and will also give a quick introduction into how interested parties can participate in work on the Virtio specification.</p> - - Jens Freimann - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:20 - H.2214 - writing_network_drivers_in_high_level_languages - Writing Network Drivers in High-Level Languages - How to write drivers in Rust, go, C#, Swift, Haskell, and OCaml - Software Defined Networking - devroom - - <p>Drivers are usually written in C for historical reasons, this can be bad if you want your driver to be safe and secure. We show that it is possible to write low-level drivers for PCIe devices in modern high-level languages. -We are working on super-fast user space network drivers for the Intel 82599ES (ixgbe) 10 Gbit/s NIC in Rust, C#, go, OCaml, Haskell, Python, Swift, and a few more languages (WIP). All of our drivers are written from scratch and require no additional kernel code.</p> - -<p>Check out <a href="https://github.com/ixy-languages/ixy-languages">our GitHub page</a> with links to all implementations, performance measurements, and publications for further reading.</p> - <p>Supposedly modern user space drivers (e.g., DPDK or SPDK) are still being written in C in 2018 :(</p> - -<p>This comes with all the well-known drawbacks of writing things in C that might be prevented by using safer programming languages. -Also, did you ever see a kernel panic because a in-kernel driver did something stupid? It doesn't have to be that way, drivers should not be able to take down the whole system.</p> - -<p>There are three steps to building better drivers:</p> - -<ul> -<li>Write them in a safer programming language eliminating whole classes of bugs and security problems like bad memory accesses</li> -<li>Isolating them from the rest of the operating system: user space drivers that drop privileges</li> -<li>Isolating the hardware using the IOMMU</li> -</ul> - - -<p>We are showing that it is possible to achieve all of these goals for PCIe drivers on Linux by implementing user space network drivers in all of the aforementioned programming languages. Our techniques are transferable to other drivers that would benefit from more modern implementations.</p> - -<p>Our drivers in Rust, C#, go, OCaml, and Swift are completely finished, tuned for performance, evaluated, and benchmarked (they are about 80-90% as fast as our user space C driver which is as fast as older versions of DPDK).</p> - -<p>The main thing to take away from this talk is: writing drivers is neither scary nor hard. You can write one in your favorite programming language, so go ahead and try that :)</p> - - Paul Emmerich - Simon Ellmann - - - GitHub project summary - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:20 - 00:15 - H.2214 - how_connectx_device_driver_works - How a Connect-X device driver works - How we wrote a Connect-X 4/5 10G-100G driver for Snabb - Software Defined Networking - devroom - - <p>I will explain how to write your own device driver for the Mellanox Connect-X device family, why you might want to do this, and what lessons we learned when we wrote the driver for Snabb.</p> - -<p>I will put this into context with other hardware and related technologies like AF_XDP, Intel AVF, DPDK, etc.</p> - <p>Good news! Hackers nowadays feel empowered to write our own 10G-100G ethernet device drivers. Github contains many such drivers written in languages including C, C++, Lua, Rust, and Go. Community projects successfully use these simple bespoke drivers to keep in control of our applications' software architectures.</p> - -<p>The problem is that today these drivers mostly target aging hardware: the beloved Intel 82599 (Niantic) 10G family. Niantic is on the way out of the market and, surprisingly perhaps, there is no obvious successor for independent developers.</p> - -<p>In this talk I will present the Mellanox Connect-X family as a potential successor to Niantic as the darling of independent driver hackers. I will tell you how we independently wrote our device driver for the Snabb project and why this driver works for all 10G/25G/40G/50G/100G NICs in the ConnectX-4 and ConnectX-5 device families. I will go into technical detail about how the driver and the hardware works in case you want to write your own driver one day too.</p> - -<p>Together we will contemplate the merits of such a custom device driver in the context of related technologies like AF_XDP, Intel AVF, DPDK, and hardware from other vendors.</p> - - Luke Gorrie - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:35 - 00:30 - H.2214 - netmap_vnf_development - VNF development made easy with netmap - A flexible framework for high performance packet processing within QEMU VMs - Software Defined Networking - devroom - - <p>The Netmap framework provides a simple and efficient user-space API for direct access to Ethernet NICs and other fast software interfaces (e.g., VALE switches, pipes and monitors). Because of its flexibility, performance and ease of use, Netmap is an attractive solution to implement high-speed portable Virtual Network Functions. This talk shows how to write packet processing applications using the Netmap API, and run them inside QEMU VMs, over passed-through Netmap interfaces. With Netmap, applications running in two VMs or containers can exchange up to 20-30 Mpps (per-core) at minimum packet size.</p> - <p>The need for an alternative mechanism and APIs for network I/O has been recognized by several O.S. bypass projects (DPDK, PF RING), and comes from the performance limitations of the traditional socket API (and the associated O.S. implementation) in terms of maximum packet rate. Using a traditional socket API a single processor core is not able to send or receive more than 1-2 million packets per second (Mpps) at minimum packet size (60 bytes), despite of much faster modern NICs which support 10-100 Mpps. These limitations are largely due to per-packet size-independent costs: system call, packet copy across user/kernel boundary, VFS layer overheads, dynamic (de)allocation of packet metadata (e.g. sk_buff on Linux), NIC register access and interrupts. Moreover, moving networking to userspace facilitates experimentation and improves portability. The bypass solutions overcome these limitations by pre-allocating packet buffers, mapping those buffers in the application address space and allowing applications to send and receive multiple packets using a single operation (e.g. a system call or a NIC register access). They also use simple packet representation structures optimized for raw packet I/O rather than for full-fledged protocol stack. When combined together, these techniques allow user-space applications to send/receive tens of millions of packets per second, saturating the NIC capacity even with short packets. Exploring Netmap is a good introduction to these topics, common to all frameworks. However, Netmap brings some additional benefits that are not found elsewhere: it does not force applications to resort to busy-polling, it protects devices from uncontrolled user-space access, and it introduces a common API which can also be used for fast VM networking and Inter-Process Communication. Netmap is available on both Linux and FreeBSD.</p> - -<p>The Netmap framework has evolved significantly from its inception as a user-space packet I/O interface to NIC hardware in 2011. It is now a flexible network I/O tool that supports many backends (in addition to NICs) and virtualized environments, accessible with the same API. The VALE programmable switch (part of Netmap) acts as a virtual switch for Virtual Machines (VMs) and physical NICs, supporting hundreds of virtual ports and over 20 Mpps per-core between its ports. Netmap pipes are point-to-point virtual links that connect processes or VMs at over 40 Mpps, useful for service function chaining. Netmap as a fast network backend has been integrated into hypervisors like QEMU, Bhyve and VirtualBox. Accelerated network I/O is also possible for lightweight virtualization (containers) by means of native support for Linux veth devices (over 40 Mpps). Finally, a virtual pass-through device allows any Netmap interface (e.g. a VALE port, NIC or pipe endpoint) to be safely exposed inside a VM, enabling unprecedented packet-rates (20-40 Mpps) between VMs.</p> - -<p>These Netmap features constitute the datapath building blocks for Network Function Virtualization (NFV) deployments. We are not aware of other technologies that allow applications running in two VMs or containers to exchange up to 20-30 Mpps at minimum packet size. With such powerful I/O capabilities, we believe Netmap is the preferred candidate to implement NFV applications such as load balancers, Intrusion Detection Systems, firewalls, etc.</p> - - Vincenzo Maffione - - - Netmap github repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:05 - 00:20 - H.2214 - onos_introduction - ONOS Introduction - Overview of ONOS, Open Network Operating System from ONF, the Open Networking Foundation. - Software Defined Networking - devroom - - <p>ONOS is an open source project, written in Java that aims to deliver a software-defined networking (SDN) OS focusing on scalability, high availability, and high performance. The session will go over the ONOS modular architecture, its main tenets, use cases, and applications. It will describe the APIs that enable programmability in the network, both at the control and data planes.</p> - -<p>The talk will detail how your needs in network programmability are easily solved by new apps, REST APIs and other tools that the ONOS platform offers. ONOS has become production ready. The code undergoes strict and high-quality testing. ONOS is currently in production in data centers managing traffic on thousands of customers in mission critical networks. The talk will highlight how ONOS serves as a building block for opensource and commercial projects, such as Software enabled Broadband Access (SEBA), SONA for networking in Openstack and others. ONOS is also deployable in a kubernetes environment through docker containers. ONOS also keeps pushing the boundary of new technologies, for example enabling data plane programmability through P4 and P4Runtime and by providing support and connectivity to edge cloud deployments to better offer low-latency, personalised and secure services to the end-users.</p> - -<p>Finally, the talk will dive into the great ONOS open-source community, its strengths and how to become part of it.</p> - - - Laszlo Papp - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:25 - 00:15 - H.2214 - ansible_networking_and_odl_integration - Automation networking engine for enterprise SDN - Ansible Networking and OpenDaylight integration - Software Defined Networking - devroom - - <p>Ansible is one of the fastest growing projects in the history of opensource. It is simple, flexible and powerful, and there is a huge community behind it. Ansible is capable of automate systems, storage and of course, networking. However, Ansible is stateless, and from the network engineer standpoint, a stateful view of the network topology is needed. There is where OpenDaylight joins the game. As a proper opensource SDN controller and network platform, OpenDaylight provides the translation of bussiness APIs into resource APIs, and Ansible networking performs its magic in the network.</p> - <p>In this talk, we will go over a high lever overview of what is OpenDaylight. We will learn about its architecture and how it works and what we can do with it. Moreover, we will explain how Ansible networking is changing the game for network operators due to its simplicity and flexibility. Both of this components can create an automation engine for network devices with all the benefits of an SDN controller such a centralized control plane, programmability of your network and that holistic approach that networking engineers love.</p> - -<p>One more thing... there will be a live demo! We will demonstrate the ability to create an L3VPN in a typical telco service provider network with heterogeneous hardware, using the same interfaces from the user standpoint. This demo is using only opensource projects such OpenDaylight, Ansible, Skydive, etc. -If you are interested in future network management, come and enjoy!</p> - - Ricardo Noriega - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:20 - H.2214 - scalable_virtual_switching - A Scalable Approach to Virtual Switching - - Software Defined Networking - devroom - - <p>The seamless scaling of a vSwitch in relation to changing platform workloads running in VMs/containers in real-time can be difficult, particularly when the workloads and the vSwitch are independent entities. Typically a user/orchestrator must somehow provision vSwitch cores on-the-fly or even over-provision these cores up-front, in order to ensure the vSwitch can handle the traffic going to and from these workloads at any given time. -This talk introduces an approach/approaches to vSwitching that distributes the vSwitching work alongside worker cores, and as a result automatically scales with the amount of work being done on the platform. The approach is likely to be superior to existing approaches in terms of compute cost.</p> - - - Ciara Loftus - Bruce Richardson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:40 - H.2214 - vpp_ligato_as_ipsec_gateway - VPP & Ligato use cases: Contiv/VPP CNI plugin for Kubernetes & IPSEC VPN gateway - Development of cloud-native network functions with VPP & Ligato - Software Defined Networking - devroom - - <p>In this talk, we will introduce FD.io VPP and the Ligato cloud-native networking framework and demonstrate how these are used to address two use cases - a CNI plugin for Kubernetes (Contiv/VPP) and an IPSEC VPN gateway.</p> - <p>FD.io VPP is a high-performance packet forwarder that runs on commodity CPUs. Ligato provides a platform for developing Cloud-Native Network Functions (CNFs) using VPP running in Linux user-space and leveraging Intel's DPDK to grab packets directly from the NIC.</p> - -<p>Contiv/VPP is a CNI (Container Network Interface) plugin that uses VPP to provide network connectivity for Kubernetes pods. Its aim is to bypass the kernel for packet handling in a Kubernetes cluster wherever possible. To achieve this, it replaces the kube-proxy load-balancer by leveraging VPP's advanced NAT functionality, and implements native Kubernetes policy (to avoid the requirement for a kernel-based policy plugin). As well as providing fast packet processing, Contiv/VPP can be used as the foundation for CNF deployments running in Kubernetes - since it is based on the Ligato VPP Agent its functionality can be easily extended to interconnect CNFs, e.g. using the Ligato SFC Controller.</p> - -<p>StrongSwan is probably the most common IPSEC VPN concentrator in use today. It provides an IKE daemon but leverages the Linux kernel for IPSEC forwarding. Using Ligato we can interface StrongSwan's IKE implementation to VPP's IPSEC forwarding plane to create a high-performance IPSEC VPN CNF.</p> - -<p>In general we will look at the benefits of forwarding traffic using VPP rather than the Linux Kernel in terms of: -1) performance -2) flexibility -3) manageability</p> - - Giles Heron - Rastislav Szabo - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:20 - H.2214 - vpp_northbound_connections - Northbound Connections of VPP for NFV in Containers and Kubernetes - - Software Defined Networking - devroom - - <p>Many have recognized the advantages of containerization and container platforms for traditional web server and database apps. With the expansion of IoT as well as Telco and service providers’ workloads into containers, there is an increased focus on NFV, and other non-traditional networking intensive applications. These applications require layer two and three access to high performance data planes from within containers and Kubernetes pods. In this session, we will dive into the particular requirements for layer2 and layer3 containerized applications. We will also discuss and compare some solutions such as Network Service Mesh (NSM) and Multus and how they are used for the connection and orchestration of NFV containerized workloads.</p> - - - Thomas F Herbert - Billy McFall - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - H.2214 - csit_building_production_grade_networking_software - Building production-grade networking software with FD.io CSIT - Building fast and robust networking software must be data-driven! - Software Defined Networking - devroom - - <p>Numerous open-source projects develop software-defined data planes targeting network use cases such as Discrete Appliances, Cloud Infrastructure, Virtual Network Functions and now also Cloud-Native deployments. These may be based on foundation toolkits such DPDK, eBPF/XDP, Snabb and so on, and may implement a diverse range of network functions, applied in many combinations and on different compute platforms and devices.</p> - -<p>The need for a consistent and repeatable, use-case driven performance validation and benchmarking approach has never been greater. Enabling both the development community and the end-user to understand, measure and verify expected performance.</p> - -<p>Achieving great performance with Network Software, should not be accidental, it should be data-driven!</p> - -<p>This talk explains how the FD.io CSIT project aims to meet this need by developing and providing Continuous Performance Lab platform for benchmarking, validation, performance trending and regression detection. Founded on multi-vendor collaboration, CSIT leverages deep multi-platform understanding and telemetry tools to analyze and correlate benchmarking results leading to consistent, repeatable and reliable performance validation the FD.io user base can rely on.</p> - <p>This talk will cover</p> - -<ul> -<li>A brief overview of FD.io CSIT</li> -<li>Recent FD.io VPP release performance data is presented and discussed in this context.</li> -<li>Recent CSIT Community Innovations Performance Trending graphs, MLRSearch and PMU Tooling are presented.</li> -<li>Debugging a real system setup issue with FD.io CSIT is also covered</li> -</ul> - - - Ray Kinsella - Maciek Konstantynowicz - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - H.2214 - opnfv_testing_infrastructure_and_services - Testing your infrastructure and services with the help of OPNFV testperf team - - Software Defined Networking - devroom - - <p>The OPNFV community has developed a comprehensive set of open source test tools and test methodologies for NFVIs and VM-based cloud platforms. With the proliferation of cloud native and edge computing, we need to think about how to evolve these tools to meet the requirements of emerging and future use cases. In this talk, we will give an outlook on how the OPNFV test tool ecosystem can address new use cases and challenges. The test tools in OPNFV are not just for NFV, but can be more widely useful. We will present the tools, and discuss how they can be extended to support new and existing usecases.</p> - -<p>This talk is aimed at an audience that want to test their SDN/NFV deloyments (but not necessarily using OPNFV). It will give an overview of the test tools, and how they can be use tools for many different deployments, test different components of your system (VIM, vswitch, storage, etc.) and perform different types of testing (infrastructure verification, feature validation, stress and resiliency testing, performance benchmarking, characterization, etc.).</p> - - - Emma Foley - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:20 - H.2214 - noisy_neighbor_insurance - Are you insured against your noisy neighbor? - - Software Defined Networking - devroom - - <p>Traditional NFVi dataplane performance testing rarely focuses on (availability, consumption) dark resources such as CPU Cache and Memory Bandwidth. Much of the Quality of Service fine tuning often leads to oversubscription ending up with shared resource contention often termed as noisy neighbor effects. We present the methodology and test scenarios using open source solutions - OPNFV-VSPERF Framework, Collectd monitoring solution, Stress-NG workload generator and Resource Management client for (a) analyzing the performance impact due to presence of noisy neighbors and (b) controlling resources like Last Level Cache (LLC) for optimal performance. This talk was presented at recent Open Source Summit.</p> - <p>Short Bio: Sunku Ranganath is a network software engineer in Intel Corporation, focused on enabling service assurance solutions for SDN/NFV infrastructures. With background in drivers &amp; firmware development, Sunku has been actively involved in enabling reference solutions, performance methodologies and industry guidance in the NFV domain. Sunku is also an active contributor and user of OPNFV barometer &amp; VSPERF communities.</p> - - Sunku Ranganath - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:20 - 00:15 - H.2214 - dpdk_burst_replay - Introduction to dpdk-burst-replay - A tiny tool for easily inject pcap files on DPDK NICs - Software Defined Networking - devroom - - <p>dpdk-burst-replay is a friendly tcpreplay tool for DPDK NICs, main objective being to operate as fast as possible (similar to --topspeed option of tcpreplay). -To achieve this, it pre-load the pcap file on memory before sending it to the Tx queues. -It can send the packets simultaneously through multiple ports (with dedicated threads), and several times in a row.</p> - -<p>We will start with an overview of what it can do, what it is made for, then we will see how to use it on a typical use case: setting up a stress test between several NIC ports with pcap dumps of real traffic. -Finally, we will talk about how it was designed, how it should evolve, and what features we would like to add.</p> - - - Jonathan Ribas - - - GIT repository - Documentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:35 - 00:15 - H.2214 - dpdk_softnic_enrich_nics_capabilities - Enrich your NIC's capabilities with DPDK SoftNIC - - Software Defined Networking - devroom - - <p>Over the years, more and more vendors have embraced DPDK to enable their NICs for userspace packet processing. This trend has advanced DPDK, leading to the development of new APIs with the aim of leveraging the heterogeneous features and capabilities of NICs. This level of diversity in PMDs and APIs is a catalyst for an inconsistent development environment, making it difficult for applications to accommodate all types of NIC. To overcome this, we propose DPDK SoftNIC, which is capable of being programmed to build custom NIC pipelines to augment missing features to HW NICs by using advanced DPDK features without requiring an application redesign. SoftNIC allows the application to be incognizant of the hardware available to it without compromising functionality.</p> - - - Kevin Laatz - Reshma Begam Pattan - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:50 - 00:30 - H.2214 - from_closed_to_open_source_switch - From closed to Open Source switch ASICs - The transition in the world of switching asics - Software Defined Networking - devroom - - <p>A journey over the last ten years of opening access to switching ASICs. Starting with OpenFlow going through the lands of open APIs we have reached the harbours of openness. Are we there yet to build a truly open Network Operating System?</p> - <p>Open Source got mainstream in the world of switching ASICs. We nowadays can get open access to steer multiple terabits of packets through the network. This talk tries to cover the path that startet ten years ago with OpenFlow that tried to open up the networking world. We will pass by some more or less known buzzwords like Indigo, OF-DPA, Switchdev, OpenNSL, SAI, P4, SDK-LT and NPL. From this zoo of lower level details we will have a look at their use in Network Operating Systems (NOS) today. Finally trying to answer the question: Are we there yet?</p> - - Tobias Jungel - - - Indigo (First Gen) - OF-DPA - Switchdev - OpenNSL - SAI - P4 - SDK-LT - FBOSS - SONiC - OPX - ONL - Stratum project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 11:00 - 01:00 - H.3242 - apache_maven_bof - Apache Maven - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - 16:00 - 01:00 - H.3242 - samba4_bof - Samba 4 self-compiling - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - 17:00 - 01:00 - H.3242 - nethserver_bof - Nethserver - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - - - 14:00 - 01:00 - H.3244 - sailfishos_bof - SailfishOS - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - - - 10:30 - 00:20 - AW1.120 - welcome_to_the_open_source_design_collective - Welcome to the Open Source Design Collective! - An introduction to our Open Source Design collective - Open Source Design - devroom - - <p>This session will be the opening session of the Open Source Design devroom. We will have a short introduction to the Open Source Design collective, what we do, who we are.</p> - -<p>We also welcome new comers to FOSDEM, user-centred design, or open source to introduce themselves, tell us a little bit about the work they do, and what they're looking to learn or find out.</p> - -<p>It is a good opportunity to meet potential collaborators and make new friends. ☺️</p> - - - Bernard Tyers - Open Source Design Collective - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:20 - AW1.120 - component_based_design_system - Component-based Design System and Development - - Open Source Design - devroom - - <p>How do you bring order to this chaotic web frontend climate fueled by the ever-changing technologies driving it? We - a UX Designer and a Software Engineer - will introduce you to the concept of WebComponents, and how we can achieve order through evolving from Bootstrap to CSS grid based design system.</p> - -<p>Target Audience: designers and engineers. our talk introduces the importance of collaboration and bringing designers and engineers together.</p> - <p>The Red Hat portfolio includes about 50 different products. There was a need for a design system as different patterns were build over and over again which led to inconsistency. The UXD goal is to bring consistent user experience to the entire Red Hat portfolio. This talk explains why it is important to have a unified look and feel. Patternfly is an open-source design system that helps our designers and engineers build user friendly products. As the frontend technologies are constantly evolving, this design system has to evolve with them. We would like to talk about the history and evolution of PatternFly - how it was created and how it tries to handle the continuous evolution of the frontend landscape. Perspectives from both design and engineering will be included.</p> - - Dávid Halász - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:20 - AW1.120 - educational_resources_on_digital_accessibility - Open Educational Resources on Digital Accessibility for Building Your Own Courses - - Open Source Design - devroom - - <p>The accessibility of digital technologies in the European Union (EU) varies from country to country, due, in part, to differences in accessibility-related legislation. In October 2016, the European Parliament accepted a directive on the accessibility of websites and mobile applications provided by public sector bodies (Directive (EU) 2016/2102). New public sector websites in the EU will need to conform by 23 September 2019, all public sector websites will need to conform by 23 September 2020, and all public sector mobile apps will need to conform by 23 June 2021. The directive references standard EN 301 549, which has been updated to reflect the requirements in the Web Content Accessibility Guidelines (WCAG) 2.1. -This new legal situation will create a greater demand for accessibility-related training and training resources for public sector bodies. The EU-funded project MOOCAP (MOOC Accessibility Partnership, https://moocap.gpii.eu/, September 2014 - August 2017) created 11 free online courses about various aspects of digital accessibility. Four of these courses ran as MOOCs (massive open online courses) on platforms such as FutureLearn and edX. The resources from these courses are freely available as Open Educational Resources (OERs) under the Creative Commons Attribution 4.0 International licence (CC-BY 4.0). This licence allows anyone to share, adapt and redistribute the content of the OERs, provided that they correctly attribute the MOOCAP partner (or partners) who created the resources. -This presentation will briefly present the MOOCAP project, the courses it created (especially those that are still available) and the Open Educational Resources it made available.</p> - - - Christophe Strobbe - - - MOOCAP: A pan-European project on providing education on accessible design - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:20 - AW1.120 - ux_overhaul_ooni - Designing for Activism - An overview of the UX overhaul of OONI Probe - Open Source Design - devroom - - <p>How do you design a user experience to guide both grassroot contributors as well as the advanced data researchers? That's what we were trying to solve in the past year for OONI Probe, the internet censorship measurement tool which enables thousands of activists worldwide to measure their network and automatically report potential anomalies of censorship. As part of the Tor Project, OONI Probe is vital to in helping the Internet Freedom movement, as all data gathered is Freely accessible as Open Data.</p> - -<p>During the talk we will go through the redesigned OONI Probe 2.0 for Mobile and Desktop and explain the new design system and how we hope to design an experience which enables both advanced and beginners to OONI and measuring internet censorship.</p> - - - Elio Qoshi - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:20 - AW1.120 - ux_at_tor - UX at Tor - an Open Approach - Open Source Design - devroom - - <p>How do you create privacy tools that work for people all over the world, who are fighting many different struggles for liberation? We will talk about how we empower users with open design and community help at the tor project. We'll share our process during the development of Tor Browser 8 and explain why the way we work defines the product we release.</p> - <p>To make useful software, especially software that aims to keep people safe, it is essential to understand users’ contexts and goals. As part of our global south initiative, members of the Tor user experience and community teams traveled through India, Uganda, Colombia, and Kenya to run usability testing. We ran in-person testing of several user experience (UX) improvements in Tor Browser 8.0 with users of different technical backgrounds. We conducted more than 45 interviews that gave us an understanding of the diverse mental models and technical levels of knowledge of our users. We met people like Juana, a coffee farmer in Colombia who is part of a self-managed group of women coffee growers. The group uses Tor to communicate securely with one another. We met Jon, an environment activist and journalist in Hoima, Uganda who uses Tor to anonymously publish his blog. We learned about several threat models of the people we spoke to in Uganda. Concern about local police retaining hardware devices, and the practice of the political party currently in power seizing journalists notes and other records were common in most of those communities.</p> - -<p>In addition, this work allowed us to speak with people using our software in extreme conditions, such as poor telecommunications infrastructure, very expensive data packages or very old hardware. This helped us to understand their context, empathize, and consider solutions that work for them. We believe that Tor Browser must be usable by people without a technical background, as well as by advanced users. We want to empower our users through education so that they can have control of their browsing.</p> - -<p>We use an open design process where developers and designers work together to achieve the best solution. We use knowledge gained from our research to help us to create the most usable flow for users.</p> - -<p>We will talk about the iterations and improvements we released in Tor Browser 8: the security indicators for .onion sites, the circuit display and the onboarding for new users.</p> - - Antonela Debiasi - - - TB8 Release - Tor UX Team - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:20 - AW1.120 - localizing - Breaking Down Language Barriers - Localizing for access, activism and preservation - Open Source Design - devroom - - <p>We will introduce the work of Localization Lab and localization as a key element of bridging the digital divide. We will also discuss the essential connections between emerging connectivity in vulnerable societies, adoption of open source tools, means to oppose or prevent censorship and localization into local languages.</p> - <p>Only about 25% of the world's population speaks English natively or as a second language, however English still dominates over half of website content. This dominance also extends to Free and Open Source Software. While FOSS plays a large role in bridging the digital divide and bringing access to technology and the open Internet to new users around the globe, these tools and spaces are only as effective as they are linguistically accessible.</p> - -<p>Over the past 5 years, Localization Lab has built a network of over 6,000 volunteers worldwide who localize open source, digital security and circumvention tools for communities in need. In this session we will share experiences we have had working with communities around the globe who are localizing digital security tools out of necessity, as language preservation, and as forms of activism. We will also discuss the importance of planning for localization in the early design stages and how you can improve your tools by harnessing the knowledge and experience of localizers as end users.</p> - -<p>You should leave the session excited to promote language diversity in tech and on the Internet and with ideas for how you can improve FOSS localization efforts as a translator or a developer.</p> - - Erin McConnell - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:20 - AW1.120 - cost_of_not_doing_user_research - The real cost of not doing user research - And how to get insight-based decisions on a budget - Open Source Design - devroom - - <p>In this talk, I address the direct value or user research for small teams. It illustrates how much money, developmental effort and time a remote team had lost without a proper research process. In 2013 I was working on an RSS-reader: a personal project that quickly grew to six digits daily active users. Five years later, I look back, reflecting on the research-related mistakes and outlining what lightweight and budget-friendly methods could have flipped the table, including approaches to planning, organising and running research.</p> - <p>The importance of following a user-centered design approach has been declared over 53 million times on the internet, according to Google Search results. However, in practice, small teams may not have the resources, and often lack a dedicated researcher or the luxury of proper budgets, so the research becomes a lesser priority compared to the delivery side of projects. This creates sets of problems, where teams are losing money, waste limited developmental efforts and are often unable to evaluate their work on a larger scale.</p> - -<p>In 2013 I was working on an RSS-reader: a personal project that quickly grew to six digits daily active users. We did not follow a proper research process and because of that made some seriously bad mistakes and decisions. This talk lists the core ones and outlines what lightweight and budget-friendly methods could have dramatically change the situation, including approaches and advice on planning, organising, running and presenting research along with the advice for developers and engineers. Since the topic of "Should designers code" has been hotly debated in the past couple of years, maybe it is time for discussion around "Should developers research" and arguments for (and against!) non-UX-people being involved in traditional UX activities.</p> - -<p>This talk covers: -- The direct value of (not) doing research -- Planning, organising and running lightweight discovery and evaluation activities -- Introducing research to non-UX people</p> - - Olena Bulygina - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:20 - AW1.120 - open_source_design_in_trenches - Open Source Design in the trenches: a case study - How we redesigned the FOSDEM video review interface - Open Source Design - devroom - - <p>Early in 2018 I responded to a call for help published in the Open Source Design jobs board (https://opensourcedesign.net/jobs/). It was from the maintainer of something called SReview (https://github.com/yoe/sreview), which happens to be the software FOSDEM uses to capture, post-process and publish the videos of all the talks at the conference.</p> - -<p>Over the past 10 months we redesigned the SReview interface in a user-centred, collaborative, iterative and open way. This talk explains how we went about it. Using a model of the "ideal" design process as a reference, we'll show where we deviated from it and why. The moral of the story? There is no best way of doing design. The best way of doing design is the way that suits your project.</p> - <p>Early in 2018 I responded to a call for help published in the Open Source Design jobs board (https://opensourcedesign.net/jobs/). It was from the maintainer of something called SReview (https://github.com/yoe/sreview), which happens to be the software FOSDEM uses to capture, post-process and publish the videos of all the talks at the conference.</p> - -<p>SReview takes a rather ingenious approach to the problem of how to review presentation videos before publication. Instead of the small video team doing all the work, which would take ages, they crowdsource the task, by asking the speakers themselves to review their own presentations. Speakers get an early preview of the video - something they appreciate -, and the FOSDEM video team gets the job done faster. Everybody wins.</p> - -<p>There was only one small problem: the interface speakers had to use to review presentation videos was not working. Speakers kept making mistakes in the process, which caused a lot of extra work for the FOSDEM video team.</p> - -<p>Over the past 10 months we redesigned the interface in a user-centred, collaborative, iterative and open way. This talk explains how we went about it. Using a model of the "ideal" design process as a reference, we'll show where we deviated from it and why.</p> - -<p>The moral of the story? There is no best way of doing design. The best way of doing design is the way that suits your project.</p> - - Wouter Verhelst - Belen Barros Pena - - - sreview repository - sreview design work repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:20 - AW1.120 - open_source_design_collective - Our Open Source Design collective - and group photo - Open Source Design - devroom - - <p>For everyone who doesn’t know what exactly we do, this is a short intro to our collective: We work to raise the profile of good design in open source software, and connect developers &amp; designers to make it happen.</p> - -<p>We run an Open Source Design community forum, organize design tracks at well-known events like FOSDEM (hello 🙋), FOSSASIA and OpenTechSummit, have a job board to get designers involved, provide open design resources to developers &amp; designers, and more.</p> - -<p>We will also take our GROUP PHOTO during this session! 😊</p> - <p>A few of our activities from last year include:</p> - -<p>👩‍💻 Lots and lots of posts on our Open Source Design job board! https://opensourcedesign.net/jobs/ -2️⃣ Organization of our second Open Source Design Summit in Tirana! https://opencollective.com/opensourcedesign/events/open-source-design-summit-2018-371ev -💸 Sponsored by Sticker Mule, Mozilla &amp; phpList and supported by Open Technology Fund, Ura Design, Red Hat &amp; Nextcloud -📑 More activity on our Discourse forum! https://discourse.opensourcedesign.net</p> - -<p>Things we are working on or need to work on:</p> - -<p>💬 Attending a bunch of events and giving talks related to Open Source Design https://discourse.opensourcedesign.net/c/events -🎨 Attendance at more mainstream design events! -⭕ Still working on becoming an Open Source Initiative affiliate https://github.com/opensourcedesign/organization/issues/53 -👥 We need to do more on the meetup front: https://discourse.opensourcedesign.net/c/meetups – NYC is active, but we can improve elsewhere -💻 Another work in progress is the website, we are looking into improving the design. ;)</p> - -<p>✨ Probably lots more we forgot to list! :)</p> - - Jan-Christoph Borchardt - - - 🎨📐 Open Source Design - 💼 Open Source Design job board - 👥 Open Source Design events - 💬 Open Source Design community forum - 💸 Funding at Open Collective - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:20 - AW1.120 - designing_for_security - Designing for Security - - Open Source Design - devroom - - <p>Good security requires usability. If a secure technology isn’t usable, users will simply use something else - or worse, they might work around the technology to do what they need to do. We will demonstrate this universal truth with a handful of examples and supplement them with good design principles.</p> - <p>We will cover UX of key handling, password managers and anti-phishing, and also spend some time on why these products and services so often lack usability. We also won't miss this opportunity to introduce simple human-centered design methods to incorporate in the development process!</p> - - Molly Wilson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:50 - AW1.120 - panel_more_designers - Panel: Difficulties in having more designers participate in Open Source - - Open Source Design - devroom - - <p>Open discussion about getting more designers participating in Open Source projects and better understanding of the barriers that may be preventing them from contributing.</p> - <p>We will invite several designers into the panel, to share their experience with their open source communities and provide insight on the topic. Some questions will be interactive and the public can also vote and respond, representing their opinion.</p> - - Ecaterina Moraru - - - Talk Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:20 - AW1.120 - device_to_device_networks - Mobile design with device-to-device networks - Exploring the design space of novel technologies through research, design, prototyping and storytelling - Open Source Design - devroom - - <p>This talk outlines a strategy for designing interactions that take advantage of novel technologies by combining research, design, prototyping and storytelling.</p> - <p>Current and future network standards (e.g Neighbour Awareness Networking) will allow faster and more convenient direct connections between mobile devices. This technology has the potential to enable new interactions and social dynamics, as phones become aware of each other's presence and can exchange large amounts of data in a fast and private way.</p> - -<p>But how do we find out what is possible? And how do we design for it?</p> - -<p>This talk draws on several examples and working prototypes to show how a multidisciplinary iterative process can lead to important insights and a broadened range of possibilities.</p> - -<p>Both design and engineering are fundamental parts of this process, as a wide range of skills is necessary to (among other things) carry out research, understand the constraints of the technology, build prototypes while ensuring that they remain usable and focused, detect problems and opportunities, and inform the course for future exploration.</p> - - Felipe Erias - - - Video recording (WebM/VP9) - Video recording (mp4) - Blog post (with videos) - Submit feedback - - - - 17:00 - 00:20 - AW1.120 - ethics_for_foss_user_research - Dotting the ethics i and crossing the t - Solid ethics for FOSS user research - Open Source Design - devroom - - <p>This talk will be about establishing good ethical guidelines and standards for user research for the SecureDrop project. The 2 speakers have contributed to SecureDrop, an open-source software platform for secure communication between journalists and whistleblowers.</p> - <p>This talk will be about how we established good ethical guidelines and standards for user research for the SecureDrop project. The 2 speakers have contributed to SecureDrop, an open-source software platform for secure communication between journalists and whistleblowers.</p> - -<p>It will focus on why ethical research is important in user-centred design, how to do ethical user research in open source projects. It will also explain how to establish a trusting relationship with participants.</p> - - Belen Barros Pena - Bernard Tyers - - - Bernard Tyers' Twitter - Belén Barros Pena's Twitter - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:20 - AW1.120 - yoast_design_meeting - The Yoast Design Meeting and how it started us on the path to open source design - - Open Source Design - devroom - - <p>The Yoast design team explains how they went from individual designers to a design team, to having a weekly design meeting, building a design system, and how this is preparing them to standardize and open source their design philosophy.</p> - <p>Open Source is a great philosophy, but for designers it doesn’t necessarily feel like a natural fit. Even at Yoast, which lives and breathes open source, the design team has had their struggles with this - and still does to this day. We have a strong brand identity that lives in our shared consciousness, but how can we explain this well to a new team member, or someone outside the design team, or even outside the company? In this talk, we’ll talk about the process we went through to get our designers to think outside their own heads, and the way we're creating a shared vision through the ‘Yoast Design Meeting’.</p> - - Tim Hengeveld - Luc Kickken - - - Company website - Tim Hengeveld's Twitter - Luc Kickken's Twitter - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:20 - AW1.120 - furniture_with_javascript - Making furniture with Javascript - An open-source community run platform for designers to experiment with parametric furniture design. - Open Source Design - devroom - - <p>An experimental project which uses web technologies to help design, display and make furniture. O-LAP is an open-source community run platform for designers to experiment with parametric furniture design. Designers create parametric furniture designs as plugins into the framework. Registered designs gets displayed in the online gallery. Users can view the designs from the gallery and customize the design. Framework lets users extract CAD drawings which can be used to fabricate the design using a CNC machine. The project is built as an open access network of git repositories delivering updated Javascript for the clients.</p> - <p>O-LAP is a community of makers who like to make furniture from code. Designers write code which can create designs for furniture pieces. They make the designs like a plugin into a web app. The app can then extract drawings from the designs which can be used to fabricate the design using a computer controlled machine (similar to 3D printing). Designers can get creative in different ways when they start writing code to create furniture designs. -For example they can make the design for a chair which changes for people with different heights, or furniture which learns from your genetic data to customise it for you. -We also adapt a new way of production so that such designs can be manufactured by anyone with a CNC machine. It distributes the task of production to independent makers, so the designs are fabricated closest to the place where they are needed, reducing transport. -The group has grown with people across the globe interested. It would be great to showcase it to the broader OS developer community.</p> - - Amit Nambiar - - - Project page - Sample design - Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:20 - AW1.120 - pitch_your_project - Pitch your project - Designers meet projects. Projects meet designers. - Open Source Design - devroom - - <p>This is one of the sessions we run every year.</p> - - - Bernard Tyers - Open Source Design Collective - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:50 - 00:10 - AW1.120 - open_source_design_closing_session - Closing session - - Open Source Design - devroom - - <p>We will close the Open Source Design devroom with a few words from all the collective and some comments from the people attending.</p> - - - Bernard Tyers - Open Source Design Collective - - - Submit feedback - - - - - - 10:30 - 00:25 - AW1.121 - qosf_oss_meets_qc - When open source meets quantum computing - Opening keynote - Quantum Computing - devroom - - <p>This talks overviews the available quantum computing paradigms and outlines the pratical possiblities of leveraging and exploring the promised power of quantum computing processors that developers have today.</p> - - - Tomas Babej - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:45 - AW1.121 - forest_oss_quantum_sdk - Forest: An Open Source Quantum Software Development Kit - - Quantum Computing - devroom - - <p>Rigetti Computing manufactures programmable quantum computers. As a part of that, they have developed a number of new technologies: a programming language, compiler, simulator, runtime, language bindings, and execution environment. Together, these form Forest, their quantum software development kit. We discuss Rigetti's open source quantum ecosystem, and how we see it developing in the coming year.</p> - <p>Rigetti Computing manufactures quantum integrated circuits, and they become computers when the silicon is made programmable. Programming a quantum computer is fundamentally different than programming a classical one. The earliest quantum computers will run hybrid quantum/classical algorithms, marrying traditional software approaches with very non-traditional paradigms born out of quantum mechanics.</p> - -<p>In this light, open source quantum software serves dual purposes. First, it makes the mathematical realities of quantum computing more accessible to non-experts, and second, it leverages the vast innovations made by countless open source software engineers around the world. Both of these serve to maximize the power of near-term quantum computers.</p> - -<p>We discuss the fundamental nature of an open source quantum development ecosystem, starting with the quantum programming language Quil, and discuss how that's made into a practical tool through open source quantum software development kits. We discuss Rigetti's open source quantum ecosystem called Forest, and how we see it developing in the coming year.</p> - - Robert Smith - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:50 - 00:30 - AW1.121 - dwave_delivering_practical_qc - Delivering Practical Quantum Computing on the D-Wave System - - Quantum Computing - devroom - - <p>Quantum computing pioneer D-Wave Systems has led the development of quantum hardware and software over the past two decades. And the company has always taken a slightly different approach. Learn how at each step along the quantum computing journey, the company’s pragmatic decisions have brought quantum computing to market. From the development of the only commercially-available quantum computer to the recent release of the first Quantum Application Environment, D-Wave has long been at the forefront of bringing practical quantum computing to customers. This approach has helped customers and users develop over 100 early applications with real-world implications in industries spanning healthcare, defense, and automotive.</p> - <p>Alexander Condello, Ocean stack developer, gives insight into the company’s growth, beginning with years of research and the development of the first quantum computer – a 28-qubit machine built in 2007. Ten years later, D-Wave would realize Dr. Richard Feynman’s original vision of a quantum simulator, proving that its quantum computers could be used to simulate quantum systems at a large scale. This year, the company launched Leap, the first real-time Quantum Application Environment that provides immediate access to a live quantum system. The Leap environment hosts a robust online community, learning demos, resources and software tools for developers to start writing and running code, today.</p> - -<p>From initial steps in hardware design to opening access through the quantum cloud, Alex discusses the technology and research that made this evolution possible, and what we can expect from the next era of quantum applications.</p> - - Alexander Condello - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:30 - AW1.121 - dwave_sdk - D-Wave's Software Development Kit - - Quantum Computing - devroom - - <p>D-Wave's Ocean software tools are an open source ecosystem for solving customer-scale problems on the quantum computer.</p> - -<p>The D-Wave System solves a particular problem - the Binary Quadratic Model (also known as the QUBO or Ising problem). We will provide an overview of the open source tools that are used to express your problem as a BQM and to convert that BQM into something that can be solved by the quantum computer.</p> - -<p>Finally we will motivate open sourcing these steps, and discuss the areas that interested users can participate in the project.</p> - - - Alexander Condello - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - AW1.121 - dwave_hybrid - D-Wave Hybrid Framework - - Quantum Computing - devroom - - <p>The D-Wave Hybrid is a general, minimal Python framework for building hybrid asynchronous decomposition solvers of quadratic unconstrained binary optimization (QUBO) problems. Designed in the spirit of the dataflow programming paradigm, and built atop the Ocean SDK primitives, it provides a simple workflow construction, execution and instrumentation environment that enables rapid development and tuning of hybrid applications running across classical and quantum systems. In the talk, we'll briefly discuss the motivation for some of our architectural decisions, briefly present available submodules, features and building blocks, only to focus on describing several interesting use cases (hybrid workflows).</p> - - - Radomir Stevanovic - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:35 - 00:45 - AW1.121 - ibmq - What is IBMQ - - Quantum Computing - devroom - - - - - Mark Mattingley-Scott - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:25 - 00:45 - AW1.121 - make_your_code_count_quantum_simulations_and_collaborative_code_development - Make your code count: Quantum simulations and collaborative code development - Introduction to QuTiP: the quantum toolbox in Python - Quantum Computing - devroom - - <p>Open source tools such as QuTiP - The Quantum Toolbox in Python are playing a big part in facilitating research in quantum technologies in both academia and the industry. Such tools provide the users with the software resources to model, simulate and study various quantum effects easily. QuTiP goes beyond the simulation of quantum circuits and facilitates the simulation of the physics of quantum devices. In this talk, I will take the example of some new developments in QuTiP to show the ease with which one simulate open quantum systems as well as contribute to the development of such software tools. We will discuss various parts of collaborative code development using Git, and possible optimizations of calculations. The talk will be an end-to-end discussion of how to collaborate, develop and distribute your own open-source tools for the study of quantum systems.</p> - <p>A major challenge to developing quantum computing is modeling the quantum systems themselves which are used to build quantum devices - superconducting circuits, ion traps, spin qubits, photonics. In addition to simulating quantum circuits and algorithms, simulating quantum physics itself is a challenging task and if we are to harness the power of quantum computing, we need to model quantum systems better and study the interactions of a quantum system with the environment and the effect of noise.</p> - -<p>QuTiP allows the user to simulate several quantum phenomena and study the effects of noise on an open quantum system. The open-source nature allows anyone to add and contribute code which makes it an excellent place to showcase new simulation techniques and quantum effects emerging from a research project. This also enables reproducibility and it can accelerate further study and research without the need to spend weeks reproducing previous results.</p> - -<p>I will introduce QuTiP and discuss several examples on how to use the tool. The examples will range from generating topological circuit descriptions from arbitrary quantum circuits to simulations of spin ensembles to simulating spin-boson models with strong and ultrastrong coupling.</p> - -<ol> -<li>Introduction</li> -<li>Open source projects for quantum computing and quantum simulations - a brief discussion on python based tools.</li> -<li>Beyond quantum circuits: simulating quantum physics with QuTiP.</li> -<li>Examples and latest additions to QuTiP</li> -<li>Contributing your own code to open source projects.</li> -<li>Conclusions</li> -</ol> - - - Shahnawaz Ahmed - - - QuTiP tutorials - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:15 - 00:45 - AW1.121 - xanadu_strawberry_fields - Strawberry Fields - software for photonic quantum computing - - Quantum Computing - devroom - - <p>n this talk, we introduce Strawberry Fields, an open-source quantum software library for light-based quantum computers. Built in Python, Strawberry Fields is a full-stack library for design, simulation, optimization, and quantum machine learning of photonic quantum circuits. The platform consists of three main components: (i) an API for quantum programming based on an easy-to-use language named Blackbird; (ii) a suite of three virtual quantum computer backends, built in NumPy and Tensorflow, each targeting specialized uses; and (iii) an engine which can compile Blackbird programs on various backends, including the three built-in simulators, and – in the near future – photonic quantum information processors. The library also contains built-in examples of several paradigmatic algorithms, including teleportation, (Gaussian) boson sampling, instantaneous quantum polynomial, Hamiltonian simulation, and variational quantum circuit optimization.</p> - - - Joshua Izaac - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:45 - AW1.121 - xanadu_penny_lane - PennyLane - Automatic differentiation and machine learning of quantum computations - - Quantum Computing - devroom - - <p>In this presentation, we introduce PennyLane, a Python-based software framework for optimization and machine learning of quantum and hybrid quantum-classical computations. PennyLane’s core feature is the ability to compute gradients of quantum circuits in a scalable way that is compatible with classical techniques such as backpropagation. PennyLane extends the automatic differentiation algorithms common in optimization and machine learning to be compatible with quantum and hybrid computations. The library provides a unified architecture for near-term quantum computing devices, supporting both discrete- and continuous-variable paradigms of quantum computation. A plugin system makes the framework compatible with any gate-based quantum simulator or hardware, including leading quantum software platforms such as Xanadu's Strawberry Fields, IBM's Qiskit, and Rigetti's PyQuil. PennyLane can be used for the optimization of variational quantum eigensolvers, quantum approximate optimization, quantum machine learning models, and many other applications.</p> - - - Nathan Killoran - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:55 - 00:45 - AW1.121 - google_qc - Quantum Computing at Google and in the Cloud - An update on Google's quantum computing program and its open source tools. - Quantum Computing - devroom - - <p>Google is a world leader in technology and a major contributor to a number of open source efforts. Google's quantum hardware and algorithms teams have achieved a number of quantum computing "firsts". This talk will present the Google quantum computing architecture, an update on current hardware implementations, and a description of the design and philosophy of Cirq, Google's open source programming language for near term "NISQ" (noisy intermediate-scale quantum) computers.</p> - - - Kevin D. Kissell - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:45 - 00:45 - AW1.121 - qosf_panel_discussion - Promotion of open source and role of standardization in Quantum Computing - Open panel discussion - Quantum Computing - devroom - - - - - Tomas Babej - Mark Fingerhuth - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:35 - 00:25 - AW1.121 - qosf_closing - Exponential speedup in progress - Closing remarks - Quantum Computing - devroom - - - - - Mark Fingerhuth - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:05 - AW1.125 - ada_welcome - Welcome to the Ada DevRoom - - Ada - devroom - - <p>Welcome to the Ada Developer Room at FOSDEM 2019, which is organized by Ada-Belgium in cooperation with Ada-Europe.</p> - <p>Ada-Belgium and Ada-Europe are non-profit organizations set up to promote the use of the Ada programming language and related technology, and to disseminate knowledge and experience into academia, research and industry in Belgium and Europe, resp. -Ada-Europe has member-organizations, such as Ada-Belgium, in various countries, and direct members in many other countries.</p> - - Dirk Craeynest - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:35 - 00:45 - AW1.125 - ada_introduction - An Introduction to Ada for Beginning and Experienced Programmers - - Ada - devroom - - <p>An overview of the main features of the Ada language, with special emphasis on those features that make it especially attractive for free software development.</p> - <p>Ada is a feature-rich language, but what really makes Ada stand-out is that the features are nicely integrated towards serving the goals of software engineering. If you prefer to spend your time on designing elegant solutions rather than on low-level debugging, if you think that software should not fail, if you like to build programs from readily available components that you can trust, you should really consider Ada!</p> - - Jean-Pierre Rosen - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:20 - AW1.125 - ada_sequential - Sequential Programming in Ada: Lessons Learned - - Ada - devroom - - <p>What's hot right now in the proposal for Ada 2020 is increased support of safe parallelism. However, the support for sequential programming in Ada 2012 is absolutely great and probably underestimated.</p> - <p>This presentation will demonstrate lessons learned from making an Ada binding to the Wayland Client API: how to leverage nested subprograms, pragma Unmodified, subpools, Gnatcheck and GPS to provide a flexible/enjoyable way of working and at the same time maximize compile-time error checking when developing sequential algorithms.</p> - - Joakim Strandberg - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - AW1.125 - ada_train - Autonomous Train Control Systems: a First Approach - - Ada - devroom - - <p>Numerous small villages in Austria have lost their connections to the railway network because it was no longer cost-effective to operate under a regular schedule. To re-establish these connections, FH Campus Wien started the project "autonome, schienengebundene, on-Demand, open-Track Systeme" AuSoDoTS (Autonomous rail bound on-Demand Open Track systems). The project's objective is to develop a concept for how to safely operate small autonomous trains, without a fixed schedule. Trains are only approaching to stations when a passenger explicitly requests them by pressing a button at the station or using a mobile app. A short track from Liesing at the edge of Vienna to Kaltenleutgeben, a small town in Lower Austria, could be one of the first test locations.</p> - <p>As a first approach a small model railway has been built. The model has two purposes. One is to find the optimal placement for passing loops where trains can pass each other, since the connection is mostly single track. The other is to test different scheduling algorithms for on-Demand service. To fulfill the strict safety aspects of a passenger transportation system, the programming language Ada is used and in following versions SPARK will be used as it can be formally verified to be correct then.</p> - - Julia Teissl - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:20 - AW1.125 - ada_parallel - Controlling the Execution of Parallel Algorithms in Ada - - Ada - devroom - - <p>Tasking in Ada provides an effective tool for shared memory parallelism. An "any time" algorithm is an algorithm that, given some more resources, will improve the accuracy of an estimate. For example, consider the estimation of Pi by a Monte Carlo method. With multitasking, the status of the running of an "any time" algorithm can be monitored without interrupts.</p> - <p>The programming concepts will be illustrated with examples of algorithms in polyhedral geometry. The demonstrated code belongs to the free and open source PHCpack, at https://github.com/janverschelde/PHCpack.</p> - - Jan Verschelde - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:20 - AW1.125 - ada_database - Persistence with Ada Database Objects - - Ada - devroom - - <p>The presentation describes how Ada Database Objects helps in connecting to an SQLite/MySQL/PostgreSQL database from Ada. It explains how by mapping SQL tables in Ada records, it simplifies saving and updating database records and makes the application more safe and reliable. The presentation will briefly describe the Ada code generator (Dynamo) that is behind this.</p> - - - Stephane Carrez - - - More info on Ada-Belgium web site - GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - AW1.125 - ada_compression - Shrink your Data to (almost) Nothing with Trained Compression - - Ada - devroom - - <p>We will show a new Trained Compression generic plug-in, which can leverage prior information about the data to be transmitted for reducing further raw compressed streams. We will also present a pick-and-choose technique feature called "Preselection" for improving the Zip archiving process.</p> - <p>The Zip-Ada library has met over the years the needs of several professional users who need the file archiving features, or the data compression features to reduce storage and shorten transmission times. We will show the evolution of this full-Ada portable library and the advantages of using it.</p> - - Gautier de Montmollin - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:20 - AW1.125 - ada_shell - GSH: an Ada POSIX Shell to Speed Up GNU Builds on Windows - - Ada - devroom - - <p>GSH is an implementation of a POSIX shell developed for the Windows platform. The aim of the project is to speed up builds of GNU projects on Windows in a large automated build infrastructures. GSH can be used to compile projects depending on autotools, UNIX make, ... It is up to 2-3 times faster than Cygwin shells for GCC builds.</p> - <p>In this talk I will present:</p> - -<ul> -<li>what makes GSH faster than other Windows shells for building GNU projects;</li> -<li>how GSH was developed;</li> -<li>how you can use it to speed up your builds;</li> -<li>the limitations;</li> -<li>what features of Ada we benefit from in this project.</li> -</ul> - - - Nicolas Roche - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:20 - AW1.125 - ada_safety - What is Safety-Critical Software, and How Can Ada and SPARK Help? - - Ada - devroom - - <p>We are (too much) used to software having bugs as an unavoidable fate. But for safety-critical software, like the code that's driving planes or trains, "Failure is Not an Option".</p> - <p>This presentation exposes the constraints of such software, and how they require a special state of mind, special methods, and special tools - like Ada and SPARK. And these can be useful for more casual programming - zero bug software is nice, even when not safety-critical!</p> - - Jean-Pierre Rosen - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - AW1.125 - ada_secureweb - Secure Web Applications with AWA - - Ada - devroom - - <p>Web application security is often underestimated, and using a secure framework can help reduce application vulnerabilities. Ada Web Application (AWA) is a web framework that leverages Ada's safety features to provide a secure environment on top of which safe applications are built. AWA is based on several Java-like technologies such as Java Beans, Java Servlet, Java Server Faces, other standards such as OAuth2, REST and OpenAPI, all implemented in Ada.</p> - <p>This presentation briefly describes the AWA architecture and how applications are built with it. The presentation highlights some of the Ada functionalities that contribute to the safety and make applications secure and reliable.</p> - - Stephane Carrez - - - More info on Ada-Belgium web site - GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:20 - AW1.125 - ada_distribution - Distributed Computing with Ada and CORBA using PolyORB - - Ada - devroom - - <p>Imagine you have a fantastic Ada program or library but you want more! You want it to be scalable and used by other developers with other languages. The goal of this presentation is to show you the way to achieve it without bending to fashion. :) As of today, we see distributed computing as Web services, mainly RESTful stuff. Some technologies exist since years and are working successfully in many systems. One of these is CORBA which allows Object-Oriented communication between applications in languages such as Ada or C++.</p> - <p>In this presentation, the chosen middleware providing CORBA infrastructure is PolyORB. We will use it to make a distributed version of an existing piece of software, the Corporate Bullshit Generator (CBSG), and create client applications in C++ and Ada. This will allow us to put the power of Ada and PolyORB into a distributed system.</p> - - Frédéric Praca - - - More info on Ada-Belgium web site - The code linked to the presentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:20 - AW1.125 - ada_bindings - Cappulada: Smooth Ada Bindings for C++ - - Ada - devroom - - <p>Writing Ada bindings for C and especially for C++ is a tedious but not necessarily sophisticated task. There are several approaches to both C and C++ but many of them lack desired language features, generate non-compilable code or are project specific.</p> - <p>With Cappulada (a coinage of coupling, CPP and Ada made pronounceable) we try a more general approach that aims to support complex language features such as templates or inheritance while providing a semantically appropriate mapping of object structures and types. The talk will also cover which features can be mapped and what is not feasible or possible.</p> - - Johannes Kliemann - - - More info on Ada-Belgium web site - Cappulada on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:20 - AW1.125 - ada_archiving - The AZip Archive Manager: a full-Ada Open-Source Portable Application - - Ada - devroom - - <p>If you open the AZip application with a can opener, it will look like an Ada programmer's paradise: you'll find Ada on all levels:</p> - -<ol> -<li>the AZip user interface (UI framework specific);</li> -<li>the AZip abstract application layer (platform-independent);</li> -<li>the archive and data compression library (Zip-Ada);</li> -<li>the user interface framework (GWindows);</li> -<li>the run-time library (GNAT's).</li> -</ol> - - -<p>We will quantify this.</p> - <p>Portability is matched on three different definitions of the word:</p> - -<ol> -<li>platform-independence for the abstracted part and the Zip-Ada library - no porting effort at all there;</li> -<li>you can easily port the user interface layer since most of the job is done in the abstracted part;</li> -<li>no installation needed: the version built on GWindows is contained in a single executable file and can be run from a USB stick; it can be even run in a stealth mode, without writing settings to the registry of the host system.</li> -</ol> - - - Gautier de Montmollin - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:20 - AW1.125 - ada_pointers - Proof of Pointer Programs with Ownership in SPARK - - Ada - devroom - - <p>Pointers are a notorious "defect attractor", in particular when dynamic memory management is involved. Ada mitigates these issues by having much less need for pointers overall (thanks to first-class arrays, parameter modes, generics) and stricter rules for pointer manipulations that limit access to dangling memory. Still, dynamic memory management in Ada may lead to use-after-free, double-free and memory leaks, and dangling memory issues may lead to runtime exceptions.</p> - -<p>The SPARK subset of Ada is focused on making it possible to guarantee properties of the program statically, in particular the absence of programming language errors, with a mostly automatic analysis. For that reason, and because static analysis of pointers is notoriously hard to automate, pointers have been forbidden in SPARK until now. We are working at AdaCore since 2017 on including pointer support in SPARK by restricting the use of pointers in programs so that they respect "ownership" constraints, like what is found in Rust.</p> - <p>In this talk, I will present the current state of the ownership rules for pointer support in SPARK, and the current state of the implementation in the GNAT compiler and GNATprove prover, as well as our roadmap for the future.</p> - - Yannick Moy - - - SPARK RM on pointers - learning SPARK - downloading SPARK (as part of GNAT) - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:50 - 00:10 - AW1.125 - ada_wrapup - Informal Discussions & Closing - - Ada - devroom - - <p>Informal discussion on ideas and proposals for future events.</p> - - - Dirk Craeynest - - - More info on Ada-Belgium web site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:45 - AW1.126 - riscvllvmclang - LLVM+Clang for RISC-V - Past, present, and future - RISC-V - devroom - - <p>This talk will give an update on the journey towards upstream, production-ready support for RISC-V in LLVM, Clang, and related projects. It will detail the project's start, current status, and next steps with a special focus on the work for support for building 64-bit Linux binaries (hard-float ABI, TLS, PIC etc.</p> - - - Alex Bradbury - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 01:00 - AW1.126 - riscvdebian - Porting Debian to the RISC-V architecture - Tales from a long quest - RISC-V - devroom - - <p>The talk tells the story of how the <a href="https://www.debian.org/">Debian GNU/Linux</a> port for the RISC-V architecture came to life and describes the steps and challenges involved in adding support for a completely new architecture to one of the major Linux distributions. It provides an overview of the current state of the port and gives an outlook on further developments.</p> - - - K. Merker - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:45 - AW1.126 - riscvsbi - The future of Supervisor Binary Interface(SBI) - - RISC-V - devroom - - <p>Supervisor Binary Interface (SBI) is one of the most fundamental -interfaces in RISC-V eco-system. It allows the operating system to -interact with the supervisor execution environment (SEE). The SEE always -runs in higher privileged mode than the supervisor OS. It can be -a simple bootloader in low-end hardware platform, a hypervisor-provided -virtual machine in a high-end server, or simply machine mode software in -bare metal systems. An unchecked rapid development of many RISC-V systems -could lead to incompatibilities between different systems SEE, preventing -the use of a common OS binary image.</p> - -<p>The RISC-V ISA has defined SBI to provide a cleaner interface for the -supervisor OS which makes virtualization and bring-up of new hardware -platforms much easier. In hypervisor extended supervisor (HS) mode, an OS or -hypervisor interacts with the machine through the same SBI as an OS -normally does from supervisor mode. An HS-mode hypervisor is expected to -implement the SBI for its virtualized supervisor (VS) mode guest. The -current RISC-V SBI only defines a few mandatory functions such as -inter-processor interrupts (IPI) interface, reprogramming timer, serial -console, and memory barrier instructions. Many important functionalities -such as CPU/system power management are not yet defined due to -difficulties in accommodating modifications without breaking backward -compatibility with the current interface.</p> - -<p>This talk presents the ongoing work to make SBI an extensible yet robust -specification. The proposal to extend SBI is based on the foundation -policy of RISC-V i.e. modularity and openness. It will always be -backward compatible with previous versions including the existing aka -legacy version. To achieve that, the focus will be only to develop a -Base SBI extension that will contain feature list, version and vendor -type queries. Once that is ratified, the future extension such as -CPU/system power management, vendor extensions can be developed in -parallel. The use cases and calling convention of these extensions will -be discussed in details. We will also talk about a reference -implementation i.e. OpenSBI for the SBI specification. This project will -be licensed under most permissive software license which will allow -everybody to reuse the OpenSBI code base in their favorite software -eco-system in whatever way choose to do so. This will help in reducing -SBI fragmentation in future as well.</p> - -<p>In the spirit of the open design nature of RISC-V, the goal of this -presentation is to continue the open discussion leading to the -formalizing RISC-V SBI specification simplifying both hardware and -software designs and doing so, contributing to further development of -the RISC-V ecosystem.</p> - - - Atish Patra - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:45 - AW1.126 - riscvadaspark - Alternative languages for safe and secure RISC-V programming - - RISC-V - devroom - - <p>In this talk I want to open a window into the wonderful world of "alternative" -programming languages for RISC-V. What can you get by looking beyond C/C++.</p> - -<p>So I will start with a quick introduction to the Ada and SPARK languages, the -benefits, the hurdles. I will also present an overview of the applications and -domains where they shine, when failure is not an option.</p> - -<p>I will then do a short getting started session and provide all the details for -you to start RISC-V programming with Ada/SPARK on different platforms (QEMU, -HiFive1, FPGAs with PicoRV32).</p> - -<p>At the end of the talk, I will give my view of the RISC-V architecture and -community from the perspective of an alternative languages developer. I will -cover the good points, the risks, and provide some ideas on how the RISC-V can -keep the door open.</p> - - - Fabien Chouteau - - - Ada on FPGAs with PicoRV32 - Embedded.fm podcast where I talk about Ada and SPARK - Ada/SPARK e-learning website - GNAT Community release (Ada compiler) including RISC-V32 on Linux - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:15 - 00:30 - AW1.126 - riscvcompact - How compact is compiled RISC-V code? - - RISC-V - devroom - - <p>RISC-V is an increasingly popular architecture for embedded systems. For such systems, compiled code density is a critical factor, particularly for deeply embedded and low power systems, where memory may be very -constrained. Architectures in this space are often designed to improve code density. Thus ARM has its Thumb-2 instructions and RISC-V has its compressed instructions.</p> - -<p>If compiler tool chains are to generate compact code, we need to be able to measure how well we are doing. In this talk I shall present measurements of code density for 32-bit RISC-V, ARM and ARC architectures using the GCC and Clang/LLVM compiler tool chains using the BEEBS benchmark suite for deeply embedded systems (http://beebs.eu/). I shall show how confounding factors (such as emulation library implementation and C run-time startup) can be eliminated from such measurements, to ensure the results are meaningful.</p> - -<p>The purpose of this exercise is not to show that any one architecture is "best" but to provide insight which will drive compiler optimization for code density. I shall use the data to highlight areas where the RISC-V compiler tool chain can be improved, drawing on customer work carried out by Embecosm during 2018.</p> - - - Jeremy Bennett - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:45 - 00:30 - AW1.126 - riscvfreertos - FreeRTOS on RISC-V - Running the FreeRTOS kernel in RISC-V emulators and RISC-V hardware - RISC-V - devroom - - <p>The open source (now MIT licensed) <a href="https://www.freertos.org" title="FreeRTOS Kernel">FreeRTOS kernel</a> has been helping embedded developers manage the complexity of their microcontroller designs for 15 years – during which time FreeRTOS has gained a reputation for reliability, ease of use, and responsive support. FreeRTOS now runs on RISC-V! In this talk you will see how easy it it to execute the FreeRTOS kernel in open source RISC-V emulators and on physical RISC-V microcontrollers, as well as learn how to port the FreeRTOS kernel to new RISC-V implementations.</p> - - - Richard Barry - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:45 - AW1.126 - riscvhelenos - Lessons learned from porting HelenOS to RISC-V - Pros and cons of RISC-V from a microkernel OS point of view - RISC-V - devroom - - <p>HelenOS is an open source operating system based on the microkernel multiserver design principles. One of its goals is to provide excellent target platform portability. From the time of its inception, HelenOS already supported 4 different hardware platforms and currently it supports platforms as diverse as x86, SPARCv9 and ARM. This talk presents practical experiences and lessons learned from porting HelenOS to RISC-V.</p> - <p>While the unprivileged (user space) instruction set architecture of RISC-V has been declared stable in 2014, the privileged instruction set architecture is technically still allowed to change in the future. Likewise, many major design features and building blocks of HelenOS are already in place, but no official commitment to ABI or API stability has been made yet. This gives an interesting perspective on the pros and cons of both HelenOS and RISC-V. The talk also points to some possible research directions with respect to hardware/software co-design.</p> - - Martin Děcký - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:15 - 00:45 - AW1.126 - riscvtee - Updates from the RISC-V TEE Group - Working on a Trusted Execution Environment spec for RISC-V - RISC-V - devroom - - <p>In this talk, I'll try to provide an overview of the RISC-V Trusted Execution Environment working group, and what we are working on.</p> - <p>A Trusted Execution Environment guarantees the integrity and confidentiality of code and data, ARM has TrustZone, Intel has SGX, and we are working on a similar spec for RISC-V. Our main tool is Physical Memory Protection (PMP) functionality of RISC-V (part of the Privilege spec) for isolating memory regions of the execution environment's hart (hardware thread) from the rest of the harts on the system. We are also working on a proposal for an I/O PMP hw block for providing similar memory isolation between the different devices on the system (bus masters). The goal is to provide a flexible and scalable solution, that can work from 32bit embedded devices without MMU, to large 64bit systems with virtual machines etc, and keep it as simple and RISCy as possible.</p> - - Nick Kossifidis - - - Current privilege spec - Description of the TEE working group - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:15 - 00:45 - AW1.126 - riscvsail - Using SAIL to generate GNU assembler/disassembler and simulator for RISC-V - - RISC-V - devroom - - <p>At the GNU Tools Cauldron, my colleague, Jeremy Bennett, showed how the -long established GNU tool, CGEN, can be used to create an assembler, -disassembler and simulator from a semi-formal description of the RISC-V -architecture in Scheme (https://gcc.gnu.org/wiki/cauldron2018#cgen).</p> - -<p>However the CGEN specification in Scheme is far from rigorous by today's -standards. Alastair Reid of ARM has shown how SAIL can be used to -define rigorous semantics for RISC-V in a paper to be presented at POPL -in January 2019 (https://alastairreid.github.io/papers/POPL_19/).</p> - -<p>In this talk I shall show how a SAIL specification can be transformed -into a CGEN framework. Using this approach, a rigorous SAIL semantic -specification can be used to generate a practical GNU assembler, -disassembler and simulator.</p> - -<p>This will is a work in progress - the project is not due to finish until -May 2019. I shall explore the general approach used, and the areas where -the greater rigour of SAIL runs into problems with the limitations of -CGEN Scheme specification.</p> - - - Mary Bennett - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:30 - AW1.126 - riscvbuildroot - Buildroot for RISC-V - Using Buildroot to create embedded Linux systems for 64-bit RISC-V - RISC-V - devroom - - <p>Buildroot is an embedded Linux build system that generates complete system images from source for a wide range of boards and processors. I have recently added support for 64-bit RISC-V to the official Buildroot distribution which make it a viable alternative to other build systems for RISC-V such as Yocto.</p> - -<p>During this presentation I will give a brief overview of Buildroot and how it compares to Yocto for those in the audience who are unfamiliar with these systems. In the main part of the talk I will look at the issues relating to the implementation of RISC-V support, based on my experiences. This will include a look at the status of the RISC-V software ecosystem with regard to the selection of a suitable toolchain, C library, kernel and bootloader. I will then run through how to configure and build a minimal system for booting under QEMU. Finally I will consider any further work required to improve Buildroot for RISC-V including the status of 32-bit support.</p> - - - Mark Corbin - - - Buildroot for RISC-V blog post - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:30 - AW1.126 - riscvfedora - Fedora on RISC-V 64-bit - Introduction, Brief Overview and Latest Developments - RISC-V - devroom - - <p>The talk provides introduction to Fedora/RISCV bootstrap efforts for the last 2+ years. In addition to that, we will overview our current build infrastructure (powered by Koji), different disk image flavors, setup instructions and differences between upstream Fedora and Fedora/RISCV. We will look into future ideas, short-term plans (tentative) for Fedora 30/Rawhide and general wish-list for RISC-V eco-system.</p> - -<p>Share with us what is important for you or/and your company. This will help us to focus our efforts on important parts.</p> - - - David Abdurachmanov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:30 - K.3.201 - dotnet_wasm_toolchain - .NET on the Web with Mono WebAssembly - - .NET and TypeScript - devroom - - <p>Using WebAssembly, Mono can now run your C# and F# code in the web browser. You'll learn about Mono's WebAssembly backend and the AOT and interpreter engines that power it, and see its modern dotnet SDK based toolchain in action.</p> - - - Mikayla Hutchinson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - K.3.201 - typescript_advanced_tooling - Advanced TypeScript tooling at scale - - .NET and TypeScript - devroom - - <p>Tooling has always been a focus for TypeScript and a large reason for its success. TypeScript code intelligence is available across many editors and even web-based tools, all provided by the same service TypeScript ships out-of-the-box with the compiler itself. This presentation gives a tour and history of how TypeScript is able to provide the same great experience to many different clients through the tsserver and tsserver protocol, as well as how it influenced and fits into newer efforts like the Language Server Protocol. I will show how it can be used to provide code intelligence features like jump-to-definition and find-references at cross-repository scale, using some of TypeScript’s newest features like declaration maps and combining it with lesser-known interesting features of the JavaScript package management tooling. -At the end of this talk, the audience will know how TypeScript tooling works under the hood and how it can be combined with other tools in the ecosystem to make developers more productive. The goal is to inspire innovation in the TypeScript tooling ecosystem by showing what is possible and how.</p> - - - Felix Becker - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - K.3.201 - typescript_il_game_modding - Typescript => IL => Game Modding Supercharged - - .NET and TypeScript - devroom - - <p>In the game development world, games are built in layers, and it's common to have different languages for the different layers. C/C++ is a common choice for the engine layer, while C# is a popular choice for the scripting layer - the one that gameplay is implemented with, and the one available for users to mod their games with. There's multiple engines built on C# (Unity and Monogame come to mind).</p> - -<p>When I started implementing my own runtime-moddable game with Unity, I realized how awkward C# is for scripting, and how there just might be a better language for this. In this talk we'll look at what a game scripting language ideally needs and does, why C# is not quite the best of fits, and why Typescript is - when it targets the .NET runtime!</p> - -<p>At the end, you'll hopefully have a better understanding of how languages fit in game development and what (great!) tooling Typescript has for introspection and compiling.</p> - - - Andreia Gaita - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - K.3.201 - dotnet_fsharp_js_ecosystem - Hacking F# in JS ecosystem - - .NET and TypeScript - devroom - - <p>Javascript has conquered the world - developers can use it in the browser, on the server, to write mobile apps, on the desktop with Electron, and even to create serverless services. Like the language or not, the truth is JS developers have built an incredible ecosystem with libraries and tools to do almost anything. During the talk I'll show how to bring the power of F# - the functional paradigm, static typing with type inference, pattern matching, and more modern language features - to this huge and rich JS world using Fable - F# to JS compiler. Fable doesn't add any runtime overhead and generates clean JS code in conformance with new ES6 patterns, like modules or iterables, making it compatible with modern development tools, including Github Electron or React Native to let you develop not only web, but also cross platform desktop and mobile apps. I'll demonstrate how to create different types of JS applications using F# - from React-based frontend application, through mobile app using React Native to serverless services.</p> - - - Krzysztof Cieslak - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:15 - K.3.201 - dotnet_retro_console - AMENDMENT Retro.NET - .NET for building Console Applications - - .NET and TypeScript - devroom - - <p>In this talk, we will discuss Miguel’s pet projects to build console applications. To this day Miguel continues to use Midnight Commander, and he wants to bring the joy of developing user interfaces in consoles to the world of .NET programmers.</p> - -<p>(Please note that this replaces the talk 'Do you think is easy to create a console app?' by Eduard Tomàs.)</p> - - - Miguel De Icaza - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:45 - 00:15 - K.3.201 - dotnet_netcore_dbus - Connecting .NET Core to D-Bus - - .NET and TypeScript - devroom - - <p>Accessing D-Bus services from .NET.</p> - <p>D-Bus provides a bus for accessing system and desktop services.</p> - -<p>In this talk we'll use Tmds.DBus to access those services from .NET Core.</p> - -<p>Tmds.DBus is a fork of dbus-sharp, updated with asynchronous programming patterns introduced in .NET 4.5.</p> - -<p>The library comes with a cli tool that generates a strongly-typed representation of a D-Bus service.</p> - -<p>We'll build a small example application that consumes a D-Bus service.</p> - - Tom Deseyn - - - git repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:15 - K.3.201 - dotnet_valkyrja_eating_servers - Valkyrja and the tale of eating servers using C# - Valkyrja project - why .NET Core, C# & Fedora Linux in production? - .NET and TypeScript - devroom - - <p>Who is Valkyrja, and what is she like? Why did she choose .NET Core on Fedora? Her mum will tell you the story, about Valkyrja outgrowing the Raspberry Pi and what kind of diet she went on to stop eating up all the performance of an expensive VPS.</p> - -<p>Story driven presentation of a small open source project with character and all the obstacles she had to overcome.</p> - - - Radka Janeková - - - Blog - Twitter - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:15 - 00:15 - K.3.201 - typescript_time_to_migrate - TypeScript-It's time to migrate! - - .NET and TypeScript - devroom - - <p>TypeScript adoption it's been a reality in the last years. This presentation is going to be an explanation on how we can take advantage of TypeScript compiler to have a smooth migration from JavaScript to TypeScript.</p> - <p>Maintaining big projects in JavaScript can be a hard task. Wouldn't be great if we could gradually migrate our applications to TypeScript? Having types and access to all features from the latest EcmaScript versions can help us scaling and maintaining our code. TypeScript compiler allow us to compile JavaScript code and at the same time takes advantage of definitions to make type checking. Using this features we can easily start migrating our code base to TypeScript over time avoid headaches.</p> - - Marco Talento - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - K.3.201 - dotnet_interactive_fsharp_with_jupyter - Interactive Computing with F# Jupyter - - .NET and TypeScript - devroom - - <p>Notebooks let you blend code, data, and graphical visualisations to explore and share explanations. I’ll show how you can use F# in Jupyter to investigate data, train machine learning models, and visualise results.</p> - -<p>You'll learn how to use F# and several NuGet libraries in a more interactive setting than your usual development environment. I'll talk about how we use this in our work on programming biology, and ways other people may find it useful to work with data scientists.</p> - -<p>It's an open source project https://github.com/fsprojects/IfSharp and there are several ways people could help from connecting to more analysis tools to helping with the migration to .NET Core.</p> - - - Colin Gravill - - - Example usage - Samples for talk - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - K.3.201 - typescript_for_infrastructure - Infrastructure as Typescript - - .NET and TypeScript - devroom - - <p>Modern cloud applications consist of many moving parts, so they are hard to manage without employing Infrastructure-as-Code approach.</p> - -<p>Traditionally, tools like CloudFormation, ARM templates and Terraform employ text-based templates, which tend to be verbose and hard to create and reuse.</p> - -<p>What if instead of configuration files you could just use Typescript? Meet Pulumi—an open-source library which brings types, components, conditionals, and much more to your cloud infrastructure definition.</p> - - - Mikhail Shilkov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - K.3.201 - dotnet_xaml_to_il - Why, and How, we compiled Xaml into IL - - .NET and TypeScript - devroom - - <p>Some years ago we started to compile some bits of the Xamarin.Forms Xaml directly into IL. It’s now fully turned on into our templates, and on par with the runtime Xaml loader. -In this short talk you’ll learn about the story that got us there, about some of the internal cooking of Xamarin.Forms, and what our plans are for that Xaml compiler.</p> - - - Stéphane Delcroix - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - K.3.201 - dotnet_netcore_2_1_in_production - .NET Core 2.1 in Production - How Namely develops .NET Core services - .NET and TypeScript - devroom - - <p>In this talk, Steve will discuss the benefits and challenges his team found using .NET Core 2.1 in production at Namely.com. We'll discuss .NET Core service deployment in containers on Kubernetes, how we monitor our services with logs, charts, and alerting, and how we use service templates and a common .NET Standard helpers library to promote consistency and type safety, and to implement new services fast.</p> - -<p>You'll hear about some of the issues we encountered while using .NET Core - such as the BadImageFormatException with New Relic or the HttpClient "CPU leak" issue - and which ones you will still need to watch out for (like Kubernetes OOM-kills).</p> - <p>We've been using .NET Core in production at Namely since 2017. We started with three ASP.NET Core WebAPI projects, and now also deploy .NET Core services that are scaffolded from Protobuf definitions and communicate via gRPC. Steve will talk about some of the issues we encountered while deploying .NET Core 2.0 and 2.1, and how we resolved them (and which ones you'll still have to look out for because they're unfixed as of December 2018). He will also demonstrate the process of how to define a service in the Protobuf format, and how we scaffold our .NET services (and clients) from the proto, taking advantage of some of our common internal NuGet libraries. Steve will demonstrate how to compile a proto to a TypeScript API client - since the server is also scaffolded from the same proto, we call this "NotSupportedException as a Service". Lastly, Steve will talk about how we build and run our .NET services in Docker containers on Linux with Kubernetes deployed via Spinnaker.</p> - - Steve Ognibene - - - Namely Docker Proto Compiler - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - K.3.201 - dotnet_medical_imaging - Medical image reconstruction using the .NET Framework - - .NET and TypeScript - devroom - - <p>Medical image reconstruction is a highly demanding topic in terms of processing power, memory consumption and computational complexity. In the past several low level approaches have been conducted that improved performance but made such systems become inflexibel and reduced maintainability. This presentation shows a setup of using the .NET framework as well as a GPU-based integration in the C# language. Several topics in image reconstruction and processing will be shown in the context of medical image processing. Additionally, challenges and problems of .NET and C# are discussed.</p> - <p>Since the introduction of Computed Tomography (CT) as a medical diagnostic imaging procedure 40 years ago, there are still unresolved challenges regarding radiation dose, image quality and image reconstruction. One of the major concerns is radiation dose applied to the patient and - not frequently mentioned - the medical staff. For that reason, several new inventions have been made that improve the equipment of the CT-scanning device, for example X-ray sources and detectors systems. Recently, new developments in the computing power of modern computers have led to new approaches that enable the replacement of traditional reconstruction methods (filtered backprojection) by using iterative or AI-based methods as well as cloud-based approaches that allow both, the reduction of radiation dose and a tremendous improvement in image quality.</p> - -<p>However, evaluating new methods require a solid development environment to allow for and simple and convenient implementation of new ideas and algorithms. Although there are several well-known and established platforms that are a good starting point for plain prototyping, an efficient execution of code inside these platforms is often challenging with regard to the management computing power and memory resources. Additionally, shipping prototypes to customers for evaluation is often not easy.</p> - -<p>This presentation starts with a basic introduction into medical image acquisition and reconstruction, followed by a short explanation of the storage of image data using the DICOM (digital imaging and communications and medicine) standard. Afterwards it is shown how the .NET environment using C#, .NET and .NET Core, WPF and the nVidia computing platform (CUDA) can be applied as a modular prototyping platform for developers, researchers and customers in order to develop new algorithms and to conduct clinical and scientific studies.</p> - -<p>The presentation will end with a summary of state-of-the-art development with C# and point out challenges that exist with managed runtime environments regarding memory management, performance and missing language and CLR features that would help to further improve the development within the C#/.NET environment in the light of high performance computing.</p> - - Martin Sedmair - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - K.3.201 - dotnet_intel_intrinsics_netcore - Intel® Hardware Intrinsics in .NET Core - - .NET and TypeScript - devroom - - <p>In this presentation, we will talk about the Intel Hardware Intrinsics in .NET Core, a new feature in .NET Core 3.0. For the first time, .NET developers will have the ability to directly exercise underlying CPU features, very similar to what C/C++ developers could do with intrinsic functions for their performance critical code. The Intel Hardware Intrinsics in .NET Core include more than 1300 intrinsic functions, which cover the instruction set architecture (ISA) SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AVX, AVX2, FMA, LZCNT, POPCNT, BMI1, BMI2, PCLMULQDQ, and AES. Many of the intrinsic functions are designed for Single Instruction Multiple Data (SIMD) computation, a common used technology to speed up computation intensive algorithms. To illustrate the benefits of using Hardware Intrinsics, we implemented a Structure of Array (SoA) based RayTracer and compared its performance with that of the traditional Array of Structure (AoS) based RayTracer which uses System.Numerics.Vectors. Our experience shows that significant performance improvement is possible when using Hardware Intrinsics for this particular application. Another use case is ML.NET, an open source machine learning framework for .NET developers, which leverages the Intel Hardware Intrinsics to simplify the acceleration of machine learning scenarios.</p> - -<p>We will give an overview of SIMD and the Intel Hardware Intrinsics in .NET Core. In addition, we will talk about the differences of System.Numerics.Vectors and System.Runtime.Intrinsics, which are the two different ways to use SIMD in .NET Core. we will show live demos on how to use Intel hardware intrinsics. By the end of the presentation, the audience will learn the current status of the Intel Hardware Intrinsics in .NET Core and how to use the Intel Hardware Intrinsics to speed up their code.</p> - - - Han Lee - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - K.3.201 - dotnet_fsharp_reinventing_mvc - Reinventing MVC pattern for web programming with F# - - .NET and TypeScript - devroom - - <p>The MVC pattern has been one of the most important architectural patterns for server-side web development - it has been implemented and popularized by frameworks like Ruby On Rail or ASP.NET MVC. However, this pattern was traditionally coupled with object-oriented programming. In the talk, I will show how to reinvent MVC pattern, and structure your web application in a functional language - F#.</p> - -<p>The talk will cover some brief introduction to F# - modern functional programming language running on .Net platform, show how to model MVC layers using functional composition, and at the end show some examples of applying MVC pattern with Saturn - opinionated, web development framework for F# which implements the server-side, functional MVC pattern</p> - - - Krzysztof Cieslak - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:30 - K.3.201 - dotnet_runtime_tuning - Tuning a Runtime for Both Productivity and Performance - - .NET and TypeScript - devroom - - <p>Developers generally enjoy increased productivity when working in a managed code environment. What might not be obvious to them is the amount of investment in the managed code’s Virtual Machine to enable both productivity and high performance. Microsoft’s .NET team would like to share how they designed the runtime environment to balance convenience, fast startup, serviceability, low latency, high throughput. For examples services such as JIT compilation, TypeSystem, garbage collection all provide convenience but come at a cost. The challenges presented are common to many environments – you do not need to be a .NET developer to attend this talk.</p> - -<p>If you are a .NET developer, you can leverage the tools demo in this talk to tune your application as well.</p> - - - Mei-Chin Tsai - Sergiy Kuryata - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:45 - K.3.201 - dotnet_open_source_panel - Panel: Open Source .NET - - .NET and TypeScript - devroom - - <p>Come here our panelists discuss the past, present and future of open source .NET. There will also be opportunities to ask questions.</p> - - - Radka Janeková - Mikayla Hutchinson - Krzysztof Cieslak - Miguel De Icaza - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:15 - 00:45 - K.3.201 - dotnet_typescript_lightning_talks - .NET and TypeScript Lightning Talks - - .NET and TypeScript - devroom - - <p>Do you want to give a talk about .NET or Typescript but didn't submit a proposal in time? Sign up on the day for a lightning talk! Slots will be around 5 minutes.</p> - -<p>Although you can sign up in person at the event, if you'd like to discuss your talk idea in advance, feel free to email m.j.hutchinson at gmail.</p> - - - Mikayla Hutchinson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:25 - K.3.401 - 25_years_of_freebsd - 25 Years of FreeBSD - - BSD - devroom - - <p>FreeBSD is 25 years old! Learn the history of FreeBSD, why its use is increasing, and why you should use and/or contribute to FreeBSD!</p> - - - Deb Goodkin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:40 - K.3.401 - freebsd_ci_cd_environment - How to build a FreeBSD CI/CD environment based on pot container - - BSD - devroom - - <p>The talk presents a project that use pot containers to implement a CI/CD pipeline on FreeBSD. The presentation highlights the internal structure of the project, showing how jails and ZFS are used to efficiently implement a build pipeline.</p> - - - Luca Pizzamiglio - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:45 - 00:45 - K.3.401 - automated_firewall_testing - Automated firewall testing - - BSD - devroom - - <p>We're all convinced that automated tests are a good idea. For some applications (e.g. grep, awk, cc, ...) this is very straightforward. Others are a lot harder to test, for example firewalls. -Typically testing firewalls takes two to three hosts. One to send traffic, the firewall test host and one to receive traffic. This makes automated test orchestration complex and brittle. This in turn means that tests either don't get written, are difficult to write and/or suffer random failures unrelated to issues in the firewall itself. Virtualisation has made this all somewhat easier, but it's still fiddly and difficult to make robust. It's also slow.</p> - -<p>The new FreeBSD network stack virtualisation lets us build on the existing jails system to build test setups, execute tests and clean up in mere seconds, without any requirement for additional hardware, or even hardware virtualisation support.</p> - <p>FreeBSD 12 will ship with network stack virtualisation (known as VIMAGE or vnet). This is an important feature for many applications, one of which is automated network stack and firewall testing. -As of FreeBSD 12 PF fully support VIMAGE, allowing users to configure a firewall for each jail.</p> - -<p>This talk will introduce VIMAGE and show how it can be used to easily write firewall tests. If there's time a few interesting bugs and their test cases will also be discussed.</p> - - Kristof Provost - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:35 - 00:20 - K.3.401 - testing_freebsd_risc_v5 - Embedded FreeBSD on a five-core RISC-V processor using LLVM - How hard can it be? - BSD - devroom - - <p>In this talk we describe our experience of bringing up embedded FreeBSD for a heterogeneous 32/64-bit RISC-V system using LLVM, which was more difficult than you might expect. We look at the practical engineering steps needed to bring up an embedded operating system where many of the key components are not fully mature. The result is a reference embedded FreeBSD implementation for RISC-V, freely available to the community.</p> - <p>We were tasked with bringing up and testing embedded FreeBSD on a custom five-core 32/64-bit RISC-V processor using LLVM. Given FreeBSD has already been ported to RISC-V and LLVM is the standard BSD C/C++ compiler surely this should be easy.</p> - -<p>But it wasn't. LLVM for RISC-V is still relatively immature, particularly for 64-bit. FreeBSD runs on symmetric multi-core 64-bit QEMU RISC-V, but not on embedded systems and not on heterogeneous multicore systems.</p> - -<p>In this talk we'll go through the steps needed to bring up a functioning embedded FreeBSD system on multi-core heterogeneous RISC-V system. Our target hardware was not available at the start of the project, so we used the generally available HiFive Freedom Unleashed board. The result is a reference embedded FreeBSD implementation for RISC-V, freely available to the community.</p> - -<p>This is not a talk about the deep internals of FreeBSD, but about the practical engineering steps needed to bring up an embedded operating system where many of the key components are not yet fully mature.</p> - - Jeremy Bennett - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:20 - K.3.401 - netbsd_update - An Update on NetBSD - and pkgsrc - BSD - devroom - - <p>There have been a number of exciting developments in NetBSD and pkgsrc in the last year. -This talk will give an overview over some cool recent developments, new features and show some exciting hardware to run NetBSD and/or pkgsrc on.</p> - <p>NetBSD 8 has been released, and perhaps there will be a -9 release in time for FOSDEM!</p> - -<p>64-bit ARM support is improving quickly. There is exciting new hardware (such as the Pinebook) to use NetBSD on, plus ARM cloud instances on Scaleway and EC2.</p> - -<p>pkgsrc has gotten a lot more packages, of course, but there have been other improvements.</p> - - Benny Siegert - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:25 - 00:30 - K.3.401 - kleak - KLEAK - Practical Kernel Memory Disclosure Detection - BSD - devroom - - <p>Kernel memory disclosures - also known as kernel information leaks - denote the inadvertent -copying of uninitialized bytes from kernel space to user space. Such disclosed memory may -contain cryptographic keys, information about the kernel memory layout, or other forms of secret -data. In this presentation, we introduce KLEAK, our method to dynamically detect kernel memory disclosures. -It utilizes a simple form of taint tracking, enhanced with compiler instrumentation as well as rotation of -the taint values to decrease false positives. KLEAK detected more than 20 kernel information leaks in NetBSD-current and FreeBSD 11.2.</p> - <p>Kernel memory disclosures - also known as kernel information leaks - denote the inadvertent -copying of uninitialized bytes from kernel space to user space. Such disclosed memory may -contain cryptographic keys, information about the kernel memory layout, or other forms of secret -data. Even though kernel memory disclosures do not allow direct exploitation of a system, they -lay the ground for it.</p> - -<p>We introduce KLEAK, a simple approach to dynamically detect kernel information leaks. -Simply said, KLEAK utilizes a rudimentary form of taint tracking: it taints kernel memory with -marker values, lets the data travel through the kernel and scans the buffers exchanged between the -kernel and the user space for these marker values. By using compiler instrumentation and rotating -the markers at regular intervals, KLEAK significantly reduces the number of false positives, and is -able to yield relevant results with little effort.</p> - -<p>Our approach is practically feasible as we prove with an implementation for the NetBSD -kernel. A small performance penalty is introduced, but the system remains usable. In addition to -implementing KLEAK in the NetBSD kernel, we applied our approach to FreeBSD 11.2. In total, -we detected 21 previously unknown kernel memory disclosures in NetBSD-current and FreeBSD -11.2, which were fixed subsequently. As a follow-up, the projects’ developers manually audited -related kernel areas and identified dozens of other kernel memory disclosures.</p> - - Thomas Barabosch - - - white paper - KLEAK commit to NetBSD - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:05 - 00:35 - K.3.401 - freebsd_graphics - FreeBSD Graphics - - BSD - devroom - - <p>FreeBSD Graphics - what is it, and how does it work?</p> - -<p>In this presentation I will talk about the FreeBSD Graphics effort and the team behind it. I will work my way through the graphics stack, starting with kernel drivers and end with the X server, talking about the various components along the way.</p> - <p>In this presentation I will talk about the FreeBSD Graphics effort and the team behind it.</p> - -<p>I will give an overview of the various components that make up the FreeBSD graphics stack, starting with the kernel drivers and subsystem, and then work my way through the stack. I will talk a bit about Mesa, the X server and other software in the FreeBSD graphics ecosystem.</p> - -<p>I will also talk a bit about the team behind it, what is going on, and where we are going, as well as challenges working with and porting the graphics software.</p> - -<p>This talk is intended to give a broad overview of the FreeBSD Graphics stack and the team working on it. I will not go into too much technical details on each part of the Graphics stack, instead focusing on the big picture.</p> - - Niclas Zeising - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:45 - 00:40 - K.3.401 - freebsd_in_audio_studio - FreeBSD in Audio Studio - FreeBSD is usually not the first choice for music art, but it has quite a lot to offer - BSD - devroom - - <p>This presentation is about tuning FreeBSD OS to give more in the sense of real time audio, possibilities of such a studio and how to make one</p> - <p>With preemptive real time kernel and base system which is relatively small, FreeBSD makes the perfect platform for music production studio. With OSS and Virtual OSS, routing, which is one of the most demanding tasks of any studio, is easy, big number of channels is handled efficiently and support for LV2 plugins in recent year became excellent. Today, if we ignore proprietary solutions, FreeBSD is at least at the level of Linux in music studios, and in some cases it's even better, especially if used PC is older or not powerful. Presenter will demonstrate his own studio from the view of FreeBSD and talk about what is good and what can be improved.</p> - - Goran Mekić - - - Blog/Homepage - Band recordings - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:40 - K.3.401 - migrating_cluster_to_freebsd - Migrating a Big Data Cluster from Linux to FreeBSD - Slowly, but steadily - BSD - devroom - - <p>This talk will cover the on-going process of migrating a big data cluster from a Linux-only system to a mixed OS environment using more and more BSD. I'll cover how the cluster started, what it is used for and the current setup (hardware and software). Particular focus will be put on the migration of the fileserver that has been successfully migrated from a hardware RAID configuration using Linux to an OpenZFS-based FreeBSD setup. I'll detail how it was done, the planning, preparation, and important learnings I too away from the experience. The talk closes with an outline of what steps will follow in the future. -The talk is intended for people interested in such setups, migration strategies, steps to take and pitfalls to avoid.</p> - <p>I manage the Big Data cluster of the University of Applied Sciences, Darmstadt, Germany as system administrator. As such, I'm responsible for providing the compute resources to researchers and teachers during the semester, as well as students doing projects and thesis work on the cluster nodes. When I took over the cluster a couple of years ago, it was a Linux-only system. I've managed to convert more and more nodes to using FreeBSD and OpenZFS. My talk will focus on the how and why, elaborating benefits of the approach and rough edges that still need to be worked on. In the summer of 2018, I took on one of the biggest tasks yet: the migration of the central file server for the cluster. This fileserver provides the home directories to each node via NFS. I was successful in migrating it from a pure hardware RAID setup to a FreeBSD-based OpenZFS software RAID solution. This provides the usual benefits associated with OpenZFS such as compression, quotas and reservation, as well as data protection on various levels. My talk will detail the preparation that I took before the migration and provide some insight into how the setup works now. Future work is discussed and I hope to gather some feedback from the audience about topics like monitoring, backup, and outstanding work.</p> - - Benedict Reuschling - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:15 - 00:40 - K.3.401 - openbsd_nas_system - OpenBSD as a full-featured NAS system - - BSD - devroom - - <p>In this presentation I'll explain how OpenBSD simplify your task if you want to setup a full-featured NAS.</p> - -<p>In my case, the NAS has the following features: -- full encryption file system -- transfer via NFS (for Linux and BSD machines) and sshd -- implement a time machine-like system for end users' files -- how to backup this NAS on a 2nd disk and make sure we do not have bit rotation -- implement Dnla to present to present the multimedia content of this NAS to any DLNA devices (TV, ...) -- How to transform this NAS into a music daemon via the Music Player Daemon. Thanks sndio, this NAS is connected to a Cambridge Audio DAC and an HIFI audio system.</p> - -<p>I'll share my expertise in terms of Hardware for such NAS.</p> - -<p>I'll highlight how to implement all those features and how OpenBSD facilitates this setup.</p> - - - Vincent Delft - - - http://vincentdelft.be - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:40 - K.3.401 - zfs_powered_magic_upgrades - ZFS Powered Magic Upgrades - Using boot environments for atomic in-place upgrades - BSD - devroom - - <p>Describe a system of using ZFS Boot Environments to quickly, safely, and atomically upgrade 100s of remote machines.</p> - <p>Overview: -* How the file system hierarchy is modified to allow the systems to be upgraded in-place -* How we use ZFS to create and deploy the boot environments -* Simplifying the creation of the BEs using <code>poudriere image</code> -* Extending <code>poudriere image</code> to support ZFS -* Using zfsbootcfg to boot a new BE once -* How we determine if the BE “works” and should be promoted to the default</p> - -<p>Motivation: -* We often have only SSH access to the machines, so we needed something that could self-recover just by power cycling the machine -* No longer need to use freebsd-update, mergemaster, or etcupdate</p> - - Allan Jude - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:45 - 00:40 - K.3.401 - walking_through_walls - Walking through walls - PostgreSQL ♥ FreeBSD - BSD - devroom - - <p>A talk about past changes and potential future changes in PostgreSQL and FreeBSD that aim to make this combination the best relational database platform.</p> - <p>PostgreSQL and FreeBSD have many things in common, including ancestry at Berkeley, similar project structures and a pesky more popular rival. The talk will cover some recent changes made over the past years on both sides of the "wall" to improve the performance and user experience of this pairing, some ongoing work and many ideas for future improvements. In many cases it's a matter of catching up with Linux, and in others it's entirely new possibilities. The talk will finish with a question: "what would you change if we could change anything?", because, well, we can!</p> - - Thomas Munro - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:30 - K.3.401 - rspamd_integration_freebsd - Rspamd integration into FreeBSD.org mail infrastructure - - BSD - devroom - - <p>After years using SpamAssassin on FreeBSD.org, we have moved towards Rspamd last year to improve spam filtering and integrate it as milter to postfix. With this step we could impressively drop spam rate and increased performance comparing to SpamAssassin.</p> - <p>In this presentation, we plan to describe the current architecture of the email system and how Rspamd fits into it. Then we will describe the main challenges for AS system when dealing with lots of technical discussions and mailing lists. We will also explain the unique features of Rspamd and cover the outstanding issues (e.g. with DKIM).</p> - - Vsevolod Stakhov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:25 - K.4.201 - mgmtconfig - A small, FRP DSL for distributed systems - Mgmt Config: The Language - Minimalistic Languages - devroom - - <p>Mgmt is a next gen config management tool that takes a fresh look at existing automation problems. -The tool has two main parts: the engine, and the language. -This presentation will have a large number of demos of the language. -The language is a minimalistic, functional, reactive DSL. -It was designed to both constrain the user with safe types, and no core looping constructs, but also to empower the user to build powerful real-time distributed systems.</p> - <p>Mgmt is a next gen config management tool that takes a fresh look at existing automation problems. -The tool has two main parts: the engine, and the language. -This presentation will have a large number of demos of the language. -The language is a minimalistic, functional, reactive DSL. -It was designed to both constrain the user with safe types, and no core looping constructs, but also to empower the user to build powerful real-time distributed systems. -We will present a number of traditional use cases that were historically quite difficult to setup and deploy, but which can now be expressed as simple, short snippets of code. -Examples will include service discovery, auto-scaling, provisioning, state-machines, scheduling and more! -Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project.</p> - -<p>A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ -Attendees are encouraged to read some before the talk if they want a preview!</p> - - James Shubin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:55 - 00:20 - K.4.201 - jsonwhendsl - Why JSON when you can DSL? - Your problematics deserve their own language - Minimalistic Languages - devroom - - <p>The history of programmers trying to use programming languages for data files, configuration, or UI description files, is filled with horror stories. "WHY in the world did we choose Lua for our data files again?" was an interrogation I had not so far in the past, when I was working for a big game company. "HOW did we let this Grunt file grow more than 8000 js lines?" was a more recent one. Programming languages are NOT a good fit for data files. But there may be another way... Today, I want to talk about my favorite part of lisp languages: <strong>making your own languages when you need them</strong>. By that I don't mean making a big pile of utility functions or macros for the savvy lisper to drool upon, but actually taking the time to think about a file format, may it be completely static, and make it from scratch using s-expressions. Those parentheses may be good for something in the end...</p> - - - Jérôme Martin - - - An additional tutorial to go further - The presentation code - The slides in PDF format - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:15 - 00:25 - K.4.201 - templatinglanguagesinteractive - Templating Languages for Interactive Fiction - - Minimalistic Languages - devroom - - <p>Interactive Fiction, or "Choose Your Own Adventures" games, have been reinvigorated by new, friendly tools such as Twine. Twine and its scripting language Harlowe are a type of Templating Language, where static presentation content dominates, but is modified by small snippets of embedded code. Thus, Harlowe is in the same family of templating languages such as PHP, M4, or front-end web application libraries. I examine the characteristics of truly minimal templating languages intended for non-programmers and demonstrate a toy templating language built with Scheme.</p> - <p>From the point of view of language design and implementation, scripting languages for interactive fiction or visual novels -- such as Harlowe, SugarCube, or Ren'Py -- are interesting in their pragmatism. They hide complexity from the programmer and try to put focus on generating story content. While paradigms such as Model-View-Controller or Model-View-ViewModel tend to crop up in general-purpose programming languages to help manage front-end complexity, these languages mix code and content much like how PHP or HTML+JavaScript was used a decade ago. But by keeping syntax simple, the MVC or MVVM separation of concerns is not necessary.</p> - -<p>To keep things intuitive for the non-programmer, they make some interesting decisions about readers, interaction models, procedure definitions, and scoping. These decisions are examined and contrasted with Scheme's standard programming paradigm.</p> - - Michael Gran - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:25 - K.4.201 - tcllang - Tcl - An Embeddable Long-lever with a Comfortable Grip, that fits in your Pocket. - - Minimalistic Languages - devroom - - <p>An introduction to the simplicity of Tcl, some use cases, and examples of tweaking-and-extending.</p> - - - Brad Harder - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:05 - 00:20 - K.4.201 - minimalismintro - Minimalism matters - - Minimalistic Languages - devroom - - <p>Minimalism matters in computing. To trust systems we need to be able to understand them completely. Openssl heartbleed disaster was caused by code no longer being minimalistic, even if it is free and open source software. Hardware manfucturers and proprietary closed source solutions make things even worse with expectations of intrusion to privacy and backdoors if we don't aim for free hardware, software and minimalism. In this talk I will discuss minimalism in a broad context and narrow down on what the free software community can aim for.</p> - - - Pjotr Prins - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:25 - K.4.201 - minimalismversustypes - Minimalism versus Types - An experience report on the development of Titan, a statically-typed Lua-like language - Minimalistic Languages - devroom - - <p>We love minimalistic languages because they let us do so much with so little. -But when we start doing a lot with them, often we start yearning for types to help us make sense of it all. -Adding types to a minimalistic language (well, adding anything!) makes it larger. -Is this worth the price? Is a rich type system antithetical to minimalism? Let's find out!</p> - -<p>This talk is based on the experiences in the development process of Titan, a statically-typed Lua-like language.</p> - - - Hisham Muhammad - - - Titan programming language - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:50 - 00:20 - K.4.201 - luainerlang - Luerl: Lua in Erlang - Luerl introduction emphasizing its trade-off as scripting skin on top of the BEAM ecosystem. - Minimalistic Languages - devroom - - <p>Luerl is an implementation of standard Lua 5.3 written in Erlang/OTP. Lua is a powerful, efficient, lightweight, embeddable scripting language common in games, IoT devices, machine learning and scientific computing research.</p> - -<p>The Luerl VM is a mixture of interpreting Lua VM instructions and using Erlang directly to implement function calls.</p> - -<p>Through the use of Erlang functions, Luerl can be augmented to cope with a wide range of different domains, creating a customized language sharing a syntactical framework.</p> - - - Jean Chassoul - - - website - wiki - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:25 - K.4.201 - neverlanguage - Never - Functional Programming Language - Minimalistic Languages - devroom - - <p>Never is a simple functional programming language. Technically it may be classified as syntactically scoped, statically typed, call by value, functional programming language. In practise Never offers basic data types, assignment, control flow, exceptions, arrays, first order functions and some mathematical functions to make it useful to calculate expressions. The language itself is an example how minimalistic language can be created as a hobby project in several months and used to solve interesting problems.</p> - -<p>The presentation outlines Never language features and presents its capabilities by demonstrating simple neural network supervised learning algorithm. During the talk audience will learn why the language was created, which solutions are used under the hood and about its possible future extensions.</p> - - - Sławomir Maludziński - - - https://never-lang.github.io/never/ - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:35 - 00:25 - K.4.201 - guixinfra - GWL: GNU Workflow Language - - Minimalistic Languages - devroom - - - - - Ricardo Wurmus - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - K.4.201 - perl6newtool - Perl 6 as a new tool for language compilers - Using Perl 6 grammars to design and implement a programming language - Minimalistic Languages - devroom - - <p>Perl 6 grammars are a great way to describe the grammar and implement an interpreter or a compiler of DSL or a programming language. In this talk, I will demonstrate how you can do it.</p> - <p>During the talk, we will create an interpreter for a tiny programming language. The engine behind the implementation will be the so-called Grammars that are available in today's Perl 6. We will create the full language specification and describe all the actions it needs to do to execute the program.</p> - -<p>The great part is that you no longer need to split your language implementation in traditional phases: lexer, parser, etc.. Neither you need a compiler of compilers to process the formal grammar rules and emit the lexer/parse code that you will later use in your compiler. All you need is just to write some Perl 6 code.</p> - -<p>You even don't need to be a specialist in compilers or learn numerous tools like bison etc. to create your own language in a few hours.</p> - - Andrew Shitov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:25 - 00:25 - K.4.201 - experiencewithwisp - Experience with wisp - 5 years with fewer parens - Minimalistic Languages - devroom - - <p>Experience with wisp: 5 years with fewer parens</p> - -<p>What changed, what evolved, best practices, usage for a lecture, and why wisp aka SRFI-119 is completed as a language (though not in tooling or documentation).</p> - - - Arne Babenhauserheide - - - wisp releases - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:50 - 00:30 - K.4.201 - gnuguixminimalism - Building a whole distro on top of a minimalistic language - The story of GNU Guix - Minimalistic Languages - devroom - - <p>GNU Guix is a package manager and GNU/Linux distribution that builds on Scheme, a Lisp dialect known for its emphasis on minimalism. This talk will be an exploration of Guix’ use of Scheme’s extensibility to build high-level abstractions and user interfaces in a broad sense.</p> - <p>GNU Guix is a package manager, GNU/Linux distribution, and more generally a “software deployment toolbox” featuring key features such as -transactional upgrades and rollbacks, declarative operating system configuration, and more. Guix has become a relatively large piece of software but a key aspect of it is that Guix builds on Scheme, a Lisp dialect known for its emphasis on minimalism. From day one, use of -Scheme as its single implementation language has shaped Guix.</p> - -<p>This talk will be about what it means for Guix to be implemented as a set of libraries on top of this tiny core that Scheme is. Together we will have a guided tour through Guix’ interfaces, be they “programming” or “user” interfaces; we’ll look at its embedded domain-specific languages (EDSLs) that make it just as clear as your favorite YAML/JSON/XML thing while retaining the full power (and joy!) of a general-purpose programming language. We’ll discuss the features of Scheme that make it possible. I will share my thoughts on how such a design can empower users and how well this has worked in practice.</p> - - Ludovic Courtès - - - GNU Guix - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:20 - 00:30 - K.4.201 - gnumes - GNU Mes - Reduced Binary Seed bootstrap for GNU Guix - Minimalistic Languages - devroom - - <p>Two years ago on FOSDEM'17 a minimalistic bootstrap was a dream; today it has started to become reality. -Bootstrapping GNU/Linux without use of the GNU toolchain (gcc, binutils, glibc) was our first milestone -that we just reached. Mes became a GNU project. -We will talk about what bootstrapping is and why it is important.<br/> -We will show how Mes' minimalistic Scheme has made this possible and on future milestones (Scheme -only bootstrap, other GNU/Linux distributions) before reaching the holy grail: a full source bootstrap.</p> - - - Jan (janneke) Nieuwenhuizen - - - GNU Mes - Reduced Binary Seed bootstrap - GuixSD - Bootstrappable Builds - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:30 - K.4.201 - guile3fasterprograms - Guile 3: Faster programs via just-in-time compilation - - Minimalistic Languages - devroom - - <p>There's a new major version of the Guile language implementation -coming, and it's on average around twice as fast as Guile 2.2. Guile -3, expected to be released in Spring 2019, achieves these improvements -by adding on a just-in-time compilation system to its virtual machine. -Co-maintainer Andy Wingo will walk you through how we managed to -achieve these improvements while not increasing startup latency, and -give tips and tricks for early adopters.</p> - - - Andy Wingo - - - Video recording (WebM/VP9) - Video recording (mp4) - Slides (pdf) - Submit feedback - - - - 16:20 - 00:30 - K.4.201 - guileracket - A Guiler's Year of Racket - - Minimalistic Languages - devroom - - <p>Having used Guile for the previous number of years and being an enthusiastic supporter of and occasional contributor to Guix, what's it like switching to Racket, a different but in many ways similar Scheme language, for the last year? What can Guile learn from Racket? What can Racket learn from Guile?</p> - - - Christopher Webber - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:50 - 00:30 - K.4.201 - fractalideandcantor - Fractalide and Cantor - A Racket application built with Flow-Based Programming - Minimalistic Languages - devroom - - <p>Fractalide is a Flow-Based Programming framework for making GUI applications in Racket and Rust, tied together by Nix. As one of the first applications to make use of this, we created Cantor, a cryptocurrency wallet.</p> - -<p>How did using Racket help us or hinder us, and how does Flow-Based Programming interact and fit with Functional Programming?</p> - - - Claes Wallin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:20 - 01:00 - K.4.201 - makeownlangracket - Make your own language with Racket - A kickstart workshop for the creative minds - Minimalistic Languages - devroom - - <p>You always wished you could have a language that explains perfectly what you are trying to do? -You find yourself constantly waiting for your favorite programming language to add a feature? -Why not doing it yourself? Come at this workshop and try making your own language using Racket, the language-oriented programming language! -(did I say "language" twice?)</p> - <p>This workshop will quickly describe how to use the Racket language, then dive into making your own language. -I should be able to handle between 3 to 5 people at a time. -Session duration should range from 1 hour to 1.5 hours.</p> - - Jérôme Martin - - - A written tutorial - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:25 - K.4.401 - vkrunner - VkRunner: a Vulkan shader test tool - A presentation of VkRunner which is a tool to help test the compiler in your Vulkan driver using simple high-level scripts - Graphics - devroom - - <p>A presentation of VkRunner which is a tool to help test the compiler in your Vulkan driver using simple high-level scripts.</p> - <p>Perhaps the largest part of developing a modern graphics driver revolves around getting the compiler to generate the correct code. In order to achieve this, extensive testing is essential. For OpenGL we have Piglit and its convenient shader_runner script format. On Vulkan, writing the boilerplate needed to test a simple shader is a lot more work. This is where VkRunner steps in to implement all of the boilerplate once and provide a very high-level scripting language to make it easy to write a test. The scripts contain the required shaders, any data they need to run and simple commands to draw or compute and probe the results.</p> - -<p>This talk will give an overview of the functionality of VkRunner, its current status and the plans for its future.</p> - - Neil Roberts - - - GitHub repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - K.4.401 - igt_ci - Intel GFX CI: Validation done the Linux way - - Graphics - devroom - - <p>The Linux community is slowly moving towards better quality trough automated testing to prevent regressions in mainline and stable trees. However, Linux is full of HW-specific code which makes validation of patches impossible for individual developers, which leads to regressions. In this talk, we will explain how we solved these issues by getting inspired by Linux's development model, and how we extend it to the development of our testsuite, CI infrastructure and bug handling.</p> - -<p>After 2 years of activity, this led Linus Torvalds to say i915's quality has greatly improved compared to other graphic drivers.</p> - <p>Linux's development model has been described as being -akin to a bazaar, where any developer can make changes to Linux as long -as they strictly improve the state of Linux, without regressing any -application that currently runs on it. This allows Linux users to update -their kernels and benefit from the work of all developers, without -having to fix anything in their applications when a new version comes. -Unfortunately, it is impossible for developers to try their changes on -all the different hardware and userspace combination being used in the wild.</p> - -<p>Typically, a developer will mostly test the feature he/she is working on -with the hardware at hand before submitting the patch for review. Once -reviewed, the patch can land in a staging repository controlled by the -maintainer of the subsystem the patch is changing. Validation of the -staging tree is then performed ahead of sending these changes to Linus -Torvalds (or one of his maintainers). Regressions caught at this point -require to bisect the issue, which is time consuming and usually done by -a separate team, which may become a bottleneck. Sometimes they let -regressions through, hoping to be able to fix them during the -rc cycles.</p> - -<p>To address this bottleneck, the developer should be responsible for -validating the change completely. This leads to a virtuous cycle as not -only developers can rework their patches until they do not break -anything (saving the time of other people), but they also become more -aware of the interaction their changes have on userspace, which improves -their understanding of the driver which leads to better future patches.</p> - -<p>To enable putting the full cost of integration on developers, validation -needs to become 100% automated, have 100% code/HW coverage of the -userspace usecases, and provide timely validation results to even the -most time-pressured developers. To reach these really ambitious -objectives, driver developers and validation engineers need to be -considered as one team. The CI system developers need to provide a -system capable of reaching the objectives, and driver developers need to -develop a test suite capable of reaching the goal of having 100% code -coverage of the whole driver on the CI system provided to them.</p> - -<p>Finally, this increase in understanding of how validation is done allows -developers to know if their patch series will be properly validated, -which reduces the risk of letting regressions land in Linux.</p> - -<p>The devil however lies in the details, so in this talk, we will explain -how we are going from theory to practice, what is our current status and -what we are doing to get closer to our ambitious goal! We will describe -the current developer workflow and demonstrate how we empowered -developers by providing timely testing as a transparent service to -anyone sending patches to our mailing lists.</p> - - Martin Peres - - - Intel GFX CI main page - CI Bug Log repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - K.4.401 - oss_vr - XR - The present, the future and how to get there. - Graphics - devroom - - <p>VR took off for the consumer with the release of Oculus consumer hardware. But the hardware lacked open source drivers and Linux support in general. The OpenHMD project was created to solve this issue, and as it so happen it was funded by two former Chalmers students.</p> - -<p>The consumer VR space has now grown from a crazy inventor in a garage into a large industry. But this growth has its down sides, multiple companies have their own APIs competing. Luckily these companies have agreed to work on a single API under the Khronos umbrella.</p> - -<p>In this talk, Jakob will cover Khronos' OpenXR standard, give an overview about the current state of open source VR and what lies ahead.</p> - <p>Jakob works for Collabora with graphics and virtual reality. He has worked with Linux graphics since 2006, starting with Tungsten Graphics and moving into VMware. In 2013 he along with a friend started the OpenHMD project to make open source drivers for VR and AR hardware.</p> - - Jakob Bornecrantz - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - K.4.401 - igt_tools - IGT GPU Tools - the past, the present, the future - - Graphics - devroom - - <p>IGT recently underwent quite a few changes. The name is now -vendor-agnostic, meson is the new default build system, we are on the -GitLab, and the new runner, a piglit replacement, has landed.</p> - <p>So what's up with the name change from "Intel GPU Tools" to "IGT GPU -Tools"? Is it just GNU, with its sweet recursiveness, being that -inspiring or do we really belive that having a vendor agnostic test -suite that benefits the whole DRM subsystem is important?</p> - -<p>Let's also talk build system. Everyone, and their dog, is switching to Meson -nowadays, so we have too jumped on the bandwagon. How has the switch went? -How does Meson compare to autotools? Are we going to remove the old build -system... and when is that going to happen?</p> - -<p>GitLab and its CI/CD pipleine allows us to generate and publish -documentation efortlessly, get us cross-compilation working and run some -post-merge autotools/meson consistency checs.</p> - -<p>There is also the new runner. Are we suffering from "Not Invented Here" -syndrome or it there actual, compelling reason to do all the extra -development? This allows us to drop Python as a dependency and have a -way to run a single binary with multiple subtests in one go, instead of -spawning a new process for each subtest which does the same -initialization, and shaving off those sweet sweet seconds so we can -squeeze even more CI runs in a day.</p> - - Arek Hiler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - K.4.401 - wayland_ivi - Wayland in IVI systems - In-Vehicle-Infotainment systems and their graphics sub-system - Graphics - devroom - - <p>A few years back Wayland started to change the open source graphics stack in Linux. -Today a few major Linux distribution are already using wayland as default window system. -Also in In-Vehicle-Infotament(IVI)systems Wayland becomes popular, -several projects are already successfully launched, popularity is growing and bigger automotive communities like Genivi and AGL are participating. -IVI environment is quite different for the Desktop on and one of the important difference is in the window or application management. -Weston as an open source reference implementation of wayland compositor cannot be used directly and needs some adjustments. -To address this point ivi-shell was introduced to Weston and provides a possibility to realize IVI specific use-cases. -I would like to present the available implementation and talk about upcoming use-cases like virtualization and distributed HMI</p> - - - Eugen Friedrich - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - K.4.401 - greenfield - Greenfield: An in-browser Wayland compositor - Running a Wayland compositor entirely in your browser - Graphics - devroom - - <p>Greenfield is a Wayland compositor running entirely in your browser. No plugins or black magic required. This talk will go into the conception, exploration and struggles of making this possible. The result is a product far from finished, but already capable of running existing Wayland applications directly in your browser.</p> - <p>Greenfield is a in-browser Wayland compositor capable of running existing Wayland applications in the browser. This is made possible by leveraging a large amount existing HTML5 apis.</p> - -<p>Greenfield is different from existing solutions like VNC or RDP in that it does not stream a final server side generated image to a remote. Instead Greenfield live encodes each individual application to h264 frames using gstreamer. After encoding, frames are send to the browser using a dedicated WebRTC datachannel. On reception, the h264 frames are decoded using a WebAsembly h264 decoder running in a WebWorker while WebGL is used to do color conversion from YUV+A to RGBA. The end result are applications who's content is drawn in their own HTML5 canvas. As a consequence, the entire screen you see in the browser is actually composed of nothing more than ordinary browser DOM elements. All of this is done while adhering to the Wayland mantra 'Every frame is perfect'.</p> - - Erik De Rijcke - - - repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - K.4.401 - cameras - Complex cameras are (were?) complex - How to make complex cameras easier: an update from the Libcamera project - Graphics - devroom - - <p>The 'complex camera' user-space library is a fairly new and hot topic -in the Linux kernel video community. The issue is debated and targets -a real technical debt of Linux systems. Device producers have been -tackling this with in-house solutions that proved not to scale once -brought in the open space, so a generic solution is now required to -address the issue.</p> - <p>The Linux kernel video input subsystem and its APIs changed greatly in -the last years to keep up with the increasing complexity and -processing power embedded in modern SoCs. Namely, the biggest -game-changing feature introduced already 5 years ago is the media controller -subsystem and its pad oriented APIs, that allows composing pipelines -of processing blocks to model the acquisition and re-processing of -video and images.</p> - -<p>While most of the media subsystem drivers in mainline Linux have been -ported to fully support media-controller, the real missing component -is now user space support to automate setting up and controlling the -image processing pipelines.</p> - -<p>The Video4Linux community is now tackling the issue by implementing -support for "complex camera" systems by providing a user space library -that aims to support the most recent use cases represented by mobile -consumer devices and high end laptops.</p> - -<p>This talks provides an overview of modern media-controller capable video -device drivers, their userspace APIs and the challenges the currently -in-development "libcamera" library has to face.</p> - -<p>It also aims to provide to both driver and application developers an -overview of the most modern implementation of the Linux video input -stack architecture, that will likely be found in most system in next -years.</p> - - Jacopo Mondi - - - http://libcamera.org - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - K.4.401 - hdmi_cec - AMENDMENT HDMI CEC: A Status Update - - Graphics - devroom - - <p>The past year the focus in this kernel subsystem was on bug fixing, new drivers and improved CEC debugging support. This presentation gives an overview of the current status and future work.</p> - -<p>This talk is a replacement for the cancelled talk by intel's Manasi Navare "Display Stream Compression: More pixels, faster, over DisplayPort", as intel decided not to approve travel for Manasi.</p> - - - Hans Verkuil - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - K.4.401 - waffle - Writing X11/Wayland agnostic GL applications with Waffle - - Graphics - devroom - - <p>When writing GL applications, one needs to use APIs to bridge the rendering (as done by OpenGL, OpenGLES) with the underlying platform - X11, Wayland and others. As the technical details greatly varies across platforms, a project called Waffle was introduced in 2012.</p> - -<p>Today Waffle is a core library, used heavily for testing GL drivers with piglit. -Additionally, the library provides a simple API which allows easy integration and use of GL application across both X11 and Wayland.</p> - -<p>For newcomers, a quick outline of the project and its usecase will be provided. Then we'll walk through the project evolution - from platforms supported, feature set and developer base. -The main part of the talk will focus on the work done to improve the quality of the project. The CI that was recently deployed will be presented, static analysis tools and code coverage.</p> - -<p>Finally, we'll talk about the outstanding "issues" of the projects - from missing features, additional testing, tooling required and everything else that is preventing people from using the project.</p> - - - Emil Velikov - - - Waffle homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - K.4.401 - gpu_reset - A low latency GPU engine based reset mechanism for a more robust UI experience - - Graphics - devroom - - <p>On newer generations of Intel Gen GPUs we now have the ability to reset specific engines for a light weight engine reset approach when things go wrong inside the GPU. Instead of resorting to a full GPU reset mechanism from the get go when things go wrong there are less aggressive options that could help us achieve a faster and smoother recovery from a hung GPU. This talk will go over one such mechanism that includes a low latency engine based reset approach through the use of a GPU watchdog timeout. The talk will end by discussing a specific use case under Chrome OS that shows how all the pieces fit together (including how media drivers can make use of this mechanism from user space) and also how a compositor could take advantage of this approach and improve the user experience.</p> - - - Carlos Santa - - - Lighting talk slides at XDC 2018 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - K.4.401 - flickerfree - Flickerfree boot - Seamless boot for UEFI systems - Graphics - devroom - - <p>Presentation on the recent "flickerfree" boot work, where the goal is to go from the firmware splashscreen/logo to the GUI in one fluid experience without any modesets (causing the screen to blank) or transitions to text-mode. Topics discussed during the presentation are:</p> - -<ul> -<li>The changes made to each of the involved components</li> -<li>The upstream status of these changes</li> -<li>Steps to take to enable this</li> -</ul> - - <p>A typical UEFI boot of a Linux system looks like this: -* firmware shows a boot logo -* shim loads, clears the screen -* grub loads, shows a text menu -* kernel efifb loads, clears the screen, may show a bunch of text messages -* kernel drm/kms driver loads -* bootsplash (plymouth) loads -* GUI loads</p> - -<p>Where the kms driver, plymouth and GUI load all may do a modeset resulting in the display loosing signal for a while. The constant screen clearing, various text-messages and the modesets all result in a quite restless boot experience.</p> - -<p>My latest project at Red Hat is fixing all this so that we go straight from the logo shown into the GUI, while still being able to show error messages at all stages if necessary.</p> - -<p>During this presentation I describe: -* The changes made to each of the involved components -* The upstream status of these changes -* Steps to take to enable this</p> - -<p>Benefits to the eco-system:</p> - -<p>1) A nicer boot experience for all Linux systems makes Linux more user-friendly and will hopefully lead to wider boot experience</p> - -<p>2) Customized embedded systems can already offer a similar experience by disabling the kernel's fbcon driver. There are 2 downsides to the current solutions: -2.1) They are per project customizations, there is no standard way to do this, -2.2) Without fbcon, no text output is possible at all and if something causes the GUI to not load there is no way to show a message to the end user (who will not have serial console access).</p> - -<p>My work offers a standardized way to achieve the desired boot experience while keeping fbcon enabled so that error messages can be shown at any stage if necessary.</p> - - Hans de Goede - - - Blogpost about flickerfree boot - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:25 - K.4.401 - virtual_gpu - What's new in the GPU virtual world? - - Graphics - devroom - - <p>The FOSS GPU virtualization stack has never before seen as intensive progress as in the -the last months. -Virglrenderer started as a research project to investigate the possibility of creating -a virtual 3D GPU for use inside QEMU virtual machines that allows the guest -operating system to use the capabilities of the host GPU to accelerate -3D rendering and is now getting to a product level quality.</p> - -<p>This talk will go through an introduction of the Open Source -graphics virtualization stack, the security advantages, look at history of the project and -at what is happening to take it to production level.</p> - -<p>Finally, the future plan for the GPU virtualization stack will be shared, -like the support to different versions of OpenGL ES and Vulkan on the guest side, -improvements to the performance and security of the stack.</p> - - - Elie Tournier - - - Project GitLab - Project website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:25 - K.4.401 - v4l2 - V4L2: A Status Update - - Graphics - devroom - - <p>In the past year a lot of work has been put into improving the V4L2 subsystem. The main addition was the Request API, which is required for stateless hardware codecs, and will help improve complex camera pipelines. Codecs in general saw a lot of attention and our virtual drivers are now being used in test frameworks. So it is time to present an overview of the current state of V4L2 and what can be expected from it in the future.</p> - - - Hans Verkuil - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:25 - K.4.401 - pipewire - PipeWire - PipeWire wants to take over your multimedia - Graphics - devroom - - <p>This is a proposal to give a presentation about PipeWire and the current state of affairs. See also https://pipewire.org</p> - - - Wim Taymans - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:25 - K.4.401 - mesa_mem - Reducing Memory Usage of Mesa's Shader Compiler (Again) - Why does this shader need 80GiB to compile? - Graphics - devroom - - <p>During recent work to implement software double precision (fp64) support in Mesa's shading language compiler, some shaders were found to use excessive amounts of memory. One pessimal test case used over 80GiB. This talk will discuss techniques that were used to reduce that memory usage to less the 2GiB. This reduction was achieved through a combination of optimizing existing data structures, use of more compact data structures, and improved memory management. Use of tools such as Valgrind and pahole will be covered.</p> - - - Ian Romanick - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:25 - K.4.401 - 0ad_graphics - 0 A.D: Graphics - Graphics problems and opportunities of open-source game - Graphics - devroom - - <p>A story about graphics and graphic problems that we have in development of 0 A. D. - the open-source game of Wildfire Games.</p> - -<p>Talking structure:</p> - -<ul> -<li><p>A little history of 0AD (https://play0ad.com/about/the-story-of-0-a-d/)</p></li> -<li><p>Used technologies and how it works (SDL, OpenGL 1/2, ARB/GLSL shaders)</p></li> -<li><p>Known problems (inaccurate hardware statistics, old OpenGL, driver/application crashes on Intel cards on different OS, legacy support of OpenGL drivers on macOS 10.14)</p></li> -<li><p>Current solutions (tracker &amp; forum to collect people feedback, a feedback server to recieve automatic hardware reports, analyse our audience)</p></li> -<li><p>Future plans (more abstractions, probably a low-level third party library for GL/Vulkan/Metal, white &amp; black lists for drivers with bugs)</p></li> -</ul> - - - - Vladislav Belov - - - 0 A.D. official site - Story of 0 A.D. - Feedback site - WildFire Games - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:05 - K.4.601 - retro_welcome - Welcome to the RetroComputing devroom - - Retrocomputing - devroom - - <p>For this second year of retro talks at FOSDEM we have a wide range of topics covered, from hardware design to software preservation, and of course emulation, for many machines like the ZX Spectrum, C64 or Atari ST.</p> - -<p>Since the schedule is tight for the devroom, we'll ask people to note their questions on an etherpad during talks and have speakers answer later on, with a recap of the answers being sent on the mailing list after the event.</p> - - - Pau Garcia Quiles (pgquiles) - François Revol - - - Retrocomputing (Wikipedia) - Etherpad for devroom Q&A and other notes - Submit feedback - - - - 10:35 - 00:30 - K.4.601 - retro_hatari - Hatari - a cycle-exact Atari ST emulator - - Retrocomputing - devroom - - <p>A talk about the history of the Atari ST/STE/TT/Falcon emulator "Hatari", and the difficulty of emulating these machines in a cycle-exact way. This talk is for everybody who is interested in emulation of old computers, no special previous knowledge is required.</p> - <ul> -<li>A short overview of the Atari ST and successor machines</li> -<li>The history of the the Hatari emulator</li> -<li>How to get started with using Hatari (explanation of disk images and firmware ROMs)</li> -<li>Hardware tricks on the ST and why cycle-exact emulation is required here</li> -</ul> - - - Thomas Huth - - - Hatari website - Submit feedback - - - - 11:05 - 00:45 - K.4.601 - retro_hw_emulation - AMENDMENT Open source projects at Silicium retrocomputing association - A french non-profit organization for the preservation of videogame and computer heritage - Retrocomputing - devroom - - <p>Presentation of open source projects made at or used by Silicium, a french non-profit organization for the preservation of videogame and computer heritage.</p> - <p>At Silicium, we have a large collection of old computers and videogames, that we periodically present to the public. But machines break down, especially media and drives, so we like to use mass storage emulators and have tested quite a few: we will present the open source ones that we like and use.</p> - -<p>Moreover some of our members have retrocomputing open source projects of their own, such as FPGA-based emulators of old gaming consoles. We will present their works and the development techniques they use, notably the MiSTer FPGA platform and coverification with Verilator.</p> - -<p><strong>Note that this replaces "Emulation revisited - narrowing the gap between software and hardware" by Gregory Estrade who is no longer able to attend the event, but will include parts of it. </strong></p> - - Benoît Triquet - Rene Speranza - - - MiSTer project - Verilator - Silicium.org - Submit feedback - - - - 11:55 - 00:30 - K.4.601 - retro_minitel - CANCELED Restoring a 30+ years old Minitel server on Apple II - - Retrocomputing - devroom - - <p>Minitel network stopped 6 years ago, but Minitel server software and hardware still exists and allow to re-discover how the whole system was working and how minitel users were interacting with this pre-internet media. -Let's make COMPUTEL, an Apple II based Minitel BBS run again... more than 30 years after its shutdown...</p> - - - Christian Quest - - - Medium post - Submit feedback - - - - 12:25 - 00:30 - K.4.601 - retro_gbforth - GBForth: Using Forth to understand the Game Boy - - Retrocomputing - devroom - - <p>During this talk we'll get a good understanding of Game Boy programming by reverse-engineering a ROM using Forth. We go beyond just decompiling the ROM to assembly and show how we created a cross-compiler that allows writing Game Boy games in Forth as well. You'll get to see how Forth interacts with the Game Boy hardware, and how the language can be extended to easily render sprites or play sounds for example.</p> - <p>We show you how to use Forth to incrementally refactor Game Boy bytecode into higher levels of abstraction. No black boxes. No magic. This way you can understand and appreciate every layer of the hardware and CPU instructions one by one. A similar approach can help you understand other systems (NES comes to mind) and create a language that is more comfortable than ASM or C to work with.</p> - -<p>The talk is accessible to developers without former Game Boy, Forth or compiler experience.</p> - -<p>Topics covered: -- Go through the basics of Game Boy hardware -- Explain how rendering graphics works on a Game Boy -- Outline the challenges of working with the Game Boy memory -- Show how to reverse-engineer a binary using Forth -- Describe the process of writing the cross-compiler -- Talk about using GBForth to write Game Boy games</p> - - Tijn Kersjes - David Vázquez Púa - - - GBForth project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:45 - K.4.601 - basic_engine - Introduction to the BASIC Engine - A low-cost single-board home computer programmable in BASIC that can be built at home for under 10 Euros - Retrocomputing - devroom - - <p>This talk introduces the BASIC Engine, a very low-cost single-board home computer with advanced 2D color graphics and sound capabilities, roughly comparable to late-1980s or early-1990s computers and video game consoles. It can be built at home without special skills or tools and using readily available components for under 10 Euros in parts, or mass-produced for even less.</p> - - - Ulrich Hecht - - - BASIC Engine home page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:45 - 00:30 - K.4.601 - retro_preserving_algorithms - Preserving numerical algorithms - - Retrocomputing - devroom - - <p>A typical result in Numerical Analysis is an algorithm to solve a mathematical problem. The main ingredients are the precise statement of the problem, an algorithm to solve it, and an assessment of the errors. From algorithm, there is a long journey to a program: the method needs to be more user-friendly (handling of error cases, etc.), has to be implemented in a programming language, and tested. The resulting program is not only a practical product, but also a very precise description of the algorithm. If the reader is a computer, nothing is left to -interpretation as long as the translator is correct. -In my talk, I would like to introduce an effort to preserve mathematical software: the histoRicalg project, and summarize some of its results.</p> - -<p>In two decades from 1970 to 1990, there was an upsurge in the writing and publication of mathematical software. Much of this has been collected in subroutine libraries or published in print or in machine readable form. Traditionally, scientific results are published in journals, and journal papers are archived in libraries. However, as programs grew larger, they were no longer printed with the papers, but sent to interested readers on tape, diskettes, or other forms of data storage.</p> - -<p>The knowledge accumulated in these codes is extensive and valuable. Its preservation, however, is more difficult than that of papers. Storage technologies come and go, programming languages come into fashion, then become forgotten. To preserve the algorithms, one needs to constantly copy their source code from old computers to newer ones and preserve the tools needed to compile them.</p> - -<p>In this poster, I plan to introduce one effort to preserve mathematical codes: the histoRicalg project. Its primary objective is to find, document, and preserve the originals of the numerical codes that have found their way into the R statistical programming system. In particular, I will summarize my experience with attempts to run the originals of these codes on a modern Linux PC.</p> - <h3>PRESERVING NUMERICAL ALGORITHMS</h3> - -<p>A typical result in Numerical Analysis is an algorithm to solve a mathematical problem. The main ingredients are the precise statement of the problem, an algorithm to solve it, and an assessment of the errors. From algorithm, there is a long journey to a program: the method needs to be more user-friendly (handling of error cases, etc.), has to be implemented in a programming language, and tested. The resulting program is not only a practical product, but also a very precise description of the algorithm. If the reader is a computer, nothing is left to -interpretation as long as the translator is correct.</p> - -<p>In two decades from 1970 to 1990, there was an upsurge in the writing and publication of mathematical software. Much of this has been collected in subroutine libraries or published in print or in machine readable form. Traditionally, scientific results are published in journals, and journal papers are archived in libraries. However, as programs grew larger, they were no longer printed with the papers, but sent to interested readers on tape, diskettes, or other forms of data storage.</p> - -<p>The knowledge accumulated in these codes is extensive and valuable. Its preservation, however, is more difficult than that of papers. Storage technologies come and go, programming languages come into fashion, then become forgotten. To preserve the algorithms, one needs to constantly copy their source code from old computers to newer ones and preserve the tools needed to compile them.</p> - -<p>I plan to introduce one effort to preserve mathematical codes: the histoRicalg project. Its primary objective is to find, document, and preserve the originals of the numerical codes that have found their way into the R statistical programming system. In particular, I will summarize my experience with attempts to run the originals of these codes on a modern Linux PC.</p> - -<h1>Present status:</h1> - -<ul> -<li>SLATEC codes: Fortran 77. Modifications only needed for machine dependent parts; code is well preserved. LINPACK and EISPACK parts are largely superseded by LAPACK.</li> -<li>PORT Library: Bell Labs has changed owners and the web site is gone. Fortran 77. What code we have runs without changes. Contains an interesting collection of optimization algorithms.</li> -<li>CMLIB: large overlap with SLATEC. Fortran 77. So far UNCMIN has been tested.</li> -<li>NSWC: large overlap with SLATEC. Fortran 77. Needs changes in machine dependent parts. Large collection of special functions routines. So far, I have checked machine parameters: integer parameters match x86_64-linux-gnu.</li> -<li>NUMAL: one of the early attempts at a mathematical software collection. Algol 60. Needs a translator to run. I have created Ubuntu packages for two translators (MARST and JFF-ALGOL).</li> -<li>CALGO: Fortran 77 and Algol 60 parts, not all available in machine readable form. Prof. Tim Hopkins, ACM Algorithms Editor, has informed us of translations to Fortran 90 and extensive testing in progress.</li> -</ul> - - -<h1>Language translator status</h1> - -<ul> -<li>Fortran 77 is "too big to fail": it is well supported after 40 years (gfortran, f2c)</li> -<li>Algol 60 is far less so, but a translator to C is available</li> -<li>Algol 68 and Algol W also have translators</li> -<li>BASIC, Pascal are not as old and there are workable tools</li> -<li>Many less widely used languages far more problematic (APL, PL/I, ...)</li> -</ul> - - -<h1>Case study: UNCMIN</h1> - -<ul> -<li>Minimization code used, e.g., in R as function nlm()</li> -<li>Well known: Kahaner Moler Nash (1989) has a subset code, while CMLIB has a version of the full original (code). R apparently has this code translated to C via f2c and hand editing.</li> -<li>Recent bug reports have appeared for R. Is there a bug in the original?</li> -</ul> - - -<h1>Outlook and difficulties</h1> - -<ul> -<li>An additional issue: abandonware. What is to be done if the code is copyrighted, but we can not contact the author anymore?</li> -<li>Preservation: fix code that violates (sometimes newer) standards</li> -<li>Are there bugs? If so, were they present in the original version? And which version is the original?</li> -</ul> - - - Arpad Laszlo Lukacs - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:15 - 00:25 - K.4.601 - ohw_rpi - Making Open Source Hardware for Retrogaming on Raspberry Pi - - Retrocomputing - devroom - - <p>Raspberry Pi, the most popular single board computer for hobbyists and students, is an affordable and widely used platform for retrogaming. Over the years the community has created numerous cool cases, add-on boards and peripherals for optimized gaming.</p> - -<p>In this presentation you will learn how to use cutting edge free and open source technologies such as KiCAD and OpenSCAD to create a gamepad as a Raspberry Pi HAT (Hardware Attached on Top) with device-tree fragment for mapping the keys saved in an EEPROM connected via I2C. Exact steps for setting it up and playing retro games in emulators on RetroPie and Raspbian will be provided. Furthermore we will discuss the benefits of the open source hardware and the certification program of Open Source Hardware Association (OSHWA).</p> - -<p>The presentation is appropriate for anyone interested in low-cost retrogaming and modern free and open source software technologies. No previous experience or hardware knowledge is required. Apart from retrogaming enthusiasts, the talk is appropriate for wide range of developers, makers, and students. Hopefully, the presentation will encourage the attendees to grab the soldering iron and start prototyping retrogaming compatible hardware for fun and profit.</p> - <p>Raspberry Pi, the most popular single board computer for hobbyists and students, is very affordable platform and it is a popular solution for retrogaming. Nowadays modern free and open source tools allows us to develop Raspberry Pi add-on boards to improve the gaming experience. Over the years the community has already created numerous awesome hardware projects for cases, add-on bards and peripheral optimized for retrogaming. -The focus will be on providing guidelines and recommendations how to use the open source EDA software KiCAD to design open source hardware gamepad as a HAT (Hardware Attached-on Top) according to requirements of the Raspberry Pi foundation as well as a simple cases for laser cutting or 3D printing with another popular open source software tool OpenSCAD. -Using practical examples related to retrogaming you will understand how to create device tree binary overlay for mapping keys and how to flash it in EEPROM attached to pin 27 of 28 of the Raspberry Pi header. Exact steps for setting up and using our do-it-yourself gamepad with popular GNU/Linux distributions RetroPie and Raspbian will be provided. Last but not least we will discuss the benefits of using open source hardware and the certification of the Open Source Hardware Association (OSHWA). -The presentation is appropriate for anyone interested in low-cost retrogaming and modern free and open source software technologies. No previous experience or hardware knowledge is required. Apart from retrogaming enthusiasts, the talk is appropriate for wide range fo developers, makers, and students.</p> - - Leon Anavi - - - Introducing Raspberry Pi HATs - RetroPie - Open source hardware gamepad for Raspberry Pi designed with KiCAD - Device tree source for key mapping - Open Source Hardware Association Open Source Hardware Association - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:45 - K.4.601 - the_first_contact - The First Contact - - PHP & Friends - devroom - - <p>So you did a great job with your website and now your customers want to get into contact with you. They actually want give you their holy grail and apply for a login. And that's where it usually starts to go south. So many things can go wrong with a registration form that your customer doesn't really feel welcome or safe. In this session we will debug a few real-life examples from a user-experience Point of View. By analysing that we will find ways to make the first contact of a user with our application a better experience. And you don't need to be a coder to see why and how to improve your next registration form.</p> - - - Andreas Heigl - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:45 - K.4.601 - profiling_php_applications - Profiling PHP applications - - PHP & Friends - devroom - - <p>Help my client is complaining some parts of the application are slow. Now what?</p> - -<p>Profiling!</p> - -<p>What is profiling and how can we measure the performance of our application? There are several tools we can use. Once we have the tools, how do we approach profiling. What to look for. And caveats to avoid when profiling. To finish up, we should avoid that our client is complaining about performance, how can we pro actively use profiling to improve our application.</p> - -<p>When finished we will end up with a nice toolbox of profiling tools and good ideas how to do profiling and avoid some common mistakes that might distract you from the real optimisation.</p> - - - Ike Devolder - - - slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:55 - 00:30 - K.4.601 - working_with_webhooks - Working with Webhooks - - PHP & Friends - devroom - - <p>Webhooks are the natural evolution of modern applications beyond using APIs to integrate between systems. This talk will showcase the webhook examples you're already familiar with, and show you how to handle these features in your own applications.</p> - <p>In an increasingly connected world, APIs are key to great tools and effective workflows. What is better than an API? A webhook of course! Webhooks are the modern way for integrating systems and allowing them to react to one another. This session will cover what a webhook is, when you might want to use one, and some examples for handling webhooks in your own PHP projects. You'll see some examples of tools to help during the development process, and some real examples of webhooks in action.</p> - - Lorna Mitchell - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:35 - 00:45 - K.4.601 - functions_as_a_service - Functions as a Service - How PHP set the ground stone for serverless - PHP & Friends - devroom - - <p>"Serverless" is the one hot topic of the past years. "Serverless functions" can be incredibly useful and supported by all major cloud providers. I want to compare this to the beginnings of PHP and how we can do very similar things with low effort and without any super fancy tools.</p> - <p>"Serverless functions" are basically "functions as a service". But what makes this so special? And why did PHP do most of this from it's beginning? I want to show how things worked when I started with PHP >10 years ago and how similar this was to todays "serverless functions". How you can easily create specific endpoints that do one specific thing, without writing a single line of code that handles routing. Even without writing a single line of configuration. -"Serverless functions" are something bold and awesome and new and fancy, but they are not es special as they might look on first sight.</p> - -<p>The talk is supposed to be entertaining. I don't want to talk people into using "functions as a service" or into not using them. But it might be interesting to know where things came from and that PHP might have inspired this whole development of the past years.</p> - - Sven Finke - - - Submit feedback - - - - 18:30 - 00:30 - K.4.601 - amendment_async_php_requests_and_reactive_responses_with_php_fpm - AMENDMENT Async PHP Requests & Reactive Responses with PHP-FPM - - PHP & Friends - devroom - - <p>There are many approaches to execute PHP sub-tasks asynchronously or to parallelise PHP execution. While some solutions require extra extensions, individual PHP builds or a lot of process control management, this talk will show you how to configure and use the built-in PHP FastCGI Process Manager (php-fpm) to execute requests asynchronously in an isolated, tunable process pool and eventually handle their responses in a reactive way.</p> - -<p>Please note that this talk replaces one entitled "Instant Upgrades with Rector" that was due to have been given by Tomas Votruba, who has sent his apologies but is now unable to attend as he has fallen ill. We wish him a speedy recovery.</p> - - - Holger Woltersdorf - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:30 - UA2.114 (Baudoux) - relaunching_the_odf_adoption_tc_at_oasis - Relaunching the ODF Adoption TC at OASIS - - Open Document Editors - devroom - - <p>In 2019, we will relaunch the old ODF Adoption TC at OASIS as ODF Adoption Open Project, to allow a wider participation from ODF stakeholders. The program is to announce the new project in March, and convene for the first online meeting before Easter. An update about the program status at FOSDEM.</p> - - - Italo Vignoli - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - UA2.114 (Baudoux) - server_side_solution_for_generating_odf_reports - Server side solution for generating ODF reports - An important step to adopt ODF in Taiwan - Open Document Editors - devroom - - <p>The National Development Council in Taiwan have asked the OSSII, a local LibreOffice service provider, to develop a solution that can directly generate ODF reports, while the servers in public administrations do not need to change a lot.</p> - <p>To adopt ODF and LibreOffice in Taiwan, a very important part, besides desktop applications, is to ask the reports generated from servers in all the public administrations to be in ODF format. Currently almost all reports are in Microsoft office format; some of them are even non-standard -- they can be opened by Microsoft Excel, but can not be converted by LibreOffice. Hence, the National Development Council asked the OSSII, a local LibreOffice service provider, to develop a solution that can directly generate ODF reports, while the server side do not need to change a lot. This talk gives a simple introduction of how this solution works.</p> - - Franklin Weng - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - UA2.114 (Baudoux) - resurrecting_mozilla_themes_for_libreoffice - Resurrecting Mozilla Themes for LibreOffice - Trying to uncover, fix and improve a hidden gem in the rough - Open Document Editors - devroom - - <p>Past, present, and the future of LibreOffice's Personalization dialog.</p> - -<p>LibreOffice has had the ability to use Mozilla Themes (Personas) for some time (Tools > Options > Personalization); but it kept breaking all the time, and never had an acceptable UX. Also tons of errors/warnings, and very slow search and apply processes almost brought it to the point of being killed for good. But I couldn’t let it die, started looking into the related code and the bug reports. Now it has a better UX/UI, and got most annoying bugs/crashers fixed, and is much faster.</p> - -<p>I will try to present a summary about the journey so far, and the plans for the future.</p> - - - Muhammet Kara - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - UA2.114 (Baudoux) - libreoffice_extensions - Quo vadis, LibreOffice extensions? - - Open Document Editors - devroom - - <p>The way how users can extend Libreoffice underperform the known usability from the office suite by a special kind of storage and a cumbersome way to load it. The talk will present one possible solution, open collaboration service, and show the improvements on both sides, the contributors who upload as well ideas on how users may easier customize and enhance the program.</p> - <p>Our extensions are hosted on a Plone-based content management site. The procedure to upload an extension is cumbersome as neither a wizard nor clear steps are provided. And also because the administration is hard work and a one-person show. Furthermore, the site lacks on good search and filter capabilities for the users and has no categories beyond Extensions and Templates. The talk will present two aspects: The first is how the open collaboration service works on https://www.opendesktop.org/ and the second part gives an idea how a tight integration into LibreOffice similar to GetHotNewStuff known from KDE might substantially improve the usability with also benefits for the development.</p> - - Heiko Tietze - - - Open Collaboration Service - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - UA2.114 (Baudoux) - improving_libreoffice_quality_together - Improving LibreOffice quality together - A summary of what happened in 2018 - Open Document Editors - devroom - - <p>Improving LibreOffice quality together. A summary of what happened in 2018.</p> - - - Xisco Fauli - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - UA2.114 (Baudoux) - collabora_office_on_ios - Collabora Office on iOS - - Open Document Editors - devroom - - <p>After several years of only occasional progress but mostly stagnation, resources have now been available for work on a LibreOffice-based app for iOS. This talk will describe the history and technical aspects of the effort.</p> - <p>Collabora Office for iOS is based on the C++ server-side code for Collabora Online (based on LibreOffice Online), and JavaScript code for the same (browser-side). Plus the core of Collabora Office (i.e. LibreOffice). Plus, finally, a rather small amount of glue code in Objective-C++. In the app all this code runs on the device, there is no server involved.</p> - -<p>Work on enabling compiling the LibreOffice core for iOS (cross-compiling, on a Mac, as all iOS development is done) was started originally back in 2011, by me. Initially this was mostly done in spare time, for fun.</p> - -<p>There was initially no clear product plan and no technical exact plans how, once the core code works on iOS, it can and would be used in an actual app. No work on any user interface. But just making the functionality needed to even load and save documents on iOS, for instance, was challenging enough, given the somewhat obscure and complex internal plumbing of LibreOffice with its long history.</p> - -<p>Some year later, for Collabora Online, the concept of “tiled rendering” was introduced by Michael Meeks. In this approach a client requests the core to render a document as “tiles”, rectangular pixmaps. The user interface in Online, in JavaScript, requests and displays these tiles and provides the user interface that send user input and edit request as necessary to the core.</p> - -<p>Also in the same timeframe, the CloudOn company needed an iOS app with the ability to load and edit office documents natively on an iOS device. We started working on making the LibreOffice core useful for that, based on my earlier work, and using tiled rendering for this, too. One major challenge here turned out to be the massive size of the LibreOffice core code, which was problematic as Apple at that time restricted the size of the executable code in an iOS app quite severely. Anyway, various workarounds were found, and this was progressing nicely, but then CloudOn was acquired and lost interest. No public iOS app code was released from that.</p> - -<p>As a test so see that the code works at least to some extent, I had written a minimal test app (without any actual editing UI), “TIledLibreOffice”, in the LibreOffice core code.</p> - -<p>Then no iOS work happened until a few years later when Jan Iversen got interested. He was at the time working for TDF. He worked on an iOS app, LibreOfficeLight, which is still present in the LibreOffice core code. He also worked on keeping the iOS functionality working in LibreOffice. Jon Nermut also helped. The LibreOfficeLight app as such worked but did not contain any actual editing functionality.</p> - -<p>Then half a year or so later, Michael started toying with the idea of re-using the by now quite substantial JavaScript UI we have in Online in an iOS app. And then a customer turned up that took part in funding it, Adfinis SyGroup.</p> - -<p>I started working on that, and it turned out to be surprisingly straightforward to get it working. Sure, there were lots of technical issues involved. Some of the iOS code in LibreOffice had bit-rotted over the years. The Online server code normally runs as multiple separate processes on a Linux machine. That had to be combined into code running in just one process (the iOS app) which was challenging.</p> - -<p>The JavaScript code in the iOS app is the same as that in Online. There are very few places where the JavaScript needs to know that it is running in an iOS app and not in a browser.</p> - -<p>All the code is Open Source and publicly available, in the LibreOffice “core” and “online” git repositories.</p> - - Tor Lillqvist - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - UA2.114 (Baudoux) - preventing_ooxml_interoperability_problems_in_libreoffice - Preventing OOXML interoperability problems in LibreOffice - - Open Document Editors - devroom - - <p>As we know LibreOffice is an editor built around the feature set of ODF standard. -When it comes to interoperability with other formats, notably OOXML, this causes another interesting source of problems: there are features available in the editor that might not be available in the counterpart product and consequently neither in OOXML format. -The result might be loss of work time: the user assumes if she saves her carefully crafted document in OOXML it will be retained. In some unlucky cases this might not be true because of differences between the LO feature set and the file format preferred by the user or her peers.</p> - -<p>My proposed solution to this is a small, simple and gradually extensible one: let's offer a configuration key that might be turned on by system administrators and this in turn would disable elements of the LibreOffice UI that offer features not available in the OOXML file format, or set different defaults in certain situations.</p> - - - Gabor Kelemen - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - UA2.114 (Baudoux) - new_interoperability_i18n_and_librelogo_improvements_of_libreoffice - New interoperability, i18n and LibreLogo improvements of LibreOffice - for office suite migrations in public sector, supported by NISZ and FSF.hu Foundation - Open Document Editors - devroom - - <p>3 lightning talks about news and the most important experiences of the various LibreOffice developments made for migration projects in public administration and education, based on my recent presentations of LiboCon, Tirana, and our newer results.</p> - <p>Building a LibreOffice development team: We have found and filed more than three hundred bugs during the biggest LibreOffice migration project of Hungary. Our help desk service couldn't handle these efficiently using half measures and workarounds, so we started to build a small LibreOffice development team focusing on the most important OOXML compatibility and other migration problems. After three month learning and trial period, we summarize our results and failures for LibreOffice community.</p> - -<p>LibreOffice language technology – news and best practices: This lightning talk shows new and improved language technologies of LibreOffice and their usage: new features of Hunspell spell checker (better handling of words written separately or with special orthography, faster suggestions, etc.), “Grammar by” spell checking for default technical dictionaries, Numbertext and NatNum12 number modifier for default date and other formats fulfilling special language needs, and exemplary developments for example for German (hyphenation using compound feature of libhyphen) and Hungarian (fields with automatic article selection; spell checking of word with special word breaking, for example, recognizing the parenthesized word forms, like “us(ag)e”).</p> - -<p>LibreOffice and eTwinning: LibreLogo in schools and teacher training programs: LibreLogo, integrated Logo extension of LibreOffice is based on strong practical and educational principles. After 4 years of research period, lead by Andreas Formiconi, University of Florence advocates LibreLogo usage in eTwinning program, community of European schools. This short presentation summarize the research results and recent and planned improvements of LibreLogo.</p> - - László Németh - - - LibreOffice Language Technology – News & Best practices - Build your LibreOffice development team! - LibreLogo in schools and teacher training programs - LibreLogo Improvements in LibreOffice 6.2 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - UA2.114 (Baudoux) - mysql_connector_and_other_databases_in_libreoffice - Mysql connector and other databases in LibreOffice - Changes around database drivers in LibreOffice - Open Document Editors - devroom - - <p>There had been several changes since lately around the database drivers of LibreOffice. The drivers, which are used to establish connection between various database-management systems and LibreOffice, allow us to customize Base to our needs. -I am going to talk about the improvements around database drivers such as upgrading the Firebird driver and creating a migration suite. Although the majority of the talk will be about improvements around the mysql connector.</p> - - - Tamás Bunth - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - UA2.114 (Baudoux) - online_under_the_hood - Online - under the hood - How to bring LibreOffice to your web app - Open Document Editors - devroom - - <p>The Online code-base can bring LibreOffice into an iframe in your web -app. Come and hear how this works, how to integrate it with your -software, and about all the options and tweaks that go with this.</p> - <p>Online uses a WOPI-like protocol, and it is simple to integrate. Come -hear about the total of three REST methods you need for a simple -integration. Hear about the wealth of options to control sharing work.</p> - -<p>See how Online works, and how you can get involved with building, -debugging, and developing it, and checkout some of the new features -we've been working on to make life better for our users.</p> - - Michael Meeks - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - UA2.114 (Baudoux) - vereign_toolbar_in_libreoffice_online - Vereign toolbar in LibreOffice Online - Technical aspects of integration of a 3rd party document signing service - Open Document Editors - devroom - - <p>This presentation will tell the story of integration of a 3rd party document signing service (provided by Vereign) into LibreOffice Online.</p> - - - Andras Timar - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - UA2.114 (Baudoux) - improving_smartart_import_in_libreoffice_impress - Improving SmartArt import in LibreOffice Impress - - Open Document Editors - devroom - - <p>LibreOffice Impress was capable of importing your SmartArt graphics from PPTX files for a long time. Today this is a popular feature, and we only do a good job of rendering this shape type when the file has a fallback rendering included. LibreOffice 6.3 will contain a long series of small, incremental improvements in this area, resulting in a large step forward when it comes to laying out SmartArt document models. This will be a major improvement for documents which don't have a pre-rendered layout included. The result affects both desktop LibreOffice and the Online. Come and see how this work is implemented, where are the still rough edges and how you can help.</p> - - - Miklos Vajna - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - UA2.114 (Baudoux) - libreoffice_layers - Do you know "layers"? - - Open Document Editors - devroom - - <p>The talk introduces you to the concept of "layers" in ODF (Open Document Format), which is completely different from "layer" concepts in image processing. The talk will then explain the "layers" actually implemented in LibreOffice, which come from StarOffice. Finally the presentation shows the resulting challenges for developers to adapt LibreOffice to ODF.</p> - - - Regina Henschel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:30 - UA2.114 (Baudoux) - clang_plugins_in_libreoffice_global_analyses_across_a_large_codebase - Clang plugins in LibreOffice - global analyses across a large codebase - - Open Document Editors - devroom - - <h2>Clang plugins in LibreOffice - global analyses across a large codebase</h2> - -<p>In the old days, we expended considerable effort to make our global analyses more efficient, especially when dealing with large codebases like LibreOffice. -However, with the advent of modern hardware and software tools this has become largely necessary.</p> - -<p>This talk will focus on some pragmatic design choices that lead to being able to run global analysis passes across the LibreOffice codebase, without breaking the bank on hardware or waiting days for results.</p> - -<p>Also, I discuss gradual approaches to developing such plugins that do require language-lawyer level knowledge of the C++ AST.</p> - - - Noel Grandin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:30 - UA2.114 (Baudoux) - native_gtk_dialogs - Native GTK Dialogs - current status and future work - Open Document Editors - devroom - - <p>Native GTK Dialogs, current status and future work</p> - - - Caolán McNamara - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:15 - UA2.114 (Baudoux) - are_we_optimiert_yet - Are we optimiert yet? - - Open Document Editors - devroom - - <p>A well known deficiency of Writer is that its Hide Tracked Changes mode is slow. We will discuss the origin of the problem, and the current status of the plans to fix it. Also an aside on leveraging type systems to aid large scale refactoring.</p> - - - Michael Stahl - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:15 - 00:15 - UA2.114 (Baudoux) - text_mining_with_openoffice - Text Mining with OpenOffice - - Open Document Editors - devroom - - <p>While typically done through dedicated natural language processing tools, text mining can be done at a basic level using OpenOffice too. We'll see how to leverage on OpenOffice's built-in features for automated text analysis.</p> - - - Andrea Pescetti - - - Submit feedback - - - - 18:30 - 00:30 - UA2.114 (Baudoux) - lightning_talks - Lightning Talks - - Open Document Editors - devroom - - <p>Lightning Talks. Andras will start the session with a lightning talk covering the technical aspects of LibreOffice Online localization and showing the issues that are not yet fixed, but will also collect proposals from other speakers.</p> - - - Andras Timar - - - Schedule on TDF Wiki - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 15:10 - 00:20 - UA2.118 (Henriot) - stats_optimizer - MariaDB and MySQL — what statistics optimizer needs - or when and how not to use indexes - MySQL, MariaDB and Friends - devroom - - <p>When your SQL query reaches the DBMS, it's the optimizer job to decide how to execute it for you to get the result as fast as possible. To make this decision optimizer can examine the actual table data, but with multi giga- and terabyte tables, the only practical solution is to use various data statistics that was collected in advance. The better the statistics is and the more precisely it describes the actual data, the faster the plan will be, because optimizer image of the reality will be closer to the actual reality.</p> - -<p>In this talk you'll learn what data statistics MariaDB and MySQL can collect, what statements do that, how to tell the optimizer to use it (it won't necessarily do it automatically!) and how it can make your queries many times faster.</p> - -<p>And, of course, when not to use indexes, when up-to-date statistics is enough.</p> - - - Sergei Golubchik - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:20 - UA2.118 (Henriot) - mysql_cap - MySQL and the CAP theorem: relevance & misconceptions - Dissecting, affirming and refuting CAP assumptions in real production systems. - MySQL, MariaDB and Friends - devroom - - <p>The CAP theorem is often used to describe the tradeoffs of available versus consistent systems. But the CAP theorem is often misunderstood and misrepresented. In this session we investigate the CAP properties of various MySQL replication setups, and show that it is impossible to claim a setup is AP or that it is CP. We will see how the properties can be non binary, and change across time, geography and workload. We will also observe where CAP's terms can be made irrelevant. This session takes the practical engineer's perspective and shows how we can gain the upper hand with reasonable tradeoffs.</p> - - - Shlomi Noach - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:10 - 00:20 - UA2.118 (Henriot) - mysql_bug_report - How to create a useful MySQL bug report - ...and make sure it's properly processed - MySQL, MariaDB and Friends - devroom - - <p>This session is for those MySQL DBAs and users who found some wrong, erratic, undocumented behavior while working with MySQL or MariaDB, got it crashed or failed in a way they consider totally wrong. We discuss what details to collect and provide, what tools to use and what steps to perform to create a public bug report that is processed (and, hopefully, fixed) fast. Possible efficient ways to escalate bugs that do not get proper attention are also presented.</p> - <p>This session is for those MySQL DBAs and users who found some wrong, erratic, undocumented behavior while working with MySQL or MariaDB, got it crashed or failed in a way they consider totally wrong. We discuss what details to collect and provide, what tools to use and what steps to perform to create a bug report that is processed (and, hopefully, fixed) fast.</p> - -<p>We discuss current life cycles of MySQL and MariaDB bugs, details of practical bug trackers usage, approaches to "security" bugs and escalation procedures, formal and informal - everything to get a real MySQL bug processed, properly fixed and documented. All this based on my personal experience of 14+ years of bugs reporting, processing and prioritizing in MySQL, Sun, Oracle, Percona and MariaDB Corporation.</p> - - Valerii Kravchuk - - - Basic structure would be the same as on these slides - Initial blog post on the topic - On recently added severity levels for MySQL bugs - On reporting MySQL bugs upstream for support providers - On reporting MySQL bugs in public for Oracle customers - Slides for this talk at SlideShare - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:20 - UA2.118 (Henriot) - online_backup_myrocks - How Online Backup works in MyRocks and RocksDB - - MySQL, MariaDB and Friends - devroom - - <p>In this session, the speaker will talk about how MyRocks's online backups work. Both physical (myrocks<em>hotbackup) and logical (mysqldump) backups will be covered, and physical backups will be more focused. -MyRocks (and RocksDB)'s physical backups basically work by 1. invoking RocksDB checkpoint that creates hard links then 2. copying data files (SST), redo logs (WAL) and others. myrocks</em>hotbackup has additional features like "renewing checkpoint" that makes replication catchup shorter, streaming backups, and auto-detecting O_DIRECT. Logical backups in MyRocks/RocksDB is more efficient than InnoDB because RocksDB more efficiently keeps track of transaction histories. -How physical/logical MyRocks/RocksDB backups work are not widely discussed in public, and the speaker will demystify in this session.</p> - <p>In this session, the speaker will talk about how MyRocks's online backups work. Both physical (myrocks<em>hotbackup) and logical (mysqldump) backups will be covered, and physical backups will be more focused. -MyRocks (and RocksDB)'s physical backups basically work by 1. invoking RocksDB checkpoint that creates hard links then 2. copying data files (SST), redo logs (WAL) and others. myrocks</em>hotbackup has additional features like "renewing checkpoint" that makes replication catchup shorter, streaming backups, and auto-detecting O_DIRECT. Logical backups in MyRocks/RocksDB is more efficient than InnoDB because RocksDB more efficiently keeps track of transaction histories. -How physical/logical MyRocks/RocksDB backups work are not widely discussed in public, and the speaker will demystify in this session.</p> - - Yoshinori Matsunobu - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:10 - 00:20 - UA2.118 (Henriot) - tidb - TiDB: Distributed, horizontally scalable, MySQL compatible - - MySQL, MariaDB and Friends - devroom - - <p>TiDB is an open source distributed scalable hybrid transactional -and analytical processing (HTAP) database built by PingCAP. It also -speaks the MySQL protocol and uses RocksDB as the underlying storage -engine!</p> - -<p>This talk provides an introduction and overview of TiDB, tailored for -those with a strong background in MySQL. I will use MySQL as an -example to explain various implementation details of TiDB, and -translate terminology to MySQL/InnoDB terms.</p> - - - Morgan Tocker - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:40 - 00:20 - UA2.118 (Henriot) - pfs_20min - MySQL Performance Schema in 20 Minutes - - MySQL, MariaDB and Friends - devroom - - <p>Born in 2010 in MySQL 5.5.3 as "a feature for monitoring server execution at a low level," grown in 5.6 times with performance fixes and DBA-faced features, in MySQL 5.7 Performance Schema is a mature tool, used by humans and more and more monitoring products. It becomes more popular over the years. In this talk I will give an overview of Performance Schema, focusing on its tuning, performance, and usability.</p> - <p>Performance Schema helps to troubleshoot query performance, complicated locking issues, memory leaks, resource usage, problematic behavior, caused by inappropriate settings and much more. It comes with hundreds of options which allow precisely tune what to instrument. More than 100 consumers store collected data.</p> - -<p>Performance Schema is a potent tool. And very complicated at the same time. It does not affect performance in most cases and can slow down server dramatically if configured without care. It collects a lot of data, and sometimes this data is hard to read.</p> - -<p>This talk will start from the introduction of how Performance Schema designed, and you will understand why it slowdowns server in some cases and does not affect your queries in others. Then we will discuss which information you can retrieve from Performance Schema and how to do it effectively.</p> - -<p>I will cover its companion sys schema and graphical monitoring tools.</p> - - Sveta Smirnova - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:10 - 00:20 - UA2.118 (Henriot) - mysql_component - MySQL 8.0 Component Infrastructure - Why, what's there, what's next and how to use it - MySQL, MariaDB and Friends - devroom - - <p>You probably saw the new MySQL 8.0 commands INSTALL COMPONENT and UNINSTALL COMPONENT and been wondering "is there anything for me". I'll try to explain what the component infrastructure is, why do we need it, what's available through it and where do we have the ambition to get it. -I'll present what does it take to create a simple component too.</p> - <p>The MySQL component infrastructure is intended as a reboot of the plugin functionality. It's built on the principle of modularity, explicit interfaces and dependencies and obfuscation of complex internal structures and object instances behind handles. It inherits the best from the plugin functionality while avoiding the known pitfalls and providing missing functionality. -We'll go over the architectural principles behind the components, services and service implementations. We'll also create a simple component, see how it declares the APIs it needs and provides and how does it interact with the other APIs available in the service registry. At the end we'll go through an enumeration of the services available from the MySQL server component. -We'll then try to think together on what's missing, what could be next and what's more desired in terms of functionality.</p> - - Joro Kodinov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:40 - 00:20 - UA2.118 (Henriot) - mysql8documentstore - MySQL 8.0 Document Store: How to Mix NoSQL & SQL in MySQL 8.0 - a database where developers and DBAs live in peace - MySQL, MariaDB and Friends - devroom - - <p>MySQL 8.0 is now also a Document Store where it's very easy to store JSON documents and use CRUD operations. Developers now can deal with their datata without writing a single line of SQL. In this talk, I will show how easy it's for developers to use CRUD operations that allow a cleaner and easier development but also how the DBA can deal with the data and benefits from the power of a RDBMS.</p> - -<p>I will illustrate this with examples where we add data/modify data very easily and where we increase the speed of the queries in the background and generate more complicated reports using SQL on the same data.</p> - -<p>The best of both worlds in one single product.</p> - - - Frédéric Descamps - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:05 - UA2.220 (Guillissen) - welcome_legal_policy - Welcome to the Legal and Policy Issues devroom - - Legal and Policy Issues - devroom - - <p>Welcome to and overview of the eighth year of the Legal and Policy Issues DevRoom</p> - - - Tom Marble - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:35 - 00:25 - UA2.220 (Guillissen) - what_did_i_agree_to - What did I just agree to? - A quick trip through the un-"popular" open source licenses - Legal and Policy Issues - devroom - - <p>Understanding FOSS licenses are indisputably an important part of the process for contracting for IT services ranging from software agreements, professional services to create or support software, and to cloud solutions.</p> - -<p>It’s not uncommon to find carve outs in those agreements saying that “Some Third-Party Content may be provided to you under a separate license, such as the Apache License, Version 2.0, or other open source license.” What does that mean? Are there any surprising terms to be found in those “other open source licenses”.</p> - -<p>This presentation will briefly review the terms of some of the less commonly discussed licenses approved by OSI as “open source.” What are some of the interesting properties of these less common licenses? And do we really want to keep agreeing to use them in our contracts?</p> - <p>There are 83 licenses listed as approved “Open source” licenses on the Open source initiatives website. Most of the time when developers, lawyers, and FOSS compliance experts talk about “open source” licenses the permissions and obligations of the nine licenses listed on OSI’s “popular licenses” list are front and center. Occasionally a few other licenses like the AGPL and the Creative Commons licenses are considered as well. But what about the other 70 licences? Do the generalizations and expectations many of us have based on the popular licenses hold up when we start to consider the other OSI approved licenses?</p> - -<p>This presentation will argue that many the spoken and unspoken expectations of open source licenses do not generalize well when we consider the full list of licenses approved by OSI. This can be a challenge when IT policies and contractuals are written about “open source” licenses generally. Do organizations that are comfortable working with and using open source software and licenses really want to bound by all of the obligations in every free software license? Are the generalizations we make about open source licenses really true for every license? Do we need to be more careful in crafting policies and contracts then treating all open source licenses the same?</p> - -<p>This presentation will review attributes found in the un-”popular licenses” that have been approved by OSI that differ from the unique and common attributes found in the popular licenses.</p> - -<p>For example not all of them are classified as free by the Free Software Foundation and some appear to not be acceptable for inclusion in Debian. We will look at the public rationale for Debian and the Free Software Foundation refusing to include those licenses. We will also look at other unexpected properties of other licenses that may challenge many of our internal models for open source licenses.</p> - -<p>We will also look at which licenses have the unusual attributes such as: -* Choice of Venue Clauses -* Choice of Law clauses -* Unusual distribution clauses such as -- requirements to secure assent to the agreements and licenses -- Mandatory Public publication requirements for specified periods of time -- Grant of third party beneficiary rights for recipients -* Retaliation clauses with broad scopes (terminating all rights for unrelated litigation) -* Licenses that have restrictions or contingent obligations that trigger on use -* Exclusion of patent rights -* Restrictions on selling copies of software</p> - -<p>We will pay particular attention to licenses that impose obligations on individuals for merely using the software even if they don’t modify the software such as: -* requirements distribution when software is used and the various ways use triggers: -* distribution and to whom distribution is required under those circumstances. such as the several licenses that require sharing source code when you use it or let others use it. -* Indemnification of authors of the source code</p> - - Marc Jones - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - UA2.220 (Guillissen) - cern_ohl_v2 - Introducing the CERN Open Hardware Licence version 2 - Covering some of the major changes in this new version of CERN-OHL - Legal and Policy Issues - devroom - - <p>The CERN OHL is a copyleft open hardware licence which was launched in March 2011. It has undergone point releases 1.1 and 1.2 and since then, but feedback from user communities, particularly those working with microprocessor cores and FPGAs has made us reconsider some of the fundamental assumptions made when the licence was first drafted. We have shamelessly taken ideas from other licences as well as introducing some new approaches, driven by the needs of users. This session introduces our new draft of version 2.0, which aims to make v2.0 more flexible than any previous version, while increasing clarity of drafting.</p> - <p>Full Description} -Hardware is more complex than software from an intellectual property perspective, and this makes developing an open hardware licence, especially a copyleft/reciprocal open hardware licence, particularly challenging. The CERN OHL has been designed to work with as wide a range of hardware as possible, from artistic works, through mechanical devised, to circuit board layouts and, more particularly to software, microprocessor cores and even FPGAs and ASICs. At the same time, we recognise that hardware is a different domain from software, and that it is a mistake to assume that lessons learned in the software domain can automatically be applied to open hardware.</p> - -<p>We have listened to the concerns of many users and potential users of the CERN OHL, and have produced a radical redraft of the licence which aims to:</p> - -<p>be concise and clear; -be appropriate for a wide range of different use cases in fields of use (such as microprocessor cores, FPGAs and ASICs); -be appropriate for a wide range of users, from not-for-profits through to commercial organisations; -be compatible, so far as possible with other licences like GPLv3 and TAPR; -be easy to use; -discourage licence proliferation; -encourage compliance as the main outcome of enforcement; -maximise the availability of open hardware designs to the public; -maintain the same spirit as the previous versions of the CERN OHL; -allow for strong- and weak-reciprocal licensing models, as well as permissive models.</p> - -<p>The new version 2, in its three variants - strong, weak and permissive, is the culmination of significant drafting effort with the input of a wide range of users and potential users of open hardware licensing.</p> - -<p>This talk introduces some of the key concepts in the CERN-OHLv2, explains its evolution from previous versions, and aims to explain how it can best be applied to a number of different types of hardware.</p> - - Andrew Katz - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - UA2.220 (Guillissen) - community_guidelines - Now what? Following through on your community guidelines - - Legal and Policy Issues - devroom - - <p>Is there a single right way to enforce a code of conduct, community guidelines, or whatever you call the systems you have to help maintain a good community? This is a peek into how the Debian Anti-Harassment (AH) team functions, a few (anonymized) examples of issues handled, and the philosophy behind helping the Debian community to be a welcoming place for all contributors.</p> - <p>The Debian code of conduct (<a href="https://www.debian.org/code_of_conduct">https://www.debian.org/code_of_conduct</a>), mailing list code of conduct, Debian Community Guidelines, DebConf code of conduct, and even the Diversity Statement are tools used for the goal of building a welcoming and inclusive community for Debian.</p> - -<p>As much of Debian's work is carried out in the open, so too are many of its problems, which can be visible on social media, in the blog aggregation site Planet Debian, and on public mailing lists. Inappropriate behaviors, harsh communications, and general poor decision making occur on a fairly regular basis. When problems arise within the project, they are typically escalated to either the Anti-harassment team or the Debian Project Leader (DPL). The Anti-harassment team (AH) tackles these problems on a fortnightly basis, making recommendations and directly contacting those involved in disputes or questionable practices.</p> - - Molly de Blanc - - - Freedom embedded: Devices that respect users and their communities (DebConf 2017) - A division of labor in free software (LCA 2018) - That's a free software issue (DebConf 2018) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - UA2.220 (Guillissen) - open_source_gdpr - Open source in the quest for GDPR compliance - - Legal and Policy Issues - devroom - - <p>Uniformisation at the European level of data protection legislation brought on the table a lot of diversity in implementation from the private sector. Before the GDPR, member states had a specific national approach on how to interpret the previous Data protection directive 95/46/EC. Also, lots of actors came in the spotlight: the National Supervisory Authority, different public and private entities coming from all sectors of economy. The OSS community found itself driven in this ride and even with the best intentions nobody was able to find a complete, personalized guide to implement this new ruling that in theory is so welcomed. This talk is about pointing out how the Open source ecosystem is tangential with the GDPR data protection principles. Also, it will show how are the data protection rights and responsibilities shared between the community participants and the community's infrastructure providers.</p> - <p>The OSS field has as core value the concept of community, which helps a project evolve and make a difference in the software world. Not surprisingly a lot of the OSS projects are around the notions of privacy, anonymity and data protection, as they reflect in general a need that the people forming OSS communities have: to keep their personal data protected and avoid monopoly of that by proprietary software. The GDPR came as an effective tool to raise awareness about the importance of personal data and brought on the table specific principles, rights, obligations, along with a lot of improvements to be made in the current status quo. -This talk will analyse how the provisions of the GDPR are tangential with the OSS ecosystem. It will point out how the principles of the GDPR are connected to the OSS world, how we could analyse the model of data controller / data processor in the context of the OSS participants / infrastructure providers. Also, it will point out how the data protection rights are enforced by the OSS model, by analyzing some of the technologies that have risen from this ecosystem: wikis and zero-knowledge collaborative software.</p> - - Cristina DeLisle - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - UA2.220 (Guillissen) - libreoffice_origins - LibreOffice: the origins of a community fork - - Legal and Policy Issues - devroom - - <p>LibreOffice was announced in September 2010 as a fork of OOo, by a group of active members of the OOo community who were worried by Oracle acquiring Sun. They decided to create an organization capable of growing the LibreOffice project based on five founding principles: copyleft license, no contributor agreement, meritocracy, independence from vendor(s), and community governance. The talk will cover the history and governance peculiarities of The Document Foundation.</p> - <p>The Document Foundation (TDF), based in Germany, is the not for profit home of LibreOffice and the Document Liberation projects. Although is a German foundation, it has members who are at the same time the owners of the foundation and those who decide the governance, as they elect the Board of Directors and the Membership Committee from a list of candidates who have to be TDF members. TDF is based on five founding principles: copyleft license, no contributor agreement, meritocracy, independence from vendor(s), and community governance. Governance and statutes are hevily influenced by the previous experience at OOo, i.e. there isn't any community manager, there aren't any formal roles, and there isn't any formal mechanism for involving people (which makes people involvement a challenge). On the other hand, the community is growing nicely even without these people being appointed and a specific mechanism, but of course there are some issues like in any other community. The talk will briefly summarize the challenges we had to face in term of governance, and hopefully foster a discussion on the topic.</p> - - Italo Vignoli - - - Interview - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - UA2.220 (Guillissen) - tragedy_of_the_commons_clause - Redis Labs & the tragedy of the Commons Clause - - Legal and Policy Issues - devroom - - <p>In August 2018, Redis Labs relicensed a number of AGPL-licensed Redis modules with the "Commons Clause" amendment on the grounds that it prevents abuse and therefore ensures the sustainability of its development.</p> - -<p>As this renders the software no-longer free and open source, GNU/Linux distributions such as Debian and Fedora are unable to ship Redis Labs' versions of the affected modules to their users.</p> - -<p>This talk from a long-time (2009) Redis user &amp; developer will outline the history, background &amp; response to this flavour of license, as well explain how this it at odds with communities in which they participate in and are ultimately are a short-sighted &amp; retrograde step for the companies and individuals that are advocating for them.</p> - -<p>Furthermore, this talk will ask some thought-provoking questions about how the the conversation around "sustainability" in open source is being co-opted by foregrounding of financial elements to the detriment of the principles &amp; people that have so clearly and demonstratively served us so well in the past four decades.</p> - - - Chris Lamb - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:50 - UA2.220 (Guillissen) - legal_ethics - How should lawyers behave? Legal "Ethics" and Free Software - - Legal and Policy Issues - devroom - - <p>Legal issues are at the heart of FOSS, and lawyers play an important role in the creation and adoption of free software. Around the world, legal practice is constrained and governed by different rules outlining who lawyers can represent, how they can interact with their clients, the nature of advice they can give, how they deal with conflicts of interest and what information they must keep confidential. This panel will talk about how legal ethics plays out specifically for free software.</p> - - - Karen Sandler - Pamela Chestek - Miriam Ballhausen - Amanda Brock - Justin Colannino - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - UA2.220 (Guillissen) - foss_governance - FOSS Governance: The good, the bad and the ugly - - Legal and Policy Issues - devroom - - <p>There are lots of ideas out there about how to run a free and open source software project... but not all strategies were created equal. Sometimes governance "just happens" but more often than not, projects end up with some things that work and some that don't. Transparency, clear expectations and compassion go a long way towards helping you find people who support your vision but can still bring new ideas to the table when it comes time to talk implementation. Your project's governance should reflect your values and empower individuals to succeed within its structure.</p> - -<p>Maintaining and scaling your project is easier when you've laid a good foundation. The community is mature enough that we can learn from what's already been done and set up new projects for success. This talk will cover some of the big red flags you'll want to avoid as well as some of the structural details that will help avoid issues later on.</p> - <p>There are lots of ideas out there about how to run a free and open source software project... but not all strategies were created equal. Sometimes governance "just happens" but more often than not, projects end up with some things that work and some that (really) don't. Unfortunately, by the time they regret some of the bad ideas they're baked into the project and harder to change. This talk will cover some of the big red flags you'll want to avoid as well as some of the less obvious stuff that most people discover "the hard way."</p> - -<p>Figuring out when your idea is cohesive enough to bring people in but not so detailed that you're basically looking for clones of yourself, is a delicate dance. Transparency goes a long way towards helping you find people who support your vision but can still bring new ideas to the table when it comes time to talk implementation. Laying down a few rules or sharing some expectations early on can help you avoid a world of hurt and confusion later on. And of course, there are a few nitty gritty details (like licensing and naming) that are worth paying a little bit of special attention to in the beginning.</p> - -<p>Maintaining and scaling your project is easier when you've laid a good foundation. Join me for whirlwind tour of what not to do, what to do instead and <em>maybe</em> what you can do to fix what you've already done. The FOSS community has more than enough good, bad and ugly governance stories that you should at least make be able your own brand new mistakes.</p> - - Deb Nicholson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - UA2.220 (Guillissen) - license_tools_panel - Making Sense of so many License Compliance Tools - - Legal and Policy Issues - devroom - - <p>License Compliance has become big business. Many proprietary tools exist, but fortunately in -recent years FLOSS tools to aid understanding the licenses of codebases have been created. -This panel includes developers of many of these freely available tools. We'll discuss what these -tools do, if they can actually address compliance problems in the wild yet, and the general -challenges of developing freely available tools in a heavily proprietarized industry.</p> - - - Bradley M. Kuhn - Michael Jaeger - Philippe Ombredanne - Valerio Cosentino - Max Sills - Thomas Steenbergen - - - ScanCode-Toolkit - AboutCode-Toolkit - ScanCode-Workbench - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - UA2.220 (Guillissen) - nobody_uses_the_agpl - Who wants you to think nobody uses the AGPL and why - - Legal and Policy Issues - devroom - - <p>The GNU Affero General Public License (AGPL) is an important tool for -protecting user freedom on the network. Detractors have criticized it -for being both too weak and too strong/demanding. In 2018, it was in -the news more than ever. Are the interests of corporations that are -afraid of their free code being turned into network services run by -competitors starting to align with users losing their freedom to such -services?</p> - <p>Historically, the AGPL has been the target of criticism from entities -that want to extinguish it. Some companies have banned it from their -premises, sowed fear about how it operates, and propagated a myth that -nobody is using it.</p> - -<p>Others claim that the AGPL is being used primarily by companies -seeking to strong-arm downstream users into purchasing a proprietary -version of the covered software -- by catching those users being out -of compliance with the AGPL, and telling them that they must buy the -software under a proprietary license to avoid being taken to court for -copyright infringement.</p> - -<p>A third group of companies is now claiming that the AGPL doesn't go -far enough to protect their software against being turned into -services that deny users freedom -- though freedom may not be their -primary concern.</p> - -<p>In fact, the AGPL is being used today by a variety of interesting and -important projects, including ones started by governments, nonprofits, -and even businesses. I'll highlight some illustrative examples. I'll -also do my best to separate understandable concerns that people have -about using the AGPL from attacks on user freedom masquerading as -concerns, and see if there is any synergy between the concerns of the -third group above and those of individual users.</p> - -<p>While not a full solution to the problems raised when users replace -software running on their own machines with software running on -someone else's machine, the AGPL is a tool that is being embraced and -should be embraced even more.</p> - - John Sullivan - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:50 - UA2.220 (Guillissen) - foss_inside_companies - Advocating For FOSS Inside Companies Redux - - Legal and Policy Issues - devroom - - <p>Companies regularly use and contribute to FOSS. Most larger companies now employee internal staff who make policy decisions, recommend Tools, oversee license compliance, teach others about FOSS, and interpret community politics for the -company. Different offices and departments usually differ in their approaches to managing, using, contributing to, and releasing FOSS. This second annual Open Source Program Office (OSPO) panel explores the different approaches companies have to FOSS.</p> - - - Tom Marble - Charles Eckel - Nithya Ruff - Duane O'Brien - Jeff McAffer - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:25 - UA2.220 (Guillissen) - patent_exhaustion - The surprising interaction of open source and patent exhaustion - - Legal and Policy Issues - devroom - - <p>When people think of the interaction between patents and open source, the most frequent questions have to do with the existence and scope of patent licenses, either express or implied. However, patent exhaustion may end up being far more impactful than licenses. This discussion will present the results of some recent analysis of the caselaw and discuss some of the unexpected implications of recent patent exhaustion cases.</p> - <p>A patent gives its owner the right to exclude others from making, using, and selling the claimed invention. In contrast, FOSS licenses grant broad rights to modify, compile, distribute, and use software. Absent explicit treatment in the license, the patent-related right to exclude and the open-source-granted right to use are at least apparently in tension. One of the ways in which this tension is addressed is through the doctrine of patent exhaustion. An analog to copyright's "first sale" doctrine, any authorized sale of a patented object by a patent owner or a licensee exhausts all patent rights in the product sold, which prohibits a patent owner from enforcing post-sale restrictions through patent infringement suits.</p> - -<p>It is uncontroversial to say that patent exhaustion applies to FOSS. A patent holder that "sells" a software product, or sells a physical product with with FOSS software embedded, will clearly be subject to patent exhaustion as applied to any downstream customers of the patent holder. But that is not the end of the analysis. What does it mean to "sell" a "product" sufficiently to invoke patent exhaustion? How does that correspond to the normal ways in which organizations typically interact with FOSS?</p> - -<p>This presentation will quickly go through the essential holdings from five cases[1], and then present an argument regarding how the holdings of these cases interact with typical FOSS practices in a far more extensive fashion than people may have previously considered.</p> - -<p>[1] Cases: -* Quanta Computer, Inc. v. LG Electronics, Inc. -* Impression Products v. Lexmark International -* Lifescan Scotland, Ltd. v. Shasta Technologies -* Cascades Computer Innovation, LLC v. Samsung Electronics Co. -* Intel Corp. v. ULSI System Technology, Inc.</p> - - Van Lindberg - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:50 - UA2.220 (Guillissen) - organizers_panel - Organizer's Panel -- Now and Forever - - Legal and Policy Issues - devroom - - <p>The organizers of the Legal &amp; Policy Issues DevRoom will reflect on recent developments in software freedom policy and law, and will discuss some of the topics and issues raised in this year's and past year's DevRooms.</p> - - - Tom Marble - Bradley M. Kuhn - Karen Sandler - Richard Fontana - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - - - 10:30 - 00:25 - UB2.252A (Lameere) - ten_years_puppet - Ten years of Puppet installations: what now? - Lessons learned, sane suggestions, outlook for the future. - Infra Management - devroom - - <p>The presenter has more than 10 years of experience in installing, configuring, designing, migrating Puppet infrastructures of any size and kind. -This presentation is all about sharing experiences and knowledge on what has worked and what hasn't, ways to introduce automation and approaches to [Puppet] migrations. -The final part is about what comes next and the role of Puppet and classic configuration management tools in the containers universe.</p> - <p>A presentation that outlines the kind of challenges that faces whoever has to automate the configuration and the management of an IT infrastructure. -Understanding who has to implement and maintain the automation, what are the elements to cover, how their configurations change in the infrastructure, what are the priorities and the timings. -Then deliver and implement an operative approach for the migration and maintenance. -All this with a historical perspective which involves reasonings on the role of configuration management in current and future IT landscapes.<br/> -Topics are based on the presenter Puppet experience but focus on principles valid to any automation challenge.</p> - - Alessandro Franceschi - - - Presentation slides - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - UB2.252A (Lameere) - keeping_track_stateful_infrastructure - Keeping Track of Stateful Infrastructure - An overview over InnoGames infrastructure and the tools we build - Infra Management - devroom - - <p>At InnoGames we have to keep track of three collocations, ~30 racks with thousands of VMs to run games for over 200 million registered users. We have to manage our self hosted as well as various external services and preferably do so in a way that does not wake our oncall admin at 3am.</p> - <p>All our infrastructure is configured via a central configuration management database. We use that database to keep track of physical and virtual machines, network equipment and configuration, monitoring and much more. We have open sourced our configuration management database [0], as well as our tooling for managing KVM VMs [1]. What makes serveradmin unique is how easy it is to modify the database schema as well as its very easy to use and fast API.</p> - -<p>This talk will -- give you an overview over our infrastructure and custom tooling. -- explain our approach to API driven infrastructure automation. -- show you how to model your infrastructure in serveradmin. -- demonstrate creation, deletion and live migration of KVM VMs.</p> - -<p>[0] https://github.com/innogames/serveradmin -[1] https://github.com/innogames/igvm</p> - - Patrick Meyer - - - Serveradmin on Github - IGVM on Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - UB2.252A (Lameere) - multicloud_ci_cd_openstack_kubernetes - Multicloud CI/CD with OpenStack and Kubernetes - - Infra Management - devroom - - <p>With over 50 Public cloudbased on OpenStack, distributing workloads closer to customers is now a reality. Expect to learn how to leverage CI/CD to build multicloud Kubernetes clusters across several OpenStack Public Clouds.</p> - <p>We’ll start by presenting the benefits of multicloud and how Kubernetes and OpenStack fit in that strategy.</p> - -<h1>Multicloud architecture</h1> - -<p>Then we’ll explain the setup of a geo-distributed Kubernetes environment and this translates in OpenStack terms.</p> - -<h1>Cloud agnostic tools</h1> - -<p>An important part of multicloud is to have adapted tooling, so we’ll compare several tools to manage OpenStack resources (heat, ansible, terraform, …) and to install Kubernetes (kops, kubespray, kubeadm, …) in a cloud agnostic way.</p> - -<h1>Demo</h1> - -<p>We’ll put it all to the test with a live demo with a CI/CD application deployment across the globe.</p> - -<h1>Wrap up</h1> - -<p>Finally we’ll wrap it up with lessons learned and challenges of multicloud.</p> - - Maxime Guyot - - - slides - code - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - UB2.252A (Lameere) - use_configmanagement - Use configmanagement for your ... configmanagement. - - Infra Management - devroom - - <p>After discovering Foreman Ansible Modules I've set up an Ansible Playbook to set up and configure Foreman and Katello. Once its up and running, it allows you to boot PXE machines, or image based using Packer and Gitlab. The lab is deployed on my laptop and showcases the following technologies:</p> - -<ul> -<li>lifecycle management (create/update/delete machines)</li> -<li>content management (Environments/Packages/Subscriptions)</li> -<li>scheduled image building and delivery with a pipeline</li> -<li>cloud-init</li> -<li>immutable infrastructure</li> -</ul> - - -<p>In other words, in this talk I will show how I manage foreman/katello/smartproxies with configuration management tools themselves.</p> - - - Wim Bonthuis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - UB2.252A (Lameere) - mgmt - Mgmt Config: The Road to 0.1 - Real-time, autonomous, automation - Infra Management - devroom - - <p>Mgmt is a real-time automation tool that is fast and safe. As we get closer to a -0.1 release that we'll recommend as "production ready", we'll look at the last -remaining features that we're aiming to land by then. We'll explain and demo the -import and module system, classes, and native functions.</p> - -<p>We'll also show some exciting real-time demos that include scheduling, finite state machines, and remote execution.</p> - <p>Mgmt is a real-time automation tool that is fast and safe. As we get closer to a -0.1 release that we'll recommend as "production ready", we'll look at the last -remaining features that we're aiming to land by then. We'll explain and demo the -import and module system, classes, and native functions.</p> - -<p>We'll also show some exciting real-time demos that include scheduling, finite state machines, and remote execution.</p> - -<p>A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ -Attendees are encouraged to read some before the talk if they want a preview!</p> - - James Shubin - - - Project homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - UB2.252A (Lameere) - configurations_prove_yours - Configurations: Do you prove yours ? - - Infra Management - devroom - - <p>How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?</p> - -<p>We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.</p> - -<p>This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.</p> - - - Alexandre Brianceau - - - Video recording (WebM/VP9) - Video recording (mp4) - RUDDER website - Slides - Submit feedback - - - - 14:30 - 00:25 - UB2.252A (Lameere) - uyuni_world_class_frontend - Uyuni: A world-class open source frontend solution for managing your software-defined infrastructure with Salt - https://www.uyuni-project.org/ - Infra Management - devroom - - <p>Uyuni (https://www.uyuni-project.org/), an opinionated fork of the Spacewalk project, provides open source lifecycle management for today's datacenter. With the help of Salt for configuration management it keeps your workloads up to date and secure.</p> - -<p>Uyuni manages all your Linux workloads. It bootstraps physical servers, creates VMs for virtualization and cloud, builds container images, and tracks what runs on your Kubernetes clusters. All using Salt under the hood!</p> - -<p>It provides you a high-class frontend solution to interact with Salt, manage your states, formulas with forms, and much more using a web UI.</p> - -<p>Uyuni is open source, backed by SUSE Linux, and actively developed.</p> - -<p>This presentation will give you an overview about Uyuni, its current possibilities for managing datacenters, and how it provides you a powerful frontend to interact with Salt.</p> - - - Pablo Suárez Hernández - Julio González Gil - - - Uyuni homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - UB2.252A (Lameere) - declare_linux_network_state - Declare your Linux Network state! - - Infra Management - devroom - - <p>NMState is a new declarative API that simplifies Linux network management.</p> - <p>Various services built on top of Linux need to manage the network configuration. Each service models network entities differently and uses various APIs to change the network state, multiplying the required work. -NMState centralizes the challenges by providing a unified declarative representation of the Linux network state and allowing to modify it using the same schema. NMState also provides Ansible network modules to manage Linux systems, conforming to the same uniform schema used to control network appliances. -The talk will introduce NMState, its core capabilities, current users and roadmap, including plans for Kubevirt, oVirt, Openshift and Openstack support. Afterwards, the audience will understand the benefits of using NMState to centralize collaboration on Linux network management.</p> - - Till Maas - Edward Haas - - - NMState homepage - NMState GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - UB2.252A (Lameere) - sysadmins_deserve_interface_stability - Sysadmins, too, deserve interface stability - Designing a stable interface to abstract OS configuration across multiple distribution versions - Linux System Roles for Ansible - Infra Management - devroom - - <p>APIs strive to make programmers’ jobs easier by staying stable. Less attention is paid to make the jobs of system administrators easier by providing stable configuration interfaces. These interfaces consist of configuration file formats and various utilities that often change with new major OS releases. -Ansible is a great tool for system management, but keeping Ansible playbooks working across major distribution version upgrades can be challenging due to this interface instability. We present Linux System Roles (github.com/linux-system-roles) which allow to manage RHEL, CentOS and Fedora with sufficient abstraction to enable using the same playbooks for different releases and to avoid the need of changing playbooks due to implementation changes. -The main difficulty of this approach is getting the interface right to avoid the need of incompatible changes in the future. We will show how to use Linux System Roles with Ansible to configure your Fedora, RHEL or CentOS systems and discuss the challenges that one may encounter when designing such a system or Ansible roles in general.</p> - <p>APIs strive to make programmers’ jobs easier by staying stable. Less attention is paid to make the jobs of system administrators easier by providing stable configuration interfaces. These interfaces consist of configuration file formats and various utilities that often change with new major OS releases. -Ansible is a great tool for system management, but keeping Ansible playbooks working across major distribution version upgrades can be challenging due to this interface instability. We present Linux System Roles (github.com/linux-system-roles) which allow to manage RHEL, CentOS and Fedora with sufficient abstraction to enable using the same playbooks for different releases and to avoid the need of changing playbooks due to implementation changes. The roles currently support configuring: -- kdump -- SELinux -- networking -- time synchronization -- postfix -- storage -- logging</p> - -<p>The main difficulty of this approach is getting the interface right to avoid the need of incompatible changes in the future. We will explain and discuss the choices that we made in the design of the interfaces of our roles. We expect our experience to be generally useful for those who design Ansible roles.</p> - -<p>Attendees will gain a practical understanding of how to use Linux System Roles with Ansible to configure their Fedora, RHEL or CentOS systems consistently across multiple releases. The audience is assumed to have a basic understanding of Ansible and experience with Linux (preferably Fedora-derived) system administration.</p> - - Till Maas - Pavel Cahyna - - - Home page - GitHub project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - UB2.252A (Lameere) - pulp_3 - Pulp 3: Ready for a Test Drive - - Infra Management - devroom - - <p>Pulp is a platform for managing repositories of software packages, and its plugin architecture allows management of any type of content. Pulp’s web API enables users to synchronize, upload, and publish versioned repositories with simple but flexible workflows. This presentation will build on last year’s talk by Dennis Kliban <a href="https://archive.fosdem.org/2018/schedule/event/pulp3/">0</a>, and will highlight simplified installation and deployment, better performance, new features, and a growing collection of plugins including rpm, python, docker, ansible, chef, ruby, file, and more in development. Pulp 3 is approaching maturity and is ready for you to test drive.</p> - - - Austin Macdonald - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:50 - UB2.252A (Lameere) - terraform_best_practices - Codifying infrastructure with Terraform for the future - - Infra Management - devroom - - <p>Immutable infrastructure is a way to success, but what about the lifecycle of individual resources. This talk is about the evolution of resources, code structure, Terraform coding tricks, composition, and refactoring.</p> - <p>Your infrastructure almost always starts simply: few resources + few developers. As time goes it grows in all possible directions. You found your ways around grouping resources into Terraform modules, so what can possibly go wrong? (famous last words)</p> - -<p>Over the time you feel that infrastructure is your new pet, but why? You are worried about the configuration drift, you are afraid of touching it, you are delaying things...</p> - -<p>By the end of my talk participants will become more aware of principles related to management of Terraform resources, Terraform modules best-practices and some CI/CD principles applicable to infrastructure management and deployments.</p> - - Anton Babenko - - - Terraform Best Practices web-site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:25 - UB2.252A (Lameere) - automate_kubernetes_ansible - Automate Kubernetes Workloads with Ansible - Easy deployment, self-service provisioning, and day-2 management! - Infra Management - devroom - - <p>Ansible, the familiar IT automation tool, makes it easier than ever to automate your Kubernetes cluster. This talk introduces two practical ways to define and provision complex applications using Ansible Automation with Kubernetes.</p> - <p>Have you longed for a simple yet powerful way to automate workloads on Kubernetes? Ansible, the familiar IT automation tool, makes it easier than ever to automate your cluster. This talk introduces two practical ways to define and provision complex applications using Ansible Automation with Kubernetes.</p> - -<p>The Automation Broker allows users to leverage Ansible Automation to define and orchestrate applications, making them available for self-service provisioning in the Service Catalog.</p> - -<p>The Ansible Operator allows users to actively manage the full lifecycle of an application by defining management behaviors with Ansible; the Operator handles everything else.</p> - -<p>In this session you will learn: -How to define and deploy your application on Kubernetes using Ansible. -How to publish your own applications in the Kubernetes Service Catalog. -How to create a Kubernetes Operator using Ansible.</p> - - Michael Hrivnak - - - An introduction to Ansible Operators in Kubernetes - Automated provisioning in Kubernetes - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:50 - UB2.252A (Lameere) - modified_agent_based_architecture - How We Modified an Agent-based Automation System to Become an Agentless One - Lessons and Architecture - Infra Management - devroom - - <p>Salt initially was designed to be an agent-base automation system. Salt SSH was added later on to allow an alternative that does not require installing a agent, and instead communicate over SSH. We will discuss how we modified the initial agent-based solution and the architectural decisions behind this work. We will talk through some of the challenges, lessons learned and what worked well for the project.</p> - - - Megan Wilhite - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 13:00 - 02:00 - UB4.132 - cert_lpi_1 - LPI Exam Session 1 - - Certification - certification - - <h3>LPI offers discounted certification exams at FOSDEM</h3> - <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. -LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> - -<p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> - - - - Submit feedback - - - - 15:30 - 02:00 - UB4.132 - cert_lpi_2 - LPI Exam Session 2 - - Certification - certification - - <h3>LPI offers discounted certification exams at FOSDEM</h3> - <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. -LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> - -<p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> - - - - Submit feedback - - - - - - - - 10:30 - 00:25 - UD2.119 - openapispec - Introduction to OpenAPI Specification - - Tool the Docs - devroom - - <p>Describe your API with OpenAPI Spec (what Swagger grew up to be) and open the door to beautiful, adaptable documentation and a world of other possibilities.</p> - <p>Open API Specification is a machine and human readable way to describe APIs. From these specs we can generate documentation, create libraries, and ensure that our users know exactly what to expect from our APIs. This talk shows you around OAS from the beginning, showing how to create the specs and recommending some tools to help the process. Once you have the spec, things get interesting and this talk will showcase some of the things that you can offer once your API is described in this way. This session is recommended for writers looking to become more API-savvy and API engineers wanting to make their APIs more useful to their users.</p> - - Lorna Mitchell - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - UD2.119 - pantheondoc - Building Pantheon documentation - Feedback about on our documentation team experience - Tool the Docs - devroom - - <p>The story of building our enterprise Ethereum client documentation, successes and failures, things we tried, decisions we had to make...</p> - - - Nicolas Massart - - - Video recording (WebM/VP9) - Video recording (mp4) - Pantheon documentation - Pegasys website - Submit feedback - - - - 11:30 - 00:25 - UD2.119 - multikuber - Multilingual Kubernetes - The kubernetes.io stack, how we got there, and what it took to get there - Tool the Docs - devroom - - <p>How Kubernetes SIG Docs changed our stack, our git workflow, and the world.</p> - <p>One year ago, the Kubernetes documentation group (SIG Docs) received a request: could we host a Chinese localization of the docs? One year later, the answer is yes--we host Chinese docs, as well as several other languages, with more localizations in the works. This talk is about what happened with Kubernetes SIG Docs in the course of one year: the easy part (changing our site stack from Jekyll to Hugo), the difficult part (changing our git workflow), and the most challenging part (opening ourselves to internationalization). I'll briefly discuss the technical hazards we encountered (swapping Markdown parsers, Black Friday bugs), what worked well versus what didn't, and what we recommend for others looking to internationalize midstream.</p> - - Zach Corleissen - - - The Kubernetes website - The Kubernetes docs and website repository - Hugo static site generator - Netlify build generator - Prow, the Kubernetes CI - Custom language labeler - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - UD2.119 - testautomated - Write Drunk - Test Automated - Different aspects of Continuous Integration Testing for documentation testing - Tool the Docs - devroom - - <p>This talk covers topics such as:</p> - -<ul> -<li>Theory of CI testing, where it can help and where not.</li> -<li>Insights about your repository (Version Control Systems, VCS).</li> -<li>Strategy (what to test, level of testing and when).</li> -<li>Human/community aspects and challenges (Open Source Software, OSS).</li> -<li>Workflows (Make your devs happy).</li> -<li>Security.</li> -<li>Examples of production setups.</li> -</ul> - - -<p>This talk is slightly opinionated and based on experience gathered through various open source communities and companies.</p> - - - Sven Strack - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - UD2.119 - toolthedocs - Getting to Closer to a Software Help Language - Untangling complexities of the LibreOffice Help - Tool the Docs - devroom - - <p>LibreOffice has currently an large set of help pages which are hard to maintain and to edit. On the other hand the XML language used was designed for a broader purpose and is not used in its full capacity. The lecture presents simplifications of the help XML and the design of specific XML objects to describe the user interface and to connect the help pages closer to the dialogs of the application.</p> - <p>Software user interfaces has menus, toolbars, panes, dialogs, mouse clicks ad even voice to enable complex tasks for the user. Because of the cost of the screen real-estate, elements of interaction are concise either in textual form or in pictorial form (icons). The need of Help pages are necessary to give more details on the elements functionalities. But since the set of UI elements is limited in size, the elements of the Help pages should also -be limited, and the corresponding help page element to UI element should be connected.</p> - -<p>The lecture presents simplifications of the help XML and the design of specific XML objects to describe the user interface, to connect the help pages closer to the dialogs of the application and produce Help contents in a faster way, making easier to upgrade and to address softwares translations processes.</p> - - Olivier Hallot - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - UD2.119 - sphinx - Who needs pandoc when you have Sphinx? - An exploration of the parsers and builders of the Sphinx documentation tool - Tool the Docs - devroom - - <p>Using Sphinx doesn't necessarily mean using reStructuredText for input and HTML for output. We explore Sphinx's newfound support for Markdown as well as it's broad range output formats available, before moving onto an overview of how you can develop your parser and builder extensions.</p> - <p>Sphinx is the documentation tool of choice for an increasing amount of projects, both inside and outside Python. Thanks to the success of platforms like Read the Docs, building documentation with this toolkit has never been easier. Most people associate Sphinx with the reStructuredText syntax provided by docutils, and typically output documents to HTML and, occasionally, PDF. However, Sphinx is capable of so much more. Since Sphinx 1.8, it is possible to use source documents written in the CommonMark syntax, while the amount of builders provided both in-tree and out-of-tree continue to grow.</p> - -<p>Through this talk, we explore how one can build their documentation using Sphinx and Markdown source documents. We detail the variety of builders available as part of the standard Sphinx installation and as third-party extensions, including some basic configuration tips for the more commonly useful ones like man pages and LaTeX/PDF. Finally, we provide a high-level overview on how you can go about writing your own extensions to parse other plain-text documentation formats and output in additional documentation format. The latter of these will touch on docutils, a foundational component of Sphinx, so one can understand the intermediate documentation model it provides.</p> - - Stephen Finucane - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - UD2.119 - gravcms - To the future with Grav CMS - How we migrated from a Wiki to the open-source Grav CMS - Tool the Docs - devroom - - <p>We've recently migrated our developer portal from a wiki-based system to Grav CMS to support Docs-As-Code. In my talk I'll share our ups and downs in this long and exciting joruney.</p> - - - Aleksei Akimov - - - My profile - Our developer portal - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:20 - UD2.119 - collab_pce - A private cloud for everyone - Why and how Nextcloud builds a private cloud software - Collaborative Information and Content Management Applications - devroom - - <p>Private clouds are all the rage!</p> - -<p>Ok, not really, but privacy violations certainly are. Facebook, Dropbox et all are not exactly providing a safe home for your family pictures and as such, alternatives are sought after. Nextcloud gives you a place where your data is stored, designed to protect rather than exploit it. Self-hosted or at a provider you trust, your Nextcloud lets you share, chat and edit documents with others or alone in the same way the big American players do. But you stay in control. Shouldn't that be all the rage?</p> - <p>In this presentation I'll touch on the subject of privacy and why you should care about it, showing you what drives us to make Nextcloud. Next I will cover the results of our work: a real alternative build for real humans!</p> - -<p>Nextcloud is a private file sync and share solution that can take care of not only your files but also your calendars and contacts, your passwords and news feeds, notes, audio/video or text chats and so much more. Over 150 apps developed by the largest open source file sync &amp; share community give you everything you care about, and more.</p> - -<p>Nextcloud is 100%-no-shenanigans-open-source, because we think that that's best for everyone involved. And you can contribute, join our awesome community!</p> - - Jos Poortvliet - - - nextcloud homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:25 - 00:20 - UD2.119 - collab_wntk - AMENDMENT Who needs to know? Private-by-design collaboration - - Collaborative Information and Content Management Applications - devroom - - <p>It is often difficult to untangle technical choices made when designing systems from the values and implicit assumptions of its those systems' designers.</p> - -<p>For many developers of open-source software, radical openness and permissionless participation have become the de facto methodology to follow when designing collaboration systems. This ideology has driven the creation of a wealth of information systems and collaboratively curated data sets which could not have been created in a top-down fashion. Consequently, different values, and thus different architectures have remained largely unexplored.</p> - -<p>This lecture will present <a href="https://github.com/xwiki-labs/cryptpad">CryptPad</a>, a <a href="https://cryptpad.fr">web-based</a> suite of collaborative tools which employs client-side encryption to restrict access to those who possess the cryptographic keys which are unique to each document. I will include an overview of the underlying architecture, and provide insight into its design process and the values that it encodes.</p> - -<p>This talk was originally proposed by Aaron MacSween.</p> - - - Ludovic Dubost - - - CryptPad.fr, the flagship instance of the open-source project - CryptPad's source code on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:20 - UD2.119 - collab_tiki_wiki_knowledge_base - Tiki: Easy setup of wiki-based knowledge management system - This talk demonstrates how to build up a simple but powerful knowledge management system starting from a freshly installed Tiki - Collaborative Information and Content Management Applications - devroom - - <p>I will demonstrate an easy and fast way of configuring Tiki Wiki CMS Groupware for the purpose of having a central repository for a knowledge base. -I will also explain how to manage permissions for various use cases, how to separate different topics, how to access stored knowledge.</p> - <p>This presentation will start with a minimal Tiki site and show how to build structures of pages and file repositories with a knowledge base in mind. -This will rely on a concrete real-life working example of a site for collaboration between a freelancer/company and their various separate customers with different projects.</p> - -<p>I will show how to configure permissions for: -* a publicly visible and editable knowledge base; -* separate knowledge bases which are restricted to groups of users and invisible to others; -* intermediate scenarios with groups of editors and groups of read-only viewers.</p> - -<p>I will show the basics of how to make the knowledge accessible, searchable, navigable and allow comments from people who can only view it.</p> - -<p>I will provide hints about more powerful approaches using Tiki's inbuilt user-configurable database feature.</p> - - Jean-Marc Libs - - - Tiki Wiki CMS Groupware - Presentation making of. If you want to build yours leisurely. - Video recording (WebM/VP9) - Video recording (mp4) - Vidéo redone later in longer format (not interrupted) - Submit feedback - - - - 16:15 - 00:20 - UD2.119 - collab_doadiaw - Displaying other Application data into a Wiki - … and other integrations - Collaborative Information and Content Management Applications - devroom - - <p>A Wiki is a powerful tool to store and display information provided by users. In this presentation we will show how it can also show information from external applications and connect to external applications. -Using macros and internal scripting language on top of the XWiki Open Source Wiki platform, we will show examples of data being displayed from external applications. -Examples will include: Elastic Search, Matrix/RIOT, Nagios, Cacti, JIRA, Databases.</p> - - - Ludovic Dubost - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:20 - UD2.119 - collab_loohyd - LibreOffice Online - hosting your documents - Keeping your documents close and yet collaborative - Collaborative Information and Content Management Applications - devroom - - <p>Come hear how you can avoid giving your documents to a large -proprietary company - and yet enjoy powerful collaborative editing of -text documents, spreadsheets and presentations.</p> - <p>Come hear how you can avoid giving your documents to a large -proprietary company - and yet enjoy powerful collaborative editing of -text documents, spreadsheets and presentations.</p> - -<p>Hear how you can host that yourself, integrated into various other -FLOSS projects. See how the code is structured - bringing the full -power of LibreOffice's rendering and interoperability, along with an -increasing amount of our feature surface to the browser.</p> - -<p>See some demos of it in action. Hear how you can get involved with -development, build a rich integration via scripting and integrate this -with your own online solution.</p> - -<p>Hear about our relatively simple collaboration protocol, the thinking -behind it, and the great privacy, security, and even some performance -benefits it brings vs. traditional multiple-model, streamed composable -operation approaches.</p> - - Michael Meeks - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:05 - 00:35 - UD2.119 - collab_wdaw - AMENDMENT XWiki: a collaborative apps development platform - Build applications incrementally on top of XWiki rather than coding them from scratch - Collaborative Information and Content Management Applications - devroom - - <p>XWiki's advanced features for structuring data and scripting in wiki pages make it suitable for developing applications of various sizes, for various needs. The wiki principle make all these applications collaborative by default, while the multiple UI configuration options and permission system allow to show as much or as little of it as needed for the specific case . -In this talk I will explain the usage of XWiki through the angle of comparing its usage with the development of applications from scratch. I will explain and demo the various features of the XWiki platform and how they can be assembled together to create applications and show some examples of such work that was done for professional accounts (e.g. https://nosdemarches.gouv.fr ).</p> - - - Anca Luca - - - XWiki website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:55 - 00:20 - UD2.119 - collab_mcwr - Memex: Collaborative Web-Research - & the next generation knowledge management tools. - Collaborative Information and Content Management Applications - devroom - - <p>Are you also annoyed that it is 2019 and you still have to bookmark stuff? Or that your notes about your web research are scattered everywhere? How come we cannot really collaborate and communicate in our web-research? -In this talk we give a brief introduction into Memex. It's an open-source browser extension to organise your web-research. Full-text search everything you've seen on the web, archive and annotate websites and collaborate with your peers in your web-research. -All data stored on your computer &amp; self-hostable. -With a mix of open-source software, data interoperability and a non-speculative economic model we try to protect users data sovereignty, privacy and stimulate the democratisation of knowledge management software.</p> - - - Oliver Sauter - - - Memex 3 min Demo - How we try to democratise Knowledge Management - What's on the roadmap for the next 12 months, and beyond? - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:20 - 00:20 - UD2.119 - collab_cwldbe - CubicWeb Linked Data Browser Extension - - Collaborative Information and Content Management Applications - devroom - - <p>The Web of Data has become a reality over the past decade. But how do you browse all that data and how do you surf from one resource to the next by following the links in the datasets ? We will introduce the new CubicWeb, a Web Extension to make your favorite browser capable of handling RDF data so that you can surf the Semantic Web and chose how data is displayed and how you interact with it.</p> - <p>The Web started as a set of linked documents written in HTML and displayed by -hypertext browsers. With the dawn of the Web of data, the information exchanged -between the server and the client can be encoded in a form that is directly machine -processable instead of being embeded in text document for humans to interpret.</p> - -<p>We asked ourselves what would be a browser for the Web of data, that would not -be limited to displaying documents and would allow its user to surf the gigantic -graph of linked data by displaying each piece of data with the best -visualization for the task at hand.</p> - -<p>With this goal in mind, we reinstanciated the ideas developed more than ten -years ago for the user interface of the CubicWeb semantic web framework. The -result is the <a href="https://www.cubicweb.org/project/cubicweb-linked-data-browser">CubicWeb Linked Data -Browser</a>, a <a href="https://wiki.mozilla.org/WebExtensions">Web -Extension</a> for the main browsers -(Firefox et Chrome) that can turn into HTML the RDF data sent by servers, with -the user choosing the best view among the ones she registered when configuring -the extension.</p> - -<p>Nicolas Chauvat is the founder and CEO of Logilab, a company that has been since -year 2000 at the forefront of the Semantic Web in France. Logilab created the -CubicWeb framework and used it for many applications, including the high-profile -<a href="http://data.bnf.fr">data.bnf.fr</a> and -<a href="http://francearchives.fr">francearchives.fr</a>.</p> - - Nicolas Chauvat - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:45 - 00:15 - UD2.119 - collab_drwl - Document Redaction with LibreOffice - Preventing Leakage of Sensitive Information by Redaction in Collaborative Environments - Collaborative Information and Content Management Applications - devroom - - <p>Redaction in its sanitization sense (as distinguished from its other editing sense) is the blacking out or deletion of text in a document, or the result of such an effort. It is intended to allow the selective disclosure of information in a document while keeping other parts of the document secret. Typically the result is a document that is suitable for publication or for dissemination to others than the intended audience of the original document. For example, when a document is subpoenaed in a court case, information not specifically relevant to the case at hand is often redacted. Another example is patient information of hospitals, which is distributed to be used for research purposes.</p> - -<p>A new document redaction feature for Collabora Office is being developed, and it will also be available on the next major version of LibreOffice. This new feature will provide a much more efficient means than the traditional print-redact-scan process, and will try to prevent also the accidental leakage of redacted information by completely removing them in the resulting PDF document, rather than just hiding.</p> - - - Muhammet Kara - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:30 - UD2.120 (Chavanne) - thestateofgo - The State of Go - What's new since Go 1.10 - Go - devroom - - <p>Go 1.12 is planned to be released in February 2019 and this talk covers what's coming up with it.</p> - -<p>We'll talk about Go Modules, the proposals for Go 2, and all of the new things you might have missed.</p> - <p>This has been a staple talk of the Go devroom, opening the stage every year, and has always been a successful one.</p> - - Francesc Campoy - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - UD2.120 (Chavanne) - godesktopapps - Building modern desktop apps in Go - - Go - devroom - - <p>I'll show how to quickly build a simple desktop app with Go+HTML5, that doesn't look like it's from the 90s, neither it feels bloated like Electron.</p> - <p>User interfaces have come a long way from punch cards and command line to post-WIMP era with touch screens and voice input. Modern UI is expected to be fast, responsive and smooth, with high-quality typefaces, rich images, animations, accessibility. HTML5 handles it all very well, and with GPU acceleration it has decent visual performance. Go may have stated itself as a language for writing services, but with Redux architecture GUI apps are not much different from request/response model. Having excellent performance, Go is a perfect fit for writing core app logic. The only thing that's missing is a link between HTML5 and Go, so that Go code could be called from the UI, and UI could be manipulated from Go.</p> - -<p>HTML5 is often considered heavy because it requires a browser engine. We don't want to ship browser runtime with each and every app. One solution is to reuse the native OS runtime. Another is to use some pre-installed browser in the standalone app mode. Both end up with small, fast, self-contained binaries that are easy to build and to distribute.</p> - -<p>I would like to briefly explain how each approach works, and how to choose one that fits better for your needs.</p> - -<p>I'll introduce Webview<a href="https://github.com/zserge/webview">1</a> and Lorca<a href="https://github.com/zserge/lorca">2</a> libraries and show how to build a quick desktop app in Go with either of those. I'll cover bootstrapping the new app, communication between Go and UI layer, debugging UI, building and packaging the app. I'll do the demonstration on Linux, but will show how to prepare the same app for Windows/MacOS.</p> - - Serge Zaitsev - - - Cross-platform webview library for C/C++/Go - UI layer for Go based on Chromium/Chrome - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - UD2.120 (Chavanne) - reverseproxy25mins - How to write a reverse-proxy with Go in 25 minutes - - Go - devroom - - - <p>In a world littered with containers, microservices, and virtual networks, the need for a reverse-proxy increases. I'll introduce you to the world of reverse-proxies by writing one -- live, and from scratch. Step by step, we'll discover the responsibilities of a reverse-proxy and how to fulfill them.</p> - - Julien Salleyron - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - UD2.120 (Chavanne) - gitdatabase - Git database with bitmap index - - Go - devroom - - <p>Data retrieval team at source{d} process lot of data from git repositories. Most of the key components in our workflow like engine, gitbase, mysql-server are implemented in Go. This talk will go through the story how we embedded "pilosa" (distributed bitmap index) in our SQL frontend for git repositories. -- Why we decided to use bitmaps as indexes -- How we got to the point where we are (we have embedded pilosa's server implementation inside mysql server implementation) -- What problems we came across and how we solved them.</p> - - - Kuba Podgórski - - - distributed bitmap index - An extensible MySQL server implementation in Go. - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - UD2.120 (Chavanne) - delvehandson - Hands on debugging with Delve - - Go - devroom - - <p>Hands on Go debugging with Delve. Less slides, more substance: this talk will be focused on live demos that the audience is invited to participate in. Come learn advanced debugging techniques and the intricacies of the Delve debugger.</p> - <p>In this talk I will present several demos, all of which will be available online. Each demo will target a specific use case of Delve. The goal is for audience members to walk away with an expert level understanding on the usage of the Delve debugger. During the course of this talk users will be guided through basic to very advanced usage of Delve, exploring features they may not have used, or known existed!</p> - -<p>Topics covered will include basic debugging, tracing, advanced Goroutine debugging, panic debugging, general advanced debugging and low-level debugging (exploring registers, disassembly, etc). Each demo will have an accompanying program that will be hosted online and available for everyone to download to enable everyone to follow along.</p> - - Derek Parker - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - UD2.120 (Chavanne) - designingcli - Designing Command-Line Tools People Love - - Go - devroom - - <p>It is a joy to build command-line tools that are not only easy to learn, but that other developers are willing to maintain. Often a team's engineering efforts are spent on the backend, while the cli doesn't receive the same level of attention. This can result in hard-to-test tools, and dumping maintenance of them to whoever most recently joined the team.</p> - -<p>Learn how to take full advantage of popular Go libraries, structure your Go code to improve reuse and testability, publish binaries, and of course design your commands to be user friendly.</p> - -<p>Slides are available at https://carolynvs.com/cli</p> - - - Carolyn Van Slyck - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - UD2.120 (Chavanne) - gocontainersorserverless - Go containers? Go serverless? - A cloud native journey - Go - devroom - - <p>This talk compares the approaches using a simple Go app, once implemented as containerized microservices and once as a serverless app and discusses advantages and limitations of each approach.</p> - <p>Increasingly, we find deployments of Go in either a containerized setup (read: Kubernetes) or serverless (think: AWS Lambda). This talk compares the approaches using a simple Go app, once implemented as containerized microservices and once as a serverless app and discusses advantages and limitations of each approach. We will review the workflow end-to-end, and touch on topics like defining domain boundaries, communication, sharing state, observability, and costs, both in terms of learning curve and actual money. Parts of the app will be demoed live.</p> - - Michael Hausenblas - - - Git repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - UD2.120 (Chavanne) - grpcohmy - gRPC, Protobufs and Go... OH MY! - An introduction to building client/server systems with gRPC - Go - devroom - - <p>gRPC is an open source remote procedure call framework built on HTTP/2 that provides an easy way to create high performance, scalable APIs in a multitude of programming languages.</p> - -<p>In this talk we’ll describe what grPC is, how we it came to be, and compare it to some other alternatives. We’ll talk about the pros and cons and hopefully convince you to take a closer look at it and add it to your toolbox.</p> - -<p>Best of all we’ll walk through an example of how to build a gRPC based application using gRPC, Protobufs and Go! We’ll even take a look at how easy it is to add a client using another programming language.</p> - - - John Griffith - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - UD2.120 (Chavanne) - gotensorflow - AI image search with Go & Tensorflow - Integrate the advances of AI in your Go apps - Go - devroom - - <p>The goal of this talk is to guide you through the integration of pre-trained models into a Go app. From A to Z, we will build an AI image search with Go and Tensorflow.</p> - <p>AI is on everybody's lips nowadays. Every company wants to bring it to its customers. Google, Facebook, Microsoft and more are racing against each other with research papers and open-source frameworks. From a developer point-of-view, it has never been so easy to access so powerful AI engines. -The goal of this talk is to guide you through the integration of pre-trained models into a Go app. From A to Z, we will build an AI image search with Go and Tensorflow.</p> - - Gildas Chabot - - - Video recording (WebM/VP9) - Video recording (mp4) - Slides on Google doc - Submit feedback - - - - 15:00 - 00:30 - UD2.120 (Chavanne) - gco - When and How to use CGo - Or, Foreign Functions for Fun and Profit - Go - devroom - - <p>Go is, for all its C-esque syntax, is a relatively high-level language. There’s garbage collection, a type hierarchy, and even advanced concurrency primitives. Sometimes, though, you need access to lower-level control. Whether for performance, interoperability, or just for fun, the Cgo API is here to help! I will explain what it is, how to use it, and perhaps most importantly, when to avoid it.</p> - <p>A lot of Go programmers only experience with Cgo is when compilation fails with some obscure error. There’s a lot more to learn than that, and a lot of opportunities! I’ve personally used Cgo for writing Postgres foreign wrappers, and as a consumer when compiling Kubernetes.</p> - -<p>Using Cgo can be a fun, rewarding experience. There are a lot of existing projects and libraries written in C, and calling them means not needing to reinvent the wheel. On the same face, if you have an existing project with a C API, calling Go can get you some of the higher-level Go niceness on top of the jagged C edges.</p> - -<p>Some things I intend to touch on: -* Calling Go from C -* Calling C from Go -* Memory management with Go objects in C -* Using C libraries from Go -* Real-world Cgo examples -* The pitfalls Go and dynamic linking -* Debugging failures</p> - - Liz Frost - - - CGo demo code - Video recording (WebM/VP9) - Video recording (mp4) - Slides (Slideshare) - Submit feedback - - - - 15:30 - 00:30 - UD2.120 (Chavanne) - gomidi - Building a Hardware MIDI Player - Exploration of Linux's System Interfaces - Go - devroom - - <p>An exploration of using Go to build a hardware MIDI player, complete with floppy drive, on a minimal Linux distribution, gokrazy. Without our standard system utilities, in this talk we'll explore Go's syscall interface, as well as Linux's other interfaces, such as netlink and kobject. There will also be sweet, sweet chiptunes.</p> - <p>In this talk, I'll be talking about the hardware MIDI project powered by Go I built in 2018, inspired by the mid-90s Roland MT-80S.</p> - -<p>This MIDI player was built on a Raspberry Pi using a USB floppy drive. It's using the minimalist and Go-focused Linux distribution gokrazy. As gokrazy doesn't provide the usual system utilities, your project is expected to handle everything, this is a good project to explore the system interfaces. The three main interfaces I'll be exploring are:</p> - -<ul> -<li>syscall: The unix syscall interface, golang.org/x/sys/unix. These are calls into the kernel, and while large, the syscall interface is extremely powerful for low level system administrative tasks.</li> -<li>netlink: A family of RPC interfaces with the Linux kernel. The kernel implements this interface where function calls and directly passing structures in memory would be more difficult.</li> -<li>kobject: A stream interface, related to netlink, where the kernel can inform userspace (that is, us!) about objects changing in the kernel, such as hardware devices being added or removed.</li> -</ul> - - -<p>By pulling these interfaces together with Go, we can build a MIDI player that starts playing when a floppy disk is inserted. There will be chiptunes.</p> - - Terin Stock - - - Source Code - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - UD2.120 (Chavanne) - pargo - Parallel programming in Go for performance with the Pargo library - - Go - devroom - - - <p>Go is an excellent tool for concurrent programming. Goroutines and channels make it easy to coordinate multiple interacting processes. With careful design, good concurrent Go programs run efficiently on multi-core CPUs because multiple goroutines can run in parallel on multiple CPUs.</p> - -<p>What is less known is that Go also works very well for expressing parallel algorithms that do not communicate via channels, but access shared memory directly. This goes against Go’s famous slogan: “Do not communicate by sharing memory; instead, share memory by communicating.” However, sometimes performance matters so much that you have to make an exception.</p> - -<p>Fortunately, Go is a very powerful language and makes it easy to make such exceptions. In this talk, I am going to walk you through Pargo, an open-source Go library explicitly designed for parallel programming rather than concurrent programming, which is available at https://github.com/exascience/pargo. This library is based on several years of experience with parallel programming at the ExaScience Lab at imec in Belgium, with many programming languages (C, C++, Java), many parallel programming libraries (Cilk, OpenMP, Intel Threading Building Blocks), and many applications (physics simulations, DNA sequencing, statistics).</p> - -<p>Go already provides primitives that help with parallel programming in the sync and sync/atomic packages of its standard library. Pargo builds on top of these primitives and offers high-level functions and data structures for expressing parallel algorithms. This covers simple convenience functions on top of goroutines, efficient parallel maps, parallel sort functions, and a very powerful pipeline concept for efficiently processing large data sets.</p> - -<p>This talk will cover the following topics:</p> - -<ul> -<li>How Go schedules goroutines, and why they can therefore be used for task-based parallel programming.</li> -<li>How Pargo provides a number of parallel programming primitives to make task-based parallel programming easier.</li> -<li>How parallel Quicksort and Mergesort can be implemented with Pargo.</li> -<li>How Pargo allows you to write parallel pipelines for efficiently streaming, filtering, and transforming large data sets in parallel.</li> -</ul> - - -<p>Pascal Costanza has a Ph.D. degree from the University of Bonn, Germany, and works as a senior researcher at imec, Leuven, Belgium. He was previously employed by Intel Corporation, and Vrije Universiteit Brussel, Belgium. He is an expert on high-performance and data-intensive computing with applications in bioinformatics, sequencing pipelines, and artificial intelligence.</p> - - Pascal Costanza - - - Open-source repository for the pargo library - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - UD2.120 (Chavanne) - kubernetesclusterfuck - The clusterfuck hidden in the Kubernetes code base - and the brilliant refactoring techniques developed to fix it - Go - devroom - - <p>In this talk we explore the devastating effects using object oriented antipatterns in go while building programs in a monorepo. We look at how we got here in Kubernetes, and how (several years later) we are still working on cleaning up the mess. We explore brilliant refactoring techniques developed because of the original mistakes in Kubernetes.</p> - <p>Unknown to most, Kubernetes was originally written in Java. If you have ever looked at the source code, or vendored a library you probably have already noticed a fair amount of factory patterns and singletons littered throughout the code base. Furthermore Kubernetes is built around various primitives referred to in the code base as “Objects”. In the Go programming language we explicitly did not ever build in a concept of an “Object”. We look at examples of this code, and explore what the code is truly attempting to do. We then take it a step further by offering idiomatic Go examples that we could refactor the pseudo object oriented Go code to.</p> - -<p>If the anti patterns weren’t enough we also observe how Kubernetes has over 20 main() functions in a monolithic “build” directory. We learn how Kubernetes successfully made vendoring even more challenging than it already was, and discuss the pitfalls with this design. We look at what it would take to begin undoing the spaghetti code that is the various Kubernetes binaries built from github.com/kubernetes/kubernetes</p> - -<p>The audience walks away feeling empathetic that they aren’t alone in their journey to writing idiomatic Go and is now equipped with strong refactoring techniques developed by some of the world’s top engineers for the Kuberentes project.</p> - - Kris Nova - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:30 - UD2.120 (Chavanne) - embeddedwithgo - Embedded with Go: from an AWK prototype to a gokrazy appliance - How to build a self-contained toy for young children to give them control over their music and rhymes - Go - devroom - - <p>In this talk we'll see how to build a toy using off-the-shelf hardware (Raspberry PI and Mir:ror), the various explorations that led to this creation. How we moved from a shell and AWK prototype, to a Go program, removing many bugs and races in the process. Then, we'll see how we used gokrazy to remove most of the non-go userspace, and move from raspbian to a custom, pure-go distro.</p> - <p>This talk is a continuation of <a href="https://anisse.astier.eu/awk-driven-iot.html">the awk driven IoT blog post</a>, in which I explained how I explored various toy concepts with awk and shell scripts. Once I found a working concept, I decided to rewrite it in Go to fix race conditions, and ease adding new features. I'll show the challenges of this first step: how to drive an external program (mp3 player) with context and goroutines, while simultaneously getting events from the hardware NFC reader.</p> - -<p>Then I'll show how to convert the raspbian image with a systemd service, shell, etc. to a <a href="https://github.com/gokrazy/gokrazy">gokrazy</a> image; first using the breakglass escape hatch to have a minimal working solution, then solving the various parts that can rely on external dependencies, in order to achieve a real pure-go userspace: using a custom mp3 decoder, handling the alsa audio output, using the proper HID device, etc.</p> - -<p>We'll finish with a demo of the working device, the lessons learned, and a small suprise at the end.</p> - - Anisse Astier - - - gokrazy - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 00:30 - UD2.120 (Chavanne) - gogc - Tuning Go GC Parameters - - Go - devroom - - <p>The Go runtime has a garbage collector (GC) which is famously simple and lacking in tuning parameters compared to, say, a JVM.</p> - -<p>However there are controls, and in this talk we shall look at what they do and when you might use them. -We will also look at how to understand what GC is doing and how much that work might be costing your program.</p> - <p>Primarily we will look at the GOGC environment variable, and how it can be used to increase or decrease the rate of garbage collection, or turn it off completely.</p> - -<p>We will show how garbage-collection activity can be observed via metrics, e.g. using Prometheus, or in more low-level detail via the GODEBUG environment variable.</p> - -<p>We will also look at the evolution of GC performance in Go over the last five years, and new controls being added in the next version of Go.</p> - - Bryan Boreham - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:30 - UD2.120 (Chavanne) - encryptedgrpc - How Kubernetes used gRPC to encrypt secrets with an external Key Management Service - - Go - devroom - - <p>How Kubernetes used gRPC to encrypt secrets with an external Key Management Service</p> - -<p>In recent headlines, there are increasing news about cloud resources getting hacked caused by attacks on Kubernetes clusters. Failing to properly secure your Kubernetes data can result in cloud resources getting hacked and your application secrets getting stolen. The etcd database contains information that may grant an attacker significant visibility into the state of your cluster.</p> - -<p>This presentation focuses on how a gRPC-based implementation was added to Kubernetes to delegate encrypting secrets to an external Key Management Service and the benefits of using a gRPC-based design for this type of problem. Basic knowledge of Kubernetes and gRPC is a plus but not required.</p> - - - Rita Zhang - - - Video recording (WebM/VP9) - Video recording (mp4) - slides - Submit feedback - - - - 18:30 - 00:30 - UD2.120 (Chavanne) - golightning - Go Lightning Talks - Come speak! - Go - devroom - - <p>The last pard of the day will be dedicated to lightning talks. Come watch great short talks, or come present yours!</p> - <p>The last hour of the day will be dedicated to lightning talks. Come watch great short talks, or come present yours! -We will be accepting lightning talk proposals till a few hours till the lightning talks start happening!</p> - -<p>CfP is open till Saturday 16:00 at http://bit.ly/golight2019</p> - - - - cfp - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:30 - UD2.208 (Decroly) - continuous_localization - Continuous Localization - How we ship localized versions of Firefox, on Laptops and Android - Mozilla - devroom - - <p>Localization at Mozilla happens in a tight loop between development and localizer involvement. We're going to show how this works on Firefox for Desktop, and how it works for our Android projects. We show how we get to multiple testable builds a day, and how we mitigate the bad parts.</p> - - - Axel Hecht - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - UD2.208 (Decroly) - firefox_is_your_marionette - Firefox is your Marionette - Get fun using the unit test system to control Firefox - Mozilla - devroom - - <p>Marionette is the library integrated in specific builds used for unit testing in Firefox. -Using Python enables to automatize procedure or other stuff using the browser also in headless mode. -Let's see how it is possible to simplify your daily job routine on internet like a pro.</p> - <p>Often there are tasks that are easily to automatize with scripting but this portal/website doesn't offer API. -Develop a browser extension only for an internal usage can be an over engineering step but there is another way. -Python is a powerful language and we can use it also to integrate in other services or to help a community. -There will 2 real cases: how to export WordPress posts without having advanced backend permissions to reimport it later and how to automatize the reject of bad translation in the WordPress community based on terms.</p> - - Daniele Scasciafratte - - - WP-FF-Exp_imp - BulkRejectGP - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 01:00 - UD2.208 (Decroly) - http3 - HTTP/3 - HTTP over QUIC is the next generation - Mozilla - devroom - - <p>HTTP/3 is the next coming HTTP version. This time TCP is replaced by the new transport protocol QUIC and things are different yet again!</p> - <p>HTTP/3 is the next coming HTTP version.</p> - -<p>This time TCP is replaced by the new transport protocol QUIC and things are different yet again! This is a presentation about HTTP/3 and QUIC with a following Q&amp;A about everything HTTP. Join us at Goto 10.</p> - -<p>HTTP/3 is the designated name for the coming next version of the protocol that is currently under development within the QUIC working group in the IETF.</p> - -<p>HTTP/3 is designed to improve in areas where HTTP/2 still has some shortcomings, primarily by changing the transport layer. HTTP/3 is the first major protocol to step away from TCP and instead it uses QUIC. Daniel Stenberg does a presentation about HTTP/3 and QUIC. Why the new protocols are deemed necessary, how they work, how they change how things are sent over the network and what some of the coming deployment challenges will be.</p> - - Daniel Stenberg - - - HTTP/3 Explained - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - UD2.208 (Decroly) - global_consent_manager - Global Consent Manager - Improving User Privacy and the Consent Experience for Trusted Websites - Mozilla - devroom - - <p>Global Consent Manager project is a collaboration between Mozilla, University of Missouri and University of Nebraska Omaha. The result is a browser extension prototype that helps with managing of GDPR cookies and consent dialogs across trusted websites.</p> - <p>Description of how consent management on the web works today, and the relationship between user privacy and reputable content providers. Web users face a confusing array of data sharing choices, and click fatigue can lead to poor user experience and possible inadvertent selection of options that do not match the user’s privacy norms. Reputable content providers face revenue disruption arising from changing data privacy regulations.</p> - -<p>In this session, we will discuss how to improve the consent experience. New standards for user control of data sharing present an opportunity for sites trusted by users to work together with browsers to implement data sharing choices that provide a better experience and a more accurate reflection of the user's privacy preferences.</p> - - Tomislav Jovanovic - - - Presentation slides - Project homepage - Firefox extension - Github repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:40 - UD2.208 (Decroly) - project_things - Project Things - A secure gateway to connect your things to Internet - Mozilla - devroom - - <p>With the advent of the IoT, are we really making our lives simpler or diving ourselves in a vast ocean by uploading our lives to the internet? Project Things is an experimental framework of software and services from Mozilla for connecting "things" without any Middleman.</p> - <p>Mozilla is working to create a Web of Things framework of software and services that can bridge the communication gap between connected devices. By providing these devices with web URLs and a standardized data model and API, we are moving toward a more decentralized Internet of Things that is safe, open and interoperable. Using the Internet of Things today is a lot like sharing information on the Internet before the World Wide Web existed. There were competing hypertext systems and proprietary GUIs, but the Internet lacked a unifying application layer protocol for sharing and linking information. The “Web of Things” (WoT) is an effort to take the lessons learned from the World Wide Web and apply them to IoT.</p> - -<p>From this talk audience will take away an understanding of the privacy concerns related to IoT, and how they may be putting their personal information at risk by connecting my physical entities to the internet and how project things come to the rescue. The goal is for visitors to leave with a better understanding of some of the issues surrounding the Internet of Things today, and how Mozilla is working to build a decentralised IoT with the Web of Things, to improve interoperability, privacy and security through standardization. Visitors</p> - -<p>Project Things initially focuses on developing three components:</p> - -<ol> -<li>Things Gateway — An open source implementation of a Web of Things gateway which helps bridge existing IoT devices to the web</li> -<li>Things Cloud — A collection of Mozilla-hosted cloud services to help manage a large number of IoT devices over a wide geographic area</li> -<li>Things Framework — Reusable software components to help create IoT devices which directly connect to the Web of Things</li> -</ol> - - -<p>A) Without Demos</p> - -<p>Time Duration: 20-40 mins (flexible depending on the time allocation) Talk Structure: -A.Without Live Demos:</p> - -<ul> -<li>General Discussion on What Is IoT and its future.</li> -<li>The pros and cons of connecting things to the internet.</li> -<li>How exploiters can breach the security and know our lifestyles.</li> -<li>Introduction to project things</li> -<li>Details about the project things framework.</li> -<li>How project things is secure and solve the problem of privacy and security</li> -</ul> - - -<p>B) With Demos (can be converted to a workshop if needed)</p> - -<ul> -<li>Points included above (without demos).</li> -<li>Demo of DIY web things that makers can build themselves using the Things Framework. Examples will be shown using several low-cost developer boards such as Arduino, Espressif, BBC micro: bit, Adafruit Circuit Playground, and Raspberry Pi.</li> -<li>Demo and discussion of Implementing basic IoT attacks (education purposes) : accessing the devices using the physical, remote or local network.</li> -<li>Live demo &amp; session on increasing security: Participants will learn how to increase the security and bypass few of these attacks.</li> -</ul> - - - Philippe Coval - Dipesh Monga - - - FOSDEM 2019 Demo (static backup video) - Other FOSDEM talk about Things - Slides with video demo - Short video on Project Things - Previous presentation - WebThingIotJs Guide - Video recording (WebM/VP9) - Video recording (mp4) - HTML slides - Past talk videos somewhat related to Privacy and security - Submit feedback - - - - 13:40 - 00:30 - UD2.208 (Decroly) - the_state_of_webassembly_in_2019 - The State of Webassembly in 2019 - DevTools, support and specifications ready and in progress in 2019 - Mozilla - devroom - - <p>Let's see the state of WebAssembly technology in 2019, their progress and browser support</p> - <p>"WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable target for compilation of high-level languages like C/C++/Rust, enabling deployment on the web for client and server applications." - This is the description of Webassebly from official website. -In this talk we'll see the progress of this technology during last year, starting from the state of the art in early 2018 until early 2019.</p> - - Gabriele Falasca - - - WebAssembly website - https://developer.mozilla.org/en-US/docs/WebAssembly - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:10 - 00:30 - UD2.208 (Decroly) - simple_geodata_visualization_with_a_frame - VR Map: WebXR with Real-World OSM Data - Simple GeoData Visualization with A-Frame - Mozilla - devroom - - <p>Mozilla's A-Frame library makes it really easy to create WebXR experiences (XR stands for Mixed Reality, i.e. Virtual and Augmented Reality) without requiring a lot of code knowledge. VR Map builds on that and the availability of real-world data from OpenStreetMap (OSM) to demonstrate how to build a model of the real world in an WebVR environment.</p> - <p>The talk will describe what WebXR is, how building basic scenes with A-Frame works, and how those technologies were used together with live data from OpenStreetMap to create the "VR Map" demo that allows people to walk and "fly" through a model of the real world in a Virtual Reality scene rendered directly in a browser supporting the WebXR Device APIs, ideally Firefox, of course.</p> - - Robert Kaiser - - - VR Map - live demo - Source Code (GitHub) - Video recording (WebM/VP9) - Video recording (mp4) - Slides - Submit feedback - - - - 14:40 - 00:30 - UD2.208 (Decroly) - inclusion_includes_you - Inclusion Includes You - Let's talk about how inclusion benefits all of us - Mozilla - devroom - - <p>Even the kindest people with the best intentions have blind spots and implicit biases, and these ingrained biases affect the way we work and what we end up working on. Becoming more inclusive will benefit everyone, including you.</p> - <p>It’s fairly easy to talk about the things we share - code, open source projects, development tools. It’s much harder to talk about, and overcome, our differences, especially when we’re talking about about our identities and how we relate to, work with, and build things for others. All societies and cultures have some ingrained biases related to age, gender, religion, orientation, ethnicity, and disability. These affect everyone, not just the non-dominant groups, and can negatively impact innovation, productivity, and the users of the things we create and build. In this talk, I’ll walk through some examples of how more inclusion benefits all of us, and give examples of inclusive practices everyone can use.</p> - - Ali Spivak - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:30 - UD2.208 (Decroly) - automated_analysis_of_tls_1_3 - Automated Analysis of TLS 1.3 - - Mozilla - devroom - - <p>The Transport Layer Security (TLS) protocol is the security backbone of the Web, and is used my millions, if not billions, of users of a daily basis. Weaknesses in TLS 1.2 and below, as well as pressure to improve the protocol's efficiency, lead the Internet Engineering Task Force (IEFT) to engage in development of a new version of the protocol, namely TLS 1.3. In the design of TLS 1.3, the IETF welcomed analyses of the protocol prior to its official release, with the intention of remedying flaws and weaknesses before users would be affected. This "analysis-prior-to-deployment" design process was in sharp contrast to previous versions of the protocol. In this talk I will present two analyses of TLS 1.3 using the Tamarin prover, a state-of-the-art formal methods tool designed specfically for cryptographic protocol analysis. The first analysis, of draft 10, found a serious attack against the protocol and informed the next draft of this critical protocol. The TLS 1.3 draft, however, was a rapidly moving target, and the second analysis effort, of draft 21, went on to confirm the stability of the protocol, showing that after four years of development, the logical core of the protocol was sound. This confirmation gave the IETF confidence to release the protocol, and it was officially approved in August of 2018.</p> - - - Thyla van der Merwe - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:30 - UD2.208 (Decroly) - how_xr_goes_beyond_demos_and_games - How XR goes beyond demos and games - Is XR just a trend? Or is there more to it? - Mozilla - devroom - - <p>XR has been trending for many years, and so far we've all seen awesome demos, like being on the moon, on a roller coaster, playing horror games and watching 360 videos. But while we're busy creating standards, we're forgetting the most important part of XR. Our brain.</p> - <p>Now, I'm not saying that we shouldn't develop what we've been already developing. But, XR is, in fact, a technology. That's more than a content medium. XR has recently used for treatment for PTSD, ADD &amp; ADHD, OCD, various phobias, and even for vaccinations. So, what else is XR being used for? And how do tools developed by Mozilla help? Let's find out!</p> - - Boris Budini - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:10 - 00:30 - UD2.208 (Decroly) - countless_beautiful_contributions - Countless, Beautiful Contributions - - Mozilla - devroom - - <p>If you're joining us in the Mozilla devroom, you're likely already passionate about some of the things Mozillans do to build a better internet, contribute to cutting edge technologies or to help teach and share knowledge. You may even have a favorite project in mind. In this talk we're going to look at a range of different volunteer and contribution opportunities across Mozilla projects that could use a little bit of TLC from you. We'll examine how volunteer efforts power these projects, what impact your contribution could make and talk about the impact volunteer efforts make across the web and the world.</p> - - - Jessica Rose - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:45 - UD2.208 (Decroly) - speed_without_shenanigans - Speed without Shenanigans - How Rust and WebAssembly is changing the web as we know it - Mozilla - devroom - - <p>This talk is replacing Rabimba Karanjai talk that we have to cancel for unforeseen travel issues.</p> - - - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:25 - 00:35 - UD2.208 (Decroly) - yet_moar_css_features - Yet Moar CSS Features - - Mozilla - devroom - - <p>A quick review of new features of CSS that came widely available in 2018 or are about to come in 2019. Some of these features were already present but have matured enough to e used by Web Developer</p> - - - Jean-Yves Perrier - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:00 - 00:30 - UD2.208 (Decroly) - decentralizing_the_web_despite_itself - Decentralizing the Web Despite Itself - - Mozilla - devroom - - <p>The web is unimaginably large. Despite all recent challengers, it is still the most successful digital platform in human history. However, the web's centralized nature works against true user agency... and its success is one of the biggest barriers to changing it. Come learn about these challenges and about efforts by Mozilla and other projects to enable decentralized and distributed applications on the web today.</p> - - - Dietrich Ayala - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 18:30 - 00:30 - UD2.208 (Decroly) - when_perf_html_met_a11y - When perf-html Met A11y - - Mozilla - devroom - - <p>One in seven people is disabled.</p> - -<p>And accessible websites (and apps!) enable them to work on an even playing field, while also being more usable for everyone.</p> - -<p>For the past couple of months, I've been working on improving the accessibility of perf-html, Mozilla's virtuoso profiler.</p> - -<p>During this talk, I'll be sharing my journey into the world of accessibility and demonstrating how perf-html aims to make Mozilla not just more performant, but also more usable for everyone.</p> - -<p>Topics covered: Focus, keyboard navigation, semantic HTML, ARIA and Accessibility inspector &lt;3</p> - - - Eva Dovc - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:30 - UD2.218A - cancelled_open_and_federated_identities_with_id4me - CANCELLED Open and federated identities with ID4me - An alternative to "sign in with Facebook" - Decentralized Internet and Privacy - devroom - - <p>PLEASE NOTE THAT THIS TALK HAS BEEN CANCELLED.</p> - -<p>Online identities are the cornerstone on which data-based capitalism is built - so, Google, Facebook and other OTTs are trying to dominate them and close them into silos. The ID4me platform extends OpenID Connect to create an open and federated architecture that allows any number of providers to interoperate, and gives back control to users, and a role to community service providers.</p> - <p>In the last years, the Internet has been increasingly centralized into the hands of GAFAM and other over-the-top companies that built walled gardens in fields like messaging and social networks. More and more of these companies have user data monetization and targeted advertising as a core revenue stream; thus, tracking people across their Internet activities is necessary to their existence.</p> - -<p>This is why they have also built closed identity systems that supply single-sign-on and very easy sign up for new websites and services, at the expense of privacy and user control. As managing hundreds of separate accounts is inconvenient and insecure, and as alternatives such as password managers are not easy enough for the average Internet user, clicking on “sign in with Google” or “sign in with Facebook” has become a very common choice.</p> - -<p>We think that this is bad for the Internet in general, and thus we are creating a platform that allows anyone to provide identities, creating an open, public and federated single-sign-on and data management system. We are extending OpenID Connect just a bit, the bit that is necessary to break the silos and allow interoperability; and we are basing the system on the DNS, the widely available and already federated naming directory of the Internet.</p> - -<p>The talk will explain how the system works and encourage participation and contributions.</p> - - Vittorio Bertola - - - ID4me website - Internet draft describing the system - Submit feedback - - - - 11:00 - 00:30 - UD2.218A - web_extensions_exposing_privacy_leaks - Watching Them Watching Us - WebExtensions Exposing Privacy Leaks - Decentralized Internet and Privacy - devroom - - <p>Internet has become an integral part of our lives and everything we do online leaves a trail of data. This data is being collected, analyzed, sold and aggregated to cast profiles about us by companies across the globe.</p> - -<p>In the physical world, if a stranger was to follow you everywhere you go, keep a log of who you talk to and meet with, read your mails and then share all this information with others, wouldn’t you be concerned? -But somehow in the digital world we do not seem to worry too much about the same scenarios.</p> - -<p>One of the main reasons for this is lack of awareness about how most Internet companies are making money these days. In fact, as a consequence of the business model of brokering personal data, a surveillance capitalism emerges.</p> - -<p>With the advent of SaaS, website and app owners usually outsource functionality like analytics, recommendations, A/B tests to be managed by third parties, with legitimate business purposes.</p> - -<p>While these use-cases might seem legit, the way data is collected to solve the legit use-cases are bound to harm the user’s privacy. You end up sharing sensitive user data with the companies you may have never heard of. They can not only link the webpages you visit but also have the ability to de-anonymize you by knowing your name, email, address, passport number etc.</p> - -<p>Once this information leaves your machine, it is out of your control. From it, a detailed profile about you is created, which is then available to a whole bunch of parties, which may or may not live to any ethical standards. With accurate enough profiles, companies and data brokers can simulate the behaviors and decision making of the world's population. They don't even need everyone's interactions because they can infer the whole population behavior from just a few examples of each cluster.</p> - -<p>This is why privacy is everyone’s concern so we need to raise awareness: -- The general public needs to know how every move that they make in the online world is being tracked, shared and used. -- Developers need to consider how their users and customers' data deserves to be treated with respect and care, not sold unknowingly to faceless companies.</p> - -<p>But how do you transmit this complex reality to the broader audience outside our community? What data is being shared unconsciously? Who are these data collectors? What is the impact of our blocking mechanisms as users?</p> - -<p>This is precisely the problem both Local Sheriff and Trackula tackle.</p> - -<p>In this joint talk, we will showcase how two groups of people independently built Browser Extensions to answer these questions.</p> - -<ul> -<li>Local Sheriff - informs the user about which PII is shared, and with which companies?</li> -<li>Trackula  - from a less technical perspective and through a more visual UX focuses on raising awareness to non technical users.</li> -</ul> - - -<p>More details about the tools can be found:</p> - -<ol> -<li> Local Sheriff - https://github.com/cliqz-oss/local-sheriff</li> -<li> Trackula – https://trackula.org/</li> -</ol> - - - - Santiago Saavedra - Konark Modi - - - Trackula website - Trackula firefox plugin - Local Sheriff Github Repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - UD2.218A - analysis_of_the_behavior_of_mobile_applications_and_its_consequences_for_our_privacy - Analysis of the behavior of mobile applications and its consequences for our privacy - Presentation and analysis of the work of Exodus Privacy - Decentralized Internet and Privacy - devroom - - <p>Presentation of the organization Exodus Privacy and its study of the respect of privacy by Android applications, via a platform performing static analyses of APK files (in order to identify trackers embedded in Android applications)</p> - <p>Exodus Privacy is a French non profit organization founded in 2017 and animated by hacktivists. We developed an open-source platform (called εxodus) in order to analyze Android applications from the Google Play Store and their respect of privacy, through the static analysis of APK files. This platform provides the public with reports presenting, among other things, trackers embedded in Android applications.</p> - -<p>During this talk, we will present in details how we are analyzing Android applications on the εxodus platform and its results, as well as the impact on our privacy that represent trackers which have invaded our smartphones.</p> - - pnu - Guinness - - - Project website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - UD2.218A - librehosters - LibreHosters - A federation of networks for cooperation and solidarity through distributed platforms. - Decentralized Internet and Privacy - devroom - - <p>librehosters is a network of cooperation and solidarity that uses free software to encourage decentralisation through federation and distributed platforms. The values of the group connect transparency, fairness and privacy with a culture of data portability and public contributions to the commons.</p> - -<p>In this presentation we show how people with interest in self-hosting, system administrators from not-for-profit initiatives and members of hosting collectives are federating practices and infrastructure outside of the commercial market. Early members of the recently bootstrapped network will be present to counsel the conversation.</p> - -<p>A data-driven approach to reactive provisioning of immutable infrastructure will be outlined and put into context with the diverse needs of associated user communities in the network. This will allow to close with an outlook about how to preconceive a federated computational commons, in which user data is not tainted by hegemonic discourses.</p> - <p>After a session about so-called <em>migration networks</em> (of user data) at <a href="http://labs.ouishare.net/">OuiShare Labs Camp #3</a> in 2015, the conversation continued between a flock of hosting providers independently. Over the years a list of <a href="https://github.com/libresh/awesome-librehosters/"><code>awesome-librehosters</code></a> quickly filled, which only underlined the need for a cooperative praxis around independently hosting user and community infrastructure.</p> - -<p>With the emergence of the federated messaging network Matrix, different hosting providers interested in supporting distributed computation environments got in touch directly on the channel <code>#librehosters:matrix.allmende.io</code> and prepared a physical meeting over the course of the year 2018. This ultimately gave birth to Librehosters as an independent, informal entity.</p> - -<p>In there, groups and individuals find a communication and exchange platform about practices of Self-Hosting in general, Docker Compose and systemd based hosting with libre.sh in particular, plus a prospect of a shared Kubernetes-based hosting environment. A data-driven approach to framing the conversation are the <a href="https://github.com/libresh/catalogue">application catalogue</a> and <a href="https://lab.libreho.st/librehosters/directory/">member directory</a>.</p> - -<p>The latter currently (26.11.2018) renders into</p> - -<p>``` -{ -"weho.st" : "https://weho.st/librehost.json", -"Petites Singularités" : "https://ps.lesoiseaux.io/librehost.json", -"lain haus" : "https://lain.haus/librehost.json", -"Indie.Host" : "https://indie.host/librehost.json", -"aktivix.org" : "https://aktivix.org/librehost.json", -"Webarchitects Cooperative" : "https://www.webarchitects.coop/librehost-api/librehost.json", -"hackerspaces.be" : "https://hackerspaces.be/librehost.json", -"snopyta.org" : "https://snopyta.org/librehost.json" -}</p> - -<p>```</p> - -<p>and presents the beginning of a wider federation of computing resources. One can imagine a directory per offered service, where producers of FLOSS can find an easy to find, maybe even canonical place for hosting offers of their respective applications.</p> - -<p>The movement inbetween the Librehosters leads to a convergence of documentation and practice within the field of self-determined hosting, which eases the sharing of use cases and appropriate answers to reappearing needs. General acceptance receive federated platforms, such as file, calendar and contacts sharing with Nextcloud, microblogging with Mastodon, instant messaging with Matrix/Riot, but also the communication and collaboration environments Discourse for post-email, web-native discussion spaces and CodiMD Markdown pads alike.</p> - -<p>The convergence of hosting practices within a self-determined network of practitioners taking care of user data helps with achieving data portability between platforms and providers, provides a social network for security training &amp; mutual audit and enables a commoning of process and resources within the hosting communities to construct shared infrastructure.</p> - -<h2>How to join the network?</h2> - -<p>The librehosters network is work in progress at this point. The first gathering kicked of the creation of the network, inspired by the CHATONS network in the french speaking world. Libre Selfhosters are also welcome in the network.</p> - -<h2>How to participate in the project?</h2> - -<p>We currently have a discussion ongoing at talk.libreho.st and are developing tools at lab.libreho.st. A list of librehosters will soon be published at libreho.st/librehosters. If you would like to be included in this list please add a librehost.json file to your projects website and add the project itself to the librehosters directory repository.</p> - - Jon Richter - - - libreho.st - the librehosters network - Riot messaging in #librehosters:matrix.allmende.io - Discourse discussion on talk.libreho.st - GitLab group on lab.libreho.st - Riot community at +librehosters:chat.weho.st - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - UD2.218A - onion_adventures - Onion adventures - how to use onion services and the Tor network in your web endeavors - Decentralized Internet and Privacy - devroom - - <p>Tor is an important tool providing privacy and anonymity online. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. The Tor Browser was designed to provide privacy while surfing the web and defend users against both network and local forensic adversaries. The same properties can be adopted by applications and services wishing to integrate the tor network in their architecture. Furthermore, onion services provide better authentication and assurance of who you are talking to. With onion services Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. This talk is going to explain how it is possible to integrate tor and build onion applications.</p> - <p>or is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. Encryption only prevents the content of the communication between Alice and Bob from becoming known. There is in fact a lot of information that can still be learned by just observing encrypted communications. For example, it is always possible to guess certain information by learning some properties of the conversation beyond just the content, such as the length of the conversation, or who was involved, or even guessing a group of people that communicate with a certain frequency. These properties are called metadata and can be used to describe information even when the full data is not available.</p> - -<p>Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. For the Tor network to function properly and to satisfy users' needs, we need a certain degree of diversity. We need diversity in the nodes relays comprising the network and in the user population sending traffic through it. Lately, we have been introducing new traffic scheduling features in the network in order to solve problems, reduce congestion, and improve overall performance. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser.</p> - -<p>Other applications can also make use of the Tor network to be more secure. Onion services provide better authentication and assurance of who you are talking to. In this case, Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server.</p> - -<p>This talk is going to introduce what it does mean to do web development with privacy in mind. We will start by presenting a few example of applications that use onion services and follow up with tips on how to integrate onion services in your architecture and how to provide a seamless frontend experience for privacy-concerned people that prefer to use the Tor Browser.</p> - - Silvia Puglisi - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - UD2.218A - retroshare_json - Retroshare JSON API - Making libRetroshare a generic service for decentralized and private communication - Decentralized Internet and Privacy - devroom - - <p>RetroShare is a platform that allows users to create a fully decentralized network with a high level of security, privacy and confidentiality. -It offers a unique combination of features (File transfer, publishing channels, forums, distributed chat, asynchronous email,...) that -provide users lots of ways to interact. Its generic nature allows to create new services based on an existing cryptographic and networking backend.</p> - -<p>The presentation will start with a short overview of the RetroShare software and motivate the need for a JSON API to safely access the features offered by the core of the software. -Our JSON API, to be released in December 2018, uses clever techniques to automatically generate handles from existing code based on Doxygen capabilities as well as a very compact serialization technique. -We will explore the potential of the JSON API with concrete examples including the --preliminary-- web interface and Android RetroShare clients. -Finally, a call to developers will be made, based on generic examples, while proposing multiple ideas of distributed services to be developed on top of it.</p> - <p>The detailed plan for the presentation will be the following. -Each line indicates the approximate time duration and number of slides. -The presentation is tuned to approximately 20 mins.</p> - -<p>Overview of the Retroshare platform</p> - -<ul> -<li>Services offered by the application (FT, channels, forums, identities, etc)</li> -<li>Architecture (libretroshare + Qt UI, main components)</li> -<li>Motivation for a JSON API (use of RetroShare as a background library for decentralized communication, Android client, web interface, getting rid of old UI...)</li> -</ul> - - -<p>The JSON API</p> - -<ul> -<li>Automated serialization</li> -<li>Automated JSON API code stub generation</li> -<li>Interaction, syntax</li> -<li>Authentication</li> -</ul> - - -<p>Concrete examples</p> - -<ul> -<li>RetroShare's new web interface</li> -<li>Experimental mobile chat app based on RetroShare JSON API</li> -<li>ElRepo.io App based on RetroShare JSON API</li> -</ul> - - -<p>Call for contributions</p> - -<ul> -<li>ideas of applications</li> -<li>conclusion and contacts</li> -</ul> - - - Gioacchino Mazzurco - - - RetroShare web site - Slides showed at the talk - Retroshare development blog - Technical description of the backend data distribution system - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - UD2.218A - the_new_internet - The New Internet - let's talk about IPFS - Decentralized Internet and Privacy - devroom - - <p>Step by step, internet as we know it is currently being limited, censored and monitored. To prevent and fight against this, there are associations, activists and such... and one of the proposals is... IPFS protocol. IPFS is, as the official website describes "peer-to-peer hypermedia protocol to make the web faster, safer, and more open". It wants to offer a distributed alternative protocol, making it more resilient which is handy in case of developing countries, for example.</p> - -<p>In this speech I'd love to introduce the reasons that brought internet community to care about distributed internet, what is IPFS and how to easily setup and start using it on linux terminal and web interface.</p> - <p>We are in the late 80's, internet is very exciting, everyone want to have a webpage... Communication has changed, and we are going into a new lifestyle, in which we can be anonymous, there are no walls between users and knowledge is open. But... uh-oh, some countries are not very happy with this statements... Internet begins to have such importance, it shapes society. If you where an ambitious company or country, wouldn't you think... Who has internet control has society influence, right?</p> - -<p>This was actually predicted by some computer scientist and technology related persons back then, and that's why associations such as the Electronic Frontier Foundation were created. As internet has evolved since then, it has been limited and censored, as I already describe above. Tim Berners Lee (world wide web) already expressed the need of a new way of understanding the internet, more specifically, a distributed way of doing it. One of the most ambitious projects for decentralize the internet is IPFS, a distributed protocol that can be used from the terminal and has a web interface, very user-friendly.</p> - -<p>I aim to show the basic commands, explaining the close-future options that this protocol give us, and explain why is this important.</p> - - Paula de la Hoz - - - an article about to introduce the topic - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - UD2.218A - challenges_with_building_end_to_end_encrypted_applications_learnings_from_etesync - Challenges With Building End-to-End Encrypted Applications - Learnings From EteSync - - Decentralized Internet and Privacy - devroom - - <p>Building end-to-end applications is not easy, or at the very least, it comes with its own unique set of challenges.</p> - -<p>There are the often talked about challenges, like making sure you use battle tested encryption primitives and use them correctly, and striking the balance between security and usability. Unfortunately, there are many more challenges that are not often talked about, like the significantly decreased development speed due to all the code being implemented on the client side, the increased difficulty and complexity in upgrading the protocol and many others.</p> - -<p>In this talk Tom will use EteSync as an example for a secure application to show some of the more interesting challenges he faced while creating it, and new challenges that he encountered as the user-base grew and the protocol evolved. Tom will also cover some of the issues that affect EteSync today, how they will be addressed in the future, where EteSync is going, and what's currently holding it back. -By the end of this talk, attendees will be made familiar with some of the unique challenges that come with building end-to-end encrypted applications and some alternatives for solving them.</p> - <p>Audience:</p> - -<ul> -<li>People interested in the inner workings of EteSync</li> -<li>Developers interested in, or actively designing secure applications and protocols</li> -<li>People interested in the future of the EteSync</li> -</ul> - - - Tom Hacohen - - - EteSync - Tom's Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - UD2.218A - gdpr_and_dtp_vs_data_portability_and_freedom - The right to data portability (and why it's a very bad idea) - How the RGPD leads to the DTP and why DTP is a dead-end - Decentralized Internet and Privacy - devroom - - <p>The GDPR (and some local regulations) have created a right to data portability. It looks like a <em>good thing</em> but it probably isn't, as it seems to lead to the future DTP (https://datatransferproject.dev/) from our beloved GAFAM. What is DTP goal, which usecase does it handle IRL and why we should, from now on, fight for a right to real time data <em>accessibility</em> instead of portability, those are the questions we'll try to answer.</p> - <p>The right to data portability was intented as a way to enforce competition (and, somehow, to help create european counterparts to GAFAM) and to give back to the public some control over their personal data, but it fails in both situations. The best proof is that GAFAMs themselves are promoting a new common API called DTP (Data Transfer Project) that will never disrupt their market influence. We will analyze in detail how DTP works and why it can't help with decentralization and personal data protection.</p> - -<p>What we really need is a right to data /accessibility/, through a common API that will give users the right to access at any time their own data, from whatever service they are using, wherever it is stored.</p> - -<p>This is the only way to create some real competition, as one could then chose to move on from a "must have" service without leaving his friends and contacts behind, consequently adopting services that will protect his privacy without making him change his known addresses.</p> - -<p>It's a realistic goal: such a right would not be economically unacceptable to GAFAM. The current DTP would be a basic starting point for the development of the new API, that would be a real decentralization opportunity and a real chance for new business models, based on federation of privacy respectful services, to take off.</p> - - Laurent Chemla - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - UD2.218A - enough_how_journalism_can_benefit_from_free_software - Enough: How journalism can benefit from free software - - Decentralized Internet and Privacy - devroom - - <p>Enough is a set of tools, online and self-hosted, as well as a community composed of technical people and journalists. The tools were designed to empower journalists and Human Rights Defenders when protecting their privacy, and their sources in the digital era. We will run you through the approach with examples of practical application. We hope to inspire developers and sysadmins to help journalists and provide them with the tools they need when the freedom of the press is challenged.</p> - <p>It‘s not news that journalism has undergone significant changes since the beginning of digitalization: from methods and tools applied in news rooms to the pace at which information is received, processed and outdated, today‘s news are as heavily influenced by modern technology as every other aspect of our lives. While many of these changes contribute to the empowerment of citizens, some of them pose challenges and threats to the traditional role of journalism as safeguard of informed public debates which our societies depend on.</p> - -<p>One of them is the growing number of intermediaries involved in communication: Journalists rely on Google, Facebook and other private companies to communicate with sources or store documents online. At the same time, a lack of regulation facilitates the access of governments to data collected by said intermediaries, and legislation introduced all across the globe in the name of terror prevention and protecting national security contributes to curtailing civil liberties. All of these taken together significantly increase the risk of abuse through regulators to inhibit journalists from doing their job – which, in turn, becomes all the more important in that very same context to protect the public interest in a fair and free society.</p> - -<p>An answer to this would be to empower journalists to maintain control over their data. But because only few of them have the technological know-how to make use of tools that would allow them to do so, they require support. Establishing closer cooperation between journalists and technological experts is one effective way to close this gap.</p> - -<p>This is why we promote the use of the communication platform Enough: based on Free Software exclusively, it offers journalists and Human Rights Defenders a way of communicating and exchanging documents with their sources through an interface that seems familiar to them. At the same time, Enough is embedded and maintained by a decentralized community composed of technological experts, who can support users in technical questions.</p> - - Veronika Nad - - - Enough - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - UD2.218A - nextcloud - Nextcloud - decentralize the way we sync, share and collaborate - Decentralized Internet and Privacy - devroom - - <p>Nextcloud enables you to regain control over your data and freely share and sync them. That's probably the part of Nextcloud most people are already familiar with. But Nextcloud takes huge efforts to go beyond handling your data and provides strong collaboration and communication tools. In 2019 most people not only want to store their data, they are looking for a integrated platform which allows them to do actual work with their data. In this context collaborative editing but also video, audio and text chat, integration with your contacts and calendars and many more play an important role. If you want to do this without losing the connection to your friends, family and co-workers strong federation capabilities are needed. Federation is at the heart of Nextcloud and was completely re-written last year based on the vendor neutral Open Cloud Mesh (OCM) specification.</p> - -<p>Additionally to the OCM implementation which allows you to share data across Nextcloud instances, we are excited to announce that with Nextcloud 15 we joined the Fediverse with our own ActivityPub implementation. This turns every Nextcloud user into a participant of the free, open and federated social network and allow them to communicate with people on Mastodon, Friendica, Pleroma and many more. Join the talk and learn what you can do with Nextcloud and how to join the cloud federation.</p> - - - Björn Schießle - - - Nextcloud - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - UD2.218A - dark_peak_data_co_op - Dark Peak Data Co-op - Sheffield Geeks Freeing Their Data - Decentralized Internet and Privacy - devroom - - <p>Dark Peak is a user-run co-operative providing hosted open-source software for the benefit of our members.</p> - -<p>This is the story of how some geeks from Sheffield are working together to free their data from the tyranny of global corporations!</p> - <p>We each want better control over what we share online and how our data is used, so we founded an organisation democratically run and owned by its users. By sharing resources and expertise, our volunteers aim to provide convenient alternatives that put you back in control, according to our four main principles:</p> - -<ol> -<li>Data with representation</li> -<li>Promote the dignity of data ownership</li> -<li>Provide the freedom to host some or all services yourself</li> -<li>Federate and interoperate where possible</li> -</ol> - - -<p>This talk aims to give an overview of our organisation and how we came to be, what choices we made and why we made them and the mistakes we made along the way -- we want to share what we've learned from both organisational and technical points of view.</p> - -<p>We hope the audience will be enthusiastic about self-hosting, and are interested in seeing the power of running or joining a self-hosting co-op.</p> - - Mat Booth - - - Dark Peak Data Co-op - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - UD2.218A - yunohost - YunoHost - An essential building block for the decentralized Internet - Decentralized Internet and Privacy - devroom - - <p>The YunoHost and Internet Cube projects are driven by the existing complexity in deploying and maintaining a server providing basic services, such as mail and web applications. How realistic is it to fight for a free and decentralized internet if only an elite of technicians have the skill, knowledge and time to administrate and maintain servers ?</p> - -<p>Since a few years, the intention of those projects is to solve this key issue by lowering the technical barrier of self-hosting and making it a common practice. YunoHost is a Debian-based distribution that provides a clean and simple web interface through which the administrator can deploy services and apps quickly and with limited technical knowledge. The Internet Cube is a low-cost ARM board, preinstalled with YunoHost and preconfigured with a VPN to bypass ISP's restrictions, making it a plug-and-play solution for people willing to start self-hosting.</p> - -<p>In this talk, I want to emphasize the necessity to democratize self-hosting against the GAFAM hegemony. Then, I shall recap how YunoHost and the Internet Cube currently works and present the evolution of the projects over the last two years. I will conclude by making a call for feedback and contributors from the FOSS community.</p> - - - Aleks - - - Video recording (WebM/VP9) - Video recording (mp4) - Video with slide view in addition to speaker view - Submit feedback - - - - 17:00 - 00:30 - UD2.218A - organisational_processes_in_decentralized_software - Organisational Processes in Decentralized Software - roundtable open to decentralized software developers - Decentralized Internet and Privacy - devroom - - <p>We would like to invite developers for a round table to discuss the specificity of the organization of decentralized software, and to address organizational issues that are crucial for the survival of the projects we love.</p> - <p>F/LOSS development is often mostly organized along a the sequence of its commits, while the idea that a great software starts with one person,is a quite common narrative in F/LOSS (think about linux or git). Even community-led projects often tell their history centering it on one hero (see for example the history of open street map: https://wiki.openstreetmap.org/wiki/History<em>of</em>OpenStreetMap). So what about decentralized software? From a feminist standpoint we are not satisfied with the "hero narrative", as we feel it doesn't fully represent the complexity and the values of decentralized software projects. Furthermore, this narrative can be detrimental for the long term sustainability of decentralized projects because it can overshadow the importance of thinking about organizational problems and community health. Instead, we would like to invite developers for a round table to discuss the specificity of the organization of decentralized software, and to address organizational issues that are crucial for the survival of the projects we love. How to build and sustain projects which are not only decentralized from a technical perspective, but also from an organizational one? How to share responsibilities so that code and infrastructure work but people do not burn out -making entire projects at risk to disappear? And how to tell if a project is anyway destined to disappear or if there is an organizational bug which can be fixed? -During this roundtable we wish to invite developers from Fosdem's decentralized room to discuss those issues but we are still in the phase of contacting them.</p> - - Natacha Roussel - zeyev - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:30 - 01:00 - UD2.218A - activitypub_panel - ActivityPub panel - - Decentralized Internet and Privacy - devroom - - <p>This panel gathers standard authors and implementors of ActivityPub to discuss the role of ActivityPub in the present in connecting together the fediverse and what the future might hold.</p> - - - Christopher Webber - Cory Slep - Agate - Matt Baer - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - - - 12:00 - 01:00 - J.1.106 - bof_apache_camel - Apache Camel Meetup - Meeting of the Apache Camel community - BOFs (Track A - in J.1.106) - bof - - <p>Apache Camel is a free software integration framework from the Apache Software Foundation. This meetup is for anyone wishing to meet and discuss Apache Camel development, share experiences and meet in meat space other folk in the Apache Camel community.</p> - -<p><a href="https://camel.apache.org">Apache Camel website</a></p> - <p>Apache Camel has been around and its used quite widely for in all sorts of software integration projects. We recently kicked of a number of initiatives in the Camel community around the next version - Camel 3, cloud native Camel - Camel-K and building the new website. Let's meet and discuss this initiatives or just talk and exchange ideas around Camel. Anyone wishing to share can present on any topic relating to Apache Camel, though please be mindful of the time we have one hour in this session and would like that everyone would have the chance to participate.</p> - - Zoran Regvart - - - Apache Camel website - Camel-K on GitHub - Submit feedback - - - - 13:00 - 01:00 - J.1.106 - bof_musescore - MuseScore User and developer Meetup - Free and open-source music notation software - BOFs (Track A - in J.1.106) - bof - - <p>This meetup is to connect MuseScore users and developers, and have a hands-on session on all things MuseScore.</p> - -<p>MuseScore is music notation software used by millions of musicians worldwide to create, play and print beautiful sheet music. MuseScore is easy to use, yet powerful, and creates professional-looking sheet music. MuseScore is licensed under GNU GPLv2.</p> - -<p>MuseScore is available for Linux, Windows and Mac OS X, and is available in 50+ languages. It features an easy to use WYSIWYG editor with audio score playback for results that look and sound beautiful. It supports unlimited staves with up to four voices each, dynamics, articulations, lyrics, chords, lead sheet notation, import/export of MIDI and MusicXML, export to PDF and WAV, plus online score sharing.</p> - -<p>https://musescore.org</p> - - - Thomas Bonte - - - Submit feedback - - - - 14:00 - 01:00 - J.1.106 - bof_gnuradio - GNURadio BoF - Hack the #cyberspectrum - BOFs (Track A - in J.1.106) - bof - - <p>No description provided yet.</p> - - - Philip Balister - - - Submit feedback - - - - 15:00 - 01:00 - J.1.106 - bof_zonephone - ZeroPhone meetup - Hardware demo, Q&A - BOFs (Track A - in J.1.106) - bof - - <p>ZeroPhone is an (almost) open-source, Linux-powered smartphone that you can source parts for and build independently. During this meetup, you can check out the hardware and software (both the phone itself and the addons), discuss any aspects of the project with the main developer, take a look at the ZeroPhone kits (and, possibly, some yet-not-mentioned hardware), meet some contributors, as well as get some ZeroPhone stickers!</p> - - - Arsenijs Picugins - - - Submit feedback - - - - 16:00 - 01:00 - J.1.106 - bof_kodi - Kodi Meetup - Meeting for the Kodi media center community - BOFs (Track A - in J.1.106) - bof - - <p>Kodi (formerly XBMC) is a free and open source media player application developed by the XBMC/Kodi Foundation, a non-profit technology consortium. Kodi is available for multiple operating-systems and hardware platforms, featuring a 10-foot user interface for use with televisions and remote controls. It allows users to play and view most videos, music, podcasts, and other digital media files from local and network storage media and the internet.</p> - <p>This meeting is for everyone interested in our project and community - as user, developer, or just to get an idea of what Kodi is all about. Several Team Kodi members will be present to chat with at your leisure.</p> - - Philipp Kerling - - - Project website - GitHub - Subreddit - Submit feedback - - - - 17:00 - 01:00 - J.1.106 - bof_free_software_mobile_devices - Free Software on Mobile Devices - Community Q/A - BOFs (Track A - in J.1.106) - bof - - <p>This is a BoF on the status of Free Software on a mobile device using the Purism L5 phone. Members of the development team and community members who have dev kits will gather today to talk about we will develop software for the Librem 5, Q/A from the audience, and a small part of time flashing some dev kits for dev kit owners.</p> - - - sramkrishna - - - Submit feedback - - - - - - - - 09:00 - 00:50 - Janson - stopping_community_licenses - SSPL, Confluent License, CockroachDB License and the Commons Clause - Is it freedom to choose to be less free? - Online Privacy - maintrack - - <p>The emergence of the SSPL, CockroachDB, Commons Clause and Confluent licenses are putting the definition of "Open Source" to the test. The companies that are behind these licenses argue that cloud providers aren't playing fair and these licenses are required to protect their investment. But is software freedom situation dependent? Can we make exceptions to software freedom to allow for practical commercial considerations? This is a critical debate that strikes at the very heart of what is free software, open source and software freedom. This talk will examine the rationale behind these licenses, whether they are "open source" and explore how we as a community can respond in a effective and responsible manner.</p> - - - Michael Cheng - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:50 - Janson - solid_web_decentralization - Solid: taking back the Web through decentralization - App development as we know it will radically change - Online Privacy - maintrack - - <p>Solid is a new ecosystem for the Web, in which people store their own data instead of having to upload it to applications. This changes how we will build apps: we no longer have to harvest people's data, but ask permission to access people's data space.</p> - <p>Solid was created by the inventor of the World Wide Web, Sir Tim Berners-Lee. Its mission is to reshape the web as we know it. Solid will foster a new breed of applications with capabilities above and beyond anything that exists today.</p> - -<p>Within the Solid ecosystem, people decide where they store their data. Photos they take, comments they write, contacts in their address book, calendar events, how many miles they run each day from their fitness tracker… these are all stored in their Solid pod. This Solid pod can be in their house or workplace, or with an online provider of their choice. Since they own their data, they are free to move it at any time, without interruption of service. People can give apps permission to read or write to parts of their Solid pod. So whenever they’re opening up a new app, they don’t have to fill out their details ever again. Things saved through one app are available in another: syncing is never needed, because data stays with people.</p> - -<p>This approach protects people's privacy and is also great for developers: we can build apps without harvesting massive amounts of data first.</p> - - Ruben Verborgh - - - Blog post on Solid - The official Solid webpage - Re-decentralizing the Web, for good this time - Slides of the FOSDEM talk - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - Janson - tor_project - The Current and Future Tor Project - Updates from the Tor Project - Online Privacy - maintrack - - <p>In this talk I'll take you on a tour of the Tor landscape, starting with a crash course on Tor, how it works, and what security it provides. I'll explain why Tor's open design and radical approach to transparency are critical to its success, and then compare the censorship circumvention arms race to the nation-state surveillance arms race. We'll end with a discussion of onion services, which are essentially an even stronger version of https, but which you might instead know from confusing phrases like "the dark web".</p> - <p>Tor is a free-software anonymizing network that helps people around the world use the Internet in safety. Tor's 8000 volunteer relays carry traffic for millions of daily users, including ordinary citizens who want protection from identity theft and prying corporations, corporations who want to look at a competitor's website in private, people around the world whose Internet connections are censored, and even governments and law enforcement.</p> - -<p>This past year has seen many changes to the Tor world:</p> - -<ul> -<li><p>Major browsers are working on Tor integration so their private browsing modes will provide actual privacy.</p></li> -<li><p>We have a new Tor Browser for Android that brings the same browser-level protections as we have on desktop.</p></li> -<li><p>Major institutions like the Toronto Public Library are piloting Tor Browser deployments on all of their computers.</p></li> -<li><p>We have a growing and diverse relay community---which needs your help.</p></li> -<li><p>Recent Tor Browser updates include major usability improvements, both for initial user experience and for users in censored environments.</p></li> -<li><p>We've done trainings in many interesting countries to help vulnerable populations use the internet more safely.</p></li> -<li><p>The anti-censorship arms race has moved forward, with China's further crackdown on VPNs vs the design of new pluggable transports to get around blocking.</p></li> -<li><p>We've seen new and novel attacks by nation-states to try to block Tor connections or degrade its security.</p></li> -<li><p>We've deployed the new v3 onion services, which offer improved security, and companies like Facebook and Cloudflare are adopting them.</p></li> -<li><p>New research on privacy-preserving measurement has let us gather statistics that we had previously been unable to safely observe, including a new estimate that the Tor network has 8 to 10 million daily users.</p></li> -<li><p>And last but not least, we have a new executive director for the non-profit organization.</p></li> -</ul> - - - Roger Dingledine - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - Janson - algorithmic_sovereignty - Algorithmic Sovereignty and the state of community-driven open source development - Is there a radical interface pedagogy for algorithmic governementality? - Online Privacy - maintrack - - <p>Algorithms are growing in power and importance. Their logic is often hidden, while their results are manifest: the free and open source movement mostly addresses this condition. Yet moving beyond transparency, there is an urgent need for awereness and governmentality on decisions made by algorithms about the social and economical context in which we live. Community driven development may be the perfect answer to this, but faces many challenges ahead.</p> - <p>The metaphor of a “black box society” is apt to describe the role that algorithms have taken in our contemporary and highly digitised world, following a pervasive adoption from industrial automation to public administration. Who understands what is inscribed in such algorithms? What are the consequences of their execution and what is the agency left for the living world? Is there any chance for sovereignty outside of technical expert circles?</p> - -<p>There is nothing neutral in an algorithm, to the contrary every algorithm has to be seen as the cultural product of a negotiation of power and its analysis requires the understanding of its language applied to the living world. -The concept of sovereignty I'm proposing represents the way a community of participants can influence an algorithm, appropriate it, distribute it, share it and create new ones.</p> - -<p>The free and open source community has gone a long way to realise this condition for the technical elites that can interact with the literature of algorithms. But is transparency, as opposed to secrecy, enough of a condition to make algorithms functional to the creation of an intelligible society? By moving forward with an answer this talk proposes that "openness" and "transparency" are not sufficient conditions to realise the good ethical propositions of the free software movement. It now becomes even more urgent to understand this limit and envision how to move forward as computing becomes more pervasive and relevant to many functions supporting the living economies of our planet.</p> - -<p>This talk will not be limited to describe the problem and the contexts where it can arise, but also to give practical examples, from software design patterns to social experimentations as working solutions.</p> - - Denis Roio (Jaromil) - - - Algorithmic Sovereignty observatory - Short video interview - Doctoral dissertation on topic - Decentralized Citizen Owned Data Ecosystem - Decentralized Citizen Engagement Technologies - Dyne.org Think&do Tank - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:50 - Janson - duckduckgo_open_source - Open Source at DuckDuckGo - Raising the Standard of Trust Online - Online Privacy - maintrack - - <p>Privacy was THE hot topic of 2018, but at DuckDuckGo we've been raising the standard of trust online since 2008. Find out why privacy is important, how we're helping raise the standard of trust online, and the part that Open Source plays in our mission.</p> - <p>In this lecture we'll cover the following topics:</p> - -<ul> -<li>Why privacy is important</li> -<li>What you can do to protect yourself online</li> -<li>What DuckDuckGo has been doing to raise the standard of trust</li> -<li>What part Open Source plays in DuckDuckGo's mission</li> -<li>A technical dive in to our Privacy Components, including browser extensions and mobile apps</li> -<li>What's coming in 2019 and beyond</li> -</ul> - - - Chris Brind - - - DuckDuckGo's Public Github Repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - Janson - crostini - Crostini: A Linux Desktop on ChromeOS - - Miscellaneous - maintrack - - <p>Recent versions of ChromeOS allow users to run a full Debian operating system in a dedicated container. -This talk discusses the technologies behind the implementation, the current functionalities, and a rough -roadmap of where we're going to bring this features, that integrates the chrome and linux desktop for the first time, -making ChromeOS the most readily available Linux machine for an end user or enterprise.</p> - <p>ChromeOS is a Google made Linux-based operating system that focuses on security, speed, and is optimized to run a web centric workload. -From the beginning ChromeOS computers could run Chrome, and a few specially made applications, but since 2016 they also run Android apps. -ChromeOS devices are readily available from many manufacturers.</p> - -<p>Since version 69 of ChromeOS, released in the fall of 2018, users can run a Debian GNU/Linux operating system inside a VM and container. -This is initially targeted at power users and developers, but opens the option of running any Linux desktop app on a ChromeOS device, instantly -making ChromeOS devices the most easily available Linux computer for a consumer to get.</p> - -<p>In this talk we will discuss:</p> - -<ul> -<li><p>The architecture of Crostini, and its rationale</p></li> -<li><p>Its current features and functionality</p></li> -<li><p>Personalizing and configuring your container</p></li> -<li><p>Enterprise features to control linux deployments on ChromeOS</p></li> -<li><p>Roadmap plans, including how developers can target ChromeOS as a platform for users to run their Linux desktop applications</p></li> -</ul> - - - Guido Trotter - Dylan Reid - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - Janson - open_source_microsoft - Open Source C#, .NET, and Blazor - everywhere PLUS WebAssembly - - Miscellaneous - maintrack - - <p>Scott will talk about the last ten years at Microsoft. Scott went there specially to open source .NET and promote open source in general to a company that wasn't (at the time) OSS friendly. A decade later we have achieved that and .NET Core runs everywhere from microcontrollers to iPhones to any cloud. 40% of Azure runs Linux. .NET Core runs on every Linux and the full stack is open source, all the way down to the metal. How did that happen and what’s next? This technical and demo-heavy talk will cover .NET -> WebAssembly running Open Source C# in the browser.</p> - <p>Scott will spend much of his time at the command line doing demos in Windows, Linux, Docker,and online. He'll talk about the tech underneath that brings .NET, .NET Core, and Mono together in a cohesive OSS platform. He'll also talk about .NET Standard as a set of APIs and now it overs true and real code reuse across a wide range devices. Scott will also cover the history of WebAssembly as it relates to .NET and Blazor and show how C# and .NET can run within the browser.</p> - -<p>Scott will also talk about how Microsoft changed both culture and code to release .NET Core as a fully OSS platform with more than 60% of contributions coming from the community.</p> - - Scott Hanselman - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - Janson - cloud_is_another_sun - The Cloud is Just Another Sun - - Keynotes - keynote - - <p>You could reasonably call cloud services the crowning achievement in the world of Free and Open Source software. Linux and Free and Open Source software killed proprietary UNIXes in bare metal data centers and went on to dominate cloud services to such a point that it has even caused Microsoft to completely change their stance and embrace Linux and Free and Open Source software or risk the future of Azure and arguably the future of their company.</p> - -<p>Yet in many ways, this dominance has also bred complacence in the community. On top of all of those Linux instances are many proprietary services, abstraction layers and APIs that make cloud services easy to use for developers, but also turn them into the largest-scale proprietary operating system on the planet, where the network is the computer. Left unchecked, this proprietary operating system has the potential to undo the achievements Open Source software has made in the past two decades.</p> - -<p>The FOSS community has seen this "network is the computer" pattern before with Sun Microsystems and Solaris--a proprietary UNIX operating system that administrators ultimately loaded up with GNU software and free software services before deploying to the data center. Instead of Linux images running your dynamic Rails application or Docker container you ran CGIs in Apache and portable Java apps in Tomcat. Instead of disposable instances you had hot-swappable CPUs and RAM. Instead of S3 you had NFS. Expert users would use well-documented but proprietary CLI tools and libraries to interact with the OS and manage their free software processes. Yet in the end, administrators were subject to the roadmaps, whims, pricing structures, expensive hardware, and overall vendor lock-in from Sun. For all of Sun's talented engineers and sophisticated hardware and software, the freedom and values from Linux and Free and Open Source software combined with low-price commodity hardware ultimately dominated the server room.</p> - -<p>This keynote is part history lesson and part rallying cry. Proprietary OSes and services aren't dead, they just morphed into the cloud. By remembering why Linux was important in the age of Solaris, we can apply those lessons to cloud services before their proprietary APIs and vendor lock-in risk undoing the freedom, open standards, and overall progress our community has made over the last 20 years.</p> - - - Kyle Rankin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:00 - 00:50 - Janson - keynote_fifty_years_unix - 2019 - Fifty years of Unix and Linux advances - - Keynotes - keynote - - <p>2019 marks the fiftieth anniversary of Unix, but it is also the fiftieth anniversary of the ArpaNet/Internet, and people walking on the moon. It marks the 50th anniversary of Woodstock, the beginning of America's LGBTQ movement at the Stonewall Inn in New York City, and maddog wrote his first program fifty years ago. It was also in 1969 that he shaved for the last time.</p> - -<p>2019 marks the 30th year of the World Wide Web, the 25th anniversary of V1.0 of the Linux kernel, and of many GNU/Linux distributions starting. 2019 also marks the twentieth anniversary of the Linux Professional Institute.</p> - -<p>All of these years, and anniversaries.....but why has Unix (and its younger offspring Linux) lasted so long? What was different about Unix that caused it to survive and flourish? Why is it important today, and how can we take it further? How should we celebrate 2019? While maddog does not have all the answers, he tries to make the answers he does have interesting and fun to know.</p> - - - Jon 'maddog' Hall - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 17:55 - 00:05 - Janson - closing_fosdem - Closing FOSDEM 2019 - - Keynotes - keynote - - <p>Some closing words. Don't miss it!</p> - - - FOSDEM Staff - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:50 - K.1.105 (La Fontaine) - love_everyday - Love What You Do, Everyday! - - Miscellaneous - maintrack - - <p>Build a career doing what you love. Open source is an enabler and the community can be your best coach, mentor and referral. Whether you are a beginners or someone who has been working in open source for years, the speakers covers tips in building an open source career. On bringing out the best in yourself, the community and your project.</p> - - - Zaheda Bhorat - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:50 - K.1.105 (La Fontaine) - tesla_hacking - Tesla Hacking to FreedomEV! - Bringing Freedom to electric vehicle software - Hardware - maintrack - - <p>How and why hack a Tesla and its Linux systems? What is possible, implemented and 'to-do'? Call for joining the new world of Electric Vehicle Hacking. Do you want to help to bring some Freedom to our cars? My 'Tesla Hacking' evolved to a broader project 'FreedomEV'.</p> - -<p>Building a community to encourage and build better and OpenSource sofware for in-vehicle entertainment and beyond...</p> - <p>The current state of Tesla Hacking. -Difficulties. Strategies. What has been done and what is possible? -The creation of an opensource platform for hacking electric Linux-based vehicles. -We will launch the website http://www.freedomev.com to bring our hacks to the world and allow others to contribute in the repository. Debian-style.</p> - -<p>It started out with hacking my Tesla Model X. And is evolving now into a community project which seeks your cooperation to build new exciting features into Electric Vehicles. Welcome to the launch of FreedomEV!</p> - -<p>The FreedomEV project aims to give you full control over your own vehicle. Over it's security and full features and capabilities. The future possibilities are endless. We explore how we are doing this, why, and what is possible. Consider this a call for your participation as well. Currently only supporting Tesla Model S and X with ARM MCU, but looking to broaden vehicle support to include Intel based MCU's and Tesla Model 3 and possibly other manufacturers too?</p> - - Jasper Nuyens - - - The to be Fosdem-launched FreedomEV website - FreedomEV Wiki - FreedomEV Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - K.1.105 (La Fontaine) - go_on_microcontrollers - Go on Microcontrollers: Small Is Going Big - TinyGo takes the Go programming language to the "final frontier" where we could not go before... running directly on microcontrollers. - Hardware - maintrack - - <p>TinyGo takes the Go programming language to the "final frontier" where we could not go before... running directly on microcontrollers like Arduino and more! In this talk I will introduce TinyGo (http://tinygo.org) a new miniature version of the Go language that uses the LLVM compiler toolchain to create native code that can run directly even on the smallest of computing devices.</p> - -<p>This talk will feature live coding demos of flying objects...</p> - - - Ron Evans - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - K.1.105 (La Fontaine) - lttng - Fine-grained Distributed Application Monitoring Using LTTng - - Performance - maintrack - - <p>There is no shortage of great tools to monitor distributed applications. However, most of them focus on monitoring overall performance metrics and error rates, giving only a general idea of the health of an infrastructure.</p> - -<p>Unfortunately, rarely occurring issues are often hidden by general trends making it difficult to completely understand infrequent, yet sometimes catastrophic, problems.</p> - -<p>Tracers are great at tracking down sporadic problems in production environments, but the amount of data they generate can be hard to manage in the wild.</p> - -<p>This talk will present how the work done on LTTng over the last year, notably the introduction of a session rotation mode, makes it easier to integrate fine-grained monitoring in production environments.</p> - -<p>The talk will also cover approaches to collecting traces on multiple hosts to troubleshoot problems occurring in distributed systems using both kernel and user-space traces.</p> - - - Jeremie Galarneau - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:50 - K.1.105 (La Fontaine) - ebpf_kubernetes - eBPF powered Distributed Kubernetes performance analysis - - Performance - maintrack - - <p>Since the Linux kernel 4.x series a lot of enanchements reached mainline to the eBPF ecosystem giving us the capability to do a lot more than just network stuff. -The purpose of this talk is to give an initial understanding on what eBPF programs are and how to hook them to programs running inside Kubernetes clusters in order to answer targeted questions at cluster level but about very specific fine-grained situations happening in our programs and systems, like: -- Had that function in my program been called ? -- For a given function which arguments have been passed to it? And what it did return? -- Which TCP packets are being retransmitted? -- What are the queries running slow? -- Insights on programming language events/gc -- Had that file been opened? -Imagine a programmable Kubernetes performance analysis tool that runs at cluster level without performance implications how would you it to be?</p> - - - Lorenzo Fontana - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - K.1.105 (La Fontaine) - perl11 - Perl 11 - The Future of Saint Larry's Language - Performance - maintrack - - <p>Perl 11 is the philosophy of pluggability, performance, and the reunification of Perl 5 with Perl 6. -RPerl is the new optimizing compiler for Perl 5, and is the primary implementation of the Perl 11 philosophy. -We can currently use RPerl to speed up low-magic Perl 5 code with over 300x performance gain. -This talk will discuss the future plans for supporting medium-magic and high-magic Perl 5 code, as well as Perl 6, and beyond.</p> - <p>Perl 5 is a programming language. Perl is fast at string manipulation and regular expressions. Unfortunately, Perl is really, really slow at most everything else.</p> - -<p>On New Year's Day 2013, the RPerl optimizing compiler project officially began. On US Independence Day 2015, RPerl v1.0 was released, at long last; exactly 1 year later, RPerl v2.0 was released with automatic parallelization capabilities. After another year, RPerl v3.0 was released with regular expression support. Major RPerl releases happen on each major holiday.</p> - -<p>Using RPerl, low-magic Perl 5 software may be compiled in serial mode to run 200x, 300x, maybe even 400x as fast as normal high-magic Perl. In serial mode, RPerl moves Perl from being (arguably) the slowest general-purpose language to being among Fortran, C, and C++ as one of the very fastest. In auto-parallel mode, there is theoretically no upper limit to the speed of RPerl, and it may be (arguably) considered the fastest software on Earth.</p> - -<p>RPerl works by implementing a restricted low-magic (low-complexity) subset of the Perl 5 language, which is then converted into C++ and compiled into ultra-fast binary form. The resulting compiled low-magic RPerl code can be called seamlessly from existing high-magic pure Perl code. RPerl is primarily meant to be used for performance optimization, although as a true source-to-binary compiler it can also be used for strong source code obfuscation and IP protection.</p> - -<p>The Perl 11 philosophy includes the 3 primary goals of pluggability at all levels of Perl, performance at-or-beyond the speed of C++, and full reunification of Perl 5 with Perl 6. Perl 11 was formulated in the summer of 2012 by Ingy döt Net, Reini Urban, and Will Braswell.</p> - -<p>RPerl currently supports low-magic Perl 5 input source code. Future RPerl development plans include support for medium-magic Perl 5, then high-magic Perl 5, then Perl 6. It's taken us 30 years of Perl to get here, and we built the Internet along the way. Let's make the next 30 even more unbelievably amazing.</p> - - Will the Chill Braswell - - - Perl 11 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - K.1.105 (La Fontaine) - blockbuster_game - Making the next blockbuster game with FOSS tools - Using Free Software tools to achieve high quality game visuals. - Miscellaneous - maintrack - - <p>More than ever before, It is now possible to create high quality looking game visuals with little effort by using free and open source software tools. -The combination of Blender, Gimp, Krita and Godot Engine running under Desktop Unixes gives the developers unprecedented creative power and ease of use to -achieve professional quality visuals, all this with ease of use and productivity surpassing that of proprietary software. -This presentation will be a step by step description of the tools and techniques used by an artist and a programmer to create the Godot Third Person Shooter demo in three weeks.</p> - <p>The presentation will be broken down in steps describing the tools and techniques used to create a state of the art third person shooter demo using free and open source software.</p> - -<p>-Level blocking using Blender --Level testing using Godot --Character modelling using Blender --Character rigging and animation using Blender Actions --Character import using Godot --Animation Tree and State Machine in Godot --Character and Enemy VFX in Godot --Level hard-surface modelling using Blender --Texture painting using Gimp or Krita --Level importing to Godot --Level lighting and post processing setup using Godot Real Time Global Illumination. --Level audio setup using Godot</p> - - Juan Linietsky - - - Video of the final demo in action - Blender website - Godot Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - K.1.105 (La Fontaine) - susi_ai - SUSI.AI: An Open Source Platform for Conversational Web - - Miscellaneous - maintrack - - <p>This talk is about SUSI.AI - an open source conversational framework developed by FOSSASIA developer community. We will talk about current development of the project including the overview of SUSI’s technology stack and the recent released hardware prototype.</p> - -<p>The motivation behind the project was to create an ecosystem made up of conversational web services, AI technologies, search engines, smart devices and open source communities - together develop a framework as an alternative to dominant players like Alexa, Siri or Google Home. The project is based on the principle of privacy and collaboration. It provides user freedom and enables user to have the complete control over his/her own data.</p> - <p>SUSI is capable of chat and voice interaction and by using APIS to perform actions such as music playback, making to-do lists, setting alarms, streaming podcasts, playing audiobooks, and providing weather, traffic, and other real time information. Additional functionalities can be added as console services using external APIs. It is able to answer questions and depending on the context will ask for additional information in order to perform the desired outcome. The core of the assistant is the SUSI.AI server that holds the "intelligence" and "personality" of SUSI.</p> - -<p>The application already comes with clients for all major platforms and services including mobile phones (iOS, Android), web clients and plugins for chat services like Slack, Gitter, Skype and many more.</p> - - Hong Phuc Dang - - - https://github.com/fossasia/susi_server - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:50 - H.2215 (Ferrer) - ceph_data_services - AMENDMENT Data services in a hybrid cloud world with Ceph - Making data as portable as your stateless microservices - Storage - maintrack - - <p><em>PLEASE NOTE: Sage was delayed travelling and this talk has been rearranged from 13.00 on Saturday.</em></p> - -<p>IT organizations of the future (and present) are faced with managing infrastructure that spans multiple private data centers and multiple public clouds. Emerging tools and operational patterns like kubernetes and microservices are easing the process of deploying applications across multiple environments, but the achilles heel of such efforts remains that most applications require large quantities of state, either in databases, object stores, or file systems. Unlike stateless microservices, state is hard to move.</p> - -<p>Ceph is known for providing scale-out file, block, and object storage within a single data center, but it also includes a robust set of multi-cluster federation capabilities. This talk will cover how Ceph's underlying multi-site capabilities complement and enable true portability across cloud footprints--public and private--and how viewing Ceph from a multi-cloud perspective has fundamentally shifted our data services roadmap, especially for Ceph object storage.</p> - - - Sage Weil - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:15 - H.2215 (Ferrer) - kornshell - Squeezing Water from Stone - KornShell in 2019 - - Lightning Talks - lightningtalk - - <p>This talk is going to be:</p> - -<ul> -<li>Short update about state of ksh93</li> -<li>Why it's so challenging to maintain it</li> -<li>Steps current upstream maintainers have taken to revive it</li> -</ul> - - -<p>And call for developers who like to work on crazy problems.</p> - - - Siteshwar Vashisht - - - GitHub link for ksh93 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:20 - 00:15 - H.2215 (Ferrer) - environment_modules - Environment Modules - Provides dynamic modification of a user's environment - Lightning Talks - lightningtalk - - <p>Typically users initialize their shell environment when they log in a system by setting environment information for every application they will reference during the session. The Modules project, also referred as <em>Environment Modules</em>, provides a shell command named <code>module</code> that simplifies shell initialization and lets users dynamically and atomically modify their environment during the session with configuration files called modulefiles.</p> - -<p>This talk will explain the root concept behind the module command then describe how it could be useful whether as a system administrator you have to provide access to a large software catalog or as an end-user you need to juggle with different workloads combining software elements. Current development trends to further improve the modulefile standard and the module command capabilities will then be shared with the audience.</p> - - - Xavier Delaruelle - - - Modules website - Modules source repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:40 - 00:15 - H.2215 (Ferrer) - console_services - Console oriented services: wttr.in, cheat.sh, rate.sx - - Lightning Talks - lightningtalk - - <p>The talk is devoted to console oriented services, like: wttr.in, cheat.sh, rate.sx. -Which popular console oriented services exist currently and how can they be used in everyday life; -what advantages and disadvantages do they have; how services like that could be created.</p> - <p>I've created several console oriented services, -that you are probaly aware of, if you are a vivid -console user.</p> - -<p>If you've never heard about them, you can try to do -the following in your terminal, just to get the first impression:</p> - -<p>```</p> - -<pre><code>$ curl wttr.in/Karlsruhe -$ curl rate.sx/btc -$ curl cheat.sh/lua/:learn -</code></pre> - -<p>```</p> - -<p>As we will see, in many cases services creaated using this approach -has many advantages comparing to browser-orineted services: -* speed; -* portability; -* small footprint and ubiquituous of the client; -* good possibility of integration; -* consciosness; -* anonimity; -* etc.</p> - -<p>In the talk I will demostrate several popular -console oriented services, that I've created, and tell: -* how such services could be created, -* what tasks could be and should be solved by means of them; -* what advantages (and disatvantages) do they have; -* what changes in curl we are currently doing, to make such services -even easier to use, and even more universal and pervasive.</p> - -<p>The talk will be accompanied with many technical examples -and useful practical tips and tricks such as:</p> - -<ul> -<li><p>how to make weather forecast using nothing else but curl;</p></li> -<li><p>how to bring any text from you console one your smartphone - using nothing else but curl;</p></li> -<li><p>how to find an answer to (almost) any programming question - not leaving your editor;</p></li> -</ul> - - -<p>and many other like that.</p> - -<p>I would be happy to share my ideas with you, discuss them -and get some feedback from you during this discussion.</p> - - Igor Chubin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:15 - H.2215 (Ferrer) - nuspell - Nuspell: the new spell checker - FOSS spell checker implemented in C++14 with aid of Mozilla - Lightning Talks - lightningtalk - - <p>Nuspell is a FOSS checker that is written in pure C++14. It extensively supports character encodings, locales, compounding, affixing and complex morphology. Existing spell checking in web browsers, office suits, IDEs and other text editors can use this as a drop-in replacement. Nuspell supports 90 languages, suggestions and personal dictionaries.</p> - <p>In this talk we will highlight the functionality of Nuspell and provide easy to follow examples on how to use it as a command-line tool or link to the C++ library. The audience will be invited to integrate this new spell checker into their software, create new language bindings or port it to other operating systems.</p> - - Sander van Geloven - - - Nuspell's Homepage - Nuspell at Github - Nuspell at Mastodon - Nuspell at Twitter - Nuspell at Facebook - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:15 - H.2215 (Ferrer) - nim_metaprogramming - Metaprogramming with Nim - - Lightning Talks - lightningtalk - - <p>Over the years I've visited languages on all levels of abstraction and paradigms, both through my studies but also in a professional capacity. One of the languages that have caught my eye is Nim, which ticks a lot of boxes for me, and leaves me wanting it's features in many other languages. Of the many interesting features in the language one of the most mentioned is the metaprogramming capabilities. This talk will briefly introduce Nim for those unfamiliar with the language, before diving right into the possibilities metaprogramming offer, with interesting real-world examples of its utility.</p> - - - Peter Munch-Ellingsen - - - Talkers website - Official Nim website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:15 - H.2215 (Ferrer) - open_food - Open Food Network - open source for worldwide food systems - Lightning Talks - lightningtalk - - <p>Open Food Network is a worldwide collaborative network of projects that want to change local food systems and boost short distribution circuits by means of open source software and democratic governance. It forms a global community with projects based in Belgium, Australia, UK, France, Canada, USA, Spain and Portugal, and which is still growing.</p> - -<p>A single global team develops an online marketplace for local food enabling independent online food stores connect farmers and food hubs with individuals. It gives them an easier and fairer way to distribute their food. This boosts short distribution circuits which positively impact local communities.</p> - -<p>Each of the local projects offer the software as Saas to their local communities who participate on the governance of the platform taking part on the decision making.</p> - -<p>The project is sustained by the funds contributed by all the local projects that are communalized. This makes it possible to afford the development of such ambitious project, which would be impossible by each of the local communities while still allowing new local projects to join.</p> - -<p>This talk aims to share Open Food Network's challenges around its governance and internal organization. How it successfully manages to coordinate the efforts of people scattered throughout the world while involving local communities on its design. We also touch on the tech challenges around the tech stack and infrastructure and how we envision it in the future.</p> - - - Pau Pérez - - - global Open Food Network website - Community forum - Open source repo - An older presentation about the project and its potential - Facebook account - Video of our last global gathering - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:15 - H.2215 (Ferrer) - openscore_sheet_music - OpenScore - Open-sourcing sheet music - Lightning Talks - lightningtalk - - <p>OpenScore is a crowdsourced initiative to transcribe the world's public domain sheet music into an open source, digital format. This brings music notation into the 21st Century, enabling its convenient use on devices such as phones, tablets and computers. OpenScore extends the principles of open source to apply not only to software, but also to the content produced by the software, thereby opening up a new avenue of funding for open source software development.</p> - <p>OpenScore was announced to the world exactly 2 years ago at <a href="https://archive.fosdem.org/2017/schedule/event/openscore/">FOSDEM 2017</a>. Since then we ran a successful Kickstarter campaign to digitize famous classical works, and transcribed over 250 19th Century Lieder as part of OpenScore Lieder Corpus. We return to FOSDEM now to update you with our progress so far, share details about some of the key challenges and hurdles faced along the way, and look ahead to the bright future of open source sheet music.</p> - -<p>OpenScore was created as a collaboration between MuseScore, the leading open-source music notation program, and IMSLP, the largest online archive of public domain music. The IMSLP archive contains scanned copies of public domain scores by Mozart, Beethoven and other classical composers in “binary” PDF format, which allows musicians to read them, but not edit or listen to them. OpenScore unlocks the scores’ true potential by making the actual musical “source code” available in MuseScore’s text-based format, which enables listening, editing, and easy conversion to MusicXML, MIDI, PDF as well as image, audio and video formats.</p> - -<p>Text-based scores offer improved accessibility over PDFs, and are easily parseable by software tools to allow searching, indexing, data mining, and analysis for research purposes.</p> - -<p>All OpenScore transcriptions of public domain works are released under Creative Commons Zero (CC0), ensuring they remain in the public domain where they belong.</p> - -<p>OpenScore partners: MuseScore, IMSLP, RNIB, Nicholas Rougeux (c82)</p> - - Peter Jonas - - - OpenScore website - OpenScore collection - OpenScore Lieder Corpus - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:20 - 00:15 - H.2215 (Ferrer) - 0ad_rts - 0 A.D., a libre real-time strategy game - "History is yours for the taking!" - Lightning Talks - lightningtalk - - <p>0 A.D. is a free and open-source game of ancient warfare. It is a real-time strategy game which can compete with the classics of the industry, but comes with absolutely no cost for the players. Come and discover your new favorite game!</p> - <p>We will present the game, its features and beautiful art, and its completion state: the game is fully playable, with a challenging AI for solo players and a fully-fledged multiplayer experience. It is an ideal playing field for hackers of all kinds, who can contribute to its development, create game mods, or use it for a completely different purpose. We will share our plans for the future and talk about how we got here, from the first idea of 0 A.D. to our latest release, available on all the desktop platforms.</p> - -<p>From 500 B.C to "0 A.D.", History is yours for the taking! Play with thirteen civilizations from the Mediterranean world and build your military base from the bottom up to achieve supremacy on the map. Team up with friends, crush your enemies, and enjoy living History as you make it yours.</p> - -<p>You can also participate to this wonderful adventure by bringing your skills and dedication to the project!</p> - - Nicolas Auvray - - - Website - Download Page - Facebook - Twitter - Community Forums - Wiki and bugtracker - Getting started with contributions - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:40 - 00:15 - H.2215 (Ferrer) - debian_java - Debian Java: Insights and challenges - learn more about the daily work to package Java software for Debian - Lightning Talks - lightningtalk - - <p>The talk gives insights into the state of Java in Debian and what challenges contributors face when we package Java software for the Debian GNU/Linux distribution. Participants will learn more about how the Java ecosystem is integrated into Debian, what problems have to be solved and how Java software can be truly free and long-term supported. It is brought to you by a Debian Developer and Debian Java team member.</p> - <p>Many applications and libraries distributed by Debian are written in the Java programming language. In fact based on simply counting source code lines, it is ranked in third place only after C and C++. The Java team alone maintains more than one thousand source packages ranging from web servers to IDEs. Packaging Java software can be difficult at times because all packages must be built from source but no internet connections are allowed at build time. None of the packages in the main archive area may require software outside of that area to function thus we have to package every dependency and make sure it complies with the Debian Free Software Guidelines. This is often completely diametral how Java developers usually build software (versioned dependencies downloaded from online repositories like Maven Central). And if you know that Debian prefers to ship only one software version because of security support but different applications tend to depend on different versions at the same time and we also strive for one long-term supported Java Virtual Machine, the possible problems are easily imaginable. Last but not least Java development has become rapider in the past with new OpenJDK versions and bugs every six months. How this all works or not will be told during the next 15 minutes.</p> - - Markus Koschany - - - Debian GNU/Linux - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:15 - H.2215 (Ferrer) - library_generation - Automating Client Library Generation - How and Why - Lightning Talks - lightningtalk - - <p>How good are you at keeping your multiple client libraries up to date?</p> - <p>Keeping client libraries in multiple languages up to date can be a trying task. Learn how Kaltura does it, and how you can use the same principles - as well as our open source project - to implement the same system into your application.</p> - - Avital Tzubeli - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:20 - 00:15 - H.2215 (Ferrer) - dbus_asio - Introducing DBus-ASIO - How and why we built a new D-Bus library from the ground up - Lightning Talks - lightningtalk - - <p>Modern software needs inter-process communication. Often through DBus. But the state of the existing libraries are more perfunctory, than active. Consequently, the limits of these libraries become apparent when you go beyond a single thread, are limited to standard libraries, or use anything other than a classical event loop. In this talk we cover the journey, from the realisation of the problem, the guiding development tenets, to the implementation of a library that covers everything from the low-level protocol and high-level C++ interface.</p> - <p>We start with a breakdown on the whys and wherefores of the choices made, be it C++11 or C++14, to fork or not to fork existing code, or whether boost::asio should be used.</p> - -<p>We continue with a discussion on the implementation details, such as the pitfalls in serial protocols, zero-length strings, non-aligned data, and the problems in C++ over C.</p> - -<p>We end up with production-quality code, the politics of naming, and a question: will this be the final DBus library we need to write?</p> - -<p>Background: D-Bus is an inter-process mechanism that allows communication between multiple programs running on the same machine. Asio is a cross-platform C++ library for network and low-level I/O programming. This talk covers how and why the former was implemented using the latter.</p> - - Steven Goodwin - - - DBus-ASIO - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:15 - H.2215 (Ferrer) - neuropil_iot - Neuropil - Secure Interaction for Things - Elevating Security for IoT with the First Decentralized Opensource Solution - Lightning Talks - lightningtalk - - <p>CHALLENGE -The exchange of data between applications continually raises concerns as to the authorization and dynamic network of devices.<br/> -In particular, within the realm of IoT, some messaging paradigms are used which from a security perspective offer little to no value. -Closed systems arise, yet the future data value remains unclear. Additional project and integrations costs are a direct result of delays in connections. -Data quality, data transparency, and data sovereignty of users, companies, and organizations suffer as a result of this.</p> - -<p>SOLUTION -What is Neuropil? We all have it in us: The fibrous network of tissue which forms the gray matter in our brain. Neuropil facilitates the networking between individual cells. It is in this manner that -the Neuropil layer, an open source solution, assures the stable communication between machines and applications. What makes it so unique is that the secure exchange of data between the IoT devices and applications is dynamic, decentralized, and fully automated.</p> - -<p>The Neuropil® layer, therefore, ensures data quality, data transparency, and data sovereignty all the while reducing IT costs, maximizing availability, and increasing reliability. -A secure IoT is a crucial prerequisite for secure collaboration and competitive businesses.</p> - -<p>The Neuropil® layer provides: -- Automatic discovery of data channels across enterprises -- Attribute based access control to authorize data exchange -- Asymmetric end-to-end encryption between the participating systems -- Protection of IoT devices regarding excessive payloads -- High scalability without central infrastructure -- Centralized governance, but decentralized messaging</p> - <p>The neuropil messaging layer combines several proven IT concepts, but rearranges them to accomplish a secure interaction of things. The combination is a mixture of MQTT, VPN and DNS, with a strong focus on privacy (meta-data obfuscation) and security (double encryption).</p> - -<p>Unlike other pure messaging systems we have designed our solution without additional components. Each system or application, which uses the neuropil messaging layer becomes part of an overlay network.</p> - -<p>Most encryption solutions are designed to protect two communicating parties using a direct connection. The neuropil messaging layer accounts for intermediate hops within the (overlay) network. It defines a routing and discovery protocol to automatically exchange required security credentials or other information.</p> - -<p>Due to this approach it is possible to address fingerprints of identities (belonging to a system, person or device), without prior exchange of IP addresses or certificates. This eases the setup and build-time to a minimum and reduces the time to market of IoT solutions.</p> - -<p>What makes it so unique is that the SECURE exchange of data between the IoT devices and applications is DYNAMIC, DECENTRALIZED, and FULLY AUTOMATED. Furthermore, it is highly SCALABLE without needing a central infrastructure.</p> - -<p>DYNAMIC: We have a strong focus on attribute-based authorization supported by digital identities for devices, applications and users alike. Compared to other systems this allows neuropil® messaging layer to establish highly secure connections that are dynamic and can, therefore, be changed at any time.</p> - -<p>DECENTRALIZED: Moreover, traditional messaging systems cover the horizontal value chain within a single enterprise and its internal connections. Neuropil® messaging layer on the other hand can work throughout different organisations and systems (vertical), greatly reducing legislative burdens. As an example it enforces technical SLAs (i.e. the number of messages a second party may send into your IT infrastructure) and follows a decentralized, distributed network setup (please see attachment for visualization), which eliminates single points of attack.</p> - -<p>Combining a dynamic and decentralized system allows neuropil® messaging layer to cut down project costs. This includes development and collaboration transaction costs, while new B2B connectivity can be setup within several days rather than several months.</p> - - Stephan Schwichtenberg - - - Documentation & repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:15 - H.2215 (Ferrer) - theo_keys_manager - AMENDMENT Theo: The Authorized Keys Manager - How to manage easily and securely ssh accesses to your servers - Lightning Talks - lightningtalk - - <p>In this talk I will explain why and how we decided to write <em>Theo</em> and how <em>Theo</em> will help you to secure your servers' accesses.</p> - -<p>Please note that this talk was originally scheduled to be given on Saturday at 18:40. The talk originally in this slot, The brief case for User-space Network Stacks (DPDK and friends) by Ray Kinsella will now take place on Saturday at 18:40.</p> - <p><em>Theo</em> is a 3 components software (a server, an agent and an administrative CLI) that you can use to replace - or to put aside - of all the <code>$HOME/.ssh/authorized_keys</code> in your organisation.</p> - -<p>Managing access to your servers could be a time-wasting and error-prone task, even in small organisations: you need to add the public keys of new team member, clean up them when a member leaves, update them when people generate new ones.</p> - -<p>With <em>Theo</em> you'll be able to control all accounts' public keys and configure which servers and which OS users they can access.</p> - -<p>If you want to take part of the live demo, please send your public key to fosdem19@authkeys.io</p> - - Michele Azzolari - - - Github Theo's project - Theo presentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:15 - H.2215 (Ferrer) - trex_generator - TRex - TRex open source traffic generator - Lightning Talks - lightningtalk - - <p>TRex is an open source, low cost, stateful and stateless traffic generator fuelled by DPDK. Used by Open source projects like DPDK, OPNFV, DPDK-OVS, fd.io VPP for benchmark SDN/VNF solutions in very high scale.</p> - <p>TRex is an open source, low cost, stateful and stateless traffic generator fuelled by DPDK. It generates L4-7 traffic based on pre-processing and smart replay of real traffic templates . TRex amplifies both client and server side traffic and can scale up to 200Gb/sec with one UCS. TRex Stateless functionality includes support for multiple streams, the ability to change any packet field and provides per stream statistics, latency and jitter. -Advanced Stateful functionality includes support for emulating L7 traffic with fully-featured scalable TCP layer. -The main objective is to meet with TRex active community and discuss next features with potential developers/users.</p> - - Hanoch Haim - - - Video recording (WebM/VP9) - Video recording (mp4) - github - doc - Submit feedback - - - - 14:40 - 00:15 - H.2215 (Ferrer) - nextgen_internet - Next Generation Internet initiative - Year Zero - Come work for the internet on privacy, trust, search & discovery - Lightning Talks - lightningtalk - - <p>Last year during a FOSDEM keynote Michiel Leenaars, director of strategy at NLnet foundation, introduced the Next Generation Internet initiative together with member of the European parliament Marietje Schaake. NGI aims to be the first concerted effort to put significant public funding to hands-on work to really fix the internet. Meanwhile, the project is on its way. On December 1st 2018, the first open calls opened with funding for independent researchers and developers working on free and open source projects in the area of <em>privacy</em> and <em>trust</em> enhancing technologies and on <em>search</em>, <em>discovery</em> and <em>discoverability</em>. In this talk Leenaars, project lead of NGI Zero that is currently offering 11.2 million euro in grants, will tell everything you need to know about the various open calls that you can apply for. With grants ranging from 5.000 euro to 50.000 euro available for research, development and engineering effort NGI Zero aims to lead the push toward the post-Snowden internet we want.</p> - <p>From the humble four nodes of the ARPANET that were bootstrapped half a century ago this year, until today, the internet has grown at a breathtaking pace. But while the technology has gradually penetrated every aspect of our lives, it has become clear that not all is well and at least some part of its growth has spiraled out of control. In fact, web inventor Tim Berners-Lee has recently called the current state of his creation (and by extension the larger internet) "dystopian".</p> - -<p>The internet of especially the last fifteen years has brought about undesirable concentration of power ("winner takes all"), and while it has given us many good things has also caused loss of human agency in many other realms. Internet has given the world totalitarianism the likes of which it has never seen, has enabled political manipulation at unprecedented scale affection the lives of hundreds of millions of people. Internet has eroded the private sphere to the point where it has been declared dead, and the mantra of 'big data' and business analytics frame the discussion we should be having. Due to its open global nature and the wholly new types of economic dominance neither internet users nor governments both have an adequate answer against dominant super-actors. How dow we stop large scale abuse of power. Have the web and the internet become "anti-human" as Berners-Lee posits? And what can we do about it?</p> - -<p>The internet is not going to fix itself. Many of the more promising efforts in this realm have been 'bottom up' efforts from individuals or small teams, but these isolated efforts certainly have missed critical mass to actually scale up and change the mainstream internet and the commercial landscape where powerful actors are fully vested in the current course. The Next Generation Internet initiative aims to bring those efforts together, strengthen and unite them and turn them into something that can be deployed across the whole internet. Let there be no doubt about it: fixing the internet is an insane 'moonshot++' effort: the internet is the largest technical structure man has ever made, and the task at hand is to vastly improve its very operating fabric with > 3 billion people using it on a daily basis.</p> - -<p>And yet we have to: fixing the internet is essential to safeguard our economy and create a more resilient and robust infrastructure. And even more importantly we also depend on it to upholding our way of life. How the internet, the web and the mobile ecosystems work directly impacts our human values. Crafting a better internet is essential for maintaining basic human rights such as privacy for the near-future Europe.</p> - -<p>Surely, a larger political agenda of Europe should be an integral part of the approach - in some cases regulating the most predatory behaviour from bad actors might be the only thing left to put the genie back in the bottle and to restore health back to the internet. However, it is also clear that a significant part of the solution lies in the hands of technologists. NGI Zero is probably the first funding programme of its scale that is entirely based on the principles of free/libre, open source software. We need smart and resourceful people that come and work for the internet. Could this be you? In this talk Michiel Leenaars will explain how the funding works, and how NGI Zero deals with important issues like localisation, accessibility, security, packaging, documentation, responsible disclosure and more. Come and work for the internet too!</p> - - Michiel Leenaars - - - NGI Zero Discovery - NGI Zero PET - Main site NGI Initiative - Keynote Michiel Leenaars FOSDEM 2018 - Website European Commission - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:15 - H.2215 (Ferrer) - owncloud_2fa - Add enterprise 2FA to your ownCloud in 15 minutes - - Lightning Talks - lightningtalk - - <p>You are running an ownCloud or Nextcloud installation and are sick of lazy users choosen week passwords? -You want to add two factor authentication to secure the login at ownCloud. But users refuse to enroll the internal TOTP app? -In this talk we will show you how to protect the ownCloud login with a 2nd factor, that is centrally managed and forces the user to login in a secure way.</p> - <p>privacyIDEA is a central two factor authentication system, where administrators can manage the 2nd factors of the users. -You can run privacyIDEA in your network and connect several applications to privacyIDEA for authentication. -This way users only need to have one 2nd factor for all applications and services.</p> - -<p>In this talk we will start with a standard ownCloud setup with simple password authentication. We will install a privacyIDEA machine and configure ownCloud to authenticate against privacyIDEA. -We will enroll tokens like a Smartphone Authenticator, an OTP Keyfob token and a Yubikey to users and use these 2nd factors to login to ownCloud.</p> - -<p>privacyIDEA and all necessary components are open source and available via github.</p> - - Cornelius Kölbel - - - privacyIDEA Project - privacyIDEA at Github - privacyIDEA ownCloud App - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:20 - 00:15 - H.2215 (Ferrer) - lemonldap - LemonLDAP::NG 2.0 - - Lightning Talks - lightningtalk - - <p>LemonLDAP::NG is a free WebSSO software, implementing CAS, SAML and OpenID Connect protocols</p> - <p>The 2.0 version is a major step in LemonLDAP::NG history. It brings brand new features as second factor authentication, SSO as a Service, devops Handler, etc. This talk will present how the software works, and the main new features.</p> - - Clément Oudot - - - LemonLDAP::NG - Screenshots - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:15 - H.2215 (Ferrer) - monica_crm - Monica, a personal CRM - Remember everything about your friends and family - Lightning Talks - lightningtalk - - <p>Monica is a personal relationship manager to remember everything you want about your friends</p> - <p>Monica is an open-source web application to organize the interactions with your loved ones. -We call it a PRM, or Personal Relationship Management. Think of it as a CRM (a popular tool used by sales teams in the corporate world) for your friends or family.</p> - -<p>It helps you remember details about your friends and family. You can add calls, conversations, activities, gifts, debts, tasks, or even notes. You can also create reminders to get some notification at a regular frequency. You can log life events that happened to your contact's life. -You can also use a personnal diary to log some events of your day. -And a lot of other features to come...</p> - - Alexis Saettler - - - Monica official website - Monica sources - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:15 - H.2215 (Ferrer) - behind_snapcraft - Good Will Snapping - ~10 benefits of publishing your application in the Snap Store - Lightning Talks - lightningtalk - - <p>Thousands of users, millions of downloads, dozens of distributions. Numbers going up and down and sideways. A look behind the scenes of Snapcraft, the highly popular universal app store for Linux.</p> - <p>Canonical developed snaps and snapcraft to enable developers to get their freshest software in the hands of users quickly. -Think of snaps on Linux as similar to APKs on Android. -Applications published in the Snap Store are easier for users to discover and install. -Users love new and interesting software, and appreciate getting the latest features and bug fixes.</p> - -<p>In this lightning talk Alan will some features unique to the Snap Store, which give developers more control over delivery of their software updates.</p> - - Alan Pope - - - Snap Store - Free Build Service - Developer Forum - Documentation - Youtube Channel - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:20 - 00:15 - H.2215 (Ferrer) - lava_federated_testing - LAVA federated testing - Testing with and by the community - Lightning Talks - lightningtalk - - <p>LAVA is an automated validation architecture primarily aimed at testing deployments of systems based around the Linux kernel on ARM devices, specifically ARMv7 and later. -LAVA is becoming the de facto standard to test software (bootloader, kernel, userspace) on development boards (rpi, juno, beagle, ...). It's used by many projects to build large testing systems like kernelci.</p> - -<p>LAVA is at the same time supporting a wide range of devices and maintained by a small team of people. Which mean that maintainers do not have access to most device types that LAVA is supported.</p> - -<p>In this lightning talk, I will present LAVA Federation, a project aiming at testing the LAVA software on community owned hardware. -The tests will be spread across many labs, owned by the community members with a variety of community hardware.</p> - - - Rémi Duraffort - - - Lava federation - Lava software - Lava instance - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:15 - H.2215 (Ferrer) - fosdem_infrastructure - FOSDEM infrastructure review - - Lightning Talks - lightningtalk - - <p>Informational and fun.</p> - - - Richard Hartmann - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - - - 09:00 - 00:40 - H.1302 (Depage) - cancelled_best_practices_for_building_scalable_blockchain_applications - CANCELLED Best Practices for Building Scalable Blockchain Applications - - Blockchain and Crypto Currencies - devroom - - <p>Please note that this talk has been cancelled as the speaker is no longer able to attend FOSDEM.</p> - -<p>Being a new domain, there are very few Blockchain technology resources to learn the best practices for building applications that perform well at scale. Over the past 2 years, we have designed and built multiple Blockchain applications and proof of concepts for fortune 500 companies. In this process, we have made many rookie mistakes and the experience has helped us to create a record of best practices in designing and building Blockchain applications. This knowledge has also enabled us to design Blockchain elective courses for Universities which we share with them freely so that students can learn from it.</p> - -<p>In this talk, I will share our Blockchain application development best practices as well as demonstrate (with code) how to leverage them with different Blockchain platforms like Ethereum, Hyperledger and R3 Corda. By the end of the talk, you should have a clear idea on what techniques have delivered good results and things that should be avoided when you plan on building a Blockchain application.</p> - - - Girish Nuli - - - Submit feedback - - - - 09:40 - 00:40 - H.1302 (Depage) - ledger_identity - Distributed ledgers finally brought me a usable digital identity! - - Blockchain and Crypto Currencies - devroom - - <p>Our technological society wants digital identities, but previous attempts undermine the user's right to control their personal information. With the advent of distributed ledgers, it is finally possible to have a digital identity that preserves the best aspects of our offline systems of identification, while also providing significant improvements. This talk will describe the challenges in creating a digital identity, and how the Sovrin network's deployment of Hyperledger Indy overcomes those challenges using open source technologies to implement verifiable credentials. The solution involves more than fancy code, and demonstrates the importance of considering the environment where a technology will function.</p> - - - Richard Esplin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:20 - 00:30 - H.1302 (Depage) - etherlime - Etherlime: open source blockchain development tool - An open source tool for Ethereum developers - Blockchain and Crypto Currencies - devroom - - <p>With Etherlime we aim to solve issues in the deployment of smart contracts and to allow developers to write their own scripts. This way they are not constrained to just the deployment transactions but also they can use the newly deployed contracts right away as part of the initialization sequence.</p> - -<p>In September 2018 our project received funding from Ethereum foundation, Ethereum community fund and ETHPrize.</p> - <p>Etherlime is an Ethereum development and deployment framework based on ethers.js created by our team in LimeChain. The framework was born out of necessity, hardships, and trouble in the development and deployment of ethereum smart contract. We are trying to ease the pain of deployment, compilation and unit testing and add much-needed stability to the process. In our mind ethers.js is a much more stable alternative than web3.js for the moment, and this is one of the main reasons why we created it.</p> - - Ognyan Chikov - - - Etherlime Github - Medium article about Etherlime - Youtube video about Etherlime - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:50 - 00:30 - H.1302 (Depage) - tezos - An overview of Tezos focusing on On-Chain Governance - A new develoment paradigm for the blockchain - Blockchain and Crypto Currencies - devroom - - <p>Governance is a big topic in the blockchain world. Deciding on the evolution of the protocol, -even changing a constant can fracture the community. Hard forks are not uncommon with often -negative consequences. Tezos, an emerging blockchain, has been designed from the ground up -with the idea of on-chain Governance, where changes are decided by the community on the Tezos -blockchain using an open and democratic process.</p> - <p>In particular in the context of FOSDEM, this talk will focus on the benefits that this type -of governance can offer to the developer community in terms of visibility, rewards and potential -for open collaboration.</p> - -<p>I'll provide background on the topic, an overview of Tezos and its current protocol in relation -to voting and governance, and close the talk with a few ideas about the future.</p> - - Pietro Abate - - - tezos code - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:20 - H.1302 (Depage) - hey - Hey, A Blockchain-Based Social Network - Leveraging Ethereum Sidechains Towards Scalability - Blockchain and Crypto Currencies - devroom - - <p>At Hey, we're building a new breed of social network based on the Blockchain. As most main Blockchains present scalability issues (e.g. Etherem scales at 20 transactions/s), we have decided to run our decentralised application on a so-called sidechain, which is an offspring of the Ethereum mainchain and which enables us to scale to the throughput required to support the rich interactions happening within a social network. Come and discover the specific architectural peculiarities that it takes to run a decentralised application on a sidechain.</p> - <p>We will be discussing the following elements about building an on-chain social network: -- Scalability (volume and throughput) -- UX vs Security in fostering users adoption -- Loom, an L2 scaling solution on which Hey's sidechain is running -- Deep-dive on Hey's architectural peculiarities -- How to move assets from a sidechain to the Ethereum mainchain</p> - - Thomas Vanderstraeten - - - Main website - Manifesto - GitHub repository - Block explorer - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:30 - H.1302 (Depage) - nimbus - How to build your own Ethereum client - The development story of Nimbus - Blockchain and Crypto Currencies - devroom - - <p>Early 2018, Nimbus was born - an exciting experimental lightweight client and research project for Serenity - the next major upgrade to Ethereum - and resource-constrained devices, such as mobiles.</p> - -<p>In this talk, we'll go over the anatomy of an Ethereum client - the cryptography, the peer-to-peer networking, the virtual machine, the latest research - as well as the language we're working in, Nim.</p> - <p>Nimbus, a research project started by Status.im, is a client for the Ethereum blockchain. Its focus lies on Serenity, the next major update to the network, and resource-restricted devices, and is done in collaboration with the Ethereum Foundation.</p> - -<p>Having developed everything from scratch in a new language, we'd like to share our journey through the early stages of development, talk about current research in the space and future plans for the client. In the talk, we will cover topics such as:</p> - -<ul> -<li>Cryptography</li> -<li>Peer-to-peer networking</li> -<li>Virtual machines</li> -<li>Proof-of-stake implementation in Ethereum</li> -<li>Sharding and beacon chains</li> -<li>Nim, the programming language we're building the client in</li> -</ul> - - - Jacek Sieka - - - Github repository - Project introduction - First talk given on the subject (a lot has changed since then) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:10 - 00:15 - H.1302 (Depage) - opengreffe - OpenGreffe - Decentralised company register for decentralised companies - Blockchain and Crypto Currencies - devroom - - <p>A company register is a centrepiece of the legal existence of firms in a given country. Usually, these registers are state-controlled.</p> - -<p>Can we conceive a register that is decentralised?</p> - -<p>We will present OpenGreffe, an Ethereum-based register based on simple legal foundations of the French Code Civil.</p> - <h1>What is OpenGreffe?</h1> - -<p>It's a public blockchain-based registry of firms, in the sense of "société de fait" of the Art. 1832 of the French Code Civil.</p> - -<p>This registry open but is maintained by selected agents, based on reputation. To kickstart reputation: we can base it on existing real-world business reputation.</p> - -<p>Each entry in the registry is consisting of:</p> - -<ul> -<li>a company identification (name, associates, capital)</li> -<li>an Ethereum address owned by the associates</li> -<li>a stamp of approval by a registry maintainer</li> -<li>a date.</li> -</ul> - - -<p><strong>The goal</strong>: make it possible for anyone to register a company and build reputation for it in the Ethereum world, so as to raise funding, loans, use insurance, etc.</p> - -<h1>Lifecycle of a registration</h1> - -<ol> -<li>Some founders agree on starting the business.</li> -<li>They share an Ethereum address on a multi-sig wallet.</li> -<li>They go see some 2+ existing registry maintainers (like Legalstart plus another lawyer company), and ask them to perform KYC/KYB to verify that capital is well shared and that they indeed aim to work together on some projects.</li> -<li>The registry maintainers commit the change to the OpenGreffe database.</li> -<li>The founders can start building their Ethereum-based business, using the Ethereum address that has been written in the registry.</li> -<li>After some months/years, for example some external auditors (like Euler-Hermes, an insurance company) can start scoring the new company for their credit defaults and account payables. Good news: they give an AAA rating, because the founders did well!</li> -<li>After some more time, when the founders want to raise a loan, they can claim being proper on their credit payments thanks to external auditors!</li> -</ol> - - -<p>All of this, without the use of any state institution!</p> - -<p>Notes:</p> - -<ul> -<li>step 6 is possible thanks to OpenGreffe only. Indeed, without the registry, good account payables behavior on a given Ethereum address couldn't be linked to a company identification.</li> -</ul> - - -<p>Question TBD: why do we need anything other than an Ethereum address? Why identify associates and a company name...?</p> - - Alex Hajjar - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - H.1302 (Depage) - hwallet - HWallet: The simplest Bitcoin hardware wallet - - Blockchain and Crypto Currencies - devroom - - <p>All major cryptocurrency hardware wallets on the market either use general purpose microcontrollers that are never meant to be used as secure devices or break the Kerckhoffs's principle by using chips that require an NDA, thus making it impossible to completely release the source code. HWallet (https://gitlab.com/nemanjan/hwallet) is a project developed as a proof of concept to show that it is possible to have a very secure microcontroller, signing Bitcoin transactions in hardware and still be completely open source. The code is released under GPLv3 and is meant to serve as the basis for some future devices or projects aiming to connect the real world to blockchain. This talk will give a brief introduction to the project and describe ways for it's customization.</p> - - - Nemanja Nikodijevic - - - https://gitlab.com/nemanjan/hwallet - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:20 - H.1302 (Depage) - p4_private_periodic_payments_protocol - P4: Private Periodic Payments Protocol - - Blockchain and Crypto Currencies - devroom - - <p>P4 aims to solve the problem of subscription services offering end-to-end private cryptocurrency payments. This protocol introduces periodicity to cryptocurrency payments through an ongoing relationship between the merchant and the customer without unintentionally disclosing personally identifiable information. We are creating this protocol to allow us to offer a truely end-to-end private subscription data storage solution built with Tahoe-LAFS. By sharing it, we hope that other subscription services will implement our protocol and further the adoption of cryptocurrency payments in real world retail use cases.</p> - -<p>Although this protocol is currently a work in progress, we have already specified some design decisions. For periodicity, we are avoiding a payment pre-authorization design to keep the user in control of their keys. And for privacy we are utilizing Zcash shielded transactions and the coming improvements in the Sapling release.This protocol is being created by the Least Authority team with support from the Zcash team.</p> - - - Liz Steininger - - - P4 implementation work on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:50 - 00:30 - H.1302 (Depage) - protecting_secrets_with_hardware - Protecting Secrets with Hardware - Secure elements, hardware wallets, and device support for cryptocurrencies - Blockchain and Crypto Currencies - devroom - - <p>Using special purpose hardware devices to protect secrets is a staple of cryptocurrency enthusiasts. We share the lessons learned of creating secure hardware wallets and insecure conference badges at Monero Hardware.</p> - <p>In this half hour presentation, we work backwards disassembling parts of a series of hardware security devices capable of participating in blockchain networks.</p> - -<p>We consider devices like the Signet, Nitrokey, SC4-HSM, Trezor, and the Monero Hardware Wallet. In our high level comparison we identify common hardware components and common strategies to defeat MITM and other forge attempts at network edges. Shifting gears, we disassemble and put devices under the microscope to study circuits. Explanations are kept at novice level hardware competence to ensure we're all on the same page.</p> - -<p>An interesting angle involves counting the generic blockchain use cases provided by special purpose cryptocurrency wallet hardware, and we conclude by a whirlwind hypothetical workflow illustrating the steps involved in building a new secure hardware device.</p> - - Michael Schloh von Bennewitz - - - The Dedicated Monero Hardware Wallet project - An example secure hardware design - A badge explorer (in contrast to secure hardware) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:20 - H.1302 (Depage) - sustain_in_open_source_with_gitcoin - Sustain in Open Source with Gitcoin - Gitcoin is a decentralized application where you can use various ERC-20 tokens to grow and sustain in Open Source and many other things. - Blockchain and Crypto Currencies - devroom - - <p>Open Source Software and Open Source contributors -provide for a massive percentage of today's softwares and web -and other technical ecosystems. It provides a freedom and global -way of contributing to make things better. However, Open Source -contributions are mostly driven by intrinsic motivations. This often -leads to burn out due to lack of sustainability. -Gitcoin provides a solution to help all the wonderful Open Source -contributors earn by doing what they do best. Gitcoin is a bountying -platform which helps bounty open source issues which now the -contributors can work on and also earn and sustain themselves.</p> - <p>Gitcoin is a platform which incentivizes open source contributions in the form of bounties using blockchains. Gitcoin is built upon the Ethereum network and the solidity of smart contract programming language. Ethereum provides opportunities to align incentives across actors in the ecosystem. By programming rights of stakeholders directly into smart contracts, actors are incentivized to provide value, and edge cases are handled <em>without</em> having to involve legacy legal enforcement mechanisms.</p> - -<ul> -<li>We believe in open standards and fat protocols, and have built Gitcoin with StandardBounties -- an Open, Free, Fair, Bounty Protocol on Ethereum.</li> -<li>We believe that an ICO and tokenization is not the best business model for our dapp. We do not have a token</li> -<li>We believe that blockchain is a game-changer for funding of Open Source. We believe that Open Source Funding and Open Source Jobs will be built on Open Source Money</li> -</ul> - - -<p>The aim of Gitcoin is to make a community for developers to collaborate and monetize their skills while working on Open Source projects through bounties. Gitcoin is a decentralized application built on Ethereum’s blockchain. Gitcoin does not have a native token.</p> - - Saptak Sengupta - - - About Gitcoin - Gitcoin Mission - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:30 - H.1302 (Depage) - the_current_and_future_state_of_ethereum - the current and future state of Ethereum - layer 1 scaling, layer 2 scaling, proof of stake and Serenity (Ethereum 2.0) - Blockchain and Crypto Currencies - devroom - - <p>If accepted, I will begin discussing the current state of infrastructural development in the Ethereum ecosystem. Starting with why we need scaling solutions, then discussing how layer 1 and layer 2 solutions work. I will then discuss the basics behind Casper Proof of Stake and how Serenity (Ethereum 2.0) fits into all of this. Our team is currently implementing a JS beacon chain which is part of the Serenity ecosystem and working on implementing layer 2 solutions, specifically custodial state channels.</p> - <p>When Ethereum was created, the move to Proof of Stake was an inevitability. Layer 2 scaling solutions like state channels have always been a focus of collaborative research. In trying to explain everything Ethereum, I will begin by talking about the basics of blockchain consensus from the first Proof of Work (Nakamoto consensus) blockchain and what the different bottlenecks are with it. To the new blockchains implementing Delegated Proof of Stake, Bonded Proof Stake, and others. The focus will be to identify these bottlenecks and discuss the current research and development being done to solve these problems that have stopped Ethereum and most public blockchains from scaling to the masses. By the end of the talk, it is my intention that you will leave with an understanding of where Ethereum is currently, where Ethereum started, and where Ethereum is going.</p> - - Aidan Hyman - - - personal website - my github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:40 - H.1302 (Depage) - the_dao_of_bisq - The DAO of Bisq - - Blockchain and Crypto Currencies - devroom - - <p>Bisq is a P2P exchange for cryptocurrencies. As part of Bisq’s “decentralize everything!” approach, the organization that develops Bisq is in the process of transforming itself into a DAO.</p> - -<p>Bisq DAO is a second-layer solution on top of Bitcoin blockchain. The Bisq DAO enables, among other things, payment to Bisq contributors, the appointment of roles in the Bisq organization, and the adjustment of parameters in the Bisq trading protocol.</p> - -<p>This talk presents an overview of the technical design of the Bisq DAO, with a focus on the high level blockchain model that enables a construction of a second layer DAOs on top of Bitcoin. The Bisq DAO is already up and running, currently in a testing environment, with a scheduled mainnet deployment set for 2019.</p> - - - Eyal Ron - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:30 - H.1302 (Depage) - substrate - Substrate - An Open-Source Framework for Building Blockchains - Blockchain and Crypto Currencies - devroom - - <p>Substrate is an open-source framework which allows developers to easily create new, customizable blockchains. At its heart, Substrate is a combination of three technologies: WebAssembly, Libp2p and AfG Consensus.</p> - <p>Substrate chains have three distinct features that make them "next-generation": a dynamic, self-defining state-transition function; light-client functionality from day one; and a progressive consensus algorithm with fast block production and adaptive, definite finality. The STF, encoded in WebAssembly, is known as the "runtime". This defines the execute_block function, and can specify everything from the staking algorithm, transaction semantics, logging mechanisms and procedures for replacing any aspect of itself or of the blockchain’s state ("governance"). Because the runtime is entirely dynamic all of these can be switched out or upgraded at any time. A Substrate chain is very much a "living organism".</p> - -<p>Substrate is being developed by Parity Technologies, a company who has build client software for multiple blockchains such as Ethereum, Bitcoin, and the upcoming Polkadot network.</p> - - Shawn Tabrizi - - - Substrate Collectables Workshop - Substrate Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:20 - 00:30 - H.1302 (Depage) - hyperledger_fabric_blockchain_for_the_enterprise - Hyperledger Fabric - Blockchain for the Enterprise - - Blockchain and Crypto Currencies - devroom - - <p>This session will introduce attendees to the Hyperledger Fabric framework, its design principles, its architecture and roadmap, leaving attendees with some practical information on how to get started setting up their own permissioned blockchain network and developing a blockchain application.</p> - <p>Hyperledger Fabric is the most popular Hyperledger framework with over 280 contributors from over 27 different organizations and a growing number of applications in production. It is designed for the Enterprise use case and presents some unique characteristics that differentiate it from all other blockchain frameworks, providing finality, performance, confidentiality, and flexibility.</p> - -<p>This presentation will cover those characteristics, and walk attendees through Fabric's unique architecture, consensus model, and its different components. It will then give insights to Fabric's roadmap, covering the release schedule, the main axis of development, as well as what's in the works for the foreseeable future.</p> - -<p>Finally, attendees will be given practical information on how to get started using Fabric. This includes setting up a first blockchain network and start developing an application. The various options available to developers will be covered both with regard to the SDKs and smart contract languages available.</p> - -<p>This session is designed to give attendees a good understanding of Fabric so that they get started with their own development with confidence.</p> - - Arnaud Le Hors - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:25 - H.1308 (Rolin) - js_love_it - JavaScript: If you love it, set it free - - Javascript - devroom - - <p>The vast majority of JavaScript carries no license or copyright notice at all, often because of concerns about optimizing bandwidth and speed, but also because of a lack of awareness. As JavaScript developers, you are well-positioned to help solve this problem -- by clearly licensing your code, by making improvements to the common tooling, and by providing important feedback on what licensing methods make the most sense.</p> - <p>The lack of clear licensing info, especially when combined with -minification, makes most JavaScript proprietary for the users who -receive and execute it in their browsers, even if the source code is -available elsewhere on the Internet in some repository under a free -license. The lack also means rampant license violations, for both -permissively and reciprocally licensed code. The Free Software -Foundation has proposed and implemented a couple of licensing metadata -methods by which JavaScript which is intended to be free software can -clearly say so, and therefore actually respect the freedom of its -users. This is the first step in compliant and realistic distribution -of copyleft-licensed JavaScript, as well as a step toward allowing -free software users to run only free software inside the browser as -they do outside the browser. Other approaches have been proposed as -well. We will discuss these questions and seek input on the approaches -so far, and hopefully leave with some momentum to make positive -changes.</p> - - John Sullivan - - - LibreJS plugin for detecting JS licensing - JavaScript Web Labels documentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:30 - 00:25 - H.1308 (Rolin) - cross_browser_extensions - Cross browser extensions - - Javascript - devroom - - <p>Browsers are built on very simple principle - “one fit that suits all”. We use number of browser extensions to make most of our browser. How about being on other side of table; lets create one. From Javascript developer to a browser extension developer in 50 mins.</p> - <p>Browsers are built on very simple principle - “one fit that suits all”. Browser extensions are the thing that help us to personalize the browser as per our need. We use number of browser extensions to make most of our browser. How about being on other side of table; lets create one. Webextension APIs are here to convert us(Javascript developers) to extension developers. Javascript mixed with Webextension APIs empower us to modify our browsers to suit as per our need. Adding to awesomeness, not only for one browser but same code that can be deployed on Firefox, Chrome, Opera with minimal or no changes.</p> - -<p>In this session, we will be learning how to develop portable cross browser extensions using Javascript. One can learn how to use features of browser such as Notifications, Tab capture, HTTP request handling, Toolbar buttons in an addon. Also there will be a hands-on demo of creating a browser extension right in the session and deploying it in the browser.</p> - -<p>By the end of session, audience will be empowered enough to command their browser to perform tasks as per their wish, may be throwing notification to drink water after every hour.</p> - -<p>By this session, I look forward to increase the circle of browser extension developers so as to make browsers great!</p> - - Trishul Goel - - - Presentation slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:25 - H.1308 (Rolin) - pwa_control_iot - Using Progressive Web Apps to control IoT - Using a PWA app to control an IoT device using JS frameworks - Javascript - devroom - - <p>Using Progressive Web Apps (PWA) to control IoT devices using JS frameworks</p> - -<p>What you will learn -* What is a PWA -* Why is a PWA so cool! -* How a PWA can control IoT -* Why should a PWA control IoT -* A cool demo of a PWA controlling a thing!</p> - <h2>Content</h2> - -<p>1) What are progressive web applications? A basic overview and their frameworks. A quick mention of web components. -2) The Samsung things.samsunginter.net demo. The demo at the start showing a PWA app controlling an IoT thing via BlueTooth Low Energy (BLE) interface. -3) Controlling bluetooth low energy from our PWA application. Concerns of browser support and issues developers may have. -4) A breakdown of controlling your IoT thing, via BLE using for our demo a Javascript application running on a Linux OS with a raspberry pi zero. -5) Why should a designer/ developer/ engineer consider using PWA and BLE for the control of ‘things’. And what about security concerns?</p> - -<h2>Wrapping it up</h2> - -<p>Going over key points. Good resources. Other technology frameworks to consider. Where to find details of code and this talk at SamsungInter.net</p> - - Nicholas Herriot - - - source code for demo - Presentation - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:25 - H.1308 (Rolin) - machine_learning_javascript - High end augmented reality using Javascript - Using markers with a webcam is cool but what about a HoloLens or MagicLeap straight from the browser? - Javascript - devroom - - <p>VR is so 2018. Now is time for AR... or is it? In this talk we will explore practically what is feasible today and how. We'll rely on Exokit for the new Magic Leap ML1 after briefly exploring what is AR, what it's good for then some guiding principles. No AR expertise required, just basic JavaScript frontend of backend will do.</p> - <p>The talk explored how create and experience augmented reality content on the latest commercially available hardware, namely the MagicLeap MP1 using the exokit node based browser (MIT License) and AFrame (MIT License) as properly isolated and re-usable component.</p> - -<p>More specifically the different topics were : -- limitations of native AR -- WebAR, the definition -- status of the specifications -- hardware support / browsers / libraries -- deconstruction of an experiment -- what's yet to come -- references</p> - -<p>A live demo with content live streamed to the browser from the HMD was shown to the audience to highlight the device specific features with content they could related to, namely themselves.</p> - - Fabien Benetou (@Utopiah) - - - Slides - Brain dump - aframe-eyetracking-blink-controls-component on Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - H.1308 (Rolin) - jquery_react - From jQuery to React - Gradual migration with hybrid approach - Javascript - devroom - - <p>Migration from legacy javascript to react in a well existing project isn't instant or easy, -but the outcome will be worth it. -How we can combine legacy with a modern front end, -surviving the hybrid umbrella, improving application's client and enjoy coding !</p> - <p>The migration process from legacy javascript to react might take you some time and wouldn’t be easy, but the outcome will be worth it.</p> - -<p>Two years ago, the foreman project decided to adopt react and started a gradual migration process from legacy javascript (rails assets pipeline) into a modern react web app. -We’d like to share with you our journey, the do’s and don’ts</p> - -<p>Why we should adopt react -Where to begin - The first step -How to survive under the hybrid umbrella -Gradual process - is it good enough? -Long term goals (does SPA one of them?)</p> - - Amir Fefer - - - The foreman repository - The foreman website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - H.1308 (Rolin) - data_structures_javascript - Developing data structures for JavaScript - Why and how to implement efficient data structures to use with node.js or in the browser - Javascript - devroom - - <p>There is a tenacious misconception nowadays that people working with JavaScript do not need to know much about data structures because developing for the web is still often deemed to be, and this cannot be more false, an easier task than "real" programming.</p> - <p>Web applications have become complex beasts and node.js allows to build programs that used to be other backend languages' turf. JavaScript developers now need to develop, as with any other programming language, custom data structures to solve particular problems when arrays and objects are simply not enough. The intention of this presentation is therefore to compile series of tips, tricks and use cases regarding the implementation of data structures in JavaScript and the challenges it poses. It is indeed tricky to ensure consistent performance in a high-level language with JIT and where engines like v8 apply a lot of optimization magic. One has to be able to evolve around those constraints. Examples will be taken from libraries such as <a href="https://github.com/graphology/graphology">graphology</a>, <a href="https://github.com/jacomyal/sigma.js">sigma.js</a>' newest version and finally <a href="https://yomguithereal.github.io/mnemonist/">mnemonist</a> to demonstrate that 1. performant data structures can be designed for JavaScript using the language's capabilities and that 2. everyone can use them to solve problems more efficiently.</p> - - Guillaume Plique - - - Graphology - Sigma.js - Mnemonist - Presentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - H.1308 (Rolin) - foss_corporate_js_stacks - AMENDMENT Free Open Source Corporate JavaScript Stacks - 2nd Generation JavaScript Frameworks & Libraries - Javascript - devroom - - <p>Did you know that over the past few years, large enterprises have been developing and open sourcing their JavaScript technology stacks? On GitHub, you'll find solutions by ING, Uber, PayPal, the Financial Times, Oracle, Microsoft, and many others. Some of these are software vendors, while others are in a variety of other industries. Each of them start from open source frameworks and libraries and all of them are interested in contributions.</p> - <p>The session focuses on something that's been going on below the surface, mostly unseen: large enterprises are using open source solutions in the JavaScript ecosystem (e.g., React, Vue, Knockout, Angular), developing their own internal tech stacks, and then pushing these stacks out to GitHub. Let's explore the advantages of these and see what can be done and how practical these developments are.</p> - - Geertjan Wielenga - - - Submit feedback - - - - 12:30 - 00:25 - H.1308 (Rolin) - pwa_caching_strategies - PWA caching strategies - How to obtain maximum performance from your Progressive web app - Javascript - devroom - - <p>How to obtain maximum performance from your Progressive web app</p> - <p>In this talk i want to explain what PWA is and how to obtain maximum performance for your project focusing on the caching strategies, use cases when you can prefer your caching data vs use cases when it's better to try to fetch your data first.</p> - - Gabriele Falasca - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - H.1308 (Rolin) - e2e_tests_cypress - Less painful E2E tests with Cypress.io - - Javascript - devroom - - <p>The normal state of things with end-2-end testing is a pain: tests are flaky, slow, verbose and written by some QA guy. -Let's see if I can convince you that it doesn't need to be like that, with an example of Cypress.io framework: a dev-centric open-source tool designed to make our life a little simple.</p> - - - Pavel Kruhlei - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - H.1308 (Rolin) - js_teaching_tool - JavaScript for open computing education - - Javascript - devroom - - <p>Prof. dr. Edsger W. Dijkstra says that the only true way to teach programming is by writing proofs by hand, on paper, approaching coding like a purely mathematical skill. Only then, he claims, can students truly understand the "radical novelty" of programming. He's onto something, analogies or high-level understanding are appealing and rewarding but ineffective for true learning. What if there were a way to introduce key concepts of computer science in an honest way without scaring away even the above-average student?</p> - <p>There are certain sticking points in introductory computer science that are difficult to teach and to learn. Many efforts are moving towards visual programming environments, simplified languages, and AI tutors. The problem with these approaches are open accessiblity &amp; skill transfer from learning environments to professional environments. Using just JavaScript, devtools, and some clever study techniques it is possible to get many of the same benefits you see in custom learning environments while still providing a fluid transition to substantial CS concepts.</p> - -<p>Stop by to see how CS concepts integrate with every-day programming &amp; languages with some fun hands-on exercises.</p> - - Evan Cole - - - what is open education? - on the cruelty of really teaching computer science - on computational literacy - critical code studies - resources for open computing education - presentation slides and examples - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - H.1308 (Rolin) - js_iot_smart - Bring JavaScript to the Internet of Things - From Embedded Device to Smart Gateway - Javascript - devroom - - <p>With huge popularity and high resource efficiency JavaScript has gone well beyond the web and reached out for many other areas. The rapidly growing Internet of Things is no exception. This talk will discuss why we think that JavaScript is a good option to kick-start building your own Internet of Things. Solutions we have been used for building an end to end IoT system using JavaScript will be discussed. An introduction to JerryScript, an ultra-light JavaScript engine from Samsung, will be given to address the issue of resource restriction in embedded devices. It is followed by a look at JavaScript platforms based on JerryScript that provide direct JavaScript APIs to developers. The open gateway framework is node.js based and targets at decentralized ‘Internet of Things’ with privacy and security in mind. This talk is supported by a demo.</p> - - - Philippe Coval - Ziran Sun - - - Slides with video demos - WebThingIotJs guide - Video demo - Mozilla Project Things at FOSDEM - Video recording (WebM/VP9) - Video recording (mp4) - color-sensor-js sources - Submit feedback - - - - 14:30 - 00:25 - H.1308 (Rolin) - testing_nodejs_security - Hacking NodeJS applications for fun and profit - Testing NodeJS Security - Javascript - devroom - - <p>NodeJS is one of the fastest growing platforms nowdays and from a security point of view is necessary to know all posibilities that the platform offers to developers.This is a talk that explains some of the most common problems in NodeJS applications and how using frequently used tools it is possible to exploit such vulnerabilities.Also I will show what are the main vulnerabilities we can found and how we can fix them in our applications.</p> - <p>These could be the talking points:</p> - -<p>-Node.js security packages</p> - -<p>I will comment how to protect express applications in terms of authentication, logging ,middleware and security best practices before put applications in production</p> - -<p>-How to prevent OWASP TOP 10 in a NodeJS application In this point I will comment the OWASP NodeGoat project that provides an environment to learn OWASP Top 10 security risks. I will comment the main risks we can find in nodejs applications from a attacker perspective.</p> - -<p>https://github.com/OWASP/NodeGoat</p> - -<p>-Tools which will help to protect our node applications like NodeJSScan allow detecting vulnerabilities following some predefined rules</p> - - José Manuel Ortega - - - NodeJS security checklist - NodeJS security tips - Helmet package - Security best practices - Node GOAT Applicattion - Node GOAT project - GitHub repository - Security Checklist - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - H.1308 (Rolin) - testing_graphql_javascript - Testing GraphQL in your JavaScript application - - Javascript - devroom - - <p>Test GraphQL in your JavaScript application.</p> - <p>This talk will show how you can test GraphQL in your JavaScript application using available open-source packages. It will describe how to get started, best practices and a real-world example.</p> - - Roy Derks (@gethackteam) - - - Code example for FOSDEM 2019 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - H.1308 (Rolin) - web_components_future - Web Components are the future. And the future is now! - - Javascript - devroom - - <p>I used to talk about Web Components as the future of the web and this future is here and now.</p> - <p>During this talk, I'll show you how you can effectively use these technologies today in your application regardless of your tech stack. From Angular to React including VueJS and Polymer, during this talk, I'll show you a practical way of using Web Components in 2019.</p> - - Davy Engone (Hackages) - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - H.1308 (Rolin) - furniture_javascript - Making furniture with Javascript - An open-source community run platform for designers to experiment with parametric furniture design. - Javascript - devroom - - <p>An experimental project which uses web technologies to help design, display and make furniture. O-LAP is an open-source community run platform for designers to experiment with parametric furniture design. Designers create parametric furniture designs as plugins into the framework. Registered designs gets displayed in the online gallery. Users can view the designs from the gallery and customize the design. Framework lets users extract CAD drawings which can be used to fabricate the design using a CNC machine. The project is built as an open access network of git repositories delivering updated Javascript for the clients.</p> - <p>O-LAP is a community of makers who like to make furniture from code. Designers write code which can create designs for furniture pieces. They make the designs like a plugin into a web app. The app can then extract drawings from the designs which can be used to fabricate the design using a computer controlled machine (similar to 3D printing). Designers can get creative in different ways when they start writing code to create furniture designs. -For example they can make the design for a chair which changes for people with different heights, or furniture which learns from your genetic data to customise it for you. -We also adapt a new way of production so that such designs can be manufactured by anyone with a CNC machine. It distributes the task of production to independent makers, so the designs are fabricated closest to the place where they are needed, reducing transport. -The group has grown with people across the globe interested. It would be great to showcase it to the broader OS developer community.</p> - - Amit Nambiar - - - Project page - Sample design - Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:25 - H.1308 (Rolin) - js_binary_ast - BinAST - Let's make the javascript startup bottleneck a thing of the past! - Javascript - devroom - - <p>The size of JavaScript frameworks and apps increases and won't stop increasing any time soon. Unfortunately, this causes large performance issues, both because the files are large and because the browser needs to spend considerable time parsing them.</p> - -<p>The JavaScript Binary AST is a new content developed by Mozilla, Bloomberg and Facebook to speed things up, both by making files smaller, and by making it much faster for your JavaScript VM to parse them – all if this without needing to minify or uglify your code, unless you want to.</p> - -<p>Let's see how it works!</p> - - - David Teller - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:20 - H.1309 (Van Rijn) - webrtc_sip_phone - Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway - Analyzing a real project on production (www.nethvoice.it) we will look at two different implementations of a SIP Phone WebRTC of NethCTI Web App. We will see great code examples, WebRTC technologies and a real demo of an audio/video call - Real Time Communications (RTC) - devroom - - <p>We will analyze the steps to make audio &amp; video communications (as SIP Phone WebRTC) into your WebApp, exploiting Asterisk WebRTC techology. The talk shows pros e cons of two different implementations: one using sipML5 library and one with Janus Gateway.</p> - <p>Asterisk WebRTC technology open huge scenarios of applications for unified communications. In this session we will look at that technology to make a SIP Phone WebRTC directly integrated into your web browser to provide a real-time audio &amp; video communication WebApp that serves hundreds of contemporary calls. We will consider two different solutions, sipML5 and Janus Gateway, showing pros and cons of both solutions.</p> - - Alessandro Polidori - - - sipML5 - Janus Gateway - WebRTC - Asterisk VoIP PBX - NethServer - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:25 - 00:20 - H.1309 (Van Rijn) - xmpp_beyond_im - XMPP Beyond Instant Messaging - How we use XMPP to do many neat features - Real Time Communications (RTC) - devroom - - <p>XMPP is known to be a instant messaging protocol, and is sometime blamed for its extensibility for bad reasons. This talk will try to show how powerful is XMPP, by explaining how we have built many exciting features likes a blog engine, file sharing, the base of a code forge (tickets handlers + merge requests), a universal remote controller and even a decentralized web framework on top of XMPP. All of this (and more) are parts of the Salut à Toi ecosystem.</p> - <p>Lastly we have been hearing more often than not XMPP bashing: XMPP is supposed to be bad because it's old, or XML based, it's not based on web technologies (HTTP, JSON), or there are too many XEPs, etc.</p> - -<p>This is unfair and often due to a lack of knowledge or a misunderstanding of the protocol. This talk will try to offer a different view of XMPP by explaining how we have used it in the "Salut à Toi" ecosystem to offer exciting features like: - - a blog engine - - file sharing (P2P or through a server à la Owncloud/NextCloud), using Jingle - - the base of a decentralised code forge (tickets handling and merge-requests) - - a universal remote control - - forums - - events</p> - -<p>In Salut à Toi, XMPP has also been used to build a unique decentralized web framework (Libervia web framework). -We'll see how XMPP can help in this field thanks to the powerful PubSub technology.</p> - -<p>Finally, we'll see how gateways can be used beyond messaging, to, for instance allow XMPP to communicate with other protocols like ActivityPub (the protocol behind Mastodon).</p> - - Jérôme Poisson (Goffi) - - - official website - blog of the main developer - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:50 - 00:20 - H.1309 (Van Rijn) - kamailio - Kamailio VoIP development update - - Real Time Communications (RTC) - devroom - - <p>Kamailio is an widely used carrier-grade open source SIP server that focus on flexibility, security and performance. It offers extensive core functionality and provides over 200 extension modules. Therefore it can be challenging as developer to decide which of the available APIs to use for your development. This is especially true if you want to integrate your extension later into the project upstream source code repository.</p> - -<p>This talk will start with a quick overview of the new functionality in the current major release 5.2. It will then highlight important changes in the last year for developers which are using Kamailio or developing extensions for it. Several code examples describes how to achieve a good security and performance. The talk will also provide guidelines about the development process, contributions acceptance and community interactions.</p> - - - Henning Westerholt - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:15 - 00:20 - H.1309 (Van Rijn) - beyond_webrtc_monoculture - Beyond the webrtc.org monoculture - Alternative WebRTC implementations in C and Python - Real Time Communications (RTC) - devroom - - <p>WebRTC’s most prominent implementations rely on the webrtc.org codebase. In this talk, Jeremy Lainé and Lennart Grahl will present two alternative WebRTC / ORTC implementations (aiortc in Python and RAWRTC in C), their use cases, the challenges in writing these implementations and the benefits for the WebRTC ecosystem.</p> - <p>Both Chrome’s and Firefox’s (to some extent) WebRTC implementations are built on top of a common codebase hosted at webrtc.org, which serves as the de facto reference implementation of WebRTC. While it is popular, hacking on the codebase or embedding into a custom project is a complex endeavour.</p> - -<p>Alternative implementations of WebRTC (and ORTC) exist in the form of libraries which are simpler to understand and embed:</p> - -<ul> -<li>RAWRTC (in C, currently data channels only), written by Lennart Grahl</li> -<li>aiortc (in Python), written by Jeremy Lainé</li> -</ul> - - -<p>The talk will focus on the following aspects:</p> - -<ul> -<li>Use cases and demos for these alternative WebRTC implementations, such as Internet of Things or server-side real time audio and video processing.</li> -<li>The genesis and challenges involved in implementing these two libraries.</li> -<li>How the WebRTC ecosystem benefits from having such alternative WebRTC implementations.</li> -</ul> - - - Jeremy Lainé - - - WebRTC and ORTC implementation for Python using asyncio - WebRTC and ORTC with a little bit of RAWR - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:40 - 00:20 - H.1309 (Van Rijn) - matrix - Breaking the 100 bits per second barrier with Matrix - An entirely new transport for Matrix for really terrible networks. - Real Time Communications (RTC) - devroom - - <p>The Matrix team has had a lot of fun recently investigating radically more efficient transports thanks to a challenge to get usable client-server and server-server communication on links as bad as 100bps. In this talk we're give a tour of the network simulation environment we've built and the transports, encodings and routing algorithms we've used to slash our network resource utilisation. We'll also look at what this could mean for open source push notification implementations.</p> - <p>Matrix is an open protocol and network for secure decentralised communication which uses HTTPS+JSON as its baseline transport and encoding. Whilst HTTP is convenient for developers, it's not the most resource-efficient solution for instant messaging. Matrix has always theoretically supported alternative transports, and we finally got an excuse to build one and push it to a ludicrous extreme - to try to operate usably over links as low as 100bps, as high as 4s latency, and up to 40% jitter. The approaches we've taken include:</p> - -<ul> -<li>Building a Matrix simulator (FOSS) which lets you dynamically spin up hundreds of real containerised homeservers in a virtual physical network to investigate and model performance</li> -<li>Switching from full-mesh routing to spanning-tree and thicket-based fan-out routing to avoid overloading links</li> -<li>Switching from HTTPS+JSON to compressed CBOR over CoAP with DTLS+PSK (ChaCha20-Poly1305)</li> -<li>Investigation of CoAP-over-QUIC and performance comparison with HTTP/3</li> -<li>Comparison with MQTT</li> -<li>Investigation into using this to power open source decentralised push notifications service.</li> -</ul> - - -<p>We'll talk through our findings, show off the simulator (which is <em>ridiculously</em> fun), spin up a ton of servers and log into them, break the network, and see just how well everything holds up...</p> - - Matthew Hodgson - - - Matrix.org website - Matrix.org specification - Early notes on the project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:05 - 00:20 - H.1309 (Van Rijn) - chat_over_imap - Break the Messaging Silos with COI - Get to know the Chat Over IMAP initiative - Real Time Communications (RTC) - devroom - - <p>Meet COI (Chat over IMAP) - a powerful contender for WhatsApp, Facebook Messenger and other proprietary messengers. Based on email this open standards &amp; open source iniative overcomes the network effect by providing a chat experience to over 3.8 billion active email users worldwide. By being backwards compatible with pure email, you do not need to convince all your friends, family and peers to join the new system - you can still engage with them and they can reach you. We cooperate with Delta Chat open source project to bundle efforts and ensure interoperability. Join this talk to learn about all things COI from Michael (Dovecot) and Robert (OX).</p> - <p>The COI standard is the best way to overcome the current messaging silos and allow everyone to compete on the same terms. Read on to learn why COI matters.</p> - -<h1>Problem</h1> - -<p>Most popular messaging services are currently proprietary, closed and operated by single providers. This leads to several problems:</p> - -<ul> -<li><em>Privacy:</em> The provider knows all about your social network: when you communicate with whom, the frequency of your communication and the number, type and length of your messages – even with end to end encryption in place.</li> -<li><em>Unfair competition:</em> Service providers depend on the rules set by the messaging owner and access to the API for participation. If the messaging provider changes the rules or chooses to offer your particular service itself, you are out of luck.</li> -<li><em>Lock in:</em> You cannot simply change to another provider, because your friends and peers are also using that service provider. If you want to switch you would need to convince everyone to join your new service provider. And of course you would lose all your conversation history if you dare to move away. Don’t like the new app version? Bad luck, you cannot choose another app.</li> -<li><em>Silo:</em> the network is only controlled by a single party, you cannot start hosting your own WhatsApp, WeChat or FB Messenger Service. -Some providers like Facebook even control several popular messaging apps, like WhatsApp and Facebook Messenger.</li> -</ul> - - -<h1>Why Others do not Solve this Problem</h1> - -<p>Maybe you are thinking “I thought this is why we have Signal, Telegram and the other privacy-centric apps?” – they might very well be better than some of the more popular networks, but in the end, they control the network and other providers are locked out. Basically, you are exchanging one silo with another.</p> - -<p>“What about XMPP and Matrix.org?” – glad you asked! We love XMPP and Matrix.org because they provide a great solution – this only solves the problem in theory though. With XMPP and Matrix.org-based services you would still need to convince everyone to join your new network. Easy in theory, very complex in practice!</p> - -<p>“What about RCS? I thought Google fixes this?” – well, are you sure about Google? Google used XMPP in the past but then locked it down. Google tried to push several chat solutions out with only little success. So, Google’s track record is far from perfect. Most notably, however, RCS requires a device to have a phone number (MSISDN). As communication is quickly migrating towards pure IP based solutions, MSISDNs become relics of the past. Most new innovative devices come without MSISDNs, e.g. voice enabled devices such as Alexa or Google Home, VR and AR devices such as HoloLens or Oculus Rift, portable game consoles, etc. With this dependency on MSISDNs, RCS’ future is uncertain.</p> - -<h1>Meet COI</h1> - -<p>COI enhances an already existing communication system: email. This already solves lots of problems:</p> - -<ul> -<li>It’s free, open and permission-less.</li> -<li>You can reach more than 3.8 billion active email users – this overcomes the network effect!</li> -<li>With COI’s backward compatibility, you can reach everyone, even when they are only using traditional email.</li> -</ul> - - -<p>In this talk Michael and Robert will explain why COI really offers potential, the technical details about the new standards and what the next steps on this exciting journey are.</p> - - Robert Virkus - - - Will go live ready for FOSDEM - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:20 - H.1309 (Van Rijn) - webxr - Building Immersive Experiences with the Web - The power of the Web with WebXR - Real Time Communications (RTC) - devroom - - <p>The way our users consume media and interact with applications is changing. That's partially down to hardware costs coming down but its also because its easier than ever to build these new forms of communication without it costing to earth. WebXR is a standard that combines both Virtual Reality and Augmented Reality into a Web API; by using all that the web has to offer we can build amazing experiences for our users that just require a phone, a web browser and maybe a cheap VR headset. Come check out how you can utilise the technologies deep within the browser on your mobile device to build amazing immersive experiences.</p> - - - Dan Jenkins - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:55 - 00:20 - H.1309 (Van Rijn) - resiprocate - Introduction to reSIProcate - A quickstart for C++ SIP application development - Real Time Communications (RTC) - devroom - - <p>Pocock, from the reSIProcate development team, explains how to integrate SIP capabilities into new or existing C++ applications, with a quick look at some of the new APIs for AMQP and Python integration.</p> - - - Daniel Pocock - - - reSIProcate home page - Daniel Pocock's blog - planet.sip5060.net blog aggregation site - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:20 - 00:20 - H.1309 (Van Rijn) - asterisk - Asterisk 16: What's new in the world of Asterisk - - Real Time Communications (RTC) - devroom - - <p>This talk will be to discuss what's happened in the last year or so in the Asterisk project. It will have discussion of recent changes as well as potentially include some updates on ongoing work in the development branch. For people that utilize Asterisk in their networks, it's an opportunity to understand how new functionality might improve their existing installations.</p> - - - Matthew Fredrickson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:45 - 00:20 - H.1309 (Van Rijn) - opensips - Building a Multi-Node SIP Platform Using OpenSIPS - Cluster multiple OpenSIPS nodes to create a highly available, multi-node SIP platform - Real Time Communications (RTC) - devroom - - <p>This talk will present the challenges encountered when building highly available, multi-node SIP platforms and how they are solved using a modern OpenSIPS release.</p> - <p>For those aiming to build a high capacity SIP service involving clusterized nodes running in a unified manner, this is a must-attend talk! During the presentation, we will enumerate the major types of issues that might pop up when architecting multiple SIP proxy instance setups and how OpenSIPS completely shatters them, making the management of such platforms a piece of cake!</p> - - Razvan Crainea - Liviu Chircu - - - OpenSIPS Project Website - OpenSIPS Project Blog - OpenSIPS GitHub Source Code - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:20 - H.1309 (Van Rijn) - jitsi_mobile_webrtc - Going mobile with React Native and WebRTC - How Jitsi Meet went from web to mobile, while sharing most of its code - Real Time Communications (RTC) - devroom - - <p>Jitsi Meet started out as a web application, but when mobile became a target we tackled it in a relatively unusual way: the web and mobile share all the business logic wth mobile using React Native for platform support and presentation.</p> - <p>Jitsi Meet started out as a web application, but when mobile became a target we tackled it in a relatively unusual way: the web and mobile share all the business logic wth mobile using React Native for platform support and presentation.</p> - -<p>The talk will go through the challendes and solutions we found along the way.</p> - - Saúl Ibarra Corretgé - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:35 - 00:20 - H.1309 (Van Rijn) - janus_ml - Artificial Intelligence, Fuzzing and WebRTC using Janus - Having fun with Janus, libFuzzer, OpenCV and Tensorflow - Real Time Communications (RTC) - devroom - - <p>This presentation will address two challanges we had to face: Artificial Intelligence and Fuzz Testing in the Janus WebRTC Server</p> - <p>The first part of the slot will show how to integrate Artificial Intelligence world with WebRTC using the Janus WebRTC Server. -Taking advantage of a dockerized architecture, a Janus instance was configured to provide the handled media to an OpenCV/Tensorflow Server as a low-latency RTP stream, and to receive back information on the processed media through a data channel, everything in a seamless way. -The presentation will explore how we built a tool that can be specialized to execute different Computer Vision tasks, from the architecture till the code.</p> - -<p>The second part is dedicated to fuzzing, and will demonstrate how fuzz testing has been implemented and integrated in the code base in order to fix the discovered bugs. -This was particularly useful, considering the emphasis that has recently been placed on fuzz testing in the WebRTC servers world. -By randomizing and altering the input patterns in an automated fashion, many software products, thought to be secure because used for years, proved to be vulnerable to specific RTP and RTCP packets, leading to crashes and memory overflow errors. -The well known libFuzzer tool was put in place and fully integrated, through the writing of tests and the updating of building scripts -in Janus code base.</p> - - Alessandro Toppi - Paolo Saviano - - - https://janus.conf.meetecho.com - https://opencv.org/ - https://www.tensorflow.org/ - https://llvm.org/docs/LibFuzzer.html - https://github.com/google/oss-fuzz - https://github.com/justadudewhohacks/opencv4nodejs - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:20 - H.1309 (Van Rijn) - converse_xmpp - Converse: Open, federated teamchat with XMPP - - Real Time Communications (RTC) - devroom - - <p>Converse (and XMPP) provides a federated alternative to other chat apps.</p> - -<p>You can set up a chat instance for your own project or team, while still using the same account to join other team chats on other servers.</p> - -<p>In this talk I'll show the advances that have been made the last two years, discuss some of the challenges we're facing and explain how we're improving and extending the XMPP protocol to fulfill modern expectations around teamchats.</p> - <p>Two years ago I gave a talk about Converse.js, the XMPP webchat client.</p> - -<p>Since then lots of further development work has been done and many new features added. -Converse can now be used as a fullpage teamchat client.</p> - -<p>It's being deployed in various environments and an Electron client is in the works.</p> - -<p>Converse (and XMPP) provides a federated alternative to other chat apps.</p> - -<p>You can set up a chat instance for your own project or team, while still using the same account to join other team chats on other servers.</p> - -<p>In this talk I'll show the advances that have been made the last two years, discuss some of the challenges we're facing and explain how we're improving and extending the XMPP protocol to fulfill modern expectations around teamchats.</p> - - JC Brand - - - The Converse website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:25 - 00:20 - H.1309 (Van Rijn) - pade - Unified Communications with Pàdé - Making the X in XMPP work with software - Real Time Communications (RTC) - devroom - - <p>Pàdé (the "p" is pronounced explosively) is a new unified communications solution from the Ignite Real-time community that is built by integrating the SIP and HTTP protocols with XMPP and is focused at the enterprise desktop for small and medium sized businesses. It is implemented client-side as a web browser extension and server-side as a collection of supporting plugins that run inside the Openfire XMPP server.</p> - -<p>The purpose of the talk is to introduce Pàdé and show how the plugin architectures of Openfire, Chromium and Converse have provided a development ecosystem for creating business driven communication applications and solutions for enterprises.</p> - <p>Pàdé is the Yoruba word for "Meet". It is a unified communications client for Openfire Meetings and uses the following front end web applications.</p> - -<ul> -<li>Jitsi-Meet for SFU-based WebRTC audio/video conferencing, screen share and real-time application collaboration with Jitsi Video-bridge</li> -<li>SIP.js for SIP based telephony with FreeSWITCH</li> -<li>Converse.js for XMPP chat/groupchat with Openfire</li> -<li>Chat REST API for creating bots and enabling integration with business applications.</li> -</ul> - - -<p>This talk will first introduce Pàdé and then focus on how the plugin architecture of the Chromium web browser, ConverseJs and Openfire made it possible to quickly integrate HTTP and SIP with XMPP and create a feature-rich and very extensible unified communications solution for small and medium businesses.</p> - - Dele Olajide - - - Pàdé Development at GitHub - Ignite Realtime Blogs - Dele Olajide Bio - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:50 - 00:20 - H.1309 (Van Rijn) - homer - HOMER RTC Stats - Timeseries for Fun and Profit - Real Time Communications (RTC) - devroom - - <p>Can HOMER be used to generate RTC Statistics and Timeseries for Monitoring, Alerting and train Machine Learning? Open-Source says Yes!</p> - <p>The HEP stack has been completely redesigned to support the many faces of RTC (Janus, Jitsi, Mediasoup and more) and moderns Event based flows, extending both the User and Developer front with powerful diagnostic and investigative tools alongside cross-platform libraries ready for integration of Capture, Deep-Packet Inspection and Extraction pipelines. Find how to leverage the latest and greatest HEP tools to build your very own Monitoring and Troubleshooting tools, while staying 100% Open-Source!</p> - - Lorenzo Mangani - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:15 - 00:20 - H.1309 (Van Rijn) - sip3 - VoIP Troubleshooting and Monitoring with SIP3 - Twenty Thousand MPS under the SIP: VoIP network troubleshooting and monitoring simplified - Real Time Communications (RTC) - devroom - - <p>An exciting journey from troubleshooting to monitoring or how VoIP network monitoring can simplify troubleshooting and shorten customer tickets resolution time.</p> - <p>Find out how SIP3 turned from troubleshooting into monitoring platform, what were the biggest challenges along the way and what is the team behind the project planning ahead.</p> - -<p>SIP3 is an open sourced project that helps engineering teams detect voice quality problems and prevent call failures. Take advantage of a fast and efficient platform that scales with your business. The powerful monitoring UI provides key performance metrics that are giving detailed VoIP network insights.</p> - -<p>Learn how you can shorten customer support tickets resolution time while staying focused on your product development.</p> - -<p>Deep dive into the business KPIs and learn how to recognize service disruptions and system failures before they actually happen.</p> - -<p>Be part of the live demo and join the SIP3 community! See you in the RTC room!</p> - - Oleg Agafonov - - - RTC and VoIP traffic monitoring & analysis - Twitter - Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:20 - H.1309 (Van Rijn) - cgrates - Fraud mitigation using traffic pattern monitoring with CGRateS - - Real Time Communications (RTC) - devroom - - <p>Traffic transparency and ability to react on pattern changes became more than a nice to have functionality in modern communication infrastructure. -In this talk Teo will explore various mechanisms implemented in the new ThresholdS module of CGRateS, focusing not only on improving QoS stats but also towards securing networks with automatic reaction profiles against fraud attempts. -CGRateS is a battle-tested Enterprise Billing Suite with support for various prepaid and postpaid billing modes.</p> - <p>Traffic transparency and ability to react to pattern changes became more than a nice to have functionality in modern communication infrastructure. -ThresholdS module within CGRateS offers the ability to monitor generic events in real-time and react when preset thresholds are hit. As reactions, one can set notifications via HTTP or AMQP or CGRateS accounts related top-ups, debits or complete account deactivation. The events can be injected into ThresholdS via simple RPC (ie: JSON-RPC over socket), contributing to easy integration from external systems. In case of the high amount of events received in a short time, ThresholdS will absorb them via built-in DoS protection and only react on predefined intervals or number of events. -All these characteristics make ThresholdS an ideal candidate as a standalone component (without involving additional billing subsystems within CGRateS) for fraud detection and mitigation. -CGRateS is a battle-tested Enterprise Billing Suite with support for various prepaid and postpaid billing modes.</p> - - Teofil Voivozeanu - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:20 - H.1309 (Van Rijn) - xmpp_sprint - Make XMPP Sprint Again - - Real Time Communications (RTC) - devroom - - <p>This talk will be about how I approached problems organizing sprints, what issues I faced and how I solved them.</p> - <p>This summer, on August 18-19th, was held the first developer event in the XMPP community for a long time. -The idea came up at the Gulaschprogrammiernacht, in Karlsruhe earlier this year. I set a goal for myself to start a movement in the community, gather interested people, and work together to improve the ecosystem. -I'm going to talk about how I approached the organizational problems, what issues I faced and how I solved them.</p> - - Maxime Buquet - - - Summary of the first sprint that was organized - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - - - 09:10 - 00:40 - H.2213 - ml_on_code_understanding - Understanding Source Code with Deep Learning - - ML on Code - devroom - - <p>Code is written by humans for humans and machines. By learning from the human-oriented components of code, recent research has invented models that start to "understand" some aspects of source code. This opens the exciting possibility of using machine learning to assist developers in their everyday tasks, such as writing new code and finding bugs.</p> - -<p>In this talk, I will give a brief tour of our lab's recent explorations in this area. Then I will focus on a specific kind of neural networks, namely graph neural networks (GNN). These networks allow us to learn from the rich semantic relationships within code and, by training them on a self-supervised task, they have allowed us to find bugs in open-source projects. I will conclude with a brief discussion of the practical challenges in using machine learning on source code.</p> - - - Miltos Allamanis - - - Research in Lab - Academic Survey of Methods - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:50 - 00:40 - H.2213 - ml_on_code_code_review_suggestions - Suggesting Fixes during Code Review with ML - - ML on Code - devroom - - <p>Many developers hate doing code reviews. Reading foreign code is hard, and suggesting improvements is even harder. Yet a dramatic portion of code review time goes to figuring out the boring details: formatting, naming, microoptimizations and best practices. We believe that all of those can be automated with ML on Code, either learning from a particular project or from all the open source code in the world which is relevant. This talk will be about open source "analyzers" - ML-driven code review agents which deal with the boring but important details.</p> - - - Vadim Markovtsev - - - Code style analyzers - Video recording (WebM/VP9) - Video recording (mp4) - Slides - Submit feedback - - - - 10:30 - 00:40 - H.2213 - ml_on_code_astor - Astor: An automated software repair framework - - ML on Code - devroom - - <p>Astor is an open-source framework for repairing buggy Java program, which includes 5 publicly available repair approaches. -Those repair approaches take as input a buggy Java program (having at least one failing test case that exposes the bug) and search for a patch that produces all test cases to pass. Astor provides twelve extension points that form the design space of program repair. -Using those extension points, program repair researchers can create new repair approaches or extend those included in the framework by choosing existing components (among 33 ones) or implementing new ones. -In this talk, we will first discuss the main techniques proposed on the field of automated software repair. -Then, we will discuss how to execute repair approaches included in Astor framework, how to extend them, and how to implement new repair approaches reusing components provided by Astor.</p> - - - Matias Martinez - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:10 - 00:40 - H.2213 - ml_on_code_kotlin_anomalies - Code anomalies in Kotlin programs - Automatic detection of anomalous code fragments written in Kotlin - ML on Code - devroom - - <p>This talk will discuss code anomalies — code fragments that are written in some way that is not typical for the programming language community. Such code fragments are useful for language creators as performance tests, or they could provide insights on how to improve the language. With Kotlin as the target language, we discuss how the task of detecting code anomalies for a very large codebase could be solved using well-known anomaly detection techniques. We outline and discuss approaches to obtain code vector representation and to perform anomaly detection on such vectorized data. The talk will highlight examples of such anomalies found in open source GitHub repositories.</p> - - - Timofey Bryksin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:50 - 00:40 - H.2213 - ml_on_code_code_review_mailing_list - Predicting areas for PR Comments based on Code Vectors & Mailing List Data - - ML on Code - devroom - - <p>Many of us have seen the small PR changing 20 lines with 20 comments and the large PR with over 1k line changes sail through (or stall) with no comments because who has the time to read all that text? What if we could predict areas of the PR that are more likely to need attention?</p> - <p>Many of us have seen the small PR changing 20 lines with 20 comments and the large PR with over 1k line changes sail through (or stall) with no comments because who has the time to read all that text? What if we could predict areas of the PR that are more likely to need attention? This talk will explore creating a model to predict areas of PRs that will generate comments on, using a combination of historic comment data and mailing list stack traces. Then once we’ve built this model we’ll explore how to serve it live with Kubeflow as well as how Kubeflow and K8s can work together to allow us to scale our model training to a larger set of projects.</p> - - Holden Karau - Kris Nova - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:40 - H.2213 - ml_on_code_deduplicating_pga - Deduplication on large amounts of code - Fuzzy deduplication of PGA using source{d} stack - ML on Code - devroom - - <p>In this talk I will discuss how to deduplicate large amounts of source code using the source{d} stack, and more specifically the Apollo project. -The 3 steps of the process used in Apollo will be detailed, ie: -- the feature extraction step; -- the hashing step; -- the connected component and community detection step; -I'll then go on describing some of the results found from applying Apollo to Public Git Archive, as well as the issues I faced and how these issues could have been somewhat avoided. -The talk will be concluded by discussing Gemini, the production-ready sibling project to Apollo, and imagining applications that could extract value from Apollo.</p> - <p>After a quick introduction on the motivation behind Apollo, as said in the abstract I'll describe each step of Apollo's process. As a rule of thumb I'll first describe it formally, then go into how we did it in practice.</p> - -<p>Feature extraction: -I'll describe code representation, specifically as UASTs, then from there detail the features used. This will allow me to differentiate Apollo from it's inspiration, DejaVu, and talk about code clones taxonomy a bit. TF-IDF will also be touched upon. -Hashing: -I'll describe the basic Minhashing algorithm, then the improvements Sergey Ioffe's variant brought. I'll justify it's use in our case simultaneously. -Connected components/Community detection: -I'll describe the connected components and community notion's first (as in in graphs), then talk about the different ways we can extract them from the similarity graph.</p> - -<p>After this I'll talk about the issues I had applying Apollo to PGA due to the amount of data, and how I went around the major issued faced. Then I'll go on talking about the results, show some of the communities, and explain in light of these results how issues could have been avoided, and the whole process improved. Finally I'll talk about Gemini, and outline some of the applications that could be imagined to Source code Deduplication.</p> - - Romain Keramitas - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:40 - H.2213 - ml_on_code_commit_message - Neural commit message suggester - Proposing git commit messages with neural networks - ML on Code - devroom - - <p>We present a suggester of git commit messages based on the files diff: by reading the commit patch, the system outputs a message in natural language describing the subject of the commit. -While high level intent guessing is out of the scope of this project, this may provide further insights to a CI system in refusing pull requests with poor commit messages or not explaining the subject matter.</p> - <p>When it comes to commit messages, we all have witnessed the worst of our kind: while code is (hopefully) carefully crafted, the urge to submit our work for peer review can play badly with the helpfulness of the commit message attached (leaving a helpless reviewer in the dark and calling for the developer presence to explain the meaning of the coded feature). -Machine translation techniques come to the rescue, by providing a viable aid to suggesting better commit messages from a golden standard of various situations: by analyzing thousands of commit messages along with their patches, we show that a machine can understand the semantics of a patch thus providing a way to automatically tell good messages from bad messages. -We can employ this in CI environments to rule out insufficiently documented patches or to propose better alternatives to the developers.</p> - - Alberto Massidda - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:50 - 00:40 - H.2213 - ml_on_code_mining_source_code - Mining Source Code^3 - Mining Idioms, Usages and Edits - ML on Code - devroom - - <p>Code is an incredible source of information. -Indeed, mining software repositories can tell us whether code is natural, how to use a new framework, or how to identify similar changes.</p> - -<p>In this talk, I will present state-of-the-art and limitations on the usage of graph-based algorithms to mine software repository.</p> - -<p>In particular, I will cover how program analysis, pattern mining and pattern matching can help developers to identify:</p> - -<ol> -<li>conventions and idioms, using syntactic information commonly represented as Abstract Syntax Trees;</li> -<li>framework usages, relying on semantic information such as control and data dependencies represented as Program Dependency Graphs;</li> -<li>similar modifications in multiple different locations, computed using change loggers or change distillers.</li> -</ol> - - -<p>Last I will present INTiMALS, an ongoing industry-university collaboration to develop a language-parametric framework for mining this information in legacy systems.</p> - - - Dario Di Nucci - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:40 - H.2213 - ml_on_code_coming - Coming: a Tool for Mining Change Pattern Instances from Git Commits - - ML on Code - devroom - - <p>Software repositories such as Git have become a relevant source of information for software engineer researchers. -For instance, the detection of commits that fulfill a given criterion (e.g., bugfixing commits) is one of the most frequent tasks done to understand the software evolution. -However, to our knowledge, there is not open-source tools that, given a Git repository, returns all the instances of a given source code change pattern. -In this talk, we present Coming, a tool that takes an input a Git repository and mines instances of source code change patterns on each commit. -For that, Coming computes fine-grained changes between two consecutive revisions, analyzes those changes to detect if they correspond to an instance of a change pattern (specified by the user using XML). -Finally, after analyzing all the commits, Coming presents the frequency of code changes and the instances found on each commit.</p> - - - Matias Martinez - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:40 - H.2213 - ml_on_code_automatic_refactoring - How to build an automatic refactoring and migration toolkit - - ML on Code - devroom - - <p>Every code base needs to be modernised at some point, either to reduce the technical debt or to migrate to another language. In such complex and challenging projects, automation is a key point to reduce the workload of low added-value tasks as monotonous refactoring or redundant paradigm translation.</p> - -<p>To do so with our clients, struggled with deeply in-debt code bases, we built an in-house toolkit to support the developers in modernisation projects from detection to transformation. We created a language-agnostic model to represent code and several engines based on it: code smells and custom pattern detection, quality metrics, automatic refactoring, code generation… With this talk I would like to share what are the steps to build a toolkit to automate code’s transformation and share a few practical use cases.</p> - - - Juliette Tisseyre - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:40 - H.2213 - ml_on_code_smelling_source - Smelling Source Code Using Deep Learning - - ML on Code - devroom - - <p>Poor quality code contributes to increasing technical debt and makes the software difficult to extend and maintain. Code smells capture such poor code quality practices. Traditionally, the software engineering community identifies code smells in deterministic ways by using metrics and pre-defined rules/heuristics. Creating a deterministic tool for a specific language is an expensive and arduous task since it requires source code analysis starting from parsing, symbol resolution, intermediate model preparation, and applying rules/heuristics/metrics on the model. It would be great if we can leverage the tools available for one programming language and cross-apply them on another language.</p> - <p>In this presentation, I would like to present our work on detecting smells using deep learning models. It will cover the tooling aspects summarizing the preparation goes behind the scene before the source code is fed into a deep learning model. The focus of the work is on two specific aspects: -1. to show that we can detect code smells with minimal pre-processing without converting them to a feature set. We compare the performance of smell detection among different deep learning models (CNN and RNN) in different configurations (i.e., model architectures). -2. to explore the feasibility of applying deep learning models across the programming languages. In other words, learning smell detection from samples in one programming language and using the model to detect smells in samples of another programming language. The presentation will bring out insights from this exploration.</p> - - Tushar Sharma - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:20 - H.2214 - nfs_ganesha_weather_report - NFS-Ganesha Weather Report - - Software Defined Storage - devroom - - <p>The NFS is old but simple protocol existed from long back and it is one of most widely accepted protocol in linux systems. NFS-Ganesha is user space nfs server. This talk will helpful to anyone who wants to run their day today application on nfs. NFS-Ganesha has plug-able architecture in which any file systems can easily added, currently it supports Gluster, Ceph(FS/RGW), GPFS etc. There are a lot of features and discussions happening on the community. This talk will help to provide update whats happening on the community</p> - <p>NFS-Ganesha is a user-mode file server for NFS (v3, 4.0, 4.1, 4.1 pNFS, 4.2) and for 9P from the Plan9 operating system. It can support all these protocols concurrently. The project was started around 2009 and it got well matured over past few years and includes participation including CEA, IBM, Red Hat. There are a lot protocol specific features added including LABELED NFS, Delegations to nfs-ganesha layer. The is workload specific changes made to nganesha layer which includes async op and non blocking io's. There are other projects like storhaug which integrates the nfs-ganesha to ctdb and so on. The session will touch up briefly on all the new improvements happening in nfs-ganesha and how it can be consumed in different scenarios.</p> - - Jiffin Tony Thottan - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:25 - 00:25 - H.2214 - cehp_mgr_modules_fun_and_profit - Leveraging ceph-mgr modules for fun and profit - - Software Defined Storage - devroom - - <p>In this talk, we will demonstrate how Ceph's ceph-mgr can be leveraged for whatever silly project we want, as long as we have a silly idea for a project and enough to time to sink into it. In our case, we will show how one could relay health status (and other information) to the user by visual, annoying means -- i.e., by plugging into a Philips Hue bridge, and changing the colors of the room.</p> - <p>We shall cover</p> - -<p>1) high-level view of what ceph-mgr is -2) basics of ceph-mgr modules, their bare-bones architecture and how to create a simple module -3) the basic architecture of our proof-of-concept -4) a quick, live (ugh) demo, should power sockets be available -5) time permitting, an overview of how to scale this to something that goes beyond a silly home made project</p> - - Joao Eduardo Luis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:55 - 00:15 - H.2214 - gluster_as_a_service - How we use Gluster - offering Gluster-as-a-service - Software Defined Storage - devroom - - <p>At ING Netherlands our team is building gluster-as-a-service providing our internal clients with a portal where they can request volumes and make changes to these volumes. -In this talk we would like to go through the design of this setup, discuss the scale out ability's and our experiences developing this service and using Gluster. -Technologies: -RH Gluster -HA proxy -Ganesha -Nagios and Tendlr</p> - <p>At ING Netherlands our team is building gluster-as-a-service providing our internal clients with a portal where they can request volumes and make changes to these volumes. -In this talk we would like to go through the design of this setup, discuss the scale out ability's and our experiences developing this service and using Gluster. -Technologies: -RH Gluster -HA proxy -Ganesha -Nagios and Tendlr</p> - - Jurgen Reij - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:15 - 00:35 - H.2214 - container_storage_interface_explained - The Container Storage Interface, Explained - - Software Defined Storage - devroom - - <p>Over the next year, all Kubernetes persistent storage will be moving to CSI plugins. But what is CSI? What's in the specification? How does it work in practice?</p> - <p>The rapidly evolving Container Storage Interface specification has finally slowed down, reaching its first stable release v1.0. With it, all vendors have rushed to update their drivers or write new ones. But what does this mean to us? How does CSI benefit the ecosystem? What are the final features?</p> - -<p>In this talk we’ll cover this and more, going over the objectives and feature of the CSI spec, as well as some of the Kubernetes flows. By the end of the talk, you’ll be up to date with the current CSI spec, be able to deploy a Kubernetes cluster with a CSI plugin, and know the elements in Kubernetes’ CSI, their relationship, and the part that each one plays.</p> - - Gorka Eguileor - - - Slides - Ember-CSI website - Ember-CSI repository - CSI spec - Kubernetes docs - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:55 - 00:40 - H.2214 - ceph_project_status_update - What's new in Ceph Nautilus - project status update and preview of the coming release - Software Defined Storage - devroom - - <p>Project status update, and preview of what is new in the Ceph Nautilus release, due out this month. Management dashboard, unified orchestration CLI and GUI across kubernetes and bare metal environments, device failure prediction, PG num autoscaling, memory autoscaling, live RBD image migration, and more.</p> - - - Sage Weil - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:40 - H.2214 - openebs_breaking_million_iops_barrier - OpenEBS asymmetric block layer in user-space breaking the million IOPS barrier - - Software Defined Storage - devroom - - <p>Container Attached Storage was introduced at FOSDEM last year, we will revisit the basic concept shortly and give an update how we have abstracted storage fully in user space, and are capable of breaking the million IO barrier with the latest data engine.</p> - <p>Last years talk was more a generic introduction about the concepts and ideas around openEBS. This time around we will go over more detail as to how we do it. We will go over the concept of front-ends and back-ends and how they allow for asymmetrical backends.</p> - -<p>We will also be talking about, how we implement proxying and replication in openEBS and the ability to do rebuilds. Also, how can we make sure we are making good use of the latest hardware, e.g., NVMe devices and NVMe-OF (RDMA as well as TCP) and make sure we do not incur a penalty of being in user space?</p> - - Jeffry Molanus - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:25 - H.2214 - clustered_samba - Clustered Samba: Witness Protection Programming - - Software Defined Storage - devroom - - <p>This talk will cover two new clustering features under development for Samba: -Persistent Handles and the Witness service. Alongside a scale-out filesystem -such as CephFS, both features can be combined to provide transparent client -failover and automatic load balancing.</p> - -<p>The presentation will finish with a recap of ongoing and outstanding -clustered Samba tasks, focusing in particular on CephFS integration.</p> - -<p>This talk is intended for developers and users familiar with Samba.</p> - <ul> -<li>Clustered Samba overview</li> -<li>Current SMB1/SMB2 failover methods with CTDB - -<ul> -<li>Tickle ACKs</li> -</ul> -</li> -<li>New failover features - -<ul> -<li>Transparent failover in SMB3 - -<ul> -<li>Persistent handles</li> -<li>Witness protocol</li> -</ul> -</li> -<li>Automatic cluster balancing</li> -</ul> -</li> -<li>Demo</li> -<li>Clustered Samba outlook / future tasks</li> -</ul> - - - David Disseldorp - Samuel Cabrero - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:55 - 00:40 - H.2214 - ceph_storage_with_rook - Ceph storage with Rook - Running Ceph on Kubernetes - Software Defined Storage - devroom - - <p>The talk will show how simple it is to use Rook for Ceph storage on Kubernetes. -In addition to showing how simple it is to use the storage, the ease of adding and removing nodes will also be shown in a demo.</p> - -<p>Target audience are people interested in Ceph and Kubernetes.</p> - <p>Topics:</p> - -<ul> -<li>What is Rook?</li> -<li>Architecture of Rook</li> -<li>Kubernetes native integration</li> -<li>What can Rook help you do (better) with Ceph?</li> -<li>Demo of Rook's capabilities - -<ul> -<li>Creating a Ceph cluster</li> -<li>Showing ease of consuming storage using an example application</li> -<li>Adding and removing a new (Ceph) cluster node</li> -</ul> -</li> -<li>Why Rook?</li> -</ul> - - - Alexander Trost - - - "Distributed storage with Rook" old slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:40 - H.2214 - gluster_container_storage - Gluster Container Storage - Storage for containers, in containers - Software Defined Storage - devroom - - <p>Gluster Container Storage (GCS) is a new initiative from the Gluster community. It integrates several different old and new Gluster projects, building on top of the experience gained from the Heketi and gluster-kubernetes projects, and aims to provide the best persistent storage solution for containers.</p> - <p><a href="https://github.com/gluster/gcs">Gluster Container Storage</a> (GCS) is a new initiative from the <a href="https://www.gluster.org">Gluster</a> community, that aims to build the best persistent storage solution for containers.</p> - -<p>GCS integrates different Gluster projects, built on top of the experience gained from the <a href="https://github.com/heketi/heketi">Heketi</a> and <a href="https://github.com/gluster/gluster-kubernetes">gluster-kubernetes</a> projects and provides users with simple and robust tools to deploy, monitor and manage Gluster as well-behaved citizens of the Kubernetes world.</p> - -<p>GCS introduces the new <a href="https://github.com/gluster/anthill">Anthill</a> and <a href="https://github.com/gluster/gluster-csi-driver">gluster-csi-driver</a> projects. -Anthill is Kubernetes operator, that deploys and manages GlusterFS with <a href="https://github.com/gluster/glusterd2">GlusterD2</a> and the gluster-csi-driver as containerized applications in a Kubernetes cluster. -The gluster-csi-driver implements the <a href="https://github.com/container-storage-interface/spec">Container Storage Interface</a> API, and interacts with GlusterD2 to automatically provision persistent volumes for Kubernetes applications when needed.</p> - -<p>In this session we'll learn how all of these projects work together and form GCS.</p> - - Kaushal Madappa - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:25 - 00:40 - H.2214 - ceph_manager_dashboard - Managing and Monitoring Ceph with the Ceph Manager Dashboard - Introduction / Overview and Demo - Software Defined Storage - devroom - - <p>The Ceph Manager Dashboard is a web-based application that aims for providing a built-in and easy to use graphical user interface for performing a wide range of administrative tasks on a Ceph cluster.</p> - -<p>In this presentation, Lenz will give an introduction and overview to the Dashboard, its architecture and current functionality as well as an outlook into ongoing development and future plans.</p> - -<p>The dashboard's various elements and components will also be shown in the form of a live demo.</p> - <p>Starting with the "Mimic" release, the <a href="https://ceph.com/">Ceph distributed storage project</a> ships with a new web-based management and monitoring tool out of the box: the Ceph Manager Dashboard gives Ceph Administrators an easy to use interface to manage and monitor various aspects of their cluster without having to use the CLI or any third-party utilities.</p> - -<p>It is based on the original (read-only) Ceph Dashboard as well as the concepts and architecture of the standalone open source Ceph management framework <a href="https://openattic.org/">openATTIC</a>. The development of this new component is driven and coordinated by the openATTIC team at SUSE as well as engineers from Red Hat and other members of the Ceph community.</p> - -<p>Features include monitoring the cluster health status, managing OSDs, Pools, Ceph block devices (RBDs) and the Object Gateway (RGW). Detailed performance graphs for each component and service are provided by embedding Grafana Dashboards into the Ceph Manager Dashboard UI.</p> - -<p>The web application is developed using the Angular web development framework; the backend code is implemented as a Ceph Manager Module based on Python and the CherryPy framework.</p> - - Lenz Grimmer - - - Ceph Project - Dashboard Documentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:40 - H.2214 - smb2_posix_extensions - SMB2 POSIX Extensions - Where we are, what remains to be done. - Software Defined Storage - devroom - - <p>The SMB3 POSIX Extensions, a set of protocol extensions to allow for optimal Linux and Unix interoperability with NAS and Cloud file servers, have evolved over the past year, with test implementations in Samba and in the Linux kernel. These extensions address various compatibility problems for Linux and Unix clients (such as case sensitivity, locking, delete semantics and mode bits among others). This presentation will review the state of the protocol extensions, what was learned in the implementations in Samba and provide an opportunity for feedback and suggestions for future improvements to the POSIX extensions.</p> - - - Jeremy Allison - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:55 - 00:15 - H.2214 - ceph_rgw_sync_modules - Exporting Ceph Object Storage data to the outside world - RGW Sync Modules for fun & profit! - Software Defined Storage - devroom - - <p>RGW (Rados Gateway) is the HTTP REST frontend to Ceph, exposing a S3 -and Swift API. From the Kraken release of Ceph, RGW introduced the -concept of sync modules which allows for forwarding data and metadata -to an external tier. This allows for interesting analysis of metadata -or archival/backup solutions without the need to support these in Ceph -itself. We'll take a brief look into the design of sync modules, peer -into the crystal ball for what the future holds and also cover the -currently available ElasticSearch and Cloud Sync modules, which allows -data to be exported to external clouds supporting a S3 like API -including Amazon S3.</p> - <p>Ceph is a distributed storage platform that is a contender to become -the future of software defined storage, providing unified access to -block, object and file interfaces. Rados Gateway (abbreviated RGW from -here on) is the Object storage component of Ceph, exposing an all -familiar S3 and Swift APIs for object storage. Since the Kraken -release, RGW introduced the concept of sync modules which allows for -forwarding data and metadata to an external tier. This allows for -interesting analysis of metadata or archival/backup solutions without -the need to support these in Ceph itself. We'll look into the basic -design of sync modules, pointers to look for should you ever need to -write one, cover the existing ElasticSearch &amp; Cloud sync modules, and -see what the future holds for RGW Sync modules.</p> - - Abhishek Lekshmanan - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:15 - 00:45 - H.2214 - small_files_in_swift_cluster - Storing "Lots Of Small Files" in a Swift cluster - - Software Defined Storage - devroom - - <p>OpenStack Swift is the massively scalable object storage of OpenStack. It can store billions of objects in a single cluster without any disturbances. But what happens if all of your objects are "small objects"?</p> - -<p>Because OpenStack Swift stores objects as files on XFS, disks will end-up storing millions of small files, creating large performance and stability issues. This is all related to the constraints of POSIX filesystems.</p> - -<p>During this presentation, we will give you an overview of these issues, and explain their root causes. You will then discover what we tried to overcome them, as well as the chosen solution. Eventually, we will present you results of our production deployment.</p> - - - Romain LE DISEZ - - - https://github.com/alecuyer/swift/tree/master-losf - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 11:00 - 01:00 - H.3242 - bof_gluster_fs - Gluster FS - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 13:00 - 01:00 - H.3242 - riotos_bof - Riot OS - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - 14:00 - 01:00 - H.3242 - podcast_friends_of_illumos - Podcast Friends of IllumOS - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - 15:00 - 01:00 - H.3242 - lua_bof - Lua - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - 16:00 - 01:00 - H.3242 - jenkins_bof - Jenkins project continuous delivery - - BOFs (Track B - in H.3242) - bof - - - - - - - Submit feedback - - - - - - 10:00 - 01:00 - H.3244 - bof_videolan - VideoLAN BOF - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 11:00 - 01:00 - H.3244 - vlc_bof - VLC Tech Meet - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 12:00 - 01:00 - H.3244 - bof_terraform - Terraform and Infrastructure Testing - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 13:00 - 01:00 - H.3244 - bof_arch_linux - Arch Linux Meetup - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 15:00 - 01:00 - H.3244 - tor_bof - Tor relay operators meetup - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - 16:00 - 01:00 - H.3244 - bof_ci_infrastructure - Sharing CI infrastructure on FOSS Projects - - BOFs (Track C - in H.3244) - bof - - - - - - - Submit feedback - - - - - - 09:00 - 00:15 - AW1.120 - sdr_intro - Intro to the Free Software Radio Track - - Free Software Radio - devroom - - <p>Welcome talk.</p> - - - Martin Braun - - - Submit feedback - - - - 09:15 - 00:15 - AW1.120 - gr_soapy - gr-soapy: A handy SDR hardware interface module for GNU Radio - - Free Software Radio - devroom - - <p>gr-Soapy is an OOT module for the GNU Radio platform to configure and manage a plethora of SDR devices through the SoapySDR API. It provides easy to use source and sink blocks with various parameter fields, enabled according to the capabilities of the device specified by the user.</p> - <p>With the emergence of various low cost SDR devices that anyone can experiment with, ham radio community continues to expand and create fascinating open source projects. Aside from the ham radio community, also researchers and professionals study and develop protocols and applications for the radio spectrum with the use of SDR devices.</p> - -<p>To facilitate the interface of users with SDR devices, in this short talk we will present the gr-Soapy OOT module for the GNU Radio platform. gr-Soapy tries to simplify the process of configuring and using SDR devices inside the popular platform of GNU Radio, without omitting functionalities needed by more experienced users. It uses the open source SoapySDR project for the management of the devices. SoapySDR is an active, expanding and robust API, enabling gr-Soapy to be up to date without the need to actively update it with every new SDR device that becomes available.</p> - - Nestoras Sdoukos - - - repo containing project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:30 - 00:30 - AW1.120 - sdr_rusty - GNU Radio with a Rusty FPGA - Experiment building FPGA accelerated blocks with Rust bindings - Free Software Radio - devroom - - <p>Spurred out of my need to write a fast decoder block and my seeming inability write presentable CPP code, we explore writing Rust bindings for GNU Radio block, and then implement a work function in the programmable logic of a Xilinx UltraScale+ FPGA.</p> - -<ul> -<li>Quick overview of the state of CPP &lt;-> Rust bindings</li> -<li>Overview of a decoder block implemented on the FPGA.</li> -</ul> - - <p>Spurred out of my need to write a fast decoder block and my seeming inability write presentable CPP code, we explore writing Rust bindings for GNU Radio block, and then implement a work function in the programmable logic of a Xilinx UltraScale+ FPGA.</p> - -<ul> -<li>Quick overview of the state of CPP &lt;-> Rust bindings</li> -<li>Overview of a decoder block implemented on the FPGA.</li> -</ul> - - - Brennan Ashton - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:30 - AW1.120 - sdr_grfec - Protect your bits: Introduction to gr-fec - A look into the error-correction capabilities of GNU Radio - Free Software Radio - devroom - - <p>In the 1940s, Shannon proved that we can transmit data error-free depending on rate and SNR. In practical radios, we need to employ forward error correction (FEC) to achieve those rates. GNU Radio has a built-in component to handle FEC, called gr-fec. After some basics of FEC, we will see how GNU Radio does this, and how it can be extended.</p> - - - Martin Braun - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:30 - AW1.120 - gr_scapy - GNU Radio meets Scapy - - Free Software Radio - devroom - - <p>Most GNU Radio modules focus on the physical layer and less on creating standard compliant data payloads. In this talk, we'll show how easy it is to combine GNU Radio implementations of WLAN and ZigBee with Scapy, a powerful interactive packet manipulation program. Using Scapy, we can quickly craft our own packets and poke at other stations (e.g., by sending deauths) or fuzzing its network stack (e.g, to test an IoT device).</p> - <p>Most GNU Radio modules focus on the physical layer and less on creating standard compliant data payloads. In this talk, we'll show how easy it is to combine GNU Radio implementations of WLAN and ZigBee with Scapy, a powerful interactive packet manipulation program. Using Scapy, we can quickly craft packets that encapsulate protocols from the whole network stack, including WLAN, ZigBee, and higher layers like IP and TCP. Thanks to GNU Radio's socket interface, we can forward these packets into the flow graph and send them out through our PHY. -With this setup, it becomes trivial to broadcast WLAN beacons, deauth WLAN devices, or even fuzz protocols by sending frames with randomized, not necessarily standard compliant data. The latter is possible, since Scapy allows to fill all fields of a protocol header that are not explicitly set with random data. This might trigger all kinds of interesting behavior.</p> - - Bastian Bloessl - - - Blog Post - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:45 - AW1.120 - gnuradio - GNU Radio in 2019: Facts and Plans - An overview of where GNU Radio is going this fine year - Free Software Radio - devroom - - <p>GNU Radio is one of the biggest and most widely adopted SDR framework in the free software world. In this talk, we will lay out how we intend to keep it going for the next year, and beyond.</p> - <p>GNU Radio is one of the biggest and most widely adopted SDR framework in the free software world. It's history is pretty interesting, and spans multiple decades at this point. However, we're far from being done! We will talk about how we intend to keep the samples flowing in 2019, and beyond.</p> - - Marcus Müller - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:45 - 00:45 - AW1.120 - sdr_libsigmf - libsigmf: Human Tools for Extra-Terrestrial and AI Radios - - Free Software Radio - devroom - - <p>This presentation will introduce libsigmf, a FOSS library providing C++ functionality and utilities for generating, using, and translating digital recordings of signals using the Signal Metadata Format (SigMF), itself a FOSS effort that was first publicly announced at FOSDEM'17. This talk will provide an introduction to SigMF and its design philosophy, sharing its strengths, current state, and intended usage patterns. It will then present details on libsigmf, which can be integrated and used in other projects, like GNU Radio, or directly via a C++ API. Finally, we will discuss the use of SigMF in machine learning, an application for which it is particularly well suited. Additionally, the 'Breakthrough Listen' project at the UC Berkeley SETI Research Center will share their use of libsigmf and the availability of SigMF datasets from 'Breakthrough Listen' radio telescope facilities.</p> - - - Ben Hilburn - Nathan West - - - SigMF - SETI - DeepSig - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - AW1.120 - sdr_makerspace - SDR Makerspace - sdrmaker.space - Free Software Radio - devroom - - <p>SDR Makerspace (https://sdrmaker.space) is a collaboration between the European Space Agency and Libre Space Foundation with the objective of bringing innovative open-source SDR technologies to space communications. Makers, open-source hackers, SDR enthusiasts, and researchers are brought together to work on small SDR hardware and software projects, focusing on rapid prototyping and development of reusable open-source SDR components for future CubeSat missions. In this presentation, we give an overview of the current activities and present the results achieved so far.</p> - <p>SDR Makerspace (https://sdrmaker.space) is a collaboration between the European Space Agency and Libre Space Foundation with the objective of bringing innovative open-source SDR technologies to space communications. Makers, open-source hackers, SDR enthusiasts, and researchers are brought together to work on small SDR hardware and software projects, focusing on rapid prototyping and development of reusable open-source SDR components for future CubeSat missions. In this presentation, we give an overview of the current activities and present the results achieved so far.</p> - - Alexandru Csete - - - SDR Makespace - Libre Space Foundation - SatNOGS - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - AW1.120 - sdr_dpd - Digital Predistortion - Implementation and Use - Free Software Radio - devroom - - <p>Digital Predistortion is a powerful but theoretically simple DSP technique for improving the output spectrum of radio. This talk introduces the subject through the underlying theory and GNU Radio flowgraphs.</p> - - - Derek Kozel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - AW1.120 - sdr_equinox - Equinox: A C++11 platform for realtime SDR applications - - Free Software Radio - devroom - - <p>Equinox: A C++11 platform for realtime SDR applications</p> - -<p>Equinox is a block programming platform suitable for SDR applications. It is written in C++11 and targets mainly realtime applications. To accomplish that, it exploits the flowgraph topology trying to optimize the scheduling of the different components and the data exchange between them. Using graph analysis algorithms and based on the available CPU cores, overheads like threading synchronization, as well as data dependencies or memory copies can be reduced.</p> - -<p>At the same time, the platform tries to provide such an abstraction so it can easily adapt on the application requirements. To do so, it provides an abstracted scheduling mechanism, that can be easily extended. Currently there are two available schedulers. A simplified one, trying to equally distribute the number of blocks into the available CPU cores and a more sophisticated one, using the spectral graph partitioning algorithm which targets the minimum data dependencies between different CPU cores. Both of them can be used based on a user defined configuration parameter, without altering the flowgraph. For the DSP, Equinox will utilize the liquid-dsp library, abstracted in a visual block programming way.</p> - -<p>As block programming platform, it provides a QT5 based GUI (equinox-ui) in order users to be able to develop their application with ease. The UI is responsible for generating the C++ source file and build system, so it can be then compiled and executed.</p> - -<p>The code is licensed under the GPLv3 license and is available at the https://gitlab.com/equinox-sdr repository.</p> - - - Manolis Surligas - - - Equinox Core repository - Equinox QT5 frontend - GNU Radio OOT module for delay comparison - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - AW1.120 - sdr_lte_testbed - An End-to-End LTE Testbed in Three Clicks - - Free Software Radio - devroom - - <p>After three years without active participation, this talk is going to look back at what happened to srsLTE since then, how it evolved from a flexible PHY library to 4G UE implementation, to a full eNB and finally to a complete open-source, end-to-end 4G testbed. We'll also discuss some of the currently ongoing activities and the exciting new features that are ahead of us.</p> - <p>After three years without active participation, this talk is going to look back at what happened to srsLTE since then, how it evolved from a flexible PHY library to 4G UE implementation, to a full eNB and finally to a complete open-source, end-to-end 4G testbed. We'll also discuss some of the currently ongoing activities and the exciting new features that are ahead of us.</p> - - Andre Puschmann - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - AW1.120 - sdr_gps - Spoofing GPS - is it really the time we think it is, and are we really where we think we are ? - Free Software Radio - devroom - - <p>Global Navigation Satellite System (GNSS) positioning has become ubiquitous in many daily activities, with the Global Positioning System (GPS) being the most common source of signals. Having analyzed earlier the reception and decoding of such signals, we now address the issue of signal spoofing, and develop some of the requirements on the emitted signal power and stability to efficiently spoof single frequency GPS receivers, whether in mobile phones, cars or UAV.</p> - <p>Initially designed as a military positioning system (NAVSTAR &amp; GLONASS), Global Navigation Satellite Systems (GNSS) and the Global Positioning System (GPS) in particular have become ubiquitous to mostly everyone's life. Before being a localization system through triangulation of the signals received from the satellite constellation, GNSS is based on time transfer. As such, it is used in multiple industrial applications requiring time-synchronization, whether for communication (mobile phone basestations), trading (stock exchange), or distributed sensor timestamping: a British study [1] estimates at 1 billion pounds (aka euros) per day the cost of GNSS disruption (jamming), not to mention the impact of spoofing in which the user might not even be aware that a false signal is being received. While GNSS spoofing, requiring multi-MHz bandwidth around a carrier frequency of 1575.42 MHz, used to be restricted to well funded organizations, the advent of Software Defined Radio (SDR) emitters opens the opportunity for any motivated developer to create a spoofing device. We here demonstrate the use of Analog Device's PlutoSDR for such a purpose, the need for an accurate local oscillator, the impact of the local oscillator frequency on the short term (phase noise) and long term (Allan deviation) frequency stability of the output signal, the capability to move mobile phones, cars and even high grade (UBlox) receivers to any location assuming a few conditions are met (emitting signals mimicking the same satellites as those seen at a given time by the receiver, meaning not too far in space or time with respect to the real signal). Finally, we demonstrate shifting the timing output of high-grade receivers (1 PPS) by introducing erroneous time offsets in the messages transmitted by the spoofing signal. We conclude with mitigation strategies, excluding multi-constellations approaches which are only a matter of better spoofing capability, but focusing on physical signal characteristics hardly spoofed from a single ground based emitter.</p> - -<p>[1] https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment<em>data/file/619544/17.3254</em>Economic<em>impact</em>to<em>UK</em>of<em>a</em>disruption<em>to</em>GNSS<em>-</em>Full_Report.pdf</p> - - Jean-Michel Friedt - - - article for MISC [French] - proceeding for FOSDEM [English] - slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - AW1.120 - sdr_dwingeloo - The Dwingeloo radio telescope goes SDR - - Free Software Radio - devroom - - <p>The Dwingeloo radio telescope is a historic instrument in the Netherlands. At its opening in 1956, the 25m dish was the largest fully steerable radio telescope in the world. These days it is run by a group of volunteers, who have restored and rejuvenated the instrument. It is used for radio astronomy and amateur radio, but also for outreach and art projects, to name a few of our activities.</p> - -<p>We perform observations of pulsars, the hydrogen line of our own Milky Way and other galaxies, have a SETI project, and have recently participated in our first VLBI observation. We are increasingly using Software Defined Radio and in particular GNU Radio to perform our measurements. This allows for rapid development of new signal processing chains, and a lot of flexibility in how we process the incoming data.</p> - -<p>In this presentation I will present some of the signal processing that is useful for radio astronomy, the flowcharts we have developed, and the astronomical results that we obtain with them.</p> - <p>Contents:</p> - -<ul> -<li><p>Very short introduction to Radio Astronomy</p></li> -<li><p>The Dwingeloo Telescope and CAMRAS</p></li> -<li><p>Pre GNU Radio: a home-built FPGA based astronomy backend / SDR</p></li> -<li><p>Receiving Pulsars</p></li> -<li><p>The Hydrogen Line</p></li> -<li><p>Receiving GPS</p></li> -<li><p>Teaching the backend to speak to GR</p></li> -<li><p>Spectrum recording and WOLA</p></li> -<li><p>Pulsars, again</p></li> -<li><p>DSLWP-B</p></li> -<li><p>SETI</p></li> -<li><p>White Rabbit</p></li> -<li><p>VLBI</p></li> -</ul> - - - Paul Boven - - - CAMRAS volunteer organisation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - AW1.120 - sdr_em_sidechannel_attacks - Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks - - Free Software Radio - devroom - - <p>Electromagnetic (EM) side-channel attacks exploit the EM radiation that inherently leaks from electronic systems during various computations. Patterns in the amplitude or frequency of this radiation can be analyzed to break even theoretically secure cryptographic algorithms such as RSA and AES. In this presentation, we will cover the various challenges involved with successfully performing EM side-channel attacks using relatively low-cost Software Defined Radios (SDRs) and EM probes. More concretely, we will discuss the measurement setup, trace capture process, trace alignment / filtering, and Correlation Electromagnetic Attack (CEMA) for a scenario in which an Arduino Duemilanove is executing a software AES algorithm with an unknown key. Finally, we will see how artificial neural networks can be used to reduce the complexity of performing successful EM side-channel attacks.</p> - <p>In present-day communications systems, cryptographic algorithms (ciphers) provide confidentiality and integrity of data through secret pieces of information (i.e. shared or private keys) known only to the communicating parties. However, as shown in numerous previous works, measuring the physical properties of hardware during executions of a cipher can reveal information about its current state. When sufficient information leaks through these so-called "side-channels", an adversary can compute the key. In this presentation, we will examine the EM side channel, which originates from electromagnetic radiation leaking from a device.</p> - -<p>Performing EM side-channel attacks used to require rather expensive oscilloscopes with high sample rate ADCs. With the advent of inexpensive SDRs such as the RTL-SDR and advances in AI, the bar to perform such attacks has been adequately lowered. We will learn how to use the open-source ElectroMagnetic Mining Array (EMMA) tool to capture leakages emanated by an Arduino Duemilanove during the execution of an AES encryption operation. Next, a standard CEMA attack will be performed. This attack correlates the measured amplitude of a signal with the hamming weight of part of the key in order to determine which key was used during the execution of the cipher. Finally, we will examine applications of neural networks to side-channel analysis. Both traditional deep Convolutional Neural Networks (CNNs) as well as a novel "correlation optimization" (CO) method using shallow neural networks will be discussed.</p> - - Pieter Robyns - - - EMMA Github repository - Training set used for the example shown in the presentation - Test set used for the example shown in the presentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - AW1.120 - sdr_meteorm2n - Decoding Meteor-M2: QPSK, Viterbi, Reed Solomon and JPEG - from IQ coefficients to images, analysis of digital weather satellite transmissions - Free Software Radio - devroom - - <p>A low cost, digital video broadcast-terrestrial (DVB-T) receiver is used to collect radiofrequency signals emitted from the low Earth orbiting Russian satellite Meteor-M2. The QPSK encoded signal is analyzed all the way from extracting bit values, to recovering the JPEG encoded image transmitted from the satellite. This investigation is an opportunity to experimentally assess all the layers of digital communication widely used from Deep Space communication to daily mobile phone communication, including Viterbi encoding, Reed Solomon error correction, and JPEG image display.</p> - <p>Few members of the audience might have any interest in the details of Meteor M2 weather satellite transmissions. However, tackling the reception of this digital weather satellite opens the opportunity to address most if not all the layers of the OSI model, from the physical layer by collecting the radiofrequency signal using a cost-effective DVB-T receiver acting as a general purpose software defined radio signal source, to the data link layer with the various error correction schemes implemented to address the corruption introduced by the noisy radiofrequency communication channel (Viterbi, Reed Solomon) and the network layer with the frame encoding including telemetry and, of course, the payload as a digital picture. The latter is encoded in JPEG format, adding more abstractions with the lossy compression to be reverted to display greyscale images representative of the atmosphere and ground reflectivity in the various wavelengths monitored by Meteor M2. This decoding path matches most recent space-borne signal transmissions, as documented by the Consultative Committee for Space Data Systems (CCSDS [1]), and despite extensive documentation available online, a practical demonstration of the various decoding steps helps understanding the many documents over which the information is spread.</p> - -<p>[1] https://public.ccsds.org/Publications/BlueBooks.aspx</p> - - Jean-Michel Friedt - - - article summarizing the results - slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - AW1.120 - sdr_flush - Flushing the Delay Line - Closing out the Free Software Radio Devroom - Free Software Radio - devroom - - <p>We will block off the last minutes of the Free Software Radio devroom to close out, allow for last-minute ideas, tidy up, and be on time for the closing talk.</p> - - - - - Submit feedback - - - - - - 09:00 - 00:45 - AW1.121 - world_of_sel4 - What's new in the world of seL4 - - Microkernels and Component-based OS - devroom - - <p>This talk will cover the developments of and around seL4 over the past 4 years, covering new and improved functionality for supporting mixed-criticality real-time systems, status and future of its formal verification, an overview of past and future deployments, and an assessment of the state of seL4's open-source ecosystem.</p> - <p>seL4 is the world's first (and still only real-world suitable) operating system (OS) kernel with a machine-checked, formal (mathematical) proof of implementation correctness. It has further proofs of security enforcement (the CIA properties of confidentiality, integrity and availability). It is also, the only protected-mode OS (as far as the open literature goes) with a complete and sound worst-case execution-time analysis, the key to supporting hard real-time applications.</p> - -<p>Much has happened since I last talked about seL4 at FOSDEM 4 years ago, half a year after it had been open-sourced (GPL). In the meantime it has flown a full-size helicopter in autonomous mode while withstanding a cyber-attack (which easily succeeded when the chopper was running on Linux), driven autonomous trucks, and flown in space. It's in commercially developed security-critical systems in use in multiple defence forces and is making its way into commercial safety-critical systems.</p> - -<p>Arguably, seL4's greatest weakness is a spartanic development environment and a paucity of components running on top, at the moment it's mostly BYO Ethernet driver and file system. We, the developers at Data61 have to accept some blame for that: we weren't sufficiently proactive in encouraging community contributions. Note that this was not because we don't want them, but simply because we were too busy.</p> - -<p>We're in the process of changing that, in collaboration with the DARPA-funded US seL4 Center of Excellence, which is focussed on providing open-source tools and components on top of se4, but also provide development services to commercial users. On our end we are working on better documenting what is there, and what is maintained and by whom. We hope to encourage people to adopt existing userland components/tools and contribute further ones. A major enabler of this is a device-driver framework that defines driver interfaces and protocols. We hope to release this soon. The DARPA-sponsored first seL4 Summit held in Washington in Nov'18 with 140 attendees demonstrated the growing ecosystem and user base, including companies building frameworks for medical devices and autonomous vehicles. I hope this talk will also help to build the community.</p> - -<p>On the research side, seL4 has made great progress in the past 4 years. It has been enhanced by a new scheduling model with capability-based control over time, arguably the first and only OS with a principled treatment of time as a resource, and the first able to support mixed-criticality real-time systems without sacrificing utilisation. This enhancement is presently undergoing verification, and lives in the MCS branch until verification is completed, after which it will become the mainline version.</p> - -<p>The kernel's correctness and security proofs have grown to about 1 million lines (all open source) and have been maintained over ten years of evolution of the code base, now also including functional correctness on the x86 architecture. A RISC-V port is available and is undergoing formal verification as well. This is by far the larges, maintained proof base in the world, and has led to the new discipline of proof engineering to manage maintenance and evolution.</p> - -<p>There is further work on pushing the mathematical guarantees into userland, especially the CAmkES component architecture and the Cogent language system, aimed at producing systems components (drivers, file systems, network stacks) that can be verified at a cost that is not far from that of traditional quality-assurance processes. Both frameworks are also open source (tools are GPLed while libraries are BSD). CAmkES is mature and in routine use for building secure systems, Cogent is still rapidly evolving, but is increasingly used by externals.</p> - -<p>Finally we are working on ways for preventing information leakage through timing channels, considered an unsolvable problem by most.</p> - - Gernot Heiser - - - seL4 home page - seL4 research page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:55 - 00:35 - AW1.121 - microkernel_virtualization - Microkernel virtualization under one roof - Dare the impossible - Microkernels and Component-based OS - devroom - - <p>Today's off-the-shell virtualization solution is ridden with complexity. Application of virtualization call for trustworthy solutions. Complexity defeats trust.</p> - -<p>Microkernels with virtualization extensions and user-level VMMs on top are a approach to mitigate complexity. Modern microkernels like seL4, the NOVA microhypervisor, Genode's -hw- kernel or Fiasco.OC are such promising candidates. Fortunately and unfortunately, the diversity come with fragmentation of the small microkernel community. There are several VMMs for each platform tight to a specific microkernel, rendering it unusable across various kernels.</p> - -<p>Genode supports several kernels already, so that unification of virtualization interfaces for VMMs across kernels seem to come into reach. Does it ? The talk will cover the venture and current state of harmonization hardware-assisted virtualization interfaces to fit into the Genode OS framework.</p> - - - Alexander Boettcher - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:40 - 00:20 - AW1.121 - roadmap_for_the_hurd - A roadmap for the Hurd? - - Microkernels and Component-based OS - devroom - - <p>Most people don't realize it, but the Hurd system is actually well -established. About 75% of Debian official packages do build fine, it -has mainstream gcc/glibc/llvm support, go and rust ports are ongoing, it can be -installed with the Debian installer and GuixSD and Arch ports are ongoing...</p> - -<p>Yet not so much has been happening within the Hurd itself in the past couple of years. We have notably added -a PCI arbiter, which allows for both flexible and safe PCI access for end users, -and some basic ACPI support is ongoing. But many exciting features could be -achieved with a bit of work.</p> - -<p>This talk will discuss some of these promising features, to give a sort of ideas -roadmap for contributions. Some have implementation sketches which just need to be polished to -be more production-ready, such as httpfs, mboxfs, or writing translators in -more high-level languages than C. Other features are at early stage, such as -adding sound support through rump, getting complete rid of disk drivers from the -kernel by moving them to userland, or also getting valgrind support. I will also -discuss some promising ideas, such as using rump to get support for more -filesystems.</p> - - - Samuel Thibault - - - http://hurd.gnu.org/ - http://www.debian.org/ports/hurd/ - Video recording (MP4) - Video recording (WebM) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:10 - 00:45 - AW1.121 - microkernel_written_in_rust - A microkernel written in Rust: Porting the UNIX-like Redox OS to Armv8 - A case study of Rust as a language for writing microkernel based compositions - Microkernels and Component-based OS - devroom - - <p>This talk is about my experiences porting the Rust language based Redox OS stack to the Arm v8 architecture. The talk uses this theme to discuss the general importance of microkernel architecture in safety critical domains, the trends I've seen in safety themed system design - especially around the Arm architecture, the viability of the Rust language for safety themed system software construction and the design of the Redox OS stack - a stack written in Rust on top of the Redox microkernel.</p> - <p>I work at Arm on safety critical software architecture. My area of interest is at the intersection of operating system architecture, safety focused programming models and safety themed extensions to the Arm architecture.</p> - -<p>Microkernels are a justifiably popular design choice in safety critical domains with most of the dominant OS' in the proprietary realm being microkernel implementations.</p> - -<p>Rust is a modern systems programming language with features that assist with safe software development. Rust focuses on memory safety, especially in concurrent execution scenarios and presents functional and imperative design patterns - traditionally the domain of very high level interpreted languages - in an accessible form to system software programmers.</p> - -<p>The Redox OS is a UNIX like operating system with a microkernel core - all written in Rust.</p> - -<p>With version 8 of the Arm architecture, Arm became 64-bit capable. The Arm architecture has continued to evolve with new safety and security themed extensions being added such as hardware support for memory tagging, pointer authentication and others.</p> - -<p>I wanted to test the claims made by the Rust language community about the safety centric properties of Rust. I also wanted to explore how microkernel design can leverage the evolving Arm architecture.</p> - -<p>Porting Redox OS to Arm v8 presented me with an opportunity to explore all of the above.</p> - -<p>In this talk, I would like to share my experiences of the above while describing the design of Redox OS.</p> - - Robin Randhawa - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:05 - 00:45 - AW1.121 - l4re_composition - Hands-on composition of basic L4Re components - - Microkernels and Component-based OS - devroom - - <p>L4Re is an operating system framework for building systems with real-time, security, safety and virtualization requirements. It consists of the L4Re hypervisor/kernel and a user-level infrastructure that includes basic services such as program loading and memory management. L4Re also provides the environment for applications, including libraries and process-local functionality. L4Re has been released in the form of open source snapshots and also an increasing number of L4Re components has been published on GitHub. This talk will show how some of them can be composed together to create a functional microkernel-based system.</p> - - - Jakub Jermář - - - https://l4re.org - https://github.com/kernkonzept - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:35 - AW1.121 - unikraft_made_easy - Unikraft: Unikernels Made Easy - - Microkernels and Component-based OS - devroom - - <p>Highly specialized Unikernels are still terrible to develop and maintain. Applications have to be ported manually to non-standard OSes before gaining from impressive benefits, like superb performance, great isolation, and a small trusted compute base. Unikernels can be instantiated in tens of milliseconds or less. They are tiny with low memory footprints of a few MBs or even KBs. They can achieve high network throughput of 10-40 Gb/s with a single CPU core and they enable running thousands of concurrent instances.</p> - -<p>We are going to present the Xen Project/Linux Foundation's open source Unikraft project. Its high level goal is to provide an automated tool to build unikernels without requiring the time-consuming, expert work as today. In addition, Unikraft targets support for multiple "platforms": Xen, KVM, containers and bare-metal. Images are automatically produced for multiple of these platforms without requiring any additional time from users.</p> - <p>We have spent quite a bit of our time over the last years developing unikernels – highly specialized virtual machine images targeting specific applications. We have been particularly interested in them since because of their fantastic performance benefits: tiny memory footprints (hundreds of KBs or a few MBs), boot times comparable to those of processes, and small migration times, to name a few metrics.</p> - -<p>Despite the fact that this work and work from several others is proof of their potential, unikernels have yet to see massive adoption. One of the main showstoppers is development time: for instance, developing Minipython [4], a MicroPython unikernel, took the better part of 3 months to put together and test. ClickOS [5], a unikernel for NFV, was the result of a couple of years of work. What’s particularly bad about this development model besides the considerable time spent is that each unikernel was basically a “throwaway”: every time we wanted to create a new unikernel targeting a different application, we would start more or less from scratch. This comes from the fact that each application has different OS dependencies and benefit from different optimizations and specializations of these layers.</p> - -<p>One year ago, we started Unikraft as an open source incubator project under the umbrella of the Xen Project and the Linux Foundation. Our goal is to build a common pool of decomposed OS functionalities, called libraries, where various Unikernel projects can share implementations and optimizations with others. We started with initial and elementary pieces like schedulers, memory allocators, an VFS layer, network stacks and the pool is growing. The project provides Unikernel builders a menu where these libraries can be picked and configured. Unikraft's build system quickly and automatically creates images tailored to the needs of their specific applications. The users can choose multiple target platforms (e.g., Xen, KVM, containers, bare metal) without having to do additional work for each of them.</p> - -<p>In this talk we introduce the concept of specialized Unikernels, give an overview of the Unikraft open source project, and show a live demo to the audience.</p> - - Simon Kuenzer - - - Sources - Webpage - Documentation - Wiki (search for Unikraft) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:45 - 00:35 - AW1.121 - hardware_software_co_design - Hardware/Software Co-Design for Efficient Microkernel Execution - - Microkernels and Component-based OS - devroom - - <p>While the performance overhead of IPC in microkernel multiserver operating systems is no longer considered a blocker for their practical deployment (thanks to many optimization ideas that have been proposed and implemented over the years), it is undeniable that the overhead still does exist and the more fine-grained the architecture of the operating system is (which is desirable from the reliability, dependability, safety and security point of view), the more severe performance penalties due to the IPC overhead it suffers. A closely related issue is the overhead of handing hardware interrupts in user space device drivers. This talk discusses some specific hardware/software co-design ideas to improve the performance of microkernel multiserver operating systems.</p> - <p>One reason for the IPC overhead is the fact that current hardware and CPUs were never designed with microkernel multiserver operating systems in mind, but they were rather fitted for the traditional monolithic operating systems. This calls for an out-of-the-box thinking while designing instruction set architecture (ISA) extensions and other hardware features that would support (a) efficient communication between isolated virtual address spaces using synchronous and asynchronous IPC primitives, and (b) treating object references (e.g. capability references) as first-class entities on the hardware level. A good testbed for evaluating such approaches (with the potential to be eventually adopted as industry standard) is the still unspecified RV128 ISA (128-bit variant of RISC-V).</p> - -<p>This talk discusses some specific hardware/software co-design ideas to improve the performance of microkernel multiserver operating systems.</p> - - Martin Děcký - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:45 - AW1.121 - solo5_unikernels - Solo5: A sandboxed, re-targetable execution environment for unikernels - A {unikernel,kernel} is just a {process,hypervisor} in disguise - Microkernels and Component-based OS - devroom - - <p><a href="https://github.com/Solo5/solo5">Solo5</a> is a microkernel friendly, sandboxed, re-targetable execution -environment for unikernels, with a taste for minimalism. We will start with -an overview of core Solo5 concepts and present the interfaces it offers to -the unikernel/library operating system/application developer. Using -existing library operating systems, such as <a href="https://mirage.io">MirageOS</a>, we will demonstrate -the developer experience for various Solo5 targets, going on to show how -rigorously applying minimalist principles to interface design is used to -our advantage, blurring traditional lines between unikernels, processes, -kernels and hypervisors. We will conclude with some lessons learned during -development of Solo5 thus far, and present ideas and challenges for future -development.</p> - -<p>The target audiences for this talk are application developers with an -interest in operating systems and unikernels, language runtime and -toolchain developers interested in porting their language to a unikernel -environment such as Solo5, and operating systems developers in general. No -{uni,micro,separation,monolithic,}kernels or hypervisors will be harmed -during this talk.</p> - - - Martin Lucina - Ricardo Koller - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:25 - 00:30 - AW1.121 - microkernel_lightning_talks - AMENDMENT Microkernel lightning talks - - Microkernels and Component-based OS - devroom - - <p>Due to a cancellation, the Microkernel devroom will offer a lightning talk session in the field of Microkernels, Unikernels, and component based systems on Sunday from 15:25-15:55. Feel free to offer proposals.</p> - -<p>Current proposals:</p> - -<p>15:25 - 15:45 Norman Feske - Genode's Sculpt OS - A general purpose microkernel based OS in daily use</p> - -<p>15:45 - 16:00 Jakub Jermar - What is new in HelenOS</p> - -<p>Please note this session replaces Jiří Svoboda's talk "Evolution of file system and disk management in HelenOS" due to illness. We wish him a speedy recovery.</p> - - - Jakub Jermář - Norman Feske - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:25 - AW1.121 - os_external_interrupts - Operating System hardening : Dealing with external interrupts - - Microkernels and Component-based OS - devroom - - <p>We are modifying the Nova hypervisor to protect the operating system it hosts, against frequent transient faults resulting from cosmic radiations or manufacturing defects in the CPU. -The method relies on the CPU internal exceptions management mechanisms, redundancy of execution and the machine check architecture. -Here we will present how to deal with external interrupts, that is one of the challenges faced when it comes to execute short sequences of operating system's instructions twice.</p> - - - Tokponnon Parfait - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:35 - 00:25 - AW1.121 - meltre_specdown - The impact of Meltre and Specdown on microkernel systems (*) - (*) Deliberate misspelling of Meltdown and Spectre - Microkernels and Component-based OS - devroom - - <p>It has been one year since the first security bugs in modern out-of-order CPUs -were discovered. These bugs broke the fundamental mechanisms and assumptions -that were used to build operating systems.</p> - -<p>In this talk we look at how these bugs affected the L4Re operating system. We -will present some of the mitigations that were implemented and show the -performance impact. We also discuss whether microkernel systems in general did -fare better in dealing with this new class of security bugs.</p> - - - Matthias Lange - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:25 - AW1.125 - gnucap - Gnucap -- The GNU circuit analysis package - Architecture, Algorithms and Applications - CAD and Open Hardware - devroom - - <p>Digital vs analog simulation and in between, principles of fast spice algorithms, how Gnucap does it. Possible simulator architectures, monolithic vs modular. Relevant implementation details and benefits will be highlighted.</p> - -<p>Recent applications will be presented, including Gnucsator, Gnucap-Python. Gnucsator provides the component library needed to replace the simulator behind the QUCS project. Gnucap-Python builds the bridge between component modelling, circuit simulation and scientific software packages available from Python scripts. Examples include parametric optimisation (nlopt) and transfer function analysis (scipy).</p> - - - Felix Salfelder - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:30 - 00:25 - AW1.125 - ngspice - ngspice, current status and future developments - - CAD and Open Hardware - devroom - - <p>The talk will review the current status of ngspice, the open source spice simulator for electric circuits. -After some years of quiet development, with release of ngspice-27 in 2017 we have accelerated the pace for development. Major activities have been around compatibility, code stability and features for enhanced applicability.</p> - <p>After some years of quiet development, with release of ngspice-27 in 2017 we have accelerated the pace for development of ngspice. Major activities have been around compatibility, towards PSPICE, to serve users by enabling discrete circuit simulation with vendor device models. ngspiceas well read HSPICE compaitible commercial PDKs for IC simulation.</p> - -<p>ngspice may be compiled into three variants on most operating systems. Standard is the executable with console or file input and output via plots and data saved to file. Shared ngspice is a shared library without user interface. All data may be transferred over the api of the library, so a master program may get full control over the simulator. A third variant is tclspice, a shared library with tcl/tk interface. The talk will give a comparison of the three variants, with usgae examples.</p> - -<p>ngspice provides full analog simulation capability, but also contains a digital event simulator by integration of XSPICE. Its status will be reviewd.</p> - -<p>Short term future activites are planned towards full UNICODE support by applying utf-8 throughout the simulator, a better integration of XSPICE and an update to adms for supporting recent MOS or bipolar device models.</p> - - Holger Vogt - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:25 - AW1.125 - openems - openEMS - An Introduction and Overview - Using an EM field solver to design antennas and PCBs - CAD and Open Hardware - devroom - - <p>openEMS is an electromagnetic field solver using the FDTD method. The tool can be used to design and understand the electromagnetic behavior of antennas, filters, PCBs and more. It has an Octave (or Matlab) and Python interface to setup and analyze the simulation model. This allows for a great flexibility and the possibility to integrate or interface to other software.</p> - -<p>The talk will give a short introduction into the FDTD method and for which cases it is suitable, which features it offers, how to get started using the tool and which interfaces to other software already exist.</p> - - - Thorsten Liebig - - - openEMS Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:25 - AW1.125 - trellis_and_nextpnr - Project Trellis and nextpnr - FOSS FPGA flow for the Lattice ECP5 - CAD and Open Hardware - devroom - - <p>Following on from Project Icestorm; Project Trellis has created bitstream documentation for the substantially larger Lattice ECP5 FPGAs. This has been combined with a new multi-architecture FOSS place-and-route tool, nextpnr, and the existing Yosys Verilog synthesis tool to build a fully-FOSS FPGA flow for these parts; capable of building advanced designs including SoCs running Linux! This talk will include an overview of the flow for developers and end users alike; as well as how you can contribute to the FOSS FPGA ecosystem.</p> - - - David Shah - - - Project Trellis - nextpnr - Yosys - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - AW1.125 - epfl_logic_synthesis - Design Automation in Wonderland - The EPFL Logic Synthesis Libraries - CAD and Open Hardware - devroom - - <p>The EPFL logic synthesis libraries are a collection of open source C++ libraries for the development of logic synthesis applications. Today, there are six libraries focused on classical computing: alice, easy, kitty, lorina, mockturtle and percy. All libraries are well documented and tested. Furthermore, being header-only, the libraries can be readily used as core components in complex design automation systems, e.g., Yosys.</p> - -<p>In this talk, I will demonstrate how simple it is to compose these libraries to create a personalized synthesis tool capable of reading a Verilog description of a circuit, building a logic network out of it, optimizing the logic network, and then map it to lookup tables of six inputs (LUT6).</p> - -<p>The libraries: - - The alice library is a lightweight wrapper for shell interfaces, which is the typical user interface for most design automation applications. It includes a Python interface to support scripting. - - The lorina library is a parsing library for simple CAD file formats. - - The kitty library is a truth table library for explicit representation and manipulation of Boolean functions. - - The mockturtle library implements several logic network representations and logic optimization algorithms. - - percy is an exact synthesis library with multiple engines to find optimum logic networks.</p> - - - Bruno Schmitt - - - EPFL Logic Synthesis Libraries (Showcase) - alice: C++ command shell library - lorina: C++ parsing library - kitty: C++ truth table library - mockturtle: C++ logic network library - percy: C++ exact synthesis library - easy: C++ ESOP library - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:10 - AW1.125 - virtual_prototyping - Open source virtual prototyping for faster hardware and software co-design - Make your hardware / software development Agile - CAD and Open Hardware - devroom - - <p>Co-designing hardware and software is a long and iterative process specific to embedded system design. Mainly driven by hardware prototype iterations, it makes project time and cost hard to forecast. -While software modifications can be done in a modular and non-destructive way, reworking on hardware implies production of new prototypes. Moreover, software optimizations being strongly hardware-dependent, the software development could remain idle during hardware re-prototyping. This uncertainty on time and cost makes embedded systems projects hard to fund. In the end, ambitious projects are mostly reserved to large companies. -Hardware simulation and virtual prototyping contributes to solve this issue. A virtual prototype consists in a software application representing the system's hardware behavior, allowing system's software to be directly executed without the real hardware. Once available, a virtual prototype reduces embedded system time-to-market and development cost. -However, virtual prototype development cost makes them inaccessible. Hardware simulation leverages models which are hard to find and which interoperability is lacking. Each company should invest and maintain its own virtual prototyping solution. That is why in Hiventive, we believe that the emergence of an open source, unified, normalized hardware and software ecosystem leveraging state-of-the-art virtual prototyping technologies and methodologies is necessary to boost and widely generalize the use of virtual prototypes. Thus, we will present our innovative open source collection of solutions to enable and empower virtual prototyping for everyone.</p> - - - Guillaume Delbergue - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:45 - 00:10 - AW1.125 - chips4makers - Lesson learned from Retro-uC and search for ideal HDL for open source silicon - - CAD and Open Hardware - devroom - - <p>The <a href="https://www.crowdsupply.com/chips4makers/retro-uc">Retro-uC</a> was a crowdfunding campaign for an open source silicon project. One of the reasons the campaign did not attract enough people was a lack of enough attractive features. The feature set was kept minimal to allow a first time right chip production. -The choice of <a href="https://en.wikipedia.org/wiki/Hardware_description_language">HDL</a> is important to allow to implement more features with enough productivity and without increasing the risk of having buggy silicon. As will be presented, the venerable VHDL and Verilog RTL languages are not considered ideal for this purpose. In the quick talk an overview of pros and cons of some HDL investigated for further development will be presented.</p> - - - Staf Verhaegen - - - Background information on the Retro-uC - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - AW1.125 - fritzing - Fritzing - the past, the present and the future - Paving the way for Fritzing's development - CAD and Open Hardware - devroom - - <p>Making electronics accessible to the broad public was mainly made possible by Arduino, the Raspberry PI and last but not least Fritzing. Back in 2009 it was a pain to get from a loose wiring on a breadboard to a PCB. Fritzing came up first with a unique breadboard view and a simple to use PCB layout. -Fast forward 10 years Fritzing is still widely used by over 200.000 users but struggles to find a sustainable way to fund its development.</p> - -<p>This talk will give a rough introduction to Fritzing including its strength and weaknesses and introduce a roadmap for its further development.</p> - <p>TBD</p> - - Patrick Franken - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - AW1.125 - kicad - KiCad Project Status - Everything you wanted to know about the state of the KiCad project. - CAD and Open Hardware - devroom - - <p>A state-of-the-union talk by KiCad's project leader.</p> - - - Wayne Stambaugh - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:10 - AW1.125 - pcb_inkscape - Drawing PCBs with Inkscape - Creating printed circuit board designs using Inkscape, SVG2Shenzhen and KiCad - CAD and Open Hardware - devroom - - <p>A quick introduction to using the vector drawing tool Inkscape with the SVG2Shenzhen plugin to turn arbitrary drawings into PCB design layers in KiCad. No previous knowledge of PCB design, electronics or Inkscape required.</p> - - - Kaspar Emanuel - - - SVG2Shenzhen - Support Badgeek on Patreon - (slides) - Example project from the talk - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:15 - 00:10 - AW1.125 - kitspace_bom_builder - The Kitspace BOM Builder - Create bills of materials and buy parts with the information you need at your fingertips - CAD and Open Hardware - devroom - - <p>The Kitspace BOM builder is a tool that tries to make it easy and fun to select parts for your electronics project by giving you all the information you need and automating everything that can be automated. This talk covers what it does, how to use it and how it is built.</p> - - - Kaspar Emanuel - - - Kitspace - BOM Builder - (slides) - Support Kitspace on OpenCollective - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - AW1.125 - horizon - horizon EDA - what's new - - CAD and Open Hardware - devroom - - <p>Horizon is a from-scratch EDA package with focus on useful parts management and rule-driven design. It has already proven it's suitability for medium-complexity projects in the board design for my master thesis.</p> - <p>This talk covers my motivation for starting a new EDA package in 2016 and the main ideas behind horizon as well as some unique features. I'll also go into my short- and long-term plans for the project.</p> - - Lukas Kramer - - - github project - x-band transmitter created in horizon EDA - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - AW1.125 - idea_to_prototype - From the idea to the prototype using FLOSS - - CAD and Open Hardware - devroom - - <p>Now that Arduino, Raspeberry Pi &amp; other development boards are widely available, anyone can envision creating an intelligent and/or connected object. But which tools do the FLOSS community provide to help us in this kind of project ?</p> - <p>Any IoT project will generally start with "off-the-shelf" modules, but as soon as things become serious, it will be important to integrate all of the electronics into a single "HAT" or "shield", and finally build a fancy case to hold it all. This will require using electronics development tools, as well as mechanical design software, before finally coding the embedded software.</p> - -<p>This talk will walk you through an example workflow, which will help you bring your ideas to the real world. Along with a few tips &amp; tricks, we will introduce a range of "libre" EDA and CAD software that can be used to assist you during the design and implementation of your project.</p> - - Arnaud Ferraris - - - OpenSCAD - FreeCAD - Qucs - Ngspice - JSchem - KiCAD EDA - Fritzing - Horizon EDA - gEDA - Visolate - PCB Shopper - LibreCAD - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - AW1.125 - guide_to_oshw - The Software Developer’s Guide to Open Source Hardware - - CAD and Open Hardware - devroom - - <p>The popularity of the open source hardware movement and IoT is constantly increasing. But is it worth making open source hardware using expensive proprietary software? Of course not!</p> - -<p>In this presentation Leon Anavi will share his experience in developing IoT by designing printed circuit boards (PCB) with the free and open source EDA tool KiCAD, the open source hardware certification program of OSHWA, crowdfunding opportunities for low volume manufacturing and open source success stories for building a community. Practical examples based on the certified open source hardware development boards ANAVI Light Controller and ANAVI Thermometer will be provided. The talk also contains information about open source hardware licenses, KiCAD getting started guidelines, tips and tricks for avoiding common mistakes.</p> - -<p>Always take with a pinch of salt anything that a software engineer like Leon says about hardware and in the same time have in mind that if he can do it, anyone can! Hopefully the talk will encourage more people to use KiCAD, join the open source hardware movement and certify their open source devices at OSHWA.</p> - <p>With the advance of free and open source technologies, designing printed circuit boards became more affordable and easy. Makers can cross boundaries and integrate together free and open source software with open source hardware. -This presentation will provide several showcases of certified open source hardware Internet of Things developed as hobby projects by Leon Anavi and will share his first steps as a software engineer to using KiCAD for making his own printed circuit boards. Tips and tricks for avoiding common mistakes and recommendations for low volume manufacturing will be shared. -For any open source project the commonly is always on first place. ANAVI Light Controller and ANAVI Thermometer are a couple of example for n entirely open source project that combines open source hardware with free and open source software. Both are made in Plovdiv, Bulgaria, certified by OSHWA as open source hardware devices and powered by ESP8266 (BG000005 and BG000017). Firmware written as an Arduino sketch allows easily to connect to a WiFi network and through the machine-to-machine protocol MQTT to the popular open source automation platform Home Assistant. The acrylic cases for both devices are designed with another open source tool – OpenSCAD. -The fully open source nature of the projects quick attracted contributors. In just a couple of months, following a successful crowdfunding campaign at Crowd Supply, several people started to contribute to the sofware and hardware repositories of ANAVI Light Controller in GitHub. Furthermore the project inspired other people to develop their own open source boards based on similar design such as esp01-i2c-little-board by Nicolas Vion. -The presentation is appropriate for beginners. No previous experience is required. Hopefully the talk will attract a wide range of professionals, hobbyists and students and will encourage them to use free and open source software for developing open source hardware. Furthermore the presentation will reveal the benefits of the open source hardware certification program by OSHWA.</p> - - Leon Anavi - - - ANAVI Light Controller (KiCAD project) - Arduino sketch for ANAVI Light Controller - ANAVI Thermometer (KiCAD project) - Arduino sketch for ANAVI Thermometer - Crowd Supply - KiCAD - Open Source Hardware Association - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - AW1.125 - pocket_science_lab - Pocket Science Lab - An Open Source Hardware for Electronics Teaching & Learning - - CAD and Open Hardware - devroom - - <p>The hardware comes with a firmware, desktop app, android app - all open source. This tiny pocket lab provides an array of sensors for doing science and engineering experiments. It comes with functions of numerous measurement devices including an oscilloscope, a waveform generator, a frequency counter, a programmable voltage, current source and as a data logger.</p> - -<p>During this session, PSLab team will speak about the current development of the project, new features, usage, communities and a story of production in China and lesson learned.</p> - - - Hong Phuc Dang - - - https://pslab.fossasia.org - https://github.com/fossasia/pslab-hardware - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - AW1.125 - oshw_smart_city - Open Source Hardware for Smart City - OSHW LoRaWAN implementation for Parking, Air quality, City lighting and Waste management - CAD and Open Hardware - devroom - - <p>Smart City concept includes Park Management, City Lighting management, Waste Management, Public Transport monitoring and management, Air quality monitoring, Security and People Healthcare alerts and monitoring. Olimex is working on OSHW solutions for two popular LWPAN technologies, the results of the work will be presented and demonstrated.</p> - - - Tsvetan Usunov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - AW1.125 - scientific_oshw - Building open source scientific equipment - How researchers are owning their own instruments - CAD and Open Hardware - devroom - - <p>One of the biggest limiting factors preventing people to participate in science &amp; education, is the lack of access to research equipment. Scientific hardware is vital for researchers and educators to conduct the experiments that will provide them with data necessary to answer scientific questions. -Luckily, technological advances are making the entry barrier and learning curve for hardware development low enough that more and more researchers are trying their hands at building the tools they need in their labs. In this talk we are going to see examples of Open Source Hardware in Academia, current repositories curating these types of projects, and see more technical details of one of these tools, the FlyPi, an open source “all in one” biology lab to perform state-of-the-art methods in neuroscience, built using off-the-shelf components and 3D printed parts, costing 10-20X less then proprietary counterparts.</p> - <p>In order to do experiments to test ideas and hypothesis, curious people, DIY biologists, researchers and citizen scientists need access to reagents and equipment. Normally created using public funds, equipment is normally commercialized as proprietary tools by only a handful of providers, making them expensive and hard to obtain. -Luckily, fast prototyping tools and powerful yet affordable integrated circuits are becoming easy to use at a hobbyist/consumer level. Leveraging these developments, independent initiatives are investing in creating open source hardware for science, enabling people and institutions around the globe to perform their own experiments. -In this talk I will present one of these projects, the FlyPi: an open source all-in-one biology lab, which can be built for ~250 Euros and used for current state of the art methods in Neurosciences (eg Optogenetics, fluorescence microscopy and behavioural tracking), as well as diagnostics of human parasites (making it 10-20X cheaper then current available solutions). Based on the Raspberry Pi and its camera, it runs an user interface developed in Python3, and communicates via Serial to an Arduino, which takes care of time critical tasks (eg millisecond precise light stimulation). I will also present an overview of other hardware projects related to science and repositories dedicated to curating them (eg OpenBehaviour, Open Neuroscience, PLOS Open source toolkit channel).</p> - - Andre Maia Chagas - - - FlyPi publication - FlyPi github repository - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - AW1.125 - gnuk_hardware - FST-01SZ (Flying Stone Tiny 01 revision ShenZhen) - free hardware design for Gnuk Token - CAD and Open Hardware - devroom - - <p>Gnuk Token is a security hardware USB token for GnuPG, which supports OpenPGP card protocol. -The important feature is it avoids special thing like hardware accelerator or tool (which comes with NDA). -Development environment, Tools, Firmware, and hardware design are all free, as they should be.</p> - -<p>FST-01 was designed and used as a reference hardware implementation for Gnuk. -In 2011, FST-01 was designed as free hardware design with KiCAD, so that people can use Gnuk Token for their computing, having the nature of reproducible by other parties. -In 2016, we had a revision called FST-01G, following update of KiCAD. FST-01 and FST-01G were mass produced and sold more than 1200 pieces (2012-2018). -In 2018, it has major update, now called FST-01SZ, using Chinese chip (GD32F103TB) and Chinese connector for USB, following another update of KiCAD. -In this short talk, I will show my experience of FST-01/FST-01G/FST-01SZ, focusing new revision.</p> - <p>See https://www.gniibe.org/memo/development/fst-01/fst-01-revision-sz.html for an explanation and https://www.gniibe.org/memo/development/fst-01/fst-01sz-testplan.html for the test plan.</p> - - Yutaka Niibe - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:40 - AW1.126 - geo_osmdeeplearning - Improve OSM data quality with DeepLearning - - Geospatial - devroom - - <p>Quality Analysis on a wide dataset, is always a gageure. -And automatic semantic segmentation from imagery is still an open subject since decades. -But. -Nowadays with latests DeepLearning techniques, we can use new kind of techniques, -to easily extract patterns from our dataset, and therefore help humans to be that more efficient to take the right decision (think filtering).</p> - -<p>Two main points on this presentation: -- How to produce high quality results, while you start with noisy/creapy/real world data ? -- How to predict, at scale without huge hardware infrastructure ?</p> - -<p>RoboSat.pink as the ecosystem to do so.</p> - - - Olivier Courtin - - - RoboSat.pink - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:45 - 00:30 - AW1.126 - geo_3geonames - 3Geonames.org - An open source Geocoding system for the simple communication of locations with a resolution of 1 m - Geospatial - devroom - - <p>Encoding geographic coordinates into a string is a trivial thing. Yet, there are many grid based systems (geohash, PlusCodes, Mapcodes), and some even turn the thing into a business (Zippr, What3Words). I agree with the commonly stated motivation that Latitude and Longitude are not sufficient for identifying a place in both an unambiguous and human friendly way. A single string for this pair of numbers is a better representation, if only it can preserve all the information contained in the original latitude,longitude pair, something no existing geo-encoding system does. That's my goal.</p> - <p>Geocode is a one-dimensional location code. It uses a simple space-filling technique to map a two dimensional point (latitude,longitude) to either an alphanumeric string or a geoname triple with no loss of information. It is a one-to-one mapping (no two geocodes map to the same point and no two points map to the same geocode).</p> - -<p>Geocode has several advantages over similar systems.</p> - -<p>The alphanumeric geocode is short (10 bytes), has higher accuracy (up to 1 meters) and avoids the borderline discontinuities and many to one mappings of other one-dimensional location codes such as geohashes.</p> - -<p>Triple geoname codes on the other hand are more memorizable, are intuitively reprentative of the location and are composed of relatively short existing geo names (up to 8 letters).</p> - -<p>The first name in a triple geoname code represents the most prominent location name inside a 21,403 km² area containing the point.</p> - -<p>For example, 34.05223,-118.24368 (a location in Los Angeles), is encoded to EKEAJ18E08 or as three geonames: LA-GASPAR-YANSI or as a hybrid code LA-MJKQH4. Another location about 1 m away, say (34.05223,-118.24369), is EKEAJ18E1D or LA-GASPAR-HINGWEN or LA-MJKQI9.</p> - -<p>The human readable algorithm uses 146300 geonames from http://geonames.org and http://geonames.nga.mil/gns/html/gis_countryfiles.html with several requirements for the names (chosen to be recognizable, short, easy to pronounce, distinct from each other and evenly spread throughout the earth.) We also shorten geonames to their acronyms whenever possible (LA -> Los Angeles, NY -> New York, etc)</p> - -<p>Unlike many grid-based location codes, geocodes represent points not areas. Each geocode maps to a latitude,longitude pair with accuracy up to the 5th decimal point (i.e. 1 meter)</p> - -<p>In a nutshell, latitude,longitude values are represented as two linear curves, converted to binary numbers then combined by interleaving their bits. As a result of this technique, similar geocodes are located geographically close together in both alphanumeric and triple geoname formats.</p> - -<p>A geolocation expressed as (latitude,longitude) can be converted offline into a geocode, and vice versa using a data structure embeded in the software.</p> - -<p>The software is in the public domain to be used without any restrictions.</p> - - Ervin Ruci - - - TU Berlin Talk - 3geonames.org - Presentation - Geocode XYZ - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:20 - 00:40 - AW1.126 - geo_boostgeometry - Latest developments in Boost Geometry - - Geospatial - devroom - - <p>How to compute the two closest points between two geometries and how this differs from distance computation? What happens when some points are on opposite/antipodal sides of the globe? How can one create equidistant points along a line composed of one or more line segments?</p> - -<p>We discuss solutions to those questions highlighting some of the latest developments in Boost Geometry, the library that is currently being used to provide GIS support to MySQL. The implemented algorithms are parameterized by strategies that control the accuracy-efficiency trade-off. The proposed solutions work for 3 different coordinate systems (namely, cartesian, spherical and ellipsoidal) each of which comes with its own advantages and limitations.</p> - -<p>We sum up by briefing the plan of future development and a short discussion.</p> - - - Vissarion Fysikopoulos - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:05 - 00:30 - AW1.126 - geo_navit - Continuous Integration to compile and test Navit - - Geospatial - devroom - - <p>Navit is a car navigation system with routing engine. Navit's modular design is capable of using vector maps of various formats for routing and rendering on the screen. It's even possible to use multiple maps at the same time. Points of Interest of various formats are displayed on the map. The current vehicle position is either read from gpsd or directly from NMEA GPS sensors. The routing engine not only calculates an optimal route to your destination, but also generates directions and even speaks to you in 49 languages. It can run on various platforms, e.g. raspberry pi, tomtom, desktop pcs.</p> - -<p>The talk will in particular discuss challenges and approaches faced in the continious integration and testing of an open source GPS app.</p> - - - Patrick Höhn - - - Project Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:40 - AW1.126 - geo_osmwikidata - Linking OpenStreetMap and Wikidata - A semi-automated, user-assisted editing tool - Geospatial - devroom - - <p>Wikidata and OpenStreetMap are collaborative open data projects that contain structured data for real world places and things. Adding links between the projects makes the data more useful, but doing this by hand is laborious. I've written a software tool that automates much of the process.</p> - <p>Editors of OpenStreetMap can use my software to search for a place or region, generating a list of candidate matches from Wikidata, which can then be checked and saved to OpenStreetMap.</p> - -<p>Linking the two projects isn't without controversy. They use different licenses which raises questions about what information from one project can be copied to the other.</p> - -<p>I will talk about the benefits of linking, the process of finding matches, the community response - including the controversy - and how people can get involved.</p> - - Edward Betts - - - OSM/Wikidata link tool - Twitter - Source code on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:30 - AW1.126 - geo_graphhopper - GraphHopper Routing Engine - New Features - Overview of the latest features and development - Geospatial - devroom - - <p>GraphHopper is one of the popular open source routing engines and has a steady stream of new features. For example we recently introduced the Isochrone API and added real time routing features for public transit.</p> - -<p>In this talk I will give a brief overview of what is possible today and give also some insights of what will be possible with the upcoming releases.</p> - - - Peter Karich - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - AW1.126 - geo_augmentedreality - Hikar - Augmented reality for hikers - Developing an app and framework for outdoor AR - Geospatial - devroom - - <p>In recent years, augmented reality (AR) has gained a good deal of mainstream interest, particularly with the advent of Pokemon Go. Of great potential interest is the use of AR for outdoor users such as walkers. This talk will describe the new version of Hikar, a GPL AR Android app in development which helps outdoor users navigate by overlaying footpaths from OpenStreetMap on the camera feed, and by generating virtual signposts showing the direction and distance to nearby points of interest. The talk will describe Hikar in technical detail and challenges faced during its development, and will also invite discussion and possible collaboration on developing a completely open-source solution to geographical AR, as an alternative to ARCore or ARKit.</p> - <p>Augmented reality (AR) has gained a great deal of media attention in recent years, helped in no small measure by the massive mainstream success of Pokemon Go. However, AR has a great deal of potential for real-world applications too, particularly for outdoor users, which has only partly been realised.</p> - -<p>A number of geospatial AR apps have been available for some years, including Layar and Wikitude, primarily focusing on points of interest (POIs), buy many are proprietary and closed-source. One potential use of AR, little explored as-yet, is to provide navigation tools for hikers and other outdoor users, by overlaying paths and hiking trails on the camera feed of the device. An early version of the app under discussion, Hikar, was presented at the OpenStreetMap (OSM) "State of the Map" conference in 2013, with the footpaths and trails sourced from OSM, and the latest version, detailed below, has been presented at an emerging technologies event in Northern Ireland (Digital NMD, digitalnmd.org).</p> - -<p>After a hiatus, development on Hikar has restarted in the past year, partly inspired by increased mainstream interest in AR. The app is now capable of generating virtual signposts, showing the distance and direction to nearby POIs at path junctions, helping people navigate in the field (examples will be shown in the 'Files' section when available). The talk will include an in-depth technical discussion on how the virtual signposts feature has been implemented.</p> - -<p>The Hikar app itself is only one possible application of AR to outdoor use. While Google and Apple have recently made available their ARCore and ARKit frameworks, with impressive results, these are not open-source and (certainly in the case of ARCore) are restricted to certain higher-end devices. There is thus a need for a completely free and open-source framework aimed at outdoor, geographic AR. The presentation will invite discussion and seek collaboration on developing such a framework, which could for example use OpenCV to detect surfaces and therefore more realistically place objects in the same way that ARCore can.</p> - -<p>Currently Hikar is restricted in coverage to Britain, Ireland and Greece. This is, however, solely due to the database on the server only containing data for those areas; it is capable of working internationally provided servers are available to provide path and elevation data (work is underway to support the XYZ tile format), has been tested in Greece, and the virtual signposts support Greek and Cyrillic alphabets.The talk will outline how interested parties can setup a Hikar server to cover their country or region of Europe and indeed other parts of the world.</p> - -<p>Problems and issues with the app as it stands (such as the realism of the path and signpost placement, and inaccuracies with GPS and mapping data) will be discussed, along with strategies for resolving those problems.</p> - - Nick Whitelegg - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:35 - 00:30 - AW1.126 - geo_gpxtraces - Hundred thousand rides a day - How can a massive amount of GPX traces help us improve OpenStreetMap - Geospatial - devroom - - <p>We at Juno track a massive fleet of taxi cars in a relatively small area of New York. For all the internal mapping we use OpenStreetMap — and we are naturally interested in it having zero road errors. One way to ensure that is to validate it against tens of thousands GPS traces we get every day. In this talk we'll look at the relation of traces and map data in OSM, find a few ways to improve OSM using these traces, and see the validation system we made.</p> - - - Ilya Zverev - - - Video Recording on Youtube - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:10 - 00:30 - AW1.126 - geo_locationchallenges - Open Source Geolocation - The story and challenges ahead - Geospatial - devroom - - <p>In this talk, Zeeshan will share his story of development of Geoclue, the open source geolocation service for Linux. He'll talk about the challenges and setbacks faced during these years in developing a framework designed to provide a simple API to application developers while also addressing the privacy issues related to giving out users' location to random applications. Also presented will be the current big problems faced by the project and possible solutions to them.</p> - - - Zeeshan Ali - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:45 - 00:30 - AW1.126 - geo_osmqgis - OpenStreetMaps for emergency prep: The view from San Francisco - Using OpenStreetMap and QGIS to build resiliency maps - Geospatial - devroom - - <p>In San Francisco, the fire department offers free training to residents in the hopes that they won’t become victims the next time an earthquake hits. Residents of San Francisco, California are advised to keep a map in their emergency kit. What kind of map? People who take the fire department training class (Neighborhood Emergency Response Team - NERT) learn to spot potable water hydrants, gas meters, soft story buildings, police call boxes, chemical hazard warnings posted outside gas stations, car repair shops and construction sites. Until now, however, there are no maps with these features marked. This session will talk about the journey to creating these emergency maps with my local NERT using OpenStreetMap. It will include best practices and lessons learned that can make this project useful for citizen mappers everywhere.</p> - - - Stefano Maffulli - - - slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:20 - 00:30 - AW1.126 - geo_streetview - OpenTrailView 360 - FOSS StreetView for hikers - Geospatial - devroom - - <p>OpenTrailView is a project to create a StreetView-like application by walkers with contributors providing stitched 360-degree panoramas of locations on hiking trails. First discussed at State Of the Map Girona 2010, the project has been dormant for several years due to the high barrier of entry; at the time contributors had to manually stitch photos to produce a panorama using third-party stitching software. The recent availability of 360-degree cameras with auto-stitching has revived the author's interest in the project. This lightning talk will give technical details of the new version of OTV and outline initial work.</p> - <p>Google StreetView has for many years provided users with panoramic street views of much of the world. However Google only provide limited coverage of off-road areas and in any case, neither the system nor the panoramas themselves are Free or Open. In 2010, the author developed an initial version of OpenTrailView (OTV), a system designed to produce a StreetView-like experience for outdoor users, giving users an immersive preview of countryside areas before they visit them. The system attracted a fair amount of interest at the State Of The Map conference in Girona that year, however the need for users to manually stitch photos to produce panoramas meant the system had a high barrier to entry.</p> - -<p>In 2013 a new version supported PhotoSpheres from Android devices, though this again gained limited contributor interest due to supporting that format only. Recently, however, 360 degree cameras have become mainstream, some of which perform auto-stitching of panoramas on the device. Thus, due to the potential lower barrier of entry to contributors, the author's interest in the project has been revived and it is proposed to restart work on the project. This lightning talk will give a technical overview of the new version of OTV and detail initial work and future plans. (Note that by the time of FOSDEM it is unlikely that there will be a fully working version, just an initial demo)</p> - - Nick Whitelegg - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:55 - 00:30 - AW1.126 - geo_spatialboostgeometry - Spatial Reference Systems Transformations with Boost.Geometry - - Geospatial - devroom - - <p>What are spatial reference systems and how to convert between them? What are various ways of creating transformation representation in Boost.Geometry and how to use them to convert between polygons on the surface of a globe and flat surface of a map?</p> - -<p>We discuss solutions to those questions highlighting some of the latest developments in Boost Geometry, the library that is currently being used to provide GIS support to MySQL. The implemented solutions allows to define transformations both in compile-time and run-time with known tradeoffs: execution time vs compilation time, run-time flexibility vs compile-time error reporting, etc. Last but not least we discuss similarities and differences between Boost.Geometry and Proj4 libraries.</p> - - - Adam Wulkiewicz - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - AW1.126 - geo_virtualreality - VR Map: Putting OpenStreetMap Data Into a WebVR World - Simple GeoData Visualization with A-Frame - Geospatial - devroom - - <p>Mixed Reality (XR), i.e. Virtual and Augmented Reality, opens up new possibilities for 3D visualizations of OpenStreetMap data (OSM). With WebXR and Mozilla's A-Frame library, it's really simple to create cross-device XR experiences running right in the browser with very little code. VR Map brings all that together and allows you to walk or "fly" through a virtual model of the real world courtesy of live OSM data.</p> - <p>The talk will describe WebXR as Mixed Reality APIs for the browser and A-Frame as Mozilla's library to make it really simple to build WebXR scenes. Then, it will dive into how those technologies were used together with live OSM data to create the VR Map demo and show how it enables people to move through virtual models built from that real-world data to give an interesting new perspective on OpenStreetMap - and hopefully inspire developers to build similar experiences.</p> - - Robert Kaiser - - - VR Map - live demo - Source Code (GitHub) - Slides - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:30 - 00:25 - K.3.201 - elasticsearch_correctness_performance_validator - ElasticSearch Correctness and perfOrmance Validator - Formally measuring the cost of a query before hitting the fan - Search - devroom - - <p>Alright, you built an application to show off your impressive skills at data gathering and processing. Now you got data on ElasticSearch that you want to show, but your users may want to see too many data points and will shatter your DB performance. In this talk, we will present a project to formally measure the cost of queries before actually running them, and your app can decide, given a cost value, whether to launch a query or not.</p> - <p>ESCOVA leverages the ElasticSearch query parser to generate the parse tree of an ES query, and we use tree-based cost analysis in order to determine the cost of queries. Moreover, users may restrict their queries to only those of forms that have been previously whitelisted in order to avoid blocking the database. ESCOVA is available both as a plugin for an Elasticsearch as well as a library (that can, e.g., be deployed independently as a microservice).</p> - -<p>The talk will describe: -- How you can currently profile queries in Elasticsearch -- A discussion about the pros and cons of static analysis/symbolic computation v. profiling -- The inner structure of the project -- Lessons learned on how to build an Elasticsearch plugin -- Future work, questions and feedback</p> - -<p>No specific prior knowledge required; topics will be presented before diving into them.</p> - - Santiago Saavedra - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - K.3.201 - learning_to_rank - Learning to Rank - Explained for Dinosaurs - Search - devroom - - <p>Internet search has evolved from its early days. It has become smarter and more -natural, and people expect it to “just work.” But, anyone who has worked -behind-the-scenes with a search engine knows exactly how hard it is to get the -“right” results to show up at the right time.</p> - -<p>Not to mention, what happens when the trends change, when your users’ favorite -weirdly-shaped dinosaur isn’t a T-Rex anymore? Spending countless hours tuning -the boosts before your user can find their favorite two-legged tiny-armed -dinosaur on the front page isn’t fun. What is cool is using Learning to Rank to -automate the process! In this talk, you will learn how Learning to Rank works -and how you can use it in Apache Solr — all from the Bloomberg team that built -and implemented it in the first place.</p> - <h4>Description</h4> - -<p>Internet search has long evolved from days when you had to string up your query in just the right way to get the results you were looking for. Search has to be smart and natural, and people expect it to “just work” and read what’s on their minds.</p> - -<p>On the other hand, anyone who has worked behind-the-scenes with a search engine knows exactly how hard it is to get the right result to show up at the right time. Countless hours are spent tuning the boosts before your user can find his favorite two-legged tiny-armed dinosaur on the front page.</p> - -<p>When your data is constantly evolving, updating, it’s only realistic that so do your search engines. Search teams thus are on a constant pursuit to refine and improve the ranking and relevance of their search results. But, working smart is not the same as working hard. There are many techniques we can employ, that can help us dynamically improve and automate this process. One such technique is Learning to Rank.</p> - -<p>Learning to Rank was initially proposed in academia around 20 years ago and almost all commercial web search-engines utilize it in some form or other. At Bloomberg, we decided that it was time for an open source search-engine to support Learning to Rank, so we spent more than a year designing and implementing it. The result of our efforts has been accepted by the Solr community and our Learning to Rank plugin is now available in Apache Solr.</p> - -<p>This talk will be presented by two engineers working in the News Search Engineering team at Bloomberg - Sambhav Kothari and Diego Ceccarelli. The talk will serve as an introduction to the LTR(Learning-to-Rank) module in Solr. No prior knowledge about Learning to Rank is needed, but attendees will be expected to know the basics of Python, Solr, and machine learning techniques. We will be going step-by-step through the process of shipping a machine-learned ranking model in Solr, including:</p> - -<ul> -<li>how you can engineer features and build a training data-set as per your needs</li> -<li>how you can train ranking models using popular Python ML(machine learning) libraries like scikit-learn</li> -<li>how you can use the above-learned ranking-models in Solr</li> -</ul> - - -<p>Get ready for an interactive session where we learn to rank!</p> - - Sambhav Kothari - Diego Ceccarelli - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - K.3.201 - hibernate_search_6 - From table to index (and back) with Hibernate Search 6 - Leveraging Elasticsearch's power with a relational DB as primary source of truth - Search - devroom - - <p>On one side, Elasticsearch. It scales, has great support for full-text search, and many features you like. -On the other side, a relational database. It has transactions, relational capabilities, implements standards, and lots of developers are familiar with it. -Each is a great datastore targeting specific needs. What if you have many needs? What if you want both? Transactions, relations <em>and</em> scale; full-text search <em>and</em> SQL. Preferably without headaches.</p> - -<p>Enters Hibernate Search. This Java library allows to define a mapping from Hibernate ORM entities to Elasticsearch documents, to transparently index entities as they are persisted in the ORM, and to conveniently query the index through APIs that make the most of a mixed entity/document model. -Doing so, it solves the problems that arise when synchronizing data from a relational database to Elasticsearch:</p> - -<ul> -<li>Entities are generally too small to be mapped directly to a useful Elasticsearch document: you need to map <em>trees</em> of entities to a single document. How to handle complex mappings, i.e. how to infer that when entity A is written to, then entity D, three relations away, needs to be reindexed?</li> -<li>The database cannot be fully reindexed every minute: synchronization needs to be smart. How to accurately detect database changes without adding boilerplate everywhere in database writing code?</li> -<li>The database may be transactional, but Elasticsearch is not. How to correctly handle transactions, generating documents and sending indexing commands at just the right time?</li> -</ul> - - -<p>In this talk, I will demonstrate how Hibernate Search 6, the new major version of Hibernate Search currently in development, can be used in an application based on Hibernate ORM.</p> - - - Yoann Rodiere - - - Hibernate Search website - Hibernate Search 6.0.0.Alpha2 release announcement - Slides - Hibernate Search 6 on the Hibernate website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:50 - K.3.201 - deepdive_tantivy - A Deepdive into Tantivy - - Search - devroom - - <p>Tantivy is a search engine library, akin to Lucene but for Rust.</p> - -<p>In this talk, we will walk through the building blocks that make a scalable full-text search engine. While this talk will be centered on tantivy, most of the concepts introduced should apply to other inverted-list search engines like Lucene.</p> - - - Paul Masurel - - - Tantivy's repository - Presentation slides - http:// - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - K.3.201 - apache_lucene_solr_8 - Apache Lucene and Apache Solr 8 - What’s coming next? - Search - devroom - - <p>Spring 2019 will be the time for a new major release of Apache Lucene and the well-known search server Apache Solr. Since Lucene 7 a lot new features have been developed, mainly a new way to short circuit query execution if the total number of hits is not needed. This may improve query execution for common full text search use cases enormously. The talk will also present other new features and changes like change to a more standard BM25 implementation or optimizations for Java 9 and later Java versions using MR-JAR files. -The second part of this talk will quickly cover news in Apache Solr: Solr 8 now also uses HTTP/2 for its cloud communication.</p> - - - Uwe Schindler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - K.3.201 - super_speedy_scoring_lucene - Super-speedy scoring in Lucene 8 - - Search - devroom - - <p>Lucene 8 will have some remarkable speed-ups when it comes to querying across large datasets. In this talk I will describe how this has been implemented, from new data structures through to changes in the scoring API, and the trade-offs required to make them possible.</p> - <ul> -<li>Lightning overview of the structure of an inverted index, showing how current queries are executed and documents scored</li> -<li>Extension of an inverted index to include Impacts (single level, multi-level)</li> -<li>Given impacts, show how a scorer can skip large blocks of documents</li> -<li>Restrictions on Similarity implementations to make this possible (scores must increase with docfreq, must be greater than 0, etc)</li> -</ul> - - - Alan Woodward - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - K.3.201 - lucene_upgrade_jira_8 - Lucene Upgrade in Jira 8.0 - How we fought and killed the code debt beast - Search - devroom - - <p>Jira 8.0 will be shipped with Lucene 7.3. It's been the first update for 7 years. In this talks I'll describe why it took so long, what it taught us and how the new Lucene improved Jira.</p> - <p>Jira was stuck on Lucene 3.3 for 7 years. The cost of update to the 4.0 version was so high and the benefits were so unknown, that the decision to remove this code debt was put off for so long. -In early 2018 it was decided we will finally upgrade Lucene to 7.3. Just making the product functionally correct took around 2-3 months. However, we didn't stop there. We invested more time to get the most of the momentum we had and improved our usage of Lucene. Now Jira indexing is faster, index is smaller, search is much faster and more exact, and the API is cleaner. -The process of the upgrade taught us how much one can gain from removing code debt, and how much improvement one can get by small fixes. -I will also talk about Lucene consultancy we had from Uwe Schindler and how it kickstarted the project.</p> - - Kamil Cichy - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - K.3.201 - rated_ranking_evaluator - Rated Ranking Evaluator: an open-source approach for Search Quality Evaluation - How to automate the Search Quality Evaluation process using a completely based FOSS solution - Search - devroom - - <p>Every team working on information retrieval software struggles with the task of evaluating how well their system performs in terms of search quality(currently and historically). -Evaluating search quality is important both to understand and size the improvement or regression of your search application across the development cycles, and to communicate such progress to relevant stakeholders. -In the industry, and especially in the open source community, the landscape is quite fragmented: such requirements are often achieved using ad-hoc partial solutions that each time require a considerable amount of development and customization effort. -To provide a standard, unified and approachable technology, we developed the Rated Ranking Evaluator (RRE), an open source tool for evaluating and measuring the search quality of a given search infrastructure. -RRE is modular, compatible with multiple search technologies and easy to extend. -The focus of the presentation will be on a live demo showing an example project with a set of initial relevancy issues that we will solve iteration after iteration: using RRE output feedbacks to gradually drive the improvement process until we reach an optimal balance between quality evaluation measures.</p> - <p>Every team working on information retrieval software struggles with the task of evaluating how well their system performs in terms of search quality(currently and historically). -Evaluating search quality is important both to understand and size the improvement or regression of your search application across the development cycles, and to communicate such progress to relevant stakeholders. -To satisfy these requirements an helpful tool must be: -- flexible and highly configurable for a technical user -- immediate, visual and concise for an optimal business utilization -In the industry, and especially in the open source community, the landscape is quite fragmented: such requirements are often achieved using ad-hoc partial solutions that each time require a considerable amount of development and customization effort. -To provide a standard, unified and approachable technology, we developed the Rated Ranking Evaluator (RRE), an open source tool for evaluating and measuring the search quality of a given search infrastructure. -RRE is modular, compatible with multiple search technologies and easy to extend. -It is composed by a core library and a set of modules and plugins that give it the flexibility to be integrated in automated evaluation processes and in continuous integrations flows. -This talk will introduce RRE, it will describe its functionalities and demonstrate how it can be integrated in a project and how it can help to measure and assess the search quality of your search application. -The focus of the presentation will be on a live demo showing an example project with a set of initial relevancy issues that we will solve iteration after iteration: using RRE output feedbacks to gradually drive the improvement process until we reach an optimal balance between quality evaluation measures.</p> - - Andrea Gazzarini - Alessandro Benedetti - - - Project Repository on Github - Sease Blog - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - K.3.201 - fulltext_search_tips_tricks - CANCELLED Full-text Search Tips and Tricks - - Search - devroom - - <p>Unfortunately our speaker cannot make it. Have a quick recovery, Denis!</p> - -<p>The real challenge in search is not how to pick the best search engine framework or how to find a match, but how to bring the most relevant results. In this talk we will discuss about relevance and to extract most of your search engine framework by indexing your data in multiple ways, boosting fields correctly, using analyzers, fuzziness, penalizing results, facets, and searching on data with different structures.</p> - -<p>In this session we are also going to build from scratch a movie’s search microservice.</p> - <p>In this talk, I basically go through some of the major problems with relevance while building a search mechanism in an application. I spend usually half of the presentation implementing the concepts that I show and comparing with the results we had before.</p> - - Denis Wilson Souza Rosa - - - Submit feedback - - - - - - 09:00 - 00:50 - K.3.401 - packaging_for_mageia_with_docker - AMENDMENT Packaging for Mageia Linux with Docker containers - - Distributions - devroom - - <p>Docker has brought an ease of use without comparison with VMs typically to build native upstream distribution packages. Where before it was needed to launch a complete environment, copy the sources into it, invoke the build tools -to create the packages and then copy them back to the host, Docker has made all these steps much easier and straight forward, allowing for more rapid package production and automation.</p> - -<p>This presentation will show a detailed use case for building packages for the Mageia Linux distribution with bm and mgarepo usages encapsulated in Docker containers. It should help any upstream packager adopt a similar approach to make his packaging task a breathe.</p> - -<p>Please note that this talk replaces one entitled "Do Linux Distributions Still Matter with Containers?" by Scott McCarty who has sent his apologies but is now unable to attend as he has fallen ill.</p> - - - Bruno Cornec - - - Tools for Mageia containers for Docker - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:55 - 00:50 - K.3.401 - linux_distributions_lifecycles_containers - Linux distributions, lifecycles, and containers - - Distributions - devroom - - <p>Deploying software has lots of solutions, but what gets deployed often plays out as a fight between developers and operators. Developers want the latest (or at least later) code. Operators want things in nice packages, certified, and with a known period of support. What we need is a catalog of software with the variety of versions the developers need, with the qualities expected by the operators. Come and learn how various projects within Fedora approach this problem from different perspectives, including Fedora Modularity, containers, Fedora CoreOS, and Fedora Silverblue.</p> - <p>This session contains a high-level overview as well as a live (or recorded) demo of Fedora Modularity — a project bringing multiple versions of packages in Fedora with the qualities expected from a Linux distribution: transparently built and delivered, actively maintained, and easy to install. In other words, having the flexibility that developers need and the qualities operators need.</p> - -<p>Followed by a demonstration of why building containers using Linux distributions' packages makes your life easier. And now with Modularity there's more versions of software to choose from.</p> - -<p>Ending with a quick intro into container distributions for the server (Fedora CoreOS) and for the workstation (Fedora Silverblue) — demonstrating the benefits of having an immutable small OS which is possible thanks to applications in containers.</p> - -<p>Expected audience: system administrators and developers</p> - -<p>Come and learn how developers and operators can be friends by using packaged software from Linux distributions, and what Fedora has to offer to both!</p> - - Adam Samalik - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:50 - 00:30 - K.3.401 - grub_upstream_and_distros - GRUB upstream and distros cooperation - - Distributions - devroom - - <p>The presentation will discuss current state of GRUB upstream development and cooperation with distributions.</p> - <p>The first half of presentation will be focusing on last year and current -development efforts. The second half will discuss cooperation between GRUB -upstream and distros. In general it will show current progress in the project -and main pain points. One of the goals of the presentation is to solicit some -help from the community. Maintainers are quite busy and they are not able to -solve all issues themselves. So, help from others is greatly appreciated. At -the end of presentation Q&amp;A session is planned.</p> - - Daniel Kiper - - - GNU GRUB - GNU Project - Free Software Foundation (FSF) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:30 - K.3.401 - package_software_with_upt - Package software for any distribution with upt - - Distributions - devroom - - <p>In this talk, we will introduce the Universal Packaging Tool (upt), a modular tool meant to help packagers in their daily tasks. We will show how it is an improvement over similar existing tools, which upt means to replace. This will be especially interesting for distribution developers that have had to deal with upstream platforms such as PyPI, CPAN or RubyGems.</p> - <p>Nowadays, most languages come with a package manager (such as pip or gem) that can install packages from an upstream package archive (such as pypi.org or rubygems.org). Traditional distributions (such as Debian, Fedora or OpenBSD) still package these same pieces of software, making them available through their own package manager (such as apt, dnf or the OpenBSD ports).</p> - -<p>Over the years, multiple scripts have been written in order to automate part of the packaging process. Tools like pypi2deb (which turns a package from PyPI into a Debian package) or gem2rpm (which turns a package from RubyGems into an RPM package) make the work of packagers much easier. There are a lot of these tools, and they all behave a bit differently, expose a different interface to their users, and duplicate a lot of code.</p> - -<p>In this presentation, I will introduce the Univesal Packaging Tool (upt), a modular program that allows packagers to create packages from any language-specific upstream archive to any GNU/Linux or *BSD distribution. We will show how this is done without any code duplication, and how any improvement to this tool will benefit developers from all distributions.</p> - - Cyril Roelandt - - - Collection of git repositories used in upt - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:55 - 00:50 - K.3.401 - opensuse_kubic - openSUSE Kubic for Distro People - exploring the containerised frontiers - Distributions - devroom - - <p>As the world moves more and more towards containerised solutions, a number of real questions start to appear. -- What is the perfect platform for running containers atop? -- How to use this platform as part of a flexible, scalable, highly available infrastructure fabric? -- How to minimize the maintenance and administration of this platform at scale?</p> - -<p>All of these problems are well answered in an enterprise environment by SUSE CaaS Platform, but for developers more interested in the state of containers &amp; kubernetes upstream, new issues start to appear. With such fast moving upstreams, developers and enthusiasts need a platform that can keep up and is closely involved with those upstream developments. This platform needs to not only be able to run containers at scale, but also on single machine, all the while preserving the attributes of low maintenance so the focus can be on the containers, not the base system beneath them.</p> - -<p>This talk will introduce openSUSE Kubic, and explains how it addresses the above, being the perfect distribution for this modern age. The session will explore in some detail how Kubic is developed in lockstep with the Tumbleweed rolling release and various upstreams including kubeadm and CRI-O. Transactional Updates, Kubic's system update stack will be demonstrated and the benefits from such an atomic update approach discussed in some detail. Finally the kubeadm Kubernetes cluster boostrapping tool will be discussed and some future plans shared for consideration and feedback.</p> - -<p>Attendees should come away from this talk with everything they need to know to get starting using, developing with and contributing to openSUSE Kubic.</p> - - - Richard Brown - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:50 - 00:50 - K.3.401 - portable_services_ready_to_use - Portable Services are Ready to Use - Portable Services bring some container features to classic service management - Distributions - devroom - - <p>Portable Services bring certain aspects of containers to classic systemd service management. With systemd v239 Portable Services are for the first time complete and ready for users to take advantage of. In this talk we'll have a look on the underlying technical concepts, how things fit together and what the precise limitations and benefits are.</p> - - - Lennart Poettering - - - systemd homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:45 - 00:30 - K.3.401 - homebrew_2 - Homebrew 2.0.0 - - Distributions - devroom - - <p>Talk discussion the major features, leadership and community changes accompanying Homebrew 2.0.0 (which will be released at or shortly after FOSDEM 2019).</p> - <p>This talk will be a talk running through Homebrew's major changes since 1.0.0 and some of the trials and tribulations since then such as maintainers leaving, the lead maintainer position being abolished, becoming more focused and enabling the community to do more for themselves.</p> - - Mike McQuaid - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:15 - 00:30 - K.3.401 - set_versioned_package_dependencies - Set-versioned package dependencies - addressing the problem of shared library updates - Distributions - devroom - - <p>Set-versioned package dependencies is a free software technology invented in ALT and implemented in ALT package repositories and distributions since 2010 to prevent breakages caused by updates of shared libraries containing incompatible changes.</p> - <p>Every time a shared library is going to be updated, there is a chance of incompatible changes in the library that will cause breakages in some of its clients. This happens, for example, when a symbol provided by the library is removed but the soname remains unchanged. Detecting such changes manually is getting more problematic nowadays when packages are updated automatically by scripts.</p> - -<p>The approach implemented in ALT package repositories to address this problem is to encode all symbols provided by shared libraries in package Provide tags, and to encode all symbols required by clients of shared libraries in package Require tags.</p> - -<p>In this talk the speaker will describe in detail how to implement such encoding efficiently, explain the computational costs associated with set-versioned package dependencies, and share his experience of maintaining package repositories based on set-versions.</p> - -<p>The primary auditory of this talk are maintainers of package repositories and distributions who might be interested in addressing the problem of shared library updates.</p> - - Dmitry Levin - - - source code of golomb and set-string routines - what is a set-version - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:50 - 00:50 - K.3.401 - freeipa_cross_distrbution_packaging_experience - FreeIPA and cross-distribution packaging experience - - Distributions - devroom - - <p>The talk is going to reflect on the effort Fedora development community has done to allow complex solutions like FreeIPA to be tested continuously and to ensure a working solution at any release time. FreeIPA is one of projects that would benefit from a tighter collaboration between distributions and we would also like to discuss how its cross-distribution support could be improved to provide a more consistent behavior to our users across multiple distributions.</p> - <p>FreeIPA is an identity management solution for POSIX environments. It is often characterized as an 'Active Directory for Linux systems' which, while not exactly right description, helps to visualize a level of complexity FreeIPA has to deal with. FreeIPA as a solution is built on a number of existing and proven technologies implemented as a free and open source software. As result, a FreeIPA deployment has to deal with coordination between a lot of packages. In Fedora, for example, a fully-functioning FreeIPA deployment requires to install several hundred binary packages, including but not limited to SSSD, MIT Kerberos, 389-ds LDAP server, Samba, Apache, OpenSSH, database libraries, Java components for Dogtag Certificate Authority server, and many Python libraries.</p> - -<p>It is not a surprise that coordinating these components often leads to complications in an operating system distribution release management. Packages need to be at right versions at right time with knowledge about that not always shared across multiple groups of developers and maintainers. Regressions need to be tracked and fixed. Security updates and cross-platform protocol compatibility issues are adding their own flavor.</p> - - Alexander Bokovoy - - - FreeIPA project home - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:50 - K.3.401 - distribution_build_delivery_styles - Distribution build / delivery styles, one style to rule them all ? - Is rolling release the answer for everything ? Or Service Pack ? SUSE and openSUSE experience - Distributions - devroom - - <p>There has been several camps on distribution style: -- Rolling style, where everything is constantly moving -- Regular style, where everything get polished and fixed before some freeze -- Stable style, where (almost) nothing move, fearing to break anything</p> - -<p>openSUSE (and SUSE) have been releasing distributions in those various style and unlike common believe, they are not as different as you might thing</p> - <p>We will describe pro and cons for each style and look at how our tools (OBS / openQA) and our processes (Staging / Factory First) are being use, independently of the distribution style.</p> - -<p>And how a "Stable" style can also be delivered like "Regular" style.</p> - - Frederic Crozat - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - K.3.401 - gnu_guix_new_approach_to_software_distribution - GNU Guix’s take on a new approach to software distribution - - Distributions - devroom - - <p>As GNU Guix reaches 1.0, this talk will reflect on what it has to offer to users and how it compares to other approaches—from CONDA and pip to Flatpak and Docker. Guix is not only a transactional package manager and declarative GNU/Linux distribution: it’s also an environment manager, a container provisioning tool, and more. We will describe these tools and our journey to 1.0, emphasizing key properties that set Guix apart: reproducibility, transparency, and hackability.</p> - <p>In a time where distros are sometimes viewed as “that thing you run inside a container”, where alternative approaches to software -distribution are taking steam—from CONDA and pip to Flatpak and Docker—is there still room for the traditional approach to GNU/Linux distros?</p> - -<p>As GNU Guix reaches 1.0 after six years of development, this talk will reflect on what Guix has to offer to users and how that compares to other approaches. You can view Guix as a package manager, but with transactional upgrades and roll-backs. Or you can view it as a standalone distribution like Debian but with a declarative interface à la Puppet. Guix is also an environment manager à la VirtualEnv but not limited to a single language, a container provisioning tool like—think ‘Dockerfile’ but with reproducibility and transparency built in, and a continuous integration/deployment tool—why write a lengthy ‘gitlab-ci.yml’ when you can reuse your package definition?</p> - -<p>In this talk I will give an overview of all these tools Guix provides and discuss our journey from a “package manager” kind of project to a complete software deployment toolbox. I will present key properties that set Guix apart: transparency through reproducible builds and provenance tracking, and practical user freedom through a broad range of discoverable APIs that we hope invite users to hack. We believe Guix has shown that there’s still room for innovation in the distro space, and still value in distro-style software distribution.</p> - - Ludovic Courtès - - - GNU Guix - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:40 - K.4.201 - llvm_irgen - Roll your own compiler with LLVM - Easy IR generation - LLVM - devroom - - <p>A close look at IR code generation inside a Modula-2 compiler.</p> - <p>With LLVM, one of the main tasks of an compiler engineer is to design the IR code generation from an abstract syntax tree (AST). -How easy is it? Although I have worked with and on LLVM for several years now I have not yet written an compiler from scratch. -So I began to work on my own compiler for an simple yet powerful language: Modula-2. In this talk I introduce the architecture -of the m2lang compiler. My main focus is the generation of basic blocks and IR code from the AST. I show which general patterns -emerged and which areas of the languages caused trouble. I also give hints when it is useful to introduce yet another intermediate -language between the AST and the IR.</p> - - Kai Nacke - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:45 - 00:40 - K.4.201 - llvm_bpf_rewriting - Rewriting Pointer Dereferences in bcc with Clang - Syntactic sugar for BPF programs - LLVM - devroom - - <p>The bcc project [1], mostly known for its collection of Linux tracing tools, is a framework to ease the development of BPF programs for Linux. Indeed, in its recent releases, the Linux kernel can be extended with small BPF bytecode programs whose memory and fault safety is statically verified at load time. These programs are usually written in a subset of C and compiled to the BPF bytecode. To access kernel memory they must use special functions, called helpers.</p> - -<p>The bcc framework provides Python, Lua, and C++ wrappers to install and interact with these programs, as well as syntactic sugar for the C subset. In particular, bcc allows developers to access kernel memory as easily as they would access the BPF stack. C programs are transparently rewritten at load time, before their compilation to BPF bytecode, to translate all dereferences of pointers to kernel memory (called external pointers) into calls to the appropriate helpers.</p> - -<p>In this talk, after providing the necessary background on BPF, we will discuss bcc's use of Clang to track external pointers throughout the code and rewrite their dereferences. We will describe the problems we had to overcome with code examples and detail the limitations of the current implementation. Among other things [2], bcc performs three traversals of the AST to track external pointers across BPF programs (through persistent data structures), follows external pointers through assignments, return values, and structure members, and keeps track of their indirections levels.</p> - -<p>1 - https://github.com/iovisor/bcc -2 - https://github.com/iovisor/bcc/blob/master/src/cc/frontends/clang/b_frontend_action.cc</p> - - - Paul Chaignon - - - bcc's repository - Pointer dereference rewriting code in bcc - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:40 - K.4.201 - llvm_building - Building an LLVM-based tool - Lessons Learned - LLVM - devroom - - <p>In this talk, I want to share my experience in building an LLVM-based tool.</p> - -<p>For the last three years, I work on a tool for mutation testing. Currently, it works on Linux, macOS, and FreeBSD and the source code is compatible with any LLVM version between 3.8 and 7.0. Anything that can run in parallel - runs in parallel. -I will cover the following topics:</p> - -<ul> -<li>How to support multiple LLVM versions</li> -<li>How to support different operating systems (Linux, macOS, FreeBSD)</li> -<li>How to build against precompiled LLVM and sources at the same time</li> -<li>How to parallelize everything</li> -<li>How to test things</li> -<li>Different ways to get bitcode from any project</li> -</ul> - - - - Alex Denisov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:15 - 00:40 - K.4.201 - llvm_debug - Debug info in optimized code - how far can we go? - Improving LLVM debug info with function entry values - LLVM - devroom - - <p>Software release products are compiled with optimization level –O2 and higher. Such products might produce a core-file that is used for investigating cause of problem that produced it. First thing from which we start debug analysis is call-trace from a crash. In such traces most of the parameters are reported as optimized out due to variety of reasons. Some of parameters are really optimized out, but some of their locations could be calculated. Expert software developers are able to find what values parameters had at function entry point by using the technique that requires searching those values in disassembly of caller frame at place of that particular function call. Automation of such technique is described by DWARF 5 specifications and it is already implemented in GCC and GDB since 2011. The goal of this paper is to present ideas, implementation and problems that we encountered while we were working on this feature in LLVM. We will also show the improvement by presenting recovered parameters in some of the call-traces. This feature should improve debugging of optimized code built with LLVM by recovering optimized-out function parameters.</p> - - - Nikola Prica - Djordje Todorovic - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:40 - K.4.201 - llvm_tablegen - Lessons in TableGen - - LLVM - devroom - - <p>TableGen is LLVM's DSL for describing intrinsics, backends' machine instructions, physical registers, machine scheduling models, and a bunch of other things. It is extremely flexible and powerful, but can also be rather aggravating. Most people who spend a significant amount of time working on an LLVM backend probably develop a love/hate-relationship with it.</p> - -<p>The goal of this talk is to give a brief overview of what TableGen offers -- frontend, application-specific backends, generic table emission backend, idiosyncratic type system, and these days even limited functional-style programming -- and a brief introduction on how to use it. The focus will be mostly on the frontend -- that is, syntax and semantics of the TableGen DSL itself -- rather than on specific backends.</p> - -<p>Along the way, I want to share some lessons learned and decisions made during a major refactoring of the TableGen frontend that I undertook in early 2018 to iron out many of TableGen's quirks and shortcomings that had accumulated over the years, as well as some glimpses of the advanced TableGen uses in the AMDGPU backend that motivated that refactoring.</p> - - - Nicolai Hähnle - - - (Incomplete) Series of blog posts about TableGen - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:45 - 00:40 - K.4.201 - llvm_apollo - LLVM for the Apollo Guidance Computer - - LLVM - devroom - - <p>Nearly 50 years ago on the 20th of July 1969 humans set foot on the moon for the first time. Among the many extraordinary engineering feats that made this possible was the Apollo Guidance Computer, an innovative processor for its time with an instruction set that was thought up well before the advent of C. So 50 years later, why not implement support for it in a modern compiler such as LLVM?</p> - -<p>This talk will give a brief overview of some of the architectural features of the Apollo Guidance Computer followed by an account of my implementation of an LLVM target so far. The shortcomings of LLVM when it comes to implementing such an unusual architecture will be discussed along with the workarounds used to overcome them.</p> - - - Lewis Revill - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:40 - K.4.201 - llvm_mix - llvm.mix - Multi-stage compiler-assisted specializer generator built on LLVM - LLVM - devroom - - <p>Automatic program specialization is a well-formed area of computer-science -research with many interesting practical applications, but to this day most -existing specializers and partial evaluators are only applicable to one of a -few high level programming languages. The reason is that developing a -specializer for a new language remains still a from-scratch endeavor, and it's -hard.</p> - -<p>It is the lack of general-purpose flexible program specialization tools that -often leads projects to creating custom just-in-time compilers for their -specific use cases. These compilers, even if based on mature compiler -infrastructures such as LLVM's, immediately become way harder to develop and -maintain than simple interpreters they make obsolete. In many cases, however, -program specialization could bring the proverbial 80% of the benefits for a -fraction of the cost, while maintaining simplicity and testability of the -original design.</p> - -<p>It is our belief that developing a specializer for a new language should be as -easy as adding some supporting syntactic and semantic definitions to a -language front-end and reusing an existing specializer in the middle end.</p> - -<p>Such a language-independent specializer preferably has to:</p> - -<ul> -<li>remove as much interpretation overhead as possible, and add no extra -interpretation overhead of its own;</li> -<li>be able to produce both interpreters and compilers from the same code base, -to enable gradual transition and to preserve debugging and testing -properties of the original source code;</li> -<li>include a binding-time analysis component to simplify binding-time -improvements of the source program;</li> -<li>be guided by annotations embedded in the source program as opposed to -external annotations, to ease development and maintenance;</li> -<li>support multiple compilation stages to take advantage of as many -specialization points as necessary;</li> -<li>be flexible enough with resource management to fit in both managed and -unmanaged environments.</li> -</ul> - - -<p>We will present the design and the prototype implementation of a -multi-stage offline specializer generator that ticks most of these boxes. The -generator is based on LLVM and runs in compile time along with the compilation -of a source program. It is controlled by intrinsics and function and parameter -attributes in LLVM IR. Being developed in the middle-end of the LLVM -optimizer, the specializer generator can be used with any language front-end. -We will talk about some elements of its design, its limitations, and ways to -improve.</p> - - - Eugene Sharygin - - - llvm.mix - Clang extension - Examples and micro benchmarks - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:15 - 00:40 - K.4.201 - llvm_smt_csa - SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer - - LLVM - devroom - - <p>I will present a new option added to the clang static analyzer (CSA) to refute false bug reports, using satisfiability modulo theory (SMT) solvers. In this talk, I will:</p> - -<p>(1) give a general overview of the CSA, how it works and its limitations;</p> - -<p>(2) show how we extended the existing heuristics to remove spurious bug reports: path constraints produced by CSA are encoded as SMT problems, SMT solvers precisely check them for satisfiability, and bug reports (whose associated path constraints are unsatisfiable) are removed;</p> - -<p>(3) show the evaluation of our refutation algorithm when analyzing twelve widely used open-source projects;</p> - -<p>(4) show how to set up an automated testing environment using scripts provided by the CSA infrastructure. As an example, I will show how to set up the twelve projects used to evaluate our refutation algorithm: https://github.com/mikhailramalho/analyzer-projects.</p> - -<p>The target audience of this talk is anyone interested in learning more about the clang static analyzer and in analyzing their C/C++/ObjectiveC projects.</p> - <p>The clang static analyzer works by symbolically executing a program, collecting the symbols and constraints for every path in the program, and reasoning about bug feasibility using a built-in solver called RangedConstraintManager. It was designed to be fast so that it can provide results for common mistakes (e.g., division by zero or use of uninitialized variables) even in complex programs. However, the speed comes at the expense of precision; it cannot handle some arithmetic operations (e.g, remainders) or bitwise expressions. In these cases, the analyzer discards the constraints and might report false bugs.</p> - -<p>The new option works by adding an extra step in the program analysis after the bug is found by the built-in solver but before reporting it to the user; the path and the constraints that trigger the bug are encoded in SMT and checked for satisfiability.</p> - -<p>I will present an evaluation of the crosscheck when analyzing twelve C/C++ open-source projects of various size (tmux, redis, openssl, twin, git, postgresql, sqlite3, curl, libWebM, memcached, xerces-c, and XNU). When analyzing these projects with bug validation enabled, the slowdown is negligible in cases where no bug is refuted (average 1.2% slowdown) and, when it finds false bugs, the bug validation gives a small speedup (average 6.2% speedup). On average, 12.2 bugs per program were refuted by the SMT solver, ranging from 1 bug refuted in redis to 51 being refuted in XNU.</p> - -<p>Finally, I will present a set of scripts provided by the CSA that can be used to set up an automated testing environment. The scripts are freely available and their presentation will follow the process described in https://github.com/mikhailramalho/analyzer-projects.</p> - - Mikhail Gadelha - - - Scripts to analyze projects - The clang static analyzer main page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:40 - K.4.201 - llvm_lld - What makes LLD so fast? - - LLVM - devroom - - <p>One of the main features of LLD, the LLVM Linker, is its high performance, frequently outperforming existing linkers by a substantial margin. In this presentation we'll take a look at why this might be? Starting with a brief description of the linker and what it must do, we'll look at how LLD approaches the problem, compare and contrast with other open source linkers and see how it performs on a selection of programs. We'll conclude by looking at what you might be able to take from LLD's architecture, implementation, and development into your own programs.</p> - <p>LLD (https://lld.llvm.org/) is a drop in replacement for system linkers such as GNU ld and link.exe. Since LLVM release 4.0 it has been available in the official release. Speed of linking is especially important in large projects where a single change in an object file can result in minutes of link time. On a fast machine can bring the link time of even large projects like Chrome and Clang under a minute on a fast machine, permitting developers to iterate on their changes more rapidly.</p> - -<p>All linkers have the same basic job, find and load all the object files and libraries that will form the output, lay the contents out in order, write the combined output. In many ways a glorified form of cat. There is no single reason why LLD is faster than other linkers, it is a combination of architectural and implementation factors as well as a focus on performance by the projects maintainers. In some cases these factors will only pertain to linking but in many cases they will generalize to similar projects.</p> - -<p>The intended audience for this talk is made up of: -- People interested in learning more about the linking process. -- Software developers interested in performance of batch programs that deal with a large input size.</p> - -<p>Knowledge of C++ for the implementation aspects will be helpful.</p> - - Peter Smith - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:45 - 00:40 - K.4.201 - llvm_kernel - Compiling the Linux kernel with LLVM tools - - LLVM - devroom - - <p>The Linux kernel codebase has co-evolved with GCC and binutils over its lifetime, but LLVM is now capable of producing production ready Linux kernels. Come learn what some of the challenges were in porting the codebase from GCC/binutils to Clang/LLVM, and what the latest efforts are in both codebases to work towards this goal.</p> - <p>The Linux kernel codebase has co-evolved with GCC and binutils over its lifetime, but LLVM is now capable of producing production ready Linux kernels. Come learn what some of the challenges were in porting the codebase from GCC/binutils to Clang/LLVM, and what the latest efforts are in both codebases to work towards this goal.</p> - -<p>We plan to cover some of the previous challenges, current challenges, issue tracker, various continuous integration setups, topics of future interest, usage in production, and how folks interested in helping out can participate. This talk will be from a kernel developer's (slash recent LLVM contributor's) perspective.</p> - - Nick Desaulniers - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - K.4.201 - llvm_bisect - It was working yesterday! Investigating regressions with llvmlab bisect - A hands-on introduction to llvmlab bisect - LLVM - devroom - - <p>Investigating the source of correctness of performance regressions can be a very challenging and time consuming process. In this talk, I’m going to present an introduction to automated LLVM/clang bisecting with llvmlab bisect. Examples will be demonstrated using a Raspberry Pi board.</p> - <p>Understanding the source of a correctness, performance regression or behaviour changes is valuable information for developers. The process of going backwards and looking for a specific code change that caused a given issue is called bisection, see also https://en.wikipedia.org/wiki/Bisection<em>(software</em>engineering).</p> - -<p>Even though the algorithmic complexity of bisection is O(log N), the constants involved are sometimes very large, leading to a very long run time. It can be very simple when an obvious local change causes something to start malfunctioning. On the flip side, it can become very costly in case the behaviour change is actually a side effect of a supposedly unrelated commit.</p> - -<p>In projects with large code bases, lots of commits per day and requiring more than few minutes to be built - like LLVM and clang -, manually bisecting issues can be a painful and time-consuming process. That is why many tools are available to automate this process, with probably "git bisect" and "svn bisect" amongst the best known ones.</p> - -<p>llvmlab bisect is a tool introduced in 2015 by Chris Matthews and Daniel Dunbar, to address challenges when bisecting behavioural changes in LLVM. Especially, it sharply reduces bisection time by not needing to rebuild LLVM on every bisection step, resulting in often many order of magnitude improvements in bisection speed. For example, it is not uncommon for a bisection run to find the commit that changes behaviour in 1 day worth of LLVM commits, to be sped up from hours to minutes.</p> - -<p>The bisection process with llvmlab bisect relies on a publicly available build cache. This build cache saves time by avoiding the need to build a toolchain for every commit, by every developer. We have been using a build cache internally at Arm to be able to keep on top of correctness and performance regressions. Without this tool, the bisection runs would take too long to be able to feedback regressions introduced in recent commits in a timely fashion to external developers.</p> - -<p>We have recently created two new public bots as part of the Works on Arm project (https://www.worksonarm.com/) to build LLVM and clang, and populate the LLVM build cache with Arm binaries, so they can be used with upstream llvmlab bisect.</p> - -<p>In this talk, I’m going to present a practical introduction to automated LLVM/clang bisecting using llvmlab bisect, and following the recent addition of armv7 and aarch64 support on llvmlab bisect, examples will be demonstrated on a Raspberry Pi 3B+ board.</p> - - Leandro Nunes - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:00 - 00:30 - K.4.401 - hardware_raspberrypi - Raspberry Pi history, tips and use case - its history, how to use it and what is its good use case - Hardware Enablement - devroom - - <p>Raspberry Pi is now 6 years old, there are several tips and use cases.it was born for kids programming education, though, it is now also used for electric DIY hobbies, industrial use, Edge Computing, IoT and more. Masafumi will talk Raspberry Pi history and latest updates and discuss several its use cases and tips for our business and daily use.</p> - <h1>Raspberry Pi histories, tips and use case</h1> - -<h2>What is Raspberry Pi</h2> - -<p>1.Raspberry Pi history</p> - -<pre><code>1.1 The opportunity at programming education in latest kids generation -1.2 Concept of Raspberry Pi -1.3 Release in 2012 and now -1.4 Related vendors (resellers) encourage Raspberry Pi market. -1.5 Review its effects and results -1.6 Road maps and future -</code></pre> - -<p>2.Raspberry Pi models</p> - -<pre><code>2.1 Raspberry Pi 1 -2.2 Raspberry Pi 1+ -2.3 Raspberry Pi 2 -2.4 Raspberry Pi 2 (v1.2) -2.5 Raspberry Pi 3 -2.6 Raspberry Pi 3+ -2.7 compare other card-sized board machines -</code></pre> - -<h2>Raspberry Pi tips</h2> - -<p>3.Tips you should know</p> - -<pre><code>3.1 look inside hardware -3.2 check inside software -3.3 check inside related license and etc to sell your Raspberry Pi embedded products. -3.4 other useful tips you should check -</code></pre> - -<h2>Raspberry Pi use case</h2> - -<p>4.Learn from its use case</p> - -<pre><code>4.1 Not only for kids but also young engineers -4.2 Small and speedy starts gain your business with Raspberry Pi -4.3 Prototype and production -4.4 Daily DIY hobby expand your life -</code></pre> - -<h2>Conclusion</h2> - - Masafumi Ohta - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:30 - K.4.401 - hardware_boot_haiku - Will you boot Haiku, on a non intel platform, no BIOS winter? - Booting Haiku on non-x86, a never-ending story. - Hardware Enablement - devroom - - <p>The quest for booting Haiku on non-x86 platforms is a never-ending story. -The pace of development on the x86 platform doesn't explain everything. We'll tell the story of how we started ports on ARM, PPC, m68k, how well it went so far, and what's next. -Some rants on EFI, OpenFirmware, U-Boot and others might interfere with the narration.</p> - <p>We will tell the story of architecture support in Haiku, how it progressed, and sometimes regressed due to other developments, and how different firmwares impacted the bootloader and kernel support.</p> - - François Revol - - - Haiku website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:30 - K.4.401 - hw_uboot - U-Boot from Scratch - v2019.01 edition - Hardware Enablement - devroom - - <p>U-Boot project has evolved in the time span of over 17 years and so as its complexity and its uses. This has made it a daunting task in getting started with its development and uses. This talk will address all these issues start with overview, features, efforts created by U-Boot community and future plans.</p> - <p>In this talk Jagan Teki will introduce U-Boot from scratch with a brief overview of U-Boot history, U-Boot Proper, SPL, TPL, Build process and Startup sequence. He will talk about other preliminaries such as Image booting, Falcon Mode, Secure Boot and U-Boot features like device tree, device overlays, driver model and DFU, etc.</p> - -<p>Once giving enough introduction, he will also talk about steps to port U-Boot to new hardware with a demo, along with U-Boot testing process. Finally, he will address and review ongoing development work, issues and future development regarding U-Boot.</p> - - Jagan Teki - - - OSFC, 2018 paper - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - K.4.401 - linux_and_usb_audio_class_3 - Linux and USB Audio Class 3 - - Hardware Enablement - devroom - - <p>The USB Audio Class 3.0 is a specification recently introduced by USB Implementers Forum. Ruslan is an author of UAC3 implementation in Linux, he will give an overview of improvements and changes in this USB Audio spec, and will share current Linux support status and challenges faced during ALSA drivers implementation.</p> - - - Ruslan Bilovol - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - K.4.401 - uefi_boot_for_mere_mortals - UEFI Boot for Mere Mortals - - Hardware Enablement - devroom - - <p>Over the past decade the Unified Extensible Firmware Interface (UEFI) has become the primary standard for boot firmware. However, the complexity of the UEFI spec and the myriad of implementation choices can be confusing to even experienced developers. Fortunately, there are a growing number of open source UEFI implementations for different architectures, making it easier to explore the world of firmware.</p> - <p>This session will provide an overview of UEFI and show working examples based on two maker platforms: BeagleBone Black and the Aaeon’s UP Squared board. Everything from “lightweight” implementations to full UEFI stacks will be examined, using a variety of open source projects (TianoCore, U-Boot, coreboot, and Slim Bootloader).</p> - -<p>Questions this talk should answer:<br/> --What is the goal of the UEFI spec and what are some popular implementations?<br/> --How do I replace the stock firmware on my board with open source UEFI?<br/> --What are the benefits of running TianoCore rather than something more lightweight like coreboot or Slim Bootloader?<br/> --How does U-Boot implement UEFI, and how does it differ from EDK II?</p> - - Stephano Cetola - Alexander Graf - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:30 - K.4.401 - hw_gitlab_ci_arduino - AMENDMENT CI/CD for embedded development with an ESP8266, Arduino-cli, Gitlab-ci, Raspberry Pi, and Kubernetes - Blink a LED with gitlab-ci and arduino-cli - Hardware Enablement - devroom - - <p>Blink an ESP8266 board via an arduino-cli CI/CD pipeline hosted on Gitlab.com, with Kubernetes, and a Raspberry-pi board.</p> - -<p>WARNING: This replaces the "MCU Immutable Booting" talk from Michael Schloh von Bennewitz, which was canceled since the speaker could not attend FOSDEM due to a lack of financial sponsorship. It was about protecting microcontroller bootloaders with immutable boot.</p> - <p>In this live demo, I will show how to blink an ESP8266 board -via a CI/CD pipeline hosted on Gitlab.com. -Gitlab-ci is connected to a stripped down Kubernetes cluster (K3S -fork) hosted on a local raspberry-pi board, -to which we have attached an ESP8266 board. I will explain how to use -the new Arduino CLI instead of the Arduino IDE.</p> - - Benjamin Henrion (zoobab) - - - Arduino-cli blink example for ESP2866 + gitlab-ci + kubernetes - Arduino-cli - K3S, a lightweight kubernetes - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - K.4.401 - open_source_firmware_at_facebook - Open Source Firmware at Facebook - "If you don't own your firmware, your firmware owns you" - Hardware Enablement - devroom - - <p>LinuxBoot is an embedded Linux-based environment intended to be integrated into the firmware on the boot ROM. It provides an open, reliable way of initializing hardware and booting a target operating system. It can even replace large portions of proprietary and closed firmware on existing systems. We are experimenting with it at Facebook for speed, reliability, flexibility, transparency and control, and the goal is to make it available on as many platforms as possible.</p> - <p>UEFI was introduced about two decades ago to address the growing complexity of booting a modern computer. It has evolved over the years and is now almost ubiquitous. However there are some parts which still seem limited and difficult to work with, and most vendor implementations are still closed source.</p> - -<p>LinuxBoot, an open source effort, offers a solution by embedding a Linux kernel into a machine's firmware and using Linux to initialize most of the hardware and boot the target OS. The idea is to build on top of core silicon initialization modules (e.g. from UEFI) and get into into Linux as early as possible. We are experimenting with LinuxBoot in our infrastructure and various hardware projects at Facebook. We will talk about the advantages of running LinuxBoot for reliability, speed and flexibility, debugging, and how you can try it today on accessible hardware.</p> - - Andrea Barberio - David Hendricks - - - LinuxBoot main website - Systemboot: bootloader components - u-root: a Go-based initramfs - coreboot: open source firmware for silicon and DRAM initialization - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:30 - K.4.401 - zink - Zink - OpenGL on Vulkan - Hardware Enablement - devroom - - <p>For the last 25 years or so, OpenGL has been the only major cross-platform 3D graphics API out there. But in the last couple of years this has changed, and it's looking more and more like Vulkan will take over the throne. This means that we currently need two graphics drivers for each GPU, one per API. But it's not like the available workforce for opensource drivers all of a sudden doubled, so this leaves us with a scalability problem.</p> - -<p>To remedy this, we have started working on Zink, a new Mesa Gallium driver that implements OpenGL on top of Vulkan. This means that in the future, GPU vendors can focus on one, high-performance Vulkan driver, and leave OpenGL as a legacy/compatibility feature. This does come at a loss of performance, but this might not be as bad as one would fear.</p> - -<p>This approach also has some extra interesting benefits when virtualizing GPU access, where the channel through the VM to the GPU needs to be thoroughly vetted for security issues. Allowing this to be done once rather than twice has obvious benefits.</p> - -<p>This talk will cover what the current status of the project is, what problems are on the horizon, and where it'll hopefully go in the future.</p> - - - Erik Faye-Lund - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - K.4.401 - one_image_to_rule_them_all - One image to rule them all - Single boot image for SBCs - Hardware Enablement - devroom - - <p>Bootable images for single board computers (SBCs) are currently tailored for a specific board - even boards sharing the same SoC have to use separate image files. This either causes several almost identical images being provided or only very few boards being supported. The talk will present a single image designed to boot various ARM64 based SBCs, including boards from different SoC vendors, like Allwinner and Rockchip. It uses the different start sector used by the SoC families, with some tweaks to allow coexistence between the different firmware components, plus some runtime detection of the SoC and DRAM chips used. -This can be used for instance by distributions to provide generic distribution installer images.</p> - - - Andre Przywara - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:30 - K.4.401 - psl - Pocket Science Lab - Developing FOSS Hardware and Scaling up to Large Scale Production - Hardware Enablement - devroom - - <p>The goal of Pocket Science Lab is to miniaturize laboratories with FOSS and Open Hardware. We have released the first commercial FOSS version. The talk covers our journey from developing FOSS Hardware and to scaling up to large scale production.</p> - <p>The goal of Pocket Science Lab is to miniaturize laboratories. We have released the first commercial FOSS version. The talk covers our journey from developing FOSS Hardware and to scaling up to large scale production.</p> - -<p>PSLab is a tiny pocket science lab that provides an array of test and measurement instruments for doing science and engineering experiments. It can function like an oscilloscope, waveform generator, frequency counter, programmable voltage and current source and also as a data logger. An Android app is developed and available on app stores. A desktop version is available in Python. In the session we will also explain how the software applications with their unique functionalities help to grow the PSLab and Open Science community.</p> - - Mario Behling - - - PSLab Website - PSLab Git - PSLab Shop - PSLab Twitter - PSLab Facebook - PSLab Roadmap - PSLab Neurolab Hardware - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:30 - K.4.401 - porting_u_boot_to_a_modular_device - Porting U-Boot to a Modular Device - Booting Linux via U-Boot on a board which can be composed of several different modules - Hardware Enablement - devroom - - <p>Currently, Das U-Boot and Linux use device tree to specify how the different hardware components are connected to each other on a board. If a board has a way via which the user can plug in another hardware component, unless we are talking about universal buses like USB or SDIO, the device tree has to be updated to corresponding to the change.</p> - -<p>There are several ways how this issue can be solved. One may, for example, have a different device tree for each configuration, or one can use device tree overlays.</p> - -<p>But what if you have a device which can, via one bus, connect several devices, and these may or may not be of the same kind? The number of different device trees would grow rapidly, and one could not use the same device tree overlay when the same device is connected more than one time without editing the overlay.</p> - -<p>Fortunately U-Boot can fixup the loaded device tree before booting.</p> - -<p>In this talk we shall describe how we used this fixup feature (hopefully in an elegant and upstreamable way) to solve this issue on Turris MOX, a modular SOHO router.</p> - - - Marek Behún - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - K.4.401 - microcontroller_firmware_from_scratch - Microcontroller Firmware from Scratch - - Hardware Enablement - devroom - - <p>Follow a journey of writing STM32 microcontroller firmware from scratch, using open-source tools.</p> - <p>Follow Nikolay Kondrashov's journey of learning to write firmware for an STM32 microcontroller (the Blue Pill one) from scratch, using only open-source tools. From blinking LEDs, to controlling a toy car, without the complicated, and license-restricted manufacturer's libraries, or the comfortable crutches of the Arduino stack. Learn where to look for information, which tools you might need, and how to do it yourself with a similar or a different microcontroller.</p> - - Nikolai Kondrashov - - - Slides at slides.com - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:30 - K.4.401 - kernelci_a_new_dawn - KernelCI: a new dawn - How the KernelCI project is getting a second breath - Hardware Enablement - devroom - - <p>KernelCI is a project dedicated to testing the upstream Linux kernel. Originally created by Linaro in 2014, it is now given a second breath by joining the Linux Foundation and has a fast growing community. Results are already starting to show.</p> - <h2>On testing the upstream kernel</h2> - -<p>The upstream Linux kernel is known for having a high rate of -changes while supporting a vast range of hardware. How is it being -tested? The answer is manifold, with various systems focusing on -very different use-cases. From Intel's 0-Day project which has a -large test coverage but only runs on x86 platforms to individual -hackers who only have their locally available development hardware, -there is no comprehensive solution to test the kernel as a whole.</p> - -<h2>A second breath for KernelCI</h2> - -<p>KernelCI was originally created by Linaro in 2014 to address a -segmented ARM ecosystem. It then went through a long period of -slow progress, with a good range of hardware in its test labs but -limited build infrastructure, a reduced community and a lack of -advanced features. It is now given a second breath: labs are -growing with new devices, functional testing is expanding to cover -more subsystems, automated bisection is becoming effective. Last -but not least, KernelCI is now joining the Linux Foundation with a -membership scheme to provide it with a sustainable structure and -funding.</p> - -<h2>In the long run</h2> - -<p>Overall, the project aims at testing the upstream kernel in its -entirety. The hope is to gradually shift the kernel development -model to become more test-driven with continuous automated testing. -It is a very big task, so to start with it's going off the beaten -tracks by looking at areas that are not already very well covered. -And of course, there are many things there that need fixing before -they become real problems for users.</p> - - Guillaume Tucker - - - KernelCI home page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - K.4.401 - redfish_the_new_standard_for_a_software_defined_infrastructure - Redfish: the new standard for a Software Defined Infrastructure - - Hardware Enablement - devroom - - <p>Redfish is an IPMI replacement standardized by the DMTF. It provides a RESTful API for server out of band management and a lightweight data model specification that is scalable, discoverable and extensible. (Cf: http://www.dmtf.org/standards/redfish). This presentation will start by detailing its role and the features it provides with examples. It will demonstrate the benefits it provides to system administrator by providing a standardized open interface for multiple servers, and also storage systems.</p> - -<p>We will then cover various tools such as the python-redfish library (Cf: https://github.com/openstack/python-redfish) offering Redfish abstractions useful to provide Redfish support for python based solutions such as Ironic in OpenStack, cobbler or anaconda. The recently OpenSource python-redfish-utility client will also been covered.</p> - -<p>Finally, we'll show how to combine that to add CMDB support (with the Open Source iTop tool as an example) into a Software Defined Infrastructure.</p> - -<p>Live or Recorded demos will be displayed in order to illustrate the different aspects covered during the presentation.</p> - - - Bruno Cornec - - - Redfish standard - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:35 - 00:30 - K.4.601 - dns_getdns_local_validation - Using getdns for local DNSSEC validation - - DNS - devroom - - <p>The most common setup is where a recursive DNS resolver does the DNSSEC -validation. The nice thing about this approach in that existing applications -do not require modifications.</p> - -<p>However, an application cannot easily tell if the resolver is doing DNSSEC -validation, and the path between the application and the resolver is -unprotected.</p> - -<p>The solution to this, is for applications to do local DNSSEC validation. -This can be done using the getdns library. The getdns library provides other -advantages as well, such as a modern interface to DNS resolution, support -for event libraries (such as libevent).</p> - -<p>In this presentation I will describe getdns and show two examples of how it -can be used in practice.</p> - - - Philip Homburg - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:10 - 00:30 - K.4.601 - dns_systemd_resolved - How and why (not) to use the 127.0.0.53 nameserver, systemd-resolved and resolvctl - Or what is systemd-resolved and how it is integrated on Ubuntu - DNS - devroom - - <p>Resolved is a local, caching, DNS nameserver resolver and is used by default on Ubuntu. This talk's goals is to de-mystify how it works and what it does by default on Ubuntu, and how one can further configure it to either not get in the way, or do even more cool things. We will discuss how it can be used (nss, dbus, over the network, command-line, text-configs) and how to configure it (config files, command line, resolvconf, dbus, networkd, network-manager). We will cover advanced use cases for per-interface nameservers, true split-dns configuration, and optional features such as DNSSEC MDNS Zeroconf. Last we will discuss bugs, DNS violations and diss captive portals.</p> - <p>Talk outline</p> - -<p>= Fantastic DNS records and where to find them =</p> - -<p>Demystifying systemd-resolved and how it is integrated on Ubuntu</p> - -<p>== What is systemd-resolved? ==</p> - -<ul> -<li>Local, caching nameserver resolver</li> -<li>Nss-module, dbus-interface, command-line tool, networked daemon</li> -<li>Per-connection nameservers</li> -</ul> - - -<p>== How can one integrate systemd-resolved on the system? ==</p> - -<ul> -<li>Nss</li> -<li>Resolv.conf symlinks</li> -</ul> - - -<p>== How to update resolved nameservers ==</p> - -<ul> -<li>Netplan.io / NetworkManager / Networkd</li> -<li>Dbus</li> -<li>Systemd-resolved / Resolvctl</li> -<li>Resolvconf</li> -<li>Read resolv.conf</li> -</ul> - - -<p>== Ubuntu defaults ==</p> - -<ul> -<li>Things we do by default</li> -<li>Divergent defaults from upstream applied</li> -</ul> - - -<p>== Fun stuff ==</p> - -<ul> -<li>Dnssec</li> -<li>Mdns</li> -<li>Zeroconf</li> -<li>Split DNS ~</li> -</ul> - - -<p>== Bugs ==</p> - -<ul> -<li>Edns0 is sad</li> -<li>Captive portals are sad</li> -<li>Abuse of Option 15 for multiple domains</li> -<li>MDNS taking too long</li> -<li>Domain-less searches are not forwarded</li> -</ul> - - - Dimitri John Ledkov - - - resolved.conf man-page - systemd-resolved.service man-page - resolvectl, resolvconf man-page - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:45 - 00:30 - K.4.601 - dns_bind9_refactoring - Stories from BIND9 refactoring - Dealing with code that can drink legally - DNS - devroom - - <p>Bind9 code is 21 years old - it was written in times without all the modern buzz-words like test-driven development, QA and code quality. Having working on refactoring the code I want to guide the audience through the process of refactoring one particular function - query_find, showing the mistakes made on the way, cul-de-sacs entered, hours and days lost, for others to learn on my mistakes.</p> - - - Witold Kręcicki - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:20 - 00:30 - K.4.601 - dns_over_https_dilemma - DNS and the Internet's architecture: the DoH dilemma - Impacts of DNS-over-HTTPS on how the Internet works - DNS - devroom - - <p>Mozilla's announced deployment model for DNS-over-HTTPS made some properties of this protocol apparent to everyone, stirring a lot of discussion. Specifically, DoH could promote a collective switch from local resolvers to a few global public services, and make each application independent from the user's preferences in the operating system. This could provide more privacy and less censorship, or less privacy and more censorship, depending on how it is deployed and who gets to control the resolvers. What would be the advantages and disadvantages of a broad adoption of DoH by Web browsers, and its likely long-term effects?</p> - <p>The talk will start with a general introduction to DoH, stressing its main architectural features: hiding DNS queries inside Web traffic in an unblockable way, moving DNS resolution to the application layer, and putting application makers (especially browser makers) in charge for DNS settings.</p> - -<p>It will then discuss all the things that are broken by mass-scale deployment of DoH under this paradigm, including DNS-based security mechanisms and access control services, local and national content filtering policies, and network monitoring tools. It will also discuss in which use cases DoH creates advantages for the user (i.e. more privacy and freedom of expression) and in which others it creates disadvantages (i.e. less privacy and more control). Finally, it will discuss the changes to the Internet's original principles that would derive from the centralization that DoH could induce, by providing an additional control point to a few of the usual big over-the-top companies from the GAFAM club.</p> - -<p>We also look forward to a final discussion to listen to more opinions (including those that disagree with us) and allow participants to learn more about the issue and make up their mind - or, perhaps, end up with more questions than they had in the beginning.</p> - - Vittorio Bertola - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:55 - 00:30 - K.4.601 - dns_privacy_panel - DNS Privacy panel - A discussion about all aspects of DNS Privacy - DNS - devroom - - <p>Daniel Stenberg, Stéphane Bortzmeyer and Bert Hubert will discuss the changing DNS privacy landscape, including topics such as DoH, DoT. Moderated by Jan-Piet Mens.</p> - - - Daniel Stenberg - Stéphane Bortzmeyer - Bert Hubert - Jan-Piet Mens - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - K.4.601 - dns_id4me - ID4me: using the DNS as a directory for identities - Who needs a blockchain when you have the DNS? - DNS - devroom - - <p>The DNS was born as a directory for hosts, but shouldn't it also be a directory for people? As Internet-scale single sign-on and identity management platforms multiply, each enclosed in its own private namespace, there is a need to federate them and make them interoperable in an open and standard manner. We will discuss why the DNS is the best tool for that, compare it with trendy but less suitable alternatives (e.g. blockchains), and summarize the workings and the status of existing projects (ID4me).</p> - <p>The talk starts by discussing why a standard identity layer for the Internet is necessary and how it could work. It then discusses the possible options to build a distributed and federated database of existing identities, which is necessary for any such layer to work; and shows why the DNS is the best option currently available, when compared to Web-based protocols (e.g. Webfinger) and to blockchains. The talk then presents the architecture of the ID4me project, an attempt to build an open and public standard for Internet single sign-on based on the DNS; since the project was already partially presented in last edition's DNS devroom but has accomplished several new steps, it then gives an update on its status.</p> - -<p>An earlier version of this talk was already presented at the 2018 DNS Symposium organized by ICANN in Montreal last July (the slides from that talk are attached as a sample). This version will include an updated second part with some more details on the architecture and recent developments of the ID4me project.</p> - - Vittorio Bertola - - - ID4me website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:20 - K.4.601 - dns_flamethrower - Flamethrower - A flexible tool for DNS load and functional testing - DNS - devroom - - <p>Flamethrower is a new DNS performance and functional testing utility. Originally envisioned as an “improved dnsperf” and allowing simulation of realistic looking traffic patterns it has become a versatile tool for DNS server development and load testing. We will discuss motivations for its existence, its technical architecture, and use cases.</p> - - - Jan Včelák - - - Flamethrower repository at GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:25 - 00:30 - K.4.601 - dns_powerdns_lua_record - Dynamic answer generation with Lua - An exploration of the LUA record from the upcoming PowerDNS release - DNS - devroom - - <p>This talk will focus on an in-zone way of generating dynamic answers to DNS queries using Lua. These LUA records look like TXT in the zone, but the authoritative server will run the code that is inside them to answer a query. This talk details the design, implementation and usecases of these records as implemented in the PowerDNS Authoritative Server 4.2 (unreleased as of talk submission).</p> - - - Pieter Lexis - - - Lua records on the PowerDNS blog - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:30 - K.4.601 - dns_is_single_vendor_enough - Is a single DNS vendor enough? - Discussion about complexities of multi-vendor deployment, and why you should do it anyway. - DNS - devroom - - <p>Why is using a single DNS implementation not enough? Discussion about complexities of multi-vendor deployment, and why you should use multi-vendor setup anyway.</p> - <p>In theory all the DNS server implementations do basically the same thing, so why bother with deploying and maintaining software from more than vendor?</p> - -<p>In this talk we will look at consequences of having single DNS implementation, and give basic recommendations on DNS diversity.</p> - -<p>After an introductory presentation we will together discuss complexities of multi-vendor deployments, and try to gather ideas for common configuration interface which could help people to deploy software from multiple vendors.</p> - - Petr Špaček - - - YANG modelling language - RESTCONF protocol - NETCONF protocol - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:35 - 00:30 - K.4.601 - dns_octodns - DNS as code with octodns - Versioning and keep track of your dns records changes and automatize all the thing via travis-ci - DNS - devroom - - <p>In this talk will be illustrate who to manage a DNS infrastructure with a git repository and pull requests, will be also show how to easy setup multiple zones backup with multiple DNS providers. All make possible with octodns and travis-ci.</p> - - - Matteo Valentini - - - Octodns - travis-ci - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:30 - K.4.601 - dns_dnssec_security_without_maintenance - DNSSEC security without maintenance - ... with the right software and registry - DNS - devroom - - <p>We will show how to use open-source DNS server "Knot DNS" to automatically sign and maintain DNS zones, and how to automate DNSSEC maintenance.</p> - <p>Today DNSSEC technology is mature and automation tools are available for all tasks.</p> - -<p>In this talk we will show how to use open-source DNS server "Knot DNS" to sign your DNS zone and publish keys with little effort, and how to automate DNSSEC key management using CDS/CDNSKEY technology (RFC 8078).</p> - - Petr Špaček - - - Knot DNS homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:45 - 00:15 - K.4.601 - dns_documenting_validator_requirements - Documenting Validator Requirements - - DNS - devroom - - <p>Within the IETF there is an effort to document what is needed for a DNSSEC Validator to work. This talk is to "sell" this document to the developer community and to assess the desire to see the document published. An important question to discuss - how is this not another straw on the back of the camel.</p> - - - Edward Lewis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:20 - K.4.601 - dns_ksk_2010_revoke_monitoring - Revoking the 2010 DNSKEY - Monitoring the events of 11th of January 2019 - DNS - devroom - - <p>The new root DNSKEY is in use since October 11th 2018. The old root DNSKEY is still present in the root zone, and will have the revoked bit set on January 11th, 2019. The intent is to monitor RFC8145 data from all the root-server operators.</p> - <p>The DNSKEY roll for the root is a major event. The most noticeable step was using the new DNSKEY, which started on October 11th. The next step is revoking the old key. This is a minor event, but should still be visible in our RFC8145 data. We will monitor this event and track what happens via various measurement techniques.</p> - - Roy Arends - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - K.4.601 - dns_testing_1000_gtld_edns0 - Testing Over 1000 gTLDs for EDNS0 - - DNS - devroom - - <p>In advance of open source DNS developers "DNS Flag Day", ISC's EDNS0 tester is applied across 1200+ zones. In preparing so many delegations across so many zones, a lot of interesting comments can be made regarding how zones, name servers and addresses are mixed, as well as the results of the original goal, testing EDNS0 protocol deployment.</p> - - - Edward Lewis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:30 - UA2.114 (Baudoux) - containers_kubic - openSUSE Kubic for Container People - Exploring the Containerised Frontiers - Containers - devroom - - <p>As the world moves more and more towards containerised solutions, a number of real questions start to appear. -- What is the perfect platform for running containers atop? -- How to use this platform as part of a flexible, scalable, highly available infrastructure fabric? -- How to minimize the maintenance and administration of this platform at scale?</p> - -<p>All of these problems are well answered in an enterprise environment by SUSE CaaS Platform, but for developers more interested in the state of containers &amp; kubernetes upstream, new issues start to appear. With such fast moving upstreams, developers and enthusiasts need a platform that can keep up and is closely involved with those upstream developments. This platform needs to not only be able to run containers at scale, but also on single machine, all the while preserving the attributes of low maintenance so the focus can be on the containers, not the base system beneath them.</p> - -<p>This talk will introduce openSUSE Kubic, and explains how it addresses the above, being the perfect platform for container developers and enthusiasts. The session will mention how Kubic is based on the Tumbleweed rolling release and various upstreams including kubeadm and CRI-O. The kubeadm Kubernetes cluster boostrapping tool will be discussed in some detail and demonstrated, with some sneak peaks into how it may be extended in the future.</p> - -<p>Attendees should come away from this talk with everything they need to know to get starting using, developing with and contributing to openSUSE Kubic.</p> - - - Richard Brown - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:35 - 00:30 - UA2.114 (Baudoux) - containers_atomfs - An operator centric way to update application containers with AtomFS - - Containers - devroom - - <p>Operators today have a problem when they want to update application containers: they have to go ask the developers to re-build and re-test the container. That's because application containers today are a bit-for-bit representation of the container that the developer ran.</p> - -<p>An insight here is that applications probably don't care about which versions of what libraries are in use: any reasonable libc, python3, ssl, etc. will do. But today, to fix a CVE in SSL, an entire container rebuild is required.</p> - -<p>Enter AtomFS. AtomFS is an entirely userspace tool designed to allow operators to update individual libraries inside app containers. In this talk Tycho will cover how the tooling works, as well as what changes are needed to make application container builds work with AtomFS.</p> - - - Tycho Andersen - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:10 - 00:15 - UA2.114 (Baudoux) - containers_lsm - Containers with Different Security Modules - Stacking & Namespacing the LSM - Containers - devroom - - <p>Containers would like to be able to make use of Linux Security Modules (LSMs), from providing more complete system virtualization to improving container confinement. To date containers access to the LSM has been limited but there has been work to change the situation.</p> - <p>This presentation will discuss and demonstrate the current state of Linux Security Module (LSM) stacking and namespacing making it possible to run containers with a different security module than that of the host.</p> - - John Johansen - - - Submit feedback - - - - 10:30 - 00:30 - UA2.114 (Baudoux) - containers_k8s_storage - Upcoming Kubernetes Storage features - transfers, clones and populators - Containers - devroom - - <p>The popularity and use cases for Containers continues to grow, and storage features are quickly evolving to catch up. In this talk we'll introduce a few of the latest features being added to CSI and Kubernetes. We'll go through transferring PVCs across Namespaces, Cloning PVCs and Populating PVCs with data from external data sources. We'll look at how these features are particularly useful in a Container world, and some of the new use cases that they open up. Finally, we'll include some demos of the features in Kubernetes as well as where they are currently in terms of release status and when you can expect to see them in your Kubernetes deployment.</p> - - - John Griffith - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:05 - 00:30 - UA2.114 (Baudoux) - containers_firecracker - Firecracker, should it work only with a single runtime? - - Containers - devroom - - <p>Firecracker, an open-source project published by Amazon, opens up a lot of interesting perspective to the container ecosystem. For the diversity of Kubernetes ecosystem, we should also think about how we should get the new shape of containers integrated with all other high-level container runtimes, such as cri-o or rktlet.</p> - <p>Firecracker, an open-source project published by Amazon, opens up a lot of interesting perspective to the container ecosystem. It opens up use cases between containers and VMs, making use of KVM without relying on heavyweight Qemu instances. Though its integration with the -Kubernetes ecosystem has only started its first step, only with containerd. For the diversity of Kubernetes ecosystem, we should also think about how we should get the new shape of containers integrated with all other high-level container runtimes, such as cri-o or rktlet.</p> - -<p>In this talk, I would like to talk about alternative ways of integration for getting firecracker integrated with multiple container runtimes. A proof-of-concept for the concept can be also presented during the talk.</p> - - Dongsu Park - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:30 - UA2.114 (Baudoux) - containers_kernel_update - A year of Container Kernel Work - Past, Present, and Future of Container Kernel Features - Containers - devroom - - <p>In this talk we will focus on container related kernel features. We will take -an in-depth, technical look at what features have been worked on, are currently -worked, or are planned.</p> - <p>Containers have become ubiquitous. Nowadays, the computing landscape is mostly -concerned with a higher-level view on the functionality and features of -containers (e.g. orchestration). In this talk we will take a step back and -focus on the low-level aspects that make containers possible. Specifically, we -will look at kernel features that have been implemented in the last year(s), -features that are currently being worked on and features that are planned in -the future. We will try to take a closer technical look and not shy away from -analysing code and patchsets where needed. The goal of the talk is to inform -users about the kernel development status but also to raise awareness that all -the shiny glitter takes a lot of difficult technical arguments and patches that -are not just "boring plumbing" but actually are pretty exciting.</p> - - Christian Brauner - - - Overview and Recent Developments: Namespaces and Capabilities - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:15 - 00:30 - UA2.114 (Baudoux) - containers_mgmt - Real-time container automation and scheduling - Mgmt Config: Containers - Containers - devroom - - <p>Mgmt is a next gen config management tool that takes a fresh look at existing automation problems. -The tool has two main parts: the engine, and the language. -The engine has a number of resources, including a container resource. -We will feature a number of demos of this resource, and discuss how the language can be used to build a custom container automation solution. -The language is a minimalistic, functional, reactive DSL. -It can be used to build a real-time, distributed container automation solution, or something else entirely! -We'll also use it to demo, service discovery, auto-scaling, and scheduling! -Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project.</p> - - - James Shubin - - - Project homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:50 - 00:20 - UA2.114 (Baudoux) - containers_lttng - A follow-up on LTTng container awareness - System level tracing in a containerized world - Containers - devroom - - <p>Follow up on the work that was done since last year's 'LTTng: The road -to container awareness' presentation. A quick glance at the base -features that were merged upstream, what is still missing and the -tooling integration with container runtimes we plan to build on those -features.</p> - - - Michael Jeanson - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:15 - 00:20 - UA2.114 (Baudoux) - containers_containerd_update - A containerd project update - 20 minute project update for 2019 FOSDEM containers devroom - Containers - devroom - - <p>Last year at FOSDEM, containerd was presented as a fairly new CNCF project which had just reached its 1.0 release a month prior. With two major releases since then and a large list of new adopters, including two major public clouds, containerd has continued to gain momentum as a project and this talk will provide an update on users, releases, and the future plans for containerd and its maturity as a core, open source container runtime.</p> - <p>Last year at FOSDEM, containerd was presented as a fairly new CNCF project which had just reached its 1.0 release a month prior. With two major releases since then and a large list of new adopters, including two major public clouds, containerd has continued to gain momentum as a project and this talk will provide an update on users, releases, and the future plans for containerd and its maturity as a core, open source container runtime.</p> - -<p>In 2018, containerd and its CRI plugin was marked as GA for use in Kubernetes, followed by two major public clouds--Google's GKE and IBM Cloud's IKS--offering containerd as their managed Kubernetes cluster's runtime. Containerd continues to be used by all Docker releases, and Docker has plans to remove more code from the moby project and utilize stable features within containerd instead, furthering adoption of containerd's codebase.</p> - -<p>Additionally, the attractive API and stability of containerd has brought quite a few new adopters since last year including AWS Firecracker VMM, Kata Containers, Alibaba PouchContainer, and Microsoft contributing and hardening the complete Windows container support in the containerd 1.2 release. Containerd has also proposed to be a "graduated" project in the CNCF and has received a full security audit which will be published soon.</p> - - Phil Estes - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:30 - UA2.114 (Baudoux) - containers_istio_security - Kubernetes Network Security Demystified - - Containers - devroom - - <p>Kubernetes provides multiple layers of network security including the control plane, etcd, the CNI network, network policies, and - with Istio on top - the requests between applications themselves. In this talk we explore the underlying technologies on which these layers are built using approachable examples and demonstrations. Attendees can expect to gain an understanding of these implementations and the principles behind encryption, identity, and trust in Kubernetes.</p> - -<ul> -<li>What are TLS, X.509, and mutual authentication?</li> -<li>Why cloud native communication should be encrypted by default</li> -<li>Kubernetes component intercommunication</li> -<li>CNI and network policy for applications</li> -<li>Bootstrapping identity with SPIFFE</li> -<li>Mutual TLS, route rules, and destination policies in Istio</li> -</ul> - - - - Andrew Martin - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:15 - 00:20 - UA2.114 (Baudoux) - containers_lxd_update - A year of LXD development - Project update on what happened in LXC/LXD in 2018 - Containers - devroom - - <p>Over 2018, LXD's userbase grew significantly, partly thanks to it shipping on all Chromebooks. -But other than merely getting more users, we've still been very hard at work introducing a number of exciting new features.</p> - -<p>The main one of those has certainly been LXD clustering which released alongside our second LTS release back in April.</p> - -<p>We've also been adding a wide variety of storage related features, simplified networking, better support for GPUs, ...</p> - -<p>In this presentation, we'll go over the past year and highlight the most interesting changes, then look a bit further for what to expect in 2019.</p> - - - Stéphane Graber - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:40 - 00:20 - UA2.114 (Baudoux) - containers_k8s_rootless - Rootless Kubernetes - Running Kubernetes and CRI/OCI Runtimes as an unprivileged user - Containers - devroom - - <p>Kubernetes supports several security mechanisms such as Seccomp, Apparmor, SELinux, and runAsUser for protecting the hosts from container-breakout attacks. However, these mechanisms are not sufficient for the security demand because Kubelet and CRI/OCI runtimes require the root privileges on the hosts, and these components are seriously bug-prone. The dependency on the root privileges has been also problematic for promoting Kubernetes to the HPC world, where users are often disallowed to install software as the root.</p> - -<p>In this talk, Akihiro and Giuseppe will show the community’s ongoing work for making Kubernetes deployable and runnable as a non-root user, by using User Namespaces. The main topics of discussion will be UID/GID mapping, unprivileged Copy-on-Write filesystems, Usermode networking (Slirp), and Cgroups.</p> - - - Akihiro Suda - Giuseppe Scrivano - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:05 - 00:30 - UA2.114 (Baudoux) - containers_nabla - A new approach to container isolation with Nabla - - Containers - devroom - - <p>Despite its many advantages, containers have not been accepted as isolated sandboxes. In this talk, we present Nabla containers, which uses library OS/unikernel techniques to avoid system calls and thereby reduce the attack surface on the host kernel. We will demonstrate the running of popular applications (node.js, python, redis, etc.) on container ecosystems (kubernetes, etc.) as nabla containers (using &lt; 9 syscalls). In addition, We will compare isolation and performance metrics against other isolation technologies (gvisor, kata, etc.)</p> - <p>Horizontal attacks are an important security concern for cloud providers and its tenants. Despite its many advantages, containers have not been accepted as isolated sandboxes, which is crucial for container-native clouds. The exposure of the syscall interface directly to untrusted workloads has greatly increased the number of exploits possible to the host.</p> - -<p>We present Nabla containers, which uses library OS/unikernel techniques to avoid system calls and thereby reduce the attack surface on the host kernel. Using our OCI runtime, runnc (https://github.com/nabla-containers/runnc), we show the running of popular applcations: Node.js, python, redis, etc. permitting the use of &lt; 9 syscalls via seccomp. In this talk, we will discuss and demo how we have leveraged libOS ideas in a novel way and compare isolation and performance metrics against other technologies such as gvisor and Kata Containers. In addition, we will demonstrate the running nabla containers with the existing container ecosystems such as kubernetes.</p> - - Brandon Lum - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:20 - UA2.114 (Baudoux) - containers_kubectl_trace - Introducing kubectl-trace - bpftrace meets Kubernetes with kubectl-trace - Containers - devroom - - <p>I will show how to use BPFtrace to trace both function calls in your programs and kernel functions. Then, I will show how such a low-level tracing tool can be used in high-level environments like Kubernetes clusters with kubectl-trace.</p> - <p>kubectl-trace (https://github.com/fntlnz/kubectl-trace) schedules bpftrace programs on your kubernetes cluster using the kubectl.</p> - -<p>BPFtrace (https://github.com/iovisor/bpftrace) is a new tracing tool announced in October 2018. You can write one-liner commands in your shell using a high-level tracing language inspired by awk and C, and predecessor tracers such as DTrace and SystemTap. Behind the scenes, it compiles this high-level language with LLVM into eBPF bytecode (extended Berkeley Packet Filter) available in recent Linux kernels. It allows you to trace different layers of the system: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints.</p> - -<p>It can be used to trace containers, for example running on Kubernetes, the most popular container orchestration tool. BPFtrace is used as a base tool by kubectl-trace to build more complex tracing tools on Kubernetes.</p> - - Alban Crequy - - - kubectl-trace - bpftrace - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:20 - UA2.114 (Baudoux) - containers_singularity_update - A quick update on singularity 3.0 - singularity 3.0 - Containers - devroom - - <p>Singularity is increasingly recognized as the ideal container technology for AI, Machine/Deep Learning, compute-driven analytics, and Data Science. Recently released Version 3.0 of this open source software incorporates a number of significant enhancements that span from the core of the software itself to the enabling ecosystem that surrounds it. Thus the purpose of this presentation is to provide a technical overview of the following enhancements: reimplementation of the Singularity core in a combination Go and C; the introduction of the Singularity Image Format (SIF) as a file-based paradigm for encapsulating cryptographically signable and verifiable container images; expansion of the Singularity ecosystem through cloud-hosted services for signing and verifying cryptographic keys for SIF images, remotely building images as well as a repository for storing and sharing images; plus miscellaneous enhancements regarding instance support and networking management. Platform enhancements, together with an expanded and better-enabled container ecosystem, combine to set Singularity apart as the optimal choice for compute-driven workloads wherever they exist. Because the Go-based core and SIF enhancements are essential to the roadmap for Singularity, allusions are made here with respect to standards compliance as well as integration with Kubernetes for container orchestration.</p> - <p>Singularity is the most widely used container solution in High Performance Computing (HPC). Enterprise users interested in AI, Deep Learning, compute-driven analytics, and IoT, are increasingly demanding HPC-like compute infrastructures. Singularity has many features that make it the preferred container solution for this new type of “Enterprise Performance Computing” (EPC) workload.</p> - -<p>2018 has proven to be a remarkable year for Singularity. In this talk we will take a look back at what has been accomplished this year, including what’s new in the Version 3.0 release. For this release, the core Singularity codebase was rewritten from a Bash/Python/C combination into a Go-C architecture. Motivated at the outset by the need to both modernize and unify the Singularity codebase, Go emerged as the obvious choice to replace scripting languages Bash and Python. While advantageous in and of itself, from the perspective of software lifecycle management for example, the choice of Go offered the potential for a significant strategic upside. Briefly, it is increasingly the case that Go is the go-to language for many of the major projects in the broader container ecosystem. -The second big change is the format used for container images, as Singularity 3.0 introduced the Singularity Image Format (SIF) - a new file format specifically tailored for container images. SIF allows for storage of the different components that make up a container. For example, SIF-based containers may include OS partition images (read-only), user writable sections, recipes used to create the container, cryptographic signatures for data integrity and authenticity, and whatever else the community can think of - as SIF is an extensible format. A SIF file resembles a generic Linux file system in structure and content. A global header identifies the file as being of type SIF, and the necessary metadata to detail the remaining content of the image file. Following these descriptors is the corresponding data - namely the OS partition image, recipe, environment variables and signature blocks. -As Singularity is drawn into full compliance with standards emerging from the Open Container Initiative (OCI), data encryption is a requirement slated for immediate action. Also related to OCI compliance, and involving SIF specifically, will be the need to harmonize the existing signing and verification capability inherent in SIF with those requirements currently emerging from within the OCI. Because extensibility was designed into SIF from the outset, OCI compliance can be addressed through technically efficient and effective means. Finally, and related to compliance with respect to the OCI Image Specification, will be efforts to ensure that SIF images can be appropriately ‘ingested’ – e.g., for subsequent use by an OCI-compliant runtime. In other words, SIF will become a packaging format for OCI-based containers. Still related to SIF, compliance will include the ability to mount an arbitrary number of SIF images as an OCI bundle. Needed for compliance with the OCI Runtime Specification, at a high level, this translates to mounting an arbitrary number of files – as SIF encapsulates each Singularity container into a single file. -Keywords Go, HPC, Linux Containers, Singularity, Docker, OCI</p> - - Eduardo Arango - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - UA2.114 (Baudoux) - containers_k8s_cni - Writing a CNI - as easy as pie - Write you own CNI (Container Network Interface) - Containers - devroom - - <p>The CNI specification describes a generic plugin-based networking solution for application containers on Linux. -It allows to create easily plugable network plugins for container management system (such as for example Kubernetes). -The session will show how easy it is to create a CNI from scratch, plug it into Kubernetes, and spawn a container connected to the network by this CNI.</p> - - - Marcin Mirecki - - - CNI spec - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:45 - UA2.118 (Henriot) - rapids - RAPIDS - Data Science on GPUs - HPC, Big Data and Data Science - devroom - - <p>The next big step in data science will combine the ease of use of common Python APIs, but with the power and scalability of GPU compute. The RAPIDS project is the first step in giving data scientists the ability to use familiar APIs and abstractions while taking advantage of the same technology that enables dramatic increases in speed in deep learning. This session highlights the progress that has been made on RAPIDS, discusses how you can get up and running doing data science on the GPU, and provides some use cases involving graph analytics as motivation.</p> - <p>GPUs and GPU platforms have been responsible for the dramatic advancement of deep learning and other neural net methods in the past several years. At the same time, traditional machine learning workloads, which comprise the majority of business use cases, continue to be written in Python with heavy reliance on a combination of single-threaded tools (e.g., Pandas and Scikit-Learn) or large, multi-CPU distributed solutions (e.g., Spark and PySpark). RAPIDS, developed by a consortium of companies and available as open source code, allows for moving the vast majority of machine learning workloads from a CPU environment to GPUs. This allows for a substantial speed up, particularly on large data sets, and affords rapid, interactive work that previously was cumbersome to code or very slow to execute. Many data science problems can be approached using a graph/network view, and much like traditional machine learning workloads, this has been either local (e.g., Gephi, Cytoscape, NetworkX) or distributed on CPU platforms (e.g., GraphX). We will present GPU-accelerated graph capabilities that, with minimal conceptual code changes, allows both graph representations and graph-based analytics to achieve similar speed ups on a GPU platform. By keeping all of these tasks on the GPU and minimizing redundant I/O, data scientists are enabled to model their data quickly and frequently, affording a higher degree of experimentation and more effective model generation. Further, keeping all of this in compatible formats allows quick movement from feature extraction, graph representation, graph analytic, enrichment back to the original data, and visualization of results. RAPIDS has a mission to build a platform that allows data scientist to explore data, train machine learning algorithms, and build applications while primarily staying on the GPU and GPU platforms.</p> - - Christoph Angerer - - - rapids website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:50 - 00:25 - UA2.118 (Henriot) - openhpc - OpenHPC Update - - HPC, Big Data and Data Science - devroom - - <p>High performance computing (HPC) - the aggregation of computers into clusters to increase computing speed and power- relies heavily on the software that connects and manages the various nodes in the cluster. Linux is the dominant HPC operating system, and many HPC sites expand upon the operating system's capabilities with different scientific applications, libraries, and other tools.</p> - -<p>To avoid duplication of the necessary steps to run an HPC site the OpenHPC project was created in response to these issues. OpenHPC is a collaborative, community-based effort under the auspices of the Linux Foundation to solve common tasks in HPC environments by providing documentation and building blocks that can be combined by HPC sites according to their needs.</p> - -<p>In this talk I want to give an introduction about the OpenHPC project. Why do we need something like OpenHPC? What are the goals of OpenHPC? Who is involved in OpenHPC and how is the project organized? -What is the actual result of the OpenHPC project?</p> - -<p>It also has been some time (it was FOSDEM 2016) since OpenHPC was part of the HPC, Big Data and Data Science devroom, so that it seems a good opportunity for an OpenHPC status update and what has happened in the last three years. In addition to previous mentioned topics I would also like to give an outlook about upcoming releases and plans for the future.</p> - - - Adrian Reber - - - OpenHPC Introduction - OpenHPC - OpenHPC Introduction - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:15 - 00:25 - UA2.118 (Henriot) - collective_knowledge - CK: an open-source framework to automate, reproduce, crowdsource and reuse experiments at HPC conferences - - HPC, Big Data and Data Science - devroom - - <p>Validating experimental results from articles has finally become a norm at many HPC and systems conferences. Nowadays, more than half of accepted papers pass artifact evaluation and share related code and data. Unfortunately, lack of a common experimental framework, common research methodology and common formats places an increasing burden on evaluators to validate a growing number of ad-hoc artifacts. Furthermore, having too many ad-hoc artifacts and Docker snapshots is almost as bad as not having any (!), since they cannot be easily reused, customized and built upon.</p> - -<p>While overviewing more than 100 papers during artifact evaluation at HPC conferences, we noticed that many of them use similar experimental setups, benchmarks, models, data sets, environments and platforms. This motivated us to develop Collective Knowledge (CK), an open workflow framework with a unified Python API to automate common researchers’ tasks such as detecting software and hardware dependencies, installing missing packages, downloading data sets and models, compiling and running programs, performing autotuning and co-design, crowdsourcing time-consuming experiments across computing resources provided by volunteers similar to SETI@home, reproducing results, automatically generating interactive articles, and so on: http://cKnowledge.org .</p> - -<p>In this talk I will introduce CK concepts and present several real world use cases from the Raspberry Pi foundation, ACM, General Motors, Amazon and Arm on collaborative benchmarking, autotuning and co-design of efficient software/hardware stacks for emerging workloads including deep learning. I will also present our latest initiative to create an open repository of reusable research components and workflows at HPC conferences. We plan to use it to automate the Student Cluster Competition Reproducibility Challenge at the Supercomputing conference.</p> - - - Grigori Fursin - - - Collective Knowledge website (CK) - CK use cases - CK workflow to automate Student Cluster Competition Reproducibility Challenge at SC18 - RESCUE-HPC workshop at SC18 - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:45 - 00:25 - UA2.118 (Henriot) - precice - Couple scientific simulation codes with preCICE - A journey towards sustainable research software - HPC, Big Data and Data Science - devroom - - <p>Have you ever observed how birds fly? By moving their wings, they cause an air flow. This air flow then deforms their wings back. By simulating this complex, multi-physics phenomenon, we could design better flexible wings. However, we don’t need complex software to simulate such complex phenomena.</p> - -<p>"Make each program do one thing well" is part of the UNIX Philosophy, but it can also apply to scientific software. We should aim to simulate multi-physics phenomena with a combination of simpler software: one "expert" for each domain (for example, flows and structures). There are so many "expert programs" in the free/open-source software community; what if we could enable them to collaborate?</p> - <p>The preCICE coupling library* can couple different simulations in an easy, plug-and-play way, while it is also designed for the Exascale HPC era, offering peer-to-peer communication over TCP/IP or MPI. Not only is it easy to use it in your own code, but it also comes with ready-to-use "adapters" for OpenFOAM, SU2, CalculiX, Code_Aster, FEniCS and other software. For example, one can set up a flow simulation in OpenFOAM, set up a structure simulation in CalculiX, start the two simulations normally, and get a coupled Fluid-Structure Interaction simulation. But FSI is only one of the possible applications.</p> - -<p>Being developed in the academia, but with the goal to stay and help users all over the world, even when its main contributors change, our project is an actively evolving example of (wanting to be) sustainable research software. Over the past year, we had to answer many questions on building, packaging, dependency management, usability, and other topics, questions which previous FOSDEM talks helped us to answer. For example, over the past year we changed from SCons to CMake to provide closer to the expected behavior, added support for Spack to bring preCICE into supercomputers near you, we experimented with other package managers, and we rethought our workflows to encourage community contributions.</p> - -<p>This talk will present the possibilities that preCICE opens to the free/open-source scientific software community and discuss our efforts to improve the project’s sustainability.</p> - -<ul> -<li>Website: precice.org. Code available on github.com/precice under LGPL3.</li> -</ul> - - - Gerasimos Chourdakis - - - preCICE webpage - preCICE on GitHub - web-based tutorial - "CMake Overhaul" Pull Request (#240) - preCICE with CMake (wiki) - preCICE with Spack (wiki) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:15 - 00:25 - UA2.118 (Henriot) - reframe - ReFrame: A Regression Testing and Continuous Integration Framework for HPC systems - - HPC, Big Data and Data Science - devroom - - <p>Regression testing of HPC systems is of crucial importance when it comes to ensure the quality of service offered to the end users. At the same time, it poses a great challenge to the systems and application engineers to continuously maintain regression tests that cover as many aspects as possible of the user experience. In this presentation, we present ReFrame, a new framework for writing regression tests for HPC systems. ReFrame is designed to abstract away the complexity of the interactions with the system and separate the logic of a regression test from the low-level details, which pertain to the system configuration and setup. Regression tests in ReFrame are simple Python classes that specify the basic parameters of the test plus any additional logic. The framework will load the test and send it down a wel-defined pipeline which will take care of its execution. All the system interaction details, such as programming environment switching, compilation, job submission, job status query, sanity checking and performance assessment, are performed by the different pipeline stages. Thanks to its high-level abstractions and modular design, ReFrame can also serve as a tool for continuous integration (CI) of scientific software, complementary to other well-known CI solutions. Finally, we present the use cases of two large HPC centers that have adopted or are now adopting ReFrame for regression testing of their computing facilities.</p> - - - Victor Holanda - - - GitHub Project - Project documentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:45 - 00:25 - UA2.118 (Henriot) - containers_hpc_singularity - Reproducible science with containers on HPC through Singularity - Singularity containers - HPC, Big Data and Data Science - devroom - - <p>One of the biggest problems in scientific HPC is ensuring that results are reproducible. That is, the code a scientist runs locally must be able to run identically on any computational resource. Until recently, the job of ensuring that fell to system administrators who needed to manage a complex web of tools and dependencies on those resources. However, with the introduction of HPC containers via Singularity, the ability to mobilize the compute environment has never been easier. Singularity allows anybody to run their own containers on HPC, ushering in a new era of computational mobility, validity, and reproducibility.</p> - -<p>Singularity is the most widely used container solution in high-performance computing (HPC). Enterprise users interested in AI, Deep Learning, compute drive analytics, and IOT are increasingly demanding HPC-like resources. Singularity has many features that make it the preferred container solution for this new type of “Enterprise Performance Computing” (EPC) workload. Instead of a layered filesystem, a Singularity container is stored in a single file. This simplifies the container management lifecycle and facilitates features such as image signing and encryption to produce trusted containers. At runtime, Singularity blurs the lines between the container and the host system allowing users to read and write persistent data and leverage hardware like GPUs and Infiniband with ease. The Singularity security model is also unique among container solutions. Users build containers on resources they control or using a service like the Sylabs Remote Build Service. Then they move their containers to a production environment where they may or may not have administrative access and the Linux kernel enforces privileges as it does with any other application. These features make Singularity a simple, secure container solution perfect for HPC and EPC workloads.</p> - <p>One of the biggest problems in scientific HPC is ensuring that results are reproducible. That is, the code a scientist runs locally must be able to run identically on any computational resource. Until recently, the job of ensuring that fell to system administrators who needed to manage a complex web of tools and dependencies on those resources. However, with the introduction of HPC containers via Singularity, the ability to mobilize the compute environment has never been easier. Singularity allows anybody to run their own containers on HPC, ushering in a new era of computational mobility, validity, and reproducibility.</p> - -<p>Singularity is the most widely used container solution in high-performance computing (HPC). Enterprise users interested in AI, Deep Learning, compute drive analytics, and IOT are increasingly demanding HPC-like resources. Singularity has many features that make it the preferred container solution for this new type of “Enterprise Performance Computing” (EPC) workload. Instead of a layered filesystem, a Singularity container is stored in a single file. This simplifies the container management lifecycle and facilitates features such as image signing and encryption to produce trusted containers. At runtime, Singularity blurs the lines between the container and the host system allowing users to read and write persistent data and leverage hardware like GPUs and Infiniband with ease. The Singularity security model is also unique among container solutions. Users build containers on resources they control or using a service like Singularity Hub. Then they move their containers to a production environment where they may or may not have administrative access and the Linux kernel enforces privileges as it does with any other application. These features make Singularity a simple, secure container solution perfect for HPC and EPC workloads.</p> - -<p>Singularity blocks privilege escalation within the container so if a user wants to be root inside the container, it must be root outside the container. This usage paradigm mitigates many of the security concerns that exists with containers on multi-tenant shared resources. You can directly call programs inside the container from outside the container fully incorporating pipes, standard IO, file system access, X11, and MPI. -Keywords HPC, Linux Containers, Singularity, Docker, LXC, portability</p> - -<p>References -Kurtzer, G. M. (2016). Singularity 2.1.2 - Linux application and environment containers for science. Zenodo. http://doi.org/10.5281/zenodo.60736 -LinuxContainers.org Infrastructure for container projects. Project sponsored by Canonical Ltd. https://linuxcontainers.org/</p> - - Eduardo Arango - - - Singularity git repo - Sylabs web - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:15 - 00:10 - UA2.118 (Henriot) - nakadi - Nakadi: Streaming Events for 100s of Teams - Serving all sorts of users and use cases, the sane way - HPC, Big Data and Data Science - devroom - - <p>At Zalando, a small team of 9 engineers develops, maintains, and operates an internal deployment of Nakadi, the open source event streaming platform. Nakadi handles dozens of terabytes of data every day, produced and consumed by hundreds of teams, with use cases from big data to service-to-service communication. Nakadi also feeds data into Zalando’s data lake for batch analysis. In this talk, we will show how a small team can serve so many customers while still finding the time to work on new features and fixing bugs. Serving users at scale requires a completely self-service offering. Nakadi provides self-service stream creation, administration, schema validation and evolution, monitoring, authorization, SQL over streams, and a great UI so that even less technical users can use Nakadi.</p> - - - Lionel Montrieux - - - Nakadi Event Broker - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:10 - UA2.118 (Henriot) - numaprof - MALT & NUMAPROF, Memory Profiling for HPC Applications - - HPC, Big Data and Data Science - devroom - - <p>Memory is now a key component to understand and control to extract the best performance from High Performance Computing computer architectures. With an increasing gap between CPU and memory speed, the memory accesses themself now represent one of the largest performance impact which increase the impact of the memory layout on performance. On the other side, the memory size available is still growing with now easily reachable TB memory systems which make a huge space to handle with a management cost which if badly done can become non neglectable.</p> - -<p>In order to better address those questions I will present two tools I developped during my post-docs arround the HPC fields: MALT [MALloc Tracker] and NUMAPROF.</p> - -<p>MALT is dedicated to memory management analysis by tracking calls to malloc and annotate the source code of a C/C++/Fortan application. It provides many metrics arround memory management, like the allocations sizes, lifetime, time charts to better understand the memory behavior of you application in them of memory management. The tool comes with the nice web based graphical interface.</p> - -<p>NUMAPROF is built arround the same code base to provide NUMA (Non Uniform Memory Access) performance analysis by tracking the memory location of every access in a NUMA system by using binary instrumentation. It is usefull to easily track the remote of unbound memory access which can be a source of large performance loss in such systems. The tool has currently mostly been tested on the new Intel Knigh Landing architecture.</p> - <p>With TB of now availble memory on large HPC servers and NUMA (Non Uniform Memory Access) architectures, memory management can be on of the biggest and hard to handle bottleneck to reach performance at scale on large systems.</p> - -<p>During my PhD. I studied and developed a parallel memory allocator specifily designed for NUMA architectures and tuned for large-scale application. On this topic I was able to quickly gain a speedup of 2x on a multi-million line C++ numerical simulation at CEA just by changing the memory allocator (not recompiling the app) when running on a 16-processor machine (128 cores) and making 75 million allocations in 5 minutes.</p> - -<p>The gains where coming from better handling of the memory management overhead over the OS (Linux) which was not well scaling on this platform and explicit handling of the NUMA topology which mixed where providing the 2x performance gap compared to the best today production memory allocator.</p> - -<p>For this development I would have been really happy to have a memory profiler to look how the memory is placed and what was the allocation profile of the application. This is what I'm doing with MALT and NUMAPROF by projecting dedicated memory metrics onto the source code by annotating it with many metrics (allocation size, chunk lifetime, NUMA remote memory accesses....). The tool also provide global views on the applications over charts and computed metrics.</p> - -<p>The two tools also use an uncommon approach for such tools in HPC as it provides a web-based interface using tools like D3JS/Bootstrap/Jquery and exposed by a small python webserver. This permit to fix a big issue in HPC when running remotely as the GUI of the profiler needs to be X-forwared which make it slow, badly themed. Or to run locally without having our source code at the same place. The web server permit to easily ssh-port-forward the interface and eventually to work at many people remotely looking at the same profile. This also provides quickly a nicer rendering with less development overhead.</p> - -<p>MALT has been developped and financed as a post-doc at the Exascale Computing Research Lab. NUMAPROF was then extrapoled from this work as a side research project at CERN.</p> - -<p>I will presend shortly both tools and some motivation showing the possibly huge impact on memory management on HPC applications, one with rougthly one million line of codes.</p> - - Sébastien Valat - - - Website - Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:40 - 00:10 - UA2.118 (Henriot) - hpc_lab_from_scratch - Setting up an HPC lab from scratch - with Mr-Provisioner, Jenkins and Ansible - HPC, Big Data and Data Science - devroom - - <p>At Linaro, we have an HPC lab where we can setup multiple clusters and machines, install OpenHPC, run the test-suite, benchmarks using Mr-Provisioner, Jenkins and Ansible automation. This allows us to test new kernels/initrd, new versions of OpenHPC, compilers, applications, etc. on different architecture at the same time, from scratch. The work we did is open source, on GitHub, and is intended to be used by other people. We started with hard-coded rules but are slowly moving towards generic configuration-based setup from the ground up, so that anyone else can clone, change the configuration files and run the Ansible playbooks. From scratch.</p> - <p>These are the repositories that we contribute to / use:</p> - -<p>Mr-Provisioner, the bare metal provisioner that installs OSs on all our servers (Arm or Intel): -https://github.com/Linaro/mr-provisioner</p> - -<p>Our infrastructure scripts, setting up Jenkins and running the jobs logic: -https://github.com/Linaro/hpc<em>lab</em>jenkins</p> - -<p>Our benchmark harness, which runs benchmarks in a repeatable way: -https://github.com/Linaro/benchmark_harness</p> - -<p>Our OpenHPC Ansible scripts, which install OpenHPC on bare-metal/VM, clusters (Arm or Intel): -https://github.com/Linaro/ansible-playbook-for-ohpc</p> - - Renato Golin - - - Mr-Provisioner - Infrastructure scripts - Benchmark harness - OpenHPC Ansible playbooks - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:50 - 00:10 - UA2.118 (Henriot) - feature_store - Feature store: A Data Management Layer for Machine Learning - Data Management for ML - HPC, Big Data and Data Science - devroom - - <p>Data may be the new oil, but refined data is the fuel for AI. Machine learning (ML) systems are only as good as the data they are trained on and getting the data in the right format at the right time is a challenge. ML systems are trained using sets of features, a feature can be as simple as the value of a column in a database entry, or it can be a complex value that is computed from diverse sources.</p> - -<p>A feature store is a central vault for storing documented and curated features, ideally with support for access control. A feature store enables automatic feature analysis and monitoring, feature sharing across models and teams, feature discovery, feature backfilling, and feature versioning. The feature store is a data management layer that fills an important piece in the modern machine learning infrastructure, it empowers enterprises to scale their machine learning workflows and make full use of their investment in machine learning.</p> - -<p>In this talk, we will present key points on how to take your machine learning workflow to the next level using a feature store, and demonstrate how the feature store fits into the larger machine learning pipeline. We will introduce HopsML, an open-source, end-to-end machine learning pipeline built on the world's most fastest and most scalable Hadoop distribution, Hops Hadoop. With HopsML you can build production-ready machine learning pipelines using open source software, where features are stored in a shared feature store that is automatically backfilled as new data arrive, where machine learning models can be trained on datasets in the order of billions examples using distributed deep learning, where data scientists can follow engineering principles by using versioned and reproducible experiments, and where models can be automatically deployed in an elastic manner using auto-scaling.</p> - - - Kim Hammar - - - Hopsworks Feature Store - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:10 - UA2.118 (Henriot) - 8_principles_production_data_science - The state of machine learning operations in 2019: reproducibility, explainability, bias evaluation and beyond - - HPC, Big Data and Data Science - devroom - - <h1>Description</h1> - -<p>This talk will provide a practical overview of the state of production machine learning frameworks, tools and techniques that seem to have become a trend for the coming year. I will be mainly covering the open source tools and frameworks available in 2019 to help you expand your DataOps and MLOps infrastructure. This talk will cover the technologies available to support specifically around reproducibility, monitoring, compliance and orchestration of data and computations. I will present these technologies through the 8 principles of machine learning.</p> - <h1>Talk Name</h1> - -<p>The state of machine learning operations in 2019: reproducibility, explainability, bias evaluation and beyond</p> - -<h1>Description</h1> - -<p>This talk will provide a practical overview of the state of production machine learning frameworks, tools and techniques that seem to have become a trend for the coming year. I will be mainly covering the open source tools and frameworks available in 2019 to help you expand your DataOps and MLOps infrastructure. This talk will cover the technologies available to support specifically around reproducibility, monitoring, compliance and orchestration of data and computations. I will present these technologies through the 8 principles of machine learning.</p> - -<h1>About me</h1> - -<p>Alejandro Saucedo is a technology leader with over 10 years of software development experience, he is currently the Chief Scientist at The Institute for Ethical AI &amp; Machine Learning. Throughout his career, Alejandro has held technical leadership positins across hyper-growth scale-ups and tech giants including Eigen Technologies, Bloomberg LP and Hack Partners. Alejandro has a strong track record building multiple departments of machine learning engineers from scrath, and leading the delivery of numerous large-scale machine learnig systems across the financial, insurance, legal, transport, manufcturing and construcion sectors (in Europe, US and Latin America).</p> - - Alejandro Saucedo - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:15 - 00:25 - UA2.118 (Henriot) - convergence_hpc_big_data - The convergence of HPC and BigData - What does it mean for HPC sysadmins? - HPC, Big Data and Data Science - devroom - - <p>There are mainly two types of people in the scientific computing world: those who produce data and those who consume it. Those who have models and generate data from those models, a process known as 'simulation', and those who have data and infer models from the data ('analytics'). The former often originate from disciplines such as Engineering, Physics, or Climatology, while the latter are most often active in Remote sensing, Bioinformatics, Sociology, or Management.</p> - -<p>Simulations often require large amount of computations so they are often run on generic High-Performance Computing (HPC) infrastructures built on a cluster of powerful high-end machines linked together with high-bandwidth low-latency networks. The cluster is often augmented with hardware accelerators (co-processors such as GPUs or FPGAs) and a large and fast parallel filesystem, all setup and tuned by systems administrators. By contrast, in analytics, the focus is on the storage and access of the data so analytics is often performed on a BigData infrastructure suited for the problem at hand. Those infrastructure offer specific data stores and are often installed in a more or less self-service way on a public or private 'Cloud' typically built on top of 'commodity' hardware.</p> - -<p>Those two worlds, the world of HPC and the world of BigData are slowly, but surely, converging. The HPC world realises that there are more to data storage than just files and that 'self-service' ideas are tempting. In the meantime, the BigData world realises that co-processors and fast networks can really speedup analytics. And indeed, all major public Cloud services now have an HPC offering. And many academic HPC centres start to offer Cloud infrastructures and BigData-related tools.</p> - -<p>This talk will focus on the latter point of view and review the tools originating from the BigData and the ideas from the Cloud that can be implemented in a HPC context to enlarge the offer for scientific computing in universities and research centres.</p> - - - Damien François - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:40 - 00:25 - UA2.118 (Henriot) - kubeflow - Introducing Kubeflow - (w. Special Guests Tensorflow and Apache Spark) - HPC, Big Data and Data Science - devroom - - <p>Data Science, Machine Learning, and Artificial Intelligence has exploded in popularity in the last five years, but the nagging question remains, “How to put models into production?” Engineers are typically tasked to build one-off systems to serve predictions which must be maintained amid a quickly evolving back-end serving space which has evolved from single-machine, to custom clusters, to “serverless”, to Docker, to Kubernetes. In this talk, we present KubeFlow- an open source project which makes it easy for users to move models from laptop to ML Rig to training cluster to deployment. In this talk we will discuss, “What is KubeFlow?”, “why scalability is so critical for training and model deployment?”, and other topics.</p> - -<p>Users can deploy models written in Python’s skearn, R, Tensorflow, Spark, and many more. The magic of Kubernetes allows data scientists to write models on their laptop, deploy to an ML-Rig, and then devOps can move that model into production with all of the bells and whistles such as monitoring, A/B tests, multi-arm bandits, and security.</p> - - - Holden Karau - Trevor Grant - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:05 - 00:25 - UA2.118 (Henriot) - validating_big_data_jobs - Validating Big Data Jobs - An exploration with Spark & Airflow (+ friends) - HPC, Big Data and Data Science - devroom - - <p>If you, like close to half the industry, are deploying the results of you big data jobs into production automatically then existing unit and integration tests may not be enough to present serious failures. Even if you aren’t automatically deploying the results to production, having a more reliable deploy to production pipeline with automatic validation is well worth the time.</p> - <p>If you, like close to half the industry, are deploying the results of you big data jobs into production automatically then existing unit and integration tests may not be enough to present serious failures. Even if you aren’t automatically deploying the results to production, having a more reliable deploy to production pipeline with automatic validation is well worth the time.</p> - -<pre><code>Validating Big Data Jobs sounds expensive and hard, but with a variety of techniques can be done relatively easily with only minimal additional instrumentation overhead. We’ll explore the kinds of instrumentation to add to your pipeline to make it easier to validate. For jobs with hard to meet SLAs we’ll also explore what can be done with existing metrics and parallel data validation jobs. - -After exploring common industry practices for Data Validation we’ll explore how to integrate these into an Airflow pipeline while making it recoverable if manual validation over-rules the automatic safeguards. -</code></pre> - - Holden Karau - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - UA2.118 (Henriot) - beam_cross_language - From Zero to Portability - Apache Beam's Journey to Cross-Language Data Processing - HPC, Big Data and Data Science - devroom - - <p>Apache Beam is a programming model for composing parallel and distributed data processing jobs.</p> - -<p>As many other Apache projects, Beam first used Java as its API language. Unsatisfied with the status quo, Beam developers launched the portability project to enable other languages to run with Beam. Currently, Beam has a Java, Python, and a Go API.</p> - -<p>Ultimately, these languages won't just coexist in Apache Beam, but they will complement each other in cross-language data processing jobs.</p> - -<p>In this talk we will learn how it is possible to support multiple languages and why it might be a good idea to combine these languages in data processing jobs.</p> - <p>Apache Beam is a programming model for composing parallel and distributed data processing jobs. Once composed, these jobs run on various execution engines like Apache Flink, Apache Spark, or Google Cloud Dataflow. But Apache Beam's vision goes beyond just running on multiple execution engines.</p> - -<p>As many other Apache projects, Beam first used Java as its API language. Unsatisfied with the status quo, Beam developers launched the portability project to enable other languages to run with Beam. Currently, Beam has a Java, Python, and a Go API. That means users are not restricted to the Java ecosystem but can use their favorite Python libraries like Numpy or Tensorflow with Apache Beam.</p> - -<p>Ultimately, these languages won't just coexist in Apache Beam, but they will complement each other in cross-language data processing jobs. For example, reading from Kafka can be done with the Java connector but the data can afterwards be processed in Python.</p> - -<p>In this talk we will learn how it is possible to support multiple languages and why it might be a good idea to combine these languages in data processing jobs.</p> - - Maximilian Michels - - - Apache Beam - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - UA2.118 (Henriot) - openacc - Speeding up Programs with OpenACC in GCC - ... using the compute power of GPUs and other accelerators - HPC, Big Data and Data Science - devroom - - <p>Proven in production use for decades, GCC (the GNU Compiler Collection) offers C, C++, Fortran, and other compilers for a multitude of target systems. Over the last few years, we -- formerly known as "CodeSourcery", now a group in "Mentor, a Siemens Business" -- added support for the directive-based OpenACC programming model. Requiring only few changes to your existing source code, OpenACC allows for easy parallelization and code offloading to accelerators such as GPUs. We will present a short introduction of GCC and OpenACC, implementation status, examples, and performance results.</p> - <p>"OpenACC is a user-driven directive-based performance-portable parallel programming model designed for scientists and engineers interested in porting their codes to a wide-variety of heterogeneous HPC hardware platforms and architectures with significantly less programming effort than required with a low-level model."</p> - - Thomas Schwinge - - - OpenACC - GCC Wiki - GCC - OpenACC - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - UA2.118 (Henriot) - streaming_pipelines_neural_machine_translation - Streaming Pipelines for Neural Machine Translation - - HPC, Big Data and Data Science - devroom - - <p>Machine Translation is important when having to cater to different geographies and locales for news or eCommerce website content. Machine Translation systems often need to handle a large volume of concurrent translation requests from multiple sources across multiple languages in near real time.</p> - -<p>Many Machine Translation preprocessing tasks like Text Normalization, Language Detection, Sentence Segmentation etc. can be performed at scale in a real time streaming pipeline utilizing Apache Flink.</p> - -<p>We will be looking at a few such streaming pipelines leveraging different NLP components and Flink’s dynamic processing capabilities for real time training and inference. -We'll demonstrate and examine the end-to-end throughput and latency of a pipeline that detects language and translates news articles shared via twitter in real-time. Developers will come away with a better understanding of how Neural Machine Translation works, how to build pipelines for machine translation preprocessing tasks and Neural Machine Translation models.</p> - <p>Speaker Bio Suneel Marthi: -Suneel is a member of the Apache Software Foundation and is a PMC member on Apache OpenNLP, Apache Mahout, and Apache Streams. He has done talks at Hadoop Summit, Apache Big Data, Flink Forward, Berlin Buzzwords, and Big Data Tech Warsaw. He is a Principal Engineer at Amazon Web Services.</p> - -<p>Experience Suneel: -He has done talks at Hadoop Summit, Apache Big Data, Flink Forward, Berlin Buzzwords, and Big Data Tech Warsaw.</p> - -<p>Speaker Bio Jörn Kottmann: -Jörn is a member of the Apache Software Foundation. He contributed to Apache OpenNLP for 13 years and is PMC Chair and committer of the project. In his day jobs he used OpenNLP to process large document collections and streams, often in combination with Apache UIMA where he is a PMC member and committer as well.</p> - - Suneel Marthi - Jörn Kottmann - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - UA2.118 (Henriot) - dl_parallel_db - Deep Learning on Massively Parallel Processing Databases - - HPC, Big Data and Data Science - devroom - - <p>In this session we will discuss the use of massively parallel databases for deep learning, drawing on experience from running deep learning frameworks like Keras and TensorFlow with GPU acceleration using free and open source software like Greenplum Database and the Apache MADlib machine learning library. Topics will include architecture, common usage patterns, scalability results and bright opportunities for the future.</p> - <p>Deep neural networks are very efficient at solving problems in domains such as computer vision, speech recognition and language translation. Once solely the purview of academia and Silicon Valley types of companies, deep learning is now making inroads in the enterprise by virtue of new algorithms, better tools, and lower costs for computation, storage and networking.</p> - -<p>But enterprise data typically lives in relational and document form in databases, so how can you use this data for building deep learning models? You could try to move it out to a separate execution engine, but it is suboptimal to copy huge amounts of data between systems. What about the idea of building deep learning models directly in the database, bringing the compute to where the data lives?</p> - -<p>It’s possible and I look forward to discussing this topic at FOSDEM’19!</p> - - Frank McQuillan - - - Greenplum website - Apache MADlib website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:25 - UA2.118 (Henriot) - condition_monitoring - Condition Monitoring & Transfer Learning - Good predictions in situations with (initially) almost no data - HPC, Big Data and Data Science - devroom - - <p>Predictive maintenance and condition monitoring for remote heavy machinery are compelling endeavors to reduce maintenance cost and increase availability. Beneficial factors for such endeavors include the degree of interconnectedness, availability of low cost sensors, and advances in predictive analytics. This work presents a condition monitoring platform built entirely from open-source software. A real world industry example for an escalator use case from a large railroad company underlines the advantages of this approach. In particular, it is shown that even in situations with initially scarce amounts of data accurate predictions can be made using a hybrid analytics approach. Therefore, it combines neural network training and random forest classifier training using two different data sources. This caters for fast time-to-market and highly accurate predictions.</p> - <p>Deutsche Bahn operates a large number of machines of both, rolling stock and landside infrastructure. Machines finally break and require maintenance, repair, or replacement. The traditional approach of periodic maintenance cycles is increasingly replaced by demand-oriented maintenance, as it turns out to decrease maintenance cost and simultaneously improves on the availability. Demand-oriented maintenance clearly requires a notification system, which continuously monitors a machine's condition, detects failures or deviations from the normal machine state, and informs maintenance personnel. While a vast amount of sensors that can do the monitoring job exist, our focus was directed on a universal, non-intrusive, commodity sensor technology. Consequently, we focus on acoustic emissions and sense those using microphones. These emissions are analyzed and classified using state of the art machine learning technology, neural networks foremost. The advantages of a machine learning approach include the generalization of classification models, such that not every single machine requires individual fitting. Transitioning from a proof-of-concept phase, saving potential and our customers request a short time to market for which convolutional neural networks (CNNs) are not particularly well suited because the availability of labelled data is still poor. The need to develop methods to cope with such situations arises. Hence, we have picked up the notion of transfer learning and show the superiority of this approach in regards of accuracy and required data amounts opposed to learning CNNs from scratch. In order to do so, for both data science and production systems, we utilize a comprehensive stack of open source software technologies that support us in data ingestion, edge computing, data preprocessing, neural network training, software deployment, and visualization tasks.</p> - - Daniel Germanus - Felix Bert - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 10:00 - 00:50 - UA2.220 (Guillissen) - around_the_world_with_postgres_extensions - AMENDMENT Around the world with Postgres extensions - - PostgreSQL - devroom - - <p>Postgres continues to get more and more feature rich. But equally as impressive is the network of extensions that are growing around Postgres. With the rich extension APIs you can now add advanced functionality to Postgres without having to fork the codebase or wait for the main PostgreSQL release cycle.</p> - -<p>This is a late addition to the schedule.</p> - <p>Postgres continues to get more and more feature rich. But equally as impressive is the network of extensions that are growing around Postgres. With the rich extension APIs you can now add advanced functionality to Postgres without having to fork the codebase or wait for the main PostgreSQL release cycle. In this talk we'll cover some of the basics of what an extension is and then take a tour through a variety of Postgres extensions including:</p> - -<p>pg<em>stat</em>statments -PostGIS -HyperLogLog and TopN -Timescale -pg_partman -Citus -Foreign data wrappers which are their own whole class</p> - - Craig Kerstiens - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:50 - UA2.220 (Guillissen) - hacking_postgresql - Hacking PostgreSQL - - PostgreSQL - devroom - - <p>This talk will include an introduction to the backend code and an example on hacking PG and adding in a new feature.</p> - <p>We'll cover what needs to be modified to add an option to an existing command (grammar, execution, etc) and the major components of PG (parser, commands, memory management, etc). We'll also cover the PG style guidelines, a crash-course on using git, how to submit your patch, and the review/commitfest process.</p> - - Stephen Frost - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:50 - UA2.220 (Guillissen) - whats_new_in_postgresql_11 - What's new in PostgreSQL 11 - - PostgreSQL - devroom - - <p>PostgreSQL 11 is out! Do you know what your favorite feature is yet? This talk will outline some of the bigger new features in this new version of PostgreSQL, giving you a chance to pick your favorite feature -- or to change your mind if you already had one!</p> - <p>PostgreSQL 11 is out! Do you know what your favorite feature is yet? This talk will outline some of the bigger new features in this new version of PostgreSQL, giving you a chance to pick your favorite feature -- or to change your mind if you already had one!</p> - - Magnus Hagander - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:50 - UA2.220 (Guillissen) - deploying_postgresql_on_kubernetes - Deploying PostgreSQL on Kubernetes - - PostgreSQL - devroom - - <p>A look at some of the ways available to deploy Postgres in a Kubernetes cloud environment, either in small scale using simple configurations, or in larger scale using tools such as Helm charts and the Crunchy PostgreSQL Operator. A short introduction to Kubernetes will be given to explain the concepts involved, followed by examples from each deployment method and observations on the key differences.</p> - <p>A look at some of the ways available to deploy Postgres in a Kubernetes cloud environment, either in small scale using simple configurations, or in larger scale using tools such as Helm charts and the Crunchy PostgreSQL Operator. A short introduction to Kubernetes will be given to explain the concepts involved, followed by examples from each deployment method and observations on the key differences.</p> - - Jimmy Angelakos - - - Schedule - Slides on Slideshare - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:50 - UA2.220 (Guillissen) - breaking_postgresql_on_scale - Breaking PostgreSQL at Scale - - PostgreSQL - devroom - - <p>Database systems don't just slow down in a clear, linear way. They reach a certain point and start failing, often very suddenly and surprisingly.</p> - -<p>This talk is about some of the most common scaling "discontinuities" in PostgreSQL, and how to plan for them and mitigate them. Why is SERIAL a bad primary key on high-insert-rate tables? What happens when autovacuum can't keep up? How do you know you don't have enough memory for your queries? What happens when a query that worked just fine before suddenly has a horrible plan?</p> - -<p>Drawn from real-life examples, we'll go over these and show how to fix them… and avoid them in the first place.</p> - <p>Database systems don't just slow down in a clear, linear way. They reach a certain point and start failing, often very suddenly and surprisingly.</p> - -<p>This talk is about some of the most common scaling "discontinuities" in PostgreSQL, and how to plan for them and mitigate them. Why is SERIAL a bad primary key on high-insert-rate tables? What happens when autovacuum can't keep up? How do you know you don't have enough memory for your queries? What happens when a query that worked just fine before suddenly has a horrible plan?</p> - -<p>Drawn from real-life examples, we'll go over these and show how to fix them… and avoid them in the first place.</p> - - Christophe Pettus - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:50 - UA2.220 (Guillissen) - data_modeling_normalization_and_denormalization - Data Modeling, Normalization and Denormalization - - PostgreSQL - devroom - - <p>As a developer using PostgreSQL one of the most important tasks you have to deal with is modeling the database schema for your application. In order to achieve a solid design, it’s important to understand how the schema is then going to be used as well as the trade-offs it involves.</p> - -<p>As Fred Brooks said: “Show me your flowcharts and conceal your tables, and I shall continue to be mystified. Show me your tables, and I won’t usually need your flowcharts; they’ll be obvious.”</p> - -<p>In this talk we're going to see practical normalisation examples and their benefits, and also review some anti-patterns and their typical PostgreSQL solutions, including Denormalization techniques thanks to advanced Data Types.</p> - <p>As a developer using PostgreSQL one of the most important tasks you have to deal with is modeling the database schema for your application. In order to achieve a solid design, it’s important to understand how the schema is then going to be used as well as the trade-offs it involves.</p> - -<p>As Fred Brooks said: “Show me your flowcharts and conceal your tables, and I shall continue to be mystified. Show me your tables, and I won’t usually need your flowcharts; they’ll be obvious.”</p> - -<p>In this talk we're going to see practical normalisation examples and their benefits, and also review some anti-patterns and their typical PostgreSQL solutions, including Denormalization techniques thanks to advanced Data Types.</p> - - Dimitri Fontaine - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:50 - UA2.220 (Guillissen) - latest_evolution_of_linux_io_stack_explained_for_database_people - Latest evolution of Linux IO stack, explained for database people - - PostgreSQL - devroom - - <p>Input-output performance problems are on every day agenda for DBAs since databases exist. In Linux - probably the most popular operating system for databases now - there is a major overhaul of the IO stack for last several years. In this talk i will review what is going on there, why the IO stack needed an urgent improvement and what all those brand new NVMe driver and blk-mq layer improvements mean for databases, and database people. As a useful takeaway, I will provide a checklist of PostgreSQL and Linux settings to maximize IO performance with the new kernels.</p> - <p>Input-output performance problems are on every day agenda for DBAs since databases exist. In Linux - probably the most popular operating system for databases now - there is a major overhaul of the IO stack for last several years. In this talk i will review what is going on there, why the IO stack needed an urgent improvement and what all those brand new NVMe driver and blk-mq layer improvements mean for databases, and database people. As a useful takeaway, I will provide a checklist of PostgreSQL and Linux settings to maximize IO performance with the new kernels.</p> - - Ilya Kosmodemiansky - - - Schedule - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 07:30 - UB2.147 - quantum_computing_workshop - Quantum Computing Workshop - - Quantum Computing Workshop - workshop - - <p>Quantum computing workshop is part of two-day quantum computing track at FOSDEM 2019.</p> - -<p>Sunday is the hands-on day: in the morning, developers of 11 open source quantum computing projects in total will introduce attendees of the workshop to their projects and relevant concepts of quantum computing. During the afternoon, participants of the workshop (yes, you!) will work in small groups with the developers of the selected project to work learn more about the respective projects, help improve the documentation or even work on their first contributions!</p> - -<p>Participants of the Quantum computing workshop are generally expected to attend the whole day - the space is limited. If you want a better chance to get a spot, please pre-register. More information here: https://qosf.org/fosdem/</p> - - - Tomas Babej - - - Details of the Quantum Computing track - Submit feedback - - - - - - 09:00 - 00:10 - UB2.252A (Lameere) - observability_101_2019 - Devroom intro - - Monitoring and Observability - devroom - - <p>Intro to the devroom.</p> - - - Richard Hartmann - - - Slides from DENOG10 - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:10 - 00:25 - UB2.252A (Lameere) - grafana_6 - Grafana 6.0 - Jumping in when others cancel - Monitoring and Observability - devroom - - <p>Jumping in for a cancellation, Carl showed us his dev env of Grafana 6.0</p> - - - Carl Bergquist - - - Submit feedback - - - - 09:50 - 00:25 - UB2.252A (Lameere) - augmented_network_visibility_with_high_resolution_metrics - Augmented Network Visibility with High-Resolution Metrics - - Monitoring and Observability - devroom - - <p>In the area of network visibility, having high-resolution metrics is useful to unveil patterns and behaviors that would otherwise be "averaged out" in smoother, lower-resolution signals. Visibility tools that have access to packets are, in theory, able to produce metrics up to the packet-by-packet resolution, that is, the best one could hope for. Nevertheless, high-resolution metrics are particularly demanding in terms of storage and this has actually posed a practical upper-limit on the metrics resolution, that rarely offer sub-minute samplings. Fortunately, thanks to the tremendous evolution of big-data stores, it is now possible to rethink network visibility solutions for the generation and storage of high-resolution network metrics. This talk discuss the challenges behind the generation and storage of high-resolution metrics and demonstrates how opensource software ntopng, InfluxDB, and Grafana can be used together to build an effective high-resolution network visibility solution. Intended audience is technical and managerial individuals who are familiar with network visibility.</p> - <ul> -<li>Principles of network visibility</li> -<li>Metrics and metrics resolutions</li> -<li>Challenges behind the generation, storage, and visualization of high-resolution metrics</li> -<li>Opensource software: ntopng, InfluxDB, Grafana</li> -</ul> - - - Simone Mainardi - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:25 - UB2.252A (Lameere) - critical_path_analysis - Critical Path Analysis - - Monitoring and Observability - devroom - - <p>Complexity in coding and system design should be defeated until it is possible to do. Some problems are complex in nature and it is expensive to build and maintain solutions for problems in this category. Observability provides us tools to see our architectures from a different perspective. It is not just helping us to troubleshoot but also self-document our architectural decisions and help us to improve the most significant execution paths.</p> - <p>Complexity in coding and system design should be defeated until it is possible to do. Some problems are complex in nature and it is expensive to build and maintain solutions for problems in this category. Observability provides us tools to see our architectures from a different perspective. It is not just helping us to troubleshoot but also self-document our architectural decisions and help us to improve the most significant execution paths.</p> - -<p>Agenda of the talk: -- Give motivation why systems get more complex. -- How to deal with complexity? -- What else to do if complexity is in the nature of the problem? -- Introduce critical path analysis as a solution. -- Explain the organizational and technical challenges of critical path analysis. -- Conclude by summarizing the pros/cons of critical path analysis.</p> - - Jaana Dogan (JBD) - - - Video recording (WebM/VP9) - Video recording (mp4) - Slides - http:// - Submit feedback - - - - 11:10 - 00:25 - UB2.252A (Lameere) - on_observability_2019 - On Observability - Observability 101 - Monitoring and Observability - devroom - - <p>Observability is, at best, currently overloaded. I would like to re-create some common understanding of the term, and also remind everyone of much-needed abstractions and underlying concepts.</p> - - - Richard Hartmann - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:50 - 00:25 - UB2.252A (Lameere) - loki_prometheus_for_logs - Loki - Prometheus for logs - - Monitoring and Observability - devroom - - <p>Imagine if you had Prometheus for log files. We will talk about Tempo, our attempt at creating just that.</p> - - - Tom Wilkie - - - Video recording (WebM/VP9) - Video recording (mp4) - slides - Submit feedback - - - - 12:30 - 00:25 - UB2.252A (Lameere) - latency_slos_done_right - Latency SLOs done right - - Monitoring and Observability - devroom - - <p>Latency is a key indicator of service quality, and important to measure and track. -However, measuring latency correctly is not easy. -In contrast to familiar metrics like CPU utilization or request counts, the "latency" of a service is not easily expressed in numbers. -Percentile metrics have become a popular means to measure the request latency, but have several shortcomings, especially when it comes to aggregation. -The situation is particularly dire if we want to use them to specify Service Level Objectives (SLOs) that quantify the performance over a longer time horizons. -In the talk we will explain these pitfalls, and suggest three practical methods how to implement effective Latency SLOs.</p> - - - Heinrich Hartmann - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:25 - UB2.252A (Lameere) - m3_and_a_new_age_of_metrics_and_monitoring_in_an_increasingly_complex_world - M3 and a new age of metrics and monitoring in an increasingly complex world - - Monitoring and Observability - devroom - - <p>The world in which we monitor software is growing more complex every year. There are increasingly more ways to run server-side software, with many more independent services and more points of failures, the list goes on! On the plus side, there’s a lot of great tools and patterns being developed to try and make things simple to assess and understand. This talk covers how metrics and monitoring can be leveraged in a variety of different ways, auto-discovering applications and their usage of databases, caches, load balancers, etc, setting up and tearing down dashboards and monitoring automatically for services and instances, and more.</p> - -<p>We’ll also talk about how you can accomplish all this with a global view of your systems using both Prometheus and Graphite with M3, our open source metrics platform. We’ll take a deep dive look at how we use M3DB, distributed aggregation with the M3 aggregator and the M3 Kubernetes operator to horizontally scale a metrics platform in a way that doesn’t cost outrageous amounts to run with a system that’s still sane to operate with petabytes of metrics data.</p> - - - Rob Skillington - - - Video recording (WebM/VP9) - Video recording (mp4) - Slides on slideshare - Submit feedback - - - - 13:50 - 00:25 - UB2.252A (Lameere) - monitoring_anon - Privacy-preserving monitoring of an anonymity network - Data Collection, Analysis, and Visualisation from the public Tor network - Monitoring and Observability - devroom - - <p>The goals of a privacy and anonymity network like Tor are not easily combined with extensive data gathering, but at the same time data is needed for monitoring, understanding, and improving the network. The Tor Metrics team collects data and analyses the public Tor network. This talk will discuss safety principles that are followed, the tooling and workflows used, and also share some plans for future work to further enhance safety of data collection.</p> - - - Iain Learmonth (irl) - - - Tor Metrics Home Page - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - UB2.252A (Lameere) - using_ebpf_for_linux_performance_analyses - Using eBPF for Linux Performance Analyses - - Monitoring and Observability - devroom - - <p>eBPF is one of the most powerful instrumentation frameworks in modern Linux Kernel. In this presentation we will cover eBPF basics as well as usage of Interactive eBPF tools, showing practical examples when and how they can help to resolve performance problems. Finally we will look into Cloudflare’s ebpf_exporter and show how you can integrate eBPF with Prometheus for Long Term Monitoring</p> - - - Peter Zaitsev - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:10 - 00:25 - UB2.252A (Lameere) - thanos_transforming_prometheus_to_a_global_scale_in_a_seven_simple_steps - Thanos - Transforming Prometheus to a Global Scale in a Seven Simple Steps - - Monitoring and Observability - devroom - - <p>Thanos - Transforming Prometheus to a Global Scale in a Seven Simple Steps</p> - -<p>The Prometheus Monitoring system has been thriving for several years. Along with its powerful data model, operational simplicity and reliability have been a key factor in its success. However, some questions were still largely unaddressed. How can we store historical data at the order of petabytes in a reliable and cost-efficient way? Can we do so without sacrificing responsive query times? And what about a global view of all our metrics and transparent handling of HA setups?</p> - -<p>Thanos is an open source project that takes Prometheus' strong foundations and extends it into a clustered, yet coordination free, globally scalable metric system.</p> - -<p>In just 20 minutes, this talk will walk you through the real, actionable steps of seamlessly transforming your Prometheus setup into a robust, global and durable monitoring system using Thanos.</p> - - - Bartek Plotka - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:50 - 00:25 - UB2.252A (Lameere) - deep_dive_kubernetes_metrics_with_prometheus - Deep Dive: Kubernetes Metrics with Prometheus - - Monitoring and Observability - devroom - - <p>Kubernetes traditionally uses metrics for its core scheduling decisions - in the beginning all of this started with an opinionated internal stack. Since then Kubernetes has introduced 3 orthogonal standardized metrics APIs. As of today many implementations exist - i.e. for cloud providers and on premise.</p> - <p>In this talk we will first show the community process around metrics in Kubernetes, how the Special Interest Group (SIG) for instrumentation works and how to get involved. We will do an overview and deep dive in all 3 metric APIs, with a concrete fully open source Prometheus based deployment example. Once we have Prometheus running we will show how to bridge the gap between Prometheus and Kubernetes to use these APIs. Finally, we will conclude the talk with an example on scaling your deployments based on custom metrics served by your Prometheus.</p> - - Matthias Loibl - Sergiusz Urbaniak - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:05 - UB2.252A (Lameere) - real_time_merging_of_config_management_and_monitoring - Real-time merging of config management and monitoring - Mgmt Config: Monitoring - Monitoring and Observability - devroom - - <p>Mgmt is a next gen config management tool that takes a fresh look at existing automation problems. -The tool has two main parts: the engine, and the language. -This presentation will demo both and include many examples showing how monitoring is built-in to each resource, and how events can cause the system to react and fix a problem before your pager even goes off. -The language demos will show how you can feed real-time monitoring data from a tool such as prometheus, into your code and use that data to make real-time decisions. -Lastly, we'll talk about our existing prometheus integration for exporting useful information about mgmt.</p> - <p>Mgmt is a next gen config management tool that takes a fresh look at existing automation problems. -The tool has two main parts: the engine, and the language. -This presentation will demo both and include many examples showing how monitoring is built-in to each resource, and how events can cause the system to react and fix a problem before your pager even goes off. -The language demos will show how you can feed real-time monitoring data from a tool such as prometheus, into your code and use that data to make real-time decisions. -Lastly, we'll talk about our existing prometheus integration for exporting useful information about mgmt.</p> - - James Shubin - - - Project homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:35 - 00:05 - UB2.252A (Lameere) - lets_use_centralized_log_collection_to_make_incident_response_teams_happy - Let's use centralized log collection to make incident response teams happy - - Monitoring and Observability - devroom - - <p>The OWASP top 10 most critical web application security risks report -published that insufficient logging is one of the top risks security -teams face today.</p> - -<p>In this talk, we will go through issues with incident response teams -without centralized logging as well as other reasons to do -centralized logging (if you need more!), brief intro about structured -data as well as configuration and output examples using NXLog Community -Edition. This talk is aimed at administrators involved -with setting up centralized logging on their networks.</p> - - - Hannah Suarez - - - NXLog Community Edition on Gitlab - NXLog Community Edition on Docker - Download NXLog Community Edition Package on NXLog.co - NXLog Documentation - Video recording (WebM/VP9) - Video recording (mp4) - http:// - Submit feedback - - - - 16:40 - 00:05 - UB2.252A (Lameere) - writing_asynchronous_snmp_agents - Writing Asynchronous SNMP Agents - From a MIB file to a fully-fledged Python application - Monitoring and Observability - devroom - - - - - Ilya Etingof - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:45 - 00:05 - UB2.252A (Lameere) - saymon_object_oriented_monitoring_and_management_for_both_ict_and_iot_ - SAYMON - object-oriented monitoring and management for both ICT&IoT - object hierarchies and time-series for robust back-end and visual front-end on top - Monitoring and Observability - devroom - - <p>SAYMON is a software platform. It makes possible to build a kind of specific problem solution in days. -There's a great technology stack we would like to describe and discuss on FOSDEM19. -MQTT, HTTP, WebSockets, NodeJS Actors, Redis, Kafka, Hierarchy and Documents Storage, Time-Series Storage, Front and Back Ends. -ICT and IoT SW projects made by SAYMON team description. SAYMON use for tech people opportunities.</p> - <p>We will talk for modern technologies and for it's business appliances. -SAYMON architecture review. -Object information model. -Trees and graphs of hierarchies of objects. -Infrastructure and smart things control methods review. -Time-series collections and storage as well as current and future usage - visualisation, simple aggregates and machine-learning. -Event processing. Incidents register and processing. Incidents correlations. -Notifications and alerts implementation aspects. -We will make demo and show cases.</p> - - Konstantin Mikhaylov - - - SAYMON Documentation - SAYMON Web - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:50 - 00:05 - UB2.252A (Lameere) - slapdcheck - slapdcheck - Monitoring OpenLDAP with Python - Monitoring and Observability - devroom - - <p>This lightning talk highlights how to monitor OpenLDAP in detail with Python module slapdcheck.</p> - <p>OpenLDAP servers are typically used as backed for authentication (login) and other mission-critical infrastructure components. -Furthermore OpenLDAP setups can be non-trivial resulting in higher risk that something could go wrong.</p> - -<p>The talk will introduce the Python module package slapdcheck which implements monitor checks for OpenLDAP servers: -* performance data -* allocated back-mdb pages -* need for restart -* replication state</p> - -<p>slapdcheck parses cn=config to automatically adjust monitoring checks based on current running configuration.</p> - - Michael Ströder - - - slapdcheck on PyPI - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:30 - 02:00 - UB4.132 - cert_lpi_3 - LPI Exam Session 3 - - Certification - certification - - <h3>LPI offers discounted certification exams at FOSDEM</h3> - <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. -LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> - -<p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> - - - - Submit feedback - - - - 12:00 - 01:00 - UB4.132 - cert_libreoffice_1 - LibreOffice Exam Session 1 - - Certification - certification - - <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> - <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> - -<p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> - - - - Submit feedback - - - - 13:30 - 01:00 - UB4.132 - cert_libreoffice_2 - LibreOffice Exam Session 2 - - Certification - certification - - <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> - <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> - -<p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> - - - - Submit feedback - - - - 15:00 - 01:00 - UB4.132 - cert_libreoffice_3 - LibreOffice Exam Session 3 - - Certification - certification - - <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> - <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> - -<p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> - - - - Submit feedback - - - - - - 09:00 - 00:10 - UB5.132 - community_welcome_remarks - Community DevRoom Welcoming Remarks - - Community devroom - devroom - - <p>In which Leslie and Laura welcome everyone to the Community DevRoom 2019</p> - - - Laura Czajkowski - Leslie Hawthorn - - - Submit feedback - - - - 09:10 - 00:30 - UB5.132 - community_supporting_foss_community_members_imposter_syndrome - Supporting FOSS Community Members with Impostor Syndrome - Mentoring and supporting peers with impostor syndrome - Community devroom - devroom - - <p>This talk will share knowledge of how to support people who experience impostor syndrome, especially people from groups underrepresented in Free Software.</p> - <p>Many people from groups underrepresented in open source experience impostor syndrome. Impostor syndrome is the combination of unrelenting standards for yourself and a fear of people finding out that you're not knowledgeable or experienced, that you're a fake, an impostor. People from groups underrepresented in tech have to work twice as hard to receive recognition as people who don't face discrimination, which often leads to impostor syndrome. Women and ethnic/racial minorities are much more likely to face impostor syndrome. If Free Software is to become more diverse, the community needs to understand how to support people who experience impostor syndrome.</p> - -<p>Most of the articles and training around impostor syndrome focus on changing the person who experiences impostor syndrome. What if instead, we focused on how the Free Software community could support people who experience impostor syndrome? How do we support our peers with impostor syndrome? How do we mentor someone with impostor syndrome? How do we acknowledge the work of community members who face impostor syndrome in a way that doesn't trigger the feelings of "I'm not good enough"?</p> - -<p>Sage Sharp will draw on their experience working with the Outreachy internship program to provide tips for how to support people with impostor syndrome. Despite being a Linux kernel developer for seven years and a Diversity and Inclusion consultant for three years, Sage often personally struggles with impostor syndrome. Their talk will draw on personal experience and provide examples of what has worked for Outreachy mentors who work with people from groups underrepresented in tech.</p> - - Sage Sharp - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:45 - 00:30 - UB5.132 - community_why_cant_we_all_just_get_along - Companies and Communities - Why Can't We All Just Get Along? - Community devroom - devroom - - <p>Companies and communities have different goals, different structures and different challenges. This talk will discuss the differences between companies and communities that can lead to friction, confusion and missed opportunities. With one speaker from the company side and one from the community side, we plan to explore this occasionally prickly relationship from both directions.</p> - <p>Companies and communities have different goals, different structures and different challenges. That said, -many of the largest and most successful free and open source software projects rely on a combination of both -- to -create new code, address bugs and plan for the future of their codebase. A little more understanding could go a -long way towards a more harmonious and efficient working relationship. With one speaker from the company -side and one from the community side, we plan to explore this occasionally prickly relationship from both -directions.</p> - -<p>This talk will discuss the differences between companies and communities that can lead to friction, confusion and -missed opportunities. In order to build a sustainable future for free and open source software, we're going to need -to get more comfortable with each other. Attendees will walk away with tactics for fostering better understanding, -suggestions for initiatives that can be put into practice in their own projects and some inspiration for what these -two entities could accomplish if they were committed to working together on the future of FOSS.</p> - - Deb Nicholson - Nithya Ruff - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:20 - 00:30 - UB5.132 - community_open_souce_community_past_and_future - The Open Source Community: its past and future - What I learned about the Open Source Community while celebrating its 20th Anniversary around the World - Community devroom - devroom - - <p>Throughout the year of 2018, we celebrated the 20th Anniversary of Open Source. I'll provide an overview of what I've learned about the Open Source Community while celebrating its 20th Anniversary around the World.</p> - <p>In 2018, the OSI has organized several activities at major open source events worldwide to celebrate it's 20th Anniversary. Events included Linux Conf Australia, FOSDEM, Campus Party, FOSSAsia, OpenExpo Europe, OW2con, FOSS Backstage, OSCON, Open Source Summit, All Things Open, and Mozilla Festival.</p> - -<p>As part of the OSI, I was able to work behind the scenes, as well as travel around the world, to help with the activities. This has allowed me to meet and talk with several members of the Open Source community: to learn from them, to hear their stories, and to discuss our future.</p> - -<p>I hope to share some exciting insights from this experience!</p> - - Nick Vidal - - - The OSI Commemorative Website - The OSI Website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:55 - 00:30 - UB5.132 - community_improve_project_onramp_new_participants - Improve your project’s on-ramps for new participants - - Community devroom - devroom - - <p>The long-term success of a FOSS project depends on the “on-ramp” experience - the documentation, support, and opportunities available to help new users and participants come up to speed. Students can be a good source of new participants for FOSS projects, which can provide valuable opportunities for students to learn technologies and develop key skills in communication, teamwork, critical thinking, and problem solving. This session will explore the structure and findings of activities designed to help students identify and explore FOSS projects, and consider ways to improve the on-ramp experience for new participants.</p> - <p>Active, diverse communities are essential to develop and support FOSS projects. Research shows that most participants start as users and gradually become more engaged, but that only a small fraction of users advance to become active community members. Thus, the long-term success of a FOSS project depends on the “on-ramp” (or “slip road”) experience - the documentation, support, and opportunities available to help new users and participants come up to speed and join the community. This can be particularly important for people who are non-developers or from underrepresented groups (by gender, ethnicity, language, etc) who may experience “imposter syndrome”. -Students can be a good source of new participants for FOSS projects, which can provide valuable opportunities for students to learn technologies and develop key skills in communication, teamwork, critical thinking, and problem solving. However, FOSS is often quite different from traditional academic experiences. Thus, the Professors Open Source Software Experience (POSSE) is a multi-stage program to help faculty understand how FOSS communities work, and how to help students participate effectively in FOSS communities. POSSE includes a “FOSS Field Trip” activity which explores sites like SourceForge and GitHub to discover projects of interest, and a “Project Evaluation” activity which uses a rubric to explore a specific project and assess how welcoming it is for new participants. -In this interactive session, I will briefly present these two activities and summarize what students and faculty experience when they explore unfamiliar FOSS projects. In small groups, participants will consider the strengths and possible improvements of specific FOSS projects. I will then facilitate a discussion of broader insights, and ways that FOSS communities, faculty, and students can work together to improve the on-ramp experience for new participants.</p> - - Clif Kussmaul - - - Professors Open Source Software Experience - FOSS Field Trip (Activity) - Project Evaluation (Activity) - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:30 - UB5.132 - community_data_not_community_metrics - Community Data is Not Community Metrics - One Team's Journey Down the Wrong Path - Community devroom - devroom - - <p>We all recognize that metrics are key to measuring community health. And that quantitative data is a key to these metrics. But, as Brian Proffitt will describe in this talk, all the data in the world won't help you find answers if you don't know what the questions are.</p> - <p>We all recognize that metrics are key to measuring community health. And that quantitative data is a key to these metrics. But, as Brian Proffitt will describe in this talk, all the data in the world won't help you find answers if you don't know what the questions are. Brian will walk attendees through what happens when pretty data can distract from the real purpose of metrics, and how his team course-corrected to seek out the questions before the answers.</p> - - Brian Proffitt - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:30 - UB5.132 - community_building_community_metrics_strategy - Building a Community Metrics Strategy - - Community devroom - devroom - - <p>You probably know that community metrics are important, but how do you come up with a plan and figure out what you want to measure? Most open source projects have a very diverse community infrastructure with some combination of code repositories, chat, mailing lists, wikis, forums, and more. Deciding where to focus and what to measure across these many technologies can be a challenge.</p> - -<p>What you measure can have a huge impact on behavior within the community, and you want to make sure that you are encouraging people to contribute in sane ways by measuring the activities that matter for your project.</p> - -<p>This presentation will cover how you decide what to measure and provide some examples.</p> - - - Dawn Foster - - - Dawn's Blog - CHAOSS, an OSS Metrics Project - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:35 - 00:30 - UB5.132 - community_sustaining_foss_projects_democratizing_sponsorship - Sustaining FOSS Projects By Democratizing The Sponsorship Process - How we run and manage our FOSS Sustainability Fund - Community devroom - devroom - - <p>Within a given company, there are typically only a few people involved in deciding which FOSS projects and initiatives to support financially. This year we decided to change all that and democratize the decision making process. We set up an internal FOSS Sustainability Fund, and invited everyone to participate in the process. This talk will examine how we got executive buy in for the fund, how the fund was set up, how we encouraged participation, and what the impact has been so far.</p> - <p>Within a given company, there are typically only a few people involved in deciding which FOSS projects and initiatives to support financially. This year we decided to change all that and democratize the decision making process. We set up an internal FOSS Sustainability Fund, and invited everyone to participate in the process. This talk will examine how we got executive buy in for the fund, how the fund was set up, how we encouraged participation, and what the impact has been so far.</p> - - Duane O'Brien - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:10 - 00:30 - UB5.132 - community_hackers_gotta_eat - Hackers gotta eat - Building a Company Around an Open Source Project - Community devroom - devroom - - <p>Creating a growing open source project can be both rewarding and frustrating. It is rewarding to see the project grow and people contribute, but it can become frustrating and burdensome when your side-project comes to dominate your free time. If you're fortunate, you might be employed to work full-time on your open source project or even start a company around the project; then what? What is your new relationship "with the community?" How do you balance the motivations of various contributors, yourself included, within the project?</p> - -<p>In this talk we'll look at the history of the Jenkins project, from its origins as a side-project at Sun Microsystems to the growth of the project and on to the relationship with CloudBees, Inc. We'll look at what has and, perhaps more importantly, what hasn't worked well as CloudBees has grown in tandem with the Jenkins project. We will examine the evolving cultural dynamics of the project and the challenges of wearing two hats: corporate and open source.</p> - - - Kohsuke Kawaguchi - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:45 - 00:30 - UB5.132 - community_consorting_with_industry - Consorting with Industry - Sustainability, FLOSS and building a local small business consortium - Community devroom - devroom - - <p>How can you become self-employed as a developer while building free software? In 2015, in a belief that FLOSS makes more economic and social sense, several of us, with a range of skillsets, worked to see where the boundaries are. Is it possible to scale beyond freelancing or contracting? Can you be a small, local, multifacted business and be paid to release code? What are the painful lessons...? And what really is a consortium anyway?</p> - -<p>Based on learning from the Northern Ireland based Avata Industries members, this talk covers the reusable outcomes of building a small business consortium - one that is focused on using and creating open technology. In particular, it will focus on sustainability, building relationships, presenting an engaging free software business case, and the feasibility study commissioned to examine these.</p> - <p>When a call went out for small companies who could work on open source in public sector contracts, we saw little coordinated response in our local free software community. It became clear that having a FLOSS-focused job - putting food on the table - is not just about demand from FLOSS-enthusiastic customers. We need to have a coordinated means of supplying their needs. How can we quit our proprietary jobs, work on projects that inspire us, and increase the IP we can publicly release? Can we work on FLOSS projects as a main income, outside of specific big players?</p> - -<p>We set out to answer this as systematically, and reproducibly, as possible - not solely freelancing or contracting, tied to pre-set IP requirements, but looking at the IP-based business landscape and thinking how we could structure differently to compete. Crucially, we did not start out with an exclusive project to fund or progress, but took free and open source software as our theme, and worked from there. Nearly three years later, this talk will tell the tale of that journey, finding a space to experiment with FLOSS business models, and how that can be replicated. This has taught us a lot about local business, collaboration, code and community; how they interlink, providing an opportunity to have a sustainability in the largely proprietary world of small business.</p> - -<p>Amazingly to us, focusing on FLOSS in a highly competitive development market, made us even more creative in business than in code, and forced us to innovate faster in our business architecture than our software architecture. If only we had known when we started what we know now... and so, in the spirit of open source, we are keen to discuss this with the wider community.</p> - -<p>Key outcomes for becoming self-employed in FLOSS will be briefly explained:</p> - -<ul> -<li>open source is only one critical piece of an open technology jigsaw</li> -<li>variety of skillsets is essential, and open source facilitates this</li> -<li>using FLOSS philosophy in building up business relationships</li> -<li>the role of research &amp; development</li> -<li>how we reach agreement on the balance between private, open and free with clients</li> -<li>where the limitations are in all of this</li> -</ul> - - -<p>This session will touch on working with non-technical users, in companies big and small, to meet their needs and keep ourselves going. It will show how we are aiming to support others in taking the same steps - in reusable template documents, R&amp;D oucomes, lessons learned, and building a roadmap ahead.</p> - -<p>From a case study perspective, this will reference OurRagingPlanet, a schools-focused tool teaching natural disaster impact; Lintol, an open data validation platform; and The Data Times, a data discovery platform for community journalist - all works in progress.</p> - -<p>Finally, realistic alterations to the funding landscape will be discussed, to help existing projects become more sustainable, to streamline FLOSS support from local industry, and to improve the software ecosystem for all involved.</p> - - Phil Weir - - - Project Lintol - OurRagingPlanet - The Data Times - Avata Industries - Requests for docs - Presentation - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:30 - UB5.132 - community_back_from_the_dead - Back From the Dead - Resurrecting a national FOSS organization - Community devroom - devroom - - <p><a href="https://hamakor.org.il">"Hamakor"</a> is a non-profit that was founded in 2003 as the umbrella organization of the Israeli Free and Open Source Software community. It organized multiple events, led various public campaigns and even took part in defining some local standards. But over the years, many of the early members have moved on and the activities slowly dwindled. By 2014, all that remained was several old-timers debating over a mailing list and a yearly gathering that was becoming difficult to organize. There were barely enough volunteers left to fill the legal requirements for running a non-profit.</p> - -<p>Ironically, just as Open Source was becoming popular, the organization was fighting for its life. An emergency general assembly was called to discuss the possibility of disbanding the organization. With a narrow margin of 4:2, the members decided to continue operating. From that point, the organization started on a path of growing its activities and working on its rejuvenation, attracting new members and adapting to the current trends in the FOSS world.</p> - -<p>In 2018, Hamakor provided the platform for organizing multiple conferences, held regular monthly open source hack nights, and got to the point of working towards hiring it's first paid employee.</p> - -<p>We will discuss what worked, what didn't work, the lessons learned, what challenges we faced along the way and what are the challenges ahead as we continue to grow.</p> - -<p>While the talk is a case study of one organization, much of the content will be relevant to other mature organizations facing similar situations, and to younger organizations that wish to avoid making into the same mistakes we made.</p> - - - Tomer Brisker - - - Hamakor website - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:55 - 00:30 - UB5.132 - community_coaching_open_source_communities_2 - Coaching for Open Source Communities 2.0 - - Community devroom - devroom - - <p>A community is a big company with a different purpose: a passion. -That passion is the key but is not enough to manage a community and let to grow and improve his effect every day. -Coaching is a way to improve your action as community leader or volunteer without change your workflow.</p> - <p>Do you know that there are many little tips and approaches that can improve your community health and quality for the participation? -What are the best practices, issues and how to manage them to help your community to grow?</p> - - Daniele Scasciafratte - - - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:30 - UB5.132 - community_towards_sustainable_solution_open_source_sustainability - Towards a sustainable solution to open source sustainability - - Community devroom - devroom - - <p>A few years ago, Heartbleed epitomized a massive open source sustainability problem for critical parts of the internet infrastructure. The bug, which affected the popular OpenSSL cryptographic software library, notably compromised the confidentiality of 4.5 million US patient records and cost the industry an estimated $500M.</p> - -<p>It was soon revealed that the root-cause of the issue was that OpenSSL was precariously understaffed. Open source sustainability became a major theme overnight. Stories of maintainer burn-out made the headlines. And tentative solutions started to emerge, most of them donation-based.</p> - -<p>In this talk we'll explore a number of existing strategies to fund open source and make it more sustainable, from patronage to dedicated ad networks. And we'll defend the idea that the best path to open source sustainability is to help companies understand the tangible business value they can get from contributing to open source.</p> - - - Tobie Langel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:05 - 00:30 - UB5.132 - community_collaboration_open_source_is_the_better_way - "Collaboration in Open Source Is the Better Way" - - Community devroom - devroom - - <p>Do you wish that your project team was more productive? Do you struggle with communication and project quality? Are you missing opportunities to make a bigger impact because of ineffective communication? Are you unsure why there is turnover among your most effective contributors? Do you see the benefits that collaboration brings to other projects, but are unsure how it could apply to you &amp; your project team?</p> - -<p>This session will present a set of specific examples &amp; stories from our direct experience of the benefits of open collaboration to enable more productive &amp; effective open source development.</p> - -<p>We believe that the desire to assist each other &amp; to collaborate is often present but unrealized. Many projects have established systems &amp; styles of communication that limit opportunities for creative interaction, reduce flexibility, &amp; ultimately restrict effective community engagement and results.</p> - -<p>The session will include several hands-on exercises for participants to learn-by-doing.</p> - <p>Do you wish that your project team was more productive? Do you struggle with communication and project quality? Are you missing opportunities to make a bigger impact because of ineffective communication? Are you unsure why there is turnover among your most effective contributors? Do you see the benefits that collaboration brings to other projects, but are unsure how it could apply to you &amp; your project team?</p> - -<p>This session will present a set of specific examples &amp; stories from our direct experience of the benefits of open collaboration to enable more productive &amp; effective open source development.</p> - -<p>We believe that the desire to assist each other &amp; to collaborate is often present but unrealized. Many projects have established systems &amp; styles of communication that limit opportunities for creative interaction, reduce flexibility, &amp; ultimately restrict effective community engagement and results.</p> - -<p>The session will include several hands-on exercises for participants to learn-by-doing.</p> - -<p>Our focus is on 3 key themes: collaboration is more effective than siloed work - reducing barriers between collaborators and communities; open source &amp; open collaboration represent success stories of more interaction creating better technology AND better business results; collaboration is inclusion - when more voices are heard, both results &amp; culture are improved.</p> - -<p>Benefits to the Ecosystem -The power of open source projects &amp; associated cross-company, cross-disciplinary collaboration are much discussed &amp; highly valued. In order to achieve the true benefits of open source tech &amp; open ecosystems, invest in adjustments to your approaches &amp; processes. You might need to make cultural changes in addition to technical changes. The examples we discuss are applicable to individual contributors, as well as leaders &amp; managers/maintainers.</p> - - Lauri Apple - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:40 - 00:15 - UB5.132 - community_devroom_closing - Community DevRoom Concluding Remarks - - Community devroom - devroom - - <p>In which Leslie and Laura provide the concluding remarks for the day.</p> - - - Laura Czajkowski - Leslie Hawthorn - - - Submit feedback - - - - - - 09:00 - 00:05 - UD2.119 - tools_and_editors_welcome_2019 - Welcome - - Free Tools and Editors - devroom - - <p>Welcome to the Free Tools and Editors devroom!</p> - - - Geertjan Wielenga - Lars Vogel - Johan Vos - - - Submit feedback - - - - 09:05 - 00:30 - UD2.119 - news_from_eclipse_2019 - Approaching Light Speed - News from the Eclipse Platform Project - - Free Tools and Editors - devroom - - <p>The Eclipse Photon simultaneous release was the last “big” annual release, and with Eclipse 2018-09 the first rolling release has been shipped to the public. Its heart, the Eclipse Platform, has come with a plethora of new features and improvements for Eclipse Photon and afterwards that will continue the Eclipse IDE keeping the #1 flexible, scalable and most performing IDE!</p> - -<p>Come and see the incredible achievements the platform team and its growing number of contributors made to bring you the best Eclipse IDE ever!</p> - <p>The Eclipse Photon simultaneous release was the last “big” annual release, and with Eclipse 2018-09 the first rolling release has been shipped to the public. Its heart, the Eclipse Platform, has come with a plethora of new features and improvements for Eclipse Photon and afterwards that will continue the Eclipse IDE keeping the #1 flexible, scalable and most performing IDE!</p> - -<p>This session will give a guided tour through the new features and changes in Eclipse Photon and Eclipse IDE 2018-09. Although especially JDT has been moved on quite much with support of new Java versions, this talk will focus on the other features of the Eclipse Platform and leaving JDT details to a separate talk at ECE. You will see usability improvements, code mining for enhancing the text editor information, useful new API for platform developers and neat features for users. Besides visible changes, the platform project team has paid special attention on stability, performance and resource consumption tuning. In this talk, we will give some insights how the team has worked on that.</p> - -<p>Come and see the incredible achievements the platform team and its growing number of contributors made to bring you the best Eclipse IDE ever!</p> - - Lars Vogel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:40 - 00:30 - UD2.119 - news_from_netbeans_2019 - From Oracle to Apache - News from Apache NetBeans - - Free Tools and Editors - devroom - - <p>Oracle donated NetBeans to Apache in 2016. What's the status of the project, what's the roadmap, and how can you get involved?</p> - -<p>In this talk we will show what NetBeans has for the future. This includes how to experiment with new Java language features in NetBeans, how to develop OpenJDK with NetBeans and how to add a support for a new language to NetBeans based the language server protocol.</p> - - - Geertjan Wielenga - Jan Lahoda - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:15 - 00:30 - UD2.119 - intellij_tooling_2019 - Tooling for IntelliJ Platform Plugins - - Free Tools and Editors - devroom - - <p>Open sourced under Apache 2 license, IntelliJ Platform is the base for a number of well-known IDEs. It supports a large variety of languages and technologies via bundled plugins as well as thousands of third-party plugins.</p> - -<p>This talk will showcase the tooling and ecosystem for plugin developers, covering the whole lifecycle of creation and maintenance.</p> - -<p>We'll start by taking a look at the IDE features for development and testing: smart code insight, highlighting, and refactorings.</p> - -<p>How to keep up with the latest platform releases? Plugin Verifier allows you to check for any incompatibilities -locally as well as get reports for already published versions.</p> - -<p>The built-in exception reporter provides the data for the Exception Analyzer, which helps collect and (auto-)triage all user-submitted runtime problems.</p> - - - Yann Cébron - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:50 - 00:30 - UD2.119 - graalvm_status_2019 - GraalVM: Polyglot Development Platform with Great Toolability - - Free Tools and Editors - devroom - - <p>In this session, we will explore how GraalVM is a polyglot VM based on JDK, supporting languages Java, JS, R, Ruby and Python, while providing various development tools, with integration in IDEs, such as NetBeans and VisualStudio Code, with Chrome Developer Tools to monitor and profile using Graal VisualVM. The Chrome integration is based on implementing Chrome Inspector protocol and Language Server Protocol, among others. GraalVM provides universal tooling support for all languages implemented on top of it.</p> - - - Martin Entlicher - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:25 - 00:30 - UD2.119 - language_server_protocol_2019 - Embracing Language Servers for Blockchain Development - - Free Tools and Editors - devroom - - <p>In this session I will demonstrate how we implemented a language server for the Solidity language, the language for smart contract development on the Ethereum blockchain. The language development is based on Eclipse Xtext, which implements the Language Server Protocol (LSP). By doing so, we were able to deliver Solidity tooling for multiple IDEs at once. I will show the Solidity integration for Eclipse, VSCode and Theia, and give some understanding about the LSP. Further I will show the development of smart contracts with the means of statemachines with the integration of Solidity into the Yakindu Statechart Tools.</p> - - - Karsten Thoms - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:20 - UD2.119 - containers_free_tools_devroom_2019 - Tools for Shrinking Your Containers - - Free Tools and Editors - devroom - - <p>Honey I shrunk the container! Containers are increasingly the standard mechanism for packaging, delivering and deploying software.</p> - -<p>They provide a simpler, more lightweight architecturally significant form of virtualisation than VMs. They are a natural candidate for running microservices. But can we do better?</p> - -<p>If we can simplify our containers, we can shrink them further, improving: -- performance -- security -- management</p> - -<p>In this talk I'll be discussing: -- advantages of microcontainers over containers -- how to build and use microcontainers -- Smith (https://github.com/oracle/smith) - a microcontainer builder from Oracle -- Crashcart - (https://github.com/oracle/crashcart) a tool for debugging microcontainers (and containers)</p> - - - Ewan Slater - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:25 - 00:30 - UD2.119 - iot_devroom_tools_editors_2019 - Time is Important - Developer Centric IoT Platforms - - Free Tools and Editors - devroom - - <p>A break down of different IoT platforms that can be used to rapidly prototype 'things'.</p> - -<h2>What this is about</h2> - -<p>1) Don’t make me think! A breakdown of IoT frameworks to help you build things. -2) Demonstration of different rapid prototyping environments. -3) The key points in development of an IoT thing and getting your idea alive.<br/> -4) The trade off between complexity and features in IoT</p> - <h2>Who this is for</h2> - -<p>Developers, engineers and hobbyists not familiar with embedded IoT technology and wanting a breakdown of the main differences offered by companies, organisations and communities</p> - -<h2>Content</h2> - -<p>A breakdown of IoT frameworks and the communities they serve. Which one do you belong to? -The demos Looking at 3 systems. Using a ‘C’ cloud based remote compiation and development tool chain, a Python framework and Javascript. Hardware will be available for people to try afterwards in a meeting hub. -Complexity vs Simplicity! As your ‘thing’ evolves you suddenly worry about onboarding, installation, configuration, security, updating and interfaces! This is not how to solve just what are your options.</p> - -<h2>Wrapping it up</h2> - -<p>Going over key points. Good resources. Other technology frameworks to consider.</p> - - Nicholas Herriot - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:30 - UD2.119 - language_eclipse_ide_2019 - Adding Support for a New Language in the Eclipse IDE - - Free Tools and Editors - devroom - - <p>We will show how to utilize the LSP adapter in the Eclipse IDE to extend it with a new language.</p> - <p>The language server protocol is a new technology to simplify the implementation of support for a new language in a client (editor or IDE). It is backed and developed by Microsoft and implemented in many different clients. -Eclipse also supports the LSP and in this demo/talk we will demonstrate how to use it by implementing support for the dart language (which is used by the flutter project).</p> - - Jonas Hungershausen - - - Submit feedback - - - - 13:35 - 00:30 - UD2.119 - eclipse_tuning_2019 - Taming The Dinosaur: How Eclipse was Performance Tuned - - Free Tools and Editors - devroom - - <p>While increasing amount of features usually result in poorer performance and more memory consumption, Eclipse Photon has proven the opposite: The Eclipse Platform got faster and less memory hungry than before. This has been achieved by intensive profiling of multiple use cases and refactorings derived from the analysis.</p> - -<p>This talk will take a look behind the scenes and shows how profiling tools can help to understand performance bottlenecks in Eclipse based products and Java applications in general. Attendees will learn about the YourKit Java Profiler tool, which while being a commercial product can be used for free on Open Source development. I will discuss some former hot spots identified in the Eclipse platform with analysis screenshots and how they got resolved.</p> - - - Karsten Thoms - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:10 - 00:30 - UD2.119 - praxislive_2019 - PraxisLIVE: Hybrid Visual Live Programming - - Free Tools and Editors - devroom - - <p>PraxisLIVE is an open-source hybrid-visual IDE for live programming, built on top of the NetBeans platform. While the IDE is primarily aimed at creative coders, its underlying forest-of-actors runtime supports real-time coding Java in general. PraxisCORE brings aspects of Erlang, Smalltalk and Extempore into the Java world, -providing a powerful platform for media processing, data visualisation, sensors, robotics, IoT, and lots more! We will explore some of the trials and tribulations of designing a just-in-time programming system in Java, including actors, classloaders and reactive dataflows, with the aid of some hypnotic visuals and bleepy sounds.</p> - - - Neil C Smith - - - PraxisLIVE - Submit feedback - - - - 14:45 - 00:30 - UD2.119 - html_java_api_2019 - Quick & Easy Desktop Development with NetBeans and its HTML/JAVA API - - Free Tools and Editors - devroom - - <p>In the era of microservices, HTTP/2 and IoT, desktop applications are still here to stay. Seeing is believing. See how to develop enterprise applications being built on top of the Java desktop application framework known as "the NetBeans Platform", many of them are Open Source and/or freely available, while when you use the new open source HTML/JAVA UI, you'll be able to write portable rich applications with the power of DukeScript.</p> - - - John Kostaras - - - Submit feedback - - - - 15:20 - 00:30 - UD2.119 - kotlin_code_coverage_bytecode - Java 4..12, Kotlin, Code Coverage and their best friend — bytecode: scandals, intrigues, investigations - - Free Tools and Editors - devroom - - <p>Do you know what is inside of your class files? Are you ready to bet? Let's have fun by diving into bytecode pattern matching and explore how different compilers (Java/Kotlin) and their different versions, including unreleased javac 12, transform your source code.</p> - -<p>Our dive will be based on details of implementation of most popular open source code coverage tool for Java — JaCoCo, whose recently released version finds in bytecode and filters out various compiler generated artifacts, which otherwise require unnecessary and sometimes impossible tricks to have full code coverage.</p> - - - Evgeny Mandrikov - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:55 - 00:30 - UD2.119 - extend_emacs_2019 - Extend Emacs in C or Other Languages - - Free Tools and Editors - devroom - - <p>Starting with GNU Emacs 25, your favorite editor can now load and execute shared objects at runtime. That means you can extend Emacs by writing C code for example. This talk will briefly present the history and controversies about binary modules in the GNU world, cover the basics of the module API and show you how to write a simple module.</p> - - - Aurélien Aptel - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:30 - UD2.119 - profiling_low_end_platforms_hawktracer - Profiling Low-End Platforms using HawkTracer Profiler - - Free Tools and Editors - devroom - - <p>HawkTracer is low-overhead instrumentation-based profiler built at Amazon Video for platforms with limited capabilities. It's highly extensible (at compile time) and portable so it can be run on almost any embedded device. In this talk I'll briefly talk about history of the profiler (why did I start it, and how did I manage to publish it to open source world), introduce the architecture of the profiler, present it's advantages and limitations, show how can you instrument the code and demonstrate the profiler in action by running it with an example project.</p> - - - Marcin Kolny - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:25 - UD2.120 (Chavanne) - python_diversity_gap - Beyond the 10%: analysis of the gender-diversity gap - - Python - devroom - - <p>Women represents half of the population. The technological industry claims that around 30% of their work force are women. And that percentage decreases down to 20% when focusing on the tech. teams.</p> - -<p>If we analyze open source communities, those hardly reach 10% of the population as this is the case of the OpenStack Foundation or the Linux Kernel.</p> - -<p>This talk will show previous analysis and data publicly available with this respect, and an analysis of the Python community [1] to compare to.</p> - -<p>In addition to that, this talk will provide the steps done up to having the data: retrieving, curating, cleaning and visualizing the information with Python. For this process GrimoireLab, and specifically Perceval [2] was used used for retrieving information. Perceval retrieves information from the usual data sources found in the open source world. Then Ceres [3] is a small library that handle Perceval's data. These are the basics of the technical infrastructure.</p> - -<p>[1] https://github.com/python [2] https://github.com/chaoss/grimoirelab-perceval, [3] https://github.com/chaoss/grimoirelab-cereslib</p> - - - Daniel Izquierdo - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:30 - 00:25 - UD2.120 (Chavanne) - python_discover_graphql - Discover GraphQL with Python, Graphene and Odoo - - Python - devroom - - <p>GraphQL is the hottest new technology for building APIs, sometimes touted as a better REST. This practical talk aims at explaining what GraphQL is and how it can help expose an elegant and flexible API for advanced business applications in record time. Real code examples will be shown, based on the Graphene library and Odoo Community. Care will be taken so the audience can easily transpose those to other python frameworks such as Django, Tryton or sqlalchemy. A short comparison of GraphQL with other familiar "RPC" technologies such as SOAP and REST will be provided, as well as a discussion of strengths, weaknesses and potential pitfalls.</p> - <p>Talk structure:</p> - -<ul> -<li>GraphQL, a short introduction</li> -<li>Demonstration, code examples using Python Graphene and Odoo Community</li> -<li>How GraphQL relates to other technologies, such as REST and SOAP - -<ul> -<li>benefits,</li> -<li>weaknesses,</li> -<li>potential pitfalls.</li> -</ul> -</li> -</ul> - - - Stéphane Bidoul - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:25 - UD2.120 (Chavanne) - python_write_pylint_plugins - How to write pylint plugins - - Python - devroom - - <p>Pylint is the most popular Python source code analyzer which looks for programming errors, helps enforce a coding standard and sniffs for some code smells. It is possible to write plugins to add your own checks, for example enforce all documentation strings to be enclosed with 3 double quotes!</p> - -<p>This presentation will focus on how the pylint plugin system works, how to examine AST tree of a piece of code and create a minimalistic plugin from scratch. It will also examine couple of plugins that are used in the Kiwi TCMS project.</p> - - - Alexander Todorov - - - Custom pylint plugins used by Kiwi TCMS - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:25 - UD2.120 (Chavanne) - python_application_configuration - Mastering Application/Service Configuration - How to cover your configuration needs with oslo.config - Python - devroom - - <p>This talk covers oslo.config as a replacement option for ConfigParser, ArgumentParser and os.environ integrating all of their main features.</p> - <p>Many applications and services rely on configuration data to behave according to a set of specific needs.</p> - -<p>The standard library gives us ConfigParser, ArgumentParser and os.environ used for easy configuration via plaintext configuration files, command line arguments and environment variables, but they don't come with batteries included to integrate with each other.</p> - -<p>OpenStack Common Libraries (Oslo) has an enhanced alternative called oslo.config with support to config files, command line arguments, environment, option deprecation, and much more. With the recent addition of source drivers feature, it is also possible to increase the security of config values storing them in a safer place like a secret manager. Using oslo.config over the standard library options is an easy way to achieve flexibility and also become compliant with security matters.</p> - - Moisés Guimarães - - - Oslo.Config @ EuroPython - Oslo.Config Poster on Hardening Plaintext Secrets in Configuration Files - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - UD2.120 (Chavanne) - python_demystifying_coroutines - Demystifying Coroutines and Asynchronous Programming in Python - - Python - devroom - - <p>In this talk we will explore how coroutines work and how they are implemented in Python. We will learn that generators lie at the heart of coroutines, and how this long-standing feature of Python evolved over time to support the new capabilities of asynchronous programming.</p> - -<p>It’s a time travelling tale that explores the milestones in Python that relate to generators, coroutines, and asynchronous programming.</p> - <p>The talk is intended to explore coroutines and asynchronous programming in Python, in full detail. -It provides a historical revision of all the milestones in Python that led to the current implementation of coroutines, asynchronous programming, and event loops (asyncio) as we know them today. -Starting from generators, it reviews their original idea and rationale, and then it explores how they became the pythonic solution for supporting coroutines, by extending their interface with new methods (PEP-342). Later on, generators (and coroutines) were extended once again in PEP-380, to support even more advanced functionality (like the "yield from" syntax). This was a major milestone that actually allowed programmers to start working with non-blocking I/O asynchronously fashion, and the idioms used for that resemble modern asynchronous programming with Python. Understanding what's behind those idioms helps to explain much of the current asynchronous frameworks.</p> - -<p>The dynamic nature of Python made the syntax prone to mixing iterators with coroutines, so the community (wisely) agreed on the fact that the language had to evolve, and new syntax needed to be added. New specific types were added for coroutines in Python 3.5, and Python 3.6 incorporated asynchronous generators. Finally in Python 3.7, "async" and "await" were promoted to keywords, and there were several enhancements to the asyncio library, marking the current state of the art of asynchronous programming in Python.</p> - -<p>The talk concludes by providing food for thought on what asynchronous programming actually means in Python, and what to expect for the future (Python 3.8 and beyond).</p> - - Mariano Anaya - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - UD2.120 (Chavanne) - python_matching_with_behavior_trees - Tree matchings with Behavior Trees - How to recognize a complex subtree in a big tree - Python - devroom - - <p>Any python data structure could be seen as a big tree of related objects. -Would it be useful for you to recognize in this big tree some specific form?</p> - -<p>Recognizing of subtrees is really a common aim in compilers implementation. But it's not an easy task. -I recently found that I could easily use behavior trees to do such things. However this kind of techniques could be useful in other situation. -This talk want to popularize this technique by explaining how behavior trees work in common way, how to adapt then for a bottom-up tree matching algorithm.</p> - -<p>For instance, some HTML parser provide CSS Selector function to match one node at the time optionally related to some ancestor. Here, with this kind of matching algorithm you could match many nodes in only one pass.</p> - -<p>I create on my github a "treematching" module that use this algorithm to provide an Embedded DSL to write patterns, match any python data structure and in some case, allow you to do tree rewriting.</p> - - - Lionel Auroux - - - A link to the Treematching python module - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - UD2.120 (Chavanne) - python_ast_module - Making your Python code write your Python code - Discover Python's 'ast' module to see how you can analyze and generate Python code - Python - devroom - - <p>Have you ever wondered how much of your code could be generated automatically? Introspection, mutation, extension - Python's uber-dynamic nature allows us to do all kinds of kinky stuff. In this presentation we will take a look at the 'ast' module and see how it allows us to analyze and produce Python code. By leveraging it's power, we will try to create useful tools and even our own DSLs!</p> - - - Marcin Sobczyk - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - UD2.120 (Chavanne) - python_memory_management - Memory Management in Python - A Short Overview of CPythons Memory Management - Python - devroom - - <p>Learn what is going on behind the scene about memory. How CPython allocates memory? How it manages Private Heap? Does it uses abstractions for managing the memory? Does python relase memory back to the system? Learn how python GC works, reference counting and generational GC. How generations classified? How does reference counting mechanism work? This talk is going to try to answer all this questions.</p> - <ul> -<li><p>Motivation about that subject. -Why do i need to know this stuff? -What is the effect of these things on my code quality? -Is that lecture enough for being a master about this subject?</p></li> -<li><p>Understanding Objects -Everything is an object in python (even code). If we want to understand what is going on behind the scene about memory allocation for objects first we should understand objects. This part has a cpython code reference for PyObject. We are going to learn python objects with seeing how they implemented.</p></li> -<li><p>Memory Management Model -Python has a great system about managing the memory (the private heap). Heap managed by +1th layer but the main part of this talk is +2th layer, object allocation. We'll discuss them</p></li> -<li><p>Small Object Threshold -Classifies objects into 2 sections. If size of an object bigger than 512 it is big else it is small.</p></li> -<li><p>Abstractions -We'll talk about abstractions, Arena > Pool > Block</p></li> -<li><p>Deallocations -We'll talk about GC, reference count, counting mechanism, generational gc, mark &amp; sweep, generations.</p></li> -</ul> - - - Batuhan Taşkaya - - - My latest article about memory management - Latest article about cpython - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - UD2.120 (Chavanne) - python_pyodide - Pyodide: scientific Python stack compiled in WebAssembly - - Python - devroom - - <p>The <a href="https://github.com/iodide-project/pyodide/">Pyodide project</a> aims to compile the scientific Python stack to -WebAssembly, so that it can be run directly in the browser. It currently -supports data science libraries such as NumPy, Pandas, matplotlib -(and more planned in the future). In this talk we will outline the current -capabilities, existing challenges, and possible future development directions.</p> - -<p>Pyodide is closely related to the <a href="https://iodide.io/">Iodide</a> project, which implements -a notebook environment (including but not limited to Pyodide) that allows -performing calculations in the client-only mode (without sending requests to a server).</p> - <p>The <a href="https://github.com/iodide-project/pyodide/">Pyodide project</a> aims to compile the scientific Python stack to -WebAssembly, so that it can be run directly in the browser. It currently -supports data science libraries such as NumPy, Pandas, matplotlib -(and more planned in the future). In this talk we will outline the current -capabilities, existing challenges, and possible future development directions.</p> - -<p>Pyodide is closely related to the <a href="https://iodide.io/">Iodide</a> project, which implements -a notebook environment (including but not limited to Pyodide) that allows -performing calculations in the client-only mode (without sending requests to a server).</p> - - Roman Yurchak - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - UD2.120 (Chavanne) - python_games_with_micropython - Computer Games with MicroPython - Become a full-stack game developer. - Python - devroom - - <p>MicroPython lets you program your own hardware easily, so why not use it for programming your own games on your own custom handheld game console? And once you have the game console, why not make it super-easy to program and use it for education and workshops?</p> - <p>I like making computer games, and I think that everybody should at least try to do it once. Not only it is great fun, but you also learn a lot of useful skills, including the fact that now you can control the computer, and not be controlled by it. But programming games with regular Python is hard, so why not turn to MicroPython and build your own hardware that will make it super-easy to make simple games? And as you gain experience and extend your tool set, you can build better devices and make better games for them. You can even experiment with non-standard control methods and output. In this talk I will tell you how you can start doing this, and I will show you the hardware and games that I made. I will also talk about how I turned one of them into an educational device running CircuitPython and suitable for game-programming workshops.</p> - -<p>After the talk, I want you to know that: -1. it's actually pretty easy to make custom gaming hardware these days, -2. it is still a lot of work to actually make a good computer game, -3. using high-level languages like Python helps, both beginners and advanced developers.</p> - - Radomir Dopieralski - - - projects - home page - documentation for PewPew - documentation for µGame - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - UD2.120 (Chavanne) - python_extending_numba - Extending Numba - - Python - devroom - - <p>Over the years the Numba project has proven itself to be a pragmatic and effective tool to accelerate numerical computations significantly. Numba however puts some restrictions on the code that can be accelerated. These restrictions can force you to compromise, making your code less readable or more difficult to integrate with the rest of your code. This tradeoff makes Numba less attractive. In this talk I'll share what I've learned integrating Numba in our simulator. We'll look at the architecture of Numba and explore how we can extend it to ensure our code can be accelerated without having to trade in expressiveness.</p> - - - Joris Geessels - - - http://numba.pydata.org/ - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - UD2.120 (Chavanne) - python_extending_syslog_ng - Extending syslog-ng in Python - Best of both worlds - Python - devroom - - <p>The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs, or forwards them for further analysis. It was originally developed in C due to its low footprint and high performance. Recently Python language bindings were added, so you can collect, process, and store log messages using embedded Python code.</p> - -<p>Learn how to customize your log processing infrastructure in Python using syslog-ng, integrate your logs to local and cloud services, and the implementation details and benefits of such solutions.</p> - <p>The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs, or forwards them for further analysis. It was originally developed in C due to its low footprint and high performance. Recently Python language bindings were added, so you can collect, process and store log messages using embedded Python code.</p> - -<p>Python bindings always have two parts: a configuration part – where you configure a source, parser, or destination – and the actual Python code part. You can store the code in-line in the syslog-ng configuration file, or in external files, if you have a larger project.</p> - -<p>The first Python binding added to syslog-ng was the Python destination. Many databases and cloud services have an easy to use Python API, while a C implementation of the API is either missing or difficult to implement. The syslog-ng application handles log messages and parsed data as name-value pairs. You can pass name-values to the Python destination code in mulitple ways: an object which contains all of the name-value pairs, or as a dict, which contains only name-value pairs configured in syslog-ng.conf. Recent releases also support the use of templates.</p> - -<p>Next the Python parser was implemented. Originally it was intended as an easy-to-code parser for messages not supported by the built-in parsers, like PatternDB or csv-parser. But you can also use it to enrich log messages from external databases. For example, you can use it to resolve host names from IP addresses.</p> - -<p>Recently support for Python source was added. You can use it to fetch data or implement a server in Python, for example, to collect messages over HTTP or Kafka protocols.</p> - -<p>Obviously the Python code is slower than native C code. On the other hand, extending syslog-ng in Python offers a lot more flexibility than development in C. You do not need a development environment other than a text editor and the Python module installed. Neither do you need you to compile the code. Just write it and use it.</p> - -<p>It is easy to get started, as there is no need for extra setup. You can get proof-of-concept minimal setup working with a single method quickly. You can extend it later to have proper initialization and connection control for added robustness.</p> - -<p>Learn how to customize your log processing infrastructure in Python using syslog-ng, integrate your logs to local and cloud services, and the implementation details and benefits of such solutions.</p> - - Peter Czanik - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - UD2.120 (Chavanne) - python_markup_to_pdf - Text Markup to PDF with Python - - Python - devroom - - <p>Python is brilliant at many things, but did you know it could also create beautiful documents from simple markup? Discover rst2pdf in this session.</p> - <p>Introducing: rst2pdf. This open source python project enables you to write simple, text-based markup and generate beautiful PDF documents with a single command. Using text-based content makes collaboration simple as source control tools can be used; it also allows content to be easily repurposed to different documents without reformatting. The styling can be changed independently and different formats produced from the same content source - it also supports syntax highlighting. This talk will also cover a bit about the state of the open source project itself and how people can get involved as users or contributors.</p> - - Lorna Mitchell - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - UD2.120 (Chavanne) - python_compute_qos_of_your_infrastructure - Compute the QOS of your infrastructure with DEPC - - Python - devroom - - <p>DepC is an open source tool written in Python 3.5+ : https://github.com/ovh/depc</p> - -<p>We use it to compute the Quality Of Service (QoS) of our IT infrastructure and customers (14k servers and 5M websites in the WebHosting department).</p> - -<p>To be able to do this we use some open source technologies : -- TimeSeries databases and Pandas / Numpy for the QoS computing, -- Neo4j to store the graph of our dependencies (a customer depends on several servers and some services, like databases, themselves depends on servers. If a server fails, several customers QOS are impacted), -- Kafka consumer to update in real time the graph in Neo4j, -- Apache Airflow to schedule the jobs used to compute the QOS of the whole infrastructure (the graph in Neo4j contains ~10M nodes).</p> - -<p>The goal of this conference is to show you how do we assemble these technologies to construct DepC in OVH.</p> - - - Nicolas Crocfer - Anthony Olea - - - Github Repo - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - UD2.120 (Chavanne) - python_salut_a_toi_network - Salut à Toi: A Python Based Social Network And More - A multi-platforms communication ecosystem based on XMPP and Python - Python - devroom - - <p>"Salut à Toi" is a Python based multi-platforms decentralized communication ecosystem. It is using a standard protocol (XMPP) and offers a lot of features like chat, e2e encryption, files sharing, photo albums, events, (micro)blogging, forums, remote control, tickets, merge-requests and even a decentralized web framework. This talk is an overview and a demonstration of the project, and it will explain how the Python technologies helped.</p> - <p>"Salut à Toi" is a large communication ecosystem based on a daemon/frontends architecture, and available on many platforms (desktop, mobile, web, console). It uses the power of XMPP far beyond instant messaging, and takes profit of many exciting python technologies such as Twisted, Kivy, python-for-android, Jinja2, or Urwid.</p> - -<p>This talk will be a quick tour of the project mainly focusing on desktop/mobile frontend and web frontend.</p> - -<p>After a brief explanation of the project, the association behind, and its goals, a demo of the desktop/mobile frontend will be done on GNU/Linux and on Android, with features likes: - - one2one and group chat with e2e encryption (OTR and OMEMO) - - sharing a folder either in P2P or through a server à la Owncloud/Nextcloud, with easy permission handling - - remote controlling a VLC instance running on the desktop through the Android app</p> - -<p>Then a demo of the web frontend will take place with blogging, events, forums, tickets and merge-requests.</p> - -<p>This will be the occasion to have some words on the Python technologies used and how, and why Python has helped a lot.</p> - -<p>More details on the project can be found on https://salut-a-toi.org or on the blog of the main developer: https://www.goffi.org.</p> - - Jérôme Poisson (Goffi) - - - official website - main developer blog - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:25 - UD2.120 (Chavanne) - python_solving_polynomial_systems - Solving Polynomial Systems in Python - phcpy: a scripting interface for PHCpack - Python - devroom - - <p>PHCpack is a software package for solving polynomial systems -with homotopy continuation. The talk will tell the story of -the development of phcpy, a scripting interface for PHCpack, -which has been under development for the past five years. -One result is the availability of the software in a Python2, -Python3, and SageMath kernel of JupyterHub, which runs at -https://pascal.math.uic.edu/hub/login (www.phcpack.org).</p> - -<p>Other relevant details: -https://arxiv.org/abs/1310.0056 (EuroSciPy 2013 proceedings paper) -http://homepages.math.uic.edu/~jan/phcpy<em>doc</em>html/index.html (documentation) -https://github.com/janverschelde/PHCpack (github repository)</p> - <p>PHCpack is a software package for solving polynomial systems -with homotopy continuation. The talk will tell the story of -the development of phcpy, a scripting interface for PHCpack, -which has been under development for the past five years. -Working on phcpy involved the following activities: -(1) Accessing code in a shared object file from Python. -(2) Documenting the code with Sphinx. -(3) CGI processing, managing user information and user data. -(4) Making the code available online with JupyterHub. -The presentation will provide examples of the expertise -acquired for the four tasks mentioned above.</p> - - Jan Verschelde - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:00 - 00:25 - UD2.208 (Decroly) - rust_python - RustPython: a Python implementation in Rust - Building a Python 3 interpreter in Rust - Rust - devroom - - <p>Rust is a relatively new programming language aimed as a safe competitor of C. -There are already attempts to write extension modules in rust and load them into -CPython. A whole new approach would be to re-implement the Python language in rust. -This is what RustPython is about.</p> - <p>RustPython is a relatively new project. The aim of the project is to create a -Python interpreter written entirely in Rust. Until now we used many of the language -features available in rust, such as vectors, hashmaps, iterators. To implement standard -library modules, we would like to wrap existing rust crates. -This is what we did with the json module for example.</p> - -<p>During this talk, we will demo the current state of the art of the project. We -will take a dive into the internals of RustPython, from parsing, compilation, bytecode -to actual execution on the Python virtual machine. Next to this we will cover -the growing community, and the road ahead!</p> - - Windel Bouwman - Shing Lyu - - - Project page on Github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 09:30 - 00:45 - UD2.208 (Decroly) - rust_cargo_inspect - What is Rust doing behind the curtains? - Exploring syntactic sugar with cargo-inspect - Rust - devroom - - <p>This is an hands-on talk, showing a journey from code with a lot of syntactic sugar to plain, veeery explicit Rust code.</p> - <p>Rust allows for a lot of syntactic sugar, that makes it a pleasure to write. It is sometimes hard, however, to look behind the curtain and see what the compiler is really doing with our code. -"It is good to know what these conveniences are, to avoid being mystified by what's going on under the hood... the less magical thinking we have of the world, the better." (Tshepang Lekhonkhobe). -In this hands-on talk, we will go from code with a lot of syntactic sugar to extremely verbose Rust code.</p> - -<p>We will use a little tool called <code>cargo-inspect</code>, which was built for teaching Rust internals. -The goal is to make the compiler more approachable to mere mortals.</p> - - Matthias Endler - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:20 - 00:25 - UD2.208 (Decroly) - rust_praezi - RustPräzi: a tool to build an entire call graph of crates.io - From package-based to precise call-based dependency network analysis - Rust - devroom - - <p>Which crates call a vulnerable function? Which deprecated functions are central to crates.io and should not be deleted? Am I breaking important clients and their dependencies with my new release? These are questions that package publishers and owners of package repositories crave for answers to. To solve this problem, we created RustPräzi: a call-based dependency network that represents a gigantic single large versioned call graph of all crates.io packages.</p> - -<p>In this talk, I will describe how RustPräzi is developed, the challenges we faced while compiling the entire crates.io and the future directions. Our goal is to make RustPräzi a community effort that can help in maintaining the stability of crates.io. For example, bad releases which may negatively impact crates.io can be detected and avoided.</p> - - - Joseph Hejderup - - - github - preprint - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:50 - 00:45 - UD2.208 (Decroly) - rust_beyond_first_steps - Beyond The First Steps - Key ideas and advices to improve your development posture - Rust - devroom - - <p>There is plenty of content available to teach you the first steps in Rust… But what about after?</p> - -<p>What are good resources? how can you leverage generated documentation instead of just tutorials and books? How can you manage the trade-offs in API design? We’ll look at some content and examples, both old and new, worth consuming and talk about their key ideas.</p> - -<p>Then, we’ll spend some time talking about some ways to refine your APIs, measure the impact of optimizations, reduce mental overhead on your developers, and tools to help you dig into the heart of your code (flamegraphs, metrics, failure injection, debugging).</p> - <p>Agenda:</p> - -<ul> -<li>5 min: A Brief Introduction (to help with context)</li> -<li>10-15 mins: Content Resources</li> -<li>Rust Conference/Meetup Videos</li> -<li>Great Articles</li> -<li>RFCs (and how to figure them out)</li> -<li>5 mins: Flexible/Optional Parameters</li> -<li>5 mins: Linearizable Types &amp; #[must_use]</li> -<li>(Optional, or pick any/all) 5 mins: Flamegraphs (Flamer) OR Prometheus (rust-prometheus) OR Debugging (lldb/VS Code).</li> -</ul> - - - Jay Lee - Ana Hobden - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:40 - 00:45 - UD2.208 (Decroly) - rust_sans_io - Sans IO: safe and testable network protocols - Building safe, deterministic and testable network protocols by removing IO - Rust - devroom - - <p>Implementing network protocols is a hard task, especially considering the support of conflicting implementations, or long term maintenance. And it does not help that testing them often requires complex client or server setups. -By removing IO from the equation, and instead working directly with buffers, we’ll see that testing instantly becomes easier to setup, the core implementation becomes completely deterministic, and the protocol gets more reusable. -This talk draws heavily from experience implementing protocols such as HTTP or AMQP. It will show how to build protocols in such a way, using the nom parsing library, cookie-factory serialization library, and a new state machine development library. And we will see how to reuse the resulting protocols, by swapping out the underlying transport (TCP, various TLS libraries, unix sockets…) or wrapping it in a nice futures based API.</p> - - - Geoffroy Couprie - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:45 - UD2.208 (Decroly) - rust_prometheus - Introducing rust-prometheus - How Rust makes metrics safe and fast - Rust - devroom - - <p>This talk is to give a brief introduction to the rust-prometheus library, which is a Rust client for Prometheus, a monitoring and alerting toolkit. After a brief look at basic usage, this talk will dive into how Rust features make the library safe and fast. Finally, we will discuss some ways to use Procedural Macros to reduce metric lookup by over 10x via generated static lookups.</p> - <p>Intended audience: Rust beginner</p> - -<h1>Agenda</h1> - -<ol> -<li>Introduction (5 min) - -<ul> -<li>Self introduction</li> -<li>What is Rust-Prometheus: A brief introduction to Prometheus and the client library</li> -<li>How to use: A short example of using the library to collect different kind of metrics</li> -</ul> -</li> -<li>How Rust Shines - -<ul> -<li>Safe (5 min) - -<ul> -<li>Why we care about safety</li> -<li>Type-safe generic labels: Use generic label length so that label length can be checked at compile time.</li> -<li>Rust’s Send &amp; Sync markers</li> -<li>Rust’s #[must_use] attribute</li> -</ul> -</li> -<li>Fast (5 min) - -<ul> -<li>Why we care about performance</li> -<li>Local !Sync metrics: Shared global metrics across threads is not efficient, e.g. causing cache eviction. Local metrics to solve under the cost of normal variables!</li> -<li>Static metric vectors via proc_macros: A macro to provide efficient metric vectors.</li> -</ul> -</li> -</ul> -</li> -<li>How static metric macro is implemented (10 min) - -<ul> -<li>A small explanation of the macro implementation so that listeners will have a blueprint about the capability and the approach of Rust procedural macros.</li> -<li>Benchmarks showing speed difference.</li> -</ul> -</li> -<li>Future Plan (2 min) - -<ul> -<li>Thread-local metrics: Enables seamlessly local metrics and less contention</li> -<li>More metrics, like Prometheus Summary</li> -<li>A more consistent API</li> -<li>Metrics pulling</li> -<li>Contributions are welcome!</li> -</ul> -</li> -<li>Production Use Case (5 min)</li> -</ol> - - - Wish Shi - - - Project page on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:20 - 00:25 - UD2.208 (Decroly) - rust_hawktracer - Profiling Rust - Rust bindings for the HawkTracer profiler - Rust - devroom - - <p>Rust-hawktracer allows you to do in-depth profiling for your Rust projects.</p> - <p>Talk overview: -- Introduction to profilers<br/> -- A state of profilers in Rust<br/> -- What HawkTracer is (the original C project)<br/> -- API design and trade-offs<br/> -- Live demo!<br/> -- Visualizing the data</p> - - Alexandru Ene - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:50 - 00:25 - UD2.208 (Decroly) - rust_gnome - Rust and GNOME - Adoption and impact of Rust through out GNOME - Rust - devroom - - <p>A tour through out the adoption of Rust in the GNOME and Freedesktop communities. Showcasing existing projects that adopted Rust like Librsvg and Gstreamer, but also desktop applications from scratch, new infrastructure tooling, and the challenges of integrating Rust with the rest of the ecosystem.</p> - - - Jordan Petridis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:20 - 00:25 - UD2.208 (Decroly) - rust_gtk_rs - gtk-rs: newest and future developments - Progress report on GTK+ Rust bindings - Rust - devroom - - <p>A tour on newest and future developments for gtk-rs, the Rust bindings to GTK+.</p> - <h2>Agenda</h2> - -<p>Introduction:</p> - -<ul> -<li>Small presentation of Gtk-rs project.</li> -<li>Small code demonstration.</li> -</ul> - - -<p>Last year developments:</p> - -<ul> -<li>Add of futures to handle asynchronous function calls.</li> -<li>Generation of union types.</li> -<li>A lot of new types/functions generated.</li> -</ul> - - -<p>Next developments:</p> - -<ul> -<li>Generate bindings for functions/methods taking callbacks as argument.</li> -<li>Long run: being able to "subclass" widgets.</li> -<li>Global API improvements as always!</li> -<li>Generate sys crates documentation on gtk-rs.org as well?</li> -</ul> - - -<p>gtk-rs ecosystem:</p> - -<ul> -<li>A lot of projects are starting to use gtk-rs, two of them are part of the ten most active GNOME projects on gitlab (Fractal - https://wiki.gnome.org/Apps/Fractal - and Podcasts - https://wiki.gnome.org/Apps/Podcasts).</li> -<li>Some (nice) API are built upon it like relm (https://github.com/antoyo/relm).</li> -</ul> - - -<p>Question time!</p> - - Guillaume Gomez - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:50 - 00:45 - UD2.208 (Decroly) - rust_gstreamer - GObject subclassing in Rust for extending GTK+ & GStreamer - Or: How to safely implement subclassing in Rust while making use of a C library - Rust - devroom - - <p>Many commonly used libraries from other languages, especially GUI toolkits, make use of Object Oriented Programming (OOP). While Rust has support for many of the OOP concepts in one way or another, there is no easy way for implementing subclassing or inheritance.</p> - -<p>The topic of this talk will be how to implement subclassing and inheritance in safe Rust, based on the GObject C library. The GObject library is providing Java/ObjectiveC-style OOP features to C. It is used by the GTK+ UI toolkit, the GStreamer multimedia framework and various GNOME libraries.</p> - -<p>Apart from reasons why you would want to do this in Rust, this talk will cover the new implementation for subclassing that was recently integrated into the existing GLib/GObject, GTK+ and GStreamer bindings. These bindings allowed usage of existing GObject types before, but didn't provide any features to create new GObject types. In addition to usage of the subclassing implementation, a couple of details about the implementation will also be explained.</p> - -<p>Last but not least, an outlook in the future will be given for how one can take this even one step further with procedural macros to allow writing code that looks very close to Java or C#.</p> - -<p>This talk will not only be interesting for those who want to make use of GTK+ or GStreamer and extend those libraries, but will also cover various aspects about safely interfacing with C libraries from Rust and all kinds of type tricks to teach the Rust type-system about subclassing and making use of the type-system for enforcing various invariants at compile-time.</p> - - - Sebastian Dröge - - - Rust GTK+ bindings - Rust GStreamer bindings - GTK+ - GStreamer - Rust GStreamer plugins - librsvg - librsvg branch making use of GObject subclassing in Rust - gtk-rs examples - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:40 - 00:25 - UD2.208 (Decroly) - rust_cpp - Call C++ from Rust with the cpp crate - Interoperate with C++ libraries, using Qt as an example - Rust - devroom - - <p>There is a lot of existing code and libraries written in C++. The cpp crates allow to embed easily -C++ within your rust code so you can call interoperate with the existing C++ code. -In this talk, we will see how to use this create and how it works behind the scenes. -As an example, we will look at the <code>qmetaobject</code> which expose Qt api to Rust.</p> - - - Olivier Goffart - - - The cpp crate - The qmetaobject crate - Slides - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:10 - 00:25 - UD2.208 (Decroly) - rust_ffi_rdma - Containing the RDMA plasma - An experience report on wrapping a wildly unsafe library - Rust - devroom - - <p>This talk is an experience report on my safe rust wrapper for a c++ RDMA library<a href="https://github.com/utaal/infinity-rust">^1</a>. RDMA enables the network hardware to directly read and write to memory, without the cpu's involvement. My rust implementation ensures that memory regions are exclusively either owned by client code, or enqueued for use by the underlying RDMA stack. This makes sure that data cannot be changed by hardware while owned by safe rust code, and that user logic cannot mutate data while it is being read by the card. In this talk, I'll go over the design of the library and how it embraces rust's ownership transfer semantics.</p> - -<p>In rust's safe/<code>unsafe</code> model, the burden of upholding safety guarantees at the <code>unsafe</code> boundary is entirely up to the programmer who's writing the wrappers. These guarantees are not formally specified, which makes it harder to reason about the safety of the wrapped <code>unsafe</code> logic; this issue is compounded by the fact that undefined behaviour can seep into safe rust from <code>unsafe</code> code that doesn't match rust's expected semantics. I'll discuss how this improves ergonomics in safe code, but requires careful engineering of <code>unsafe</code> code because it doesn't allow the programmer to reason locally.</p> - <p>Expected prior knowledge / intended audience: some working experience with Rust's semantics and guarantees of safe code</p> - - Andrea Lattuada - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 09:30 - 00:25 - UD2.218A - bug_bounty - Open source software security testing - Crowd supported via bug bounty - Security - devroom - - <p>The European Commission has launched the EU-FOSSA2 project where they want to invest in the security of open source projects by running bug bounty programs against popular software. Intigriti got the first position in this contract and will be running programs for some really known open source projects. In these programs, users from the community will be invited to help testing the security of these programs and will be rewarded for finding vulnerabilities.</p> - -<p> In this talk we will explain how bug bounty actually works, announce which programs can be found, which bounties can be earned and how the process flow works.</p> - - - Stijn Jans - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:00 - 00:25 - UD2.218A - tls13_apis - TLS 1.3: what developers should know about the APIs - - Security - devroom - - <p>Introduction to the new API added for TLS 1.3 in crypto libraries.</p> - <p>Major crypto libraries have adopted TLS 1.3 since its final publication in last August. Those libraries are carefully designed so the applications can switch to the new protocol with minimal code modification. However, as TLS 1.3 also brings new concepts, such as post-handshake authentication and 0-RTT, the applications needs to use new API to take full advantage of the protocol. In this presentation, we will go through the new API functions added for TLS 1.3 in multiple crypto libraries, see pros and cons of their design choices, and discuss the best practice in using those new functions.</p> - - Daiki Ueno - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 10:30 - 00:25 - UD2.218A - gost_crypto - Russian crypto algorithms in the OpenSource world - GOST crypto demystified - Security - devroom - - <p>This talk presents status of Russian national crypto standards and their support in OpenSource projects.</p> - <p>In parallel to mainstream cryptography world, Russia has a strong school of crypto algorithms development, including block ciphers, hash functions, digital signature, etc. There is slow but ongoing trend of harmonizing GOST algorithms usage with the rest of Internet community. -This talk is dedicated to debunking several myths and presenting current state of support in open source project.</p> - -<ul> -<li>GOST Myth busting: -insecure, Russian-only, unnecessary to the rest of the World</li> -<li>Major areas: PKI, CMS, TLS, DNSSEC, XML DSIG</li> -<li>New areas of contribution: -rekeying, new crypto modes</li> -<li>OSS support: - -<ul> -<li>OpenSSL</li> -<li>GnuTLS</li> -<li>LibreSSL</li> -<li>Linux kernel</li> -<li>libgcrypt</li> -<li>you name it</li> -</ul> -</li> -</ul> - - - Dmitry Eremin-Solenikov (Lumag) - - - http://gostcrypt.github.io - https://github.com/gost-engine/engine/ - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:00 - 00:25 - UD2.218A - eu_cybersecurity_act - The new EU CyberSecurity Act - Or how to prevent the EU from becoming the worlds largest botnet honeypot - Security - devroom - - <p>Fibre to the home opens numerous interesting possibilities for both bona-fide and not so bona-fide use cases. -Having your espresso machine or refrigerator being part of a multi-million device botnet which is attacking critical infrastructure might not necessarily be your first association when zipping your early morning caffeine fix.</p> - <p>Fibre to the home opens numerous interesting possibilities for both bona-fide and not so bona-fide use cases. -Having your espresso machine or refrigerator being part of a multi-million device botnet which is attacking critical infrastructure might not necessarily be your first association when zipping your early morning caffeine fix. -Not only might this notion be somewhat disruptive for your early morning zen-moment, you might also be held legally accountable for these actions as it is actually your home network participating in an international attack wreaking havoc on, let’s say, the healthcare information system of a close NATO ally. -Nowadays there is zero quality control being enforced over internet connected devices in general. But the EU (and US) have decided this somewhat naive approach should come to an end.</p> - -<p>A new directive (NIS, Directive on the Security of Network and Information Systems) comes into effect. Especially for branches active in the development of internet connected devices with a direct application in the “quality of life improvement” domain, this will be something to look out for: -Medical devices -Automotive -Domotica</p> - -<p>This new directive includes the ambition of implementing a certification scheme for IT systems and devices, this scheme will be based on the existing ISO 15408 standard:</p> - -<p>“ISO/IEC 15408-1:2009 establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of ISO/IEC 15408 which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.”</p> - -<p>What does this standard encompass? What does open-source and free software have to do with this?</p> - -<p>Let’s have a closer look in this talk!</p> - - Hans de Raad (OpenNovations) - - - openSUSE Conference 2018 presentation: Upcoming EU cybersecurity act - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 11:30 - 00:25 - UD2.218A - performance_core_protocols - Tracking users with core Internet protocols - Enhancing privacy and performance the Internet - Security - devroom - - <p>TLS 1.3, QUIC, and TCP belong to the most important and most often used protocols on the Internet. We will point out how these protocols can be used to track user beyond what is commonly known to be possible. We also present modifications to the protocols for preserving the user's privacy. To further reduce the page load times on the Web, we point out how the layering between DNS, TCP, and TLS is affecting the speed of connection establishment between client-server pairs. Finally, we present modifications to some of those protocols to get us a faster and more privacy-friendly Internet.</p> - <p>The download of an average Web site causes around one hundred small transactions from several hosts. Nowadays, the available bandwidth does not present an effective limitation of the page load time anymore. Thus, the design of a faster connection establishment is a promising direction to further improve the convenience of web browsing. To this end, TLS 1.3, QUIC and TCP Fast Open reduce the delay of the connection establishment by requiring the client to store data across several connections.</p> - -<p>These mechanisms, however, can be abused to stealthily track user's independent of traditional tracking approaches like HTTP Cookies, IP addresses, and browser fingerprinting. In particular, like TLS Session Resumption, QUIC's source-address Token, QUIC's server config, and TCP Fast Open cookies expose tokens which may be used to invade the users' privacy. To investigate the real-world feasibility of these tracking mechanisms, we analysed the configuration of popular Web browsers. Our worrying results indicate that especially via QUIC and TCP Fast Open tracking periods of multiple days are practical.</p> - -<p>While these protocols lead to faster connection setups, an initial connection establishment requires still at least three round-trip times (1 DNS, 1 TCP, 1 TLS 1.3). The idea of strict layering between those protocols prevents us from achieving further performance gains. In our talk, we will present cross-layer solutions which allow to substantially reduce the number of required round-trip times to establish initial connections on the Web without affecting the core components of each protocol, respectively. To substantiate the feasibility of our presented solutions, we implemented our approach and investigated its performance properties.</p> - -<p>Please note, that this talk assumes the audience to be familiar with the basic concepts of DNS, TCP, and TLS.</p> - - Tobias Mueller - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:00 - 00:25 - UD2.218A - crypto_pitfalls - How to prevent cryptographic pitfalls by design - - Security - devroom - - <p>Many security vulnerabilities are based on mistakes in integrating cryptographic mechanisms into the application. We argue that this is due to the design of the API of cryptographic libraries, which requires knowledge about cryptographic mechanisms and how to correctly embed them into specific use cases. However, most developers do not possess the required expert knowledge in this area. The lack of expertise in one specialist area is not a bad thing in itself, as developers excel in other areas. Therefore, we argue that the design of APIs of cryptographic libraries have to be substantially improved. We show you how easy it is to make mistakes during the integration of cryptographic mechanisms. We discuss how a few simple and well-known programming techniques can be utilized to make cryptographic APIs more usable for application developers and introduce a free software library which integrates cryptographic functions using an easier API in order to avoid common pitfalls.</p> - -<p>The improvement of the correct integration of established cryptographic tools is a quite simple but essential step to achieve a higher level of security in general.</p> - - - Maximilian Blochberger - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 12:30 - 00:25 - UD2.218A - usb_borne_attacks - USB borne attacks and usable defense mechanisms - Hardening built into the operating system without compromising on usability - Security - devroom - - <p>The attack surface of USB is quite large and while disabling USB altogether solves the problem, it creates many other. As do existing protection mechanisms. They suffer from poor usability and missing integration into the operating system. We present our approach to defending against rogue USB devices for a GNOME-based operating system.</p> - <p>USB is arguably to most exposed interface of a user's machine. It allows an attacker to interact with pretty much any driver, many of which are of questionable quality. We try to be smart about when to allow new USB devices. First, we try to detect when the user is present, arguing that if the user is not then new USB devices should not work. But it is not that simple, because you might very well want to attach a new keyboard in case yours breaks. Keyboards, however, pose another risk as several attacks have shown. But not all keyboards are equally bad and we propose to promote a harmless keyboard to become dangerous after getting the user's consent. It is not entirely clear yet how to that best, so your feedback and a discussion is certainly welcome!</p> - - Tobias Mueller - Ludovico de Nittis - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:00 - 00:25 - UD2.218A - otr4 - No evidence of communication and implementing a protocol: Off-the-Record protocol version 4 - Version 4 of OTR protocol - Security - devroom - - <p>OTRv4 is the newest version of the Off-The-Record protocol. It is a protocol where the newest academic research intertwines with the real-world implementations. This newest version is one where we are asked to revisit our definitions around deniability (online and offline) and how important they are to the world. It is also one where we must ask ourselves around how usable a protocol has to be in order to be used by real-world people. In this talk we will try to start a discussion around the importance of deniable secure communication, how it integrates with the whole security of a system, and how a user will need it for their normal activities.</p> - <p>As we know from past revelations, the Internet has become a place where any action is surveilled and recorded. In the light of this, the OTR protocol was created. But it was created long time ago. In the past years, there have been a increased work on cryptographic primitives, privacy and security notions, and how to incorporate them in a usable way. But these thoughts have not been incorporated yet into projects. OTRv4 is the newest version of the Off-The-Record protocol, which tries to incorporate these new ideas. In this talk, we will give an overview around why deniability matters, how it can be incorporated into protocols, how it is used by real-world people, and how to create a protocol that cares about its users.</p> - - Sofía Celi - - - The protocol specification of OTRv4 - The C library of OTRv4 - Paper of OTRv4 presented in PETS2018 - Presentations slides in IETF - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 13:30 - 00:25 - UD2.218A - recordflux - RecordFlux: Facilitating the Verification of Communication Protocols - - Security - devroom - - <p>Many security problems have been discovered in communication protocols in the past, examples are:</p> - -<ul> -<li>BlueBorne, a set of security vulnerabilities in the Bluetooth implementation which affect millions of devices</li> -<li>Heartbleed, a security bug in the OpenSSL library that lead to exposure of sensitive data</li> -<li>CVE-2018-10933, a critical bug in libssh which allows successful authentication without any credentials</li> -</ul> - - -<p>Still today many critical issues remain in protocol implementations, as their root causes have not been addressed. Two classes of faults dominate: runtime errors like buffer overflows, and logic errors in protocol state machines. The main reasons for runtime errors is the use of unsafe programming languages. Better alternatives with formal guarantees like Rust, SPARK or Frama-C exist, but re-implementing complex protocols means a lot of effort. Logic errors are caused by the complexity of protocols and imprecise specifications in natural language.</p> - -<p>RecordFlux is a framework for the secure implementation of communication protocols. From a formal protocol specification written in a domain-specific language the tools generate SPARK code, for which the absence of runtime errors can be proven automatically. In the future RecordFlux will also allow the specification of dynamic protocol semantics and support formal correctness proofs for protocol state machines. In this talk we give an overview of the current state and speak about an upcoming project that uses RecordFlux for a complex real-world application, the compartmentalized implementation of TLS 1.3 for component-based operating systems.</p> - - - Tobias Reiher - - - RecordFlux on GitHub - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:00 - 00:25 - UD2.218A - chipsec - CHIPSEC on non-UEFI Platforms - Using CHIPSEC to harden firmware against attacks & exploits - Security - devroom - - <p>CHIPSEC is a firmware threat assessment tool used to help verify systems meet basic security best practices. The tool’s threat model is based UEFI, so other firmware threat models may cause failures in CHIPSEC modules. This session is a brief overview of the CHIPSEC, limitations of the tool, interpreting failures seen on different firmware implementations, and information on developing new test modules.</p> - <p>CHIPSEC is a firmware threat assessment tool used to help verify systems meet basic security best practices. CHIPSEC runs under Microsoft Windows, Linux, Mac OS X, and the UEFI Shell. The tool’s threat model is primarily based on Unified Extensible Firmware Interface (UEFI). However, other firmware may have different threat models that will cause failures in different CHIPSEC modules. This session is a brief overview of the CHIPSEC, limitations of the tool, failures seen on different types of firmware, and information on developing new test modules in Python.</p> - - Brian Richardson - - - CHIPSEC (github) - 2018 OSFC Session - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 14:30 - 00:25 - UD2.218A - base64_not_encryption - Base64 is not encryption - A better story for Kubernetes Secrets - Security - devroom - - <p>Secrets are a key pillar of Kubernetes' security model, used internally (e.g. service accounts) and by users (e.g. API keys), but did you know they are stored in plaintext? That's right, by default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Anyone with access to the etcd cluster has access to all your Kubernetes secrets.</p> - -<p>Thankfully there are better ways. This lecture provides an overview of different techniques for more securely managing secrets in Kubernetes including secrets encryption, KMS plugins, and tools like HashiCorp Vault. Attendees will learn the tradeoffs of each approach to make better decisions on how to secure their Kubernetes clusters.</p> - <p>This lecture and discussion outlines the current state of Kubernetes' security with respect to managing and securing Kubernetes Secrets.</p> - -<p>First, attendees will learn the current state of the world: a default Kubernetes cluster has secrets pretty widely exposed. We will talk briefly about how some cloud providers add additional layers of security, but the default is insecure.</p> - -<p>Next, attendees will learn about features released in Kubernetes 1.7 to allow for application-layer encryption of secrets. We will discuss the pros and cons of this approach, and walk through same code/live demo of it working in action.</p> - -<p>Next, attendees will learn about features released in Kubernetes 1.10 to allow for delegated application-layer encryption of secrets to a KMS provider. We will again discuss the pros and cons of this approach, show some code and live demos.</p> - -<p>Finally, attendees will see an example of a full secrets management on Kubernetes, using the open source HashiCorp Vault tool.</p> - -<p>Importantly, this talk is <em>not</em> a general security talk - it is specific to Kubernetes secrets. Specifically, there are no plans to discuss cluster-level security, firewall security, ACLs, or RBAC.</p> - - Seth Vargo - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:00 - 00:25 - UD2.218A - falco_container_monitoring - What are your users kubectl-ing into your Kubernetes cluster? - - Security - devroom - - <p>In any Cloud Native architecture, there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity.</p> - <p>In this talk, we’ll cover how we extended Falco, the container behavior monitoring tool to ingest events beyond just host system calls, such as Kubernetes audit events. We will also show how to create Falco rules to detect behaviors in these new event streams, eg: a user trying to create a serviceAccount or storing some credentials in a ConfigMap rather than on a Secret. -Attendees will gain a deep understanding of Kubernetes audit system, and how to audit and trigger events based on Kubernetes anomalous behavior.</p> - - Julio Garcia - - - Falco web page - Falco github - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 15:30 - 00:25 - UD2.218A - scale_auditing - Scale Your Auditing Events - - Security - devroom - - <p>The Linux Audit daemon is responsible for writing audit records to the disk, which you can then access with ausearch and aureport. However, it turned out that parsing and centralizing these records is not as easy as you would hope. Elastic's new Auditbeat fixes this by keeping the original configuration, but ships them to a centralized location where you can easily visualize all events. You can also use Auditbeat to detect changes to critical files, like binaries and configuration files, and identify potential security policy violations. This talk shows you what can you do to discover changes, events, and potential security breaches as soon as possible on interactive dashboards. Additionally, we are combining Auditd events with logs, which are security relevant.</p> - - - Philipp Krenn - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:00 - 00:25 - UD2.218A - spamassassin - Fighting spam for fun and profit - the long road to SpamAssassin 4.0 - Security - devroom - - <p>Using SpamAssassin at work and loving open source development lead me to improve SpamAssassin and to develop some features. -The upcoming release will contain lot of bug fixes and some new interesting and useful features. -This talk will be a trip towards the new version and finally to some ideas we have for the future.</p> - <p>This talk will be an explanation of some new feature of SpamAssassin and some features some people are using. -There will be news about official and unofficial plugins and rules and how to get the best out of SpamAssassin. -Some additional services that could be useful for other antispam services will be explained as well.</p> - - Giovanni Bechis - - - Project Homepage - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - 16:30 - 00:25 - UD2.218A - pkcs11_in_os - Consistent PKCS#11 in Operating Systems - improving user experience and security in RHEL and Fedora - Security - devroom - - <p>During last year, we worked hard to make cryptographic tokens usage consistent across the operating system and to improve its usability, mostly using the means of PKCS#11 URIs. This was done for both administrators and end users, in the end resulting in easier configuration of HSMs and authentication using smart cards and cryptographic tokens.</p> - <p>I will outline what we worked on to improve the user experience and support for smart cards, cryptographic tokens and HSMs across the operating system. I will share experience with implementing or improving this support across various applications, libraries and tools, experience with testing them and making sure they work together in Linux distribution. I will focus on the current state in Fedora and RHEL 8 and propose some future steps that we have yet to take.</p> - - Jakub Jelen - - - Video recording (WebM/VP9) - Video recording (mp4) - Submit feedback - - - - - - 14:00 - 02:00 - UD2.Corridor - keysigning - PGP Keysigning - - Keysigning - keysigning - - <p>The FOSDEM 2019 GPG Keysigning</p> - <p>The keysigning event takes place in the corridor on the second level of the U building. There is no fixed end time. Previous editions last for approximately one hour per 100 keys on the list. You must register before the conference to take part. Please bring the printed list, a pen and appropriate form of identification with you the event.</p> - -<p>Please note that you must register your key a week in advance of the conference.</p> - - FOSDEM Staff - - - Instructions - Submit feedback - - - - - - 10:00 - 01:00 - J.1.106 - bof_freedombox - FreedomBox Meetup - - BOFs (Track A - in J.1.106) - bof - - <p>This meetup welcomes all members of the FreedomBox community and anyone who wants to learn more! FreedomBox is a private server system that empowers regular people to host their own internet services, like a VPN, a personal website, file sharing, encrypted messengers, a VoIP server, a metasearch engine, and much more. It is designed to be secure, flexible, and simple. FreedomBox builds freedom into the internet by putting you in control of your activity and data on the net.</p> - <p>The FreedomBox software ecosystem is actively developed by a global community of contributors. Though we always welcome new contributors, many of our developers have been working on FreedomBox for years. Their expertise and steady contributions have grown FreedomBox into a flourishing software ecosystem. The community releases new versions of FreedomBox approximately once every two weeks, which usually include patches, new features, and UI updates. At freedombox.org, the latest version of the FreedomBox software is available for download for free. You can also find a video explaining how to set up a FreedomBox on the FreedomBox website, and you can learn more about the non-profit behind the project by going to freedomboxfoundation.org.</p> - - Danny Haidar - - - FreedomBox Software - FreedomBox Foundation - Mastodon - Twitter - Submit feedback - - - - 11:00 - 02:00 - J.1.106 - bof_replicant - Replicant Meetup - Meeting for the Replicant community - BOFs (Track A - in J.1.106) - bof - - <p>Replicant is a fully free Android distribution running on several devices, a free software mobile operating system putting the emphasis on freedom and privacy/security. This meeting is for everyone interested in the Replicant project (users, developers, devices vendors, etc). Among other things, we will discuss how to improve Replicant and the project's future directions. Everyone's point of view is welcome.</p> - - - Joonas Kylmälä - - - Project website - Blog post about this meeting - Submit feedback - - - - 13:00 - 01:00 - J.1.106 - bof_tinygo - TinyGo BoF - TinyGo compiler for microcontrollers and WASM - BOFs (Track A - in J.1.106) - bof - - <p>TinyGo is an exciting new compiler that brings the Go programming language to microcontrollers and WebAssembly. Come join us in mapping out the future roadmap and hacking on this awesome new project.</p> - <p>TinyGo is an exciting new compiler that brings the Go programming language to microcontrollers and WebAssembly. Come join us in mapping out the future roadmap and hacking on this awesome new project.</p> - - Ron Evans - - - Submit feedback - - - - 14:00 - 01:00 - J.1.106 - bof_sr_ht - sr.ht meetup - sr.ht users and devs - BOFs (Track A - in J.1.106) - bof - - <p>No description provided yet.</p> - - - ddevault - - - Submit feedback - - - - 15:00 - 01:00 - J.1.106 - bof_sway_wlroots - sway/wlroots meetup - - BOFs (Track A - in J.1.106) - bof - - <p>A few sway/wlroots devs will be there, and we'll release sway-1.0-rc1!</p> - - - emersion - - - Submit feedback - - - - 16:00 - 01:00 - J.1.106 - bof_openhmd - OpenHMD Community meeting - Open Source VR driver development, reverse engineering and community gathering of OpenHMD. - BOFs (Track A - in J.1.106) - bof - - <p>Gathering for the OpenHMD open source AR/VR community.</p> - <p>We have been working on a BOOST licensed driver for AR/VR/MR hardware for platform and hardware independent use. -During this BoF session we will go over the current state of Open Source VR, go over the progress we have made, and have open discussion about VR and Open Source. -In our 2017 session, we even hacked together basic camera support for the Oculus CV1, have fixed up our then recent Sony PSVR driver and made plans and collaborations with other Open Source developers.</p> - -<p>If you are interested in this field, develop games/engines, have experience with reverse engineering (USB), like Computer Vision or DSP logic, please come and hang out!</p> - - TheOnlyJoey - - - Website - Github - Twitter - Submit feedback - - - - - - diff --git a/FosdemTests/schedule_2022.xml b/FosdemTests/schedule_2022.xml deleted file mode 100644 index 0ab832e..0000000 --- a/FosdemTests/schedule_2022.xml +++ /dev/null @@ -1,25544 +0,0 @@ - - - - FOSDEM 2022 - - ULB (Université Libre de Bruxelles) - Brussels - 2022-02-05 - 2022-02-06 - 2 - 09:00:00 - 00:05:00 - - - - - 09:00 - 00:20 - K.fosdem - keynotes_welcome - Welcome to FOSDEM 2022 - - FOSDEM - maintrack - - <p>FOSDEM welcome and opening talk.</p> - <p>Welcome to FOSDEM 2021!</p> - - FOSDEM Staff - Richard Hartmann - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 01:00 - M.community - community_sustainable - Making a community-managed FOSS project sustainable in the medium- to long-term - Strategies and tactics - Community - maintrack - - <p>LibreOffice was announced in 2010. After 10 years, it was necessary to review and update the strategy based on the evolution of the office suite market, to improve the sustainability model. Enterprises are not supporting the project as much as individual users. Over time, this can represent a threat for the sustainability of the project. We have changed our strategy to educate enterprises about the right approach to FOSS, by giving back to ensure the long term sustainability of the LibreOffice project.</p> - <p>LibreOffice was announced in 2010 to relaunch innovation of the already stagnant OpenOffice project. After 10 years of growth, it was necessary to review and update the strategy based on the evolution of the office suite market, to improve the sustainability model. -In fact, enterprises - although deploying LibreOffice to save money over proprietary solutions - are not supporting the project as much as individual users. Over time, this can represent a threat for the sustainability, as development can be slowed down. -We have therefore changed our strategy to educate enterprises about the right approach to FOSS, by giving back in one of the many available ways: purchase the LTS version from the ecosystem, fund the development of a specific feature, pay for the solution of a bug or a regression, and so on. -The right approach from enterprises would ensure the long term sustainability of the LibreOffice project, and the evolution of the Open Document Format (ODF) ISO standard file format for true interoperability.</p> - - Italo Vignoli - - - Making a community-managed FOSS project sustainable in the medium- to long-term - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 11:00 - 00:30 - M.community - community_open_science - Empowered for Action: Making open Science Practical in the Global South. - - Community - maintrack - - <p>As research becomes more globalised and its output grows exponentially, especially in data, the need for open scientific research practices is more evident — the future of modern science. There is now a concerted global interest in open science uptake, but barriers exist. The formal training curriculum in most, if not all, universities in the global South do not equip students with the knowledge and tools to practice open science in their research or develop open-source tools. -To work openly, collaboratively, and build a community, there is a need for awareness and training in using and developing open science tools. Through the OpenScienceKE framework, we developed a model to narrow the gap: the sensitize-train-hack-collaborate model. Using the model, we sensitised through seminars, trained on the use of tools through workshops, applied the skills learned in training through hackathons to develop open-source tools collaboratively. In this talk, I will demonstrate the need to Contextualize open source to ensure that no one is left behind, especially the Global South, and highlight some of our work in building an empowered community.</p> - - - Caleb Kibet - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 12:15 - 00:45 - M.community - community_issue_backlog - We've got issues - or how we learnt to squish our bugs - Community - maintrack - - <p>This is the story of how we harnessed the power of the community, automation and good habits to reduce our issue burden and helped users be heard.</p> - -<p>5 years into its life and with vast number of users users, Element - a Matrix messaging client available on most desktop platforms, Android and iOS - had a growing backlog of bugs and enhancement requests. This is a common challenge faced by projects as they mature. I will share some of our lessons learnt and good practices that we have developed, and how our enthusiastic community is helping catch bugs earlier and process our backlog. While we have made good progress, we recognise that there are still further improvements to be made and will share some of our ideas for the future.</p> - - - Kat Gerasimova - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:00 - 00:45 - M.community - community_contributions - Tearing down Barriers for Contributions by Non-coders and Newcomers - - Community - maintrack - - <p>Contributions to Open Source Projects are always encouraged, especially from Newcomers and Non-coders. However, actually contributing as someone not familiar with the project, its workflows and its tools is usually everything but simple and requires a substantial time investment. This is especially the case if you are not a programmer or not as experienced with the technology in use, which can ultimately discourage otherwise potential willing contributors.</p> - -<p>This talk will illustrate concrete steps that you, the maintainers of Open Source Projects, can undertake to simplify the hoops one has to jump through for their first contribution. We will cover various tools that you can use for this, be it for communication, localization, editing or publishing, how to provide good introductory material and how to build a welcoming atmosphere.</p> - - - Dan Čermák - - - - - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:45 - 00:45 - M.community - community_mental_health - Nurturing Developer Communities in Unprecedented Times - - Community - maintrack - - <p>While the coronavirus pandemic continues to send shockwaves throughout almost all industries, it’s important for developers to nurture their communities in a well-efficient way and prepare them for the future. The overwhelmed communication systems, improving remote culture, and fostering community coordination are the three main areas on which we need to focus on. It is important to recognize that community development is an organic process, the listed steps (not in order) are to be considered on how we empower people, communities, and the industries around us:</p> - <p>Learn about the community -Listen to community members -Bring people together to develop a shared vision -Assess community assets and resources, needs and issues -Help community members to recognize and articulate areas of concern and their causes -Establish a 'vehicle for change’ -Develop an action plan -Implement an action plan -Evaluate the results of actions -Reflect and regroup</p> - -<p>People want to live in resilient and healthy communities. Well-being and positive mental health start here. Further mental health services need to consider how they harness the assets and strengths of communities in developing approaches that empower people in their recovery journeys.</p> - - Shivam Singhal - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:30 - 00:30 - M.community - community_questions - How to ask Good Questions in Open Source Communities - Better questions leads to better answers, saves time and makes you more productive - Community - maintrack - - <p>Good questions lead to better answers.</p> - -<p>Asking good questions is a must have skill for software developers, especially if you are involved in open source projects. The problem with poor questions is clear when the person answering starts explaining what you already know or what you think isn't relevant. Or they might go ahead and assume that you know a lot and you end up being confused.</p> - -<p>In this talk, Navendu walks through his experience as an open source contributor and a maintainer and how he was able to improve this skill and how it has benefitted him.</p> - -<p>This quick session is for junior and senior developers alike and offers real examples and takeaways that you can start implementing right away.</p> - - - Navendu Pottekkat - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 12:00 - 00:30 - M.misc - misc_databases - State of Open Source Databases - A discussion on the changes, trends, and database technologies that are going to impact your business in the next 12-18 months. - Miscellaneous - maintrack - - <p>It has been an exciting year in the open-source database industry, with more choice, more cloud, and key changes in the industry. We will dive into the key developments over 2021, including the most important open-source database software releases in general, the significance of cloud-native solutions in a multi-vendor multi-cloud world, the new criticality of security challenges, and the evolution of the open-source software industry.</p> - - - Peter Zaitsev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 01:00 - M.misc - crowdsecurity - Crowdsecurity - A participative IDS/IPS - Miscellaneous - maintrack - - <p>The <a href="https://github.com/crowdsecurity/crowdsec/">CrowdSec</a> project aims at providing a crowdsourced approach to common infrastructure defense problems, by distributing free &amp; open-source software allowing to protect yourself and share information about malevolent actors. These software components, of which Crowdsec is the main piece, work by processing logs and enriching them, to apply behaviour-based scenarios (heuristics) that will identify attacks pattern. One of the core concepts of Crowdsec is to separate the detection of an attack and its reaction, to be suitable for modern architectures. While Crowdsec is in charge of the detection, the reaction is performed by "bouncers" that aim to be deployable at any level of the applicative / infrastructure stack.</p> - <p>The <a href="https://github.com/crowdsecurity/crowdsec/">CrowdSec</a> project aims at providing a crowdsourced approach to common infrastructure defence problems, by distributing free &amp; open-source software allowing you to protect yourself and share information about malevolent actors. -These software components, of which Crowdsec is the main piece, work by processing logs (or more generally information stream) and enriching them, to apply behaviour-based scenarios (heuristics) that will identify attacks pattern.</p> - -<p>One of the core concepts of Crowdsec is to decorrelate the detection of an attack and its reaction, to be suitable for modern architectures. -While Crowdsec is in charge of the detection, the reaction is performed by "bouncers" that aim to be deployable at any level of the applicative / infrastructure stack : - - as a nftables/iptables daemon "a la fail2ban" - - as a nginx plugin - - as a wordpress plugin - a kubernetes ingress controller - - etc.</p> - -<p>We hope that this approach, combined with a declarative configuration and a stateless behaviour, will make it an ideal candidate to enhance the security of modern stacks (containers, k8s, serverless and more generally automatically deployed infrastructures). -We are committed to building a strong community, with all that it implies : - - <a href="https://hub.crowdsec.net">a public hub</a> to find, share and amend parsers, scenarios and bouncers. - permissive open-source licence to stay business-friendly</p> - -<p>and overall a strong commitment to transparency and community-first mentality, by tooling and behaviour</p> - - Thibault Koechlin - - - - - gh repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 16:00 - 00:45 - M.misc - misc_network_automation - Open Source Network Automation in 2022 - How to build a Network Automation strategy around Open Source tooling - Miscellaneous - maintrack - - <p>Network Automation has evolved a lot on the last years, adopting a lot of the practices from SDLC (Software Development Life Cycle) but with the intrinsic constraint of networking services. In this talk you will learn about which are the challenges and common use cases around network automation, for instance: configuration management, user-driven workflows, infrastructure as Code (for hybrid and multi clouds) or close-loop automation using Telemetry. -You will realise how a lot of open source projects are coming together to provide solutions to the previous challenges from different angles and how you could connect them together to start building a network automation strategy that could transform your network with lower OPEX, improved reliability and security, and increased innovation.</p> - - - Christian Adell Querol - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 17:00 - 01:00 - M.misc - misc_ntfs_rust - Implementing the NTFS filesystem in Rust - Reusable code from firmware level up to user-mode - Miscellaneous - maintrack - - <p>Time has come to rewrite our system software in Rust and leave the pitfalls of C behind. This also includes basics such as filesystem support. -I took on the challenge to implement NTFS, the primary filesystem used by Windows, in a Rust crate that is equally usable from the firmware level up to user-mode.</p> - -<p>While Rust has been conquering the system software landscape for the past few years, there are next to no examples for implementing filesystems. -Likewise, NTFS only has a single major open-source implementation known as ntfs-3g, and it was developed in C over a decade ago.</p> - -<p>This talk will cover my motivation for targeting NTFS and various use cases for such a Rust crate. I will introduce you to the internals of the NTFS filesystem, how they influenced the crate's design, and how Rust's features can be leveraged to create a safe and maintainable implementation. My talk will cover the current implementation, but also the necessary iterations until I got there. -Finally, we will also deal with the current limitations of the Rust ecosystem and possible future improvements to the crate.</p> - -<p>You will see that Rust has many advantages for implementing filesystems, and I hope to see more such crates in the future.</p> - - - Colin Finck - - - - - Announcement - GitHub repository - ntfs crate at crates.io - Documentation at docs.rs - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 10:00 - 01:00 - M.rtc - rtc_jitsi - Jitsi: 20 years of Real Time Communications - How the Jitsi project has adapted and remained current in the RTC industry for almost 20 years - Real Time Communications - maintrack - - <p>The Jitsi project was founded almost 20 years ago, under a different name and just for academic purposes.</p> - -<p>Almost 20 years later, the project could not be in a better shape! It has gone through a name change and several acquisitions by large corporations, while remaining current in the industry and innovating all along.</p> - -<p>This presentation will take a trip down memory lane and see where Jitsi came from, how it has managed to stick around for so long, and what the future holds.</p> - - - Saúl Ibarra Corretgé - - - - - Wikipedia entry - Main project website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 11:00 - 00:45 - M.rtc - rtc_webrtc - The Future of WebRTC - New APIs, WHIP, edge and web 2.5 - Real Time Communications - maintrack - - <p>What is new in WebRTC, what can we expect to see in the next couple of years? -I'll describe some new APIs and speculate on how they might be used. -I'll introduce whipi (an opensource implementation of the new WebRTC Ingest Protocol) and use it to illustrate how the WebRTC world is changing. -I'll try to predict some new usages of WebRTC - niche high value apps. -Finally I'll describe how to create a decentralized web -(aka web 2.5) using the datachannel and existing browser technology.</p> - <p>We've all spent a lot of time using centralized video conference services in the last months. -We have got a huge amount done at home whilst behind NAT on domestic ISP connections. -This has all been possible due to webRTC's design.</p> - -<p>This talk tries to look beyond that usecase to new less business orientated realtime media and data apps that are enabled by new(ish) APIs.</p> - -<p>For economic,privacy and ecological reasons I'll emphasize apps that move computing to the edge. -It will cover Baby monitors, robots, yoga classes and P2P web services and other surprising stuff...</p> - - Tim Panton - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 12:00 - 00:45 - M.rtc - rtc_whip - WebRTC broadcasting with WHIP - - Real Time Communications - maintrack - - <p>The broadcasting industry has for years been dominated by a specific set of technologies (RTMP, HLS, etc.) that, while effective, suffer from high latencies and so are not always a good option. The IETF has started to look into WebRTC for that, starting from ingestion using the WHIP protocol. This presentation will introduce WHIP, some existing implementations, and how this could be expanded to distribute streams to a wide audience via WebRTC as well.</p> - <p>The broadcasting industry has for years been dominated by a well known and specific set of technologies (RTMP, HLS, etc.). These solutions do work and are widely deployed, taking advantage of CDNs for distributing streams to a potentially very large audience in an effective way. That said, they do suffer from some limitations, the stronger one being a high latency that cannot really be reduced, if not slightly. Considering there are scenarios where a very low latency may be desired, WebRTC has started to gain some traction, due to its real-time nature that, although originally conceived for conversational scenarios, has actually often used for streaming purposes as well.</p> - -<p>When it comes to broadcasting, there are two main aspects to take into account: ingestion (providing a stream to broadcast) and distribution (feeding the stream to an audience). The IETF has started addressing ingestion in the WISH Working Group, with a draft describing the WHIP protocol. This presentation will introduce what WHIP is, its requirements, and how it's supposed to work, plus some details on existing implementations. It will then move to some considerations on how distribution could be handled via WebRTC as well, possibly at scale, using the open source Janus WebRTC Server as a reference implementation.</p> - - Lorenzo Miniero - - - - - - WISH Working Group charter - WHIP draft (01) - Blog post on WHIP - IETF 112 WHIP Hackathon - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:00 - 01:00 - M.rtc - rfc_rest_future - On the Far Side of REST - An Architecture for a Future Internet - Real Time Communications - maintrack - - <p>REST, the architecture underlying the web's protocols, has proven its benefits in creating a globe-spanning, decentralized information network. However, REST is showing its age - it was designed when surveillance capitalism, identity theft, information warfare, and other threats were largely hypothetical concerns. Unavoidably, REST leaves many of these issues unaddressed. Best practices fill some gaps, but may not be universally adopted.</p> - -<p>The Interpeer Project has been awarded a grant from the Internet Society Foundation for research and development into a next generation architecture that addresses current and future Internet user needs. Such an architecture needs to embrace the strengths of REST, incorporate known best practices, but ideally make worst practices impossible.</p> - -<p>This talk presents the issues with REST in some detail and lays out proposed solution sketches. The ideal is to invite participation, however. The 'net needs a wide range of view points to be fixed.</p> - <p>In 2000, Roy Fielding published his dissertation on Representational State Transfer. Fielding had been actively working on the HTTP standards, which were guiding by informal design principles that REST formalizes. The talk will revisit this architectural style to disambiguate it from how the REST term has become applied since.</p> - -<p>Much as software freedoms exist, we need to address "internet user freedoms", and their relationship to human rights. Existing internet technology must be evaluated in this light, in how it supports or hinders human rights.</p> - -<p>In this presentation, architectural properties and constraints in the REST architectural style will be analyzed, with regards to the previous discussion as well as technical requirements. We will explore additional properties, and their effect on the architectural style.</p> - -<p>The talk will also provide background on concrete work already done or underway on this and adjacent topics.</p> - -<p>Finally, we'd like to briefly introduce the non-profit organization created to support work on this project. If we are to create a better digital world, we'll need patience and all the help we can get.</p> - - Jens Finkhaeuser - - - On the Far Side of REST - - - Interpeer Project - #interpeer on libera.chat via element.io matrix bridge - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:00 - 00:45 - M.rtc - rtc_unifiedpush - UnifiedPush - A FOSS cross-platform push notifications protocol - Real Time Communications - maintrack - - <p>Our mobile devices have various apps that need updates from various servers at various intervals. Each app connecting to its own server on its own schedule, perhaps using inefficient technologies, can cause a lot of battery drain. Push Notification services are systems that can route all the important updates our devices need - whether they're instant message, VoIP, or social updates - into one shared channel.</p> - -<p>Unfortunately, the status quo in push notification services rely on centralized, proprietary services hosted by a third party. UnifiedPush is a set of free and open source specifications that allow you to get push notifications while picking your own hosting provider. This presentation goes over the history of UnifiedPush, current state of the project and architecture, and what the future goals of UnifiedPush are. It also discusses push notifications on Linux phones.</p> - - - Karmanyaah Malhotra - - - - - - UnifiedPush website - UnifiedPush users intro - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 00:45 - M.rtc - rtc_webrtc_ai_ml - Backgrounds are blurry, but the future is clear - More AI and ML in WebRTC applications - Real Time Communications - maintrack - - <p>Machine learning models have made it to the browser. Virtual backgrounds and background blurs are everywhere! Many recent developments including Tensorflow WASM backend, smaller ML models, pre-trained model repositories have enabled widely used virtual backgrounds and backgrounds blurs.</p> - -<p>This talk will explore how a simple background blur works, how developers can code their own blur for a WebRTC call, and most interestingly - what other ML/AI applications can be built using the same framework</p> - <p>Machine learning models and inferences are being run on the browser and have become very performant. Libraries and frameworks like mediapipe, bodypix have made it easy to integrate ML-based experiences into a WebRTC call with relative ease. We're still in the early days of discovering their possibilities in web applications.</p> - -<p>In this talk, we will walk through how Daily integrated mediapipe in its WebRTC library. We will explore:</p> - -<ol> -<li>How segmentation models, like the ones used blur backgrounds, work.</li> -<li>How one can integrate an ML segmentation library (like mediapipe) in a WebRTC video call.</li> -<li>What other sorts of custom video applications and experiences one can build using a tech stack like these.</li> -</ol> - - -<p>Hopefully, this leaves the audience with ideas for writing custom video processors that might enable the next generation of video experiences on WebRTC.</p> - - Ravindhran Sankar - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 16:00 - 00:30 - M.rtc - rtc_media_streaming_mesh - Introduction to Media Streaming Mesh - Enabling Real-Time Media Applications in Kubernetes - Real Time Communications - maintrack - - <p>The cloud-native approach based on containerized micro-services has transformed the software landscape but is largely focused on non-real time web-based applications, especially in the case of service meshes which use web proxies to interconnect workloads. Media Streaming Mesh uses real-time media proxies to observe, route, encrypt and protect north-south and east-west media traffic.</p> - -<p>This talk introduces the Media Streaming Mesh architecture and its use-cases, gives an update on implementation status, and acts as a call to arms to recruit more contributors.</p> - - - Giles Heron - - - Introduction to Media Streaming Mesh - - - GitHub project - ServiceMeshCon talk (using earlier name of project) - Tech Blog post on MSM - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - - - 13:00 - 00:20 - L.lightningtalks - lt_timewarrior - Tracking your time with Timewarrior - - Lightning Talks - lightningtalk - - <p>Time tracking is a task many people have to deal with. Be it for writing bills for your client, creating time reports for your company, or simply because you are curious what you are doing with your time all day. Timewarrior is a tool that lets you track your time easily from the command line – it does its job then gets out of your way.</p> - <p>The presentation wants to give you an overview of what Timewarrior can do for you (and what not), and how you can adapt Timewarrior to your needs.</p> - -<p>The talk is aimed at new users, but everyone is welcome to join the Q&amp;A session afterwards.</p> - - Thomas Lauf - - - - - The homepage of the Timewarrior project - Timewarrior repository on GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:20 - 00:20 - L.lightningtalks - lt_reconfigure - Reconfigure from all over - The case of interdisciplinary open-source communities - Lightning Talks - lightningtalk - - <p>As a means of enabling distributed collaboration, open-source enables people from many different disciplinary backgrounds to participate in research projects to which they would otherwise not have access. Additionally, open-source allows for reconfigurable expertise, or the ability to combine people from different backgrounds in ways depending on the task at hand. This talk will discuss the challenges associated with spontaneous interdisciplinary, in addition to opportunities provided by reconfigurable expertise. Examples from three open-source communities: OpenWorm Foundation, Rokwire Community, and the Orthogonal Research and Education Lab. The community building aspects of maintaining members for this type of adaptive and resilient resource are also addressed. When applied to academic-based communities, the ability to reconfigure working groups based on both the immediate and long-term needs of expertise is a valuable model for project management.</p> - - - Bradly Alicea - - - Reconfigure From All Over - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:40 - 00:20 - L.lightningtalks - lt_humidity_data - Measuring and analyzing humidity data using Python, syslog-ng and Elasticsearch - - Lightning Talks - lightningtalk - - <p>A desktop thermometer that displays relative humidity is useful, but it does not provide continuous monitoring. In comes the Raspberry Pi: it is small, inexpensive, and has many sensor options, including temperature and relative humidity. It can collect data around the clock, do some alerting, and forward data for analysis.</p> - <p>Originally it was a project to practice Python and learn Elasticsearch, but ended up with using syslog-ng between the two. Along the way, I also learned how to regulate humidity in my room. In my talk, I plan to cover the following topics:</p> - -<ul> -<li><p>collecting environmental data on the Rasbperry Pi using Python</p></li> -<li><p>configuring Elasticsearch to work around a syslog-ng limitation</p></li> -<li><p>configuring syslog-ng to forward the collected data to Elasticsearch / OpenSearch</p></li> -<li><p>take a look at the graphs in Kibana and learn how to keep humidity low in your room</p></li> -</ul> - - - Peter Czanik - - - Measuring and analyzing humidity data using Python, syslog-ng and Elasticsearch - - - sudo/syslog-ng/personal blog - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:00 - 00:20 - L.lightningtalks - lt_jupyter - Jupyter for React.js developers - React.js components to build your custom data product with Jupyter - Lightning Talks - lightningtalk - - <p>Jupyter notebook is a tool that allows Data Scientist to analyse dataset. However, it is not easy to create a custom user interface integrated in an existing application.</p> - -<p><code>Jupyter React</code>, https://github.com/datalayer/jupyter-react, an open-source library, fills that gap and provides components that a developer can easily integrate in any React.js application.</p> - <p>The Jupyter user interface stack is built on top of Lumino, which is an imperative way to build user interface and can not be consumed by industry standard declarative frameworks like React.js.</p> - -<p>As a user interface developer, if you want to create a custom data product on top of Jupyter, you have to stick to Lumino and update the existing notebook interface. This is not what you want. You want your toolkit (like React.js) and you want to integrate on a component basis the Jupyter functionality in your application.</p> - - Eric Charles - - - - - - React.js - Jupyter React - Jupyter React Examples - Jupyter Docusaurus - JupyterLab - Lumino toolkit - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:20 - 00:20 - L.lightningtalks - lt_cmod - C meta-programming for the masses with C%: cmod - - Lightning Talks - lightningtalk - - <p><strong>C%</strong> (from "C with mods") is an experimental meta-programming language that aims to make coding in C more efficient and fun!</p> - -<p>Together with <strong>cmod</strong>, the reference pre-processor/code generator (written using <strong>C%</strong> itself), this project enables the C programmer with generic meta-programming constructs such as: parameterized verbatim code snippets, mapping code to static data tables (in TSV or JSON format), multi-pass code evaluation (allowing meta-meta-programming), compile-time command execution (allowing code generation from any other software/language), etc. as well as C-specific constructs such as: function types, named parameters, selection over strings and structs, etc. The <strong>C%</strong> standard library provides convenience constructs for inclusion in C programs.</p> - <p>Some of the things that <strong>C%</strong> aims to make achievable are:</p> - -<ul> -<li><strong>Reusability</strong>: Avoid code duplication.</li> -<li><strong>Consistency</strong>: Use the same data across different locations.</li> -<li><strong>Efficiency</strong>: Perform common tasks quick and easy.</li> -<li><strong>Concision</strong>: Write and work with concise code.</li> -<li><strong>Expressivity</strong>: Better express the intent of code.</li> -<li><strong>Transparency</strong>: Hide nothing from the programmer.</li> -<li><strong>Abstraction</strong>: Handle similar things in a uniform manner.</li> -<li><strong>Extensibility</strong>: Easily add new functionality.</li> -<li><strong>Simplicity</strong>: Keep the language simple but powerful.</li> -</ul> - - -<p>All while keeping with the spirit of C: <em>trust the programmer and don't prevent the programmer from doing what needs to be done</em>!</p> - -<p>Beyond C meta-programming, <strong>C%</strong>'s generic keywords enable meta-programming in other languages such as Python, Flex/Bison, etc.</p> - -<p>For full documentation, please refer to the <a href="https://gitlab.com/seirios/cmod/-/blob/master/README.md" title="README">README</a>.</p> - - Sirio Bolaños Puchet - - - C meta-programming for the masses with C%: cmod - - - Code repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:40 - 00:20 - L.lightningtalks - lg_qbe - Introduction to qbe - A lightweight compiler backend - Lightning Talks - lightningtalk - - <p>qbe is an optimizing compiler backend which consumes programs in a simple intermediate language, optimizes them, and emits assembly for x86_64, aarch64, or riscv64, aiming to achieve "70% of the performance" of advanced compilers like LLVM in "10% of the code". This talk will briefly introduce qbe and its intermediate language, explain how it works and what it's capable of, and go over some sample programs which can be written in it.</p> - - - Drew DeVault - - - Slidedeck - - - qbe - cproc C compiler - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 00:20 - L.lightningtalks - ld_interplanetary_wheels - InterPlanetary Wheels - A resilient approach to distributing software - Lightning Talks - lightningtalk - - <p>InterPlanetary Wheels (IPWHL) are platform-unique, singly-versioned Python built distributions backed by IPFS for security and reproducibility. -Using the peer-to-peer file system IPFS, the distributions have the advantage of being easily replicated and not having a single point of failure, thus are more resilient. -While this project targets at Python package in particular, the idea can be similarly applied to other software distributions such as Linux distributions.</p> - - - Huy Ngo - - - Slides preview - transcript - - - Project page - Project documentation - IPFS home page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:20 - 00:20 - L.lightningtalks - lt_webrecorder - Making the web preservable with open source tools - An overview of Webrecorder tools - Lightning Talks - lightningtalk - - <p>The modern web has viewers for all sorts of formats that can be loaded in the web browser, except for other web sites. -The 'Save Page As' feature doesn't really work for most -modern web pages. -This talk will briefly cover the work of the Webrecorder project, from creating a new web archiving format to browser extensions and viewers, -in making archiving and preserving the modern web more accessible to all!</p> - - - Ilya Kreymer - - - Browser Based Web Archiving - - - Webrecorder Home Page - ArchiveWeb.page Extension and App - ReplayWeb.page Viewer - WACZ Format Specification Draft - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:40 - 00:20 - L.lightningtalks - lt_vicious_circle - Let's escape this vicious circle - - Lightning Talks - lightningtalk - - <p>Privacy on the internet is stuck in a vicious circle involving tech and legislation, which we need to escape.</p> - <p>It takes far too long for legislators to transpose directives. The data industry uses an arsenal of dark patterns and technical stunts to creatively interpret or completely circumvent the applicable law.</p> - -<p>A new approach is needed to solve this problem in a sustainable way and make the web a better place again. In our talk we will give a brief insight into problematic patterns and techniques as well as approaches to overcome them.</p> - -<p>We are Frederik and Hendrik. We're building a fair and open web analytics tool and want to share what we discovered along the way with the FOSDEM audience. This lightning talk will be given by us together.</p> - - Hendrik Niefeld - - - Let's escape this vicious circle - - - Offen - Fair web analytics - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 16:00 - 00:20 - L.lightningtalks - lt_3d_exhibitions - Generating virtual 3D exhibitions from Wikipedia - Let's dive into some rabbit holes with The Everything Exhibition! - Lightning Talks - lightningtalk - - <p>Wikipedia and Wikimedia Commons are a treasure trove of free information about a lot of topics! Wikipedia alone contains over 50 million articles in almost 300 languages. We're building a new, fun way to explore this content: "The Everything Exhibition" is an open-source generator that creates interactive, virtual 3D exhibitions on arbitrary topics, which you can explore in the browser! It has a multiplayer mode, so you can visit the exhibitions in groups. And, other than in a real museum, you can scribble on everything!</p> - <p>In this talk, we want to introduce you to how the generator works, and show you our current progress. We're using the 3D rendering engine three.js, and defined a simple datastructure for describing the exhibition content, to make the generator arbitrarily extendable. We'll go into which algorithms we tried for creating the room layouts, share what we learned in our playtest sessions, and talk about what's next.</p> - -<p>With this project, we especially have young people in mind, who are often already used to 3D games and environments. But the Everything Exhibition allows everyone to <em>really</em> get lost in these delicious rabbit holes! :D</p> - - blinry - bleeptrack - - - - - Git repository - Visit the Exhibition! - Getting in touch - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - - - 11:00 - 00:45 - D.apache-openoffice - openoffice_overview - Project Overview 2021/22 - - Apache OpenOffice - devroom - - <p>We will look at the Year 2021, check out what has worked out what did not work out. -We will look at the most imortant things that we need for 2022. -And we will talk about things around the Project</p> - - - Peter Kovacs - - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:45 - 00:45 - D.apache-openoffice - openoffice_linux_packaging - Revisiting the Linux packaging for Apache OpenOffice - - Apache OpenOffice - devroom - - <p>The current Linux packaging used by Apache OpenOffice is inefficient in many ways. We can take advantage of technologies like AppImage, snap and flatpak in order to make OpenOffice easier to install for Linux desktop users, while saving disk space for releases at the same time.</p> - - - Andrea Pescetti - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:45 - D.apache-openoffice - openoffice_translation - Translation - How can it go on? - Apache OpenOffice - devroom - - <p>Discussion about the way to work on translating UI and Help.</p> - - - Mechtilde Stehmann - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:45 - D.apache-openoffice - openoffice_containers - How to build OpenOffice today - Virtual machines and containers - Apache OpenOffice - devroom - - <p>Building OpenOffice is not an easy task. The purpose of this presentation is to show how it is possible to leverage virtual machines and containers to: - 1- make this task easier and as much automatic as possible, - 2- avoid filling our computers with packages and libraries we may never need otherwise, - 3- build different releases (trunk, 4.1.x), for different operating systems, on the same computer.</p> - - - Arrigo Marchiori - - - Presentation slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:45 - D.apache-openoffice - openoffice_build - The way to a new build Environment - goto SCONS - Apache OpenOffice - devroom - - <p>The way to a new build Environment: goto SCONS</p> - - - Peter Kovacs - - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:45 - D.apache-openoffice - openoffice_testing - Apache OpenOffice Verification Testing - Build and Functional Testing with JUnit - Apache OpenOffice - devroom - - <p>The talk will discuss current state of Unit testing in the Apache OpenOffice project and the effort to update the test suites to be useful standalone to run tests against an installed office without being tied to the OpenOffice build process. Also areas where Java developers could get involved.</p> - - - Carl Marcum - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:30 - 00:30 - D.collab - collaboniro - Oniro - an open-source starter for fast-paced IoT environments - A retrospect on an open-source project development - Collaboration and Content Management - devroom - - <p>In this presentation Sebastian shares project experience gained over nearly 2 years of the Oniro project development in the area of product research &amp; development. He starts with the initial assumptions and various criteria that team members intended to apply to the work done. It was a very interesting experience to apply a product-driven approach to highly-paced open-source projects nowadays. Thus, the great effort was put in order to receive maximum value from products intended to deliver to the market. Ettore is an Embedded Linux Developer, and joins to share the partner experience as he is part of the Hardware Enablement Team for SECO.</p> - <p>In this talk, Sebastian is going to present a few product management principles, how they were applied to the project and what lessons were learnt in this process. The talk is filled with a few open source projects (e.g. GitLab, OpenProject and others) and how they were applied to the tasks we were faced with. Work package structures and workflows applied were also described to supplement the presentation. To conclude, Ettore joins the talk as representative of one of the Oniro Project partners, SECO, describing how was the experience in the last year, as an Internet of Things Hardware manufacturer.</p> - -<p>If you are building an open source community or are aiming to build one, this talk might be an interesting option for you.</p> - - Ettore Chimenti - Sebastian Serewa - - - Slides from the talk - - - Oniro - The Distributed Operating System That Connects Consumer Devices - Oniro sources - Oniro Videos - Our incubation and initial development environment - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.collab - collabinteroffice - INTEROFFICE - Making CryptPad more interoperable with common office formats - Collaboration and Content Management - devroom - - <p>The import and export of common office formats (.ods/.xlsx, .odt/.docx, .odp/.ppt) is taken for granted in many online office suites. However, in the case of CryptPad, implementing such functionality presents a number of challenges to preserve our privacy requirements. This has long held back adoption of our platform as it prevented users from migrating existing documents and/or integrating CryptPad in their workflows.</p> - -<p>In this talk I will summarize our work on INTEROFFICE, a project realized by the CryptPad team in 2021 with funding from the EU's Next Generation Internet (NGI) DAPSI program. The core of this work consists of a new set of converters that use Web Assembly to perform conversions between file formats in the browser. This allows for CryptPad to be vastly more inter-operable while preserving end-to-end encryption (the server still has no access to the content being converted).</p> - -<p>Speaking as the designer on the team, I will focus on the research we conducted with users and on the ways this new functionality is making its way into CryptPad's interface.</p> - - - David Benque - - - - - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.collab - collabtracim - Tracim, the helping hand for all your collaboration needs - Come discover Tracim and its architecture - Collaboration and Content Management - devroom - - <p>Tracim is a web-based collaboration software mainly written by the Algoo company. Main specificities are well-integrated functionalities and intuitive UX. It aims to be easy to use for any kind of people wanting to work in teams.</p> - -<p>During this talk, I will tell you about Tracim architecture. You will discover the components and the reasons behind major design choices. Then I will detail more specifically a technical feature which brings Tracim users an interactive experience when collaborating with others.</p> - - - Sébastien Grignard - - - Tracim Slides - - - The main Tracim website, only in French. - Tracim's source code repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 01:00 - D.collab - collabxwiki - XWiki as an FOSS alternative to Confluence and Notion - Status in 2021: realtime editing, livedata feature, confluence migrator and macros - Collaboration and Content Management - devroom - - <p>XWiki is a structured wiki engine developed as Open Source since 2004, providing wiki-style collaboration for organizations, with many built-in features and countless extensions. XWiki has pioneered wikis by including structured data on the same level as free text content, thus enhancing significantly the expressiveness of the built knowledge bases; this same usage is also popularized by Confluence and Notion, with different user experience choices and more importantly with business models that are keeping user's data locked-in on the Cloud or in proprietary software.</p> - -<p>In this talk we will present XWiki's journey to provide the best FOSS alternative to proprietary knowledge management tools, based on both current features and future roadmap.</p> - -<p>We will showcase XWiki's approach for collaboration on text &amp; structured data, including the newly conceived "livedata" component for inline editing of structured tabular data as well as the new realtime editor based on the realtime editing technology from CryptPad.</p> - - - Ludovic Dubost - Anca Luca - - - - - XWiki Open Source Software - XWiki Live Data - XWiki Realtime Wysiwyg Editor - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 01:00 - D.collab - collabnextcloudin2021 - Nextcloud in 2021 - Overview of 3 releases and a bit under a million features - Collaboration and Content Management - devroom - - <p>Nextcloud did 3 major releases in 2021, one of which we named "Nextcloud Hub II"because it was such a big step forward for online collaboration. Let's go over what is new!</p> - <p>A short overview: -* Nextcloud 21 brought major performance improvements with the High Performance Back-end for Files and other improvements. -* Nextcloud 22 brought user-defined groups and workflows, document signing integration, a knowledge base, and many Talk improvements. -* Nextcloud 23 or Hub II introduced Nextcloud Office, appointment booking, background blur, permissions and more in Talk, Nextcloud Backup, AIO docker image, and much more.</p> - -<p>Join the talk for more details!</p> - - Jos Poortvliet - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.collab - collabonlyoffice - Introducing ONLYOFFICE Forms for paperwork automation and smart collaboration - - Collaboration and Content Management - devroom - - <p>Everyday lots of people have to deal with agreements, contracts, budget plans, and other similar documents. In this regard, an ability to automate work with such files seems appealing. With this understanding in mind, ONLYOFFICE has been working on Smart Forms intended for optimization of file creation and collaboration in any document flow.</p> - -<p>In our presentation, we’ll tell you about the newly introduced ONLYOFFICE Forms, new formats (DOCXF and OFORM) built with the purpose of creating standardized document templates and working with them through specifically designed interface elements in ONLYOFFICE Docs.</p> - -<p>Presentation milestones:</p> - -<ul> -<li>What's the difference between ONLYOFFICE Forms and Content Controls</li> -<li>OFORM and DOCXF</li> -<li>How Smart Forms work in ONLYOFFICE</li> -<li>Form sharing</li> -<li>Data protection in forms</li> -<li>Creating and filling PDF files in ONLYOFFICE Docs</li> -<li>Using ONLYOFFICE Forms in your infrastructure (e.g. Nextcloud, Alfresco, Redmine, etc.)</li> -<li>Roadmap for smart form development</li> -</ul> - - - - Alex Mikheev - - - Introducing ONLYOFFICE Forms (PDF) - - - Introducing ONLYOFFICE Forms - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.collab - collabcarbonio - How to overcome development challenges when building self-hosted collaboration platform - Our experience with Carbonio Community Edition - Collaboration and Content Management - devroom - - <p>While the world is moving toward SaaS and Cloud infrastructures, many companies want to keep things in a self-hosted platform or in a private cloud. We’ll talk about all the challenges of building a product that gives users complete control over their data, and how we overcame them, such as migrating from a monolith to services to allow scalability, managing secure service discovery, detaching database from the infrastructure, or managing an easy service installation without any orchestrator. In January, we have released Carbonio CE (Community Edition) source code to show the results of our work. Contributors are welcome!</p> - - - Domenico Stragliotto - Davide Baldo - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 01:00 - D.collab - collabcsp - Deploying Containerised Open-Source CSP platforms - Alfresco and Nuxeo in action! - Collaboration and Content Management - devroom - - <p>Understand containerised deployment with Open-Source CSP (Content Service Provider) platforms. Both Alfresco and Nuxeo products provide an easy Docker Compose deployment that allow early adopters and enthusiast developers to use the platforms.</p> - <p>Public deployment templates are be provided, including detailed instructions on how to use them:</p> - -<ul> -<li>Alfresco deployment using https://github.com/alfresco/alfresco-docker-installer</li> -<li>Nuxeo deployment using default Docker Image from https://github.com/nuxeo/docker-nuxeo</li> -</ul> - - - Angel Borroy - - - Deploying Containerised Open-Source CSP Platforms - - - Alfresco GitHub - Nuxeo GitHub - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:20 - 00:40 - D.cad - advanced_sim - Advanced PCB simulation with KiCad - Introduction to IBIS and FEM-based simulations - Computer Aided Modeling and Design - devroom - - <p>Faster computations, faster communication speeds, faster everything. Today electronics can use data rates of several gigabits per second. At such speed wires and tracks are far from being perfect, bugs and glitches may arise because of them. Even low-speed designs are not safe and can encounter high-speed problems because they use high-speed capable chips.</p> - -<p>While the electronic CAD software KiCad has the tools to design high-speed boards, there is no tool to validate them. The usual way is to apply all good practice rules, even if they are sometimes overly conservative and might waste some board space. The layout plays an important part in both PCB performance and cost. A PCB simulator, integrated into KiCad, would help designers to find their balance between the two. This presentation is a short introduction to IBIS and FEM, tools that will most certainly be needed for such high-speed simulations, and provides application examples.</p> - - - Fabien Corona - - - Advanced PCB simulation with KiCad - - - IBIS parser and modeler, experimental - Sparselizard-based FEM simulation, with data coming from KiCad PCB's editor, experimental - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 01:00 - D.cad - freecad_link - FreeCAD Link Branch Development - What's done and what's to come - Computer Aided Modeling and Design - devroom - - <p>This will be joint presentation between realthunder and officinerobotica. The talk will first give a brief introduction of FreeCAD and its Link Branch, and then proceed to talk about its development in the past year with reference to the talk in FOSDEM21. New features will be presented by walking through the construction of a CAD model using FreeCAD. The talk will finish by highlighting new features in development and the road map ahead.</p> - - - Florin Curelariu - LEI ZHENG - - - - - Github project page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:20 - D.cad - librepcb - LibrePCB Status Update - - Computer Aided Modeling and Design - devroom - - <p>A short overview about the progress and the current state of the LibrePCB project.</p> - <p>LibrePCB is an Open-Source EDA software to design PCBs, providing the following advantages:</p> - -<ul> -<li>Cross-platform: Windows/Linux/MacOS/Others | x86/ARM</li> -<li>Intuitive &amp; easy-to-use UI</li> -<li>Powerful library concept</li> -<li>Human readable file format</li> -</ul> - - - Urban Bruhin - - - Slides - - - Website - GitHub Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:20 - 00:20 - D.cad - ngspice - ngspice - current status and future developments - - Computer Aided Modeling and Design - devroom - - <p>After a short introduction to the ngspice circuit simulator the first part of the talk will present some new features available in ngspice-36. Among them are SVG plotting capability, acknowledging RKM notation (e.g. 4k7 for 4.7 KOhm resistance), new and improved convergence methods when calculation the operating point, and many others.</p> - -<p>The second part of the talk discusses some new features under development or still under discussion, like XSPICE memory management improvements, adding BSIMCMG model for FinFETs, adding IBIS capability (together with KiCad and sparselizard), and S parameter intgration. A lot of discussions is going on among FOSS simulator developers and users about better Verilog-A support.</p> - - - Holger Vogt - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 01:00 - D.cad - kicad - KiCad Project Update - - Computer Aided Modeling and Design - devroom - - <p>Update on the KiCad project including recent events, version 6 stable release, and what to expect during version 7 development.</p> - - - - - KiCad Project Status - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:20 - D.cad - bim - Hacking through BIM models - A BIM-oriented hacking session featuring FreeCAD, BlenderBIM and more... - Computer Aided Modeling and Design - devroom - - <p>BIM (Building Information Modeling) is a paradigm for 3D CAD models made for Architecture, Engineering and Construction (AEC). Long a closed, proprietary garden, it becomes more and more an open, hackable world thanks to several Free and Open-Source tools and formats.</p> - -<p>This talk will try to illustrate how rich that world has become when your tinkering, hacking, coding itch starts to scratch...</p> - <p>In this talk, Dion (developer of BlenderBIM) and Yorik (developer of FreeCAD, specifically its BIM tools) will use these two applications and try to show some clever tricks that you can do with BIM models, that no proprietary software would dream to achieve.</p> - - Yorik van Havre - - - - - FreeCAD - BlenderBIM - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:20 - D.cad - opencascade - Open CASCADE Technology status update - - Computer Aided Modeling and Design - devroom - - <p>Open Cascade Technology (OCCT) is a framework for B-Rep modeling. The lecture presents a technical update from the previous talk (at FOSDEM 2021). This year we also introduce our OCCT's Community Manager who will highlight community-related activities that happened during 2021.</p> - - - Alexander Malyshev - Vera Sdobnova - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:20 - D.cad - sparselizard - Sparselizard 2021.11 - your multiphysics FEM simulation tool - - Computer Aided Modeling and Design - devroom - - <p>This talk shows the features added to Sparselizard in 2021</p> - - - Alexandre Halbach - - - - - https://www.sparselizard.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:20 - D.cad - cadquery - The CadQuery Ecosystem - A sampling of community projects and extensions - Computer Aided Modeling and Design - devroom - - <p>CadQuery is a Python module for building parametric 3D CAD models in boundary representation (B-rep). It has an active community that has created editors, personal projects, research projects, examples for new and advanced users, and plugins that extend the functionality of CadQuery. The project is maintained by a small core team and numerous community members. CadQuery is built on the OpenCASCADE (OCCT) CAD kernel, and has support for 2D and 3D primitives, allows 3D assemblies and 2D sketches to be created with constraints, and makes heavy use of features like selectors to help capture design intent.</p> - -<p>There are multiple editors available for CadQuery including CQ-editor (desktop application), Jupyter-CadQuery (web based), and CadHub (web based CodeCAD sharing platform). There are repositories dedicated to examples and plugins, as well as separate projects for generating sprockets, chains, fasteners, polyhedra, and complex curves. Community members are responsible for much of the content in these repositories. There are also projects that rely on CadQuery, including in fusion research (Paramak), electrical component 3D model generation (KiCAD), and a more mouse-driven CAD application called Semblage. There are several ways of connecting with the community, including Discord, Matrix, Google Group and GitHub. Please introduce yourself and connect with other CadQuery users.</p> - - - Jeremy Wright - - - The CadQuery Ecosystem - The CadQuery Ecosystem (PDF Version) - - - CadQuery Repository - CadQuery Documentation - CQ-editor Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:20 - D.cad - oshw - Pushing the Open Source Hardware Limits with KiCAD - OSHW industrial grade computers and servers running cloud, medical and IoT services without hiding secrets in the hardware - Computer Aided Modeling and Design - devroom - - <p>The talk will cover the design of very complex and powerful OSHW Linux -boards based on the new NXP iMX8 and ST STMP1 SOC with FLOSS KiCAD tools -and then running FLOSS software for cloud, IoT and Health to offer full -transparency to the people who value their privacy not only on software -but also on hardware level.</p> - <p>The talk will cover the design of very complex and powerful OSHW Linux -boards based on the new NXP iMX8 and ST STMP1 SOC with FLOSS KiCAD tools -and then running FLOSS software for cloud, IoT and Health to offer full -transparency to the people who value their privacy not only on software -but also on hardware level.</p> - - Tsvetan Usunov - - - Pushing OSHW Limits with KiCAD - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 11:45 - 00:05 - D.conference - conference_introduction - Welcome to the Conference Organisation Dev Room - - Conference Organisation - devroom - - <p>Introduction and welcome to the dev room</p> - - - Kyle Robbertze - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:50 - 00:35 - D.conference - conference_tools - Free tools that help you run online events in an effective way - - Conference Organisation - devroom - - <p>Nowadays everyone can run an event (meetup, hackathon, etc), but sometimes we struggle in selecting the right tool to organize it in an effective way. What tools are out there that can help us run any type of event and have impact?. We will do an overview about options, limitations and resources you will need to make a great event.</p> - -<p>If you are lost trying to choose the right tool for your first online event, this talk is for you. And if you think you know everything about tools and ways to engage with your audience, you will be welcomed as well, since we will discuss about these things and more.</p> - <p>Nowadays everyone can run an event (meetup, hackathon, etc), but sometimes we struggle in selecting the right tool to organize it in an effective way. What tools are out there that can help us run any type of event and have impact?. We will do an overview about options, limitations and resources you will need to make a great event.</p> - -<p>If you are lost trying to choose the right tool for your first online event, this talk is for you. And if you think you know everything about tools and ways to engage with your audience, you will be welcomed as well, since we will discuss about these things and more.</p> - - Francisco Picolini - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:35 - D.conference - conference_debconf - DebConf Conference Infrastructure - - Conference Organisation - devroom - - <p>DebConf has been online for two years using a combination of our in-person infrastructure and new tools. This talk will describe both setups and what has been done to bring DebConf online.</p> - - - Kyle Robbertze - - - DebConf Conference Infrastructure - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:10 - 00:30 - D.conference - conference_stream_edit - Using OBS, Jitsi and Kdenlive to stream and edit conference videos - - Conference Organisation - devroom - - <p>In light of the pandemic, the foss-north conference has gone virtual since 2020. In this presentation we will discuss our live streaming and video recording setup built around OBS, Jitsi and Kdenlive.</p> - -<p>The talk will discuss what software we are running, how and some behind the scenes info about how we run the live events, as well as how we edit and distribute the recordings post event.</p> - - - Johan Thelin - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:35 - D.conference - conference_ansible_lessons - Lessons from 6 Virtual Ansible Contributor Summits - a.k.a. I don't know how to come up with a fancy title, I just tell it like it is. - Conference Organisation - devroom - - <p>I have been organizing open-source related meetups and conferences for more than a decade. The past two years have been exceptionally trying. Any guesses as to why that is? :)</p> - -<p>In this session, I will share our experiences from the 6 online Ansible Contributor Summits that we have held through 2020-2021. While the virtual platform gave us more flexibility in many ways (such as having 3 events in a year instead of the usual 1), it definitely presented many new challenges as well. From pre-event marketing to technologies used during the summits, post-event surveys + feedback that feed into the next event, it's a continuous cycle of trials, errors, and improvements.</p> - -<p>There is also a major shift towards using open source tools and workflows for the summits, at the request of some community memebers as well as the desire within our team. I'll share what fell short and what thrived, and how the changes impacted not just conference management for our team, but also how the Ansible community received these events. Because at the end of the day, these conferences are for the community contributors and participants!</p> - - - Carol Chen - - - Lessons from 6 Virtual Ansible Contributor Summits - - - Ansible Community - The Bullhorn - Ansible developer newsletter - Ansible Contributor Summit - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:40 - D.conference - conference_primer - FOSS Events Primer - Get Out There and Run One! - Conference Organisation - devroom - - <p>When you want to see your community grow, running a local event is a great idea. Luckily, many FOSS projects have been down this path, so you won't need to start from scratch. This talk covers the process of running a successful community event, from finding great folks to plan with -- to follow-up for the next event.</p> - <p>When you love your community, you want to see it grow and become stronger. And if you are also lucky enough to have a little extra time and enthusiasm? Well, then it might be time to run an event. Many FOSS projects have been down this path, so you won't need to start from scratch. This talk will cover:</p> - -<ul> -<li>Setting the scope for your event</li> -<li>How to find folks to work with</li> -<li>Creating a plan for success</li> -<li>Making sure attendees have a great time</li> -</ul> - - -<p>Once you have a solid plan in place, running a community event can be very rewarding. Attendees will walk away with a sense of where to start and a strategy for finding the resources they'll need to put on an inspiring community event.</p> - - Deb Nicholson - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 01:00 - D.conference - conference_pgeu - Using pgeu-system to manage your conference - - Conference Organisation - devroom - - <p>The pgeu-system is an integrated system for managing conferences. Originally developed for Postgresql Europe's own conferences, the system has grown into a generic system for managing events, visitors, speakers, sponsors, and volunteers. It integrates the functions such as call-for-papers, managing schedules, invoicing, accounting, and more.</p> - -<p>In this talk we will do a whirlwind tour of the tool, from the context of the foss-north conference.</p> - - - Johan Thelin - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:35 - D.conference - conference_fosdem - FOSDEM Conference Infrastructure - - Conference Organisation - devroom - - <p>A technical overview of how the FOSDEM conference is run: the tools we use, the tools we wrote, and the processes we use; both for the in-person version of the conference as well as the online one of which we're doing our second edition this year.</p> - - - Wouter Verhelst - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 13:15 - 00:40 - D.dart-flutter - flutter_project_setup - Make the code work for you: Flutter Code Generation - - Dart and Flutter - devroom - - <p>Every programmer's dream is constantly building new features and seeing how the project grows. However, there is nothing worse than writing a lot of boilerplate code just before even start implementing those features. In this talk, you will learn about Flutter code generation tools and various tips on how to avoid implementing boilerplate code and focus on your next-gen project.</p> - - - Mangirdas Kazlauskas - - - - - GitHub repository - Presentation slides - Reach out to the speaker - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:55 - 01:00 - D.dart-flutter - flutter_testing - The beautiful world of Flutter Testing - Introduction to Flutter Testing - Dart and Flutter - devroom - - <p>Modern applications have tons of features and possibilities, and the more features there are, the harder it gets to be tested manually. Also, advocates for Test Driven Development makes testing even more important. In this session, we want to explore the possibilities of how to Test your Features in Dart and Flutter. We will discuss Unit, Widget and Integration tests in this session, what it is and why you will love the support in your next project.</p> - - - Max Weber - - - - - Unit / Widget Testing - Integration Testing - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:55 - 01:00 - D.dart-flutter - flutter_pwa - Building PWA with Flutter - - Dart and Flutter - devroom - - <p>Progressive Web Apps are web applications that have been designed, so they are capable, reliable, and installable. These three pillars transform them into an experience that feels like a platform-specific application. -The central core components that ensure that PWA works flawlessly are Service Workers. These components are a network proxy that takes control of a network request from the application and adds cache capabilities, background app sync, push notifications, and offline features. -In this talk, I will review the PWA capabilities in Flutter and show you how you can extend these functionalities to have a better progressive web app building with Flutter in order to boost user experience in your application</p> - - - Majid Hajian - - - - - slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:55 - 01:00 - D.dart-flutter - flutter_state_management - Architectural thinking on Flutter State Management - - Dart and Flutter - devroom - - <p>Sometimes state management shapes the application architecture, which we even interchangeably call state management, app architecture. State management is a controversial topic among all developers, and it's, at the same time, one of the most complex topics that developers should decide on when they are building a Flutter app. Many developers say one solution is the best, whereas some disagree! What if I tell you that, in my opinion, there is no right and wrong answer! If you ask a software architect, which state management is the best for an application? The answer is evident; It Depends. -This talk discusses how to think like an architect and understand, recognize, and analyze tradeoffs and characteristics when choosing state management. I will show you why all state management might be best and worst, at the same time for your application which eventually helps you to make your mind to determine your appropriate solution.</p> - - - Majid Hajian - - - - - slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:55 - 00:30 - D.dart-flutter - flutter_nft - Flutter in the NFT world - - Dart and Flutter - devroom - - <p>How to create and deploy NFTs with Flutter and the Algorand blockchain.</p> - - - Arjan van Eersel - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 12:30 - 00:30 - D.embedded - embedded_linux_mysteries - Five mysteries in Embedded Linux - - Embedded, Mobile and Automotive - devroom - - <p>Once you start out in embedded linux, there is a lot to do. Some things are obvious, some less so. First and foremost, you can put your knowledge of using Linux on the desktop to good use, right? This approach feels like a natural progression, but it has its pitfalls - some of which this talk aims to help you understand and ultimately avoid.</p> - <p>Building and developing an embedded linux system sometimes feels like magic. It's all open source, right? You can just grab the code and make it do your bidding!</p> - -<p>But just like the Sorcerer’s Apprentice in the poem, you might find yourself struggling with the spirits that you just called, like -What a “Distribution” is, and why is it important that you know -Why package management is so different -Where configuration happens, and where not -When to update, and what</p> - -<p>This talks covers five of the most common misconceptions that beginners have when they cast their first spells in embedded linux, not only to avoid them backfiring - but to actually harness the power.</p> - - Josef Holzmayr - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.embedded - directfb - Back to DirectFB! - The revival of DirectFB with DirectFB2 - Embedded, Mobile and Automotive - devroom - - <p>DirectFB2 is a fork of DirectFB, a graphics library designed with embedded systems in mind that was widely used in the GNU/Linux embedded world. DirectFB2 comes with changes such as a Meson build system, a pure C implementation and a modularization of the source code.</p> - -<p>Access to the low-level display is based on a DRM/KMS system module (or possibly on a legacy Framebuffer system module), and depending on the platform, hardware-accelerated graphics rendering can be achieved using the architecture of the GFX driver modules.</p> - -<p>The core library is very light (no external dependencies) and provides basic font/image/video rendering support which can be demonstrated with the DirectFB-examples.</p> - -<p>The use of additional DirectFB providers based on external libraries is also possible thanks to the DirectFB-media package, such as rendering fonts with the FreeType library, rendering images with libpng or jpeg libraries, rendering videos with FFmpeg or GStreamer libraries.</p> - -<p>For 3D graphics, OpenGL or Vulkan rendering can be done with the DirectFB graphics backend. As an example, the Mesa 3D implementation makes OpenGL rendering possible with a DirectFBGL module or with EGL for the DirectFB platform, and the SwiftShader implementation makes Vulkan rendering possible with the DirectFB WSI.</p> - -<p>This talk aims at getting started with DirectFB2 which may be worth considering on some devices.</p> - - - Nicolas Caramelli - - - Back to DirectFB! - - - The DirectFB2 open source project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 01:00 - D.embedded - automotive_eth_phy - Automotive Ethernet PHY bring-up: lessons learned and debug tips - - Embedded, Mobile and Automotive - devroom - - <p>I would like to share my experience bringing up various Automotive Ethernet Gigabit PHYs on an iMX8 platform.</p> - -<p>Agenda:</p> - -<ul> -<li>PHY configuration CheckList (= What I need to know about my PHY, my schematic before starting the bring-up)</li> -<li>SW implementation (= step-by-step SW integration + common pitfalls to avoid, mainly focused on Linux, but I talk also about U-Boot)</li> -<li>Debug tips (= SW and HW tips)</li> -</ul> - - <p>This presentation is based on a training I already gave internally in the Valeo Group (with some extra additions). -This experience led to some patches that I hope to push at U-boot and Linux level.</p> - - Jean-Louis Thekekara - - - Automotive Ethernet PHY bring-up - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.embedded - rauc_ab_updates - Bringing RAUC A/B Updates to More Linux Devices - - Embedded, Mobile and Automotive - devroom - - <p>RAUC is a safe and secure open source software solution for A/B updates of embedded Linux devices. RAUC supports industry-leading build system: the Yocto Project and OpenEmbedded, Buildroot and PTXdist. Porting RAUC to a new device requires several advanced technical steps. Layer meta-rauc-community exists to speed up and simplify the integration process for Yocto and OpenEmbedded by providing examples for popular devices such as Rasperry Pi, Allwinner (Sunxi), NVIDIA Tegra and QEMU.</p> - <p>RAUC is a popular solution for A/B updates of embedded Linux devices because of its flexibility, safety and security features. It supports industry-leading build system: Yocto Project and OpenEmbedded, Buildroot and PTXdist. Upgrades are performed through RAUC bundles which can be installed either through the network or just using a USB stick.</p> - -<p>To port RAUC to a new device, we need to go through several steps: setup appropriate bootloader like U-Boot, enable SquashFS in the Linux kernel configurations, use ext4 file system, create partitions and configure RAUC slots, generate certificates and setup bootloader environment configurations with a script to switch RAUC slots over upgrades. To simplify the getting started process of developers using RAUC with Yocto and OpenEmbedded in 2020 Leon Anavi created layer meta-rauc-community. In 2021 the layer was moved to the RAUC organization in GitHub. Initially it offered only Raspberry Pi support and over the time, thanks to numerous community contributions, the support was extended to more machines. As of the moment meta-rauc-community provides RAUC sample integrations for Raspberry Pi, Sunxi (Allwinner), QEMUx86 and NVIDIA Jetson TX2.</p> - -<p>This presentation will provide a brief introduction to RAUC and will focus on layers meta-rauc and meta-rauc-community. We will go through the exact steps how build, flash and update an image using bitbake to the currently supported platforms. Furthermore we will discuss general guidelines for porting RAUC and adding new supported machines to meta-rauc-community in the future.</p> - -<p>The talk is appropriate for anyone with basic knowledge about Linux. It will hopefully help other software developers in the community to overcame faster and easier similar technical difficulties while integrating the RAUC client on embedded Linux devices and hopefully contribute back to the Yocto/OpenEmbedded layer meta-rauc-community.</p> - - Leon Anavi - - - Bringing RAUC A/B Updates to More Linux Devices - - - RAUC - Yocto/OE layer meta-rauc - Yocto/OE layer meta-rauc-community - A/B Linux updates with RAUC and meta-rauc-community: now & in the future - Software Updates with RAUC, the Yocto Project and OpenEmbedded - Getting Started with RAUC on Raspberry Pi - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 01:00 - D.embedded - ply_ebpf - ply: lightweight eBPF tracing - - Embedded, Mobile and Automotive - devroom - - <p>In this talk, I will show you how to build and deploy ply (a dynamic tracing language for eBPF) to a BeagleBone Black then write ply scripts to attach probes and tracepoints to a running kernel and application on that same target. eBPF has rapidly eclipsed all previous tracers for Linux. While eBPF has taken the cloud native community by storm, the technology has yet to make significant inroads within the embedded Linux ecosystem. I will explain the reasons for this current situation and demonstrate a possible way forward.</p> - -<p>The bpftrace dynamic tracing language relies on the LLVM-based BCC toolchain to compile scripts down to eBPF bytecode. Because of its dependency on LLVM, BCC only supports a few 64-bit CPU architectures, severely limiting the use of eBPF in embedded systems. Fortunately, the IO Visor Project offers a lightweight alternative to bpftrace called ply. Like bpftrace, ply’s syntax is inspired by both DTrace and awk. Unlike bpftrace, ply targets embedded CPU architectures like ARM and PowerPC making it possible to deploy eBPF to many more devices. Buildroot includes ply as of its 2021.02 LTS release.</p> - - - Frank Vasquez - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.embedded - build_systems_all_way_down - Build Systems all the way down. - Untangling OpenEmbedded/meta-zephyr/zephyr integration in Eclipse Oniro - Embedded, Mobile and Automotive - devroom - - <p>In this talk, pidge will take a critical look at the places where meta-zephyr -succeeds and fails in its original goals, the reasons behind that and the -steps being taken to fix those issues.</p> - <p>OpenEmbedded, Zephyr and meta-zephyr are powerful tools that can give IoT -developers the ability to rapidly develop embedded solutions. Integrating -them all however is challenging, made more so by wrapping multiple build -systems, machine configurations and build languages into a coherent solution.</p> - -<p>In this talk, pidge is going to show changes being implemented through her work -on the Eclipse Oniro project to the meta-zephyr layer that bring most zephyr -supported machine configurations into meta-zephyr but also removes the need for -OE machine configurations to have any knowledge of core zephyr modules. She will -discuss the issues she encountered around integating those changes from the zephyr -side.</p> - - Eilís Ní Fhlannagáin - - - Build Systems All The Way Down FOSDEM-2022 - - - meta-zephyr - Oniro: The Distributed Operating System That Connects Consumer Devices Big and Small - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 01:00 - D.embedded - fpga_programming - One stop shop: Best Practices for Programming Embedded FPGAs - - Embedded, Mobile and Automotive - devroom - - <p>FPGAs are increasingly being used in today's embedded systems. But they are notoriously complex for having a difficult programming model. In order to counter this complexity, there has been a growing focus to design FPGA hardware at a higher level of abstraction with new languages and compilers. This talk will serve as "one stop shop" for topics related to these developments.</p> - <p>Are you an embedded developer? Do you like FPGAs? Do you want to know the best programming practices for embedded systems that deploy FPGAs? Do you like economical hardware? Do you like open source projects? If your answer is "yes" to either of the aforementioned questions, then this talk is for you. As the title goes, this talk and its content will actually be "one stop shop" for best practices related to FPGA programming. Considering C-based languages still dominate the embedded systems, the talk will focus on new methodologies that can be broadly implemented while using all C-based (C/C++/C#) languages when it comes to implement your designs on FPGAs. To take it further, the talk will shift focus on C++ as C++ is finally picking up pace to come even more closer to low level hardware as compared to previous C++ standards. The last four C++ standards have come a long way to make C++ language even more compatible with embedded systems. Many open source FPGA libraries are based on modern C++. At the end of the day, you will know how a modern embedded developer can adopt certain coding practices to fully exploit the underlying spatial parallelism of FPGA hardware. Additionally, you will learn about open source compilers, open source projects, and economical FPGAs hardware to implement these best practices.</p> - - Babar Khan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.embedded - gpio_linux_vs_zaphyr - GPIO across Linux and Zephyr kernels - Maximizing code reuse in the example of the Oniro doorlock blueprint - Embedded, Mobile and Automotive - devroom - - <p>Sometimes it is useful to share code across multiple kernels -- in projects -like the Oniro door lock blueprint, for the typical use cases a Cortex-M -CPU running Zephyr is more than sufficient, but using its functionality as -part of a larger project makes using Linux on Cortex-A an interesting -option. Can we find a way to maximize code reuse despite the very different -GPIO APIs?</p> - <p>Sometimes it is useful to share code across multiple kernels -- we avoid -doing the work twice. However, this might be complicated when one version -is using Zephyr with a Cortex-M, and another Linux on a Cortex-A. -We will explore this problem using an example of the door lock blueprint -from the Eclipse Oniro project - an implementation of basic door lock -functionality. -For a typical use-case, a Cortex-M with Zephyr is more than sufficient, -but we might also want to integrate the same application in a bigger one -using Linux on a Cortex-A. Will we find a way to do so?</p> - - Bernhard Rosenkränzer - - - - - The Oniro Project - The Door Lock blueprint - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:10 - 00:40 - D.mobile - mobile_kernel_tablet - Mainlining the reMarkable 2 eInk tablet - - FOSS on Mobile Devices - devroom - - <p>The reMarkable 2 is an eInk tablet, based on the i.MX7 SoC. The tablet -ships with a fork of the 4.14 kernel and a custom rootFS built with -OpenEmbedded. The vendor kernel is based on the NXP vendor kernel with a -large collection of rM2 specific patches on top.</p> - -<p>This talk discusses the process of adding support for the rM2 to the mainline -Linux kernel. The talk first discusses the process of understanding the -original boot process and then getting access to a download mechanism and -serial console.</p> - -<p>Finally the talk covers the process to start upstreaming the patches from a -vendor kernel to the mainline kernel.</p> - - - Alistair Francis - - - rM2 FOSDEM Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:55 - 00:40 - D.mobile - mobile_nemomobile - Nemomobile - Bringing freedom to mobile - FOSS on Mobile Devices - devroom - - <p>Nemomobile is operating system for mobile devices based on Manjaro Linux and Glacier UI. It mainly developed on PinePhone, but it could be runned also on android devices. The talk will summarize its current status and its direction in future.</p> - - - Jozef Mlich - - - NemoMobile Presentation - - - https://nemomobile.net/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:45 - 00:25 - D.mobile - mobile_kernel_l5 - Librem 5 phone kernel report - - FOSS on Mobile Devices - devroom - - <p>I work with Purism SPC on the Librem 5 phone kernel. I regularly post -what our team pushes upstream into the mainline kernel at -https://puri.sm/posts/author/martin/</p> - -<p>In this little talk I want to summarize what we've done, describe how -we do it and put it into perspective a bit.</p> - -<p>I'll outline rough future plans and of course encourage to participate -in case you own that phone.</p> - - - Martin Kepplinger - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.mobile - mobile_mandriva - Taking a desktop OS to mobile phones - OpenMandriva now runs on the PinePhone - what did we have to do? - FOSS on Mobile Devices - devroom - - <p>OpenMandriva and its predecessors have been in the desktop and server world since the 1990s - now OpenMandriva 4.3 can run on the PinePhone. What did we have to do to get there and what problems have to be solved before it can fully replace that Android phone in my pocket?</p> - <p>Porting to the ARM (64-bit) architecture was relatively easy (and needed for some other projects). -Modifying the build system to handle bootloaders other than grub and distribution formats other than iso images and special per-device kernels? Easy to hack but not that easy if you want to do it right. We needed to do something that doesn't go quite as far as OpenEmbedded/Yocto, but still is powerful enough to handle many different devices. -Making the hardware work? Largely solved by the upstream community. -Finding or developing apps for base functionality, and making them work for the phone form factor? Mostly solved (with a few caveats). -But how can we work with Android and/or iOS apps (currently required to e.g. log in to most bank accounts)? How can we make this appealing to a normal user?</p> - - Bernhard Rosenkränzer - - - - - OpenMandriva - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:40 - D.mobile - mobile_mobian - 2 Years of Mobian - Birth and growth of a mobile Linux distribution - FOSS on Mobile Devices - devroom - - <p>The Mobian project was initiated a few days prior to FOSDEM'20, back when the first PinePhones (BraveHeart edition) were arriving in the hands of developers and enthusiasts. From a single-person weekend project aimed at running Debian on one specific device, to one of the major mobile Linux distributions, let's board into a journey through the past, present and future of Mobian!</p> - <p>Mobian started as a collection of hacks and scripts for running Debian on the PinePhone. Initially published as "Debian+Phosh" on the PINE64 forum, all packages were manually (cross) compiled and uploaded to the developer's personal web server.</p> - -<p>Over time, it gathered a strong community of users and developers and ultimately gained recognition from the wider mobile Linux community, to the point where it partnered with PINE64 to release a "Mobian Community Edition" PinePhone. Over the course of its 2 years of existence, the project implemented tools to ease development and automate deployment, and added support for more mobile devices, such as Purism's Librem 5, but also Surface Pro tablets and a few Android phones such as the OnePlus 6 and Pocophone F1.</p> - -<p>This talk will walk you through those 2 years of development, highlighting the project's contributions to the (mobile) FLOSS ecosystem. We will also emphasize how its members work, as part of the DebianOnMobile team, towards its ultimate goal of becoming irrelevant by making Debian a reference distribution on mobile devices. Finally, we will give you an update on the project's current status and plans.</p> - - Arnaud Ferraris - - - - - - Project website - Git repositories - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:40 - D.mobile - mobile_kernel_mainline - Porting mainline Linux to mobile phones - - FOSS on Mobile Devices - devroom - - <p>A general overview of porting Linux to mobile phones, with a focus on Qualcomm. From the device tree to how you get started and why you should do it.</p> - <p>Android phones have long been plagued by being based on old versions of the Linux kernel which are seldom patched against vulnerabilities and other security flaws. Additionally being based on old versions which are most of the time not being maintained by anyone anymore a vendor has to evaluate if a given patch applies to the old kernel version they are using or not and modify the patch if necessary. This problem has been somewhat mitigated by closer collaboration between SoC vendors and the Linux kernel community (LTS kernels) but this only applies to drivers and components that are actually present in the main branch of the Linux kernel. Drivers only present in vendor-maintained branches often get left out of security and general bug fixes.</p> - -<p>Unfortunately for many companies there isn't a clear financial reason to clean up device drivers and submit them upstream, so in this talk I will give an introduction into how you can get started in making your device run a kernel that's based on mainline Linux.</p> - -<p>Running alternative operating systems (other than Android) on your phone is in some cases possible with the kernel provided by the vendor but in these cases you need to rely on solutions like libhybris to work with proprietary user space binaries and libraries to make hardware work. Running 100% open source software while using a vendor-provided kernel ("downstream kernel") is not feasible due to the sheer number of proprietary user space components that would need to be replaced. But with a mainline kernel you can get to a fully free and open source operating system for your phone. And this talk will give you can introduction to some of the basics in getting started with running mainline Linux kernel on your phone and some of the tips and tricks that I have learned over the years.</p> - - Luca Weiss - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:40 - D.mobile - mobile_kernel_ebook_reader - The road towards using regular linux on ebook readers - Experiences and progress with Kobo/Tolino readers - FOSS on Mobile Devices - devroom - - <p>Most Kobo/Tolino readers offer a well marked console port and often a second UART. If they are not water resistant, they offer an internal µSD card slot containing the whole operating system and bootloader so that sounds like an invitation to do something interesting with them besides just reading books. Especially in prolonged outdoor activities, the display and their low power consumption have their merits. Hardware is quite similar, so you also have chances to get a replacement next corner. -Several devicetrees and also some drivers made their way into mainline linux now, on others upstreaming work is in progress. Support is starting to find its way into mobile linux distributions like postmarketOS and graphics start to work with standard APIs. -In this talk I talk about my experiences, especially the current state of support in mainline linux, what is missing and what are the challenges. I will also talk about requirements for the graphics userspace and shortly present my favorite use case: displaying maps.</p> - - - Andreas Kemnade - - - - - Kernel/Mainlining overview - U-Boot 2020.10 for mentioned e-book readers - postmarketOS for Kobo Clara HD - postmarketOS for Tolino Shine 2HD - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 01:30 - D.mobile - mobile_camera - Status of camera support on mobile FOSS devices - An open discussion about the state of cameras on Linux-powered mobile devices - FOSS on Mobile Devices - devroom - - <p>Camera support has traditionally been a pain point when it comes to -Linux phones.</p> - -<p>Years and years of competition on the photography capabilities of -consumer devices have pushed vendors to adopt more and more custom, -closed source implementations, leaving users of free software powered mobile -devices with nothing but poor solutions limited to work on the single -devices they have been developed for.</p> - -<p>With the increasing maturation of libcamera, a complete user space -camera stack for Linux devices is now finally available, and Linux -phones developers can now cooperate on more mature camera solutions -for their devices.</p> - -<p>The BoF will serve for phone developers and camera developers as a -cooperation space, to better understand their mutual needs and move -forward camera support for the whole Linux ecosystem.</p> - <p>Cameras have traditionally been a distinguishing factor in the -traditional mobile/smartphone market. Year after year the number of -pixels available in a phone's camera have become a stable part of the -phone producers marketing material and as a direct consequence of such -fierce competition everything around cameras has usually been quite -secretive, with vendors implementing rather cumbersome software -architectures to work around the software licensing requirements which -would have otherwise required them to open at least part of what they -consider their secret sauces.</p> - -<p>Vendor's reluctance to discuss and innovate in a common shared space -and the undeniable deficiencies (or better, the complete lack of -existence) of anything resembling a camera stack in the Linux -ecosystem has pushed camera support to a quite uncomfortable position -when it comes to FOSS-powered mobile devices. Until very recently nothing -comparable to what could be achieved by a rather cheap Android phone, -running binary blobs both in user and kernel space, can be easily -realized by using a fully open infrastructure.</p> - -<p>Three years after starting of the libcamera project, -its adoption as the default camera stack for the Raspberry Pi -ecosystem and its increasing permeation in the x86 device space thanks to -the support of vendors like ChromeOS and a more robust integration in Pipewire, -it's now time to finally address the camera issue in the FOSS phone space.</p> - -<p>With the recent interest from Librem5 and Pinephone communities in the -project, this BoF intends to provide a space where phone developers, -libcamera developers and hopefully vendors can discuss their mutual -headaches and try to sketch a way forward in order to provide to -free-software equipped mobile device a camera support that can do more than what -an Android phone was capable of 10+ years ago.</p> - - Jacopo Mondi - - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:40 - D.openjdk - javahotnfresh - Keeping Your Java Hot & Fresh in 2022 - - Friends of OpenJDK - devroom - - <p>Despite being nearly 27 years old, Java is still consistently rated in the top three most popular programming languages in use. The reason for this popularity extends beyond the syntax of the language to the power of the Java Virtual Machine (JVM). With its ability to handle internet-scale workloads, the JVM delivers the performance required for mission-critical enterprise applications.</p> - -<p>In this session, we’ll explore Java as it is in 2022. JDK 17 is the ninth (yes, ninth) release in four years. As a long-term support (LTS) release, this is one that many users will choose to use in production. We’ll review the significant new features developers will now be able to exploit as they develop their next applications. With JDK 18 just around the corner and longer term projects like Loom likely to be included soon, what does this year hold for Java?</p> - - - Simon Ritter - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:40 - 00:40 - D.openjdk - openjdk17 - Records and Text Blocks: But What Else Is Interesting In OpenJDK 17? - - Friends of OpenJDK - devroom - - <p>By now, we all know that JDK 17 is the latest Java long-term supported release with several new language features. There are already many resources that explain the Java Record and Text Blocks in detail. But JDK 17 has much more interesting changes since JDK 11.</p> - -<p>In this session, I go into more detail about some other interesting changes that are not language features but are a good reason to switch to JDK 17.</p> - -<ul> -<li>Improvements in the Class Data Sharing feature.</li> -<li>JDK Flight Recorder for monitoring purposes.</li> -<li>Improvements in Performances in the Garbage collectors</li> -<li>Preventing security issues with context-specific deserialization filters.</li> -</ul> - - -<p>Besides the explanation, you also see these changes in action with some demos.</p> - - - Rudy De Busscher - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:40 - D.openjdk - kotlin - Introducing Kotlin In Your Organization: From The Ground Up - - Friends of OpenJDK - devroom - - <p>A little guide on how to convince management to try out new technologies!</p> - -<p>For you it's obvious, Kotlin is the next big thing and it'll bring your team to the next level. You see clear advantages, but others are not quite there yet. In this talk, I'll describe the ways we found to get Kotlin inside ING, one of the largest European bank. We'll look into simple ways to convince your colleagues, your management and make it a success for everyone!</p> - <p>Those days, there are so many tools to improve one developer's workflow that it's hard to make a choice, and sometimes convince others. Languages, frameworks, tooling, paradigms, there is so much to try and not everything can be a benefit.</p> - -<p>In this talk, we will have a look at why Kotlin probably makes a lot of sense for your team. We'll have a quick glance at some language features, the ecosystem and the community as well.</p> - -<p>But we'll mostly have a look at various techniques to make Kotlin (or for that matter, any other kind of proposal) a convincing user case for your team. -Finding your heroes, making small experiments, using external influence, building in public, defusing possible worries, there are many ways to go about it!</p> - -<p>By the end of this talk, you will have extra information on why Kotlin can be useful for you (or not); and be equipped with strategies to help convince others as well.</p> - - Julien Lengrand-Lambert - - - - - A blog about how we introduced Kotlin at ING - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:40 - D.openjdk - foreignfunctions - Let's Talk About Foreign Functions In Java - - Friends of OpenJDK - devroom - - <p>Java 17 finally gave us the first incubator of Foreign Function &amp; Memory API. Let's do a test drive of what is in store and see if it is good enough to replace JNI. Let's be honest, JNI is not that secure and is controversial and it's high time we move away from it and adopt FFI like in many other modern languages. But is the new API enough or do we need to consider external libraries like JNA or JNR-FFI? I'll showcase some examples of using the new API with some of my other favorite languages.</p> - - - Deepu K Sasidharan - - - Lets talk about FFI in Java - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:40 - D.openjdk - panama - Native Language Access: Project Panama for Newbies - - Friends of OpenJDK - devroom - - <p>A brief introductory talk on Java 17's New project Panama APIs to get your feet wet into the world of native language access or better known as Foreign Function Interface APIs (JEP 412).</p> - <p>As a Java developer, you may have a need to access native libraries, such as Tensorflow, SqlLite, ffmpeg, OpenGL, but later find that JNI is your default choice. JNI (Java Native Interface) requires native code to be installed. You’ll quickly find that JNI wrapper code is difficult to maintain. New to OpenJDK 17 is the Foreign Linker API (JEP 412) as a replacement or alternative for JNI to provide a pure-Java solution and perform comparable to, or better than, JNI. -The aim of this talk is to help you be proficient at creating Java programs capable of accessing devices and/or native libraries mainly focussing on OpenJDK 17’s Foreign Linker API.</p> - -<ul> -<li>Intro (what, why, where)
</li> -<li>Requirements
</li> -<li>IDE, environment setup
</li> -<li>Getting started
</li> -<li>Anatomy of a Hello World in C
</li> -<li>What is jextract
</li> -<li>Panama Hello World in Java
</li> -<li>How to allocate memory to work with C primitives, arrays, &amp; C strings.
</li> -<li>How to allocate and mimic pointers, structs, and array of structs.
</li> -<li>What are VarHandles?
</li> -<li>What are MethodHandles?
</li> -<li>Using your super powers to access system libraries
</li> -<li>Using your super powers to access third party libraries (demos)
 -Demos may include: OpenGL, LeapMotion device, Git, ffmpeg, Python, Swift, MacOS touchID, -MacOS SpeechSynthesizer.</li> -</ul> - - -<p>All Code will be available online at https://github.com/carldea/panama4newbies</p> - - Carl Dea - - - - - Panama 4 Newbies Part 1 - Panama 4 Newbies Part 2 - Panama 4 Newbies Part 3 - GitHub source code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:20 - 00:40 - D.openjdk - log4j1 - Java Security: Log4J, the SecurityManager, and Funding - - Friends of OpenJDK - devroom - - <p>A demonstration of log4j exploits, which defenses people tried, and which worked. We'll cover how groups responded effectively to patch to see what was common. -We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate.</p> - <p>This talk will use actual exploit code that takes over systems through their log messages to open calculators.</p> - - Erik Costlow - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:40 - D.openjdk - log4j2 - Security Warning: Your Java Attack Surface Just Got Bigger - - Friends of OpenJDK - devroom - - <p>Building cloud-native Java applications is undoubtedly awesome.</p> - -<p>However, it comes with undeniable new risks. Next to your own code, you are relying on so many other things.</p> - -<p>Blindly depending on open-source libraries and Docker images can form a massive risk for your application.</p> - -<p>The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user's data.</p> - -<p>Join this talk where we’ll show common threats, vulnerabilities, and misconfiguration including the recently disclosed issues in Log4j.</p> - -<p>Most importantly, you’ll learn how to protect your application with actionable remediation and best practices.</p> - - - Brian Vermeer - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:40 - D.openjdk - jvmtweaks - Simple Tweaks To Get The Most Out Of Your JVM - - Friends of OpenJDK - devroom - - <p>Many developers don’t think about the JVM level when creating applications. It is something that just simply works. Now more applications are becoming cloud-native and we have JVM’s running in every microservice container, each performance gain can have massive benefits when scaled up. Some tweaks are very easy to implement and can have huge impacts on start-up time and performance of your applications. This talk will go through all the different JVM options and give you some easy and simple advice on how to get the most out of your JVM to save not only money but also energy on the cloud.</p> - - - Jamie Coleman - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:40 - D.openjdk - tornadovm - TornadoVM: Hardware Acceleration For Java In Practice - - Friends of OpenJDK - devroom - - <p>Hardware acceleration has become prevalent in most application domains as a means to increase performance, while also achieving high energy efficiency. However, the programming models for heterogeneous hardware accelerators inherently support C/C++, thereby hindering the exploitation of heterogeneous resources from managed languages, such as Java. In the University of Manchester, we have been developing TornadoVM; an open-source software technology that can be used as a plugin to OpenJDK and other JVM distributions to enable hardware acceleration in a programmer friendly manner.</p> - -<p>In this talk, we will present a practical view of TornadoVM and focus on two parts: (i) analyze what can impact the performance of applications on heterogeneous co-processors, and (ii) how Java developers can utilize TornadoVM to increase the performance of their applications.</p> - -<p>https://github.com/beehive-lab/TornadoVM</p> - - - Thanos Stratikopoulos - - - TornadoVM-FOSDEM22 - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:40 - D.openjdk - alpaca - Java & Alpaca: A Beautiful Friendship - - Friends of OpenJDK - devroom - - <p>BellSoft created tiny containers based on Alpine Linux. But Alpine has its cons: musl sometimes performs worse than glibc, LTS support is not long enough. So we developed Alpaca Linux based on Alpine. Alpaca is more performant and secure, has longer LTS support, and is perfect for Java deployment.</p> - <p>The size matters when it comes to containers: they should be small but performant. BellSoft engineers came up with the solution and integrated the Alpine musl port into JDK 16. We made containers based on Alpine Linux and immediately understood that we hit the spot. These containers are still in demand and keep gaining popularity. -Alpine Linux is based on musl. There is usually no difference in performance, but in some cases, musl is less efficient than glibc. The problem is that any Linux distro is made for general purposes, and Linux engineers don’t have Java in mind when developing them. -In addition, LTS support for Linux kernel and OpenJDK is longer than that for Alpine Linux, which leads to a more frequent migration between OS versions within one Java release. -We want to make sure that Java LTS visions are stable within the environments we offer. This is why we created our own distribution, Alpaca Linux, based on Alpine. -Alpaca Linux has a longer support cycle and includes musl-perf and other components to boost the performance of apps, including Java-based ones. -In my talk, I will describe the differences between Alpaca and Alpine and show the results of the benchmarks. I will also tell you about the Alpaca release cycle and how to get hands on with this new Linux distro. You will find out how to boost the performance and security of Java deployment with Alpaca Linux. All in all, I think that this is the beginning of a beautiful friendship between Alpaca and Java.</p> - - Dmitry Chuyko - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:40 - D.openjdk - threading - Java Threading Essentials - - Friends of OpenJDK - devroom - - <p>To be a proficient java developer, you must learn Java Thread programming. Thread is the heart of the Java ecosystem. All the server-side programming model heavily depends on the java concurrency model. In this session, I will explain a few essential aspects of the java thread model from the ground up so that a beginner can build up their concurrency knowledge on top of it. The session will include -</p> - -<ol> -<li>How to create a simple concurrent program</li> -<li>Identify the benefits of java threadings</li> -<li>Understanding the bagasse that comes with threads and how to avoid them</li> -<li>What are the threadsafe classes available in the JDK</li> -</ol> - - - - Bazlur Rahman - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:20 - 00:40 - D.openjdk - fuzion - Fuzion: A New Language For The OpenJDK Unifying Java's Concepts - - Friends of OpenJDK - devroom - - <p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>This talk will explain how Java's concepts such as classes, interfaces, methods, -constructors, packages, etc. are mapped to the single concept of a Fuzion -feature. The fzjava tool will be explained that provides Fuzion interfaces to -Java libraries. Finally, the Fuzion interpreter and a (planned) Java byte-code -back-end are presented.</p> - <h1>Introduction</h1> - -<p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>Fuzion was influenced by many other languages including Java, Python, Eiffel, -Rust, Go, Lua, Kotlin, C#, F#, Nim, Julia, Clojure, C/C++, and many more. The -goal of Fuzion is to define a language that has the expressive power present in -these languages and allow high-performance implementations and powerful analysis -tools. Furthermore, Fuzion addresses requirements for safety-critical -applications by adding support for contracts that enable formal specification and -enable detailed control over run-time checks.</p> - -<p>Many current programming language are getting more and more overloaded with new -concepts and syntax to solve particular development or performance issues. -Languages like Java/C# provide classes, interfaces, methods, packages, anonymous -inner classes, local variables, fields, closures, etc. And these languages are -currently further extended by the introductions of records/structs, value types, -etc. The possibility of nesting these different concepts results in -complexity for the developer and the tools (compilers, VMs) that process and -execute the code.</p> - -<p>For example, the possibility to access a local variable as part of the closure -of a lambda expression may result in the compiler allocating heap space to hold -the contents of that local variable. Hence, the developer has lost control over -the allocation decisions made by the compiler.</p> - -<p>In Fuzion, the concepts of classes, interfaces, methods, packages, fields and -local variables are unified in the concept of a Fuzion feature. The decision -where to allocate the memory associated with a feature (on the heap, the stack -or in a register) is left to the compiler just as well as the decision if -dynamic type information is needed. The developer is left with the single -concept of a feature, the language implementation takes care of all the rest.</p> - -<h1>Fuzion Feature Declarations</h1> - -<p>A Fuzion feature has a name, similar to the name of a class or a function. -The main operation that can be performed on a feature is a feature call. The -constituents of a feature declaration are as follows:</p> - -<h2>Formal Arguments</h2> - -<p>Features may have a list of formal arguments, which are themselves features -implemented as fields. On a call to a feature with formal arguments, actual -arguments have to be provided to the call, unless the list of formal arguments -is empty.</p> - -<h2>Feature Result</h2> - -<p>The result of a feature call is an instance of the feature. Alternatively, a -feature may declare a different result type, then it must return a value of that -type on a call.</p> - -<h2>Closures</h2> - -<p>Features are nested, i.e., every feature is declared within the context of an -outer feature. The only exception is the universe, which is the outermost -feature in Fuzion. A feature can access features declared in its -outer feature or, recursively, any outer feature of these outer features. This -means, a feature declaration also defines a closure of the feature and its -context.</p> - -<p>When calling a feature <em>f1</em> declared as an inner feature of <em>f2</em>, the call must -include a target value which is the result of a call to <em>f2</em>, e.g., <em>f2.f1</em>.</p> - -<h2>Generics</h2> - -<p>Features may have generic type parameters. E.g. a feature declaration may leave -the actual type used within that feature open and to be defined by the user of -the feature.</p> - -<p>The list of generic type parameters may be open, i.e., the number of actual -generic type parameters is not fixed at feature declaration. This turns out to -be useful in the declaration of choice types and functions as explained below.</p> - -<h2>Inheritance</h2> - -<p>Fuzion features can inherit from one or several other features. When inheriting -from an existing features, all inner features of the parent automatically become -inner features of the heir feature. It is possible to redefine inherited -features. In particular, when inheriting from a feature with abstract inner -features, one can implement the inherited abstract features.</p> - -<p>A redefinition of an inherited feature may implement an inherited feature as a -routine or as a field. An inherited feature that is implemented as a field, -however, cannot be redefined as something else since fields might be mutable.</p> - -<p>Inheritance may result in conflicts. An example would be two features with the -same name that are inherited from two different parents. In this case, the heir -must resolve the conflict either by redefining the inherited features and -providing a new implementation or by renaming the inherited features resulting -in two inner features in the heir feature.</p> - -<p>Inheritance and redefinition in Fuzion does not require dynamic binding. By -default, the types defined by features are value types and no run-time overhead -for dynamic binding is imposed by inheritance.</p> - -<h2>A Contract</h2> - -<p>A feature may declare a contract that specifies what the features does and under -which conditions the feature may be called.</p> - -<h2>An implementation</h2> - -<p>Features must have one of the following implementations</p> - -<ul> -<li><p>a routine is a feature implementation with code that is executed on a call</p></li> -<li><p>a field is a memory slot that stores a value and whose contents are returned on a call</p></li> -<li><p>an abstract feature has no implementation and cannot be called directly, but can be implemented by heir features</p></li> -<li><p>an intrinsic feature is a low-level feature implemented by the compiler or -run-time system, e.g., the infix + operator to add two 32-bit integer values -may be an intrinsic operation.</p></li> -</ul> - - -<p>A feature implemented as a routine can contain inner feature declarations.</p> - -<h1>Feature examples</h1> - -<p>Here is an example that declares a feature <em>point</em> that functions similar to a -struct or record in other languages:</p> - -<pre><code>point(x, y i32) is # empty -p1 := point 3 4 -say "p1.x is {p1.x}" # will print "p1.x is 3" -say "p1.y is {p1.y}" # will print "p1.y is 4" -</code></pre> - -<p>The next example shows a feature <em>base</em> that provides an inner feature <em>plus</em> -that adds its argument to the value passed to the enclosing base:</p> - -<pre><code>base(v i32) is - plus(w i32) =&gt; v + w - -b1 := base 30 -b2 := base 100 -say (b1.plus 23) # will print "53" -say (b2.plus 23) # will print "123" -</code></pre> - -<h1>Fuzion FZJava Tool</h1> - -<p>Fuzion provides a tool <code>fzjava</code> that takes a Java module file and converts it -into Fuzion features. In the spirit of Fuzion, Java's packages, classes, -interfaces, methods, constructors, static methods and fields are all converted -into Fuzion features. Java methods that may throw an exception are -converted into features resulting in a choice type that is either the exception -type or the result type of that method.</p> - -<p>A few intrinsic functions in the Java interpreter back-end use Java's reflection -API to access the corresponding Java code.</p> - -<h2>Basic approach</h2> - -<p>The FZJava tool converts each Java class into three Fuzion Features. Say you -have a Java class as follows</p> - -<pre><code>package x.y; -class MyClass -{ - MyClass(String arg) - { - ... - } - void myMethod() - { - } - void myStaticMethod() - { - } -} -</code></pre> - -<p>This will be converted into a Fuzion feature <code>x.y.MyClass</code> that may not be -instantiated directly:</p> - -<pre><code>Java.x.y.MyClass(redef forbidden void) ref : Java.java.lang.Object(forbidden), fuzion.java.JavaObject(forbidden) is - - unit myMethod is - ... -</code></pre> - -<p>This feature defines a Fuzion type <code>x.y.MyClass</code> and contains wrappers for the -instance methods. It is, however, not permitted to directly create instances of -this feature, which is ensured the forbidden parameter of type void (which -makes this feature 'absurd', it cannot be called directly since void values -cannot be created).</p> - -<p>Additionally, a Fuzion feature containing features for static methods and -constructors is generated as follows:</p> - -<pre><code>Java.x.y.MyClass_static is - - new(arg string) is - ... - - myStaticMethod is - ... -</code></pre> - -<p>This Feature defines a unit type. Finally, a Fuzion feature returning an -instance of this unit type is generated for convenience</p> - -<pre><code>Java.x.y.MyClass =&gt; x.y.MayClass_static -</code></pre> - -<p>With this, the following code can be used to create an instance of <code>MyClass</code> -within Fuzion and call <code>myMethod</code> and <code>myStaticMethod</code> of this class:</p> - -<pre><code>o := Java.x.y.MyClass.new "test" -o.myMethod -Java.x.y.MyClass.myStaticMethod -</code></pre> - -<p>The counterpart to <code>import</code> a Java class in Fuzion would be to declare a field -and assign the class' unit type value to it, i.e., the code above could be -simplified as</p> - -<pre><code>MyClass := Java.x.y.MyClass -o := MyClass.new "test" -o.myMethod -MyClass.myStaticMethod -</code></pre> - -<p>or even</p> - -<pre><code>mc := Java.x.y.MyClass -o := mc.new "test" -o.myMethod -mc.myStaticMethod -</code></pre> - -<p>using <code>mc</code> as an alias of <code>Java.x.y.MyClass</code>. Note that since the value of -field <code>mc</code> is a unit type, this assignment or any accesses of <code>mc</code> will not -execute any code at runtime.</p> - -<h2>Small Example</h2> - -<p>Here is a example how Java code can be used from Fuzion:</p> - -<pre><code>javaString := java.lang.String.new "Hello Java 🌍!" # create Java string, type Java.java.lang.String -javaBytes := javaString.getBytes "UTF8" # get its UTF8 bytes, type is fuzion.java.Array&lt;i8&gt; -match javaBytes - err error =&gt; say "got an error: $err" - bytes fuzion.java.Array =&gt; - say "string has {bytes.count} bytes: $bytes" - javaString2 := java.lang.String.new bytes 6 bytes.count-6 # create Java string from bytes subset, - say "Hello "+javaString2 # append Java string to Fuzion string and print it -</code></pre> - -<h2>Web Server Example</h2> - -<p>The following code shows how Java APIs can be used to create a minimalistic web -server in Fuzion.</p> - -<pre><code>webserver is - - # declare short hands to access Java net and io packages - net := Java.java.net - io := Java.java.io - - # open socket - port := 8080 - serversocket := net.ServerSocket.new port - match serversocket - err error =&gt; say "#### $err ####" - ss Java.java.net.ServerSocket =&gt; - - for n in 1.. do - say "accepting connections to localhost:$port" - - match accept - unit =&gt; say "ok." - err error =&gt; say "#### $err ####" - - accept outcome&lt;unit&gt; is - # accept and handle connection - s := serversocket.accept? - input := io.BufferedReader.new (io.InputStreamReader.new s.getInputStream?) - output := io.DataOutputStream.new s.getOutputStream? - - req := read? - say "got request ({req.byteLength} bytes): $req" - if req.startsWith "GET " - (send200 "&lt;html&gt;Hello Fuzion $n!&lt;/html&gt;")? - - # close streams - input.close? - output.close - - # helper to read request - # - read outcome&lt;string&gt; is - for - r := "", "$r$s\n" - s := input.readLine? - ready := input.ready? - until s = "" || !ready - r - - # helper to send data in HTTP response with status 200 - # - send200(data string) outcome&lt;unit&gt; is - output.writeBytes ( "HTTP/1.1 200 OK\n" - + "Connection: close\n" - + "Server: Fuzion demo WebServer v0.01\n" - + "Content-Length: " + data.byteLength + "\n" - + "Content-Type: text/html\n" - + "\n" - + data)? -</code></pre> - -<p>Java methods that may result in an exceptions are represented by Fuzion features -that result in the type outcome&lt;T> where T is the Fuzion type corresponding to -the Java result type of the method. outcome is a union type that may be either -error, which wraps the Java exception, or the actual result type T.</p> - -<p>Java methods that result in void are mapped to Fuzion features that result in -unit, or, outcome&lt;unit> in case the method has any declared exception.f</p> - -<h1>Fuzion Interpreter</h1> - -<p>Fuzion currently supports two back-ends: An interpreter implemented in Java and -running on top of OpenJDK and a C code generator implemented in Java using clang -to create machine code.</p> - -<p>The goal of the interpreter was to quickly obtain a way to execute Fuzion -applications. Performance was not the main concern. The interpreter operates -directly on Fuzion's abstract syntax tree.</p> - -<p>For better performance, a byte-code back-end is planned that will operate on -Fuzion's intermediate code instead.</p> - -<h1>Fuzion Byte-Code Back-End</h1> - -<p>Similar to Fuzion's C back-end, the byte-code back-end is planned to work on top of -Fuzion's intermediate code.</p> - -<h2>Fuzion intermediate code</h2> - -<p>Fuzion uses intermediate files during different stages of compilation: module -files that contain library code, application files for whole applications and -Fuzion intermediate representation files that serve as input to the back ends.</p> - -<p>Fuzion uses a simple intermediate code to represent pre-compiled modules and -whole applications. This intermediate code serves as the input for static -analysis tools, optimizers and for different back-ends that produce executable -applications. The goal in the design of the intermediate file format was high -performance and simplicity for tools using this code.</p> - -<p>The intermediate code is a binary format containing features and types in a way -that may be mapped to memory and used directly, so overhead of parsing this -format into an in-memory representation is avoided. In particular, if only parts -of a pre-compiled module are used by an application, there is no need to read and -unpack parts of the module intermediate representation that are not used.</p> - -<p>For features containing code, a very simple stack-based format is used. There -are currently only ten different instructions:</p> - -<pre><code>* Unit -- produce a value of unit type -* Current -- produce the current instance as a value -* Constant -- produce a constant value -* Assign -- perform an assignment to a field -* Call -- perform a call to a given feature -* Tag -- convert a value into a tagged value of a choice type -* Match -- match a choice type -* Box -- convert a value type to a ref type -* Unbox -- extract the value from a ref type -* Pop -- drop the top element from the stack -</code></pre> - -<p>The intermediate code uses indices to refer to features and types within -intermediate files. This means that lookup is very efficient, but it also means -that a change in a library module requires recompilation of all dependent -modules. Any incompatibilities would be found at compile time instead of -resulting in something like Java's <code>IncompatibleClassChangeError</code> at run-time.</p> - -<h2>Instance Implementation</h2> - -<p>Fuzion instances should be mapped directly to instances of Java classes -generated for the corresponding features. Fuzion fields should be mapped to Java -fields and Fuzion routines to Java methods.</p> - -<p>Fuzion instances that are accessed only locally by their defining features code, -i.e., they do not live longer than their code is executed and they are not -passed to any other features, might be optimized and implemented as Java methods -using local variables instead of fields.</p> - -<h2>Call Implementation</h2> - -<p>Fuzion's support multiple inheritance similar to Eiffel. Java support multiple -inheritance only for interfaces, so one way to implement dynamic binding in -calls would be to define interfaces for every Fuzion feature and use the JVM's -invokeinterface byte-code for calls.</p> - -<p>A more flexible alternative might be to use invokedynamic to implement dynamic -dispatch, but this will likely result in higher overhead compared to highly -optimized invokeinterface implementations.</p> - -<h1>Conclusion and Next Steps</h1> - -<p>The Fuzion language definition and implementation are far from stable, but are -getting closer to become useful. Big improvements come from the ability to -pre-compile modules and from the foreign language interface for Java, which -makes a giant code base accessible for Fuzion applications to build on.</p> - -<p>Additionally, new projects such as the language server implementation for Fuzion -by Michael Lill help by integrating Fuzion support in popular IDEs and editors.</p> - -<p>Main points that are missing right now are</p> - -<ul> -<li>a powerful standard library</li> -<li>additional library modules for all sorts of application needs</li> -<li>low-level foreign language interface for C</li> -<li>actual implementations of static analyzers and optimizers</li> -<li>highly optimizing back-ends</li> -<li>garbage collection for the C back-end</li> -<li>documentation, tutorials</li> -<li>enthusiastic contributors and users!</li> -</ul> - - -<p>Please feel free to contact me in case you want to use Fuzion or want to help -making it a success!</p> - - Fridtjof Siebert - - - Fuzion: a New Language for the OpenJDK - - - Fuzion portal website - Fuzion sources on GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 13:00 - 00:20 - D.go - go_welcome - Welcome to the Go Devroom - - Go - devroom - - <p>A warm welcome to The Go Devroom at FOSDEM 2022</p> - - - Maartje Eyskens - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:20 - 00:35 - D.go - go_slices_maps_channels - Dissecting Slices, Maps and Channels in Go - - Go - devroom - - <p>Slices, Maps and Channels in go, are first class citizens of the language, they are used widely in our day to day work, but… do you know how they works under the hood? Do you know the implications of adding elements to an slice, or new keys to a map?</p> - -<p>Do you know why you can’t relay in maps order? Do you know how channels handle the buffer or the blocked goroutines? If you don’t know about that, this is your talk. I going to access the go runtime memory state of the maps, slices and channels, and show you how they evolve over time while we change them.</p> - - - Jesús Espino - - - Dissecting Go Slices, Maps and Channels - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:55 - 00:35 - D.go - go_errors - Mastering Your Error Domain - Graceful error handling in Go - Go - devroom - - <p>Error handling is one of Go’s key features. The errors.As helper added in Go 1.13 gives Gophers the tools they need to build their own error domains and ensure that all errors are handled properly across their applications.</p> - <p>The errors.As feature of Go 1.13 makes it easy to create error systems that work for your particular applications, users, and operators without being straitjacketed by the language into a one-size-fits-all approach that inadvertently exposes users to the internal operations of your system. Don’t let your end users be distracted by irrelevant warning messages. Handle errors properly by thinking about their roles and domain within your application.</p> - - Carl Johnson - - - - - Creating Domain Specific Error Helpers in Go With errors.As - Google Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:35 - D.go - go_tinygo_wifi - Go Further Without Wires - WiFi Programming Using TinyGo - Go - devroom - - <p>Last year in "Go Without Wires" we saw how you can use TinyGo to program code that runs directly on Bluetooth devices.</p> - -<p>Now in "Go Further Without Wires" we will see some of the ways that TinyGo can connect to WiFi networks, and consequently to the Internet itself.</p> - -<p>This talk will include several actual demonstrations, including a drone.</p> - <p>In this second chapter of the "Wireless Saga", we will get to see how our TinyGo programs can extend out further into the real world, by connecting to Wireless Local Area Networks (WLAN) using several different wireless chips such as the popular ESP-32.</p> - - Ron Evans - - - - - Slides - Repo - TinyGo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:05 - 00:35 - D.go - go_finite_automata - Fun with Finite Automata - Optimising the Go regexp package - Go - devroom - - <p>The Go regexp package is an extremely competent piece of engineering, with attractive features such as being guaranteed to run in time linear in the size of the input. -However, it can be made to go faster.</p> - -<p>This talk will describe:</p> - -<ul> -<li>how Go regexp works</li> -<li>five changes that improve regexp performance</li> -<li>the basic profiling techniques used to identify these optimisations</li> -<li>further opportunities for optimisation, including via Generics.</li> -</ul> - - - - Bryan Boreham - - - Fun with Finite Automata - - - Go rexexp code for you to to try out the optimisations. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:40 - 00:35 - D.go - go_log4shell - Fuzzy generics - Several months of using 1.18 features - Go - devroom - - <p>Several months ago, a new project was started: FerretDB, an open-source alternative to MongoDB. It is a proxy between MongoDB clients/driver and PostgreSQL, developed in Go. Since the very first commit, it used a version of Go which soon will be released as Go 1.18. The two biggest reasons for that were first-class support for type parameters (generics) and fuzzing. In my talk, I will cover both of them: how they work in theory and our practice, how they were useful for us (spoiler: very useful), and what are their downsides and gotchas.</p> - - - Alexey Palazhchenko - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:15 - 00:35 - D.go - go_json - JSON Serialization - The Fine Print - A journey of JSON serialization - Go - devroom - - <p>We'll look into JSON serialztion, starting from the easy cases and moving toward more advanced ones.</p> - <p>A quiz! Consider the following code:</p> - -<pre><code>a := 1 -data, _ := json.Marshal(a) -var b interface{} -json.Unmarshal(data, &amp;b) -fmt.Println(a == b) -</code></pre> - -<p>What will be printed? And why it's "1 1 false"? :)</p> - -<p>We all work with JSON, and even though it's a simple format, there are several sharp edges you should should avoid. -In this talk, we'll journey from the common well lit areas of JSON serialization and end in some darker corners. I hope you'll enjoy the ride.</p> - - Miki Tebeka - - - - - - Slide & code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:50 - 00:35 - D.go - go_why_embedded - Why your next embedded project should be written in Go - Confessions of a recovering C developer - Go - devroom - - <p>The Go ecosystem has established itself as the language of choice for many cloud and server software. We present arguments that Go is also uniquely suited to thrive for Linux-based embedded development. We present our case in the context of the SysOTA and NetOTA projects</p> - - - Zygmunt Krynicki - - - - - - SysOTA repository - NetOTA repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:25 - 00:35 - D.go - go_state_of_go - The State of Go - What's new in Go 1.17 and 1.18 - Go - devroom - - <p>Go 1.18 is planned to be released in February 2022 and this talk covers what's coming up with it.</p> - -<p>We'll talk about new features and fixes in Go, new proposals for Go 2. All of the new things you might have missed.</p> - -<p>This has been a staple talk of the Go devroom, opening the stage every year, and has always been a successful one.</p> - - - Maartje Eyskens - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:05 - D.trusted-hardware - tee_welcome - Opening - Welcome, overview, lineup - Hardware-Aided Trusted Computing - devroom - - <p>A brief introduction to the room and to the sessions.</p> - <p>This year's TEE devroom will again be a full-day virtual event with an impressive lineup! The day will be roughly divided into session blocks grouping related talks as follows:</p> - -<h2>10h00-12h25: TEE attacks, defenses, and enclave shielding runtimes</h2> - -<p>featuring an enclave exploit analysis, Guardian, Gramine, Enarx, and Veracruz</p> - -<h2>13h25-14h40: Emerging TEEs and best practices</h2> - -<p>featuring logging in confidential computing, secure boot, and ARM CCA</p> - -<h2>14h55-16h10: OS and and page-based isolation</h2> - -<p>featuring FlexOS, Intravisor, and EDP for AWS Nitro</p> - -<h2>16h30-17h30: Wrap up and discussion on process-based abstractions for VM-based environments</h2> - -<p>we wrap up the day with a live presentation and a following discussion</p> - - Vasily A. Sartakov - Jo Van Bulck - Fritz Alder - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:25 - D.trusted-hardware - tee_sgx_analysis - SGX Enclave Exploit Analysis and Considerations for Defensive SGX Programming - - Hardware-Aided Trusted Computing - devroom - - <p>Intel SGX provided a mechanism to better isolate user-level software from attackers. However, attackers will still use various methods to attack SGX and user’s Enclaves. And user’s code inside Enclave may also have bugs, which can be leveraged by the attackers. We are from intel SGX SDK team, we have conducted security analysis and pen-test for SGX Enclave (based on SGX SDK) during the past 10+ years. We want to summarize some past exploits we encountered in our daily work and what's the mitigation, hope it can help the Enclave developers to write more secure Enclave code.</p> - <p>Target topics category: -TEE-specific attacks and defenses (vulnerabilities, exploits, defensive programming)</p> - -<p>Purpose: -Explain the Security Properties of Intel® SGX Technology. -Help Enclave Developers write more secure code within an enclave. -Analyze a sampling of enclave defense-in-depth strategies and protections against known attacks.</p> - -<p>SGX Enclave Security and Challenge: -Code running within the enclave must be written securely. -Poorly written code may be subject to attack by various methods. -Developers must also be aware of potential side-channel attacks on code.</p> - - Shunda Zhang - - - Considerations for defensive SGX programming PDF - - - Intel SGX SDK - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:25 - D.trusted-hardware - tee_gramine - Gramine Library OS - Overview, current state and future plans - Hardware-Aided Trusted Computing - devroom - - <p>Gramine (formerly called "Graphene") is a lightweight library OS, designed to run a single Linux application in an isolated environment. Currently, Gramine runs on Linux and Intel SGX enclaves on Linux platforms. With Intel SGX support, Gramine can secure a critical application in a hardware-encrypted memory region and protect the application from a malicious system stack with minimal porting effort ("lift and shift" approach).</p> - -<p>Several major events happened to the Gramine project in 2021. Gramine changed its name, moved to a new GitHub repository, and joined Confidential Computing Consortium. The first production-ready release of Gramine -- v1.0 -- was published in October 2021. This talk will discuss all these events, as well as the current status of the project and its future plans.</p> - - - Dmitrii Kuvaiskii - - - - - Gramine GitHub organization - Gramine official web-site - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:55 - 00:25 - D.trusted-hardware - tee_enarx - WebAssembly + Confidential Computing - Enarx first release brings WebAssembly to Confidential Computing - Hardware-Aided Trusted Computing - devroom - - <p>The Enarx project reached a huge milestone: its first official release, featuring WebAssembly runtime. WebAssembly and Confidential Computing are a great match because WebAssembly offers developers a wide range of language choices, it works across silicon architectures, and it provides a sandboxed environment. This presentation will highlight the benefits of WebAssembly to Confidential Computing and showcase some demos.</p> - <p>After 3 years since its inception, the Enarx project finally had its first official release, bringing WebAssembly to Confidential Computing.</p> - -<p>Enarx is a deployment framework for running applications in TEE instances – which we refer to as “Keeps” – without the need to trust lots of dependencies, without the need to rewrite the application, and without the need to implement attestation separately.</p> - -<p>The WebAssembly runtime, based on wasmtime, offers developers a wide range of language choices for implementation, including Rust, C, and C++. It is designed to work across silicon architectures transparently to the user so that the application can run equally simple on Intel platforms (SGX or the recently-announced TDX), AMD platforms (SEV) or forthcoming platforms such as Arms’ Realms and IBM’s PEF - all without having to recompile the application code. WebAssembly's sandbox model offers an extra layer of protection, isolating the application from the host.</p> - - Nick Vidal - - - - - Website - GitHub - Chat - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:15 - D.trusted-hardware - tee_break1 - Short break - 15 minutes - Hardware-Aided Trusted Computing - devroom - - <p>Short break.</p> - - - Fritz Alder - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 00:25 - D.trusted-hardware - tee_veracruz - Privacy-preserving video object detection in WebAssembly inside Veracruz - - Hardware-Aided Trusted Computing - devroom - - <p>Veracruz is a framework for designing and deploying privacy-preserving computations amongst a group of mutually mistrusting individuals. Veracruz uses strong isolation technologies, such as AWS Nitro Enclaves, Arm CCA Realms, and the high-assurance seL4 hypervisor, to provide a safe, neutral ground, within which a sandboxed WebAssembly program executes. -Recent enhancements to Veracruz have made it possible to support larger, more complex privacy-preserving computations: we have adopted the WebAssembly System Interface (WASI) as our programming model, which can be used by executing WebAssembly programs to query and modify an efficient in-memory filesystem, for example. -In this talk, I will first introduce Veracruz before finally focusing on a real-world use-case for Veracruz, in privacy-preserving video object detection, developed as part of a collaboration between the Veracruz team and IOTEX, a manufacturer of IoT cameras.</p> - - - Guilhem Bryant - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:25 - D.trusted-hardware - tee_guardian - Symbolic Validation of SGX enclaves using Guardian - Avoid known enclave vulnerabilities by automatically checking for orderliness​ - Hardware-Aided Trusted Computing - devroom - - <p>The confidentiality and integrity guarantees offered by Intel SGX enclaves can be easily thwarted if the enclave has not been properly designed. Its interface with the untrusted software stack is a perhaps the largest attack surface that adversaries can exploit; unintended interactions with untrusted code can expose the enclave to memory corruption attacks, for instance.</p> - -<p>We have proposed a notion, called orderliness, that embodies good practice set out by academic papers and the principles of the Intel SGX SDK’s programming model. It is concerned especially with these interactions between the trusted and untrusted worlds. This notion underpins Guardian: an open-source tool that we have created to help enclave developers check their enclaves are orderly before they are deployed. It automatically validates enclaves and reports violations to our notion of orderliness. These violations help find parts of their code that may need changing – they should usually point to an attack primitive.</p> - -<p>We have found some security issues in enclaves that had been extensively vetted by other researchers – one of which was crafted by Intel engineers.</p> - <p>Modern processors can offer hardware primitives that allow a process to run in isolation. These primitives implement a trusted execution environment (TEE) in which a program can run in such a way that the integrity and confidentiality of its execution are guaranteed. Intel's Software Guard eXtensions (SGX) is an example of such primitives and its isolated processes are called enclaves. These guarantees, however, can be easily undermined if the enclave has not been properly designed.</p> - -<p>We propose a notion of an orderly enclave that splits the enclave’s behaviour into the following execution phases: entry, secure, ocall, and exit. Each of them imposes a set of restrictions that enforce a particular policy of access to untrusted memory and, in some cases, sanitisation conditions. A violation of these policies and conditions might indicate an undesired interaction with untrusted data/code or a lack of sanitisation, both of which can be harnessed to perpetrate attacks against the enclave. We also introduce Guardian: an open-source tool that uses symbolic execution to carry out the validation of an enclave against our notion of an orderly enclave; in this process, it also looks for some other typical attack primitives. We discuss how our approach can prevent and flag enclave vulnerabilities that have been identified in the literature. Moreover, we have evaluated how our approach fares in the analysis of some enclave samples. In this process, Guardian identified some previously undetected security issues in some of these samples. These were subsequently acknowledged and fixed by the corresponding maintainers.</p> - - Pedro Antonino - Wojciech Aleksander Woloszyn - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:25 - 01:00 - D.trusted-hardware - tee_lunch - Lunch break - 1 hour - Hardware-Aided Trusted Computing - devroom - - <p>Lunch break</p> - - - Fritz Alder - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:25 - 00:25 - D.trusted-hardware - tee_logging - Logging, debugging and error management in Confidential Computing - Challenges around maintaining confidentiality and integrity when logging - Hardware-Aided Trusted Computing - devroom - - <p>Debugging applications is an important part of the development process. However, error messages and general logging can leak sensitive data, and in some cases even compromise your whole stack, as developers worldwide have recently learned from the log4j vulnerability.</p> - -<p>With Confidential Computing, the world gets much more complicated, as every piece of information that a malicious entity on the host (including the host itself!) can gather may be leaking vital information about your workload. This talk details some of the problems that arise, and discusses some options to address them whilst considering real life workloads and application lifecycles.</p> - <p>Log entries and other error messages can be very useful, but they can also provide information to other parties - sometimes information which you’d prefer they didn’t have. This is particularly true when you are thinking about Confidential Computing: running applications or workloads in environments where you really want to protect the confidentiality and integrity of your application and its data.</p> - -<p>This talk examines some of the issues that we need to consider when designing Confidential Computing frameworks, the applications we run in them, and their operations. Designers and architects of the TEE infrastructure and even, to a lesser extent, of potential workloads themselves, need to consider very carefully the impact of host gaining access to messages associated with the workload and the infrastructure components. It is, realistically, infeasible to restrict all communication to levels appropriate for deployment, so it is recommended that various profiles are created which can be applied to different stages of a deployment, and whose use is carefully monitored, logged (!) and controlled by process.</p> - - Mike Bursell - - - - - Confidential Computing: logging and debugging - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:25 - D.trusted-hardware - tee_oniro - Secure boot, TEEs, different OSes and more - Making sense of the trusted computing landscape in Eclipse Oniro embedded distribution - Hardware-Aided Trusted Computing - devroom - - <p>In this talk Marta is going to present a map of the trusted computing -landscape, explaining different types hardware support. She is going -to put it in a context of implementing secure boot and trusted execution -in an embedded distribution, namely Yocto-based Eclipse Oniro project.</p> - <p>The trusted computing landscape could be hard to understand for newcomers. -Just at the beginning, they encounter a number of abbreviations like TEE, -OPTEE, SEV, TF-A, TF-M and many more.</p> - -<p>In this talk Marta is going to present a map of those technologies, illustrate -how they are (or are expected to) be used, which market needs they address. -She will show how they could be implemented in practice in an embedded -distribution. The example will be the secure boot work in the Eclipse Oniro -project, an embedded multi-OS distribution for Internet of Things (IOT) -devices. The multi-OS specificity of Oniro will be used how the trusted -computing technologies compare on different types of processors running -Linux and Zephyr, with different security hardware support.</p> - - Marta Rybczynska - - - Slides for the talk - - - A previous presentation covering the more general topic of security in the distribution at Embedded Linux Conference 2021 - Oniro project and its security tooling - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:15 - 00:25 - D.trusted-hardware - tee_arm_cca - Arm CCA enablement through the Trusted Firmware community project - - Hardware-Aided Trusted Computing - devroom - - <p>The Arm Confidential Compute Architecture (CCA) is an extension of the Armv9 architecture designed to provide confidential computing in standardised and scalable way. CCA builds on existing principles built for TrustZone and virtualization to create a scalable and secure solution. CCA places requirements on hardware and firmware, which together provide the trusted computing base for a new class of secure execution environment that we call a Realm. Trusted Firmware is the key community project that provides a reference implementation of open source Secure firmware for Arm-based processors. This talk briefly introduce Arm CCA and illustrate how Arm plans to develop and enable it in the open by leveraging the community effort that drives Trusted Firmware as open-source project.</p> - - - Charles Garcia-Tobin - Matteo Carlini - - - - - TrustedFirmware.org - Arm CCA specifications - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:15 - D.trusted-hardware - tee_break2 - Short break - 15 minutes - Hardware-Aided Trusted Computing - devroom - - <p>Short break.</p> - - - Fritz Alder - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:55 - 00:25 - D.trusted-hardware - tee_flexos - Rethinking the OS for Isolation Flexibility with FlexOS - - Hardware-Aided Trusted Computing - devroom - - <p>Operating Systems (OSes) have historically been classified according to their isolation properties: monolithic OSes, microkernels, single-address-space OSes, or unikernels... Decades of experience in research and industry showed that there is no silver bullet and that different use-cases might demand different approaches to optimize safety and performance.</p> - -<p>What if we tried to design an operating system able to be easily reconfigured into any of these points in the OS design space? What if the OS could be a microkernel, a unikernel, or a monolithic OS, at will, and using a wide range of hardware- and software-backed isolation mechanisms?</p> - -<p>In this talk, we will present FlexOS, the result of our recent research work in trying to answer this question. FlexOS is an OS allowing users to easily specialize the safety and isolation strategy of an OS at compilation/deployment time, instead of design time. Depending on the configuration, the same FlexOS code can mimic a microkernel with multiple address-spaces, a single-address-space OS with Intel MPK compartments, or many other OS isolation approaches. We have implemented a prototype of FlexOS on top of Unikraft, a popular library OS framework.</p> - - - Hugo Lefeuvre - - - - - GitHub Organization of FlexOS - Preprint of the FlexOS ASPLOS paper - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:25 - D.trusted-hardware - tee_intravisor - Intravisor -- a hypervisor for fine-grained isolation using CHERI - - Hardware-Aided Trusted Computing - devroom - - <p>Hardware and container virtualisations are the fundamental technologies of modern cloud stacks. While these technologies virtualise different layers of software and hardware, they have one common thing: they are quite inefficient in terms of communication between isolated entities. The isolation relies on MMU and involves a privileged intermediary, which leads to heavy transitions or sharing data at the page granularity. The escape from this trap we see in the hardware capabilities introduced in CHERI. The CHERI architecture efficiently combines hardware memory capabilities with conventional MMU architectures. It gives not only safety to memory pointers, but also provides lightweight isolation mechanisms.</p> - -<p>In this talk, I will present Introvisor, a lightweight hypervisor for microservices. It uses CHERI capabilities for isolation and data sharing, does not require software porting thus compatible with existing software, and provides strong security guarantees.</p> - - - Vasily A. Sartakov - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:25 - D.trusted-hardware - tee_edp_nitro - Developing for the AWS Nitro Enclave Platform - A new Enclave Development Platform (EDP) Target - Hardware-Aided Trusted Computing - devroom - - <p>Intel, AMD, ARM, all have launched their own TEE. Amazon can be added to that list with AWS Nitro, but unlike the others it is not a hardware manufacturer. Instead, it chooses to provides its own abstractions over the platform used. This leads to some interesting characteristics. -The Enclave Development Platform (EDP) is a TEE platform SDK developed by Fortanix. EDP already targeted the Intel SGX platform. Recently we also support the AWS Nitro platform. In this talk we discuss the AWS Nitro platform in detail and interesting design decisions we made for the EDP platform.</p> - <p>In the AWS Nitro architecture, the hypervisor plays a key role. Hardware resources (processor cores and memory) are split off of a parent VM and can be repurposed to run the Nitro enclave. This enclave can be viewed as a separate VM with only processor cores and memory. A hard disk drive is not present, nor can it directly access an Ethernet network. All communication needs to take place over VSOCK to the parent VM. An attestation report can be provided by the hypervisor to ensure that the enclave has been build correctly. -The Enclave Development Platform (EDP) provides a way to easily build Rust applications on top of TEEs. It should be as easy for developers to target TEEs any other modern operating system. Next to Intel SGX, the Nitro platform has been added recently. To target the Nitro platform, EDP reimplements parts of the Rust standard library. It takes care of starting a runner process in the parent VM, forwarding network packets to/from the enclave and providing attestation evidence.</p> - - Raoul Strackx - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:20 - D.trusted-hardware - tee_break3 - Short break - 20 minutes - Hardware-Aided Trusted Computing - devroom - - <p>Short break.</p> - - - Fritz Alder - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 01:00 - D.trusted-hardware - tee_discussion - Process-based abstractions for VM-based environments - - Hardware-Aided Trusted Computing - devroom - - <p>Inaugural secure enclave platforms operate at the single user process level (e.g. SGX), meaning a single address space with potentially multiple threads, with a standard OS outside the enclave responsible for resource management and scheduling. More recent platforms (AMD SEV, Intel TDX, AWS Nitro Enclaves) operate at the VM level. This provides significant new capabilities for multi-process abstractions such as mmap and fork, which will be beneficial for enclavizing legacy software.</p> - -<p>However, taking a VM image and running it in an enclave is not great from a TCB minimization standpoint. For platforms where there's currently no alternative (AMD, AWS), how can we build--with a minimal TCB--an abstraction that's similar to single-process enclaves? Of course you can “just run Linux” with a single process but this again is clearly suboptimal. We'll explore the solution space in this interactive session.</p> - - - Marta Rybczynska - Vasily A. Sartakov - Mike Bursell - Jo Van Bulck - Jethro G. Beekman - Hugo Lefeuvre - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:30 - D.hpc - opensearch_dashboards - Low-code data visualization and aggregation with OpenSearch Dashboards - - HPC, Big Data, and Data Science - devroom - - <p>Working with Big Data means that we need tools to organise and understand the data. And you don’t have to be a developer to search, aggregate and visualise your data. Whether you need an affordable business analytics tool or you want to analyse log data in near real time, OpenSearch can help you. And all of it through a visual interface of OpenSearch Dashboards.</p> - -<p>After listening to this talk you’ll understand the basics of working with an OpenSearch cluster and different use cases it supports. You’ll also learn to create your first search and aggregation query and visualise the outcomes with the help of OpenSearch Dashboards.</p> - -<p>This talk is for those who have little or no previous experience of OpenSearch (and Elasticsearch) and who are looking for solutions for searching, monitoring or data analysis with no coding required.</p> - <p>In this session the audience will get theoretical and a knowledge on what OpenSearch is, which use cases it supports and how the audience can start using it for their data already today. Roles outside of developers are welcome, the information will be presented in uncomplicated terms and we’ll use visualisation tools to create and run requests, so no coding is required.</p> - - Olena Kutsenko - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.hpc - arcon_rust_streaming - Uncovering Arcon: A state-first Rust streaming analytics runtime - - HPC, Big Data, and Data Science - devroom - - <p>In this talk, I will present Arcon, a Rust-native streaming runtime that integrates seamlessly with the Apache Arrow ecosystem. The Arcon philosophy is streaming first, similarly to systems such as Apache Flink and Timely Dataflow. However, unlike all existing systems, Arcon features great flexibility when it comes to its application state. Arcon's TSS query language allows extracting and operating on state snapshots consistently based on application-time constraints and interfacing with other systems for batch and warehouse analytics.</p> - - - Max Meldrum - - - - - Github Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.hpc - batch_proc_data_streaming - Build an Open Source Streaming Data Pipeline - - HPC, Big Data, and Data Science - devroom - - <p>Any conversation about Big Data would be incomplete without talking about Apache Kafka and Apache Flink: the winning open source combination for high-volume streaming data pipelines.</p> - -<p>In this talk we'll explore how moving from long running batches to streaming data changes the game completely. We'll show how to build a streaming data pipeline, starting with Apache Kafka for storing and transmitting high throughput and low latency messages. Then we'll add Apache Flink, a distributed stateful compute engine, to create complex streaming transformations using familiar SQL statements.</p> - -<p>This session is aimed at data professionals, who are ready to embrace open source streaming and make their data fly.</p> - - - Olena Kutsenko - Francesco Tisiot - - - Build an Open Source Data Pipeline - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.hpc - openstack_hpc - Using OpenStack to reduce HPC service complexity - ... no, that is not an oxymoron! - HPC, Big Data, and Data Science - devroom - - <p>Why build #4 on the Green500 using OpenStack? It makes it easier to manage. Cambridge University started using OpenStack in 2015. Since mid 2020, all new hardware is controlled using OpenStack. Compute nodes, GPU nodes, Lustre nodes, Ceph nodes, almost everything. OpenStack allows large baremetal slurm clusters and dedicated TRE (trusted research environments) to share the same images. Is this a cloud native supercomputer?</p> - <p>We will explore how OpenStack is used to manage a supercomputer as a shared pool of hardware resources, that can be partitioned between a multitude of different platforms required by a diverse group of scientists. Ranging from Trusted Research Environments (TREs), on demand dedicated AI platforms, dedicated big data platforms, and to traditional shared Slurm clusters.</p> - -<p>We will focus on providing a range of services from a single shared hardware pool, allowing for the delivery of both on demand interactive compute platforms for STFC's IRIS e-Infrastrcture and Slurm clusters such as the #4 in the Green500, called Wilkes-3: -https://www.top500.org/system/179930/</p> - -<p>This makes use of both OpenStack Ironic, for the baremetal deployment, and on-demand OpenStack KVM powered VMs running Cluster API provisioned Kubernetes, with KubeApps to deploy JuypterHub.</p> - - John Garbutt - - - OpenStack to reduce HPC service complexity - - - OpenStack Kayobe and Kolla-ansible - OpenHPC Slurm Appliance - Azimuth Cloud Portal - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.hpc - containers_hpc - Containers in HPC - State of Containers in HPC - HPC, Big Data, and Data Science - devroom - - <p>This short talk will disect the container ecosystem for HPC in four segments and discusses what to look out for, what is already settled and how to navigate containers in 2022.</p> - - - Christian Kniep - - - Container-in-HPC slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.hpc - managing_cpus_k8s - This is The Way- A Crash Course on the Intricacies of Managing CPUs in K8s - From homogenous single-socket to heterogenous multi-socket clusters - HPC, Big Data, and Data Science - devroom - - <p>Optimizing CPU management improves cluster performance and security, but is daunting to almost everyone. CPU management may seem complex, but it can be explained in such a way that even your inner toddler will comprehend. With this talk, we will give a path to success.</p> - -<p>You may have a multi-socket node cluster where your AI/ML workloads care about the proximity of your CPUs to GPUs. You may be running scientific workloads where you want to pin in cores within containers instead of just a pod level. You may have a single-socket server where you want to save a single core outside of Kubernetes for a daemon dedicated to mining bitcoin, without affecting your other jobs (please do not do this). We will cover these and more, helping you understand the intricacies of CPU management within the kubelet and what Kuberenetes can and cannot currently do. We will also cover how you can help escalate the visibility of use cases not currently covered within Kubernetes.</p> - <p>Many clusters do not have CPU management because it is difficult to do correctly without impacting performance. While there are static and dynamic pinning abilities, we will consolidate the use cases and remove the pain it takes for users to deploy Kubernetes. This talk will help the audience gain an insight into features that can be used for resource management and orchestration of containerized applications with focus on CPU management. Users that have performance sensitive workloads such as AI/ML, Telco, 5G and Networking workloads will benefit from this talk. This talk will also help CTOs, system architects, developers and engineers in their planning to develop, test, or optimize their deployments in a Kubernetes environment. We also hope to use this forum to find other community members with specific needs in our desire to make the kubelet more flexible with regard to CPU management.</p> - - Swati Sehgal - Marlow Weston - - - This is the way: A Crash Course on the Intricacies of Managing CPUs in K8s - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.hpc - spark_mahout_kubeflow_k8s - Making Apache Spark, Apache Mahout, Kubeflow, and Kubernetes Play Nice - - HPC, Big Data, and Data Science - devroom - - <p>Working with big data matrices is challenging, Kubernetes allows users to elastically scale, but can only have a pod as large as a node, which may not be large enough to fit the matrix in memory. While Kubernetes allows for other paradigms on top of it which allows pods to coordinate on individual jobs, setting them up and making them play nice with ML platforms is not straightforward. Using Apache Spark and Apache Mahout we can work with matrices of any dimension and distribute them across an unbounded number of pods/nodes, and we can use Kubeflow to make our work quickly and easily reproducible. In this talk, we’ll discuss how we used Apache Spark and Mahout to denoise DICOM images of lungs of COVID patients and published our Pipeline with Kubeflow to make the process easily repeatable which could help doctors in more resource limited hospitals, as well as other researchers seeking to automate the detection of COVID.</p> - - - Trevor Grant - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:45 - D.infra - cue_pratical_guide - A practical guide to CUE: patterns for everyday use - - Infra Management - devroom - - <p>CUE (https://cuelang.org/) solves a previously unsolved technical problem in the configuration space. It does so by taking a compositional approach that reduces the complexity of managing configuration from a combinatorial problem to a linear problem. CUE is based on 20 years of experience in the field of configuration. Its declarative, aspect-oriented approach is powerful yet simple, making it possible to manage large amounts of configuration data and policies in multiple formats (JSON, YAML, Protocol Buffers, OpenAPI, etc.) with relative ease. -It also makes CUE well suited to a wide range of applications.</p> - -<p>This all sounds great! But for someone new to CUE, it may not be obvious how to get started.</p> - -<p>In this talk, Marcel van Lohuizen and Paul Jolly start with a quick overview of CUE the language, then move on to present practical examples of CUE in action, including common patterns for validation, policy, integration with existing non-CUE configuration and more. Because CUE is new, established patterns are still in the making, but at the very least it will be a reflection of the current thinking.</p> - -<p>No previous experience of CUE required, although familiarity with an existing configuration and data languages will help provide some context to the examples.</p> - - - Marcel van Lohuizen - Paul Jolly - - - A practical guide to CUE: patterns for everyday use - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:45 - D.infra - foreman_katello_leapp_elevate - Migrating Foreman/Katello from EL7 to EL8 using LEAPP/ELevate - - Infra Management - devroom - - <p>With the Foreman Project dropping support for EL7 in Foreman 3.3 (~Summer 2022), it's finally time to tackle that migration to EL8 you have been putting off for a while now. -In this session we will present various ways how you can migrate your installation from EL7 to EL8, with the main focus on the in-place upgrade using LEAPP/ELevate.</p> - -<p>The Foreman Project is planning to <a href="https://community.theforeman.org/t/deprecation-plans-for-foreman-on-el7-debian-10-and-ubuntu-18-04/25008">drop support for EL7-based deployments in Foreman 3.3</a>, mostly due to the fact that EL7 is considered "feature complete" and there are no further updates (besides security fixes) planned for it. -Contrary to <a href="https://www.debian.org/releases/stable/amd64/release-notes/ch-upgrading.en.html">Debian</a> or <a href="https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/">Fedora</a>, EL-based distributions aren't designed to be upgraded in-place without special tooling. This tooling exists in form of the <a href="https://leapp.readthedocs.io/en/latest/">LEAPP project</a> for RHEL and the <a href="https://almalinux.org/elevate">ELevate</a> fork by AlmaLinux for AlmaLinux, CentOS, Rocky Linux, and Oracle Linux. -We have developed a plugin for LEAPP that helps with the Foreman-specific parts of the migration, which we would like to present to you. As usual, there were a few challenges during the development, which will hopefully entertain you and maybe even help if you need to write own LEAPP plugins. -And last but not least, we will also discuss other approaches you can take for the migration, if you do not want to upgrade in-place.</p> - - - Evgeni Golov - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - LEAPP project - ELevate - ELevate quickstart guide - Foreman/Katello/Satellite Actor PR for LEAPP - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:45 - D.infra - ansible_proxmox_rpmbuild - Using Ansible and Proxmox to manage an embedded RPM distro build factory: lessons learned - - Infra Management - devroom - - <p>With redpesk, we provide customers the ability to cross-build an embedded, CentOS Stream-based Linux distribution in the cloud. This requires a significant infrastructure: Koji/RPM builders, Angular-based WebUI, Gitlab forge, network and RPM package dependency management, Qemu test lab management, all need to come together and be connected, in a mix of Qemu virtual machines and LXC containers. Fortunately, Ansible and Proxmox comes to the rescue to manage this complexity.</p> - -<p>In this talk, we'll present our architecture of a self-contained CI/CD environment in the cloud, to cross-build RPM packages and Linux images. We will then dive into the specifics of using Ansible to drive Proxmox and deploy a mix of Packer-built Qemu virtual machines and LXC containers. Those provide a full Koji build system (hub and builders), an Angular frontend, Go backend, a Gitlab forge as well as network isolation/firewalling and a Qemu virtual target lab. -We'll continue with lessons learned from doing these deployments for multiple customers. We will finish describing solutions we are currently working on, like Ansible AWX, to address the challenges of doing it at scale and increase automation.</p> - - - Vincent Rubiolo - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:45 - D.infra - trusted_payload_nomand_waypoint - Running trusted payloads with Nomad and Waypoint - - Infra Management - devroom - - <p>Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages.</p> - -<p>With the the introduction of CI/CD best practices into our day to day workflows we protect ourselves for introducing "bad" code into production and exposing flaws to our (end-)users. But what about influences from bad actors in- and out-side our projects. This talk will focus on the additional steps we can add to our Waypoint build pipelines to also protect ourselves to so called supply chain attacks while running our jobs in Nomad. We ll discuss scanning for vulnerabilities in incoming code, packages and images and signing the content artifacts we trust before exposing them to our users.</p> - - - Bram Vogelaar - - - Running Trusted Payloads with Nomad and Waypoint - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:45 - D.infra - ansible_reporting_ara - Simple (but useful) Ansible reporting with ara - - Infra Management - devroom - - <p>ARA Records Ansible playbooks and makes them easier to understand and troubleshoot. -The author will explain why he created the project back in 2016 and how it might be useful for a wide range of use cases wherever Ansible runs from. -Including a live demo, we'll see how it works under the hood and you can expect to walk away from the presentation with an understanding on how to get started for your own Ansible playbooks within minutes.</p> - -<p>ARA Records Ansible playbook results in local (sqlite) or remote (mysql/postgresql) databases with a regular Ansible callback plugin. It provides an API, a reporting interface as well as a CLI to query, search and browse detailed and granular playbook task results for individual hosts. -Highlighting simplicity as a feature of the project, this presentation will provide examples that are appropriate for use whether Ansible runs from a laptop or at a large scale in production.</p> - - - David Moreau-Simard - - - Simple (but useful) Ansible reporting with ara - - - Source code on GitHub - Website and blog - @RecordsAnsible on Twitter - #ara:libera.chat on Matrix - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:45 - D.infra - flatcar_container_linux - Immutable Infrastructure with Flatcar Container Linux - - Infra Management - devroom - - <p>Flatcar Container Linux is a minimal base OS to run containers. -As a friendly fork of CoreOS Container Linux it continues the project under a new name. -The main features are the A/B partitions for automatic updates and rollbacks, and the integration of Ignition for declarative configuration on first boot. -Declarative configuration is a key element for managing machines following the principle of Immutable Infrastructure, but causes friction if it means that the whole machine has to be reprovisioned for configuration changes. -With Ansible instead of Ignition for the configuration management we can find a compromise by giving up on avoiding configuration drift due to leftovers of old configurations and their side effects. -Out of this experience the idea was born to rerun Ignition on configuration changes. -While the big hammer method is to reformat the filesystem and losing application data, a more fine-grained solution could exist by clearing only parts of the filesystem. -This talk shows how to use Flatcar Container Linux with Terraform, Ignition, and Ansible, and ends with a proof-of-concept demo for Flatcar Container Linux to allow configuration changes through Ignition while avoiding configuration drift.</p> - - - Kai Lüke - - - - - - Flatcar Website - Flatcar Terraform Examples - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:45 - D.infra - openshift_baremetal - Central Infrastructure Management: a user friendly deployment of OpenShift on Bare Metal - - Infra Management - devroom - - <p>The use of Bare Metal to run containerized workload is coming back into popularity. -There are multiple reasons for this increase of interest. First, the rise of big data analytics, high performance computing, machine learning workloads that need high-bandwidth and low latency and sometimes even requires access to special hardware devices like GPUs or DPUs. And at the same time, in the telecommunication space, the 5G networks technology stacks that drive the need for IPv6, SR-IOV, Container Network Functions (CNFs), NUMA topologies, and other innovations in containerized applications on bare metal.</p> - -<p>All of these emphasize the need for the ability to easily create Bare Metal based OpenShift clusters as automatically as possible.</p> - -<p>Central Infrastructure Management (CIM) exposes an intuitive user interface, allowing the infrastructure administrator to define a pool of Bare Metal machines making them available for users to independently create OpenShift clusters from them.</p> - -<p>Assisted Installer is an operator that introduces a new way to deploy a new OpenShift cluster on bare metal basically by only booting the nodes that will be part of the cluster, with an ISO it generates. The Assisted Installer will report inventory, run validations and orchestrate the needed steps based on the user parameters.</p> - -<p>CIM and Assisted Installer are components of Open Cluster Management (OCM), an operator that enables a single OCP cluster to manage a fleet of clusters.</p> - -<p>In this session, you will learn about Central Infrastructure Management and Assisted Installer architecture and its components. We will discuss the installation flow and how the components interact with each other. Finally, we will demonstrate how to build a pool of Bare Metal and install an OpenShift cluster on them via the CIM user interface.</p> - - - Jiří Tomášek - Eran Cohen - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:45 - D.infra - rport_remote_access_management - RPort remote access and remote management - - Infra Management - devroom - - <p>An introduction (live demo with questions and answers) into RPort - a new open-source software for remote access and remote management of heterogeneous it-landscapes. Use the UI, the command line or an REST API to manage servers and desktop efficiently from a central place.</p> - -<p>RPort is a comprehensive solution for remote management of servers and desktop systems. Even if they are behind firewalls, routers and NAT. RPort is built on the client-server principle, clients connect to the server, the management component, using a secure reverse tunnel. Unlike pure SSH, RPort is made for heterogeneous environments (Windows, Linux, macOS) and addresses four basic needs of system administrators: -• Secure remote access from anywhere via tunnels and SSH/RDP/VNC/HTTP and other TCP connections -• Script and command execution on target machines via a central dashboard. -• Automation of recurring tasks such as updates, inventory, configuration and fine-tuning of systems. -• Monitoring and logging system load and resource usage.</p> - -<p>With RPort, a complete IT infrastructure with Windows, Linux and macOS systems can be managed via command line or a convenient web-based, central dashboard. The server component can be self-hosted or deployed in minutes using the automated installer provided by RPort. -RPort is released under the MIT open-source license.</p> - - - tkramm - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 12:15 - 00:15 - D.javascript - javascript_welcome_day_1 - JavaScript welcome session - day #1 - - JavaScript - devroom - - <p>A short introduction about JavaScript Devroom with some interesting resources about JavaScript and a presentation about this special day for the FOSDEM JS Devroom.</p> - - - Ludovic Gasc - Fabien Benetou (@Utopiah) - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.javascript - technology_kits_choices - Technology kits (choices) that enable to consistently deliver high quality frontend solutions at speed - - JavaScript - devroom - - <p>Did you face the difficulty of choosing a right architecture solution for a specific project or a client while considering their “rather” complex environment? Do you feel like you need to change your tech stack continuously?</p> - -<p>If the answer is yes to both of the questions, join my talk about the solutions I’ve found so we can ca discuss your best practice as well.</p> - -<p>Accelerators (technology kits) are opinionated yet pragmatic that I’ve identified and tested on the projects in production. -They allow me to go faster on delivering high-quality code with an easy to master architecture, to on-board other team members on the project and increase their productivity without reinventing everything from scratch.</p> - -<p>We will discuss about the main JS frameworks (Vue.js, React, Svelte, Angular) and their meta-framework (why use them?), the state management (local and server state), the accessibility (how to integrate it from the beginning?), the testing and styling (CSS, SCSS, CSS-In-JS, Tailwind, which one to choose?).</p> - -<p>Of course, take everything that will be said in this talk as an opinion, not as an absolute word because there is only one way to develop.</p> - -<p>Be ready to share your tips during Q&amp;A session.</p> - - - Boubacar Siddighi BARRY - - - Content - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 01:00 - D.javascript - destructuring_frontend_monoliths_with_microfrontends - Destructuring Frontend monoliths with MicroFrontends - - JavaScript - devroom - - <p>From loading Ajax requests in browsers to have full-blown frameworks; Javascript has come a long way. While moving stuff from backend to frontend the problems of backend are also ported. The Bigger the code gets bigger the problems, more dependencies, harder maintainability, eventually all the problems of a huge monolith. -With MicroFrontends, we can break this monolith into smaller independent, maintainable apps. -Sounds good? Let’s see how in this talk.</p> - <p>In the modern app architecture, Frontend contributes a major chunk of the setup, most of the business logic is housed in the Frontend. Over time Frontend app becomes a huge monolith, harder to maintain, trickier to add new features, and so on. With Microfrontends we break this monolith into smaller independent apps. These apps are developed independently but stitched as a SPA on the fly with all the goodies of client-side javascript. This has been done traditionally with several approaches, but with Webpack 5 we now have Module Federation, which opens the door for seamless MicroFrontend integrations. -In this talk, we will discuss the Microfrontends architecture pattern, how to destructure an existing monolith into MicroFrontends with help of Module Federation from Webpack 5. By the end of this talk, the attendees will be having a new vision of how they architect their Frontends.</p> - - Trishul Goel - - - - - Previous talks - Slides for MicroFrontends talk - MicroFrontends demo - Module Federation examples - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.javascript - behavior_graph - Behavior Graph - A proven architecture for complex applications - JavaScript - devroom - - <p>Behavior Graph is a software architecture and state management library. It greatly enhances your ability to write complex user facing software and control systems.</p> - -<p>Broadly speaking, it belongs to the category of libraries which includes Redux, MobX, Rx (Reactive Extensions), and XState.</p> - -<p>It works by providing a new unit of composition which we call the behavior. Behaviors are simple blocks of code together with their dependency relationships.</p> - -<p>We developed Behavior Graph to address our own complexity challenges while building an iOS video playing library which is used internally throughout the suite of native Yahoo mobile apps. After years of development and production usage, it has proven to be incredibly competent at scale.</p> - -<p>We have since ported it to multiple languages including Javascript/Typescript. It is less than 1500 lines of code and contains no external dependencies.</p> - -<p>Behavior Graph should appeal to anyone with an interest in software architectures and willingness to rethink how we write software applications.</p> - <p>Behavior Graph makes the dependency relationships between blocks of code its primary responsibility. We believe these relationships are the main source of complexity in most applications. Behavior Graph asks programmers to explicitly declare these dependency relationships. In exchange, it ensures that blocks of code are run at the correct time and in the correct order. As a result, the programmer is freed to reason locally about contained units of functionality, while the computer takes on the increasing complexity burden as an application grows in size.</p> - -<p>In the presentation we will introduce the primary abstractions provided by Behavior Graph. We will do this by working through a simple example of how the library works with code samples. Then we will show how these pieces hold together as an architecture.</p> - -<p>We will briefly touch on how it compares to similarly positioned libraries. Finally we will look at the current state of the library and a roadmap for the future.</p> - - Sean Levin - - - - - Github - NPM - Intro - Programming Guide - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.javascript - metaverse - Can JS also build the metaverse? - How Javascript can be used to build linked social WebXR applications - JavaScript - devroom - - <p>We keep on hearing about the metaverse but what is it and more importantly, can JS be used to build it?</p> - -<p>We'll briefly clarify what the metaverse is and give practical examples today with federated virtual reality servers managed by different persons.</p> - <p>Behind the buzzword from Facebook/Meta there is a truly interesting concept : connecting virtual worlds!</p> - -<p>To do so there is no need to be one of the largest advertising company. In fact there are several solutions working today allowing to navigate from 3D or VR web pages and even keep information across, like a profile. During this presentation we will explore the WebXR specifications, in particular links between pages, and test an implementation running today named ImmersSpace based on Mozilla Hubs and ActivityPub.</p> - - Fabien Benetou (@Utopiah) - - - - - Immers client documentation - Mozilla Hubs - ActivityPub - Video on installing Hubs on Digital Ocean - Documentation on installing Immers for Hubs - W3C WebVR 2016 workshop notes on link traversal - Using VR to manage notes - AFrameVR framework - ThreeJS framework - Connectivity in the metaverse - Wolvic WebXR browser - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.javascript - rapid_prototyping_physical_interfaces_with_web_serial_and_cheap_mcus - Rapid Prototyping Physical Interfaces with Web Serial and Cheap MCUs. - Quickly and cheaply doing design discovery and prototype development with only a web browser - JavaScript - devroom - - <p>(With a $4 microcontroller to build fun, accessible, and unique forms of interaction)</p> - -<p>The magic of computers and smartphones is the fact that they provide a very malleable interface - the screen. Without having to manufacture extra parts for every new application, this is a massive time and cost saving for engineers. However, this comes at a cost of accessibility and usability, as well as diminishing the physical connection one might have to the device they are using. Physical interfaces are now much easier to develop, and can even be constructed by the end user, since MCUs are now very cheap and readily available, along with lots of modular parts to construct interfaces with. Web Serial provides the added benefit of being able to use the highly distributed and easy to code with JavaScript / Web platform with these MCUs. This means rapid prototyping can be performed, along with user testing, very easily, making it much cheaper and faster to reach an end product. This talk intends to demonstrate some basic examples along with some steps to getting a process together yourself.</p> - <ul> -<li>Introduction to Web Serial API</li> -<li>An overview of the MCU market today</li> -<li>Demonstrations of some homemade physical interfaces for web applications</li> -<li>How to set up a basic web app using web serial</li> -<li>Overview of reading values from a physical input component through a circuit and converting it to serial data</li> -<li>Using browser-based circuit design tools for safe pre-breadboard experimentation using Wokwi and CircuitJS</li> -<li>Building a simple physical input, through to reading the data into the web application</li> -<li>Ideas for potential tangible user interfaces, summary, questions.</li> -</ul> - - - Louis Foster - - - - - Drohen Github - Code for this talk - Google Chrome - Serial Communication Wikipedia - MDN Browser Documentation - Project Fugu - CircuitJS - Web Serial API example project - Paddle controller challenge - Web Serial API subreddit - Web Serial API Awesome List - https://pocketmechatronics.com/posts/better-prototyping-with-web-serial-raspberry-pico/ - https://pocketmechatronics.com/posts/reflection-2-components-1-week/ - $1 microcontrollers - 0.03c microcontrollers - Raspberry Pi Pico - Wiring - Processing - Micropython - Espruino - Kaluma - Wokwi - Kaluma blank project - Glitch - blank web app - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.javascript - bridging_the_gap_between_jamstack_and_big_data - Bridging the Gap between Jamstack and Big Data - - JavaScript - devroom - - <p>I want to explain how to build data-intensive Jamstack apps with outstanding performance, low costs, and scalability while having great developer experience.</p> - <p>It's been 15 years since the quote “Data is the new oil” was coined, and Jamstack is here for more than 6 years already. Yet, there's no straightforward way to build a data-intensive app with outstanding performance, low costs, and scalability while having great developer experience. Oh, really? In this talk, I'll show how you can build a lightning-fast Jamstack app that works with massive loads of data with open-source tools and having lots of fun.</p> - - Igor Lukanin - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.javascript - accessibility_testing_with_html_validate - Accessibility testing with HTML-Validate - - JavaScript - devroom - - <p>The hows and whys of using HTML-validate to automate accessibility testing for SPA.</p> - - - David Sveningsson - - - - - Project website - Git source - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.javascript - e2e_testing_with_microsoft_playwright - E2E testing with Microsoft Playwright - - JavaScript - devroom - - <p>Automated browser end-to-end testing is a powerful technique to ensure your web UI and backend work together nicely. In this talk, we show how we've leveraged Microsoft's Playwright library to refactor our test suite, enhance productivity and code quality.</p> - <p>At ownCloud, we pride ourselves in shipping well-tested code. Besides the typical unit- and integration-tests, we use automated browser/end-to-end tests for our new web frontend, which is supported both by our "ownCloud classic" backend as well as developed alongside our new generation "ownCloud Infinite Scale" backend.</p> - -<p>Confronted with a flaky and complex continuous integration suite of end-to-end tests that was not actively maintained, hard to reason about (as well as sub-optimally documented due to the original creators leaving the project and running for, well, "longer than acceptable"), we opted to switch from Selenium/Nightwatch to Microsoft's Playwright (playwright.dev).</p> - -<p>Tune in for this talk when we show how our test suite evolved over time, listen to our reasoning about the technological switch, and also learn from the mistakes we made and best practices we extracted into practical examples.</p> - - Florian Schade - - - - - - ownCloud Web - ownCloud Infinite Scale - ownCloud Core - Microsoft Playwright - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.javascript - search_and_aggregations_made_easy_with_nodejs_and_opensearch - Search and aggregations made easy with NodeJS and OpenSearch - - JavaScript - devroom - - <p>Learn how OpenSearch works and get equipped with practical knowledge to search, aggregate and visualise your data.</p> - -<p>This is a hands-on session where we will use JavaScript to interact with the OpenSearch cluster - create an index, add documents, search and aggregate data. At the end we’ll visualise results with OpenSearch Dashboards.</p> - -<p>JavaScript engineers who are ready to add search and aggregation features to their applications should attend this session; no previous knowledge of OpenSearch is required.</p> - <p>In this session the audience will get both theoretical and practical knowledge on what OpenSearch is and how they can work with it by using its NodeJS client. This is a hands-on session where the audience is invited to follow along.</p> - -<p>There will be an accompanying GitHub repository to allow the audience to follow me during or after the lecture.</p> - -<p>References to old talks:</p> - -<p>I’ve already run a similar session at AWS Community Day, added its link to the list of links. However, I will modify and improve the content based on the learnings from the previous session. So the content will not be the same.</p> - -<p>Audience:</p> - -<p>Javascript Developers with no or little knowledge on Opensearch or Elasticsearch.</p> - - Olena Kutsenko - - - - - Example of my talk on a similar topic - Slides from my talk performed for a similar topic - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 13:00 - 00:30 - D.legal - teachingoss - How to teach OSS licenses and compliances at a university - how to teach to the students with some of the use cases - Legal and Policy Issues - devroom - - <p>I have started to teach OSS licences and compliances at a Japanese university since last year. it was difficult to teach OSS licences and compliances because I should have shown many of use cases so that the students could learn what the licences and compliance are and more, they even didn't know how to deal with ordinal software licenses. So, I had to talk many of the background knowledges to the students as an 'introduction' so that students could understand the OSS licences with compliances with ease. Fortunately, there were good feedbacks from the students, though, I need to improve my lecture more gathering more use cases etc. -I will give a talk my experiences there at the university and discuss how to improve my lecture to teach such 'licences and compliances' to students. the feedbacks/ideas for my talk are really welcome!</p> - -<p>I will give a talk</p> - <h1>The opportunities to teach OSS licenses and compliances</h1> - -<ol> -<li>increase the incidents of OSS licenses violation</li> -<li>keep compliances not to violate OSS licenses</li> -<li>respect the authors and keep the licenses rules.</li> -<li>reinventing of the wheel with compliances</li> -</ol> - - -<h2>the Difficulties to teach several OSS licenses</h2> - -<ol> -<li>the difficulties for students to read several OSS license descriptions directly, really complex for them, especially GPL licenses.</li> -<li>need to gather many of the incidents of OSS licenses violation.</li> -<li>need to prepare good quiz(exam) so that students could understand with ease.</li> -</ol> - - -<h2>the lecture last year</h2> - -<ol> -<li>why the University needs the lecture</li> -<li>the trial and error for the students</li> -<li>the advice from the staff at the university</li> -<li>the feedbacks from the students</li> -</ol> - - -<h2>the lecture coming next year</h2> - -<ol> -<li>gather more incidents to check</li> -<li>looking into the incidents more - deep-diving for the practice.</li> -<li>looking into new OSS licenses for DX</li> -<li>any ideas...welcome!</li> -</ol> - - - Masafumi Ohta - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.legal - dma - An update on the Digital Markets Act - The new European rules for online competition - Legal and Policy Issues - devroom - - <p>Last year we introduced the reasons and the plans for the new Digital Markets Act of the European Union, regulating online markets to further more competition with the dominant gatekeepers. In 2021, the act was discussed and finally voted by the European Parliament, which expanded many of its provisions and strengthened the new rules. In 2022, the act will be negotiated again with member States and then, possibly, finally approved by the Parliament. In this update we will explain in details what has changed and where we are.</p> - <p>The Digital Markets Act introduces rules for "gatekeeper" digital companies, defining how to recognize them and setting obligations for them to fulfil. These obligations generally affect their business practices, such as the terms and conditions that they impose onto their business users and the consumers; the way they enter new markets and exploit their strength to conquer them; the opportunities that are left for users to choose competing services or move out of the walled gardens. Principles like unbundling and interoperability have been recognized as useful tools to promote competition.</p> - -<p>It is still to be understood whether all these obligations will survive the negotiation phases and will be confirmed in the final act. However, discussions are also starting on how some of these new provisions may be implemented, and how to define the details and the technical standards. The talk will present the current situation and solicit feedback and comments from the community.</p> - - Vittorio Bertola - - - Slides for the talk - - - Last year's talk on this subject - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.legal - intlarbitration - A globally unified governance framework for Open Source - International arbitration to harmonize the security provisions of sovereign states and Open Source? Learning from the Java Virtual Machine, Ceph and abstraction layers - Legal and Policy Issues - devroom - - <p>Differentiating between architectural flaws and bugs in socio-technical systems: Open Source is no legal term or a political institution in dominant sovereign state systems, making it vague and interpretable in different contexts. However, it is a fundamental institution in security provisions in today's socio-technical societies. But it remains impossible to harmonize the transnational Open Source system with sovereign systems: both cannot be clearly mapped to each other. Yet, international arbitration provides a type of remedy that already exists in software development, illustrating how a shift from just fighting bugs to mitigating architectural flaws can look like.</p> - <p>Initially, the Internet imitated the institutions of the social world despite their limited eligibility (such as "emails" with their complex and vulnerable architecture). Today, societies are socio-technical without delimitable transitions between technology/Internet and society. Societies have started to adapt to and integrate the possibilities the code provides, no longer vice versa. Sovereign state systems early found their limitations in tackling the resulting challenges. However, software development had already to manage comparable issues. The Java Virtual Machine and Ceph are two of many examples: another abstraction layer can create flexibility, simplification and unification on top of different systems.</p> - -<p>International arbitration could offer Open Source a transnational and globally-unified framework, enshrined in an arbitration agreement: embedded in a dedicated organization in an eligible legal system to facilitate the conduct of organizations and communities on which code and the Internet depend.</p> - -<p>Open source and its related institutions are already the core element of a transnational separation of powers, which is based upon competition: public processes &amp; public code in conjunction with distribution (of development, code, review &amp; testing) enable forking (to avoid monopolies and irrevocable consolidation of powers at one place). Reflecting the software engineering concept "secure by design", Open Source has created a "socio-technical system secure by design" because it avoids single points of failure both in social and technical realms: it does not relate governance to centralization but to distribution. Indeed, if issues like the 2020 Solarwinds Hack would spread in deployed Linux kernels, this could have unprecedented consequences far beyond the technical realms. However, Open Source and its institutions remain capable of providing sufficient security and deterrence. There is much more behind Open Source than just open/public code.</p> - -<p>The increasing use and consolidation of IT in governments may break the traditional separations of powers and does not provide the "security by design" of Open Source institutions if applied to socio-technical systems. Indeed, if one administrator and his password in one consolidated IT department can manipulate the databases used in executive, legislative and judiciary operations, new risks can arise. The system around Open Source already contributes to the security provision of and on the Internet and thus, indirectly to the overall security provision of people and entities that depend on the Internet: it facilitates security in socio-technical societies.</p> - -<p>If it proves eligible, enshrining the relevant (and legally implementable) Open Source institutions in an arbitration agreement may result in an compatible abstraction layer on top of the traditional state systems. Complementary, this abstraction layer may facilitate to release traditional systems from tackling issues they simply cannot tackle without softening and blurring their own institutional architecture. It may turn antagonism into symbiosis.</p> - -<p>However, Facebook's Libra indicates the complexity (but also the possibility) of creating such "implicit legal" ventures (in Switzerland). It also indicates that Switzerland could possibly enable the fusion of an international arbitration body (through its "international private law") with an open/public/distributed but regulable cryptocurrency to facilitate not just the (Open) Source but also (open) exchange within one globally unified system.</p> - -<p>Although they will be critical and challenging for any international arbitration approach, legal patent- and license-related questions are not considered in this lecture.</p> - -<p>This lecture is derived from the perspective of the field of international relations. It illustrates the role of Open Source in contemporary security provisions (next to and in interaction with sovereign states' security provisions for citizens) and it aims to put alternative (types of) approaches with and around Open Source into discussion.</p> - - Christopher Klooz - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.legal - pandemicnowin - Why the pandemic could help FOSS, but was a win for proprietary software - - Legal and Policy Issues - devroom - - <p>During the pandemic we have experienced a sudden growth of remote activities, with people working and studying from home. Most proprietary solutions were not suited for the task, as they were not compliant with GDPR, as they were profiling users beyond the provided service, and in many cases could not guarantee that end user data were maintained within Europe acconrding to EU legislations. Unfortunately, EU governments ignored the situation and signed contracts with big techs for remote work and remote teaching, exposing the personal information of million of EU citizens - the majority of them being students - to unauthorized practices. OSS could be the answer, but was ignored because there wasn't enough time to deploy appropriate solutions. The talk tries to provide a different perspective.</p> - - - Italo Vignoli - - - Why the pandemic could help FOSS, but was a win for proprietary software - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.legal - deviceneutrality - Why Device Neutrality is important for Free Software? - - Legal and Policy Issues - devroom - - <p>The number of devices on which users cannot run Free Software is exponentially increasing. The consequence is an increased loss of control over users’ technology. In order to remediate this situation, the FSFE has been working with the concept of Device Neutrality, understood as a policy principle that ensures users equal access and non-discriminatory use of their devices. The FSFE has advocated for four main principles: stricter consent rules for pre-installed apps, no vendor lock-in, full interoperability, and real-time data portability. The talk will explain the concepts and the challenges ahead.</p> - <p>While digital devices are a ubiquitous reality in all aspects of life, control over the hardware and software running on them is increasingly being limited by internet platforms, digital services providers, hardware manufacturers, and vendors. Several policy and legal concepts have been developed by the academic sector in cooperation with regulatory bodies and courts to tackle this issue in the EU.</p> - -<p>The whole debate boiled down to principles that have been included in the EU's major overhaul of internet law: the Digital Markets Act. Device neutrality is a policy term that translates as non-discrimination of services and apps by providers, manufacturers, and vendors. The objective of device neutrality is to enable consumers to bypass gatekeepers and enable a fair and non-discriminatory use of Free Software.</p> - -<p>The talk will explain the four main demands the FSFE has been leveraging in the public debates and legislative processes: -* Strict end-user consent for pre-installed apps; -* No vendor lock-in; -* Interoperability of services based on Open Standards -* Real-time data portability</p> - - Lucas Lasota - - - - - Device Neutrality demands - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 01:00 - D.legal - organizerslegalpolicy - Panel: Hot Topics - Organizers of the Legal & Policy DevRoom discuss the issues of the day - Legal and Policy Issues - devroom - - <p>The organizers of the Legal and Policy DevRoom for FOSDEM 2022 discuss together the issues they've seen over the last year in FOSS, and consider what we can learn from the presentations on the track this year, and look forward together about the future of FOSS policy.</p> - <p>The organizers of the Legal and Policy DevRoom for FOSDEM 2022 discuss together the issues they've seen over the last year in FOSS, and consider what we can learn from the presentations on the track this year, and look forward together about the future of FOSS policy.</p> - - Bradley M. Kuhn - Karen Sandler - Max Mehl - Alexander Sander - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 13:30 - 00:30 - D.libreoffice - lotech_odfbetterthanooxml - Why ODF is a better standard than OOXML - - LibreOffice Technology - devroom - - <p>Open Document Format (ODF) and Office Open XML (OOXML) are both ISO/IEC open document standards, but while the first is loyal to standard definitions the second is an unfortunate attempt to propagate proprietary formats in a pseudo-standard format to lock-in users to Microsoft Office for the foreseeable future. The presentation explains why ODF is a better standard than OOXML.</p> - - - Italo Vignoli - - - Why ODF is a better standard than OOXML - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.libreoffice - lotech_ooxmldocument - OOXML Document Analysis - - LibreOffice Technology - devroom - - <p>I will talk about how do we proceed when we receive a problematic OOXML document from a customer and show a solution of a sample bug.</p> - - - Gülşah Köse - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.libreoffice - lotech_200pagelecturebook - Let's Build a 200-Page-Long Lecture Book with LibreOffice Writer - Challanges, tips and tricks that work and that don't - LibreOffice Technology - devroom - - <p>In 2021, a tender financed by the Australian Government has been won. The purpose of the project was to create a lecture book for kids, parents and their teachers who have a European (Hungarian) background, and who want to keep their cultural heritage, while they are living in a non-Hungarian speaking country.</p> - -<p>Such a project has a lot of interesting challenges but in this talk, mostly the technical aspects will be introduced. The perspective and the journey of the editor of the book will be demonstrated, whose responsibility was to combine the chapters written by three different authors into a single, ready-to-print document.</p> - -<p>The main tools were LibreOffice Writer and Draw but GIMP and InkScape also played a significant role.</p> - -<p>In the talk, various tricks and steps will be shown how the document has been created and how the different tools were able to cooperate. Besides the working ways, some non-working paths and traps also will be shown.</p> - - - Csongor Halmai - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.libreoffice - lotech_professionaltemplates - Creating professional templates with LibreOffice Writer - A brief panorama on how much important templates are and what can be done (and automated) inside them. - LibreOffice Technology - devroom - - <p>One of the tasks of my job is to create corporate templates. It is really important to spend the right amount of time on them, since they are the image of the entity (whatever kind of) to the public, and they usually last for decades. Knowing well the needs and requirements is possible to automate a lot of things, still without macros. But pushing so much Writer to its limits let us discover some minor bug or possible enhancements.</p> - - - Gabriele Ponzo - - - PonzoGabriele Creating Professional Templates with LibreOffice Writer - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.libreoffice - lotech_documentthemes - Document themes in LibreOffice Impress and elsewhere - - LibreOffice Technology - devroom - - <p>LibreOffice was capable of handling color palettes on its UI for a while -already. In the meantime, the competition introduced document themes, which -are a fixed set of 12 colors, to be attached to various parts of documents. -This allows referring to those colors by name, and apply color filters. These -color filters are maintained even if the source theme changes. Come and see -how this now starts to work also in Impress, what still needs doing and how -you can help.</p> - - - Miklos Vajna - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.libreoffice - lotech_advantagesoflotech - Advantages of LibreOffice Technology - - LibreOffice Technology - devroom - - <p>Today, the LibreOffice Technology platform is based on the same software engine for all modules, based on a clean and refactored source code, with a focus on code quality and consistency, and supported by easy and extensive APIs. LibreOffice consistency represents a strong advantage over the "siloed" approach of all other office suites, where there is a different software engine for each application and each platform. The result is a lack of consistency for files, which are also different by platform. LibreOffice Technology is the best open source platform for personal productivity, and is tightly integrated on desktop, mobile and cloud.</p> - - - Italo Vignoli - - - Advantages of LibreOffice Technology - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.libreoffice - lotech_canvasforux - Canvas For Rendering UX - - LibreOffice Technology - devroom - - <p>I will present why we needed to use Canvas for rendering the UI and the document. Then i will explain the structure we created for this task.</p> - - - Gökay Şatır - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.libreoffice - lotech_informationengineering - Information Engineering Operations - A DevOps paradigm for Product Documentation Group - LibreOffice Technology - devroom - - <p>The product document intersects between product and non-product teams. The dependency on the product features is invariably high with the early adopters and existing user base.</p> - -<p>Integrating with the non-product groups to understand the expected use cases, building scenarios with the product team with quality and security being implicit will be the objective of this information engineering operations group.</p> - <p>Imagine the user base is trying to figure out a mail-merge situation using Base and Writer modules. LibreOffice offers features to integrate with the modules to merge and generate compelling mails.</p> - -<p>An authoritative multilingual guide to accomplishing the scenarios will take a whale of time to reach the user base. Treating it as a lost opportunity, the new paradigms to integrate with the non-product and product teams will table the perspective of mirroring DevSecOps.</p> - -<p>This talk will highlight the opportunities available within the industry for the Information Engineering team.</p> - - Vasudev Narayanan - - - Product User Documentation - A Modern Approach - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 13:00 - 00:35 - D.llvm - llvm_fortran_debug - Enhanced debuggability support in LLVM for various Fortran language features - Fortran debuggabiliy support in LLVM - LLVM - devroom - - <p>The aim of this abstract is to showcase the enhanced debuggability support added in LLVM for the Fortran language features. LLVM being emerging compiler framework, there was some gap to be bridged w.r.t. Fortran language debug info generation. This is because Fortran language has few features which are very powerful, as compared to other languages.</p> - -<p>Fortran dynamic arrays are one such powerful language feature. There are variety of arrays like adjustable array, assumed shape, assumed size, assumed rank, allocatable and pointer arrays. LLVM generated debug info was not sufficient to debug these many variety of arrays with GDB/LLDB. The LLVM was lacking support for multiple DWARF operators (DW<em>OP</em>push<em>object address, DW</em>OP<em>over), DWARF attributes (DW</em>AT<em>data</em>location, DW<em>AT</em>allocated, DW<em>AT</em>associated, DW<em>AT</em>rank) and a DWARF TAGs (DW<em>TAG</em>generic_subrange). Other than these, existing support for DISubrange was not sufficient to handle Fortran arrays. The same was true for Fortran strings which is not mere pointer to character type and needed more support from LLVM. Other features which needed similar LLVM support for debugging were Fortran modules, namelist and signed constants etc.</p> - -<p>All these enhancements made in LLVM are as per DWARF4 or DWARF5 specification for the Fortran language. These enhanced debug info are used by GDB/LLDB and user debugging experience is improved now while handling these Fortran features with GDB/LLDB. In order to make use of these enhanced debug info emitted by LLVM, GDB/LLDB is also enhanced in cases where required. With these enhancements added now in LLVM, Fortran program debugging experience with the clang/flang emitted programs are on par with gcc/gfortran emitted programs and in some cases it’s even better than gcc/gfortran.</p> - - - Alok Sharma - Bhuvanendra Kumar N - - - - - - https://reviews.llvm.org/D79484 - https://reviews.llvm.org/D86305 - https://reviews.llvm.org/D108553 - https://reviews.llvm.org/D99273 - https://reviews.llvm.org/D79306 - https://reviews.llvm.org/D79592 - https://reviews.llvm.org/D80197 - https://reviews.llvm.org/D83544 - https://reviews.llvm.org/D87500 - https://reviews.llvm.org/D89141 - https://reviews.llvm.org/D89208 - https://reviews.llvm.org/D89218 - https://reviews.llvm.org/D99335 - https://reviews.llvm.org/D109343 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:35 - 00:25 - D.llvm - llvm_c_extension - How to write an extension for C - In this talk we will briefly describe how to add your own extension to C, what steps may be needed to do it. And then we will review a small example - LLVM - devroom - - <p>In this talk we will briefly describe how to add your own extension to C, what steps may be needed to do it. And then we will review a small example</p> - <p>We want to summarize our findings, which we gathered during implementation of procedural-parametric extension for C. This work will present a list of examples about how to extend existing structures in clang, and how to map your new constructions from source code to LLVM IR -More details about procedural-parametric approach: https://dl.acm.org/doi/10.1145/2556610.2556619 -In that article you'll see examples of this extension implemented in Modula-like programming language. It will give you full picture about what we implemented in C</p> - - Pavel Kosov - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:35 - D.llvm - llvm_ebpf - Coverage for eBPF programs - - LLVM - devroom - - <p>eBPF is fastly becoming the first choice for implementing tracing and security-critical applications and software.</p> - -<p>Yet, its ecosystem lacks tooling to make developers' life easier.</p> - -<p>Join this talk to get to know bpfcov: an open-source tool I wrote that uses the LLVM pass infrastructure to instrument your eBPF programs to collect coverage data while they run in the eBPF VM in the Linux kernel.</p> - <p>I bet we all have heard so much about eBPF in recent years. Isn't it?</p> - -<p>Every day we hear about a new project using some eBPF magic underneath.</p> - -<p>eBPF programs are written in C but compiled for a specific ISA later executed by the eBPF Virtual Machine.</p> - -<p>LLVM has a specific backend allowing us to write C and get eBPF ELF objects out.</p> - -<p>Still, there are no tools helping developers to clearly understand which path their code took while running, which branches were uncovered, and maybe why. -Even testing the eBPF programs is a pain, given that not all the types of eBPF programs are supported by <code>BPF_PROG_TEST_RUN</code> in the Linux kernel.</p> - -<p>Yes, BTF and CO-RE are improving the situation. -But, writing eBPF is still mostly about fighting against the BPF VM verifier.</p> - -<p>Until today, there is no simple way to visualize how the flow of your eBPF program running in the kernel actually was.</p> - -<p>That's why I sat down and wrote bpfcov. -A tool to gather source-based coverage info from your eBPF programs.</p> - -<p>During this talk, I will show the audience the secrets of the BPF target in LLVM and how I wrote an out-of-tree LLVM pass to instrument eBPF programs with counters, counters expressions, and friends.</p> - -<p>The goal is to help eBPF developers to get to know how to use the powerful LLVM infrastructure to make the eBPF ecosystem - and their life - better.</p> - - Leonardo Di Donato - - - Source based coverage for eBPF programs using the LLVM tools - Coverage expanding macros - Coverage for BPF LSM - HTML reports for source-based code coverage of multiple eBPF programs/files - JSON report - Slides - - - bpfcov repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:35 - 00:25 - D.llvm - llvm_llsoftsecbook - Llsoftsecbook: an open source book on software security for compiler developers - - LLVM - devroom - - <p>Compilers play a crucial role in hardening software against security attacks. As compiler engineers we experience an increase in demand for security-related features: we simply work on security-related features more often. -We find it tough to analyze whether the hardenings we implement are easy or hard to circumvent by attackers. After chatting about this with many compiler developers, our experience is that most feel their work would benefit from a deeper understanding of attacks and hardening techniques. After having looked around, we didn't find much educational material that gives a broad overview, covering all aspects compiler developers ought to know about. -Therefore, we recently started an open source book titled "Low Level Software Security for Compiler developers" at https://github.com/llsoftsec/llsoftsecbook/. It aims to improve the industry-wide knowledge about security hardening in compilers and related tools; ultimately leading to more innovation and better implementations of security features. -In this presentation, we'll explain the rationale for this new open source project in more detail. We will discuss what content we have so far and what content we plan to add. The project very much welcomes new contributors: we need more new content, more review of content, discussion of ideas for how to make the book better, improvement in the design and layout of the produced HTML and PDF output, etc. We hope this presentation will reach both anyone interested in learning more about low-level software security and anyone interested in helping to grow this project further.</p> - - - Kristof Beyls - - - - - - https://github.com/llsoftsec/llsoftsecbook/ - Live version of the book - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:35 - D.llvm - llvm_8bit - 8-bit Character support on architectures were the smallest addressable unit size is 64-bit in Clang and LLVM - 8-bit characters in VIAMPP - LLVM - devroom - - <p>Clang and LLVM have a great history of supporting a great variety of CPUs, from 8- to 64-bits assuming they all have a smallest size of an addressable unit of 8-bits words. Despite the fact that a lot of types and there alignment can be defined with the “target datalayout” string, the “character” and “short” type have been hard-coded into clang and llvm.</p> - <p>Clang and LLVM have a great history of supporting a great variety of CPUs, from 8- to 64-bits assuming they all have a smallest size of an addressable unit of 8-bits words. Despite the fact that a lot of types and there alignment can be defined with the “target datalayout” string, the “character” and “short” type have been hard-coded into clang and llvm. Once you compile with clang you will get for example:</p> - -<pre><code>@.str = private unnamed_addr constant [6 x i8] c"Hallo\00", align 8 -</code></pre> - -<p>Some proposals exist to that offer a solutions to this problem (e.g. FOSDEM 2012: “Adding 16-bit Character Support in LLVM” or https://lists.llvm.org/pipermail/llvm-dev/2019-May/132080.html: “On removing magic numbers assuming 8-bit bytes”). Following this ideas one has to apply changes to over 120 files (clang and llvm v12.0.0) and keeping a patch set nearly impossible.</p> - -<p>Looking for simpler solution for this problem we explored a couple of alternative solutions. Two design goals have to be satisfied:</p> - -<pre><code>don’t change CHAR_BIT -keep CharWidth at 8-bits -</code></pre> - -<p>Only the modification of the character alignment to 64-bits is allowed. With modifying only 8 files (some of them only dealing with character assertions) we end up with the desired result of:</p> - -<pre><code>@.str = private unnamed_addr constant [6 x i64] [i64 72, i64 97, i64 108, i64 108, i64 111, i64 0], align 8 -</code></pre> - -<p>This solutions can also easily be adopted to machines with a minimal addressable unit of 16- or 32-bits. Also “WChar” can be addressed with minimal changes.</p> - -<p>As this is solution is still under testing, the amount of files changed might be further reduced, and should allow for a small and simple patch set.</p> - - Thomas Pietsch - - - 8-bit Character Support - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:35 - 00:25 - D.llvm - llvm_oniro - Libc++ on Linux - using the example of Oniro - Experiences with switching from libstdc++ to libc++ - LLVM - devroom - - <p>Oniro - the Eclipse Foundation's embedded operating system - -is switching from libstdc++ to libc++ by default. This talk -gives an overview of our experience daring to -make the switch.</p> - <p>Oniro - the Eclipse Foundation's embedded operating system - -is switching from libstdc++ to libc++ by default.</p> - -<p>Binary compatibility is a holdup for libc++ adoption on -Linux desktops and servers - but in the embedded world, -we have more options.</p> - -<p>This talk gives an overview of our experience daring to -make the switch.</p> - - Bernhard Rosenkränzer - - - - - The Oniro Project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:25 - D.llvm - llvm_antlr - LLVM and ANTLR: A Starter on a non-Linux Machine - - LLVM - devroom - - <p>Although Linux is still the best preferred operating system, the talk begins with a problem statement regarding the dependencies of ANTLR and LLVM on Windows. To this end, the presenter will explain how these dependency issues can be resolved through an easy-to-use environment for building, installing and running native LLVM and ANTLR on Windows. Furthermore, the talk will briefly explain how we can design domain specific languages (DSLs) using a powerful combination of ANTLR and LLVM front end while maintaining a logical isolation of parsing and code generation.</p> - - - Babar Khan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:05 - D.mariadb - mariadb_welcome - Welcome to the MariaDB devroom - - MariaDB Server - devroom - - <p>A brief introduction and overview of what you can expect from the MariaDB devroom at FOSDEM</p> - - - Ian Gilfillan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:20 - D.mariadb - mariadb_model - MariaDB Server's new release model - - MariaDB Server - devroom - - <p>As was announced in December 2021 https://mariadb.org/new-innovation-release-model/, MariaDB Server now has a new release model, with more frequent major releases. MariaDB Server 10.7 is the first release following this model.</p> - -<p>Some of these releases will have 1 year support cycles, while others will be supported long term just like before. In this talk, I will present the pros and cons of this new release model, what it means for the MariaDB Server community, its users and also its developers. This will also give the community a chance to better understand the changes and give us feedback and ultimately ensure MariaDB Server properly serves its purpose of being a true Open Source Database.</p> - - - Michael "Monty" Widenius - - - - - New release model announcement - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:25 - 00:20 - D.mariadb - mariadb_106 - What is new in mariadb 10.6 ? - - MariaDB Server - devroom - - <p>MariaDB is one of the most used open-source relational databases. The development of MariaDB focuses on stability and performance.MariaDB 10.6 is the current stable version of MariaDB and comes with a number of new features. This presentation covers - MariaDB in Open Source Ecosystem, Features in MariaDB 10.6, Variables added and Removed.</p> - - - Praveen GR - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:45 - 00:25 - D.mariadb - mariadb_107_108 - New features in MariaDB 10.7 and MariaDB 10.8 - - MariaDB Server - devroom - - <p>At the time of writing, MariaDB 10.7 is in RC, and the MariaDB 10.8 preview releases are imminent. The new release model means new features no longer have to wait a year between major releases before seeing the light of day, and the initiative of separate preview releases for each major feature eases testing and reduces instability.</p> - -<p>This presentation covers some of the major new features being unveiled in MariaDB 10.7 and 10.8.</p> - - - Ian Gilfillan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:10 - 00:25 - D.mariadb - mariadb_macos - MariaDB Server on macOS - Does it make sense to even try? - MariaDB Server - devroom - - <p>Current MariaDB Server GA versions are formally not supported on macOS 10.x and 11.y. But it;s relatively easy to set up the environment and build it from current 10.2 - 10.7 GitHub sources, with few minor issues to resolve in the process depending on maxOS and major server version used. This talk is a summary of my related experience, with a quick review of related fixed and open bugs, as well as some unique features like DTrace support that one may benefit from on macOS.</p> - <p>Current MariaDB Server GA versions are formally not supported (and probably not even regularly built or tested) on macOS 10.x and 11.y. But it's relatively easy to set up the environment and build MariaDB Server from current 10.2 - 10.7 GitHub sources, with few minor issues to resolve in the process, depending on maxOS and major server version used.</p> - -<p>This talk is a summary of my related experience on 10.13 High Sierra that I had a chance to work on recently, with additional quick review of related fixed and open bugs, as well as some unique features like DTrace support that one may benefit from on macOS. Actually, studying DTrace in context of MariaDB Server troubleshooting and performance tuning was one of the goals why I started to use macOS again.</p> - - Valerii Kravchuk - - - - - - MariaDB Server bugs and feature requests possibly specific to macOS - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 00:25 - D.mariadb - mariadb_histograms - Improved histograms in MariaDB 10.8 - - MariaDB Server - devroom - - <p>MariaDB 10.8 is getting improved histograms, called JSON_HB. This talk will cover -- what the new histograms are, -- what are the advantages over the old histograms, -- how do they compare to histograms in MySQL 8.</p> - -<p>At the end of the talk, I'll cover a closely related topic of usage of the histogram -data in the query optimizer: -- why this is hard, -- what are known limitations and their workarounds -- what MariaDB team is doing to improve this.</p> - - - Sergei Petrunia - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.mariadb - mariadb_innodb - Performance oriented InnoDB log format changes - How InnoDB crash recovery works - MariaDB Server - devroom - - <p>The persistent circular buffer (the <code>ib_logfile0</code>) is the fundament of the persistent InnoDB buffer pool.</p> - -<p>Over the years, the log file format has been changed in MariaDB Server to improve the performance. A well-designed file format imposes minimal write amplification and is easy to parse.</p> - <p>The 512-byte block size of the InnoDB log was a perfect match for the industry standard that was defined by the venerable Seagate ST-225. Alas, the industry moved on, and now block sizes range from 64 bytes (the size of a memory cache line) to 4096 bytes. Therefore, a format that works efficiently with any block size is needed.</p> - -<p>We present a flexible format where each mini-transaction (comprising log records) is a block on its own, with a checksum that is calculated in a local buffer, reducing contention on the mutex that protects the global log buffer. The old 12-byte block header is shrunk to a 1-bit sequence number, for detecting the end of the circular log. The additional overhead is 4 bytes per mini-transaction for a CRC-32C checksum.</p> - -<p>No-op records may be written to pad the log buffer to match the physical block size. Encryption will only cover data. The length of each record is explicitly stored in clear, which allows consistent hot backups without having any encryption keys. For encrypted log, 8-byte part of initialization vector will be written after each mini-transaction.</p> - - Marko Mäkelä - - - Performance oriented InnoDB log format changes - - - MDEV-12353 redo log record format changes in 10.5 - MDEV-14425 redo log block format changes (10.8) - preview-10.8-MDEV-14425 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:25 - D.mariadb - mariadb_optimizer - MariaDB Optimizer - ongoing development and changes - - MariaDB Server - devroom - - <p>The MariaDB optimizer has its roots in the original MySQL optimizer. Being a long standing project, it has inherited a number of quirks and features that -at the time of coding- made sense. The datasets had different sizes 10-20 years ago and the cost model is not always accurate for current workloads.</p> - -<p>Thus, there is now an ongoing effort to significantly improve the calculations that the MariaDB Optimizer is doing. With the addition of JSON Histograms, the range optimizer is one of the most impacted modules. The end goal of this effort is to provide the user with a better query optimizer, but also put the user in control and allow the user to tweak many more parameters than were previously available. In this talk I will go through the major changes that are upcoming in MariaDB, changes that could impact query performance (for the better) and also raise awareness about which parameters have the highest impact on query optimizer performance.</p> - - - Michael "Monty" Widenius - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.mariadb - mariadb_mysql - MySQL 8 vs MariaDB 10.7 - - MariaDB Server - devroom - - <p>MySQL 8 and MariaDB 10.6 are the latest Major versions for MySQL and MariaDB. While MariaDB started by being slightly different MySQL variant, now it has grown into very much different database platforms which grows more different from every release.</p> - -<p>In this presentation, we will look into the differences between MySQL and MariaDB in the core areas such as SQL features, query optimizations, replication, storage engines, and security. We will also discuss the unique features and capabilities MySQL 8 and MariaDB 10.6 offers compared to each other.</p> - - - Peter Zaitsev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:20 - D.mariadb - mariadb_pit_recovery - MariaDB Point-in-Time-Recovery - - MariaDB Server - devroom - - <p>Backup is typically done once a a day. But if you destroy your data hours later: What about the changes between your backup and the catastrophic event? In this presentation I will show you how you can recover your data between your backup until a specific point in time before the incident.</p> - - - Oli Sennhauser - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:30 - D.mariadb - mariadb_backup_restic - Mariabackup + Restic: a simple and efficient online backup solution for your DBs - - MariaDB Server - devroom - - <p>Mariabackup is a wonderful tool to perform physical online backups of MariaDB Server. By coupling it with Restic you can easily and efficiently create encrypted incremental backups of your DBs on the wide range of Restic's supported backends (local, sftp, s3, OpenStack swift, etc.).</p> - - - Faustin Lammler - - - Presentation slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:25 - D.mariadb - mariadb_deny - MariaDB DENY command - Upcoming functionality for sysadmins and database service providers - MariaDB Server - devroom - - <p>MariaDB allows fine grained control of access over different database objects. Granting access to a very specific resource is easy. A problem comes up when one wants to grant access to a whole database <em>except</em> for a particular resource (table, column, etc.). The only solution thus far is to grant access to each individual resource and omit the ones that must not be accessible. Clearly this is not maintainable, nor practical.</p> - -<p>This is where the DENY command comes in. The gist of the feature: A user will not be able to access denied resources unless the deny is explicitly revoked. MDEV-14443 - Reverse privileges in MariaDB is an ongoing tasks that will implement it. During this talk we will go through use cases, comparison to similar features of other databases well as implementation details of the feature which will (very likely) be part of MariaDB 10.9.</p> - - - Vicentiu Ciorbaru - - - - - JIRA Task describing the technical aspects - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 00:25 - D.mariadb - mariadb_galera - MariaDB Galera Cluster and M/S replication - - MariaDB Server - devroom - - <p>Many say: Galera or Master/Slave replication. What about Galera AND Master/Slave Replication? In this presentation we look at different scenarios where it makes sense to use both technologies together...</p> - - - Oli Sennhauser - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:15 - 00:30 - D.mariadb - mariadb_tips - Ten Tips for Better MariaDB Performance - - MariaDB Server - devroom - - <p>Optimizing MariaDB performance and troubleshooting MariaDB problems are two of the most critical and challenging tasks for DBA’s. The databases powering your applications need to be able to handle heavy traffic loads while remaining responsive and stable so that you can deliver an excellent user experience. Further, DBA’s are also expected to find cost-efficient means of solving these issues. -In this presentation, we will discuss how you can optimize and troubleshoot MariaDB performance. We will look at specific, common MariaDB problems and review the ten tips that allow you to diagnose and resolve them.</p> - - - Peter Zaitsev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:25 - D.mariadb - mariadb_triggers - Creative uses of triggers - Things you people wouldn't believe - MariaDB Server - devroom - - <p>Sometimes you shouldn't do something just because you can. Really. Nevertheless, you can. -This talk will explore the creative, occasionally useful, often unhealthy things that you can do with triggers. Attend at your risk.</p> - - - Federico Razzoli - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:15 - 00:25 - D.mariadb - mariadb_connectionid - MariaDB Connection ID - - MariaDB Server - devroom - - <p>The MariaDB Connection ID exists since "ever". So why bother about such a boring thing? Because you can get many interesting information out of it...</p> - - - Oli Sennhauser - - - - - You are here MariaDB Connection ID - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:25 - D.mariadb - mariadb_bfptrace - More on bpftrace for MariaDB DBAs and Developers - Summary of recent experience - MariaDB Server - devroom - - <p>bpftrace is a relatively new open source tracer for modern Linux (kernels 5.x.y) that may help to troubleshoot performance issues in production as well as to get insights on how software really works. More exotic use cases for the tool, as well as few more advanced bpftrace-based scripts useful for MariaDB DBAs and developers are presented.</p> - <p>bpftrace is a relatively new open source tracer for modern Linux (kernels 5.x.y) that may help to troubleshoot performance issues in production as well as to get insights on how software really works. I use it for a couple of years and would like to present more details on how to do it efficiently, including but not limited to adding tracepoints to different lines of the code inside functions, suing bpftrace as a code coverage tool and tracing in Docker etc.</p> - - Valerii Kravchuk - - - - - - My talk on bpftrace basics - bpftrace on GitHub - My related long presentation from Percona Live 2021 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:05 - 00:30 - D.mariadb - mariadb_json - Introducing MYSQL_JSON plugin - - MariaDB Server - devroom - - <p>MYSQL_JSON plugin is created in MariaDB as a bridge to bypass the confusion between MySQL and MariaDB JSON data type representation and to help MariaDB users in that regard. -Purpose of this talk will be to highlight how to convert MySQL data directory containing JSON native data type in MySQL to the MariaDB data directory where JSON is stored as an alias for LONGTEXT and how to deal with errors in that process.</p> - - - Anel Husakovic - - - FOSDEM 2022 Introducing MYSQL_JSON - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:35 - 00:25 - D.mariadb - mariadb_confidential - The future of databases is confidential - - MariaDB Server - devroom - - <p>In today’s cloud-first world, data security is still a major concern. Confidential computing addresses this at the root by protecting data in use: sensitive workloads are run inside hardware-isolated and runtime-encrypted environments called enclaves.</p> - -<p>We have developed the first open-source database based on MariaDB designed for confidential computing. EdgelessDB is a MySQL-compatible database that runs entirely inside Intel SGX enclaves.</p> - -<p>In this talk, we'll introduce EdgelessDB and compare it to conventional databases as well as existing database encryption solutions. We'll explore the benefits, novelties, and why confidentiality is an important feature of a database. Finally, you'll learn about uses cases and how to easily get started.</p> - - - Felix Schuster - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:40 - 00:10 - D.microkernel - ssumpf - Introduction - - Microkernel and Component-based OS - devroom - - <p>Welcome talk and introduction to the Microkernel and Component-based OS devroom at FOSDEM 2022.</p> - - - Martin Děcký - Sebastian Sumpf - - - - - About the devroom - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:50 - 00:30 - D.microkernel - jstecklina - Advanced Unit Testing in the Hedron Microkernel - - Microkernel and Component-based OS - devroom - - <p>Concurrent code is hard to get right, but at the same time also hard to test. It gets worse when hardware interaction is required. This leads to a comparatively poor culture of unit testing in kernel code, where both come together.</p> - -<p>In this talk, I’m going to highlight one particular method of unit testing the page table manipulation code in Hedron, a microkernel written in C++ specially geared towards virtualization workloads. This code safely modifies page tables that are concurrently used by the CPU. Usually, unit tests only check whether the state after an operation meets the expectation of the programmer. In contrast, Hedron employs completely deterministic unit tests that show that the CPU will always see a valid virtual memory mappings while a page table manipulation is in progress (for the tested cases).</p> - -<p>The goal of this task is to show that unit tests can be a powerful tool even for properties of code that are usually not deemed unit testable.</p> - - - Julian Stecklina - - - Talk Slides - - - Hedron Source - Blog about x86 low-level topics - Podcast about OS topics - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:30 - D.microkernel - dzammit - A practical solution for GNU/Hurd's lack of drivers: NetBSD's rumpkernel framework - - Microkernel and Component-based OS - devroom - - <p>GNU/Hurd is the original Free Software operating system started in the 1980s. Its microkernel design has been evolving over the years and the project has not quite hit mainstream use. I believe this is due to one main reason: the lack of drivers for peripherals and hardware. In this talk, I explain how NetBSD kernel drivers have been reused in a microkernel setting and demonstrate their use to boot up a GNU/Hurd system via a userspace rump disk driver, with a driverless Hurd kernel, gnumach. The ACPI management, PCI management, and actual driver are in separate processes with RPC interfaces between them, which separates out their debugging, licencing concerns and execution. I believe this aligns with the original vision for the operating system, (as a Hurd of servers).</p> - - - Damien Zammit - - - Rump Hurd Talk Slides - - - GNU/Hurd - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:50 - 00:50 - D.microkernel - nfeske - Genode meets the Pinephone - - Microkernel and Component-based OS - devroom - - <p>Driven by the vision of a truly trustworthy smartphone, I dedicated the past year to bringing the component-based Genode OS to the Pinephone. The talk presents my experience story, touching on the hardware, booting, the porting of the kernel, component-architecture concerns, and device drivers.</p> - <p>Smartphones have become a commodity almost everyone relies on. With the convenience, however, comes complexity that is impossible to comprehend and constantly changing. The opaqueness of hardware and software puts the user in a subordinate position, making their devices - and by extension many aspects of their life - dependent on the decisions of a few dominant corporations. Our personal devices are constantly changing under our fingertips. Steady updates are presumably needed to stay secure, similar to how medicine is needed to stay healthy. But are the incentives of the platform providers aligned with my interests?</p> - -<p>I want my digital life healthy without a constant supply of medicine! To reinforce trust, both hardware and software must become transparent, traceable, and tractable. The Pinephone satisfies the urge for transparency of the hardware, thanks to publicly available schematics and documentation. However, the predominant software stacks - even though based on the open-source Linux kernel - are practically inscrutable because of their immense complexity. Genode's rigid component architecture promises to bring order and clarity - and thereby trustworthiness - to the software.</p> - -<p>Over the course of the past year, I pursued the combination of Genode with the Pinephone, diving deep into the Pinephone schematics, the SoC, booting, Genode's kernel, and device drivers. In my talk, I present the experiences made, touch on the use of Linux drivers directly on Genode, and draft a plan forward. The talk will be garnished by a demonstration.</p> - - Norman Feske - - - Genode meets the Pinephone - - - Genodians.org - Genode OS Framework - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:35 - D.microkernel - agrinten - Managarm: Design of a pragmatic fully-asynchronous microkernel - - Microkernel and Component-based OS - devroom - - <p>In this talk, we explore the design of Managarm's microkernel. Managarm is a pragmatic microkernel-based OS with a focus on asynchronous operations. The talk covers various aspects of the microkernel, such as its IPC model, resource management, and user space API. Managarm's microkernel employs a capability-based design to manage hardware resources. In contrast to current mainstream OSes, Managarm's system calls never block but report completion asynchronously whenever possible. This includes system calls for common tasks such as memory management or inter-process communication (IPC). A lock-free ring buffer is used to quickly deliver asynchronous completion notifications to user space. Managarm implements a POSIX subsystem to be able to run various well-known UNIX applications (e.g., a Wayland desktop) on top of the microkernel. This subsystem is implemented entirely in user space. The kernel uses various acceleration strategies to to efficiently support this use case.</p> - - - Alexander van der Grinten - - - - - - Repository - https://managarm.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:15 - 00:35 - D.microkernel - skuenzer - Debugging and Monitoring in Unikraft - Everything beyond printf() - Microkernel and Component-based OS - devroom - - <p>Unikernels are hard to debug? Unikernels cannot be easily administrated or monitored? While unikernels have the potential to revolutionize our infrastructures and take cloud computing into the next era, many worry that unikernels cannot be seamlessly integrated into today’s development and production workflows. -At the Unikraft team, we are heavily working on addressing these concerns and changing the status quo. Although unikernels are monolithic bundles of only necessary kernel functions and an application, we follow the concept that everything is a (micro-)library. Users can pick and choose kernel functionality at build time. The same applies for monitoring and debugging: In this talk, we will give an overview of our current debugging and monitoring capabilities, and we will present our vision for how these pieces will enable a cloud-native experience. We will also give a deep dive into our GDB backend implementation with a live demo.</p> - <p>Unikraft is an open source Xen Project incubator under the auspices of the Linux Foundation. We are currently launching a start-up with the mission to provide Unikraft unikernels for production and enterprise use.</p> - - Simon Kuenzer - Marc Rittinghaus - - - Debugging and Monitoring in Unikraft - - - Unikraft OSS - GitHub Community - Unikraft - The lightweight virtualization company - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:40 - D.microkernel - anano - Hardware accelerated applications on Unikernels for Serverless Computing - - Microkernel and Component-based OS - devroom - - <p>Serverless computing facilitates the use of resources without the burden of administering and maintaining infrastructure. The simplification of IaaS appears ideal (in theory) but providers and users are presented with several challenges: providers aim to reduce infrastructure maintenance overheads; users require isolation, flexibility and programming freedom.</p> - -<p>Serverless deployments are mostly backed by sandboxed containers. To enable programming freedom for users, providers allow the use of containers for function deployment, however, to ensure strict isolation, these containers are sandboxed in VMs. As a result, this bloated stack brings complicated maintenance costs: (a) several layers of abstraction between the user function to be executed and the actual execution environment; (b) increased attack surface; (c) increased request-to-exec time; (d) reduced set of feature availability for functions (hardware acceleration).</p> - -<p>Unikernels promise fast boot times, small memory footprint and stronger security but lack in terms of manageability. Additionally, Serverless frameworks only support containers. Moreover, unikernels provide a different environment for applications, with limited or no support for widely used libraries and OS features. This issue is even more apparent in the case of ML/AI workloads. ML/AI libraries are often dynamically linked and have numerous dependencies, which directly contradict the statically linked notion of unikernels. Finally, hardware acceleration is almost non-existent in unikernel frameworks, mainly due to the absence of suitable virtualization solutions for such devices.</p> - -<p>In this talk, we present the design of a flexible serverless framework designed for the cloud and the edge, backed by unikernels that can access hardware accelerators. We go through the components that comprise the framework and elaborate on the challenges in building such a software stack: we first present an overview of the necessary components of a serverless framework; then we focus on the function execution framework based on two popular unikernel frameworks; finally, we present a hardware acceleration abstraction to expose semantic acceleration functionality to workloads running on top of this framework.</p> - -<p>A short demo of the working components will be presented, discussing the challenges and trade-offs of this approach.</p> - - - Anastassios Nanos - Charalampos Mainas - - - Hardware accelerated applications on unikernels for Serverless Computing - - - vAccel: a hardware acceleration abstraction for serverless computing - Solo5 on OpenFaaS (Demo 1) - Image Classification with vAccel on OpenFaaS using Unikraft (Demo 2) - vAccelRT - vAccel on Unikraft - Join us! - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.microkernel - awarkentin - UX/RT - a QNX-like OS based on seL4 - - Microkernel and Component-based OS - devroom - - <p>UX/RT is a new QNX-like OS based on the seL4 microkernel, with improvements in security and reliability over mainstream systems as well as several features they lack, while still maintaining a high degree of compatibility with and comparable performance to existing operating systems. Similar to QNX, UX/RT will be a single-personality Unix-like OS with fast synchronous kernel IPC, a lightweight IPC transport layer, services looked up through the filesystem, and an avoidance of vertical modularity for most subsystems. I will introduce the general architecture of UX/RT and how it differs from existing operating systems, describe a few notable features, and explain why I consider it to be the best balance of practicality, performance, compatibility, and features.</p> - - - Andrew Warkentin - - - Slides - - - Top-level UX/RT GitLab group - Notes on UX/RT's architecture - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:45 - D.microkernel - vnarayanan - RedLeaf: Isolation and Communication in a Safe Operating System - - Microkernel and Component-based OS - devroom - - <p>At least since the final Multics report in 1977, researchers identified the ability to isolate kernel subsystems as a critical mechanism for increasing the reliability and security of the kernel. Unfortunately, despite many attempts to introduce isolation to the kernel, modern systems remain monolithic. Historically, software and hardware mechanisms introduce a prohibitively high overhead for the isolation of subsystems with the tightest performance budgets. Today, however, the balance of isolation and performance is starting to change with the development of Rust, arguably, the first practical programming language that achieves safety without garbage collection.</p> - -<p>RedLeaf is a new operating system developed from scratch in Rust with the goal to explore the impact of language safety on operating system organization, and specifically on the ability to utilize fine-grained isolation and its benefits in the kernel. In contrast to commodity systems, RedLeaf does not rely on hardware address spaces for isolation and instead uses only type and memory safety of the Rust language. Departure from costly hardware isolation mechanisms allows us to explore the design space of systems that embrace lightweight fine-grained isolation of kernel subsystems. We develop a new abstraction of a language-based isolation domain that implements a unit of information hiding and isolation of faults. Domains can be dynamically loaded and cleanly terminated. Building on RedLeaf isolation mechanisms, we demonstrate the possibility to implement end-to-end zero-copy, fault isolation, and transparent recovery of device drivers.</p> - -<p>To evaluate the practicality of RedLeaf abstractions, we implemented a subset of the POSIX interface as a collection of RedLeaf domains. RedLeaf's isolation mechanisms allow us to support the transparent recovery of device drivers. To demonstrate that Rust and fine-grained isolation introduce a practically-acceptable overhead, we develop efficient versions of 10Gbps network and PCIe-attached solid state-disk NVMe device drivers that match the performance of carefully-optimized kernel-bypass device drivers used in modern network and storage processing frameworks.</p> - - - Vikram Narayanan - Anton Burtsev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:45 - D.microkernel - gparmer - The Composite Component-Based OS - - Microkernel and Component-based OS - devroom - - <p>The Composite CBOS is in many ways a traditional micro-kernel. Services and policies are implemented at user-level, the kernel focuses on fast IPC, and it uses a strong capability-based access control mechanism. It has historically focused on being a research laboratory for strange features including a thread-migration-based IPC, user-level scheduling of system-level threads, user-level definition of capability policies, a wait-free kernel that scales linearly with increasing cores, and temporal capabilities to coordinate between untrusting schedulers. It also scales down and supports paravirtualized RTOSes on microcontrollers (with on the order of 64KiB SRAM, between 16 and 200 Mhz, and MPUs). Composite represents a design that deviates from the L4 lineage in some interesting ways. In this talk, we'll discuss the design with a focus on how the system provides the challenging combination of predictability, performance, and scalable parallelism.</p> - - - Gabe Parmer - - - The Composite Component-Based OS - - - Composite webpage - Composite publications - Composite source - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:35 - D.microkernel - seydam - Mitigating Processor Vulnerabilities by Restructuring the Kernel Address Space - - Microkernel and Component-based OS - devroom - - <p>In this talk, I will present a new Spectre/Meltdown mitigation that I have prototyped for the Hedron microhypervisor. This prototype has also been used to quantify the runtime overhead of the proposed mitigation.</p> - <p>Processor-level vulnerabilities, such as Meltdown and Spectre v1/v2, allow attackers in userspace to leak information from the kernel address space. This is particularly devastating for kernel designs where the kernel address space is identical for all processes and thus allows the attacker to break the system's confidentiality boundaries.</p> - -<p>Previous mitigation attempts, such as kernel page-table isolation (formerly KAISER) for Meltdown and various branch predictor/speculation barriers for Spectre v1/v2, introduce costly instructions into performance critical parts of the operating system kernel. Especially mitigations related to the branch predictor are only possible if the CPU vendor has exposed special functionality.</p> - -<p>During the last six months I investigated an alternative mitigation strategy on the kernel design level that shows good mitigation properties, but adds negligible runtime overhead. This alternative mitigation involves moving process-related information in the kernel into a process-local part of the kernel address space. A userspace attacker that can infer the content of its associated kernel page table can thus only read information about its own process. Switching between these kernel address spaces is done as part of the normal address space switch when a thread in a different process is scheduled and thus comes with no additional cost.</p> - - Sebastian Eydam - - - Slides - - - Sources on Github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:05 - 00:55 - D.microkernel - bgarst - Unhackable across 30 Years, End in Sight - - Microkernel and Component-based OS - devroom - - <p>As tech lead on commercial UNIX at Bell Labs, an opportunity arose in 1988 to write a nano-kernel to end all nano-kernels, complete with an unhackable boot requirement. It was clear that a cryptographically secure chip level boot assistance was required, which guided subsequent patented ECC work at NeXT and Apple. Post Apple, in a “Social Purpose” company of his own, work has continued to fully realize this dream. The 1988 nanokernel had no threads and delivered messages across upcall channels to a thread simulation, yet that was unsatisfactory. The social element of phishing etc. is now the most feared secuirity breach, and in new work, discussed, the complete solution space is described, in the first half. New hardware is underway, solving such issues as weak memory models.</p> - -<p>In the second half of the talk, key lockless queuing primitives are discussed that form the basis fo a multi-core actor runtime (MART) to subsume most if not all duties of the executive. Far richer than a hypervisor, the executive manages memory in new manners, in a memory safe programmer nature. In practice, a single core actor runtime (START), running across 32, 64 arm, x86, and extensa cpu architectures is available. The language and runtime are destined to the Open Source world, unless the larger project, TheDew, makes file systems and databases obsolete in its first rollout, which will include unhackable identity. Ask: Join us!</p> - - - Blaine Garst - - - Unhackable: 30 Years, End In SIght - - - XBox One story - Unhackable Hardware? - humus - Dale Schumacher - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 11:00 - 00:30 - D.mozilla - mozilla_suggestions_community - Suggestions for a Stronger Mozilla Community - Personal Thoughts and Ideas for Possible Improvements - Mozilla - devroom - - <p>As one of the earliest large FLOSS projects, Mozilla had a strong and growing community of volunteer contributors for a long time. Then, a lot of factors leading up to today led to the environment changing very significantly, and today's community has some good groups in some areas, but not the kind of connected movement that existed in those earlier times. The speaker has been part of all of that development, starting off as a volunteer very early in the project, working on Mozilla staff for a few years in between, and still being part of the volunteer community in recent years. From that point of view, he'll bring up some ideas and suggestions on how this community can become stronger and grow again, so that a significant voice for the Open Web and the Mozilla Manifesto will hopefully be out there also in the future.</p> - - - Robert Kaiser - - - - - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.mozilla - mozilla_sentence_collector - Collecting Sentences for Common Voice - Collecting Sentences through different means to allow others to record voices for them - Mozilla - devroom - - <p>Common Voice is a project to help make voice recognition open and accessible to everyone. To create this data set Common Voice allows volunteers to record defined sentences to contribute their voice. A good data set needs a lot of recordings, and therefore we need to have a lot of sentences to be read out aloud. In this talk Michael will introduce the audience to several ways we are collecting these sentences and goes into more technical detail for these mechanisms. This talk will also feature an intro to Common Voice at the beginning.</p> - - - Michael Kohler - - - Sentence Collection Slides - - - Common Voice - Sentence Collector - Sentence Extractor - Common Voice Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.mozilla - mozilla_babiaxr - BabiaXR: Virtual Reality Data Visualizations for the browser - - Mozilla - devroom - - <p>BabiaXR is a set of FOSS modules for VR (virtual reality) data visualization for the browser. BabiaXR is based on A-Frame and Threejs, with the goal of making it very easy to create different kinds of data visualizations (bar charts, bubble charts, cities, ...), by exploiting the power of WebVR and regular web front-end programming. In this talk, I will do an overview of BabiaXR, showing different examples of different common visualizations. Then, I will focus on showing how we use the city metaphor to represent a popular FOSS project, showing its evolution over time. The talk will show examples (in VR) that the public can try on the fly.</p> - <p>There are plenty of tools that can analyze data in many ways, but just a few of them try to visualize this data beyond 2D. This is the goal of BabiaXR, a set of front-end modules for 3D VR (virtual reality) data visualization. The visualization part of BabiaXR is based on A-Frame and Threejs, providing a collection of components for creating different kinds of visualizations. Among them there are common ones like bar charts, pie charts, bubbles chart, but now we are moving beyond that, exploring new ways of showing data in 3D. For example, we are working on representing software projects using the city metaphor, showing the evolution of the project as the evolution of a city, with building corresponding to the different files. In this talk, I will do an overview of BabiaXR, showing different examples of the power of WebVR and A-Frame with different visualizations. Then, I will analyze a city corresponding to a well-known FOSS project, showing its evolution in different time snapshots and explaining how the code evolves as the city does. Moreover, there will be examples that the public of the room can try on the fly in their devices, and I will bring a set of two different VR devices to show the examples in an immersive environment after the talk.</p> - -<p>As A-Frame was developed in part by Mozilla developers, and it is used in some Mozilla services (such as Hubs), I think that it is interesting to show what kind of things, beyond games, can be done with this awesome framework, specifically, related to data analysis and new different ways of data visualization, like the cities that you can build with BabiaXR.</p> - - David Moreno-Lumbreras - - - - - - Main Page - Live Demo examples - BabiaXR main repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.mozilla - mozilla_cv_project_app - "CV Project app": How an Android app can change the Mozilla Common Voice project - - Mozilla - devroom - - <p>Talk about the "CV Project" app, which is a native Android app to contribute to Mozilla Common Voice via the smartphone.</p> - - - Saverio Morelli - - - Slides for the CV Project talk - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:45 - D.mozilla - mozilla_support - Mozilla Support: 24, 7, 365 - - Mozilla - devroom - - <p>An overview of the Mozilla Support team and how a group of contributors spread all across the world work together to help users of Firefox, Thunderbird and other Mozilla apps.</p> - - - Paul Wright - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:45 - 00:15 - D.mozilla - mozilla_thunderbird_2022 - Thunderbird in 2022 - Highlights of Thunderbird plans for this year. - Mozilla - devroom - - <p>This talk will go through recent highlights of Thunderbird development. What are we working on for the mid 2022 release.</p> - - - Magnus Melin - - - - - Thunderbird website - Developer documentation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:45 - D.mozilla - mozilla_language_common_voice - How to Start a Language on Mozilla Common Voice? - A case study for under-resourced Turkish Language - Mozilla - devroom - - <p>On Mozilla Common Voice, as of December 2021, there are 154 locales, but only 87 fulfilled the requirements to collect voices, where 27 of them are fairly new. In this two-part presentation, we want to give some starting points for the new language communities, share our accumulated knowledge in the last year while working on the under-resourced Turkish language, with initial training results.</p> - -<p>The presentation includes the following topics: Resources on Mozilla Common Voice, how to analyze your dataset, how to set goals, how to design a social media campaign, what tools you can use, Google Colabs, Coqui STT, and our roundups on training Common Voice Turkish Dataset v1 - v7.0, all with our successes and failures as Common Voice Turkish Volunteers group as lessons learned.</p> - <ul> -<li><strong>Errata</strong>: In the video "checkpoint" is mistakenly written/spoken as "breakpoint", these are corrected in the slides.</li> -<li><strong>Addendum</strong>: Our dataset analysis and training results for the Common Voice v8.0 dataset have been added as new slides and video.</li> -</ul> - - - Bülent Özden - - - Common Voice Turkish - Video Slides (PDF) - Common Voice Turkish - Video Slides (PPTX) - Common Voice Turkish - v8.0 update (PDF) - Common Voice Turkish - v8.0 update (PPTX) - - - Mozilla Common Voice - CV - Sentence Collector - CV - Discourse - CV - Pontoon (UI translation) - CV - Turkish sub-Discourse - CV - Matrix chat - CV - Github repositories - CV - Community Playbook - Common Voice Utils repo - Common Voice Docker repo - Coqui Website - Github Repo of the Colab Notebooks used in experiments presented - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 00:45 - D.mozilla - mozilla_searchfox - Searchfox - Fast code search and indexing - Mozilla - devroom - - <p>Short overview of how Searchfox works, how to use it on other projects (like Igalia is doing with https://webkit-search.igalia.com), planned improvements, and how to contribute to it.</p> - - - Emilio Cobos Álvarez - - - - - Main repo - Mozilla repo configuration - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 01:00 - D.mozilla - mozilla_firefox_dev_101 - Firefox Desktop Development 101 - How new Firefox developers are onboarded to the code - Mozilla - devroom - - <p>In this presentation, Mike Conley walks you through the same onboarding process that new Firefox desktop developers go through to get familiarized with the project. Want to know what Firefox's relationship with Gecko is? What's the relationship between the Firefox and Thunderbird codebases? What does Firefox code even look like? Find out this and more!</p> - - - Mike Conley - - - - - Slide deck - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:20 - D.mozilla - mozilla_foxfooding - Introduction to Foxfooding - A story about how Mozillians test and give feedback for products before release - Mozilla - devroom - - <p>Foxfooding is Mozilla's internal dogfooding process that includes both employees and community members. The goal is to encourage all Mozillians to give early feedback about the products that we are shipping, in an open and collaborative way.</p> - - - Konstantina Papadea - Krupa Raj - - - Foxfooding Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 14:00 - 00:30 - D.mysql - mysql_binlogs_encryption - Encrypting binary (and relay) logs in MySQL - - MySQL - devroom - - <p>Keeping your data secure is an important task of the DBA. We protect our servers, encrypt filesystems and/or datafiles. But what about log files? And especially log files that contain actual data such as the MySQL binary or relay logs. These are technically called log files but they contain the actual data going through your MySQL systems for replication purposes. I will describe how you can enable and use them and also, in case of disaster, how you can recover your encrypted binary logs so you can use them for point in time recovery.</p> - - - Matthias C - - - Encrypting binary (and relay) logs in MySQL - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.mysql - mysql_hash_join - Hash join in MySQL 8.0 - - MySQL - devroom - - <p>Hash join was introduced in MySQL 8.0.18 and was presented for the first time at FOSDEM 2020. Since then, the performance of hash join has been improved, and I will present results that show this. We will also discuss what kind of queries benefit from hash join, what you need to do for hash join to be used, and how to tune your system for optimal hash join performance.</p> - - - Øystein Grøvlen - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.mysql - proxysql2021 - ProxySQL 2021 Dev Submit - - MySQL - devroom - - <p>ProxySQL has proven itself as the de-facto standard reverse proxy for MySQL, yet, we are always looking for new features and improvements. During this past year starting with v2.1.0, four new major ProxySQL versions were released, and with them new features of all sorts were introduced, ranging from protocol changes, authentication improvements, clustering improvements, new monitoring features (for Galera, Group Replication, Aurora AWS) to DDOS protection. Join us for a deeper dive on the details of these (and more) new features, what they have to offer and how you can get the most out of them.</p> - - - Javier Jaramago Fernández - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.mysql - mysql_backup_restore - Backup/Restore tools performance comparison - - MySQL - devroom - - <p>Backup and restore methods are concepts that everyone knows the importance of. Over the years, open-source tools emerged like MyDumper, Xtrabackup, and Mariabackup. Also, with MySQL 8 new shell, new utils for dump and restore were introduced as well.</p> - -<p>In this presentation, we are going to compare the newest backup/restore methods with the most used ones. We will see how parallelization can influence the speed of backup and restore process and also how the compression algorithms can influence the performance.</p> - -<p>In this talk, we will compare mysqldump, mydumper/myloader, mysqlpump, MySQL Shell utils, and Xtrabackup.</p> - - - Vinicius Grippa - Jean Da Silva - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 12:30 - 00:35 - D.nim - nim_concurrency - Nim concurrency - Past, Present and Future - Nim Programming Language - devroom - - <p>This is a talk about Nim's concurrency mechanisms, how the old things worked, how the current things work and what the future holds.</p> - - - Andreas Rumpf (Araq) - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:05 - 00:35 - D.nim - nim_ngmicrocontrollers - Next generation micro-controller programming - Zero-cost abstractions for better embedded programming - Nim Programming Language - devroom - - <p>This talk builds on my previous talks about micro-controller programming in Nim, and my talk on writing a keyboard firmware from scratch in Nim. It outlines how a Nim ecosystem for microcontrollers can be built with zero-cost abstractions which means that the resulting code is almost exactly the same size as pure C code (no Arduino). All this while keeping an interface which is much nicer than anything you'd find in C, maybe even better than that of high-level microprocessor coding frameworks like MicroPython and TinyGo.</p> - - - Peter Munch-Ellingsen - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:40 - D.nim - nim_libvfio - LibVF.IO: vGPU & SR-IOV on Consumer GPUs using Nim - LibVF.IO is bringing vGPU functionality that's historically been restricted to the enterprise datacenter segment to normal consumer GPUs running free open source desktop operating systems. - Nim Programming Language - devroom - - <p>I'd like to showcase LibVF.IO's new LIME Runtime feature (Lime Is Mediated Emulation) and do a deep dive on open source vGPU technology in general.</p> - <p>Some of the topics I would like to cover are the VFIO-Mdev API, the differences between Virgl vs. Hardware GPU virtualization (SR-IOV) vs. Software GPU virtualization (soft Mdev), various common GPU driver virtualization implementations (Intel i915, AMD GPU-IOV Module, and Nvidia), then talk about the benefits of hardware virtualization of GPUs for projects like Qubes OS and the ongoing effort to run LibVF.IO with Xen for use with Qubes. I'd like to share LibVF.IO's vision to bring vGPU SR-IOV functionality out of the datacenter and to most consumer devices running free software. Finally I'd like to explore what a world might look like if we're successful in bringing the benefits vGPU SR-IOV functionality to every day people running free software (native performance backwards compatibility via virtualization, hardware isolation, &amp; workload balancing).</p> - - Arthur Rasmusson - - - - - The link to LibVF.IO's full source code. - LibVF.IO setup guide. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:40 - D.nim - nim_polymorph - Polymorph: a compile time approach to entity-component-systems in Nim - Queryless ECS: removing runtime overhead by orienting around systems - Nim Programming Language - devroom - - <p>The entity-component-system pattern (ECS) is popular in game development for its ability to model complex dynamic simulations with mechanical sympathy, in an environment where microseconds matter.</p> - -<p>The pattern is focused on run time composition. Entities are mutable sets of component data types, and systems run for entities with specific sets of components. Many ECS frameworks are oriented around components or entities, and systems use run time queries or filters to match their component data requirements against the live state.</p> - -<p>In this talk, a system oriented ECS is presented which removes all run time work for systems by storing execution state in the systems themselves. Changing an entity's components leverages Nim's static typing and powerful AST macros to precalculate affected systems and generate pared down system state changes.</p> - -<p>The result is statically defined and intrinsically optimised to the user's system/component design, allowing efficient embedded event loops through to complex interactive simulations.</p> - - - Ryan Lipscombe - - - - - The Polymorph ECS - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:45 - D.nim - nim_potatozombies - Potato Zombies - Helping a 6 year old build a 3D game using Enu and Nim - Nim Programming Language - devroom - - <p><a href="https://github.com/dsrw/enu">Enu</a> is a 3D live coding environment that can be used for education, exploration, and light game development. It uses a simple, logo-style Nim DSL, and aims to be accessible to as many people as possible, even those who may not yet be able to read or type. It's still fairly immature, but will eventually be suitable for implementing simple multiplayer 3D games.</p> - -<p>In this presentation, Enu's creator will walk through creating a simple 3D game with his 6 year old son using Enu 0.2.</p> - - - Scott Wadden - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:45 - D.nim - nim_pararules - Pararules - A Nim rules engine for reactive programs and games - Nim Programming Language - devroom - - <p>Reactive programming has become commonplace in many kinds of software, while others, including games, have been slow to adopt it. There is an idea stretching back to the 70s that enables reactive programming in an extremely general way: rules engines. This talk will demonstrate pararules, a breakthrough rules engine for Nim. It will demonstrate how games and other software can define their entire logic as a series of independent rules, and how it decouples your data much like (but more powerful than) an entity component system. It will show why this kind of library is only practical to implement in a language with a Lisp-like macro system such as Nim's.</p> - - - Zach Oakes - - - - - pararules github repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.nim - nim_hpcfrompythontonim - HPC from Python to Nim - A preliminary introduction to performance optimization - Nim Programming Language - devroom - - <p>Numpy is considered the go-to library for fast performant python scientifc computing, as it is a heavily optimized scientific computing library written in C. But is it really that fast (spoiler: yes, but not when used with python)? In this talk, I will be covering a real-world example in the domain of genetics, and demonstrating how I was able to out-perform numpy code running on my intel-7700k machine with a raspberry pi running code from the Nim programming language!</p> - -<p>I will also be providing optimization tips for speeding up your code, with a focus on comparing python with the Nim programming language.</p> - -<p>The talk can be roughly divided into the following sections:</p> - -<p>Part 1 (32 min) - Introduction to myself. Describing a computationally expensive problem that I have experienced when working with Python. -- My background is in data science and biology -- Biologists tend to work with large datasets -- One common problem we face is preprocessing of large amounts of data. A common technique used here using distance calculations -- Why I decided to learn a different language -Part 2 (1 min) - High level introduction to Nim -- Nim is a statically compiled programming language -- Etc... -Part 3 (10 min) - Going through step-by-step on how to write performance optimal code with Nim. Describing common performance pitfalls that Python users may not be aware of. -- Inlining -- Using the type system to your advantage -- Taking advantage of domain knowledge -- Multi-threading (openmp) -- Bounds checking -- Compiler flags -- Mathematical and algorithmic optimizations -Part 4 (3 min) - Benchmarks and closing statement -- Show benchmark comparing the naive python numpy implementation with the highly optimized Nim one -- Top tips to keep in mind when writing high performance code.</p> - -<p>Please note: the purpose of this talk isn't to be an exploration of some new state-of-the-art way of doing performance optimization or some relatively unknown optimization techniques. This is a general introduction for people hoping to use Nim for HPC that are coming from Python. Lots of emphasis will be put comparing the two languages.</p> - - - Ayman Al Baz - - - - - Some code-snippets from my distances library will be shown in the talk - Presentation Link - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:40 - D.nim - nim_metaprogramming - Nim Metaprogramming in the real world - - Nim Programming Language - devroom - - <p>Metaprogramming in Nim is very powerful. But why would you use it? How is it used in the real world? We will explore the "power levels": starting from generics, continuing to templates and finally arriving at macros.</p> - -<p>We will first look at generics usage in VMath (Vector Math Library) and Jsony (JSON Parsing Library). Then we will continue on to templates and how they are used in VMath and Windy. Finally we will look macros, the top of the "power levels", and how they are used in Shady (a Nim to GLSL compiler) and Genny (Generates bindings for Nim libraries).</p> - - - Andre von Houck - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:05 - D.research - open_research_welcome - Welcome to the Open Research Tools and Technologies devroom - - Open Research Tools and Technologies - devroom - - <p>The Open Research Tools and Technologies devroom managers welcome words announcing the schedule.</p> - <p>This years the Open Research devroom schedule has been organized in thematic panels:</p> - -<ul> -<li>Academics developing software testimonies panel</li> -<li>Visual inquiries panel</li> -<li>Policies panel</li> -<li>Artificial Intelligence Panel</li> -<li>Open Hardware Panel</li> -<li>Standards panel</li> -<li>Knowledge management communities panel</li> -<li>Open Data Panel</li> -</ul> - - - Paul Girard - Matthieu Totet - Mathieu Jacomy - Célya Gruson-Daniel - Yo Yehudi - Maya Anderson-González - Sara Petti - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:20 - D.research - open_research_heurist - From pipe dreams and waste to functional accretion: building a capable infrastructure for the Digital Humanities - - Open Research Tools and Technologies - devroom - - <p>This presentation is about the development and trajectory of Heurist (HeuristNetwork.org), a shared, integrated, extensible data infrastructure (model, build, manage, analyse, visualise, share, publish via integrated CMS) for Humanities research capable of handling the needs of many heterogeneous projects on a single standalone service*, with optional integration across multiple servers by a coordinating index (itself based on Heurist).</p> - -<p>Humanities data are interesting (both technically and to the public). They are rich in text, images, objects, people and events, heterogeneous, eminently linkable and sparse-matrix. Personal computers, the internet and other accessible technologies have spawned an exploding field (or fad?) known as Digital Humanities (DH), and opened exciting new horizons for research and public engagement.</p> - -<p>However, this technological turn has created many problems for a poorly funded research culture with 1-3 year grant funding cycles - choice of appropriate technology, finding and retaining technical staff, initial and ongoing costs, sustainability ... The outcome is often least-effort and inadequate technology (eg. spreadsheets) or ad hoc development, incomplete functionality, maintenance nightmares, data silos and rapid end-of-funding decay; only rich or statutory organisations can maintain a multi-component system for long. Heurist aims to overcome these problems by mutualised Open Source development, schemas stored as editable data rather than fixed structures, demand-driven priority development, and free centralised services and maintenance.</p> - -<p>In this presentation I will outline the evolution of our development process, from haphazard experimentation and many costly unused features (2005 - 2009) to a coherent, stable but evolving structure and Extreme Programming (aka living dangerously!), driven by immediate user requirements and incremental daily interface refinement. I will outline some of the fundamental principles we use to maintain backwards compatibility, stability, rapid development and low cost of maintenance for such a complex beast and for so many projects, on a self-funding staff of just 3 FTE. I also hope to attract some technical collaborators, as most of our users are (by design) non-technical.</p> - <ul> -<li>We maintain a central index and two free services (based in Australia and France), plus some institution-based servers, currently supporting a couple of hundred research projects in different fields, ranging from doctoral students to networks of researchers.</li> -</ul> - - - Ian Johnson - - - - - Heurist project web site - Database creation page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:25 - 00:15 - D.research - open_research_prospero - Code Liberation and Software Sustainability - The Prospero Experience - Open Research Tools and Technologies - devroom - - <p>Developed from 1995 onward, Prospero is a framework for longitudinal analysis of text corpora. Based on dictionaries and semi-automatic classification, it mainly allows its user to combine approaches of statistical computation, co-occurrence network and search for nested patterns. Inspired by pragmatic sociology, it focuses on the multiple forms of expression and argumentation used by actors, on language regimes and on the identification of transformations occurring in the research case. Initially distributed commercially, then from 2011, by the Doxa association, as shareware under a non-profit and ethical charter, it is now hosted by the Corpora association and developed under the aGPLV3 CECILL variant Affero compliant license.</p> - -<p>In this presentation, we will discuss more specifically the question of the permanence of a research-targeted software approach, through its evolution over almost 30 years. During this period, evolving expectations and technical developments have led to a client/server step (which remained in the prototype stage) and now to the transition to SaaS. Based on this experience, we will also discuss the conditions we consider relevant for the durability of the software in a new interconnected phase. The broadening of its audience of users and developers calls for ever greater interoperability, on the technical level, but with an approach that combines non-profit and academic models (with limited resources) and business uses.</p> - -<p>Josquin Debaz -With a PhD in history of science, he has worked more than 10 years on contemporary controversies in health, environment and energy at GSPR (Pragmatic and Reflexive Sociology Group, EHESS). He is now developer at Finsit. With F. Chateauraynaud, he published Aux bords de l'irréversible. Sociologie pragmatique des transformations (Paris, Pétra, 2017).</p> - -<p>Waldir Lisboa Rocha -With a degree in Environmental Engineering, he co-founded Luminae, an energy efficiency company, where he served as Chief Operating Officer between 2008 and 2012, before deciding to make a turn in his career and dedicate himself to the Social Sciences. He holds a Master's degree in Sociology from the École des Hautes Études en Sciences Sociales - EHESS, and is currently working on his PhD at the same institution, in which he is focusing on the relations between media, inquiry and democracy. In parallel to his academic research, he has been dedicated to the conception and structuring of Prefigura, an experimental institution, and of Enumera, an operating ecosystem.</p> - - - Josquin Debaz - Waldir Lisboa Rocha - - - Code Liberation and Software Sustainability - - - Official Prospero's website - Theorical blog - Christopher Marlowe's blog - Bibliography's webpage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:40 - 00:20 - D.research - open_research_textnets - Free Software Development as Observant Participation - Developing textnets, Studying Digital Cultures - Open Research Tools and Technologies - devroom - - <p>I am a social scientist who mostly teaches and conducts qualitative research, but I am also a programmer. Over the years, I have contributed to a variety of free and open source software projects, and since 2019, I have developed and maintained <code>textnets</code>, a Python package for text analysis that represents collections of texts as networks of documents and words, providing novel possibilities for the visualization and analysis of texts. In my field, such software development efforts are not usually rewarded, but I have been very fortunate. My academic superiors have been supportive of my endeavors, and a publication in the <em>Journal of Open Source Software</em> also helped me get official recognition for this work in the standard currency of my field.</p> - -<p>While I developed <code>textnets</code> to scratch my own itch, I seek to make the package widely available by providing extensive documentation and making it easily installable across multiple platforms. This part of my software development work -- learning the intricacies of version control, package managers, continuous integration testing, and dependency management -- puts me in a position to learn not just about the technical side of coding, but about the social side of the choices developers make. At least in the Python world, the way you learn about what dependencies to use, if any, and how many, is informed by norms more than by technical considerations, and the same is true for much else. By engaging in software development work, I engage in a version of the research method of participant observation -- learning by taking part -- that sociologists have called observant participation -- becoming part of what you want to learn about. In my case, I want to learn not just about software development and its culture and norms, but the wider world of free software, hacker culture, artistic practice based on FOSS tools, and more.</p> - -<p>In my talk, I provide some background to the development of <code>textnets</code>, give a brief demonstration of the package's features, and finally reflect on my experiences engaging in observant participation as well as some of the insights I have gained and still hope to gain.</p> - - - John Boy - - - - - textnets Documentation - demo code repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:20 - D.research - open_research_testimony - Academics developing software testimonies panel - - Open Research Tools and Technologies - devroom - - <p>Discussion panel of three testimonies from academics developing software.</p> - <p>Developing software from academia is not easy. Scholars are meant to teach and write. -Releasing a research software demands much more than writing code. -In this panel discussion, the four speakers will share their thoughts on those challenges. The discussion will benefit from the variety of situations they all bring : a "scholar-analyst" collaborating with a tech team, a team of scholars/engineers and a sociologist who codes alone. -Should scholars leave coding to the professional? -What does open sourcing code brings to the game? -What does maintaining a research software require? -Is coding from academia actually fun or a burden?</p> - -<p>Add your own questions to this list by participating to the live event. -Questions from the audience (chatroom) will be asked to the panel by the moderator.</p> - - Paul Girard - Ian Johnson - Josquin Debaz - John Boy - Waldir Lisboa Rocha - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:20 - D.research - open_research_writing_data_visualization - Writing with data visualization - Multimodal encounters in the making of digital social sciences publications - Open Research Tools and Technologies - devroom - - <p>The writing of web publications mixing data visualization and textual prose opens novel opportunities for connecting evidence, arguments and narrative in social sciences communities. Such a practice poses a variety of challenges in terms of website design and development ; but also and maybe more importantly, it asks for experimenting specific workflows for coordinating a variety of expertises ranging from social sciences disciplines (history, sociology, etc.) to data science, information design and web-related skills. It also reconfigures, for the research processes themselves, the relationships between activities of (data-related) enquiry and (communication-oriented) writing, creating a renewed space for discovery, invention and verification for the data sustaining a given argument or narrative.</p> - -<p>Relying on recent experiments in making collective digital publications grounded in sociology of technology (https://medialab.github.io/carnet-algopresse/#/publication/en) and history of economy (https://medialab.github.io/portic-storymaps-2021/), this talk accounts for the diverse challenges arising from such activities of “data visualization-driven writing”, and some strategies we used to cope with them. It describes and compares the technical and methodological workflows we developed in order to simultaneously develop text, datasets and visualizations, taking into account a variety of aims, data materials, and distribution of skills. Doing so, it advocates for an extended understanding of the notion of “academic writing”, encompassing the practices of writing software, data and diagrams. Such an extended understanding, we argue, is necessary to design and develop writing workflows allowing to foster a multimodal and scientifically productive dialogue between these heterogeneous practices, taking full advantage of the web publication format as a research situation.</p> - - - Robin De Mourat - - - - - AI critiques in the press - Commerce multi-échelles autour du port de La Rochelle au XVIIIe siècle - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:40 - 00:20 - D.research - open_research_livemark - Livemark: data presentation framework - Express everything in Markdown - Open Research Tools and Technologies - devroom - - <p>This talk will show a new Python tool called Livemark, which is designed for data journalism software education, and documentation writing. Using Livemark, you can collect and present data with interactive tables, charts, and other elements without leaving a text editor. You can also write documentation with live script execution similar to a lightweight version of a Jupiter Notebook. This talk will demo Livemark and will be well-suited for a technical and non-technical audience that is interested in learning about data storytelling.</p> - <p>No prior knowledge is required although a basic knowledge of Markdown and Python scripting will help understand in-depth sections.</p> - - Evgeny Karev - - - Slides (ODP) - Slides (PDF) - - - Livemark Website - COVID-19 Tracker (written in Livemark) - PyData Global Lightening Talk (1:03) - PyData Global Slides - FOSDEM22 Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:15 - D.research - open_research_metaindex - MetaindeX and user requirements for a generic catalog application - Discussing user requirements for a generic cataloger app and its implementation with MetaindeX - Open Research Tools and Technologies - devroom - - <p>We will try to define in this presentation basic user needs for a generic working environment on historical data, discuss then some key technologies and architecture orientations for online open-source application MetaindeX, which intends to fulfill those user requirements. At last, we will illustrate its usage with a real corpus of few thousands French archives from "Archives Nationales", from 16th and 17th century.</p> - <p>This presentation intends to illustrate how MetaindeX opensource application could match a significant part of user needs, especially in the fields of history and humanities. -It first defines an overview of what user requirements could be for a working environment offering a ready-to-use, coding-free, quick and efficient access to advanced exploration, analytics and graphs capabilities over an historical data corpus for the researcher. It supposes that input data has already been collected, cleaned and reconciled, focusing on the exploration and analytics parts of researcher workflow. -In a second part, it then develops those needs through key technologies and architecture choices made for design and development of online open-source application MetaindeX [1]. -At last, a sample use-case illustrates user experience and shows some analytics results from the use of MetaindeX and its ecosystem (Kibana and Gephi mainly), based on a set of French archives from 16th and 17th century.</p> - - Laurent MILLET-LACOMBE - - - - - Deployed MetaindeX tool - Source code - Original paper - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:15 - 00:20 - D.research - open_research_visual_inquiries - Visual inquiries panel - - Open Research Tools and Technologies - devroom - - <p>Panel discussion between speakers of the visual inquiries session.</p> - - - Robin De Mourat - Célya Gruson-Daniel - Maya Anderson-González - Laurent MILLET-LACOMBE - Evgeny Karev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:35 - 00:15 - D.research - open_research_cdur - On the dissemination/evaluation loop for Research Software - - Open Research Tools and Technologies - devroom - - <p>This talk explores the interconnections that links Research Software (RS) dissemination and evaluation issues, in the Open Science context, following the guidelines of the CDUR RS assessment protocol.</p> - <p>In our presentation of FOSDEM 2021:</p> - -<p>Free/Open source Research Software production at the Gaspard-Monge Computer Science laboratory - Lessons learnt -<a href="https://archive.fosdem.org/2021/schedule/event/open_research_gaspard_monge/">https://archive.fosdem.org/2021/schedule/event/open<em>research</em>gaspard_monge/</a></p> - -<p>we have analyzed the evolution of several problems that rise when considering the Research Software (RS) production of a laboratory, and we have highlighted several issues that should be addressed to deal with these problems within the Open Science context. Among them we have called to the establishment of sound dissemination and evaluation procedures following the guidelines of the CDUR RS assessment protocol presented in:</p> - -<p>Gomez-Diaz T and Recio T. -On the evaluation of research software: the CDUR procedure. F1000Research 2019, 8:1353 -<a href="https://doi.org/10.12688/f1000research.19994.2">https://doi.org/10.12688/f1000research.19994.2</a></p> - -<p>CDUR comprises four steps that can be succinctly described as follows:</p> - -<ul> -<li>Citation, to deal with correct RS identification,</li> -<li>Dissemination, to measure good dissemination practices,</li> -<li>Use, devoted to the evaluation of usability aspects, and</li> -<li>Research, to assess the impact of the scientific work.</li> -</ul> - - -<p>In this talk we would like to analyze more in depth RS dissemination and evaluation issues and the above mentioned protocols, referring, in particular, to how these protocols can be adapted to different situations that may appear in evaluation processes such as, for example, different evaluation contexts (career, review...).</p> - -<p>We will also highlight the interconnections that link both dissemination and evaluation issues, as the RS dissemination needs to adjust to evaluation rules and only suitably disseminated RS (maybe in a restricted context) can be evaluated.</p> - -<p>This is a collaboration work with Tomas Recio, Professor at the University Antonio de Nebrija (Madrid).</p> - - Teresa Gomez-Diaz - - - On the dissemination/evaluation loop for Research Software - On the dissemination/evaluation loop for Research Software - - - Free/Open source Research Software production at the Gaspard-Monge Computer Science laboratory - Lessons learnt (FOSDEM 2021) - Gomez-Diaz T and Recio T. On the evaluation of research software: the CDUR procedure. F1000Research 2019, 8:1353 - Gomez-Diaz T and Recio T. Towards an Open Science definition as a political and legal framework: on the sharing and dissemination of research outputs - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:50 - 00:15 - D.research - open_research_french_ecosystem - What is special about open source research software and why does it matters? - Reporting about progresses and challenges from the French ecosystem - Open Research Tools and Technologies - devroom - - <p>French citizens have a right to request source code developed by their administration. This includes source code developed by public research labs. But the research sector has a distinct place in the "public code" landscape. It produces open source gems like scikit-learn, and many researchers contribute to Free Software, but some source code is never published because public labs are requested to use them as assets for new startups. This talk will explore this distinct place, the work that has been done in France to promote the publication of research source code and the challenges ahead.</p> - - - Bastien - - - - - French study on researchers practices for open sourcing their source code - Second French Plan for Open Science - The list of French public code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:05 - 00:20 - D.research - open_research_policies - Policies panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between the Policies panel speakers.</p> - - - Bastien - Mathieu Jacomy - Teresa Gomez-Diaz - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:25 - 00:20 - D.research - open_research_ersilia - Ersilia, a hub of AI/ML models for infectious disease research - Democratizing the access to state-of-the-art data science to researchers worldwide. - Open Research Tools and Technologies - devroom - - <p>Low and Middle Income Countries (LMIC) produce less than 10% of the world's scientific output, largely relying on solutions devised in the Global North, which are often unable to meet the real needs of their population. Data science and machine learning offer a unique opportunity to empower scientists in LMIC by providing cost-effective tools ideal for underfunded settings, but there is a gap in accessibility, infrastructure and skills that must be bridged before these tools can be effectively implemented. -We are developing the Ersilia Model Hub, a FLOSS platform where scientists can browse through a catalogue of AI/ML models and run them without the need to write a single line of code. The platform features both models published in the literature and models developed by us on-demand or in collaboration with researchers in LMIC. The pilot tool focuses on models for drug discovery in infectious and neglected tropical diseases, but we plan to expand to other global health.</p> - <p>The Ersilia Model Hub is currently in alpha development, and it will be released in January 2022, containing 100 models. The MVP must be downloaded in the user’s computers and is accessible via a command-line interface. The models are fetched from our GitHub repository and run locally. They are designed to perform on regular personal computers. In the next phases, an online query system will be implemented for the most popular models, together with a user-friendly interface which does not require use of the CLI. -In addition, we are working towards an end-to-end automated AI/ML pipeline to facilitate the creation and implementation of models trained on specific datasets of relevance to each of our users. This package will also be available early 2022.</p> - - Gemma Turon - - - Ersilia, a hub of AI/ML models for neglected diseases - - - EOSI webpage, the organization developing the Ersilia Model Hub - Main repo containing the code - Gitbook with documentation - Presentation delivered at the BOSC2021 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:45 - 00:20 - D.research - open_research_diagnostics_typhoid - Improve diagnostics of typhoid through Open Science: An Artificial Intelligence-based technique - - Open Research Tools and Technologies - devroom - - <p>Typhoid fever is one of the severe infectious human diseases in Africa. Out of an estimated 11–21 million cases of typhoid fever and 200,000 deaths occur worldwide each year. Other elements contribute to this situation and particularly in rural areas where patients to doctors ratio is very low, lack of medical facilities and costly tests. There are a number of tests available presently, from molecular to immunological and biochemical to microbiological. However, Users are unsatisfied due to delays in getting test results and Imprecise diagnosis. Misdiagnosis is usually experienced since most health care facilities use only Widal test without confirmation of results with a second test method. In addition, the diagnosis of Typhoid involves several levels of uncertainties. Patients cannot tell exactly how they feel, doctors and nurses cannot tell exactly what they observe. There is therefore, an urgent need to develop a rapid, highly sensitive and cheap diagnostic tool for diagnosis of typhoid fever.</p> - <p>The absence of a reliable diagnosis pushes rural populations towards self-medication with all the consequences that this entails, in particular drug poisoning which can lead to death. As such, we want to develop a new method to diagnose Typhoid early, quickly, and with accurate results at a low cost. We propose a hybrid diagnosis method with a Deep Learning algorithm applied on blood serum images which seems to be the best accepted test by laboratory technicians. We use CNNs as algorithms on the collected images to train the algorithm. We use a second algorithm Rough Set Theory. This algorithm based on symptoms variables which are structured data collected from medical doctors allow us not only to confirm the diagnosis but above all to determine the level of severity of the disease and serve as a Decision Support System. The two algorithms will be part of a mobile app connected to an optical microscope, the phone camera will scan images from the slides on the microscope and classify them into Normal or Infected. In a series of rapid spotlights, we present tools and frameworks that serve as cornerstones for the envisioned diagnostics system including: 1) Values, influences and forces that shape the diagnostics 2) AI solutions to be used; 3) Data sources 4) Ethics and governance model.</p> - - Elisee JAFSIA - - - Improve diagnostics of typhoid through Open Science: An Artificial Intelligence-based technique - Improve diagnostics of typhoid through Open Science: An Artificial Intelligence-based technique - - - Mboalab website - Past presentation - Project repository - Orcid - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:05 - 00:15 - D.research - open_research_artificial_intelligence - Artificial Intelligence Panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between the Artificial Intelligence panel's speakers.</p> - - - Yo Yehudi - Elisee JAFSIA - Gemma Turon - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:20 - D.research - open_research_gitbuilding - GitBuilding: Open source documentation for open source hardware - - Open Research Tools and Technologies - devroom - - <p>GitBuilding is an Open source program for writing hardware documentation. GitBuilding uses your tags and meta-data to automatically generate and insert bills of materials into your documentation. It correctly links different steps to one another (even when you have multiple variants), allowing you to write instructions once and reuse them for multiple projects. It also shows previews of 3D files and lets you easily include links to generated zips and other files in the correct places. You can output the entire documentation in pure Markdown, HTML, or PDF.</p> - <p>Open hardware is beginning to mature. International agencies such as the European Commission and UNESCO see open hardware as key to open access, especially for science hardware. Open hardware could help bring an end to the reproducibility crisis where researchers cannot replicate the work of others. However, open hardware has a key hurdle to overcome: documentation.</p> - -<p>Documentation is important for any open project. You can't study and improve something unless it is documented. For hardware the problem is more pronounced, distribution of hardware relies either on people replicating a design themselves, or on a manufacturer producing the design. Without assembly instructions a project can't be used by anyone, for anything but the most simple project, the digital design files are not enough.</p> - -<p>As open hardware matures documentation becomes even more important. Most people don't have the time to build all of the products they use. Even those who care about open hardware want to buy a pre-made product. To manufacture a product the documentation must be far more complete, including enough design rationale that a manufacturer can fix problems, and containing not just assembly steps, but also quality assurance procedures.</p> - -<p>GitBuilding is a tool designed to allow open hardware designers to keep markdown documentation with their hardware designs, such as in a Git repository. Extra syntax has been introduced to semantically link pages together, and to identify when tools and components are used. This allows the automatic creation of Bills of Materials, as well as reuse of specific instructions for multiple variations of the same project.</p> - -<p>GitBuilding was initially designed for the OpenFlexure Microscope (OFM) project. The OFM is an open source laboratory grade motorised microscope that is being trialled for malaria diagnosis in Tanzania. The open project plans to support manufacturers across the world in selling the OFM as an in vitro diagnostic (IVD) device. For this to be possible our documentation must be complete enough that manufacturers can verify the microscopes performance and design, and their own manufacturing of it to a standard acceptable to their IVD regulator. GitBuilding must be powerful enough to support this documentation.</p> - -<p>GitBuilding is now needs to generalise. The project needs to be sure it is collecting the correct data for other types of hardware and for other industries. We need to gather input from across the open hardware community, so we know what data needs to be captured, and so where possible this information can be captured exactly one, and used wherever it is needed.</p> - - Julian Stirling - - - - - Project page - GitLab repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:15 - D.research - open_research_beehive - BeeHive: a flexible open hardware platform for behavioural experiments - - Open Research Tools and Technologies - devroom - - <p>Digital and technical literacies are an ubiquitous requirement in modern research teams. Despite being fundamental, they are rarely part of the curriculum in universities, thus undergrad and early career researchers often struggle to code data analysis pipelines and to automate data collection from experimental setups. Neurosciences, in particular, relies a lot on these skills, with behavioural experiments planning, design of the testing boxes, data visualisation and analysis. To Successfully complete these tasks, researchers need to acquire a significant level of skill in programming and hardware design. -To address these problems, we are developing a flexible open hardware platform to lower the barrier in creating experimental setups: BeeHive. It consists of a main board, which nests an ESP32 microcontroller, and several dedicated “daughter boards”, each designed to perform one function (e.g. one board senses temperature, another controls motors, etc). These boards are connected to one another using a standard system already used by other Open Hardware systems, so that there is no need to reinvent the wheel. We can then focus on developing things that are not available yet. The system runs MicroPython, which is a Python derivative for microcontrollers. -This architecture allows users to be in control of everything that the platform is doing while also providing plenty of room for completely new applications. Modular structure helps users to get familiar with electronic components already at entry-level expertise while Python is employed for its strong points such as simplicity and widespread usage. In this presentation we set out to explore the core concept of Beehive, describe existing and possible applications.</p> - - - Andre Maia Chagas - Ihor Sobianin - - - - - BeeHive github project - BeeHive contact form - Download this presentation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:55 - 00:15 - D.research - open_research_open_hardware - Open Hardware Panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between the Open Hardware panel's speakers..</p> - - - Matthieu Totet - Andre Maia Chagas - Ihor Sobianin - Julian Stirling - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:10 - 00:10 - D.research - open_research_actigraphy_light_exposure - Building a consensus meta-data standard for actigraphy and light exposure data - - Open Research Tools and Technologies - devroom - - <p>In chronobiology and sleep science, researchers often collect data using research-grade activity trackers called actigraphs, which measure movement and determine rest-activity cycles, and light dosimeters, which measure light exposure. At present, there is no meta-data standard for actigraphy and light exposure data that describe aspects of the data collection, such as device manufacturer, sampling rate, or instructions given to the participant. However, meta-data like those are critical for aggregating data and comparing data collected in different samples or across various research sites. Over the past 1+ year, we have been working on developing a consensus meta-data standard for describing actigraphy and light exposure data. The standard is written in JSON-schema, and is extendable to other time-series modalities (such as temperature). The standard is the joint effort of two teams of researchers volunteering their time. In this talk, I will describe the journey from inception to standard, along with the challenges and barriers encountered.</p> - - - Manuel Spitschan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:10 - D.research - open_research_brapi - BrAPI: a standard API specification for plant breeding data - - Open Research Tools and Technologies - devroom - - <p>Modern plant breeding research requires a large amount of data to function effectively. Data repositories are improving in their ability to store this data, but there is a growing need for interoperability between disparate data sources and applications. The Breeding Application Programming Interface (BrAPI) project offers a solution to this problem with a standardized RESTful web service API specification. This specification provides a standard data model for the plant breeding domain, plus a well-defined set of methods for interacting with the data. The goal of the project is to promote interoperability, data sharing, and open source code sharing across organizations who produce and consume data in this domain. The BrAPI project is a community built project and that community is well established and continuously growing. The standard is built based on concrete use cases to solve real interoperability challenges faced by the community. Beyond the core standard, the community has built a variety of open source tools and resources to help build and test implementations of the specification. The community is also constantly producing new BrAPI compliant applications, analysis tools, and visualizations that will work with any BrAPI data source.</p> - - - Peter Selby - - - BrAPI: a standard API specification for plant breeding data - - - BrAPI Project Website - BrAPI Project Source Code - BrAPI Project Publication - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:20 - D.research - open_research_standards_panel - Standards panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between Standards panel's speakers.</p> - - - Mathieu Jacomy - Peter Selby - Manuel Spitschan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:50 - 00:20 - D.research - open_research_ontology_development_kit - Ontology Development Kit - A toolkit for building, maintaining, and standardising ontologies - Open Research Tools and Technologies - devroom - - <p>In biomedical sciences, ontologies are used to annotate and organize data stored in knowledge databases and facilitate their exploitation. Following the pioneering work of the Gene Ontology at the turn of the century, the Open Biomedical and Biological Ontologies (OBO) Foundry was created to coordinate the development of a family of interoperable ontologies sharing a core set of principles. The Foundry now includes more than 150 ontologies. -The Ontology Development Kit (ODK) [1] was developed to facilitate the implementation of standardized ontology development practices across the Foundry. It takes the form of a Docker image that provides ontology editors with all the command-line tools they need to manage, edit, build, and test their ontologies, as well as standardized and carefully crafted Makefile rules to pilot all steps of the ontology life cycle. In recent years, many ontologies such as the Uberon multi-species anatomy ontology, the Cell Ontology (CL), or the Unified Phenotype Ontology (uPheno) have been converted to use the ODK. By moving most of the management, building, and testing logic from the individual ontologies to the ODK, the kit aims to make the life of ontology editors easier, by allowing them to focus solely on actual ontology editing, all the while contributing to the standardisation of the various ontologies.</p> - <p>[1] Nicolas Matentzoglu, Chris Mungall, and Damien Goutte-Gattat (2021). Ontology Development Kit. doi:10.5281/zenodo.5762512</p> - - Damien Goutte-Gattat - - - - - Public repository for the Ontology Development Kit - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:20 - D.research - open_research_wikibase - Sustainable community building with the Wikibase Stakeholder Group - - Open Research Tools and Technologies - devroom - - <p>The Wikibase Stakeholder Group is a new initiative testing alternative approaches to governance, decision-making and community-building for open source digital knowledge management. It aims to facilitate collaboration across various institutional and individual partners in order to ensure the continued development and long-term sustainability of Wikibase, a suite of tools for data management within a linked open data environment. Wikibase is currently developed and maintained by Wikimedia Germany, a chapter of the non-profit Wikimedia Foundation. Wikibase is vital infrastructure for the public linked data project Wikidata, but since its open release in 2015 it has been increasingly taken up in research, cultural and institutional contexts due to its flexible, open and collaborative architecture. Rhizome have been piloting the use of Wikibase within GLAM contexts since its release, and have co-organized the first set of public meetups and events around the emerging Wikibase community and ecosystem of decentralized Wikibase instances. Following the success in bringing the community together through these events Rhizome and a few early adopters started the Wikibase Stakeholder Group at the end of 2020. In this talk, we will present the activities of the Group to date, lessons learned from our experiences in collective decision-making, funding for collaborative development efforts, and negotiating between individual project requirements towards a common roadmap in line with ongoing efforts of the Wikimedia team.</p> - <p>Expected prior knowledge / intended audience: -No prior knowledge is required for this talk, except general familiary with open source community contexts and open data management tools. The intended audience is other practitioners actively involved in open source communities, in the governance and organization of communities, and/or the development of tools for linked open data management.</p> - - Lozana Rossenova - Dragan Espenschied - - - - - Link to main subject of the lightning talk - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:15 - D.research - open_research_knowledge_management_panel - Knowledge management communities panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between speakers of the Knowledge Management Communities panel.</p> - <p>Open source software can help in building communities around common practices. -Damien Goutte-Gattat's talk shows how a piece of software (Ontology Development Kit) can help ontology editors to deploy their tools and at same time foster standardized ways to write and publish their work. -A double benefit grounded in FOSS practices.</p> - -<p>But Open source software also benefits in return of organized users communities. -Lozana Rossenova and Dragan Espenschied present the Wikibase Stakeholder Group which gathers a community of wikibase server and its plugins users and developers. -A detailed explanation of how to care a community around a FOSS.</p> - -<p>Those two sides of community building around knowledge management will be discussed with the speakers in a live discussion panel. -Questions from the audience will be collected from the textual chatroom and voiced by the session moderator.</p> - - Paul Girard - Damien Goutte-Gattat - Lozana Rossenova - Dragan Espenschied - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:45 - 00:15 - D.research - open_research_f_uji - F-UJI : A Tool for the automated assessment and improvement of the FAIRness of Research Data - - Open Research Tools and Technologies - devroom - - <p>Funders, publishers and scientific organizations have highly endorsed the adoption of FAIR principles (Findable, Accessible, Interoperable, and Reusable) to promote research data reusability and reproducibility. -However, FAIR principles are high-level guidelines without explicit requirements for their implementation. Practical solutions such as metrics and associated tools are required to support the assessment of FAIR compliance of research artefacts such as services and datasets. This talk will introduce an open-source tool named F-UJI which was mainly developed to support trustworthy data repositories committed to FAIR data provision to programmatically measure datasets for their level of FAIRness over time. The talk will provide an overview the development and application of F-UJI and use cases it has supported so far.</p> - - - Patricia Herterich - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:20 - D.research - open_research_agrometeorology - Internal R packages for Open Science in Agrometeorology - - Open Research Tools and Technologies - devroom - - <p>Argentina's National Institute of Agricultural Technology (INTA) conducts research and development for the agricultural sector. Environmental conditions influence agricultural activity; in particular, climatic conditions have a favorable or detrimental effect on production. Thus, it is essential to monitor and analyze the different agro-meteorological variables to describe these conditions and their impact on agricultural and livestock production. With this approach, INTA has an extensive ground network of conventional and automatic weather stations. In addition, there is an information system (http://siga.inta.gob.ar) with predefined queries and visualization on this data for internal and external use. All the information generated by the institution is openly shared under a CC-BY-NC license. -INTA is a decentralized institution and generates research, analysis, and reports at different scales (national to local). The processes to perform these tasks use various software tools and different methodologies. Moreover, these processes are in the computer and the head of the researchers.<br/> -Developing internal packages or libraries has great potential to promote reproducible analysis frameworks, improve an organization's code quality, enhance knowledge management (Riederer, 2021), standardize and make processes transparent, and open software and data to society.</p> - -<p>The {agromet} package includes a series of functions that can be used regularly for the calculation of agrometeorological indices and statistics. The input meteorological data works under the tidy data philosophy, so the package functions are generic. They can be applied to any tabular dataset regardless of its origin, order, or column names. However, according to INTA's internal requirements, the package also incorporates tools to read data in an INTA format. This package has implemented functions for calculating indexes and variables of agricultural interest, standardizing how these computations are made. It also incorporates mapping functions with scale and reports templates.</p> - -<p>The package {siga} downloads and reads data from INTA's Agrometeorological Information and Management System programmatically.</p> - -<p>This talk will discuss the decision process to generate a series of internal packages designed to be used by INTA users but with enough generality to be helpful to a broad community. Their development, current use, and this experience encouraged the generation of similar packages for soil data.</p> - <p>Organization on GitHub: https://github.com/AgRoMeteorologiaINTA</p> - - Yanina Bellini Saibene - - - - - Siga package - AgroMet package - Local information system using agromet - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:20 - 00:20 - D.research - open_research_lhc - Unveiling Hidden Physics at the LHC using Open Data - Making particle physics Open Data usable - Open Research Tools and Technologies - devroom - - <p>The experiments at the Large Hadron Collider (LHC) at <a href="https://home.cern/">CERN</a> have been running for more than a decade. The data recorded by the detectors such as the <a href="https://cms.cern/">CMS experiment</a> are analysed by thousands of physicists all over the world. The CMS Collaboration has made openly available more than 2.5 petabytes of data on the <a href="http://opendata.cern.ch/">CERN Open Data Portal</a>, containing billions of recorded and simulated events.</p> - -<p>Open Data are, however, only useful when accompanied by realistic usage examples. The sheer amount of data as well as the fact that the software used to analyse them is often more than ten years old poses several challenges. In this presentation, Clemens will discuss how the CMS Data Preservation and Open Access group tries to overcome these challenges so that potentially everyone could use the data to <a href="https://arxiv.org/abs/2109.06065">unveil hidden physics</a>.</p> - - - Clemens Lange - - - Slides for Unveiling Hidden Physics at the LHC using OpenData - - - CERN Open Data Portal - Community White Paper on Open Data in particle physics - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:40 - 00:20 - D.research - open_research_open_data_panel - Open Data Panel - - Open Research Tools and Technologies - devroom - - <p>Discussion between the Open data Panel speakers.</p> - - - Sara Petti - Yanina Bellini Saibene - Clemens Lange - Patricia Herterich - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:20 - D.design - osd_introduction_to_open_source_design - Introduction to Open Source Design - - Open Source Design - devroom - - <p>Every year we take some time to introduce the Open Source Design collective, what we do, where to find us and how to get involved.</p> - - - Bernard Tyers - Eriol Fox - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:20 - 00:25 - D.design - osd_lessons_learned_from_open_sourcing_the_orbit_docs - Documenting a Design System - Lessons learned from open sourcing the Orbit docs - Open Source Design - devroom - - <p>A design system helps contributors create consistent user experiences. To elevate from a collection of patterns to a system, you need to provide clear standards and reasoning. Clear and comprehensive documentation helps you put this system together into something everyone can use.</p> - -<p>This talk will go through how we open sourced the documentation for the <a href="https://orbit.kiwi/">Orbit design system</a> and discuss what we learned from the process. It will discuss creating both visual and content standards for the docs and how it was all accomplished. The lessons from this experience can help in the creation of useful and accessible documentation to guide the design process.</p> - - - Aaron Collier - - - - - Orbit documentation - Source for documentation - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 00:25 - D.design - osd_stories_and_learnings_from_1_and_a_half_years_of_supporting_designers_and_open_design_processes_in_the_bitcoin_ecosystem - Supporting open design in Bitcoin - Stories and learnings from 1.5 years of supporting designers and open design processes in the Bitcoin ecosystem. - Open Source Design - devroom - - <p>At FOSDEM 2021, we shared an introduction to, and the ambitions of, the Bitcoin Design Community. 6 months into the effort, we were brimming with ideas and big goals for designing amazing user experiences, connecting designers with open-source projects, and lots more. Now, one year later, we’d like to look back and share where we are, what has worked for us, and what hasn’t (yet?).</p> - - - Christoph Ono - Johns Beharry - - - - - Bitcoin Design Community website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:25 - D.design - osd_synthesising_user_testing_insights_with_oss_tool_teams - Synthesising user testing insights with OSS tool teams - - Open Source Design - devroom - - <p>So you’ve done some user testing or usability testing as an open source software team and now you have interesting user insights collected. But...what do you do with it? How does user feedback correspond to issues in the backlog? How do you get the wider OSS community team up to speed if they haven’t been part of the synthesis process? These are some of the questions you may ask yourself after participating in user testing or usability testing. You’re ready for a synthesis process!</p> - -<p>The USABLE team has already published two resources about user testing and usability testing, now they are presenting their third resource about user insight synthesis. You’ll see how they supported open source software tool teams to work with user insights in an open source way of user testing, usability and synthesis work. -In this session you will observe how the USABLE team supported OSS tool teams with user insight synthesis processes with detailed explanations of why, how and when to do synthesis. You will also view clips of a previous closed session in which the USABLE team and OSS tool teams collaborated on a synthesis work session.</p> - <p>So you’ve done some user testing or usability testing as an open source software team and now you have interesting user insights collected. But...what do you do with it? How does user feedback correspond to issues in the backlog? How do you get the wider OSS community team up to speed if they haven’t been part of the synthesis process? These are some of the questions you may ask yourself after participating in user testing or usability testing. You’re ready for a synthesis process!</p> - -<p>The USABLE team has already published two resources about user testing and usability testing, now they are presenting their third resource about user insight synthesis. You’ll see how they supported open source software tool teams to work with user insights in an open source way of user testing, usability and synthesis work. -In this session you will observe how the USABLE team supported OSS tool teams with user insight synthesis processes with detailed explanations of why, how and when to do synthesis. You will also view clips of a previous closed session in which the USABLE team and OSS tool teams collaborated on a synthesis work session.</p> - - Eriol Fox - Kelsey Smith - - - - - First USABLE resource - Second USABLE resource - USABLE tools website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:25 - D.design - osd_penpot_we_hear_you_collecting_and_processing_user_feedback - We hear you! - Collecting and processing user feedback, for real! - Open Source Design - devroom - - <p>A lot of UX practitioners don't talk to users on a regular basis, at Penpot we might be on the opposite side of the spectrum. We gather a lot of feedback from our users. What for? Fixing (bugs), improving (enhancements), discovering (new needs), prioritizing (asking/frequent queries as an indicator). And the most important thing is what do we do with that feedback and which kind of feedback would we like to receive?</p> - <p>At Penpot, we work as a full support team. We think of our users as a knowledgeable open space they provide us and we all work to learn from the market. Also it’s important to mention that we design Penpot with Penpot, the team members are users too. Plus we manage all our work at Penpot with our sibling Taiga, a powerful agile project management tool which is our sibling company. Obviously we have our own product development vision, but we like to discover what our users think with an open- feedback policy, and feel validation with conducted tests. Our community is the most important and fundamental part in Penpot’s roadmap.</p> - - Clara Garcia - - - We hear you - slides - - - https://penpot.app/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:25 - D.design - osd_when_to_invest_in_the_ux_of_scientific_open_source - When to invest in the UX of (scientific) open source - - Open Source Design - devroom - - <p>Software has become increasingly central to scientific research. Both software development and its use are essential activities for scientific teams. But investment in its production, maintenance, and adoption is often overlooked, and academia often fails to leverage best practices for software engineering from industry, the open source community, or elsewhere. Furthermore, investment in the user experience (UX) and usability of scientific software is largely an afterthought, if considered at all. As such, any future investment in UX is expected to have a disproportionately positive impact on adoption of scientific tools (i.e. broadening access) and on scientific discovery itself. Currently, the impact of this kind of investment (or lack thereof) is largely unknown.</p> - -<p>Scientific software stands to benefit from the learnings and current practices in open source design. This talk will explore the unique workflows and incentives of research institutions (and other contexts in which scientific software is produced) and map them to current practices of open source design with the intention of bringing to light the opportunities to better understand how and when to invest in the UX of research software, how to grow expertise in UX, and how to cultivate norms on peer-production platforms toward good UX practices.</p> - - - Elizabeth Vu - - - - - https://sloan.org/programs/digital-technology - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:25 - D.design - osd_why_designers_are_the_mediators_of_accessibility - Why Designers are the Mediators of Accessibility - How the designer's perspective leads to a more accessible OSS - Open Source Design - devroom - - <p>Two designers came together to tackle this under-addressed issue in OSS. In this talk, we'll cover -- How design principles have shaped our understanding of the technical challenges in implementing accessibility in OSS, such as writing 'alt-text' for scientific diagrams -- Learn about the real impact our workshops have made in NumPy, JupyterLab and scikit-learn -- How other OSS projects can host their own accessibility workshops and sprints</p> - <p>Designers have valuable skills that go beyond the visual arts: the ability to zoom out and see the big picture, finding connections between disparate objects, and creating a pleasant user flow.</p> - -<p>It is exactly these skills that make designers such valuable mediators of accessibility!</p> - -<p>Mediators are required as the needs of accessible technology and OSS can seem at odds: -- Accessible technology needs to recognize the variety of disabilities, that there are many possible solutions, and to create cohesive alternative experience -- OSS needs flexibility and variety: it is exactly because individual contributors add different things that it can be difficult to uniformly follow any sort of guidelines for one disability, much less for a variety of disabilities</p> - -<p>This talk will explore how two designers came together to start mediating for more accessible OSS. Hear about our messy beginning trying to decode terms and guidelines, talking to developers of what they need, and finally creating accessibility-focused workshops for NumPy, JupyterLab and scikit-learn that have already made changes to the codebase.</p> - -<p>Designers will leave with an understanding of accessibility, their role in it and actionable steps, such as how to host their own accessibility workshops in their communities.</p> - -<p>Note: While accessibility is a broad term that encompasses accommodating for a variety of disabilities, this talk focuses on making OSS accessible to people with visual disabilities via implementation of 'alt-text' for scientific diagrams.</p> - - Mars Lee - - - - - Presentation Slides - Transcript of Talk - Video with Captions - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:45 - D.design - osd_successful_remote_workshop_in_a_remote_workshop - Remote workshops - Learn how to conduct a successful remote workshop in a remote workshop - Open Source Design - devroom - - <p>In this workshop, you will learn how to plan and conduct a remote workshop. It will cover helpful tools and methods, energizers, and collaborative design. On top of that, you will get insights and first-hand experience solving workshop issues like scheduling over timezones, mixing real-life and remote settings and involving people even in virtual formats.</p> - <p>The open-source software company Grafana Labs successfully holds virtual workshops in a remote setting, both with small and large groups. Facilitator Jess will show how she conducts such workshops and teach you her tried and tested insights – in an interactive workshop format!</p> - - Jess Müller - - - - - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:45 - 00:25 - D.design - osd_attracting_and_keeping_ux_designers_on_foss_projects - Calling all UX Designers! - Attracting and keeping UX designers on FOSS projects - Open Source Design - devroom - - <p>How can your project attract (and keep!) UX designers? I'll list few specific changes that should help. But I have to warn you, these aren't quick hacks. They're small but meaningful changes to your culture that will also improve your product overall.</p> - -<p>I gave a talk at <a href="https://www.youtube.com/watch?v=Mjup7Mrj7uU">FOSS Backstage on UX and FOSS</a>. This is really 'part 2' in the series, making concrete suggestions maintainers can use to help make their projects more UX focused and by extension, help attract UX designers.</p> - - - Scott Jenson - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:15 - 00:25 - D.design - osd_sustaining_open_source_design_podcast - 1 year of the Sustaining open source design podcast - What key themes emerged from 1 year and 17 episodes of design in open source podcasts? - Open Source Design - devroom - - <p>The Sustaining open source design podcast has been hosting conversations about open source and design over the last year with designers of all kinds across the spectrum of open source software projects. From new to open source to long term contributors and from practicing visual designers to design researchers. We've spent over 30 hours in conversation with designers and we are coming together as hosts to discuss the main themes throughout these conversations in 2021 at FOSDEM 2022 with a look ahead to what might come up in 2022 for design in OSS.</p> - -<p>This will be a conversation between hosts of the SOS design podcast: Eriol Fox, Georgia Bullen, Memo Esparza, Peace Omejeh and Richard Littuar</p> - -<p>https://sosdesign.sustainoss.org/</p> - <p>N/A</p> - - Georgia Bullen - Memo Esparza - Eriol Fox - - - - - The SOS design podcast - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:40 - 00:20 - D.design - osd_pitch_your_project - Pitch your project - - Open Source Design - devroom - - <p>In this session, FOSS projects as given time to present and ask for contributions to the designers in the room. Each project is given 2 minutes to present. In those 2 minutes, they should briefly introduce the project, explain what design help they need, and provide contact details so designers can reach them after FOSDEM.</p> - -<p>The Open Source Design collective will use the information to submit a "job" for each project to the Open Source Design "jobs board" (https://opensourcedesign.net/jobs/), so that the request for design help reaches not just the designers in the room, but also the wider design community.</p> - - - Eriol Fox - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 11:00 - 00:10 - D.firmware - welcome_ttosfbabd - Welome to the Open Source Firmware, BMC and Bootloader devroom - - Open Source Firmware, BMC and Bootloader - devroom - - <p>Warm welome to the Open Source Firmware, BMC and Bootloader devroom.</p> - - - Daniel Kiper - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:10 - 00:50 - D.firmware - fw_settings_and_menus - Firmware Settings and Menus - - Open Source Firmware, BMC and Bootloader - devroom - - <p>Among many challanges around initializing hardware, security, and booting into -operating systems, firmware also needs to provide an interface for the user to -change settings, set up a trust anchor, or simply enjoy colorful graphics. -This talk summarizes approaches from (U)EFI <a href="https://www.intel.com/content/dam/www/public/us/en/documents/reference-guides/efi-human-interface-infrastructure-specification-v09.pdf">dating back to 2003</a>, -looking at modern OEM UIs in comparison to open implementations such as the menu -in <a href="https://github.com/u-root/webboot">webboot</a>, those from <a href="https://github.com/system76/firmware-setup">System76</a>, EDK2, and <a href="https://github.com/Dasharo/edk2/tree/dasharo/MdeModulePkg/Library/UefiBootManagerLib">Dasharo</a>, -and showcasing prototyping environments for further development, finishing with -a short discussion of reusable and portable abstractions for designing APIs.</p> - - - Daniel Maslowski (CyReVolt) - - - Firmware Settings and Menus - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 00:50 - D.firmware - grub_status_update - GRUB - Project Status Update - - Open Source Firmware, BMC and Bootloader - devroom - - <p>The presentation will discuss current state of GRUB upstream development.</p> - - - Daniel Kiper - - - grub_project_status_update_20220119.dk.pdf - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:10 - 00:25 - D.firmware - osf_on_amd_3rd - Open Source Firmware status on AMD platforms 2022 - OSF on AMD 3rd edition - Open Source Firmware, BMC and Bootloader - devroom - - <p>This is the 3rd edition of the "Status of AMD platform in coreboot". The talk -will cover the most recent news around the AMD support in open source firmware -ecosystem and updates of the topics covered in previous years. We would like to -present status of FSF RYF KGPE-D16 platform revival and related upstreaming -effort, TrenchBoot progress for AMD platforms and status of recent support in -coreboot and oreboot projects. Finally we would like to present Dasharo - open -source firmware distribution with long term stable support for older AMD -platforms.</p> - <p>The history of AMD cooperation in coreboot projects reaches 2007 where the -first contribution appeared for the Geode LX processors. AMD's open-source -support continued for many years until now (with some break). This presentation -will briefly repeat the history of AMD and open source firmware. Moreover, -recent coreboot releases started to enforce certain requirements on the -features supported by the silicon code base. Aging platforms kept losing -interest and many of them (including fully open ones) starting to cause -unjustifiable overhead, because of accumulated technical debt. Most probably it -will result in similar situation as with famous 4.11 branch becoming de facto -stable branch for some platforms (e.g. FSP1.0 Bay Trail or ASUS KGPE-D16). -Nowadays AMD is releasing the newest AGESA with the cooperation of hired -coreboot developers, but charter covers modern Ryzen-based processors. We -trying to support the AMD platforms by reimplementing the ASUS KGPE-D16 (FSF -RYF platform) support in coreboot and keeping the PC Engines platforms in the -top of tree. We would like to present Dasharo plan for long term stable and -sustainable support for older platforms. If you are interested in open source -firmware for most open x86 platforms on the market feel free to tune in and -discuss the ideas with us.</p> - - Michał Żygowski - - - Open Source Firmware status on AMD platforms 2022 - - - TrenchBoot documentation - Dasharo for ASUS KGPE-D16 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:55 - D.firmware - ost2 - OST2: A new way to grow security talent for open source projects - Open Security Training 2 - Open Source Firmware, BMC and Bootloader - devroom - - <p>In this talk, we'll describe how OpenSecurityTraining2 (OST2) can help grow security talent and awareness on open source projects, and we'll use the coreboot open source firmware as a case study.</p> - -<p>Newly structured as a 501c3 non-profit, OST2's core goal is to provide free and open training that helps increase system security. This can take multiple forms, such as training dedicated security engineers, training developers to write more secure code, training potential contributors to security-focused projects, or training engineers on safer alternatives to technologies they're already using. In this talk we'll describe current and future examples of all the previous use cases, and drill deeper into a case study of how 3mbdeb, a licensed service provider for the coreboot open source firmware project, is contributing to OST2 to advance the state of open source firmware security.</p> - - - Piotr Król - Xeno Kovah - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:10 - 01:00 - D.firmware - attestations_requirements - Attestation's Requirements - Secure Firmware, now what... - Open Source Firmware, BMC and Bootloader - devroom - - <p>The increased need for secure firmware of all kinds in "IoT" devices from simple sensors to SBC's capable of running large operating systems (eg: Pis, IMXx boards etc) is well known and being driven by many forces, eg: Industry 4.0, 5G, 6G etc. What interestingly is missing is how this firmware provides additional security beyond that of the individual device: to the system as a whole, supply-chain provenance and applications; then further on to how we deal with security incidents through the added forensics and analysis of these devices. Finally we reach the impact of secure firmware to safety-critical systems. Trusted computing, TPM and remote attestation are all well known, but their integration between themselves and the systems they are part of are going to be critical.</p> - <p>In this talk we will set out how secure and high-integraty aspects of systems will or should be reflected in the development of firmware for a wide-range of devices.</p> - -<p>Trusted computing, remote attestation and the unbiquitous TPM (not forgetting Pluton and friends) are all well known technologies. Indeed a trusted computing base requires firmware with specific capabilies that promote certain aspects of immutability, identity and integrity measurements - if these properties are provides then we have the start of a chain of trust and a measurement and identity mechanism that allows that device to be "attestable". The further property of being "trustable" needs more explanation but refers to the core root of trust measurement and how this is established, amongst other requirements.</p> - -<p>Once we have a collection of attestable (and trustable) devices then remote attestation offers us the possibility of trust relationships between those devices leading to higher-level trust capabilities and integration with supply-chain and forensics.</p> - -<p>To further demonstrate this we have developed case studies from the medical and railway verticals based upon edge cloud and 5G communications. As part of this talk we will use these safety-critical domains as the drivers for a wider and more integrated trusted computing base and ultimately the requiremnts towards firmware and hardware that sits at the core of this.</p> - - Ian Oliver - - - Trust, Security and Privacy through Remote Attestation in 5G and 6G Systems - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:20 - 00:30 - D.firmware - mono_lake_story - Mono Lake Story - how we enabled an open hardware platform - - Open Source Firmware, BMC and Bootloader - devroom - - <p>We are living in exciting times - we are finally seeing hyperscale server platforms opening up and running on open source software (with caveats still). The journey though is a road full of potholes, braking and sharp turns. Opening up hardware is not easy! Follow along and see how we enabled the Mono Lake platform that was originally created by Facebook (now Meta).</p> - <p>Opening up hardware is a difficult process. But necessary for those who are part of the circular economy. Being able to extend the life of hardware platforms by making community supported can be quite a lift but the end is can be filled iwth possibilitles. While there has been many instances of open hardware - none though is built to run as hyperscale platform in data centers.</p> - -<p>The Mono Lake platform was originally open spec'd and built by Facebook (now Meta) - with it, we can build powerful data center class computing engines that run modern workloads. But because the platform is 4 years old, it needed to move from a singular purpose to general purpose. This talk will be focused on the journey of opeining up the Mono Lake platform and the end result and the work still left to do.</p> - - Sri Ramkrishna - - - - - github page for Mono Lake submission - contact for our partner - SysPro Consulting - Link to Sesame and related products - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:50 - D.firmware - plan_9_cpu_cmd - Plan 9 CPU command, in Go, for Linux - the network is the computer -- for real this time - Open Source Firmware, BMC and Bootloader - devroom - - <p>I have reimplemented the Plan 9 cpu command in pure Go, available at github.com/u-root/cpu. It uses the ssh transport protocol for data, and the 9p protocol for file system traffic.</p> - -<p>If you are used to ssh, cpu will look very similar, to the point of even honoring your .ssh/config! What's different is that when you cpu from your local note to a remote node, file systems of your choosing are visible on the remote node, mounted over 9p, connected to a server running in the cpu command itself. Translation: you don't ever need to talk to a sysadmin to get network mounts set up. Want to use programs from your local node, libraries from your node, and see your home directory? No problem, run with the default namespace. Is the node a different architecture, but you want to use your /home? No problem, just tailor the CPU<em>NAMESPACE variable, e.g.: CPU</em>NAMESPACE=/home:/bin=/arm/bin:/usr=/arm/usr:/lib=/arm/lib cpu cat /proc/cpuinfo. Want all this from power-on/reset? No problem, we embed kernels and a cpu daemon in flash on any of x86, ARM, ARM64, and RISC-V. Want to embed a cpu capability into your Go program? No problem there is a simple package that implements the Go exec.Command interface. Want to understand cpu? No problem, it's easy to read, consisting of 1164 lines of code for the client and 799 for the server.</p> - - - Ron Minnich - - - - - github.com/u-root/cpu - github.com/linuxboot/book/tree/master/cpu - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 15:30 - 00:30 - D.openpower - openpower_workstation - OpenPOWER Ask Me Anything (AMA) - *RESCHEDULED* - OpenPOWER - devroom - - <p>This is the OpenPOWER Foundation Ask Me Anything session. -As part of the OpenPOWER Foundation, we will be have a short session where you can ask any question related to OpenPOWER. -As this is a reschedule, please not we will have a live session and the speaker will try to answer any OpenPOWER related question they can.</p> - -<p><strong><em> RESCHEDULED </em></strong> LIVE SESSION</p> - - - Toshaan Bharvani - James Kulina - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 01:00 - D.openpower - libresocproject - The Libre-SOC Project - a status update for the OpenPOWER Libre-SOC core: booting linux - OpenPOWER - devroom - - <p>The Libre-SOC Project aims to develop a family of OpenPOWER processors, ultimately working towards a full hybrid 3D CPU-VPU-GPU. After two years of development funded by NLnet, the current phase is to develop a Gigabit Ethernet Router ASIC. Funded by NGI POINTER, this ASIC is intended to be capable of running OpenWRT with OpenPOWER-compliant RADIX Virtual Memory.</p> - -<p>This talk will provide background, a status update, and go through the incremental development and debugging that is leading up to being able to boot a microwatt linux-5.7 kernel with a buildroot initramfs, under verilator.</p> - - - Luke Kenneth Casson Leighton - - - - - Libre-SOC Project website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 01:00 - D.openpower - openpowerfoundation - OpenPOWER Foundation 2.0 - - OpenPOWER - devroom - - <p>This is a presentation about the revamp of OpenPOWER platform by the OpenPOWER Foundation</p> - - - James Kulina - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - - - 10:00 - 00:05 - D.raku - rakudevroomintro - Raku devroom intro - - Raku - devroom - - <p>Welcome to the Raku devroom at FOSDEM 2022!</p> - - - Andrew Shitov - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:45 - D.raku - grammar - A Raku Grammar for Navigation Lights - code walkthrough with live examples - Raku - devroom - - <p>One feature that sets raku apart from other programming languages is the built-in Grammar parser syntax. This provides a concise, clean and extensible tool for parsing text and triggering Actions according to the content. Navigation aids such as buoys and markers sport flashing lights with characteristics such as color, duration, phase, occulting, speed, height, visibility and so on are represented on navigation charts by way of a short code e.g. <code>Fl(4)15s37m28M</code>.</p> - -<p>This talk aims to show how raku provides the average coder (me) with a new practical alternative to Regexs and/or specialist recursive descent modules. It should illustrate how the combination of the raku built-in OO system and Grammars/Actions keeps the problem domain / problem solution in focus via code and visual examples.</p> - - - Steve Roe - - - Raku Grammar for Nav Lights - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:50 - 00:45 - D.raku - dependencymanagement - Free Software, Dependency Management, and what I got wrong at FOSDEM 21 - - Raku - devroom - - <p>Writing Free Software is very different from writing proprietary software for a huge software company like Google or Facebook – the team size, incentives, and likelihood of turnover are all completely different – and, as a result, the ideal languages are very different as well. Or at least, this was the thesis for my 2021 FOSDEM talk "<a href="https://archive.fosdem.org/2021/schedule/event/programming_lang_for_free_software/">Imagining the Ideal Language for Writing Free Software</a>".</p> - -<p>Over the past year, however, I've concluded that this argument – while correct any many areas – does <em>not</em> apply to dependency management. When it comes to dependency management, writing Free Software isn't on the opposite end of the spectrum from writing code for Google — it's on the same end, but even further along. This talk will elaborate on what I mean by that statement and discuss the implication I believe that this has for Raku.</p> - - - Daniel Sockwell - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 01:00 - D.raku - dataaquisition - Multi-language Data Wrangling and Acquisition Conversational Agents - Using Raku in data acquisition and wrangling - Raku - devroom - - <p>In this presentation we discuss the Conversational Agent (CA) designs for two closely related problem areas:</p> - -<ul> -<li><p>Data Acquisition Workflows (DAWs)</p></li> -<li><p>Data Transformation Workflows (DTWs)</p></li> -</ul> - - -<p>The CA perspective is taken mostly for exposition and didactic purposes. Nevertheless, we emphasise the practical applicability of the underlying designs and implementations.</p> - -<p>Although, operationally data acquisitions are prerequisite for data wrangling we discuss data wrangling first -- the corresponding DTWs designs and implementations are more mature and the related materials are more universal, applicable to multiple programming languages.</p> - <h1>Multi-language Data Wrangling and Acquisition Conversational Agents</h1> - -<p>Anton Antonov <br/> -FOSDEM 2022</p> - -<h2>Abstract</h2> - -<p>In this presentation we discuss the Conversational Agent (CA) designs for two closely related problem areas:</p> - -<ul> -<li><p>Data Acquisition Workflows (DAWs)</p></li> -<li><p>Data Transformation Workflows (DTWs)</p></li> -</ul> - - -<p>The CA perspective is taken mostly for exposition and didactic purposes. Nevertheless, we emphasise the practical applicability of the underlying designs and implementations.</p> - -<p>Although, operationally data acquisitions are prerequisite for data wrangling we discuss data wrangling first -- the corresponding DTWs designs and implementations are more mature and the related materials are more universal, applicable to multiple programming languages.</p> - -<h2>Outline</h2> - -<h3>Data Wrangling</h3> - -<p>In the first part of the presentation we show and compare data wrangling examples in different programming languages using different packages.</p> - -<p>Here is a list of the programming languages and packages we consider:</p> - -<ul> -<li><p>Julia-DataFrames</p></li> -<li><p>Python-pandas</p></li> -<li><p>R</p></li> -<li><p>R-tidyverse</p></li> -<li><p>WL</p></li> -</ul> - - -<p>We look into the common data wrangling workflows and how we can design a conversational agent that translates natural language commands into data wrangling code for Julia, Python, R, SQL, WL.</p> - -<p>WL's external evaluator features are heavily utilized.</p> - -<h3>Data Acquisition Workflows</h3> - -<p>In the second part of the presentation we discuss the following facets of a data acquisition system:</p> - -<ul> -<li><p>Conversational Agent based on a Finite State Machine</p></li> -<li><p>Gathering and utilizing metadata taxonomies</p></li> -<li><p>The making of datasets recommender systems and search engines</p> - -<ul> -<li>In/for both R and WL</li> -</ul> -</li> -<li><p>Making (ingredient) variables queries</p></li> -<li><p>Introspection queries</p></li> -<li><p>Random data generation specifications</p></li> -<li><p>Data obfuscation specifications</p></li> -</ul> - - -<p>Extensions to ML models acquisition workflows</p> - - Anton Antonov - - - FOSDEM 2022 presentation mind-map - - - (Improved) presentation recording - Doing it like Cro (movie demo 7min) - "Raku for Prediction" book project at GitHub - Raku for Prediction talk at TRC-2021 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:35 - 00:25 - D.raku - learninganalytics - Class learning analytics with Raku - How Raku helps improve learning in a cloud computing class at the University of Granada - Raku - devroom - - <p>Rakulang is great not only as a scripting language, but also at the conceptual level, allowing you to map problem-domain concepts to data structures easily. This comes handy when you use a specific kind of learning procedure that needs to track general class progress as well as individual attainment levels in a very precise way. In this context, we have created a Raku mini-library and a series of scripts that give us information on how a whole class of Cloud Computing students is progressing, and allows to pinpoint choke points, hurdles to progress, as well as individuals who might have been left behind.</p> - <p>We think that teaching software engineering should be just like software engineering, and in this context we have created a class with project-based learning, and objective-based learning. Students progress asynchronously through a series of objectives, with the student giving them individualized feedback on how to achieve those objectives. -Objectives fulfillment is public, and this gives us a storage platform on which to build a series of scripts that show us the general degree of attainment by the class, as well as how every individual students are doing. These scripts are, for the time being, run manually. In the near future they will be integrated in a learning analytics workfow using GitHub actions, reducing the amount of manual running as much as possible. -This, while not using a big amount of high-magic, shows how Raku expresiveness and whippipitude make the management of class extremely easy.</p> - - Juan Julián Merelo - - - - - Repo for the class - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:40 - D.raku - auth - Decentralized Authentication - Authentication and identification techniques on Ethereum blockchain - Raku - devroom - - <p>Authentication is the «‎must-have» feature of every web application. Traditional centralized auth feature has the major disadvantage: if the authenticator is down, it affects on to all related services. In this talk I would like to discuss auth on Ethereum blockchain, go through its major benefits and introduce sample application with the decentralized authentication implemented in Raku.</p> - <p>Authentication module — «must-have» feature of modern web application.</p> - -<p>Traditionally the authenticator was integrated right into an application (web1.0). The user had to register and then, using a login (email) and a unique password, enter the personal account, post the comment or download the file. Credentials were stored on the web application server, and the flow of authentication, authorization and identification was managed by some module or service. This the sample of hyper centralized authentication.</p> - -<p>Built-in authenticators have been evolved to external third-party authenticators. In the era of global services and social networks (web2.0) the visitors (as well as the site owners) began to delegate authentication to corporations. At the back side of that process we had got the bloom of the phishing sites and an explicit target ads. In addition, there were the clear symptoms of centralization and de-anonymization.</p> - -<p>Blockchain (web3.0) has naturally become the third iteration in the evolution of authenticators. On the one hand, this technology provides a truly decentralized and transparent audit platform for the authentication, and on the other hand, it makes the authentication and identification flow much more anonymous.</p> - -<p>In this talk I will consider the main benefits of decentralized authentication on the Ethereum blockchain, discuss disadvantages and common attack vectors, talk about the integration tricks and demonstrate and briefly analyze a working example in Raku.</p> - -<p>This talk might be of interest to system architects, security software developers, Raku and Ethereum enthusiasts.</p> - - Konstantin Narkhov - - - - - Talk repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:35 - D.raku - backpan - Keeping the past to preserve the future - On the development of a BackPAN for Raku - Raku - devroom - - <p>The Raku ecosystem is growing at an impressive rate. The Raku Programming Language allows developers to specify the exact version of a module that is needed in production. This is a very good thing, and makes sysadmins all over the world pretty happy, as they know they can install new versions of modules without fear of breaking production code.</p> - -<p>However, developers can also <em>remove</em> distributions from the ecosystem. This presentation describes efforts to make sure that this will never become a problem for production.</p> - - - Elizabeth Mattijsen - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:15 - 00:30 - D.raku - simpletesting - Radically simple testing in Raku - - Raku - devroom - - <p>Some languages offer a very simple syntax for testing via assertion statements, for example with an <code>assert</code> function that creates a simple test that passes if given a true value and fails for anything else. This style of testing is admirably concise, but can lead to cryptic test messages that make it very difficult to determine what a test was attempting to check without opening up the file containing the failing test. At the other extreme, it's possible to write very expressive tests with a fluent, method-chaining API. For example, using the Chai.js assertion library, a test might read <code>beverages.should.have.property('tea').with.lengthOf(3)</code>. This allows tests to automatically generate much more useful messages but comes at the cost of creating a fairly complex test API with many new methods to learn.</p> - -<p>Raku's core Test module falls somewhere between these two extremes – it offers an API with a handful of functions that's easier to learn than a full fluent API but more expressive than simple <code>assert</code> statements. This is a sensible compromise.</p> - -<p>But I claim (assert?) that, with a bit of metaprogramming trickery, Raku lets us have the best of both worlds: we can have a zero-learning-curve test API that's just as simple as assert statements while <em>also</em> being just as expressive as a long chain of method calls in a fluent style. I'll present this style of testing, discuss its use in Raku, and consider ways in which Raku lets us improve on the status quo.</p> - - - Daniel Sockwell - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:50 - D.raku - github - GitHub Actions (in|for) Raku - Containerizing Raku for testing and other automation tasks - Raku - devroom - - <p>GitHub has a nice environment for carrying out repository-event triggered workflows; these use a variety of runner platforms, including containers. This talk is about how to create a Raku container that can successfully act as a runner for workflows, and how to Rakuize the workflow API so that Raku scripts can interact meaningfully with this environment.</p> - <p>There are two parts on this talk; first, how to create a chain of increasingly complex Raku containers that can be used mainly for testing, and second, how to run some Raku scripts within those containers, with cool things that can be done inside those workflow using Raku.</p> - - Juan Julián Merelo - - - - - Base container for Raku - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:35 - 01:00 - D.raku - rsc - Raku Steering Council Q&A Panel - RSC members to answer live questions. - Raku - devroom - - <p>Raku Steering Council Q&amp;A panel is aimed at the audience interested in the Raku® programming language, its current state, and its future. Members of the Council will try to answer any related questions, including those about the Council itself.</p> - - - Juan Julián Merelo - Stefan Seifert (nine) - Daniel Sockwell - Elizabeth Mattijsen - Vadim Belman - Geoffrey Broadwell - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:05 - D.retro - retro_intro - Welcome to Retro-Computing devroom - Vintage everywhere! - Retrocomputing - devroom - - <p>A brief introduction to our devroom and the schedule ahead.</p> - - - Pau Garcia Quiles (pgquiles) - François Revol (mmu_man) - - - Slides (PDF) - Slides (ODP) - - - Retro devroom mailing list (if you want to help) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:25 - D.retro - retro_chess - Getting 1K Chess for the ZX81 online - Or, how I used $2 Billion of internet infrastructure to run 672 bytes of code, from 1982 - Retrocomputing - devroom - - <p>In 1982, David Horne wrote a version of chess which managed to fit inside the memory of a 1K ZX81. Although it wasn't a complete implementation, it was impressive enough to be remembered now, almost 40 years later. But running it in 2022 requires at least an emulator, ROM file, and the .P file, which limits the appeal to retro enthusiasts and excludes the intended audience - chess players!</p> - -<p>So, I modified the EMF emulator (and the game) to run as an emulator-as-a-service, so that it can be played via the lichess servers with a modern web-friendly interface.</p> - <p>In this talk I'll cover a brief history of the program, how the emulator was modified, how the program was reverse engineered and understood, how this code connects to the lichess server and, most crucially, why someone would do it!</p> - -<p>Along the way we'll look at the chess notation, FEN, Z80 assembler, NDJSON, and a few other pieces to show you the complete puzzle fits together.</p> - - Steven Goodwin - - - - - A few notes - Lichess bots for beginners - 20 GOTO 10 : The book - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:45 - D.retro - retro_serial - Let's Get Serial! - Histroy and current state of everyone's favourite interface - Retrocomputing - devroom - - <p>The 'serial port,' usually carrying RS-232, has once been the window to the world on capable systems. This talk is a brief history on it, its use cases and its current state. Is it still relevant? Do we still love it? Are there alternatives?</p> - - - Stephan Hohmann - - - FOSDEM 2022 — Let's Get Serial! - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:15 - 00:45 - D.retro - retro_apple1 - Made by Woz: how Apple-1 operating system works? - Brilliant Steve Wozniak’s code every software engineer should know - Retrocomputing - devroom - - <p>Operating system of Apple-1 written by Steve Wozniak is an engineering piece of art – 256 bytes only! We will explain how it works using the original 6502 assembler source code along with our own rewritten in Python version so every software engineer could understand how It works. It should be useful for engineers who want to know basics of operating systems.</p> - <p>We will cover: -– what are the functions of the simplest operating system -– what functions of operating system are hardware-specific -– how it communicates with the user -– how it runs the programs</p> - - Sergey Panarin - - - - - Operating system of Apple-1 by Steve Wozniak - Discord for Woz OS Q&A - Running Woz OS on emulator - Apple-1 emulator to run Woz OS - SmartyKit ROM with Woz OS to use in emulator - Woz OS in Python (high-level view) - Sergey Panarin's Twitter - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 01:25 - D.retro - retro_museum - A Computer Museum - Why and how? - Retrocomputing - devroom - - <p>The HomeComputerMuseum is founded in 2018 after its initial plan in 2016. The idea of an interactive computer museum while being a social company and fully independent of subsidy. In 2020, right after a move to a bigger and more permanent location, the unsubsidized museum had to deal with corona. Against all odds, the museum survived and even grew faster than ever before, becoming world's largest museum on social media and collaborating with museums all over the world. This all with a social impact by helping people with a distance to the labor market. The museum has an unique collection which can not be found anywhere else and it only keeps on growing in impact. Currently (early 2022) being the computer heritage expert for the Dutch government.</p> - <p>The HomeComputerMuseum opened its door on March 17, 2018 and went nearly bankrupt by the end of 2018. But we pulled through and from the beginning of 2019, we managed to turn it around. Starting with a collection of roughly 35 computers, 4 active board members, 3 volunteers and an empty building without electricity we built the museum. By the end of 2021 we have over 500 computers in the active museum and another +/- 2500 computers in storage. 1500 CD-i titles, 2203 boxed PC games, over 4000 unique software titles and over 3000 manuals. Open 7 days a week in a 1090m2 location in the city center of Helmond with 40 volunteers and 6 board members. All without big sponsors and no subsidy we are researching the history, sharing the history, recreating the history by allowing everyone to use the old computers. From the only working Aesthedes2 (which is repaired by in-house technicians) to the computer used for the movie Titanic. We do digital heritage (read old media) and offer repairs to both new and old computers. We created a functioning business model that is world renowned and ready for anything to come and we love to share what we went through and why we are considered as an essential part of the Dutch heritage.. all in less than 4 years.</p> - - Bart van den Akker - - - - - Website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:25 - 00:30 - D.retro - retro_trajectware - Trajectware - timeline-based navigation across computing heritage - - Retrocomputing - devroom - - <p>The history of calculation, information processing and computation is very rich. It is driving the industrial revolution and digital transformation of our world. This history is composed of many events related to conceptual and technological breakthroughs. In order to help in the analysis (by researchers) and explanation (to citizens), the NAM-IP Computer Museum is actively developing the "Trajectware" Open Source framework based on a the structuration of illustrated events in the form of timeline fragments that can be explored using various navigation operations to focus on specific periods, aspects (technological, conceptual, cultural, contextual,...) or the involved people/organisations.</p> - -<p>This talk is intended to everyone. It will first present the global design based on (1) a knowledge base back-end inspired by different ontology standards (SEM, DOLCE/Spatial History Ontology, Constructed Past Theory, DBPedia) and accessed through queries and/or a specific API to extract a relevant timeline, and (2) a navigation front-end, currently based on ReactNative. Different timeline navigation features will be illustrated on a concrete application case: the "micro-computer, meg@ revolution" exhibition of the NAM-IP museum.</p> - -<p>Through our presentation, we hope to trigger interesting discussion about our current work and to gather suggestions and interests to grow this project !</p> - - - Christophe Ponsard - - - - - - Trajectware on Github - Android APK (museum guide) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:55 - 00:35 - D.retro - retro_ewaste_reveng - Hack for the Planet - Reverse Engineering Embedded Systems to Reduce E-Waste - Retrocomputing - devroom - - <p>The lecture will discuss reverse engineering e-waste. It will shortly present the open source hardware tools that are used internally at Unbinare and how these are used when the aim is to reduce e-waste.</p> - - - Maurits Fennis - - - - - website - wiki - Hackaday feature - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 01:00 - D.retro - retro_pkgsrc - Keeping old Unix/Linux up-to-date with pkgsrc - Keeping software on unsupported Unix-ish operating systems up-to-date - Retrocomputing - devroom - - <p>Sometimes good working hardware is obsoleted by missing update support for the operating systems. Using outdated networking software from these systems on today's Internet is a security risk (to the user and the Internet as a whole), and old software might fail altogether (old SSH clients can't connect to modern SSH server, Webbrowser can't load websites using modern transport encryption, TLS).</p> - -<p>pkgsrc is a cross-platform package manager maintained by the NetBSD project. With pkgsrc, it is possible to compile and install modern Linux/Unix tools and applications on Unix systems that were abandoned by their makers.</p> - -<p>In this talk, I will give my experience, tips and tricks with keeping old Unix systems up-to-date:</p> - -<ul> -<li>MacOS X PowerPC 10.4 "Tiger"</li> -<li>MacOS X i686 10.9 "Mavericks"</li> -<li>Ubuntu 10.04 on ARM (old Linux 2.6.x kernel with special hardware patches that never got upstream)</li> -<li>Slackware Linux on Pentium 2</li> -<li>Solaris 9 on SUN Ultra 5</li> -</ul> - - - - Carsten Strotmann - - - - - pkgsrc Homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.retro - retro_aosc - AOSC OS/Retro - An Introduction - An Ongoing Quest for the Possibility of Modern Linux on Vintage Hardware - Retrocomputing - devroom - - <p>In this presentation, I will share our community's ongoing exploration of running modern and "standard" Linux distributions on vintage hardware - AOSC OS/Retro. AOSC OS/Retro, as an official branch of AOSC OS (the modern-device-facing mainline), runs a generally similar feature set - systemd, Glibc/Binutils/GCC/Coreutils/Util-Linux, X.org/Mesa, etc. and shares the same source tree with the latter.</p> - -<p>With over a year of spending our spare time on the project, tweaking features, designing a desktop experience, and optimising compiler flags, we have a usable distribution that could run on systems as slow as a 486SX, and as fast as "modern" Core Duo systems. We also have an active effort to port AOSC OS/Retro across multiple architectures, with the tally currently standing at eight architectures - and counting (alpha, armv4, armv6hf, armv7hf, i486, loongson2f, powerpc, ppc64). We still have a long list of issues to solve, such as login delays and throttled I/O on ISA-based systems. I hope to gather feedback and criticism through this presentation.</p> - <ul> -<li>What is AOSC OS (self introduction)?</li> -<li>What is AOSC OS/Retro (and how it differs from AOSC OS)?</li> -<li>Design Goals and Self-Afflicted Agonies</li> -<li>Application Stack and Software Selection</li> -<li>End Results (so far)</li> -<li>Thoughts, Reflections, and Questions</li> -<li>Q&amp;A</li> -</ul> - - - Mingcong Bai - - - Slides (PDF) - Slides (ODP) - - - Website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.retro - retro_flash - Old Web Today: Keeping Flash (and other) Retro Web Sites Accessible on the modern web - Techniques for combining web archives and emulation using FOSS tools. - Retrocomputing - devroom - - <p>It's been just over a year since all browsers dropped support for Flash, but much Flash content continue to exist both in web archives and on the live web. This presentation will cover various techniques tried by the Webrecorder project to keep Flash content still working in today's browsers, such as running old browsers in containers, running full system emulation in WebAssembly, and using the Ruffle emulator. We will cover the trade-offs between these approaches and the current challenges in combining web archives and emulation, and present the tools we have built to make these approaches possible.</p> - -<p>As one of the options, will also talk about the OldWeb.today project (https://oldweb.today/) which provides several JS-based emulation connected to web archives, how it works and how it can be used to run not only Flash, but also old Java applets that may exist in web archives.</p> - -<p>We will leave time for a Q&amp;A session to answer any questions about the tools and how they could be improved!</p> - - - Ilya Kreymer - - - OldWeb.today Presentation Slides - - - OldWeb Today JS Emulator - Source for oldweb.today - Blog post about OldWeb.tody - EaaS Web Network (used in oldweb.today) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.retro - retro_frogfind - FrogFind and 68k News - Building Modern Web Portals for Vintage Machines - Retrocomputing - devroom - - <p>This talk will cover the creation of two web portals, which use open source libraries to make much of the modern web accessible to vintage machines and old web browsers. By using the Readability library, along with some haphazard PHP, I was able to take modern sites down to text content and HTML 1.1 on the server side. FrogFind.com serves as a web portal for limited browsers, such as old versions of Mosiac, or even text browsers like Contiki's on an Apple ][, to make much of the web's content accessible to them in a perfectly readable way.</p> - <p>It is often said that the modern internet has left vintage computers behind. However, it is not the internet - it is the complexity of content. One way of bringing vintage machines to the modern web is through upgrades and accelerators. This creates a moving target of machines that will still age-out of sufficient upgrade-ability as the web continues to evolve. Another option is to deconstruct the modern web to make it accessible to vintage computers.</p> - -<p>Using an open source library called Readability and some haphazard PHP, I've built two web portals: 68k.news and FrogFind.com. These sites allow vintage machine to view many websites as text-only, by stripping out complicated HTML and scripts and delivering HTML 1.1 content to old browsers, with images optional.</p> - -<p>This talk will cover the idea behind these portals, their use, and just how usable and pleasant a vintage machine can become for daily internet content consumption without the distractions of the modern web.</p> - - Sean Malseed - - - - - frogfind.com - 68k.news - [Youtube] I Rebuilt the Entire Internet... for Vintage Computers - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 01:00 - D.retro - retro_spreadsheets - A Brief History of Spreadsheets - From LANPAR to VisiCalc to Lotus to LibreOffice - Retrocomputing - devroom - - <p>Have you ever wondered why spreadsheets look and act that way? Why does LibreOffice and Excel use letters for columns and numbers for rows? In this high energy presentation, Jim Hall will discuss a brief history of spreadsheets, from LANPAR to VisiCalc to Lotus 1-2-3 to LibreOffice. A great history lesson and practical demonstration.</p> - <p>The first 'spreadsheet' program was LANPAR, which invented the interactive concept of working with values and originated the idea of forward referencing. But the spreadsheet as you might recognize it today started with VisiCalc on the Apple II. We'll explore several favorite DOS spreadsheets as we review a history of spreadsheets, including: VisiCalc, Lotus 1-2-3, As Easy As, Quattro Pro, .. to to understand why modern spreadsheets like LibreOffice Calc look and act that way.</p> - - Jim Hall - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 01:00 - D.safety - safety_subplot_documenting_your_criteria_for_success - Subplot - documenting your criteria for success - Expressing argumentation in a validatable way - Safety and Open Source - devroom - - <p>Believing a system is safe is not the same as knowing it meets all -the criteria defined to demonstrate that safety. Too often is the -argumentation around the safety of a system presented as a document -for humans to agree on, which is disconnected from the mechanism of -asserting compliance with that argumentation. Subplot is a tool for -processing documents containing such argumentation along with -verification scenarios which are both human <em>and</em> machine readable -so that this disconnect can be resolved.</p> - -<p>This talk introduces Subplot and describes the concept.</p> - <p>Software engineers usually understand requirements and testing against -requirements. All too often though, those responsible for the safety of -a system do not understand how to express requirements which can be -understood by engineers, such that the system can be verified. This -could be for a myriad reasons, but usually it is due to a gulf between -those who are specifying how to determine that a system is safe, and those -who are implementing the system.</p> - -<p>Subplot demonstrates how stakeholders at all stages of system design and -implementation can come together to maintain a document which describes the -criteria which, if met, demonstrate compliance with the safety argumentation -made about the system. This document can then be rendered as a PDF or some -stand-alone HTML for presentation to non-engineer stakeholders for confirmation.</p> - -<p>Subplot can also generate a test program, from such a document, that when run will -perform all of the verification scenarios contained in the document and produce a -final report.</p> - -<p>While Subplot is fairly new software, still under active development, -the concepts in Subplot are built on those explored in a decade-old -previous project, by the same authors, which considered similar problems purely -from a software engineering perspective, used a similar Gherkin-inspired language -and Markdown input structure, and was used in a variety of projects for -paying customers; proving the concept works.</p> - -<p>Subplot is a refinement of this older implementation.</p> - - Daniel Silverstone - - - - - Subplot website - Subplot Gitlab page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:45 - D.safety - safety_dont_trust_us_trust_the_math_behind_immudb - Don't trust us, trust the math behind immudb - How immudb protects safety critical data (with math and cryptography) - Safety and Open Source - devroom - - <p>Immutability is a powerful concept. Without it we wouldn’t be able to rely on bank transactions, medical records or even some of our private data. -And we usually take for granted that our data is safe somewhere out there in the "cloud". But is it? -There are well-known multi-billion dollar stories where attackers were able to break into well-secured systems and modify data stored in databases.</p> - -<p>What if there was a way to protect the immutability with math? What if any attempt of historical data manipulation could easily be detected? -In this talk I’ll share how we do it in immudb - a new database built on a zero-trust model.</p> - - - Bartłomiej Święcki - - - - - - immudb homepage - immudb github project - immudb documentation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:45 - D.safety - safety_designing_a_new_language_for_safety_fuzion - Designing a new Language for Safety: Fuzion - A minimal language for safety-critical systems - Safety and Open Source - devroom - - <p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>This talk will focus on Fuzion's aspects related to safety-critical software -development. A fundamental idea of Fuzion is to provide a simple language at a -high level of abstraction and move implementation decisions from the developer -to the compiler. To enable this, the language defines a simple but powerful -intermediate representation for static analysis tools to operate on.</p> - -<p>Furthermore, pre- and post-conditions for design-by-contract are provided in a -way that enables different levels of verification: static analysis as well as -dynamic checks at different levels from safety to debugging.</p> - -<p>Fuzion does not support exceptions, a run-time error has to be part of the result -of a call and must be checked explicitly. Fuzion does not support dynamic -loading of code. Numeric operations such as 'infix +' check for overflow.</p> - -<p>Fuzion applications consist of a set of library modules and a main modules. -Modules are verified for correctness individually as well as whole -applications. This is possible since dynamic loading of code is not supported.</p> - <h1>Introduction</h1> - -<p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>Fuzion was influenced by many other languages including Java, Python, Eiffel, -Rust, Go, Lua, Kotlin, C#, F#, Nim, Julia, Clojure, C/C++, and many more. The -goal of Fuzion is to define a language that has the expressive power present in -these languages and allow high-performance implementations and powerful analysis -tools. Furthermore, Fuzion addresses requirements for safety-critical -applications by adding support for contracts that enable formal specification and -enable detailed control over run-time checks.</p> - -<p>Many current programming language are getting more and more overloaded with new -concepts and syntax to solve particular development or performance issues. -Languages like Java/C# provide classes, interfaces, methods, packages, anonymous -inner classes, local variables, fields, closures, etc. And these languages are -currently further extended by the introductions of records/structs, value types, -etc. The possibility of nesting these different concepts results in -complexity for the developer and the tools (compilers, VMs) that process and -execute the code.</p> - -<p>For example, the possibility to access a local variable as part of the closure -of a lambda expression may result in the compiler allocating heap space to hold -the contents of that local variable. Hence, the developer has lost control over -the allocation decisions made by the compiler.</p> - -<p>In Fuzion, the concepts of classes, interfaces, methods, packages, fields and -local variables are unified in the concept of a Fuzion feature. The decision -where to allocate the memory associated with a feature (on the heap, the stack -or in a register) is left to the compiler just as well as the decision if -dynamic type information is needed. The developer is left with the single -concept of a feature, the language implementation takes care of all the rest.</p> - -<h1>Fuzion Feature Declarations</h1> - -<p>A Fuzion feature has a name, similar to the name of a class or a function. -The main operation that can be performed on a feature is a feature call. The -constituents of a feature declaration are as follows:</p> - -<h2>Formal Arguments</h2> - -<p>Features may have a list of formal arguments, which are themselves features -implemented as fields. On a call to a feature with formal arguments, actual -arguments have to be provided to the call, unless the list of formal arguments -is empty.</p> - -<h2>Feature Result</h2> - -<p>The result of a feature call is an instance of the feature. Alternatively, a -feature may declare a different result type, then it must return a value of that -type on a call.</p> - -<h2>Closures</h2> - -<p>Features are nested, i.e., every feature is declared within the context of an -outer feature. The only exception is the universe, which is the outermost -feature in Fuzion. A feature can access features declared in its -outer feature or, recursively, any outer feature of these outer features. This -means, a feature declaration also defines a closure of the feature and its -context.</p> - -<p>When calling a feature <em>f1</em> declared as an inner feature of <em>f2</em>, the call must -include a target value which is the result of a call to <em>f2</em>, e.g., <em>f2.f1</em>.</p> - -<h2>Generics</h2> - -<p>Features may have generic type parameters. E.g. a feature declaration may leave -the actual type used within that feature open and to be defined by the user of -the feature.</p> - -<p>The list of generic type parameters may be open, i.e., the number of actual -generic type parameters is not fixed at feature declaration. This turns out to -be useful in the declaration of choice types and functions as explained below.</p> - -<h2>Inheritance</h2> - -<p>Fuzion features can inherit from one or several other features. When inheriting -from an existing features, all inner features of the parent automatically become -inner features of the heir feature. It is possible to redefine inherited -features. In particular, when inheriting from a feature with abstract inner -features, one can implement the inherited abstract features.</p> - -<p>A redefinition of an inherited feature may implement an inherited feature as a -routine or as a field. An inherited feature that is implemented as a field, -however, cannot be redefined as something else since fields might be mutable.</p> - -<p>Inheritance may result in conflicts. An example would be two features with the -same name that are inherited from two different parents. In this case, the heir -must resolve the conflict either by redefining the inherited features and -providing a new implementation or by renaming the inherited features resulting -in two inner features in the heir feature.</p> - -<p>Inheritance and redefinition in Fuzion does not require dynamic binding. By -default, the types defined by features are value types and no run-time overhead -for dynamic binding is imposed by inheritance.</p> - -<h2>A Contract</h2> - -<p>A feature may declare a contract that specifies what the features does and under -which conditions the feature may be called.</p> - -<h2>An implementation</h2> - -<p>Features must have one of the following implementations</p> - -<ul> -<li><p>a routine is a feature implementation with code that is executed on a call</p></li> -<li><p>a field is a memory slot that stores a value and whose contents are returned on a call</p></li> -<li><p>an abstract feature has no implementation and cannot be called directly, but can be implemented by heir features</p></li> -<li><p>an intrinsic feature is a low-level feature implemented by the compiler or -run-time system, e.g., the infix + operator to add two 32-bit integer values -may be an intrinsic operation.</p></li> -</ul> - - -<p>A feature implemented as a routine can contain inner feature declarations.</p> - -<h1>Feature examples</h1> - -<p>Here is an example that declares a feature <em>point</em> that functions similar to a -struct or record in other languages:</p> - -<pre><code>point(x, y i32) is # empty -p1 := point 3 4 -say "p1.x is {p1.x}" # will print "p1.x is 3" -say "p1.y is {p1.y}" # will print "p1.y is 4" -</code></pre> - -<p>The next example shows a feature <em>base</em> that provides an inner feature <em>plus</em> -that adds its argument to the value passed to the enclosing base:</p> - -<pre><code>base(v i32) is - plus(w i32) =&gt; v + w - -b1 := base 30 -b2 := base 100 -say (b1.plus 23) # will print "53" -say (b2.plus 23) # will print "123" -</code></pre> - -<h1>Design-by-Contract</h1> - -<p>Fuzion features can be equipped with pre- and post-conditions to formally -document the requirements that must be met when a feature is called and the -guarantees given by a feature. An example is a feature that implements a square -root function for 32-bit integers:</p> - -<p> sqrt(a i32) i32</p> - -<pre><code>pre - safety: a &gt;= 0 -post - debug: result * result &lt;= a, - debug: (result + 1) &gt; a / (result + 1), - debug: result &gt;= 0 -</code></pre> - -<p> is</p> - -<pre><code>if a == 0 - 0 -else - for - last := 0, r - r := 1, (last +^ a / last) / 2 # +^ performs saturating addition - until r == last -</code></pre> - -<p>In this case, the function defines the pre-condition that its argument -'a' is non-negative. A call of this function with a negative value will -result in a run-time error. On the other hand, its post-conditions make a clear -statement about the result: The result will be the largest value that, when -squared, is less than or equal to 'a'.</p> - -<h2>Checking Pre- and Post-conditions</h2> - -<p>Pre- and post-conditions can be classified for different purposes. Default -qualifiers provided in the standard library are</p> - -<h3>safety</h3> - -<p> This qualifier protects pre-conditions that are required for the safety of an operation.</p> - -<p> An example is the index check pre-condition of the intrinsic operation to - access an element of an array: Not performing the index check would allow - arbitrary memory accesses and break the application's safety.</p> - -<p> This qualifier should therefore never be disabled unless you are running code - in an environment where performance is essential and safety is irrelevant.</p> - -<h3>debug, debug(n)</h3> - -<p> This qualifier is generally for debugging, it is set iff debugging is - enabled or enabled at the given level, respectively..</p> - -<h3>pedantic</h3> - -<p> This qualifier is for conditions that a pedantic purist would require, that - otherwise a more relaxed hacker would prefer to do without.</p> - -<h3>analysis</h3> - -<p> Qualifier for conditions that are generally not reasonable as - run-time checks, either because they are prohibitively expensive or even not - at all computable in this finite universe. These conditions may, however, be - useful for formal analysis tools that do not execute the code but - perform techniques such as abstract interpretation or formal deduction to - reason about the it.</p> - -<p>Additional user defined qualifiers may be added, any expression resulting in a -'bool' can be used.</p> - -<p>Run-time checks for pre- and post-conditions can be enabled or disabled for each -of these qualifiers (except for 'analysis', which is always disabled). This -gives a fine-grain control over the kind of checks that are desired at run-time. -Usually, one would always want to keep safety checks enabled in a system that -processes data provided from the outside to avoid vulnerabilities such as buffer -overflows. However, in a closed system like a rocket controller, it might make -sense to disable checks since a run-time error would mean definite loss of the -mission, while an unexpected intermediate value may still result in a useful -final result of a calculation.</p> - -<h1>Explicit results instead of Exceptions</h1> - -<p>Instead of exceptions that provide an alternative path for a function to return, -Fuzion requires all functions to return a result. To indicate failure, the -generic result type 'outcome' is provided.</p> - -<p>outcome is a choice type that represents the result of a routine that -may either produce something useful or fail producing an error condition.</p> - -<p>Here is a small example of using an outcome result</p> - -<p> getData (u User, t Type) outcome&lt;data> is</p> - -<pre><code>if u.allowedToAcces T - (readFile t.fileName)? -else - error "user $u not allowed to access $t" -</code></pre> - -<p> readFile (n string) outcome&lt;data> is</p> - -<pre><code>if dataExists n - readData n -else - error "data $t not available" -</code></pre> - -<p>A user of this code when would have to explicitly unwrap the read data as follows</p> - -<p> o := getData user type - match o</p> - -<pre><code>d data =&gt; say "success: $d" -e error =&gt; say "*** error $e" -</code></pre> - -<h1>Fuzion Modules</h1> - -<p>Modules in Fuzion are collections of Fuzion features that form a library to be -used by other modules. Modules may define a main entry point, such that they can -be used to build applications.</p> - -<p>The Fuzion front end performs static code analysis at the module level. This -means that any features exported by a module are save to be used in different -contexts by other modules. This includes static checking of the following -aspects:</p> - -<h2>Field Initialization</h2> - -<p>In Fuzion, the front end ensures that all fields are assigned an initial value. -There is no default initial value for uninitialized fields and there is no means -to access an uninitialized fields, as there is, e.g., for final fields in Java.</p> - -<p>Instead, it is checked that whenever an instance containing a field becomes -accessible outside of the feature declaring that field, the call chain is -analyzed to ensure it may not contain any accesses to the field. In particular, -if an instance may become visible outside of the module, no uninitialized field -may be accessible by any exported features of that module.</p> - -<h2>Function Purity</h2> - -<p>The result of any feature visible to the outside must be independent of state -modifiable by other exported features and must not itself modify state that may -affect the result of other exported features. This purity will allow -optimizations such as memoization or lazy evaluation common in functional -languages.</p> - -<p>Nevertheless, a pure function may use mutable fields, e.g., to store -intermediate results during its calculations. If the mutable field's life span -is limited to the call of the exported feature and the field is not accessed by -any other exported feature, mutation does not make a function impure.</p> - -<h2>Race Freedom</h2> - -<p>Closely related to function purity is race freedom: Any exported feature is -checked to be safe to be called in a threaded environment without causing data -races. There are no explicit locks in Fuzion, so there is no danger -of deadlocks due to nested locking.</p> - -<h1>Immutability</h1> - -<p>Fuzion encourages the use of immutable data by simple syntax for the declaration -of immutable fields. Also, the use of tail calls for loops automatically -converts iterator variables used in that loop into immutable variables with a -life span of a single loop iteration.</p> - -<p>Since immutability is essential to ensure correctness of parallel execution -within threads that do not rely on locks or similar synchronization mechanisms, -Fuzion's analyzer will verify that data shared between threads is immutable.</p> - -<p>The standard library has been designed to provide immutable data types. -Nevertheless, there are mutable types such as 'marray', which provides a -mutable array. These, however, should be used for local calculations only, -escape analysis will ensure that no accesses to mutable types occur from -outside the code manipulating the state.</p> - -<h1>Memory Management</h1> - -<p>Fuzion to a large extend relies on static analysis to reduce memory management -overhead. Instances are by default value instances that do not require heap -allocation. Furthermore, immutability in many cases avoids the need to keep a -shared copy on the heap. For dynamic calls, heap allocation and dynamic binding -overhead is avoided by specialization of calls.</p> - -<p>Only for those instances for which all of these optimizations would fail, in -particular instances shared between threads or long-lived instances with mutable -fields, heap allocation will be required. Memory allocated on the heap will be -reclaimed by a real-time garbage collector.</p> - -<h1>Fuzion Thread Safety</h1> - -<p>Static analysis at module and application level ensure that mutable data is not -shared between threads in Fuzion. However, there must be means for threads to -communicate, e.g., for the result of a thread to become available to other -threads. How this will be done in Fuzion is still open, thread safe libraries -such as thread-safe queues between might be provided here.</p> - -<h1>Conclusion and Next Steps</h1> - -<p>I hope Fuzion shows some interesting ideas how to approach the development of -safety-critical software.</p> - -<p>The Fuzion language definition and implementation are far from stable, but are -getting closer to become useful. Currently, two execution options for Fuzion -are available: An interpreter implemented in Java and a back-end that compiles to -C code. A tool to interface Java code is available for the interpreter.</p> - -<p>Main points that are missing right now are</p> - -<ul> -<li>a powerful standard library</li> -<li>additional library modules for all sorts of application needs</li> -<li>low-level foreign language interface for C</li> -<li>actual implementations of static analyzers and optimizers</li> -<li>highly optimizing back-ends</li> -<li>garbage collection for the C back-end</li> -<li>documentation, tutorials</li> -<li>enthusiastic contributors and users!</li> -</ul> - - -<p>Please feel free to contact me in case you want to use Fuzion or want to help -making it a success!</p> - - Fridtjof Siebert - - - Designing a new Language for Safety — Fuzion - - - Fuzion portal website - Fuzion sources on GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.safety - safety_testing_requirements_documents - Testing Requirements Documents - Integrating Specifications into your CI/CD pipeline - Safety and Open Source - devroom - - <p>In a traditional document driven process any changes to requirements need -to be verified and validated manually. A solution is proposed to link -requirements specifications to their implementation and track changes.</p> - -<p>Integrating specifications documents into CI/CD pipelines enables the agile -creation of always up-to-date documentation for the built/shipped artefacts. -We link specific versions of specification items with code, tests, and other -artefacts through their identifier and hash value.</p> - <p>Modern development practices have introduced continuous integration. It -ensures that ingtegration steps create as little friction as possible. -Furthermore all unit-tests are supposed to be succesfull at any given point in -time.</p> - -<p>Specifications documents can not trace this gap automatically and any changes -on either side (implementation or specification) is subject to manual -verification.</p> - -<p>An extensible solution is proposed to link specification items with code -(text) or any binary with a specific interpreter.</p> - -<p>A demonstration is given how a hypothetical spacecraft has its tea brewer connected -with Spacewire and the traceability is established. The data import from a DOORS -Excel dump is shown and how to link it to a given specification.</p> - - Kristoffer Nordström - - - Testing Requirements Documents - - - sltoo.dev - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 10:00 - 00:10 - D.testing - welcome - Welcome to Testing and Automation devroom - - Testing and Automation - devroom - - <p>A warm welcome from your devroom managers, practical information, lineup and administrivia. Happy Testing!</p> - - - Alexander Todorov - Cyril Hrubis - Anders Roxell - Zaklina Stojnev - - - Slides in ODF format - Slides in PDF format - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:15 - 00:50 - D.testing - custom_c_static_analysis_with_sparse - Automating Code Review with Sparse - Project specific static analysis of a large C codebase - Testing and Automation - devroom - - <p>How we use the Sparse C Abstract Syntax Tree and linearized Intermediate Representation to write custom checks for the Linux Test Project API.</p> - - - Richard Palethorpe - - - - - Related article - Interactive slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:35 - D.testing - unit_testing_linux_drivers - Unit testing Linux kernel drivers - - Testing and Automation - devroom - - <p>The technical presentation is about how to use mocks to unit test Linux kernel drivers. The presentation explains how mocks help validating operational code. For instance by checking parameters passed to mocked function, or by configuring the mock to return an error code.</p> - -<p>The presentation will include some unit test examples that use a mocking tool which is called EasyMock. I'm the author of EasyMock.</p> - - - Laurent Carlier - - - Slides - - - Mocking tool - Example showing how the mocking tool is used - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:40 - D.testing - continuous_testing_in_cloud - Continuous testing in a cloud based infrastructure using virtualization and real hardware in the loop - - Testing and Automation - devroom - - <p>The concerns about code complexity, cybersecurity and LTS have made a continuous testing infrastructure a must have.</p> - -<p>The tests must take place both in virtual and real target. Virtual target because developers never get enough physical boards to test from, and real in order to limit virtualization/reality deviation.</p> - <p>With the exponential growth of software complexity, to keep the cost and time of critical embedded application development under control, a continuous testing infrastructure is a must have feature.</p> - -<p>Not only should software tests be run early and automatically each time a developer pushes a new code commit in the system, but tests should also be run in a virtualized environment because developers typically never get enough physical board to test from. Nevertheless we should keep enough real hardware in the loop to limit virtualization/reality deviation and ensure developers can transparently move test from virtualization to the real world.</p> - -<p>This presentation shows how virtualization can ensure early code integration to reduce development/testing cycle, while at the same time keeping track with real hardware to ensure that application is also running correctly on the final production device. Then it gives feedback on the different challenges Iot.bzh faced while deploying its continuous tests infrastructure. Finally it focuses on the way virtualization and real targets can be combined to offer developers a complete and efficient CI infrastructure.</p> - - Armand Bénéteau - - - C.T. in cloud using virtualization and real hardware - - - Redpesk home page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:40 - D.testing - frisbee - Frisbee: An advanced suite for the automated testing of cloud apps over Kubernetes - - Testing and Automation - devroom - - <p>As distributed systems evolve, the testing scale multiplies, asking for dozens of test cases, combined with different application benchmarks (e.g., performance, correctness), and arbitrary operating conditions. Kubernetes holds a promise to enable automation and process improvement directly contributing to a system's reliability. Establishing a declarative API and providing a cheap and disposable environment, Kubernetes makes it easy to create uniform experiments, which may run manually or be exercised multiple times over the development cycle through a CI/CD system. Despite their abundance, existing benchmarks and Chaos engineering tools work in isolation, thus restricting the complexity of testing scenarios we can build.</p> - -<p>This talk will present Frisbee: an automated suite for the unified testing of distributed applications over Kubernetes. Frisbee simplifies a series of time-demanding activities, including the spin-up of the dependency stack required to bring the system into a steady state, the combined execution of workloads and faultloads, and the validation of the system's behavior via test cases. We will demonstrate Frisbee through a series of tests, focusing on uncertainties at the level of application (e.g., dynamically changing request patterns), infrastructure (e.g., crashes, network partitions), and deployment (e.g., saturation points).</p> - - - Fotis Nikolaidis - - - - - - Frisbee@GitHub - Frisbee Tutorial - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 00:45 - D.testing - lava_openqa - LAVA + OpenQA = Automated, Continuous Full System Testing - - Testing and Automation - devroom - - <p>Maintaining software systems for a long time is hard. Backporting kernel patches is a complex and expensive overhead. The Linux project's position is - quite rightly - to instruct down-streams to upgrade to the latest release.</p> - -<p>In practice, upgrading is difficult, scary and sometimes avoided. It takes time and effort before there is enough confidence that new releases will work in context: full system testing in embedded environments can be arduous. What if we could have continuous, automated full system tests, from from UI, to OS, to kernel, on hardware?</p> - -<p>This talk will provide an overview of how this can be achieved with a combination of OpenQA, LAVA and Continuous Integration pipelines. The talk will cover: -- How the same tests can be used in both kernel space and user space testing -- How the same tests can run in both virtualisation (with OpenQA and QEMU, developed originally for GNOME-OS) and also on hardware -- How images are then deployed and tested in hardware (LAVA triggers OpenQA via VNC to begin testing on boards)</p> - - - James Thomas - Laurence Urhegyi - - - - - - Kernel Testing blog post: LAVA + OpenQA - Kernel Testing blog post: LAVA + OpenQA - GNOME testing blog post - GNOME testing blog post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:10 - D.testing - oniro_ci_with_lava - Oniro CI/Testing integration with LAVA - - Testing and Automation - devroom - - <p>In this session we introduce and explain the integration between LAVA (Linaro Automated Validation Architecture) and GitLab as part of the testing efforts in the Oniro OS from Eclipse foundation. The session will cover brief introductions to LAVA and Oniro, integration with GitLab and also present on how we provide vendors the opportunity to test the full software stack on the live devices in-house in completely integrated manner with the main lab and have the test results available for reporting in the upstream gitlab instance.</p> - - - Stevan Radaković - - - - - - LAVA documentation - LAVA sources - Oniro documentation - Oniro Join us page - Welcome to FOSDEM2022's Oniro online stand - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:15 - D.testing - mockery_of_trust - How (not) to make a mockery of trust - Testing client software for public-key infrastructure - Testing and Automation - devroom - - <p>The ever-continuing push for digitalisation has increased our reliance on trust services of various kinds, filling various needs relating to document signing, code signing, authorization tokens, and so forth. -Many of these trust services rely on public-key infrastructure (PKI) and X.509 certificates.</p> - -<p>The sensitive nature of these tools makes them difficult to use in a testing environment. On the one hand, exposing access to production keys in your CI is obviously a terrible idea. But on the other hand, setting up and maintaining a fully functional "mock" PKI environment is also pretty tricky. What can you do about that?</p> - <p>Using PKI tools in test workflows involves many challenges. Here are a few examples:</p> - -<ul> -<li><p>Even a (supposedly) basic task like validating an X.509 certificate involves quite a bit of complexity. Apart from "local" validation logic, you might also have to check the revocation status of your certificate, which could entail talking to an OCSP responder service or looking up a CRL.</p></li> -<li><p>If you're using secure timestamps (RFC 3161) in your code, your tests might also require access to a time stamping service.</p></li> -<li><p>Maybe you're using a remote signing service vendor that doesn't offer any sort of "sandbox" for testing purposes.</p></li> -</ul> - - -<p>In all of these scenarios, both test data generation and mock service integration can be quite cumbersome. -Both in my own time and on the job, I write a lot of code that relates to digital signing in various ways, and this is a kind of problem that I run into all the time. After trying out a variety of methods, I grew dissatisfied with the "traditional" options, and rolled my own PKI testing framework: <a href="https://github.com/MatthiasValvekens/certomancer">Certomancer</a>. -Certomancer helps with both test data generation, performs trust service mocking, comes with a plugin API, and most importantly, it's FOSS (MIT licence).</p> - -<p>In my talk, I'll take you through some of the "how"s and "why"s of Certomancer's feature set, and talk about some of the mileage that I've gotten out of it.</p> - - Matthias Valvekens - - - Slide deck (handout version) - - - Project repository - Personal website - Project demo clip - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:20 - 00:15 - D.testing - 1000000_test_cases - Fuzzing, or How I Generated 1,000,000 New Emulator Test Cases in an Afternoon - Fill your boots. Then fill somebody else's. - Testing and Automation - devroom - - <p>Emulation of classic hardware is a solved problem and like all solved problems that are sufficiently fun it attracts countless new implementations every year. This has led to the creation of many public test suites — test suites independent of any particular emulator, which can usually even run on real hardware. But these suites tend to assume a lot of working functionality beyond the part they are specifically testing, being designed by an intelligent human being to test complete emulators holistically.</p> - -<p>This presentation covers an alternative source and target of emulator tests: random numbers, to test individual processor instructions, so that future emulator authors can test from day one.</p> - - - Thomas Harte - - - - - The 6502 test cases mentioned in the video. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:05 - D.testing - history_of_testing - History of Testing - let's write it together - Testing and Automation - devroom - - <p>As a side project the Kiwi TCMS team has started collecting facts about people who've made important contributions to the testing field. We're calling upon other testers for ideas and contributions.</p> - - - Alexander Todorov - - - Slides in ODF format - Slides in PDF format - - - GitHub repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:50 - 01:00 - D.testing - 10_oss_test_automation_tools - 5 OpenSource Test Automation tools in 45 minutes! - See a working example of these cool OSS (Test) Automation Tools and see how they compare. - Testing and Automation - devroom - - <p>5 OpenSource Test Automation tools in 45 minutes! You will be left with a general oversight of various well known OpenSource Test Automation tools which are applicable in a large (or smaller) companies or OSS projects. With a working example demo where you see it in action. The talk will also score these tools (subjectively) among each other (installation, ease of use, stability, speed, etc) and provide insights on how to get started. When to use it, and when not to use it.</p> - <p>In this session the speaker will show 5 well known OpenSource Test Automation tools applicable in the enterprise for test automation. The cool thing is that many OSS projects could also benefit from incorporating therse tools as part of their CI/CD approach. The talk will cover how it could be used and show a working example of the code. This will give a quick glance of various OSS (Test) Automation tools. Some examples are: SeleniumBase, Cypress.io, Cucumber, RobotFramework and Cerberus.</p> - - Eric de Graaf - - - - - - Github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:30 - D.virtualization - vai_virtualio - What's coming in VIRTIO 1.2 - New virtual I/O devices and features - Virtualization and IaaS - devroom - - <p>The VIRTIO standard defines I/O devices that are commonly used in virtual machines today. The last version of the standard was released in 2019 and much has changed since then. This presentation covers new devices and features in the upcoming VIRTIO 1.2 standard.</p> - -<p>There are 9 new device types: fs, rpmb, iommu, sound, mem, i2c, scmi, gpio, and pmem. We will look at the functionality offered by these devices and their status in Linux.</p> - <p>This presentation is aimed at users of virtualization who may be interested in new virtual devices that are becoming available in Linux, QEMU, etc. It may also be of interest to driver and virtual machine monitor developers who are considering implementing new devices.</p> - - Stefan Hajnoczi - - - Slides - - - VIRTIO standard homepage - My blog with VIRTIO related material - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.virtualization - vai_codeready - Cross-platform/cross-hypervisor virtio vsock use in go - Usermode networking in CodeReady Containers - Virtualization and IaaS - devroom - - <p>CodeReady Containers runs an OpenShift cluster on a laptop or workstation using virtualization. It's written in go, and uses KVM, HyperV or HyperKit depending on the OS it's running on. External network access is done through gVisor's userland TCP/IP stack which the virtual machine uses over virtio-vsock.</p> - -<p>This talk will start with a short presentation of what CodeReady Containers is, explain why it needs a userland TCP/IP stack, but its main focus will be around virtio vsock, how to use it from go, and the differences to expect on the different hypervisors.</p> - - - Christophe Fergeau - - - Slides for the presentation - - - GitHub organization with the various projects mentioned in this talk - Usermode network daemon - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.virtualization - vai_intro_okd - Introducing OKD Virtualization - - Virtualization and IaaS - devroom - - <p>OKD Virtualization is the community project bringing traditional virtualization technology into OKD. Meet the OKD Virtualization community and learn about it!</p> - <p>OKD Virtualization is the community project bringing traditional virtualization technology into OKD. It’s built on top of the KubeVirt project and the Hyperconverged Cluster Operator project. -HCO ensures a single installable unit for Kubevirt and its sibling components leveraging the operator framework to provide the easiest way of installing and maintaining this additional control plane. -This bundle will ship additional tools required to do traditional virtualization tasks like uploading disk images, host network configuration, local storage provisioning, and other functionality which is not covered by the core KubeVirt. On top of this a user interface embedded within the OKD Console is provided for managing the lifecycle of the Virtual Machines. Virtual Machines from other virtualization systems can be imported into OKD Virtualization leveraging the Konveyor Forklift project. Meet the OKD Virtualization community and learn about it!</p> - -<p>After this session you will -Know what KubeVirt is -Know what HCO (Hyper Converged Cluster Operator) is and how it relates to KubeVirt -How the OKD UI is presenting VMs -A rough idea of the featureset of what this setup provides -Seen a demo, and knowledge of how to set this up yourself</p> - - Simone Tiraboschi - Sandro Bonazzola - - - Introducing OKD Virtualization - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.virtualization - vai_torov - ToroV, a kernel in user-space, or sort of - - Virtualization and IaaS - devroom - - <p>This talk presents ToroV, a novel open-source technology that combines virtualization and containerization to enable the execution of users’ applications in a safer and improved manner. In ToroV, applications run as Virtual Machines without the need of an OS, unikernel nor device-model. ToroV combines a minimalist Virtual Machine Monitor and a virtualized guest program communicating through POSIX APIs. When the guest application requires to open or write a file, it just invokes the VMM using hypercalls. The VMM intercepts those hypercalls, processes the request, and returns to the guest. The sysadmin defines the ACL (Access Control List) of authorized hypercall per virtualized guest application. This allows the user to control the host’s surface that is exposed to the guest. In this talk, we propose to present the ToroV architecture together with several ongoing experiments. For example, the minimalist VMM allows us to boot up a VM in KVM in less than 6 ms. Also, we show how we debug guest applications by simply using GDB and the KVM API for debugging. During the talk, we discuss the main differences with unikernels and containers and how ToroV gets the best of both worlds. Also, we present the main differences with gVisor, which is a similar project from Google.</p> - - - Matias Vara - - - - - - This the source code of ToroV which is hosted at github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.virtualization - vai_kubevirt_scale - KubeVirt scale test by creating 400 VMIs on a single node - - Virtualization and IaaS - devroom - - <p>As the number of VMs per node gets larger, using more powerful nodes (i.e. with more CPUs and RAM), the scalability of Kubevirt's control plane becomes a bottleneck, slowing down the VMI creation process. This talk will cover the motivations and concepts around general benchmarking of the KubeVirt control plane, as well as explaining the journey to running a density test with hundreds of VMs per node.</p> - <p>Kubevirt's performance and scalability are determined by several factors. As the number of VMs per node gets larger, using more powerful nodes (i.e. with more CPUs and RAM), the scalability of Kubevirt's control plane becomes a bottleneck, slowing down the VMI creation process. This talk will cover the motivations and concepts around general benchmarking of the KubeVirt control plane, as well as explaining the journey to running a density test with hundreds of VMs per node. In addition, I'll provide some performance metrics comparing VM build time in various scenarios. Participants will have a high-level knowledge of the on-going KubeVirt's sig-scale community performance assessment and the single-node scalability characteristics of KubeVirt.</p> - - Marcelo Amaral - - - KubeVirt Scale test - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.virtualization - vai_future_evolution - DevOps, Cloud Native, DPUs: beyond the buzzwords - The future and evolution of on-prem open source virtualization platforms - Virtualization and IaaS - devroom - - <p>Open Source virtualization is almost 20 years old. Obviously, things have evolved a lot in that time: the public cloud, new CPU architectures, new storage technologies, and more.</p> - -<p>What about the real, on-the-ground usage? Sysadmins, Ops and Devops are not leveraging virtualization the same way today as they did before. But what really changed? In what direction is it evolving? Is on-premise open source virtualization still relevant today?</p> - -<p>Through our own journey as engineers of an open source virtualization platform, we'll give you an inside look into what our users are requesting from us, and what we did to modernize our virtualization stack based on the Xen hypervisor.</p> - - - Olivier Lambert - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.virtualization - vai_isolating_pci - Isolating PCI/CXL Devices: It All Starts with System Launch - - Virtualization and IaaS - devroom - - <p>It has been well established that the integrity of critical systems must be rooted in the launch. Early works such as the Xoar architecture demonstrated the need for virtualized environments to begin with a lightweight, restricted bootstrap from which isolation of PCI management could be established. Since that time, knowledge of real IOMMU implementations and how to leverage them for system integrity has evolved. In this presentation, the new Hyperlaunch capability for starting hypervisors will be presented with a short discussion of the Xen implementation. The talk will progress to a discussion of how Hyperlaunch is connected with TrenchBoot (Linux Secure Launch) and Mandatory Access Control communication fabrics. With a focus on how it enables dedicated PCI management constructs that can provide secure and trustworthy isolation for PCI devices, with the potential for CXL devices. The talk will close with an open discussion on how hypervisors might unify around a common approach for IOMMU management.</p> - - - Daniel Smith - - - - - Xoar Architecture - Hyperlaunch Design for Xen - Presentations on TrenchBoot - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.virtualization - vai_automatic_cpu - Automatic CPU and NUMA pinning - - Virtualization and IaaS - devroom - - <p>In FOSDEM 2019 we presented the addition of high-performance virtual machines in oVirt. -With this new VM type, parts of the VM configuration were changed to improve the performance of workloads it runs. -In particular, it was useful for CPU-intensive workloads, such as SAP HANA. -However, better performance came at the expense of usability. Users were still expected to set various things manually, like CPU and NUMA pinning and hugepages. -In this talk, I will guide you through our journey of simplifying and automating the settings of high performance VMs in oVirt. -We'll see the evolution of the changes, the challenges we faced, where we are today and what's more to come in oVirt 4.5.</p> - - - Liran Rotenberg - - - Automatic CPU and NUMA pinning - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.virtualization - vai_network_interface - Network interface hotplug for Kubernetes - - Virtualization and IaaS - devroom - - <p>Design and implementation of dynamic network attachment for Kubernetes pods and KubeVirt VMs.</p> - <p>Immutable infrastructure is the law of the land in the cloud native landscape, promising benefits to software architectures run in Kubernetes. -… except sometimes the rules must be broken to achieve certain use cases; take for instance the dynamic attachment of L2 networks to a running VM: to hotplug an interface into the VM running in a pod, you first need to hotplug that interface into the pod.</p> - -<p>This feature is particularly of interest (required, actually) to enable scenarios where the workload (VM) cannot tolerate a restart, or when the workload is created prior to the network.</p> - -<p>When thinking about strategies for tackling this problem, we faced a recurring question when trying to come up with a modular design to provide this functionality: "should the changes be located in KubeVirt, and thus solve this issue for Virtual Machines, or should we take the longer path and address this issue also for pods ?" We chose the latter, which unlocks dynamic network attachment for pods, thus also benefiting the Kubernetes community.</p> - -<p>This talk will provide the audience with a basic understanding of KubeVirt, CNI, and Multus, and then propose a design to add (or remove) network interfaces from running pods (and virtual machines), along with the changes required in Multus and KubeVirt to make it happen.</p> - -<p>It will also factor in a community perspective, explaining how we pitched and got both the Multus and KubeVirt communities involved in a working arrangement to deliver this functionality.</p> - - Miguel Barroso - - - - - - Asciinema demo for pods - Asciinema demo for VMs - Feature design plan - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.virtualization - vai_story_tpm - The story of adding TPM support to oVirt - - Virtualization and IaaS - devroom - - <p>oVirt is an open source virtualization solution based on kvm, QEMU and libvirt. Trusted Platform Module (TPM) device support, which brings new security capabilities that modern operating systems utilize or even require, was added to oVirt recently.</p> - -<p>In theory, adding TPM support should be as easy as just adding a TPM device to the virtual machine libvirt XML. But features built on top of a lower-level virtualization platform are not always as easy to implement as they may initially seem to be. This talk will present the challenges experienced when adding TPM support to oVirt.</p> - <p>The talk will explain that a supposedly complete feature support in libvirt/QEMU may still require challenging design considerations. What can be used easily in a simple virtual machine running on a desktop computer may not be enough to get the things working well and reliably in a virtual machine management running across many hosts.</p> - -<p>Some of the challenges experienced with TPM support have been sorted out while other ones still wait for a good solution. Although focusing on TPM, the lessons presented in this talk can apply to a wide range of features. Whatever we work on, we cannot be just passive consumers of features but we must look for the right ways of using them and be proactive in avoiding pitfalls.</p> - - Milan Zamazal - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.virtualization - vai_deploying_vms - Deploying VMs and Containers across Infrastructure Providers - Presenting OpenNebula’s new Edge Cloud Architecture - Virtualization and IaaS - devroom - - <p>This talk presents OpenNebula's new distributed Edge Cloud Architecture, which is composed of Edge Clusters that can run any workload (both Virtual Machines and application containers), on any resource (bare-metal or virtualized), anywhere (on-prem and on a cloud/edge provider). An Edge Cluster, built on open source technologies that already exist in the Linux operating system, is a hyperconverged functional set of managed objects that include storage, network, and host resources. An Edge Cluster provides all the resources needed to run virtualized or containerized applications. OpenNebula’s management services, including scheduling, monitoring and life-cycle management, run in the cloud Front-end and orchestrate from there the local or remote Edge Clusters. The Front-end also provides access to the administration tools, user interfaces, and API. Although the requirements may vary depending on the number and size of the clusters and API load, the Front-end node only requires 8 GB of main memory and 4 cores. The Edge Cloud Architecture is able to provide a lightweight and easy-to-use storage platform for medium-sized clusters consisting of tens of nodes. OpenNebula’s Edge Cloud Architecture is able to manage hundreds of these clusters, as they operate autonomously in terms of networking and storage, and handle thousands of virtualized hosts and tens of thousands of virtualized applications. In this presentation we will explain in detail the deployment model for Edge Clusters, the specialized storage solution they incorporate (OneStor), and the performance benefits of this multi-cloud architecture as confirmed by the latest benchmarks.</p> - - - Alejandro Huertas - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:45 - D.virtualization - vai_phyllomeos - Phyllome OS - A Fedora Remix built to leverage KVM/QEMU virtualization locally - Virtualization and IaaS - devroom - - <p>Most Linux distributions are not designed to support desktop virtualization, and GPU vendors have failed to agree on a common way to let virtual machines access 3D capabilities (SR-IOV; vfio-pci; vfio-mdev or virtio-gpu...). The result is that it is still complicated to create fast and responsive virtual machines locally.</p> - -<p>Phyllome OS is a Fedora Remix based on Fedora Server which attempts to make it easier to run virtual machines locally on computers that support hardware-assisted virtualization, using mostly paravirtualization (aka virtio-devices). It currently relies on existing technologies (libvirt; KVM/QEMU; virt-manager; GNOME Shell; etc), but will eventually implement its own virtual machine manager, package the cloud hypervisor as an alternative to QEMU, and use filesystem-level encryption to protect virtual machines disks. The main idea behind this OS is to treat the host, Phyllome OS, as a read-only system, i.e. as a mere appliance to host virtual machines. The presentation will give a demonstration of Phyllome OS in its current state.</p> - <p>Despite steady progress, especially on the KVM/QEMU front, desktop virtualization today still leaves much to be desired when it comes to usability. For most users, it is still complicated to create virtual machines with advanced media capabilities, including 3D acceleration. 3D-accelerated guests are a must-have nowadays and most desktop environments leverage it to provide a smooth user experience. Existing approaches attempting to grant 3D capabilities to virtual machines are not straightforward, sometimes incompatible and often require trade-offs between usability, performance and security. As a result, a successful implementation on a single host typically requires careful considerations and is often hardware-dependent. For instance, passing through real hardware to a virtual machine using vfio-pci is only possible if the piece of hardware is well-isolated in a single IOMMU group. Paravirtualization, on the other hand, and especially virtio-gpu, promises to be hardware-independent but is not (yet?) supported by all modern guest operating systems.</p> - -<p>What if an operating system was designed to provide the best experience regardless of the guest operating system in use?</p> - - Lukas Greve - - - - - Main website - Wiki - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:15 - 01:00 - D.virtualization - vai_hardware_accel - Hardware-accelerated graphics in secure multi-tenant environments - What is the current status, and what is blocking it? - Virtualization and IaaS - devroom - - <p>Hardware-accelerated graphics is becoming an essential part of modern computing environments, yet it is currently very difficult to impossible to use in secure environments such as Qubes OS. SR-IOV promises to solve this problem, but multiple problems have limited its adoption. This workshop is about these problems and about what is needed to solve them.</p> - - - Demi Obenour - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:15 - 00:20 - D.virtualization - vai_tracing_kubevirt - Tracing KubeVirt traffic with Istio - - Virtualization and IaaS - devroom - - <p>Software development has been gradually shifting from monolithic to distributed containerized applications. Such applications are composed of components referred to as micro services. -With the increasing number of micro services, it becomes increasingly difficult to understand how all the components communicate.</p> - -<p>This is where Istio service mesh comes into play. Istio allows developers to manage and monitor network traffic between micro services and by providing features like mutual TLS, request retries or request circuit breaking. Vendoring these features from Istio helps keeping micro services focused on the actual application logic as they don't need to be implemented by the micro services. -The IT industry has broadly adopted this architecture, but there are still plenty of legacy workloads running in virtual machines, which can't easily take the advantage of the features provided by service mesh. At least not until recently when KubeVirt introduced support for Istio service mesh.</p> - -<p>Attendees of this talk gain insight into the concept of the Istio sidecar proxy. A short demonstration showing typical use case of Istio service mesh -- canary deployment -- is presented. Next, this talk explains subtle differences of network traffic routing between regular Kubernetes pods and containerized KubeVirt virtual machines, leading to the challenges that these differences pose for traffic proxying. -Finally, the changes necessary to support Istio for KubeVirt virtual machines are explained and the resulting functionality presented using the same scenario, but with the workload running in virtual machines instead of Kubernetes Pods.</p> - -<p>The takeaway of this talk is understanding of routing concepts behind Istio proxy sidecar with regular Kubernetes pods as well as with containerized KubeVirt virtual machines. Audience will have a chance to observe typical use case of Istio with both pods and virtual machines and get insight into the necessary changes that made this possible.</p> - - - Radim Hrazdil - - - Tracing Kubevirt Traffic with Istio - - - Istio Service mesh GitHub - KubeVirt GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:30 - D.web3 - trustgraphs - Decentralized Self Sovereign Trust Graphs - - Web3 Infrastructure - devroom - - <p>What if all our decentralized apps and platforms could share trust/ratings/attestation information, in the form of portable cryptographically signed claims? What if this self-sovereign, user owned and controlled, privately sharable trust network could become the backbone to unite our many disparate decentralized web apps and platforms? These are the goals of Trust Graph, and its reference implementation built on Holochain.</p> - -<p>In this talk we will cover:</p> - -<ul> -<li>TrustAtom format: <code>source</code>, <code>target</code>, semantic <code>content</code>, normalized scalar <code>value</code></li> -<li>Quick survey of the ecosystem of similar protocols</li> -<li>Use cases, including the potential to tackle major global challenges</li> -<li>An example illustrating Trust Graph "rollups" for caching Trust Graphs in TrustAtoms</li> -<li>Trust Graph on Holochain: using Holochain links to allow for searchable TrustAtoms</li> -</ul> - - - - Harlan Wood - - - Trust Graph Deck - - - https://github.com/trustgraph - http://trustgraph.net/ - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.web3 - ceramic - Open Source Data with Ceramic - Why the future of the web is self-certifying - Web3 Infrastructure - devroom - - <p>Why is code open source, but data still locked into silos of big corporations? In this talk we asses the current situation of the web, and evaluate what we can do differently with Web3. We look into what it means for data to be "open source", the implications for developers as data is not locked into their apps, and the core pieces of technology that makes this possible.</p> - - - Joel Thorstensson - - - Open source data with Ceramic - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.web3 - i3market - i3-Market Self Sovereign Identity Authentication - Authentication based on Distributed Identity and Verifiable credentials using OpenID Connect and Veramo - Web3 Infrastructure - devroom - - <p>Video presenting the user registration and authentication processes on a Single Page Application towards the i3-Market Platform, using the i3-Market crypto wallet. -i3-Market IAM solution is based on Veramo framework and the OpenID Connect standard</p> - - - alessandro.amicone - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.web3 - holochain_scaffolding - Scaffold a Holochain App in 10 minutes - Demo and workshop for making a simple, functional Holochain App with scaffolding tools - Web3 Infrastructure - devroom - - <p>Using the new Holochain Rapid Application Development tools, we'll scaffold a Holochain application from scratch, generating all the necessary boilerplate, code and types for your specific use case.</p> - -<p>You'll learn how to use the RAD tools yourself, and what are the next steps you can follow to start developing a hApp.</p> - - - guillem.cordoba - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.web3 - livepeer - Building Web3's Video Infrastructure Layer - Why Openness and Decentralization Matters with livepeer - Web3 Infrastructure - devroom - - <p>Video is foundational to the web experience, representing roughly 80% of internet bandwidth. Using desktop, mobile and other devices, video is how individuals learn, work, create, are entertained, and share their human stories. Given that all industries have a need for video and that mainstream audiences are increasingly interested in Web3 solutions, understanding the advantages of decentralization and openness at technical and user levels is essential if these solutions are to be successfully adopted. Join this talk to learn about how Livepeer is positioning itself as the video infrastructure layer of web3 and opportunities for open source contributors to build the future with us.</p> - - - Jaron Vietor - - - - - - Homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.web3 - agregore - Mixing Peer to Peer Protocols on the Web - With The Agregore Web Browser - Web3 Infrastructure - devroom - - <p>Peer to peer to protocols (P2P) are useful for creating applications that are less reliant on central physical and digital infrastructure. With a p2p backend, an application can easily move between connecting people over the internet, to local and ad-hoc networks, and working entirely offline. We take this ability a step further by integrating several protocols into web browsers so that applications can be authored and distributed just like any other data in the network.</p> - -<p>This talk will go over some of these protocols, their strengths and weaknesses, and how we have applied them to the web. We'll also have a live demo of what it looks like as a developer.</p> - <p>This talk will be using the desktop version of the open source Agregore Browser, a minimal web browser built on top of the Electron framework which deeply integrates several protocols everywhere that a browser might use a URL.</p> - -<p>The specific protocols we will be going over are IPFS, Hypercore-Protocol, and BitTorrent.</p> - -<p>We'll also be talking about the benefits of using P2P software in ad-hoc mesh networks and how it can enable communities to make the most of their local networks.</p> - -<p>Feel free to install the browser ahead of time if you'd like to follow along for the live coding portion.</p> - - Mauve Signweaver - - - - - Agregore Website - Agregore Twitter - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:20 - D.web3 - flux - The Peoples' Web3 - Bringing decentralized hosting infrastucture and dapp development to all the corners of the globle. - Web3 Infrastructure - devroom - - <p>The Flux Ecosystem is a suite of decentralized computing services and blockchain-as-a-service solutions together to offer an interoperable, decentralized AWS-like development -environment. Flux utilizes a native POW coin to power this ecosystem, providing incentive for hardware hosters, governance on-chain, and bad actor mitigation via staking -requirements for running hardware. The Flux operating system runs on top of Linux to provide the network with verified, enterprise-grade compute power and utilizes the -blockchain to ensure transparency in governance operations. This allows almost anyone to be rewarded for providing hardware to the network, from anywhere in the world.</p> - - - Nicholas Pawelk - - - - - Main website - FluxOS Dashboard - Github - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.web3 - neighbourhoods - Introduction to Neighbourhoods - A Holochain-based framework for reputation data - Web3 Infrastructure - devroom - - <p>This talk introduces Neighbourhoods: a proposed organizing principle for social spaces on the distributed web using Holochain. We envision “groupware” (like calendars, simple games, chat, collaborative docs, etc.) decoupled from reputation and group culture metrics (e.g. entry and exit rules, engagement incentives, likes or claps, visibility and feed ordering); in social platforms on the centralized web, these distinct functions are typically combined. -To facilitate neighbourhoods, we are building a language and “interchange” for reputation data on Holochain such that users can connect a portable reputation extension to bundles of Holochain groupware.</p> - -<p>Groups can then use the neighbourhoods framework to bundle p2p modules with reputational and cultural inputs that relate to their particular use cases and style of relating. This also means individuals’ reputation and activity records are stored on their devices, and so can be ported to other neighbourhoods and verified using Holochain’s gossip protocol for data validation. Neighbourhoods is centered on the Holochain ecosystem, but it may also be of interest to dWeb communities and projects aspiring to traffic in “richer” data than ownership claims &amp; token counts - especially when those data support community collective intelligence.</p> - -<p>Much of the system remains to be built, but the core language - <code>rep_lang</code> - has been integrated with Holochain. We’ll close with a brief demo showing one key aspect of the system: <code>rep_lang</code> computations being validated by multiple agents on Holochain.</p> - - - Emaline Friedman - Michael Hueschen - - - Intro to NH slides - Intro to NH demo slides - - - codebase to be discussed - main project page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:35 - D.web3 - gun - Scaling a Decentralized Metaverse in Browser without Data Leaks - Hacking old tech to achieve new protocols - Web3 Infrastructure - devroom - - <p>Is a decentralized metaverse with hundreds of millions of users possible? From my experience working on open source tools with over a half billion downloads in a year, the answer is yes. But not through blockchains, tokens, or gimmicks. This talk is for the pure hearted, those who want scale, security, speed, and small code. I'll first briefly cover some mind blowing demos that our community, GUN (a p2p Firebase), has achieved, then showcase a new way to make apps &amp; games that can instantly render user data (without login or registration) without the app itself being able to access it (preventing apps from being able to mine or spy on your data).</p> - - - Mark Nadal - - - - - twitter - github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.box86 - welcome_box86 - Welcome to the Box86 stand - - Box86 stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.checkmk - welcome_checkmk - Welcome to the Checkmk stand - - Checkmk stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.civicrm - welcome_civicrm - Welcome to the CiviCRM stand - - CiviCRM stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.opensuse - welcome_opensuse - Welcome to the openSUSE stand - - openSUSE stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.debian - welcome_debian - Welcome to the Debian stand - - Debian stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.eclipse - welcome_eclipse - Welcome to the Eclipse Foundation stand - - Eclipse Foundation stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.fedora - welcome_fedora - Welcome to the Fedora Project stand - - Fedora Project stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.foreman - welcome_foreman - Welcome to the Foreman stand - - Foreman stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.fossasia - welcome_fossasia - Welcome to the FOSSASIA stand - - FOSSASIA stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.fsfe - welcome_fsfe - Welcome to the Free Software Foundation Europe stand - - Free Software Foundation Europe stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.freebsd - welcome_freebsd - Welcome to the FreeBSD Project stand - - FreeBSD Project stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.gnome - welcome_gnome - Welcome to the GNOME stand - - GNOME stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.gsoc - welcome_gsoc - Welcome to the Google Summer of Code stand - - Google Summer of Code stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.haiku - welcome_haiku - Welcome to the Haiku stand - - Haiku stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.illumos - welcome_illumos - Welcome to the illumos stand - - illumos stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.kde - welcome_kde - Welcome to the KDE Community stand - - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - 10:00 - 01:00 - S.kde - kde_plasme_mobile - Plasma Mobile in 2022 - Bhushan Shah - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - 11:15 - 00:30 - S.kde - kde_kalendar_aonadi - Kalendar and the case for Akonadi - Claudio Cambra - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:00 - 01:00 - S.kde - kde_eco - KDE Eco - Joseph De Veaugh-Geiss - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.kiwi - welcome_kiwi - Welcome to the Kiwi TCMS stand - - Kiwi TCMS stand - standtrack - - <p>Kiwi TCMS is the leading open source test management system for both manual &amp; automated testing with over 1 million downloads. It has been made by testers and licensed under GPLv2. Our mission is to transform the testing process by making it more organized, transparent &amp; accountable for everyone on your team. Kiwi TCMS is used during software testing and quality assurance to collect information about what, when and how has been tested. This information is later used when making a go/no-go decision before a release, monitoring and planning the workload of the QA team or answering questions like "How did we test this?" and "Why didn't we catch this bug before?"! 1m downloads from Docker Hub</p> - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.libreoffice - welcome_libreoffice - Welcome to the LibreOffice stand - - LibreOffice stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.libresoc - welcome_libresoc - Welcome to the LibreSOC Project stand - - LibreSOC Project stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.mariadb - welcome_mariadb - Welcome to the MariaDB Foundation stand - - MariaDB Foundation stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.matrix - welcome_matrix - Welcome to the Matrix stand - - Matrix stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.mautic - welcome_mautic - Welcome to the Mautic stand - Discover the power of open source marketing automation with Mautic! - Mautic stand - standtrack - - <p>Discover the power of open source marketing automation with Mautic!</p> - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.nextcloud - welcome_nextcloud - Welcome to the Nextcloud Hub stand - - Nextcloud Hub stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.ntop - welcome_ntop - Welcome to the ntop stand - - ntop stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.oniro - welcome_oniro - Welcome to the Oniro Project stand - The Distributed Operating System That Connects Consumer Devices Big and Small - Oniro Project stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.onlyoffice - welcome_onlyoffice - Welcome to the ONLYOFFICE stand - - ONLYOFFICE stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.openmandriva - welcome_openmandriva - Welcome to the OpenMandriva stand - - OpenMandriva stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.opentap - welcome_opentap - Welcome to the OpenTAP stand - - OpenTAP stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.openuk - welcome_openuk - Welcome to the OpenUK stand - - OpenUK stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.openwifi - welcome_openwifi - Welcome to the openwifi stand - The open-source WiFi chip (FPGA currently) - openwifi stand - standtrack - - <p>There are many WiFi chips around each one. The WiFi router, the smart light, the TV, the phone, etc., all have WiFi chips inside. Ever imagine replacing those chips with an open-source design?</p> - -<p>The <a href="https://github.com/open-sdr/openwifi">openwifi</a> project has been online for more than 2 years. We have paved solid steps towards an open-source WiFi chip. Now if you have commercial off the shelf FPGA boards, you can download our design onto your board and start to use this FPGA based WiFi in the same way as other commercial WiFi chips!</p> - -<p>Related event:</p> - -<ul> -<li>Feb 6 13:10 (Brussels time): <a href="https://fosdem.org/2022/schedule/event/radio_openwifi/">Opensource WiFi chip (openwifi) progress and future plan</a> in <a href="https://fosdem.org/2022/schedule/track/free_software_radio/">Free Software Radio devroom</a>.</li> -<li>Feb 6 11:20 (Brussels time): <a href="https://fosdem.org/2022/schedule/event/openwifipynqz1/">Bring openwifi to PYNQ-Z1 with ultra low cost</a> in <a href="https://fosdem.org/2022/schedule/track/libre_open_vlsi_and_fpga/">Libre-Open VLSI and FPGA devroom</a>.</li> -<li><a href="/2022/stands.fosdem.org/stands/openwifi/">openwifi stand</a> welcome you the whole weekend.</li> -</ul> - - - - - - - - The openwifi Linux driver and user space tools - The openwifi FPGA/chip design - The main openwifi github site - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.ow2 - welcome_ow2 - Welcome to the OW2 Open Source Community stand - - OW2 Open Source Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.pharo - welcome_pharo - Welcome to the Pharo stand - - Pharo stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.postgresql - welcome_postgresql - Welcome to the PostgreSQL stand - - PostgreSQL stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.pulp - welcome_pulp - Welcome to the Pulp stand - - Pulp stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.reactos - welcome_reactos - Welcome to the ReactOS stand - - ReactOS stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.refpersys - welcome_refpersys - Welcome to the RefPerSys stand - - RefPerSys stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.schulfrei - welcome_schulfrei - Welcome to the schul-frei stand - - schul-frei stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.apache - welcome_apache - Welcome to the The Apache Software Foundation stand - - The Apache Software Foundation stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.ubuntu - welcome_ubuntu - Welcome to the Ubuntu stand - - Ubuntu stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.xcpng - welcome_xcpng - Welcome to the XCP-ng stand - - XCP-ng stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:30 - 00:30 - S.xwiki - welcome_xwiki - Welcome to the XWiki & CryptPad stand - - XWiki & CryptPad stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 09:00 - 09:00 - I.infodesk - infodesk_saturday - The Virtual FOSDEM Infodesk (Saturday) - - Infodesk - infodesk - - <p>Need any assistance during the event? Join us in here!</p> - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - 18:00 - 00:30 - K.fosdem - closing_fosdem - Closing FOSDEM 2022 - - FOSDEM - maintrack - - - - - FOSDEM Staff - Richard Hartmann - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 13:30 - 01:00 - M.community - community_incentives - Establishing an incentivised partners programme in an open source project - - Community - maintrack - - <p>While money is helpful in open source projects, hands-on contributions are probably more valuable to the long term health and sustainability of the project.</p> - -<p>In the Mautic project, we wanted to establish a partners programme which would allow us to highlight to our community the organisations who were both financially supporting the project as a sponsor, and were actively contributing to the project. Here's how we did it.</p> - <p>In this session I’ll outline how we came up with a way to make the financial element equitable for partners around the world, and the steps we took toward ensuring that organisations couldn’t just buy their way to partner status.</p> - -<p>We’ll dig into thorny topics like determining what we mean by contributions, how we recognise non-code contributions alongside code contributions, and the tooling that underpins it all.</p> - -<p>I’ll also explain how we’ve built our partners portal to incentivise active contributions from the organisations, and some of the improvements that we’re thinking of making in the future.</p> - - Ruth Cheesley - - - FOSDEM - Establishing an incentivised partners program - - - opensource.com write up - Mautic Community Partners Program - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:30 - 01:00 - M.community - community_success - Celebrating failure or success? Why not both? - - Community - maintrack - - <p>As an engineer failure is not a matter of if but when. -We all know that corrective actions are expensive, that is why we focus on preventive actions. -The knowledge gained from understanding and embracing failure is potentially the source of better preventive actions.</p> - <p>Failure is an inevitable part of success. Failure in the context of innovation efforts has helped thousands of start-up companies to succeed but in the context of a known execution process, it can harm results or reputations or create undue risk. -In software development we are situated at the cross road between innovation and known process so how do we benefit from failure and achieve success? -In this session we will explore several studies and best practices of successful companies that have embrace them both.</p> - - Ixchel Ruiz - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:30 - 00:45 - M.community - community_diversity - How Implicit Bias Affects Diversity and Inclusion in Open Source. - - Community - maintrack - - <p>The topic of diversity and inclusion has for long been practised in theory within open source communities. Yet, in reality, our believes in diversity and inclusion is frequently questioned because of our biases, particularly Implicit Bias. In this session, I will discuss these biases are, how they affect open-source communities and how to improve on these biases.</p> - <p>Open Source communities operate on a set of values that include a commitment to inclusion and diversity. The idea that the Tech Ecosystem at large is faced with the challenges of Diversity and Inclusion is not a myth. - To everyone, there is a level of implicit bias and beliefs about various social and identity groups to some degree. Implicit biases are the attitudes or stereotypes that affect our understanding, actions, and decisions in an unconscious manner. - Studies have shown that the majority of the problems posed by diversity and inclusion result from implicit bias. As users, maintainers and contributors of Open Source Software, we may have encountered different marginalized groups that have shared their encounters of bias in Open Source communities. - Most persons are ignorant of this bias and its impact on the victims. In an Open Source Project, a typical example of implicit bias could be, assuming that a female employee will be less competent for a role compared to a male employee. - In this session, I will be talking about: What Diversity and Inclusion is, Why Diversity and Inclusion matter? Challenges faced by underrepresented groups in open source communities, Identifying Bias, What implicit Bias is, The different forms of implicit Bias, Why it is important to create awareness of this bias and How these biases can be improved.</p> - - Anita Ihuman - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 16:15 - 00:45 - M.community - community_recognition - Are we being inclusive with our community recognitions? - - Community - maintrack - - <p>Recognizing community members is one of the most enjoyable activities for community managers. It is a great opportunity to thank people for their work and highlight their contributions to the rest of the community. However, we need to evaluate if we’re truly being inclusive with our community recognitions. For example, when discussing contributors, we still see a lot of emphasis on the volume of contributions on project repositories (i.e., code) that some may find intimidating. This focus on code is partly because contributions on tools like GitHub and GitLab are easier to measure and quantify.</p> - -<p>On the other hand, it can be more challenging to measure (or even notice) how much a community member is helping others on platforms like Discord, Matrix, Slack, etc. When someone helps a newcomer by answering a quick question in chat, it’s easy to miss that among other discussion threads. Even though it can be more challenging to quantify non-code contributions, it’s crucial to look beyond repositories to see how people are helping to improve our communities. In addition to contributions in chat-like platforms, this can include sharing their use cases, participating in meetups, providing honest feedback in 1-on-1 conversations, etc. Looking across a broad spectrum of contributions will help ensure that we recognize everyone regardless of their background, interests, and skillset.</p> - <p>Also, not everyone is comfortable with public recognition. Some may feel uncomfortable being in the spotlight or even think what they have done is not significant enough (sometimes I see this with contributors from underrepresented groups). In these instances, it is important to find ways to let them know that the community appreciates their work without putting them in an awkward position.</p> - -<p>In this talk, Ray will share his experience identifying different contributions, community recognition examples (both good and bad), and feedback he received on community recognition programs. There will also be a discussion on how inclusive recognition is vital for strengthening the sense of belonging in the community.</p> - - Ray Paik - - - More inclusive recognitions - Screenshot from Q&A (1 of 4) - Screenshot from Q&A (2 of 4) - Screenshot from Q&A (3 of 4) - Screenshot from Q&A (4 of 4) - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 17:00 - 01:00 - M.community - community_mentorship - Enabling Next Gen of Diverse Maintainers and Employees Through Mentorship - - Community - maintrack - - <p>Finding brilliant and diverse engineers, who could maintain complex open-source projects, lead communities and be productive employees is an extremely hard task these days. It’s easy for aspiring talents to feel lost, be ashamed and give up in the process due to the transparent aspect of work in open source. We believe we found a quite neat shortcut to this!</p> - -<p>The solution is called “structured mentoring” and in this talk, Prem and Bartek, maintainers of CNCF projects, will explain why this is a game-changer, based on their experience mentoring 20+ talents for the Thanos and Prometheus projects.</p> - -<p>There are many mentoring programs like LFX, GSoC or Outreachy but it is easy to make mistakes, get lost and have no results from mentoring if not done carefully.</p> - -<p>Join us to learn what processes worked the best to get the most out of the open-source mentorship. Learn what mistakes to avoid, how to get mentored and how to start mentoring in your company or open source project today</p> - - - Bartek Plotka - Prem Saraswat - - - Slides - - - Mentorship Guide - Mentorship Guide 2 - Mentoring Meetups - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - 10:00 - 01:00 - M.misc - misc_foss - All the World's a Stage and FOSS is playing many parts - With the spotlight of the world's Governments shining on security, sustainability and software, how will FOSS survive the limelight? - Miscellaneous - maintrack - - <p>The FOSS Communities have been debating how to manage security, sustainability and funding of FOSS for years but today a global and political lens is being shone on them.</p> - -<p>Commercial debates over licensing and revenue models around FOSS based businesses peak in 2021 with the Elastic transition away from FOSS to an SSPL licence and the fallout and debate from this.</p> - -<p>The European Commission's Digital Decade is clear that its basis will be a FOSS infrastructure and Europe has been passing laws and regulations to support its open first approach, as it seeks digital and data sovereignty.</p> - -<p>The inevitable success and adoption of FOSS in our national infrastructures and recent security issues have the minds of Governments focused on FOSSS, to the extent that the White House plans a meeting to discuss FOSS security in January having issued an ordinance recommending the use of Software Bill of Materials.</p> - -<p>China's Ministry of Industry and Information Technology has shared a 5 year software plan saying "software defines the world of the future, open source determines the future of software," as it plans global collaboration to improve its open source activities.</p> - -<p>In the UK, hosting COP26 shone a spotlight on energy and the UK Energy Sector Digitalisation Task force which has already suggested Open Data, will consider the use of open source software by default in its recommendations to Government in January. Whilst the NHS' data strategy issued in 2021 requires that open source software should be the default in healthcare.</p> - -<p>This talk will stitch together these global threads, laws and policies to take a holistic view on the insurmountable success of FOSS in the last decade and the inevitable challenges being faced as a consequence of that success and the very nature and heart of FOSS in the Commons.</p> - -<p>Sharing some policy suggestions and thoughts this talk will consider whether it may be time to shift the landscape. Is 2022 the year to recognise the need for FOSS to be characterised as a public good and to secure the interaction not only of business but of the State in funding and securing FOSS in the long term? How can this ensure sustainability of FOSS through its maintenance and sustainability of the planet by elevating the role of FOSS within environmental sustainability?</p> - -<p>With a deep consideration of recent economic and policy discussions this keynote talk with pull many strands together to start 2022 with a focus on FOSS, funding and a secure and sustainable future.</p> - - - Amanda Brock - - - - - talk - Berlin Buzzwords talk commercial models - IT Pro Keynote open and cloud - talk commerical - Percona Live Keynote - Keynote - Keynote - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 11:00 - 01:00 - M.misc - misc_business - The Business Of Open Source - How big money, investors, and greed are changing open source forever - Miscellaneous - maintrack - - <p>The changing landscape of the open-source industry has taken a potentially dark turn in the last few years. Instead of focusing on inclusion, innovation, and collaboration a new generation of so called open source drive companies has emerged flush with investor money and looking to maximize the returns for their investors and shareholders at all costs. In an effort to accelerate “revenue” and “profits” these companies are looking to rewrite the definition of what they consider open source. We are in a battle for not only the hearts and minds of the FOSS community but our collective future. As new developers start open source projects more will be compelled to choose more restrictive licensing models ( i.e. SSPL ), invest less in the community, and “control” as much of the code and product as possible. I will talk about the trend, talk about the common business models, and offer a few alternatives.</p> - - - Matt Yonkovit - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 12:00 - 00:45 - M.misc - misc_europe - European digital sovereignty and open source - How Europe is regulating big tech and what's in it for FLOSS - Miscellaneous - maintrack - - <p>The European Union is working with great energy on new rules for digital markets, targetting first of all the big global Internet platforms. Building on the global impact of the GDPR, efforts like the Digital Services Act, the Digital Markets Act, the AI Regulation, the Data Governance Act and the GAIA-X initiative attempt to restrain the superpowers of the big American and Chinese companies and promote rights and opportunities for Europeans, restoring the EU's ability to control its own slice of the Internet and reducing the dependency on foreign products and services. Open source is one of the strategic tools for this objective, and open source projects and companies could be benefited by these changes. Watch the talk to learn what is happening!</p> - <p>The talk will start by recollecting how we started up with an open, interoperable Internet that allowed everyone to cooperate and deploy new content and services, and ended up with a concentration of money and power of unseen scale in the history of mankind. Technical and market developments are centralizing the Internet more and more into the hands of a few companies, very concentrated in terms of geography, jurisdiction, ownership and views of the world. We will discuss how the EU plans to counter these trends, what the various regulations and projects are, and how they would work.</p> - -<p>We will then focus on how open source in Europe could be impacted by the new rules. Some of the provisions are particularly in line with an open, distributed Internet architecture, mandating the adoption of open standards and interoperability and preventing dominant players from advantaging their own applications and services over independent ones. Social media, instant messaging and mobile apps are three sectors that could be particularly affected.</p> - -<p>In the end, the talk aims to create awareness in the European open source community around the changing regulatory scenario, so that we are ready for it.</p> - - Vittorio Bertola - - - Slides for the talk - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 01:00 - M.misc - misc_raku - Debunking The Myths About The Raku® Language - Let's talk about some common misconceptions about the Raku language and why it is not Perl6 anymore - Miscellaneous - maintrack - - <p>The Raku language, formerly known as Perl6, sometimes gets incorrect coverage when it comes to "expert opinions". In this talk we will consider the common misconceptions about the language, what's wrong about them, and why your impression about the language might be wrong. Let's see how we can make it much better!</p> - <p>Developers are mostly busy people. Such resource as "spare time" is scarce among them and must be used wisely. When there is no time to research a topic on our own, we trust others to do it for us and express their opinion, which we tend to accept. But, unfortunately, for many reasons those opinions may not represent the real state of the things. When it comes to Raku, some still consider it based on factors, which are no longer valid, or which influence the language in an anticipated way. This talk in intended to provide you with real information about the Raku language, its strong and, perhaps, weak sides. Bight first of all, this talk is about letting you to build up your own view at the language.</p> - - Vadim Belman - - - - - The Raku® Programming Language - The most mature, production-ready implementation of the Raku language. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:25 - M.security - security_seamless_kernel - Seamless Kernel Update - Seamless kernel update practice in linux based on kexec and criu - Security - maintrack - - <p>Currently, operating systems have become increasingly complex and thus more sensitive to security problems and performance issues. In some circumstances, developers have to reboot their systems in order to patch security vulnerabilities, fix bugs, and add new features, which will bring unavoidable downtime for running applications. Live-patch is an elegant solution. But, it can only work in 30 percent of circumstances. In our project, we put another solution into practice. We use a checkpoint-and-restart mechanism to retore applications' status and then switch the kernel fastly.</p> - - - Longjun Luo - - - Seamless Kernel Update.pdf - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 11:00 - 00:25 - M.security - security_secpaver - secPaver: Security Policy Development Tool - - Security - maintrack - - <p>Security design is an very important step in the software development. In order to meet the principle of least privilege, developers make rules for applications based on data flow and control flow of processes, such as SELinux and AppArmor. This step can be automated with secPaver. With the permission description of application, secPaver can generate security policy for different security mechanisms. By this way, security design can be simplified, and developers do not need to know many details about security mechanisms.</p> - -<p>secPaver is a policy development tool that supports multiple security mechanisms. It aims to help users implement end-to-end security policy development, including visible policy design, iterative development, and policy release. It provides functions such as policy configuration, automatic generation, running test, missing rule gathering, and policy package export. secPaver shields security mechanism details and abstracts unified policy configuration file definitions and operation interfaces for different security mechanisms, improving policy development efficiency and reducing learning costs for developers.</p> - -<p>project address: https://gitee.com/openeuler/secpaver/</p> - - - HuaxinLu - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 12:00 - 00:40 - M.security - security_rust - Why safe programming matters and why Rust - Fast, safe and sustainable programming with Rust - Security - maintrack - - <p>Security in programming starts from the programming language itself. The majority of CVEs we encounter are due to memory safety issues and I'm here to talk about how a language like Rust is the way forward in avoiding those. Rust is a great programming language. It is a developer favorite and is rapidly gaining a foothold outside of systems programming. It has the potential to become a great general-purpose language with little of the overhead of traditional high-level general-purpose languages. Rust is fast, safe, and sustainable. Today I'm going to take you through the strengths and weaknesses of Rust and why it will be a great general-purpose language. Beware, I'll be doing comparisons with your favorite languages.</p> - - - Deepu K Sasidharan - - - Why safe programming matters and why Rust? - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:00 - 00:45 - M.security - security_sbom - The distinctive qualities of Software Bill of Materials - - Security - maintrack - - <p>Software Bill of Materials (SBOMs) have emerged as a powerful tool for -guiding supply chain security in modern software development -environments. As an 'ingredients list' of files, package dependencies -and other artefacts that a piece of software is made up of, Software -Bill of Materials are becoming an essential part of modern software -development practices.</p> - -<p>Open source software provides great transparency and can yield rapid -vulnerability patching, but this is too often compromised by sprawling -dependency trees which make it difficult to find vulnerable components -in larger software projects. With SBOMs, there's a way of effectively -cataloguing software components and the package metadata needed to check -the integrity, pedigree and provenance of software supply chains. This -talk will cover the benefits of having a common standard for creating, -sharing and consuming Software Bill of Materials, what SBOMs should and -should not contain, and how to use SBOMs to inform security measures -across the diverse range of package ecosystems.</p> - <p>In particular, this talk will cover the distinctive qualities of -effective Software Bill of Materials:</p> - -<p>Immutability - it may be tempting to include known vulnerabilities and -other dynamic data in SBOMs, but this leads to uncertainty and -duplication of effort when that data inevitably changes. This talk will -show how to link dynamic data into SBOMs in a way that maintains the -SBOM's immutability.</p> - -<p>Verifiability - it's hard to trust an SBOM when you can't verify that -its contents are correct. Including robust cryptographic hashes is a -critical part of creating SBOMs. This talk will show how relationships -in SBOMs can be used to associate the hashes of build artefacts with -source code, providing a way to trace back to the original projects even -when programs are statically linked!</p> - -<p>Compatibility - no one program can check for vulnerabilities of all the -different types and across all package ecosystems, so the use of SBOMs -as a compatible format for communication between security tools is -essential for dependency analysis at scale. This talk will cover the -current state of compatibility between security tools, concluding with -practical ways that developers can integrate SBOM creation and ingestion -into their build systems.</p> - - Sebastian Crane - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:00 - 00:45 - M.security - security_trousseau - Trousseau - the Kubernetes Key Management Service provider - How to keep all your Kubernetes secrets safe the native way - Security - maintrack - - <p>By design, Kubernetes will store secrets encoded in base64 within its etcd resulting in an insecure solution.<br/> -While a couple commercial and open-source solutions exist to solve this problem, they all call for a separate set of tools, skills and limitations along with hardstop from CISO and Security Architect. -Kubernetes put in place a KMS provider plugin framework and Trousseau leverages it to solve the secret management using standard Kubernetes API secret objects and constructs.</p> - <p>While there are significant efforts to improve Kubernetes component layers, the state of Secret Management is not receiving much interests. -Using etcd to store API object definition &amp; states, Kubernetes secrets are encoded in Base64 and shipped into the key value store database. Even if the filesystems on which etcd runs are encrypted, the secrets are still not.</p> - -<p>Instead of leveraging the native Kubernetes way to manage secrets, commercial and open source solutions solve this design flaw by leveraging different approaches all using different toolsets or practices. This leads to training and maintaining niche skills and tools increasing cost and complexity of Kubernetes day 0, 1 and 2.</p> - -<p>Once deployed, Trousseau will enable seamless secret management using the native Kubernetes API and kubectl CLI usage while leveraging an existing Key Management Service (KMS) provider. -How? By using using the Kubernetes KMS provider framework to provide an envelop encryption scheme to encrypt secrets on the fly.</p> - - Romuald Vandepoel - - - Trousseau - the Kubernetes Key Management Service provider - - - Trousseau Project Repository - Trousseau website - Fosdem 2021 - Lightning Talk - Secrets or not, but don't clear text - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 00:45 - M.security - security_wishes - What I wish I knew about security when I started programming - - Security - maintrack - - <p>Eighteen years into my career, I decided to pivot and move from infrastructure-related work to the world of application security. -If there’s one thing I’ve learned in the three years of working in application security is that it’s a funny business. Our entire business model is based on pointing out the mistakes of other programmers.</p> - -<p>In this talk, I want to shoot myself in the foot and share some concepts that could help eliminate a lot of those mistakes, and reduce my job to snuffing out the more interesting mistakes.</p> - - - Allon Mureinik - - - Slides from the talk - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 16:00 - 01:00 - M.security - security_tls - Secure Communication with Tls - - Security - maintrack - - <p>Tls/ssl forms the backbone of secure digital communication. This presentation covers the details about the tls protocol and its use of lower-level cryptographic methods. There is also an extensive section about the creation and use of digital certificates for authentication, with examples from web servers and Postgres.</p> - - - Bruce Momjian - - - - - slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 17:00 - 00:45 - M.security - security_sudo - Sudo - Watch and control your blind spots - Security - maintrack - - <p>Sudo is used by millions to control and log administrator access to systems, but using only the default configuration, there are plenty of blind spots. Using the latest features in sudo lets you watch some functions that previously were blind spots and you can also control access to them. There were several minor and major changes since the 1.9.0 release that I discussed in my previous FOSDEM talks. Here are the four major new features allowing you see your blind spots:</p> - -<ul> -<li><p>instead of giving full shell access, you can fine-tune the working directory and chroot settings</p></li> -<li><p>JSON-formatted logs give you more details on events and are easier to act on</p></li> -<li><p>relays in sudo_logsrvd make session recording collection more secure and reliable</p></li> -<li><p>you can log and control sub-commands executed by the command that is run through sudo</p></li> -</ul> - - <p>Previously, there were quite a few situations where you had to give users full shell access through sudo. Typical examples are when you run a command from a given directory, or run commands in a chroot environment. You can now configure the working directory or the chroot directory and give access only to the command the user really needs.</p> - -<p>Logging is one of the main roles of sudo, to see who did what on the system. Using JSON-formatted log messages gives you even more information about events. Also, structured logs are easier to act on. Setting up alerting for suspicious events is much easier when you have a single parser to configure for any kind of sudo logs. You can collect sudo logs not only by local syslog, but also by using sudo_logsrvd, the same application used to collect session recordings.</p> - -<p>Speaking of session recordings: instead of using a single central server, you can now have multiple levels of sudo_logsrvd relays between the client and the final destination. This allows session collection even if the central server is unavailable, providing you with additional security. It also makes your network configuration simpler.</p> - -<p>Finally, you can log sub-commands executed from the command issued through sudo. You can see commands started from a shell. No more unnoticed shell access from text editors. And, best of all: you can also intercept sub-commands.</p> - - Peter Czanik - - - Sudo -- watch and control your blind spots - - - sudo/syslog-ng/personal blog - Video recording(WebM/VP9) - Video recording(mp4) - Answers to Q&A questions I could not answer live - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - 13:00 - 00:20 - L.lightningtalks - lt_whale - Open source to IRL whale card game (python/Golang/WebGL) - How open source helped me create a physical card game - Lightning Talks - lightningtalk - - <p>How open source gave life to a physical cards project and raised funds to help saving whales.</p> - -<p>Inkscape helps to create digital designs from paper, machine learning balances the rules of the game, golang and TUI make the game virtual and webgl creates music with whales singing in the ocean.</p> - <p>Drawing entousiast I created a set of whales designs that I liked.</p> - -<p>Talking with a friend I encontered a nice ML project about card games rlcard (link below).</p> - -<p>This helped me to create a ml version to explore rules of the game whale-ml (link below). The created bots showed that the number of card available in the game would change the strategy of players, knowing that I could choose to balance the rules so that new players could win too !</p> - -<p>Helped by the golang community I could create A TUI version : whale-tui (link below).</p> - -<p>Fascinated by the sounds of whales is the sea I decided to create a sampler to use singing whales to create music : whale-sampler (link below).</p> - -<p>Donate for the whales to a nice NGO Miraceti (link below).</p> - - pmalhaire - - - Whale slides - Video recording(mp4) - - - whale-ml project to explore rules of the game - whale-tui terminal version of the game in golang. - whale-sampler sampler to use the sounds of whales to create music - donate for whales to miraceti - RLCard: A Toolkit for Reinforcement Learning in Card Games - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:20 - 00:20 - L.lightningtalks - lt_netota - NetOTA - repository protocol for embedded systems - The sweet spot between global stores and latest-image URLs - Lightning Talks - lightningtalk - - <p>NetOTA is a new repository protocol designed for the IoT ecosystem. It sits between global app-stores and single-URL update links, offering practical features without sacrificing simplicity.</p> - - - Zygmunt Krynicki - - - - - - NetOTA Git repository - SysOTA Git repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 13:40 - 00:20 - L.lightningtalks - lt_openhps - Rapid Prototyping of a Positioning System - Using the OpenHPS Framework - Lightning Talks - lightningtalk - - <p>The creation of a positioning system has use cases for indoor, outdoor and even small-scale deployments. These solutions often use a broad range of technologies and algorithms that each have their advantages as well as limitations. Existing open source positioning solutions often offer a complete package for indoor navigation or asset tracking that allows developers to set up a specific application with minimal effort. However, these positioning solutions offer little room for developers to customise them.</p> - -<p>OpenHPS is an open source hybrid positioning framework for creating a positioning system without being bound to a specific technology or a set of algorithms. Developers are free to choose the data they want to use, from where they want to obtain this data, how to process the data and finally how to use the outcome of the positioning system. In this presentation we will present the modularity and ecosystem around the OpenHPS framework, some technical aspects as well as the current state of the project.</p> - <p>A localisation system often has use cases such as tracking employees or navigating people at a conference. When looking at the problem in a more broader -perspective the use cases often span way beyond the tracking and navigation of people. Whether it is a use case where pawns need to be tracked on chessboard or -a robot needs to navigate itself outside and through multiple buildings, different approaches need to be used.</p> - -<p>Using use case specific software development kits would be an easy solution for developers, but with the constantly changing technologies and algorithms these different platforms cause a fragmentation -of knowledge over multiple programming languages and hardware. Being created in TypeScript, the framework can be deployed on a variety of devices while making use of the large number of packages that are available. A process network design is used to process data from a source to sink. The processing can be done locally, remote and even distributed over multiple processes, web workers or remote machines. Each part of the process network is modular, allowing developers to share algorithms that will be compatible with the same data structure used throughout the framework. In addition, this process network design allows existing algorithms in different programming languages to be accessed as 'part of the processing'.</p> - -<p>With the OpenHPS project we want to create an ecosystem of modules that each focus on a specific aspect in the creation of a positioning system. Modules for different storage techniques, remote communication, computer vision and different sensor sources already exist that will be further discussed in the current state part of the presentation. At its core, the framework is aimed towards developers that have a basic understanding of implementing a positioning system by means of combining parts of the process network. This method of development allows the rapid prototyping of a complete positioning system that can later on be deployed in a production environment.</p> - -<p>Future work in the project will create additional layers of abstraction that allows the development of a system without the required knowledge of the algorithms. However, because the framework is still modular at its core, these abstractions will still allow developers to tweak the system to do the task it is designed to do.</p> - - Maxim Van de Wynckel - - - Presentation Slides - - - OpenHPS Website - GitHub Repositories - Core Component - Technical Report - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:00 - 00:20 - L.lightningtalks - lt_car_whispering - Car Whispering: the AI Mechanic - TinyML Audio Event Detection - Lightning Talks - lightningtalk - - <p>Embedded Machine learning is a fascinating subject that I am researching as part of my PhD. Several years ago, a buddy (Pearse Gough) and I discussed audio fault detection for common faults, but the technology was less accessible and primarily cloud dependant.</p> - <p>Running TinyML on an ESP32 Microcontroller or Arduino BLE Sense with a microphone, I will demonstrate fault detection through audio event detection on a vehicle. Using a pre-trained model of audio events, running on an MCU with a microphone. I will also share my model and code via Edge Impulse and Git.</p> - - Eoin Jordan - - - Fosdem AI Mechanic v3 slides - Fosdem AI Mechanic v3 slides - - - AI Mechanic V2 as presented - Sample Code on Git CarWhispering - Shared Model on Edge Impulse - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:20 - 00:20 - L.lightningtalks - lt_oniro - Oniro project, the new IoT platform from Eclipse Foundation - How to transform existing impediments towards a healthier competition in the IoT & Edge space - Lightning Talks - lightningtalk - - <p>Oniro is an Open Source platform hosted by the Eclipse Foundation that aims to create a healthier competition in the IoT &amp; Edge industries by providing a vendor-neutral environment to foster collaboration under open governance principles and processes.</p> - <p>Oniro Platform for IoT &amp; Edge enables the interconnectivity of devices and machinery from different vendors as well. It allows new business propositions that, unlike today, are not necessarily cloud-dependant, among other business and product innovations.</p> - -<p>The talk will describe what is Oniro, focusing on architectural and technical aspects, its state of the art, some relevant early results and next steps.</p> - -<p>Oniro is currently in Incubation stage and initial contributions to the Eclipse Foundation from the Supporter organizations (code, infrastructure, tools, documentation, etc.) are being migrated to Eclipse. These assets are already published under Open Source licences so distribution and contributions are not just possible but welcome.</p> - - toscalix - - - Oniro project, the new IoT platform from Eclipse Foundation - - - Project landing page at this stage - Oniro Working Group Charter - Oniro Platform community Driven projects Charter - Assets being transferred to Eclipse Foundation - Source code - Documentation - Oniro chat - Oniro working group mailing list - General technical discussions mailing list - More about the speaker - First Oniro project contributed: SysOTA - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 14:40 - 00:20 - L.lightningtalks - lt_edge_workloads - Manage workloads on disconnected far edge - Edge Computing. - Lightning Talks - lightningtalk - - <p>Edge devices deployed out in the field pose very different operational, environmental, and business challenges from those of cloud computing. These motivate different engineering trade-offs for Kubernetes at the far edge than for cloud or near-edge scenarios.</p> - -<p>In this lightning talk we will introduce an open source project called microshift and demonstrate how microshift can run and manage workloads on disconnected far edge devices by making frugal use of system resources. We will demonstrate managing edge deployments that can tolerate severe networking constraints, update/rollback securely, safely, speedily, and seamlessly, esp without disrupting workloads, and build on and integrate cleanly with edge-optimized OSes like Fedora IoT. Microshift can be used as a development tool, we provide a MicroShift image that bundles host dependencies like CRI-O and useful tools like the kubectl client, so it can run on most modern Linux distros, on OSX, and on Windows.</p> - - - parsingh - - - - - https://github.com/redhat-et/microshift/ - https://microshift.io/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:00 - 00:20 - L.lightningtalks - lt_re_lsearch - A lightning intro to re-Isearch - re-Isearch, the 27 year old new kid on the search block - Lightning Talks - lightningtalk - - <p>Project re-isearch is a novel multimodal search and retrieval engine using mathematical models and algorithms different from the all-too-common inverted index. The design allows it to have, in practice, effectively no limits on the frequency of words, term length, number of fields or complexity of structured data and support even overlap--- where fields or structures cross other's boundaries (common examples are quotes, line/sentences, biblical verse, annotations). Its model enables a completely flexible unit of retrieval and modes of search. -Developed using a highly portable C++ subset to be RAM efficient, the engine provides also bindings to a number of other languages such as Python, Tcl, Java etc.</p> - <p>“Re-isearch” is a project following in the spirit of the original isearch developed back in the 1990s. Reborn in 2020 in the middle of the global Covid19 pandemic as Project re-Isearch.</p> - -<p>Like the original, it is not just about textual words but pushes the envelope. re-Isearch is multi-object, multi-modal and with an unharnessed unit of retrieval.</p> - -<p>Mainstream search engines are about finding any information: "a list of all documents containing a specific word or phrase”. -So search engines paradoxically return both too much information (i.e. long lists of links) and too little information (i.e. links to content, not content itself). -The re-Isearch engine is, by contrast, about exploiting document structure, both implicit (XML and other markup) and explicit (visual groupings such as paragraph), to zero in on relevant sections of documents, not just links to documents. This concept of search granularity is a radical departure from other designs. With typical text indexers one has the concept of document or record and that is the unit of index and the unit of retrieval. Instead we can have a dynamic search time unit of retrieval: user specified or heuristically determined. The structure of of documents can be exploited to identify which document elements (such as the appropriate chapter or page) to retrieve. Retrieval granularity may be on the level of sub-structures of a given document or page such as line, paragraph but may also be as part of a larger collection.</p> - -<p>Like the original, it is not just about textual words but the design contains a large number of objects: numerical, range, geospatial etc. It is unique among full-text systems in that it also provides numerous object types with their own methods of search and allows these to be viewed parallel as text--- a date field (of which it will be one of the first to support some key parts of the new ISO-8601:2019 standard date semantics), for instance, can be searched as a date but also a text, searching for the words in the field.</p> - - Edward Zimmermann - - - - - Repro - Linkage - PDF of (updated) slide stack - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:20 - 00:15 - L.lightningtalks - lt_luox - luox - An open-source, open-access web platform implementing international standards for the quantification of light - Lightning Talks - lightningtalk - - <p>Light exposure is not only important for seeing the world around us, it is also a key driver for health and well-being. The quantification of light, particularly in parameters relevant for humans, is subject to international consensus documents developed by the International Commission on Illumination (abbreviated as CIE = Commission Internationale de l’Eclairage). This includes quantities for the intensity of light exposure (e.g., illuminance, measured in lux) or indices of how well a light source renders colours (e.g., Rf). The CIE provides various spreadsheet-based tools for calculating these quantities from spectral measurements of radiant energy. Here, we present and discuss the open-source and open-access web platform luox, which was developed with researchers in mind to simplify the process of calculating relevant aspects of light exposures in experiments with human participants. We specifically focus on the challenges of translating written documents and equations into a web based platform using ES6 and ReactJS.</p> - - - Somang Nam - - - luox_fosdem_slides - - - https://luox.app/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - 15:40 - 00:20 - L.lightningtalks - lt_aretext - aretext: minimalist text editor with vim-compatible key bindings - - Lightning Talks - lightningtalk - - <p>Aretext is a terminal-based text editor with vim-compatible key bindings. Today, aretext supports nearly 100 of the most common vim commands, with more added in each release. Its minimalist design reflects the Unix philosophy: simple software that composes easily with other terminal-based tools -- compilers, formatters, tmux, and more!</p> - -<p>In this lightning talk, we'll see how aretext's carefully-chosen features provide an efficient and powerful editing experience with minimal configuration.</p> - - - Will Daly - - - - - aretext GitHub repo - aretext website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:15 - D.ada - ada_introduction_room - Introduction to the Ada DevRoom - - Ada - devroom - - <p>Welcome to the Ada Developer Room at FOSDEM 2020, which is organized in cooperation with Ada-Europe and Ada-Belgium.</p> - -<p>This year marks the first edition on which the devroom takes place on an online format. For that reason, this presentation will explain how does it work and how can the public use the systems provided by FOSDEM and interact with the speakers. We will also introduce the Ada-Europe and Ada-Belgium organisations. This small introduction also serves as a test to make sure the systems are working as expected and that any questions that may take place from the public can be answered.</p> - - - Fernando Oleo Blanco - - - Slides - - - Ada-Europe info-sheet - Ada DevRoom information and schedule sheet - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:15 - 01:05 - D.ada - ada_introduction_beginning_experienced - Introduction to Ada for Beginning and Experienced Programmers - - Ada - devroom - - <p>An overview of the main features of the Ada language, with special emphasis on those features that make it especially attractive for free software development.</p> - -<p>Ada is a feature-rich language, but what really makes Ada stand-out is that the features are nicely integrated towards serving the goals of software engineering. If you prefer to spend your time on designing elegant solutions rather than on low-level debugging, if you think that software should not fail, if you like to build programs from readily available components that you can trust, you should really consider Ada</p> - - - Jean-Pierre Rosen - - - Introduction to Ada for Beginning and Experienced Programmers - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:25 - D.ada - ada_looks_good_game - Ada Looks Good, Now Program a Game Without Knowing Anything - - Ada - devroom - - <p>In 2020 I started live streaming the development of a turn-based strategy game. At that time I had little idea about Ada, programming or game development (nothing has changed about that to this day). But by September 2020 it had taken the early form of a Civilization clone. After more than a year of development, it has become almost a real game with its own features. And now I'm going to talk a little bit about some experiences and weirdnesses with game development in Ada</p> - - - Stefan Hild - - - - - My Civilization like game on GitHub - My test rpg game on GitHub - I stream the development of my game on YouTube. - I also stream the development of my game on Twitch. - Good tutorial to learn Ada. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:45 - 00:35 - D.ada - ada_numerics_model - The Ada Numerics Model - - Ada - devroom - - <p>The requirements for Ada numerics were to provide portable arithmetics without unacceptable performance cost. This talk shows how this was achieved by interval arithmetics without requiring a particular implementation model, like IEEE arithmetics.</p> - - - Jean-Pierre Rosen - - - The Ada Numerics Model - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:20 - 00:30 - D.ada - 2022_alire_update - 2022 Alire Update - - Ada - devroom - - <p>At FOSDEM 2020 we presented the first version of Alire, the package manager for the Ada Open Source ecosystem. Two years later, the tools and its ecosystem have evolved, in some instances based on the feedback received at FOSDEM. So we want to give you an update on the new features and improvements, including:</p> - -<ul> -<li>Pin system: intended to help with the development and use of WIP crates.</li> -<li>Crate configuration: that enables static code generation before compilation.</li> -<li>Toolchains: that enable easy installation of [cross-]compiler and builder versions.</li> -<li>Auto GPR with: for automatic “with”ing of dependencies.</li> -<li>Etc.</li> -</ul> - - -<p>We will also have a look at the ecosystem of crates available in the Alire community index.</p> - - - Fabien Chouteau - Alejandro R. Mosteo - - - - - Alire website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:50 - 00:25 - D.ada - ada_sweetada - SweetAda - A Lightweight Development Framework for the Implementation of Ada-based Software Systems - Ada - devroom - - <p>SweetAda is a lightweight development framework whose purpose is the implementation of Ada-based software systems.</p> - <p>Welcome to SweetAda.</p> - -<p>SweetAda is a lightweight development framework whose purpose is the implementation of Ada-based software systems.</p> - -<p>The code produced by SweetAda is able to run on a wide range of machines, from ARM® embedded boards up to x86-64-class machines, as well as MIPS® machines and Virtex®/Spartan® PowerPC®/MicroBlaze® FPGAs. It could theoretically run even on System/390® IBM® mainframes (indeed it runs on the Hercules emulator). SweetAda is not an operating system, however it includes a set of both low- and high-level primitives and kernel services, like memory management, PCI bus handling, FAT mass-storage handling, which could be used as building blocks in the construction of complex software-controlled devices.</p> - -<p>SweetAda has some distinctive characteristics, like: -- is ROMable -- uses a ZFP run-time -- has no dependencies; neither external libraries nor underlying code are needed</p> - -<p>SweetAda has a complete toolchain (assembler, linker, Ada compiler and debugger), and optionally you could even use a machine emulator, which can execute the final output code inside a virtual target. In order to use SweetAda, a decent POSIX® environment with a Bash shell and GNU Make are required. For a Linux® workstation this is quite standard, while for a Windows® machine you can download and install either MSYS2 (preferred) or Cygwin®. Anyway, SweetAda toolchains for Windows have an integrated Make suited for a Windows CLI. Being completely makefile- and script- driven, SweetAda is completely configurable and has many hooks which allow an easy integration in a GUI environment such as, e.g., Eclipse, KDE Kate or Visual Studio Code. Insight debugger is also available.</p> - -<p>SweetAda comes with high-quality GNU toolchains based on modern official FSF Binutils/GCC/GDB releases, unpatched and compiled with strictly controlled options. The emulators are mainly based on the latest QEMU™ official release, augmented with the IOEMU physical I/O system, which allows software code to interact with a visual environment.</p> - -<p>To make SweetAda generic and, at the same time, reliable, it is regularly tested against an heterogeneous set of machines which are able to successfully execute the system code, e.g.: -- PC-style PIIX3/PIIX4 motherboards (ROM-boot) -- DECstation 5000/133 MIPS R3000 (ROM-boot) -- Memec FX12 Virtex-4 PPC405 (JTAG-boot) -- DigiNS7520 board ARM7TDMI (JTAG-boot) -- Terasic DE10-Lite Nios®II softcore (JTAG-boot) -- MVME1600-011 PPC603 VME board (JTAG-boot) -- Force SPARC®/CPU-3CE VME board (ROM-boot) -- M5235BCC ColdFire development board (ROM-boot) -- SPARCstation™ 5 (ROM-boot) -- Spartan 3E MicroBlaze softcore (JTAG-boot) -- Raspberry Pi™ 3 ARMv8 (microSD-boot)</p> - -<p>The SweetAda software code is compiled by a build machinery which enforces a very high severity level. Usefulness, simplicity and expandability rather than extreme or obscure optimizations are the key features behind the project. Nevertheless, SweetAda grants the possibility of employ appropriate customizations, down to machine code level, to satisfy specific needs.</p> - -<p>SweetAda is in a state of steady growth. BSPs, device drivers, a TLSF memory allocator, TCP/IP basic functionalities, as well as low-level CAN primitives are under heavy development. More target machines and additional feautures/modules such as intrinsic floating point support and expanded SFP runtimes are scheduled in future releases, as well as language tools and system utilities, like ASIS.</p> - -<p>Please note that the platform-specific code included in SweetAda is given as an example. The emphasis of SweetAda is not about operating system design, but rather on exploiting the Ada language everywhere.</p> - -<p>SweetAda is distributed under the terms of the MIT license.</p> - - Gabriele Galeotti - - - SweetAda slides - - - Homepage - SweetAda repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:15 - 00:30 - D.ada - ada_2022_json_like - Use (and Abuse?) of Ada 2022 Features in Designing a JSON-like Data Structure - - Ada - devroom - - <p>Ada 2022 is around the corner with many goodies in the form of new features and featurettes. Arguably small syntax sugar additions combine for the programmer's comfort, like for example user-defined literals and container aggregates, that allow natural initialization of user-defined containers with the same expressions used for basic arrays since the beginnings of Ada. In this talk, I discuss how these features allow the initialization of a container data type for heterogeneous values (a-la JSON) without the need of crutch functions (like the usual "+"). Such an structure could be used for compiled-in definitions but, more ambitiously, a relatively simple parser for a strict subset of Ada could leverage this data structure for natural-looking (to the Ada programmer) configuration files. Such configuration files could be useful for tools that are strictly Ada-oriented, written by and for Ada programmers.</p> - - - Alejandro R. Mosteo - - - Slides for the presentation - - - GitHub repo of the project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:45 - 00:25 - D.ada - ada_adawebpack - Getting Started with AdaWebPack - - Ada - devroom - - <p>Have been tired from JavaScript in Web development? -Do you want to write both client and server sides in Ada? -Are you looking for modern user interface for you application? -Try to use AdaWebPack and run your Ada code in the web browser!</p> - -<p>The presentation introduces AdaWebPack - Ada compiler to -WebAssembly, customized Run-Time library and Web API -binding. It explains the overall architecture of the pack -and includes a short get started demo.</p> - - - Max Reznik - - - Slides - - - Repository - Introductory blog post - Run Ada on Android blog post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:10 - 00:30 - D.ada - ada_adagui - Overview of Ada GUI - - Ada - devroom - - <p>This presentation will introduce the participants to Ada GUI, an Ada-oriented GUI, its philosophy and use, and differences from typical GUI frameworks.</p> - <p>This presentation will introduce the participants to Ada GUI, an Ada-oriented GUI, its philosophy and use, and differences from typical GUI frameworks. Several examples will be presented and some aspects of how the concepts presented are implemented will be discussed.</p> - -<p>Outline:</p> - -<p> I. Introduction - II. Traditional GUI Frameworks -III. Ada GUI philosophy and concepts - IV. Examples - V. Implementation - VI. Summary</p> - - Jeffrey Carter - - - Ada-GUI Slides - - - Github Ada-GUI repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 01:05 - D.ada - ada_sparknacl - SPARKNaCl: A Verified, Fast Re-implementation of TweetNaCl - - Ada - devroom - - <p>SPARKNaCl is a new, verified and fast reefrence implementation of the NaCl API, based on the TweetNaCl distribution. It has a fully automated, complete and sound proof of type-safety and several key correctness properties. In addition, the code is fast - out-performing TweetNaCl on an Ed25519 Sign operation by a factor of 3 at all optimization levels. This talk will cover how "Proof Driven Optimization" can result in code that is both correct and fast on bare-metal embedded targets.</p> - <p>TweetNaCl is a compact reference implementation of the NaCl API. It was initially -constructed to show that an entire crypto library could fit into "100 tweets", but has -since been re-used in some critical applications, such as the WireGuard VPN. -There are no comments in the code at all, and all assurance rests on a single brief -academic paper, and the formidable reputation of the authors.</p> - -<p>Can we do better? Can we produce a reference implementation which is amenable to -automatic verification and yet is competitive with TweetNaCl in terms of performance and code -size?</p> - -<p>This talk presents SPARKNaCl - a complete re-implementation of -TweetNaCl in SPARK, which comes with a fully automated proof of type-safety, -memory-safety and a number of key correctness properties. -Having established a solid foundation, we went on to compare the performance and code size of -SPARKNaCl against the original C implementation. Various transformations and optimizations -have been applied that result in SPARKNaCl out-performing TweetNaCl -on a bare-metal 32-bit RISC-V machine for a single Ed25519 "Sign" operation, -while retaining automation and completeness of the proof. Furthermore, SPARKNaCl is freely available under the 3-clause BSD licence.</p> - -<p>This talk will present an overview of the results from both the -proof work and performance analysis of SPARKNaCl.</p> - - Roderick Chapman - - - SPARKNaCl Talk Slides - - - SPARKNaCl on GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:50 - 00:35 - D.ada - ada_outsiders_guide - The Outsider's Guide to Ada - Lessons from Learning Ada in 2021 - Ada - devroom - - <p>Ada can be difficult to approach due to using a different vernacular to most other languages, and also having many unfamiliar structures and ways of doing things.</p> - -<p>This is an overview of the Ada language by someone who is new to the language, for programmers from other languages, kept as neutral and objective as possible. See how syntax falls into four categories and the language allows you to opt into features. Learn how Ada fits together at a high level, with an emphasis on the ways Ada differs, using code samples from open source Ada projects.</p> - <p>About a year ago, I still thought Ada looked like COBOL. Since then, I've spent a long time trying to understand the language as a whole, since it's different from many others that I've used. This talk isn't to sell you on the language, but instead to provide a general overview of how the language works.</p> - -<p>This will complement Jean-Pierre Rosen's "Introduction to Ada for Beginning and Experienced Programmers" talk. If you haven't watched his talk yet, I recommend you do so after this one. If you have watched his talk, this should provide a different perspective to help you understand Ada better.</p> - - Paul Jarrett - - - Outsider's Guide to Ada Slides - - - https://pyjarrett.github.io/programming-with-ada/ - https://learn.adacore.com/ - https://en.wikibooks.org/wiki/Ada_Programming - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:25 - 00:40 - D.ada - ada_proving_gnat_light_runtime - Proving the Correctness of GNAT Light Runtime Library - - Ada - devroom - - <p>As a programming language, Ada offers a number of features that require runtime support, e.g. exception propagation or concurrency (tasks, protected objects). The GNAT compiler implements this support in its runtime library, which comes in a number of different flavors, with more or less capability. The GNAT light runtime library is a version of the runtime library targeted at embedded platforms and certification, with an Operating System or without it (baremetal). It contains around 180 units focused mostly on I/O, numerics, text manipulation, memory operations.</p> - -<p>Variants of the GNAT light runtime library have been certified for use at the highest levels of criticality in several industrial domains: avionics (DO-178), space (ECSS-E-ST40C), railway (EN 50128), automotive (ISO-26262). Details vary across certification regimes, but the common approach to certification used today is based on written requirements traced to corresponding tests, supported by test coverage analysis. Despite this strict certification process, some bugs were found in the past in the code. An ongoing project at AdaCore is applying formal proof with SPARK to the light runtime units, in order to prove their correctness: that the code is free of runtime errors, and that it satisfies its functional specifications.</p> - -<p>So far, 30 units (out of 180) have been proved, and a few bugs fixed along the way (including a security vulnerability). In this talk, I will describe the approach followed, what was achieved, and what we expect to achieve.</p> - - - Yannick Moy - - - Proving the Light Runtime - - - Project to build baremetal GNAT runtimes - GCC (including GNAT) source repository - GNAT and SPARK community download - SPARK User’s Guide - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:05 - 00:25 - D.ada - ada_build_manager - Implementing a Build Manager in Ada - - Ada - devroom - - <p>Having used Jenkins with more than 30 projects during 8 years, -it was time to switch to another build manager. -Written in Ada, Porion is a new build manager intended to replace -Jenkins by providing more security, safety and performance.</p> - -<p>The presentation describes the complexity of designing a build -manager. It highlights some security issues that apply to -a build manager and its implementation. It explains the overall -architecture that was chosen and the reason of the choice. -Finally it presents the Ada generation tools that have been -used in this project.</p> - - - Stephane Carrez - - - Implementing a Build Manager in Ada - - - Porion sources on Gitlab - Porion live server - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:25 - D.ada - ada_python_and_julia - Exporting Ada Software to Python and Julia - Applying GPRbuild to make shared object files - Ada - devroom - - <p>The objective is to demonstrate the making of Ada software -available to Python and Julia programmers using GPRbuild. -GPRbuild is the project manager of the GNAT toolchain. -This talk will first present a self-contained small example -to illustrate the making of shared object files from Ada software, -so the software can be used in Python and Julia. -The second part of the talk concerns the application to PHCpack, -a free and open source software package to solve polynomial systems -by homotopy continuation methods, written mainly in Ada, and -available at github at https://github.com/janverschelde/PHCpack.</p> - - - Jan Verschelde - - - - - - PHCpack repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:55 - 00:05 - D.ada - ada_closing - Closing of the Ada DevRoom - - Ada - devroom - - <p>Thank you for participating in this year's Ada devroom!</p> - -<p>After this short closing event, a room will be open for anybody to join and just talk about anything.</p> - -<p>We hope you enjoyed this years edition. Should you have any feedback on how it went, do not hesitate to submit it to the organisers!</p> - -<p>Cheers, -The Ada FOSDEM team.</p> - - - Dirk Craeynest - Fernando Oleo Blanco - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:15 - D.bsd - welcome_to_the_bsd_devroom - Welcome to the BSD devroom - - BSD - devroom - - <p>speech</p> - <p>speech</p> - - Rodrigo Osorio - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:20 - 00:35 - D.bsd - firmware_updates_for_opnsense_and_pfsense - Firmware updates for OPNsense and pfSense with fwupd/LVFS - Secure firmware for routers with the BSD based operating systems - BSD - devroom - - <p>This presentation will describe the results of the proof of concept work that takes into consideration integration of firmware update framework - fwupd/LVFS for OPNsense and pfSense. It will explain the challenges connected with the implementation of firmware update systems for BSD-based firewall and routing software. It will show basic concepts connected to the fwupd and LVFS.</p> - <p>The security of the whole system is not determined only by the software it runs, but also by the firmware. Firmware is a piece of software inseparable from the hardware. It is responsible for proper hardware initialization as well as its security features. That means that the safety of the machine strongly depends on the mitigations of vulnerabilities provided by firmware (like microcode updates, bug/exploit fixes). For these particular reasons, the firmware should be kept up-to-date.</p> - -<p>Routers are highly popular attack vectors, therefore they must be appropriately secured. pfSense and OPNsense are well known secure firewall and routing software, but they do not have any firmware update methods. Therefore to secure hardware initialization of the routers, in this presentation we will present proof of concept work that takes into consideration integration of firmware update framework - fwupd/LVFS.</p> - -<p>Nowadays, this is one of the most popular firmware update software. fwupd is a daemon that manages firmware updates of each of your hardware components that have some kind of firmware. What is more fwupd is open source, which makes it more trustworthy than proprietary applications delivered by hardware vendors designed for (only) their devices.</p> - - Norbert Kamiński - - - - - fwupd GitHub repository - LVFS web service - fwupd documentation - OPNsense webpage - pfSense webpage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - - - 10:00 - 00:30 - D.containers - container_boot2container - Boot2container: An initramfs for reproducible infrastructures - Who needs host OSes for containers anyway? - Containers - devroom - - <p>Fed up with managing your host OS for your docker environment? Try booting your containers directly from a light-weight initramfs! Flash a USB pendrive with the kernel and initramfs, or netboot it locally or from the internet, configure it from the kernel command line. Bonus: It also supports syncing volumes with S3-compatible cloud storages, making provisioning and back-ups a breeze!</p> - <p>Containers have been an effective way to share reproducible environments for services, CI pipelines, or even user applications.</p> - -<p>In the high availability world, orchestration can then be used to run multiple instances of the same service. However, if your goal is to run these containers on your local machines, you would first need to provision them with an operating system capable of connecting to the internet, and then downloading, extracting, and running the containers. This operating system would then need to be kept up to date across all your machines which is error-prone and can lead to subtle differences in the run environment which may impact your services.</p> - -<p>In order to lower this maintenance cost and improve the reproducibility of the run environment, it would be best if we could drop this Operating System and directly boot the containers you want to run. With newer versions of podman, it is even painless to run systemd as the entrypoint, so why not create an initramfs that would perform the simple duty of connecting to the internet, and download a "root" container which can be shared between all the machines? If the size could be kept reasonable, both the kernel and initramfs could then be downloaded at boot time via iPXE either locally via PXE or from the internet.</p> - -<p>This is with this line of reasoning that we started working on a new project called boot2container which would receive its configuration via the kernel command line and construct a pipeline of containers. Additionally, we added support for volumes, optionally synced with any S3-compatible cloud storages.</p> - -<p>This project was then used in a bare-metal CI, both for the test machines and the gateways connecting them to the outside world. There, boot2container helps to provide the much-needed reproducibility of the test environment while also making it extremely easy to replicate this infrastructure in multiple locations to maximize availability.</p> - - Martin Roukala - - - Slides - - - Boot2container - Story about the creation of boot2container - How to netboot your machines from a local network or the internet - Setting up a desktop PC for testing: - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:35 - 00:30 - D.containers - container_debugging - Debugging in containers - Using containers to facilitate debugging by end users - Containers - devroom - - <p>A user reports a bug. Its hardware/kernel/data specific. Is it fixed already? How do we get a debug container to the user to use and get meaningful results back?</p> - <p>MariaDB did this with quay.io/mariadb-foundation/mariadb-devel as the continuously released, in progress latest version of release series. Preview features are also provided here.</p> - -<p>Also created are quay.io/mariadb-foundation/mariadb-debug containers that include debuginfo packages. The mariadb-debug containers needed to include a range of tools and instructions to make it easy for the users and the developers to bridge their divide for an enhanced bug fixing process.</p> - -<p>Containers can also be used to transport a userspace workload to kernel developers to assist improving/fixing kernel features.</p> - -<p>For users wanting to help with bug reporting, or for other communities wanting to replicate the concept, a number of really simple things can help this process along significantly.</p> - - Daniel Black - - - - - Tricky Problems? MariaDB debug container - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:10 - 00:20 - D.containers - container_devfile - Devfile file format - Containerized development environment specification - Containers - devroom - - <p>Red Hat, AWS and JetBrains are working on the Devfile specification. A file format to define container-based development environments. Software development acceleration is the ultimate goal.</p> - <p>Infrastructure as code. Network as code. Everything as a code. It looks like everything can be defined as code, versioned and tested automatically. Everything except development environments. The industry hasn’t come up with a file format to define software environments yet.</p> - -<p>But It is in the best interest of developers that the industry starts to settle on an unified environment configuration format. Currently, vendors of remote cloud-based development environment solutions such as GitHub Codespaces and GitPod are building proprietary solutions for hosting and operating development environments using a similar, yet slightly different environment configuration file (devcontainer.json and gitpod.yaml).</p> - -<p>A big challenge for the Devfile is to ensure that it doesn’t become “yet another configuration file”. Instead, we want it to relate and align with any neighboring configuration files used for CI/CD runs or infrastructure provisioning. A Devfile should be able to give developers an inner dev loop that is in sync with the outer dev loop, yet still provide enough flexibility for developers to experiment and have personal tooling preferences.</p> - - Mario Loriedo - - - - - Devfile Project Webpage - OpenAPI Specification GitHub repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 00:30 - D.containers - container_distributed_storage - Distributed Storage in the Cloud - - Containers - devroom - - <p>Cloud brought many innovations - one of them is inexpensive, scalable and sometimes secure Distributed Storage options. In this presentation we will talk about distributed storage Options modern clouds offers ranging from elastic block devices and object storage to sophisticated transactional data stores.  We will discuss the benefits and new architecture options such distibuted storage systems enable as well as the challenges pitfals you need to be aware about.</p> - - - Peter Zaitsev - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 00:10 - D.containers - container_k8s_webassembly - Extending Kubernetes with WebAssembly - Making Kubernetes Dynamic Admission Control even more Dynamic Using WebAssembly - Containers - devroom - - <p>WebAssembly is a portable binary instruction format that was originally created with the browser as the main execution runtime. However, during the last years, WebAssembly is finding its way also outside of the browser because of the many benefits it provides like portability, security and flexibility. We think WebAssembly can be leveraged by Kubernetes in many ways. This short session will focus on how WebAssembly can be used to write Kubernetes admission policies. We will show an open source Kubernetes Dynamic admission controller that uses policies written in WebAssembly to validate and mutate the requests made against the Kubernetes API server.</p> - - - Rafael Fernández López - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:25 - 00:30 - D.containers - container_k8s_disappear - Freedom Means That Kubernetes Needs To Disappear - - Containers - devroom - - <p>We can enable developers to manage everything yet still be in complete control of the aspects they care about.</p> - <p>We are all moving towards service-based operations and self-sufficient teams. We are all trying to enable developers to be more autonomous. However, it is unrealistic to expect everyone to become an expert on everything, from infrastructure to Kubernetes and everything in between. So, we cannot shift left due to lack of expertise, but we also cannot continue being reactive to the needs of others. The only option left is to simplify services or even remove direct access to infrastructure and Kubernetes.</p> - -<p>We might be able to accomplish those goals through Argo CD or Flux (GitOps), Crossplane (universal control plane), and KubeVela (OAM). By combining those, we can enable developers to manage everything yet still be in complete control of the aspects they care about. GitOps allows us to establish Git as the only point of interaction with the system. Crossplane Composites enable us to simplify developer experience when managing infrastructure. Finally, the Open Application Model (OAM) with KubeVela allows us to define applications instead of Kubernetes resources. If we combine those three types of tools and processes, we can enable operations to define the services used by developers to manage infrastructure and applications. We can do all that without anyone even knowing that there is Kubernetes behind all that.</p> - -<p>For everyone to use Kubernetes, it needs to disappear.</p> - - Viktor Farcic - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.containers - container_harbor - Harbor - The Container Registry - Harbor 101 - Containers - devroom - - <p><strong>Harbor - The Container Registry 101</strong> -Harbor is an open source registry that secures artefacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. -Harbor, a CNCF Graduated project, delivers compliance, performance, and interoperability to help you consistently and securely manage artefacts across cloud native compute platforms like Kubernetes and Docker.</p> - -<p><strong> In this talk: </strong><br/> -* Quick project overview and status, what added value can have to your infrastructure. -* Demo install and few use-cases -* Community walk through - how community works, what meetings we have, how you can participate, what projects we are working on -* Getting engaged with the project! - getting stared with contributing - code, docs - 10 min</p> - -<h1><strong>Come and joins us!</strong></h1> - <p>Orlin Vasilev aka Orlin - Community Manager for Contour - past life: +15 years of SysAdmin/Infra Engineer/Cloud Engineer/DevOps/SRE</p> - - Orlin Vasilev - - - Slides - - - Project home page - Project GitHub - Demo and Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:35 - 00:30 - D.containers - container_flatcar_autoupdate - How I learned to stop worrying and love Flatcar’s auto-update - - Containers - devroom - - <p>Running an up-to-date and fully patched cluster is a key element in operational security. But keeping your cluster’s OS up to date can be challenging for ops/maintenance, sometimes imposing significant effort just to keep the lights on while at the same time keep the workloads functioning. This talk will briefly introduce the atomic OS update mechanism in Flatcar Container Linux - a minimal Linux distribution optimised for running containers at scale - before elaborating on common patterns we recommend and employ to make updating nodes and clusters a low-risk and automatable endeavor.</p> - <p>This talk will discuss common patterns for patching and updating nodes and clusters, focusing on container operating systems with atomic update capabilities – and Flatcar Container Linux in particular. To some extend these patterns and learnings can also be applied to traditional OSes. Target audience are operators and engineers interested in keeping their clusters’ OS updated while running workloads at scale.</p> - -<p>The advent and widespread use of containers to deploy applications helped a great deal to separate application workloads from the underlying operating system. This separation can be leveraged to make OS updates safe and unintrusive.</p> - -<p>For the purposes of this talk we will focus on Flatcar Container Linux, though settings, patterns, and components can be generalised to also apply to other distributions. After w brief overview of Flatcar’s update process, we’ll discuss the importance of testing (with a brief excursion into canaries) and dive into a number of common cluster scenarios and how to keep one’s OS fresh in the respective environment.</p> - - Thilo Fromm - - - - - - - Flatcar Container Linux project on Github - Nebraska update server project on Github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:10 - 00:30 - D.containers - container_k8gb_balancer - A cloud native Kubernetes Global Balancer - Introduction to k8gb - Containers - devroom - - <p>k8gb is DNS based global service load balancer that can interconnect multiple Kubernetes clusters into one resilient system. Join this talk to learn how it can handle a failover scenario when pods in one cluster go down and second cluster in different location saves the situation.</p> - <p>k8gb is an open-source Kubernetes operator that is deployed in each participating cluster. It is comprised of CoreDNS, ExternalDNS and the k8gb controller itself. Using ExternalDNS it can create a zone delegation on a common cloud DNS server like Route53 or Infoblox so that the embedded CoreDNS servers work as an authoritative DNS. K8gb controller makes sure these CoreDNS servers are updated accordingly based on the readiness probes of the application.</p> - -<p>In this sense this solution is unique, because it is using Kubernetes native tools with customisable probes and battle tested DNS protocol instead of HTTP pings or other similar approaches where single point of failure might be a problem. In k8gb architecture all k8s clusters are equal and there is no SPoF except the common edge DNS server.</p> - -<p>Recently the project has been accepted to the CNCF sandbox.</p> - - Jiří Kremser - - - - - - webpage - code - high-lvl explanation using Manim - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 00:20 - D.containers - container_ipfs_image - P2P Container Image Distribution on IPFS With Containerd and Nerdctl - - Containers - devroom - - <p>nerdctl is a Docker-compatible CLI of containerd, developed as a subproject of containerd. nerdctl recently added support of P2P image distribution on IPFS. This enables to share container images among hosts without hosting or relying on the registry.</p> - -<p>In this session, Kohei, one of the maintainers of nerdctl, will introduce IPFS-based P2P image distribution with containerd and nerdctl. This session will also show the combination of IPFS-based distribution with the existing image distribution techniques, focusing on lazy pulling (eStargz) and image encryption (OCIcrypt). The status of integration work with other tools including Kubernetes will also be shared.</p> - - - Kohei Tokunaga - - - slides - - - nerdctl - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:10 - 00:20 - D.containers - container_redpak - Redpak: Ultra light weight container for embedded systems - - Containers - devroom - - <p>Choosen by the French Government in the Big Cyber Challenge, Redpak is the new embedded container engine to run programs under heavy ressource constraints within microseconds.</p> - <p>While Linux “name space” provides a good foundation for embedded application isolation, popular containers mostly focus on Linux fragmentation, and none of the Docker, LXC, Snap or Flatpak focus on embedded systems constrains. Everyone understands that installing a software component on millions of cars, on a submarine or in a train is very different from installing a new application on a desktop or a phone. Embedded containers target managed systems that, on one hand require less composability than phone or desktop, on the other hand require a stronger control on package qualification and resources usage.</p> - -<p>This talk presents how to run containerise programs under heavy resource constrains. It exposes how containers permit to operate multiple flavors of a given toolkit and finally exposes how containers simplify configuration management, security and hierarchical model, SOTA.</p> - - Clément BENIER - - - - - - red-pak github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:35 - 00:30 - D.containers - container_k8s_mysql - Solutions for running MySQL in Kubernetes - - Containers - devroom - - <p>There are several good MySQL-based Operators in the open-source world, made by Oracle, Presslabs, PlanetScale(Vitess), and Percona. Each of them has its unique architecture inside to guaranty minimal downtime and data loss during failover. -Orchestration of MySQL on Kubernetes is a no way a straightforward process. Let's do deep dive into how Operators are working inside and what solution should be used in each particular case.</p> - - - Mykola Marzhan - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:20 - D.containers - container_userlan_tcpip - Userland TCP/IP stack for external container connectivity - - Containers - devroom - - <p>CodeReady Containers runs an OpenShift cluster on a laptop or workstation using virtualization.</p> - -<p>Recent developments have made it possible to skip running the OpenShift runtime, and to use it for the sole purpose of running containers with podman when using macOS or Windows. This talk will focus on one specific part of CodeReady Containers, which is its userland TCP/IP stack based on gVisor. We will explore why this was needed, and how the container -> VM -> host connectivity is achieved.</p> - - - Christophe Fergeau - - - Slides for the presentation - - - CodeReady Containers source repository - gvisor-tap-vsock source repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:35 - 00:10 - D.containers - container_fat_layers - What made your container fat? - Visualizing the size of Container Layers - Containers - devroom - - <p>Keeping the size of of your containers small is more important than ever, especially when distributing container images for others to build upon them. However, once multiple container layers get involved, even the data collection aspect becomes challenging and most existing tools do not primarily focus on visualization.</p> - -<p>We will present a simple tool that we created for this: it is a simple web app that produces sunburst graphs for each layer of a container image and can thereby aid you in finding out where the size bloat comes from. Go and grab it from https://github.com/dcermak/container-layer-sizes and give it a spin yourself!</p> - - - Dan Čermák - - - - - Source code repository - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:50 - 00:20 - D.containers - container_notebook_images - An easy and elegant way to manage and build your notebook images - - Containers - devroom - - <p>Crane is a minimalist open-source image builder, and aims to provide a dead-simple image building experience for your notebook with a beautiful user interface, which could work with your existing ML pipeline and increase productivity for data scientists.</p> - -<p>Instead of building an end-to-end solution for MLOps, Crane focuses on one piece of the puzzle and provides a friendly solution to a problem we encountered daily. Building a container, dealing with registries, and keeping track of what you’ve already built, are tedious tasks, but they’re things you need to do often. Let’s build a tool for it and save time for data scientists, then they can focus on the real problems to solve.</p> - -<p>When it comes to building a container image, there are lots of gaps to fill. In this talk, we’re going to share why we build Crane, how could it help data scientists, why we choose to build Crane with the community, and what’s the possibilities Crane has to boost productivity for data scientists.</p> - - - Kuan Lin Huang - - - Crane - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:15 - 00:30 - D.containers - container_singularity_apptainer - From Singularity to Apptainer - - Containers - devroom - - <p>Singularity, an open-source containerization platform built for high performance computing use cases and utilized by HPC sites all over the world, was recently moved into the Linux Foundation and renamed to "Apptainer." This presentation will focus on exploring what this change means for Apptainer, including what the current state of the project is, what the priorities for the project in the near-term are, and what the roadmap for the future of the project looks like.</p> - - - Forrest Burt - - - - - Apptainer Project Site - Apptainer GitHub - Apptainer Roadmap - Community Announcement - Linux Foundation Press Release - Community Meeting Contact Info - Apptainer Release Candidate - Alternative Community Meeting Contact Info - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:35 - D.cicd - interoperability_in_the_continuous_delivery_space_with_cdevents - Interoperability in the Continuous Delivery space with CDEvents - - Continuous Integration and Continuous Deployment - devroom - - <p>Continuous Delivery is all about getting your software released, and as software/system complexity continues to increase, so does the need to have many different tools, services and even people involved in building, verifying, deploying and monitoring your software. So, how do we make all these tools and services work together to complement each other without creating a massive spider web of explicit interconnectedness? CDEvents!</p> - -<p>In this talk, Andrea Frittoli and Erik Sternerson will present the CDEvents project and protocol from the Continuous Delivery Foundation, describe how events in continuous delivery will help build a strong toolbox of CI/CD tools that can be used for delivery of different types of software projects, and showcase some integrations done by the community.</p> - <p>The number of tools and services supporting CI/CD keeps growing. Each tool has its own strengths and enables its own unique use cases. It is not one-size-fits-all, every project needs to be able to select CI/CD tools according to their own needs.</p> - -<p>What CDEvents aims to do is to give these tools and services an obvious way to become interoperable through a shared event/messaging protocol, so that true end-to-end continuous delivery pipelines and processes with associated monitoring, metrics and insights can be built without the need for “manually gluing things together”.</p> - -<p>Having the freedom to add and replace CI/CD tools and services without needing to worry about compatibility and interoperability issues will help projects keep their delivery processes optimized, and will also enable a new kind of visualization and monitoring tools that can inspect and understand all actors in the CI/CD system without explicitly knowing any of them.</p> - - Andrea Frittoli - Erik Sternerson - - - Interoperability in the Continuous Delivery space with CDEvents - - - CDEvents GitHub project - Events in CI/CD SIG - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:35 - 00:25 - D.cicd - how_to_improve_the_developer_experience_in_heptapod_gitlab - How to improve the developer experience in Heptapod/GitLab - Automate the dull works to focus on development - Continuous Integration and Continuous Deployment - devroom - - <p>Logilab has been using heptapod, a GitLab fork with mercurial support, for 2 years now. -We are maintaining the open source software CubicWeb and its components called cubes. -Thus, the code is split in dozens of repositories, depending on one another. -Over the years, it has become hard to maintain code quality and good practices in the whole codebase.</p> - -<p>In this talk, we will present the tools that helped us. -Some of them are mercurial specific, but most could be used in GitLab.</p> - -<ul> -<li>Create Merge Request automatically across repositories based on some rules, such as deprecation warnings.</li> -<li>Pick a reviewer for Merge requests based on the developers' preferences</li> -<li>Making sure to commit, tag, update the changelog, publish to PyPi when releasing a new version</li> -<li>Mutualize GitLab CI configurations with templates</li> -<li>Host docker images of your project on the forge</li> -<li>Have up-to-date static websites, documentation or web applications</li> -</ul> - - -<p>Each use case can be solved easily, but combining them is what truly makes developer life easier.</p> - - - Noé Gaumont - - - How to improve the developer experience in Heptapod/GitLab - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:35 - D.cicd - decentralized_devops_with_unfurl - Decentralized DevOps with Unfurl - - Continuous Integration and Continuous Deployment - devroom - - <p>Unfurl is a brand-new open-source command line tool for managing your DevOps infrastructure without depending on any server infrastructure. Unfurl lets you easily track configuration, secrets, software and code dependencies, and deployment history all in git. It integrates with the DevOps tools you are already using -- like Terraform, Ansible, and Helm -- allowing you to encapsulate your DevOps processes into reusable building blocks and describe your cloud infrastructure in simple, application-centric terms.</p> - -<p>The ultimate goal of Unfurl is enable anyone to clone, fork, and deploy live cloud services as easily as cloning and building code from git -- so that we can cooperatively build and run cloud services the same way we build open source software.</p> - - - Adam Souzis - - - Slides for Talk - - - Unfurl Website - Github repo - onecommons.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 00:25 - D.cicd - git_credentials_binding_for_sh_bat_and_powershell - Git Credentials binding for sh, bat, and powershell - Support Git authentication in Jenkins Pipeline - Continuous Integration and Continuous Deployment - devroom - - <p>Jenkins a self-contained, open-source automation server used in automation of all sorts of tasks related to building, testing, and delivering or deploying software. With high extensibility through plugins to provide much of the user-needed functionality. One such plugin is the Git plugin which deals with git operations for Jenkins project but lacked authenticated access to git repositories for Pipeline users. The Git Credentials binding project provides an out of the box solution by supporting git authentication over HTTPS and SSH protocols, so join in the session to learn more about it's implementation and outcome.</p> - - - Harshit Chopra - - - Git Credentials binding for sh, bat, and powershell - - - Git username / password credentials binding blog - Git Credentials Binding for sh, bat, powershell - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:45 - D.cicd - cicd_using_jenkins_and_nomad - CICD using jenkins and Nomad - - Continuous Integration and Continuous Deployment - devroom - - <p>Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages. Does our platform degrade in a graceful way or what does a high cpu load really mean? What can we learn from level 1 outages to be able to run our platforms more reliably.</p> - -<p>This talk will focus on on setting up a CICD pipeline using Jenkins. We start by configuring Jenkins to use our Nomad platform to autoscale job runners. After which we ll look at using the newly released nomad-pack tool to convert, deploy and test and existing nomad job.</p> - - - Bram Vogelaar - - - CICD using Jenkins Nomad and Vault - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:45 - 00:25 - D.cicd - leveraging_windows_containers_in_your_kubernetes_native_ci_cd_pipelines - Leveraging Windows Containers in Your Kubernetes-Native CI/CD Pipelines - - Continuous Integration and Continuous Deployment - devroom - - <p>How can you leverage Kubernetes-native CI/CD solutions for your Windows applications? What's needed to create Windows container images in your pipelines? This hands-on talk will get developers and operators started with Windows container support of Argo Workflows and Tekton. You will learn how you can use these solutions to build and test your Windows applications and create Windows container images for them. All work presented will be shared with you.</p> - <p>Windows applications make up a large portion of the services running in many enterprises. Thanks to Windows containers and the work of SIG-Windows, you can manage and orchestrate them on Kubernetes, similar to Linux-based containers.</p> - -<p>If you are developing Windows applications, you may want to use Kubernetes-native CI/CD solutions to build, test and package your application as you do with your Linux applications. To enable such scenarios, Argo Workflows and Tekton recently added support for Windows containers.</p> - - Markus Lippert - - - - - Tekton Windows Docs - Argo Workflows Windows Docs - Slides and session resources - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:35 - 00:25 - D.cicd - massive_unikernel_matrices_with_unikraft_concourse_and_more - Massive Unikernel Matrices with Unikraft, Concourse and More - How Unikraft builds many peremutations of unique unikernels - Continuous Integration and Continuous Deployment - devroom - - <p>Unikernels are bespoke, single-address space, lightweight Virtual Machines which do one thing and one thing only: fully facilitate the runtime of one application. Unikernels represent a compile-time specialization strategy and leverage the joining of user and kernel space via a library Operating System in order to achieve this, offering as a result incredible runtime performance whilst increasing application security via isolated hardware virtualization. As Unikraft, an open-source unikernel SDK and library Opeating System toolkit, has grown over the last few years, the number of available off-the-shelf applications, interpreted languages, libraries, target hypervisors and architectures has grown significantly. In order to ensure consistency between builds, prevent bugs and performance regression, and to allow for new features, a massive effort has been undertaken to facilitate massive build permutations of specialized unikernels which target and include variations of this growing ecosystem based on new commits and Github Pull Requests. In this talk, we discuss the journey of this undertaking, highlight and demo several CI/CD solutions in this space with Concourse, and how we are continuing to expand the ecosystem to automatically and intelligently build unique additional performance-oriented permutations from configurations available in the underlying libOS.</p> - - - Alexander Jung - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:35 - D.cicd - masking_known_issues_across_six_kernel_ci_systems - Masking known issues across six kernel CI systems - - Continuous Integration and Continuous Deployment - devroom - - <p>Aggregating testing results from multiple kernel CI systems is hard, but masking known issues in them is next level. That's what Kernel CI's KCIDB is trying to do. Learn more about the problem, our ideas, and suggest your solutions on this session!</p> - <p>The Linux Foundation's Kernel CI project has been aggregating CI system results in KCIDB for a while. We have six systems contributing and have started sending result notifications to maintainers.</p> - -<p>However, as a kernel maintainer or developer, the last thing you want is someone else's issue attributed to your patches. With 10K build and 100K test results daily, it's a given that tested revisions are often red with known issues, despite submitting CI systems masking them independently.</p> - -<p>We're trying to come up with a way to aggregate known issues, similarly to test results, and to prevent misattribution of problems to innocent changes for results coming from all CI systems, equally. We want to give maintainers, test authors, and CI system operators the ability to submit their issue descriptions, manually or automatically, so that we can deal with them, and all can save their time and effort.</p> - -<p>The contributed information could be a human-readable description, plus a regular expression to look for in a log or output file, or it could be something more complicated. We could be generating those automatically ourselves, and/or rely on human contributions. We plan to process and apply those ourselves, but perhaps it's a good idea to let submitters do that, and let us know the results instead. We don't know yet.</p> - -<p>Come, see how different kernel CI systems already deal with the problem, how we plan to unify that, and let us know what you think!</p> - - Nikolai Kondrashov - - - Slides - - - Linux Foundation's Kernel CI project - Aggregated results in KCIDB dashboard - Main KCIDB source repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:35 - 00:25 - D.cicd - multi_master_scaling_for_mariadb_buildbot - Multi-master scaling for MariaDB Buildbot - - Continuous Integration and Continuous Deployment - devroom - - <p>Continuous Integration is a very important part in order to ensure a high quality software product. In order to be able to test the MariaDB server across multiple platforms, operating systems and configurations, the MariaDB Foundation has developed a continuous integration framework based on Buildbot. This talk will focus on describing the design decisions in order to be able to scale and test the MariaDB server on over 100 different configurations. We use a multi-master setup and combine Docker latent workers with LibVirt workers and classical Buildbot workers in order to achieve this.</p> - <p>In order to ensure that MariaDB runs smoothly, it needs to be tested on multiple platforms and configurations. In order to ensure this, the MariaDB Foundation has developed a new continuous integration framework, based on Buildbot, that thoroughly tests the server across multiple platforms, operating systems and configurations.</p> - -<p>In order to achieve this, we use a mixture of builders, varying from Docker latent workers, to LibVirt workers but also the classical “always on” buildbot workers. For easier management, we have a separate master process that deals with each type of worker. In this talk, I will talk about our design decisions and some limitations that stand behind these. For example, the testing phase of the MariaDB server generates a very high amount of logs. Since Buildbot can deal with around 10k lines of logs per second, having multiple builds that run at the same time may saturate the master process. In order to deal with this, we use a master locking mechanism together with a multi-master setup.</p> - - Vlad Bogolin - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:35 - D.cicd - opentelemetry_and_ci_cd - OpenTelemetry and CI/CD - - Continuous Integration and Continuous Deployment - devroom - - <p>If you would like to know more about measuring your CI/CD for troubleshooting or improving your CI/CD services this talk can be interesting for you.</p> - <p>CI/CD at large scale, even at small scale, is hard and might affect your team’s mood, frustration with slow builds, or flakiness in your CI/CD. -By using OpenTelemetry for each execution, test, deployment that happens in your CI/CD you can answer questions that are not possible at a glance. -The main aim is to reduce the time that developers spend checking log errors, pointing them to the root cause of errors. Filter real verifications errors related to the CI/CD service and third-party systems. Debugging an error is as easy as going to the trace related where all the context information is accessible. -In this talk, we want to show you what we have done and learned in the last year since we switched to using distributed traces for the CI/CD and implemented some integrations that help us to leverage our CI/CD.</p> - - Victor Martinez - Ivan Fernandez Calvo - - - - - OpenTelemetry Documentation - CI/CD Observability - Ansible - create distributed traces with OpenTelemetry - Python - pytest-otel plugin for reporting APM traces of tests executed - Who Observes the Watchers? An Observability Journey - Observing the CI/CD in Practice - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:35 - 00:25 - D.cicd - porion_a_new_build_manager - Porion a new Build Manager - - Continuous Integration and Continuous Deployment - devroom - - <p>Yes, another build manager to address security, safety and -performance issues after having used Jenkins with more -than 30 projects during 8 years.</p> - -<p>The talk presents the Porion build manager with its command line -interface but also with its responsive web UI. I will also -explain some security and safety aspects provided by this -new build manager.</p> - - - Stephane Carrez - - - Porion a new Build Manager - - - Porion sources on Gitlab - Porion live server - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:35 - 00:25 - D.cicd - using_kubernetes_api_to_manage_everything - Using Kubernetes API To Manage Everything - Explore the principles behind the universal control plane implemented through the open-source project Crossplane. - Continuous Integration and Continuous Deployment - devroom - - <p>Wouldn't it be beneficial if we had a single API and a universal control plane responsible for managing applications, infrastructure, services, and everything else, no matter whether we are in the public cloud and on-prem?</p> - <p>If we had to define the most significant benefit Kubernetes provides, that would not be the ability to run containers, fault-tolerance, or immutability. The main benefit is its API. It is well defined, versatile, and extensible. It might be the main culprit behind the "explosion" of the ecosystem created around Kubernetes.</p> - -<p>Can we take Kubernetes API to the next level? Can we use it to manage not only the workloads running inside Kubernetes clusters but for everything else? Wouldn't it be beneficial if we had a single API and a universal control plane responsible for managing applications, infrastructure, services, and everything else, no matter whether we are in the public cloud and on-prem?</p> - -<p>In this hands-on session, we'll explore the principles behind the universal control plane implemented through the open-source project Crossplane.</p> - - Viktor Farcic - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:35 - D.cicd - unifying_infrastructure_and_application_delivery_using_keptn - Unifying Infrastructure and Application Delivery Using Keptn - - Continuous Integration and Continuous Deployment - devroom - - <p>Did you ever promote your application from a staging to production and forgot some important infrastructure changes? Do you wonder how to automate chaos tests into your delivery pipeline to validate your services can deal with failing nodes? When we at Dynatrace started our microservice journey, we had to deal with precisely those and many more questions. Using Keptn as a control plane for application delivery, we can orchestrate all those tasks to avoid any bad deployments while providing a unified deployment experience for our developers. In this talk, I will bring some light into combined infrastructure and application deployment using Keptn to show you how those seemingly separated activities can be unified.</p> - - - Thomas Schuetz - - - - - A blog post related to the content of this talk - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:15 - D.minimalistic - declarativeminimalistic - Declarative and Minimalistic Computing - Entry talk - Declarative and Minimalistic Computing - devroom - - <p>Welcome to the Declarative and Minimalistic Computing Devroom.</p> - -<p>In this year's virtual conference we will honour the late Professor John McCarthy as the founder of AI and the inventor of LISP. McCarthy with his work pioneered artificial intelligence, developed the Lisp programming language family and kickstarted our modern computing world. Lisp is one of the two oldest computer languages in use today.</p> - - - Manolis Ragkousis - Oliver Propst - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:15 - 00:30 - D.minimalistic - rakumetaprogramming - The manifold joys of metaprogramming - In Raku and elsewhere... - Declarative and Minimalistic Computing - devroom - - <p>Metaprogramming is a technique that allows the creation of data and control structures during runtime. This gives adaptiveness and expressiveness to languages, allowing the creation of data structures with complex behavior, and adapted to the environment or to the data used. In this talk we will talk about general metaprogramming techniques, with examples in Raku and other modern languages.</p> - - - Juan Julián Merelo - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:45 - 00:30 - D.minimalistic - riscvadventures - A year of RISC-V adventures: embracing chaos in your software journey - How I started from zero and ended up porting a JIT compilation library and assembling files by hand - Declarative and Minimalistic Computing - devroom - - <p>In this presentation I share my 1-year journey with RISC-V and how I started from nearly zero and I ended up porting Guile's JIT library to RISC-V and starting the RISC-V port of Stage0. -This journey is full of uncertainties and chaos but that's what finally made this happen. During this talk we'll discuss how embracing chaos can lead to great change and how we can become the source of positive chaos in people around us.</p> - <p><em>This talk is not fully technical but many technical aspects are discussed as they are fundamental in the journey: instruction sets, assembly, debuggers, hexadecimal... and all sorts of low level wizardry will be mentioned and explained. I'll try to make my best to make all of it accessible to anyone with no previous knowledge about them, though.</em></p> - - Ekaitz Zarraga - - - A year of RISC-V - - - My blog - A RISC-V book I recommend - Stage0 project - Guile's JIT library migration - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:15 - 00:30 - D.minimalistic - designdsl - How to design powerful DSLs for users - Decisions, decisions, decisions... - Declarative and Minimalistic Computing - devroom - - <p>How can we use DSLs in our applications as a replacement for databases? CSVs? configuration files?</p> - <p>In this talk I will explain how we designed and developed several DSLs for usage in the Nyxt browser. I will also explain how we designed our DSLs and what our constraints were. What were we trying to achieve with our DSLs? How can you too leverage DSLs in your applications to empower your users?</p> - - John Mercouris - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:45 - 00:30 - D.minimalistic - guixdeclare - Declare All Your Needs - Managing computing environment declaratively using GNU Guix - Declarative and Minimalistic Computing - devroom - - <p>Functional programming becomes more popular and widespread, it allows to make simplier, and more robust software, which is easier to maintain. Similar patterns and approaches are applicable for deploying or distributing software, managing infrastructures or even personal computers.</p> - -<p>We will discuss how to treat your computing environment as a simple software project written in functional language and how to manage operating system, services, configurations, user software, dotfiles in a declarative and reproducible fashion.</p> - <p>We will be using a quite minimalistic language called Guile Scheme (Lisp dialect), GNU Guix package manager built on top of that language and Guix System, Guix Home and rde projects, which will help to bring all things together and create a fully-working operating system with all needed software available and configured in a few minutes.</p> - - Andrew Tropin - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:15 - 00:25 - D.minimalistic - gnuguixci - GNU Guix behind the scene - Continuous integration for the GNU Guix project - Declarative and Minimalistic Computing - devroom - - <p>GNU Guix is a transactional package manager and an advanced distribution based -on a minimalistic language: GNU Guile.</p> - -<p>While users can choose to build everything from sources, the project is providing binary -substitutes. Building and distributing those substitutes is a real challenge, involving -a 20 GiB database and more than thirty machines.</p> - -<p>In this talk I will present the architecture of the continuous integration -system, how it is maintained, the current limitations as well as the possible -improvements.</p> - <p>The GNU Guix build farm is composed of more than thirty machines. Most of them -are hosted in the same datacenter in Berlin, while others, hosted by -individuals are made available through a Wireguard tunnel. Those machines are -managed using the GNU Guix deploy mecanism, which will be presented.</p> - -<p>The software managing the evaluation and the distributed builds on those -machines, Cuirass is also written in GNU Guile. This tool that is obviously -relying on GNU Guix will be introduced.</p> - - Mathieu Othacehe - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:25 - D.minimalistic - langdesert - Designing a programming language for the desert - - Declarative and Minimalistic Computing - devroom - - <p>You need a lot of hubris to design your own programming language. As a result, new languages are often engineered (or "over-engineered") for that glorious future where millions of programmers spend their lives working with the language, and a small army is maintaining the compiler and related tools. But how would you design a language that assumes this bountiful future will never arrive? A language that, even in the best of circumstances, will always be obscure and secondary? Futhark is a programming language designed for a very specific domain: high-level, deterministic, data-parallel number crunching. It explicitly disavows general-purpose use, and it is absolutely not possible to write full applications in it. Thus, even if Futhark somehow managed to become the largest conceivable success and completely dominate its domain, that would not translate into very many programmers. And even then, it would at best be a secondary or third language for most of its users.</p> - -<p>In this talk I will talk about how such a perspective has affected the design of the Futhark language and its tools. To a first approximation, this is just the "principle of least surprise" applied to every part of the language and ecosystem. As a niche language, Futhark's novelty budget is quite limited, and its users will not have the inclination to learn about syntactical subtleties, elaborate package managers or build systems. At the same time, it's trying to innovate in a challenging domain, so some things definitely will have to be novel. Balancing these concerns has been interesting, and my experiences are perhaps even useful for designers of languages, tools, or systems in similar situations.</p> - - - Troels Henriksen - - - The slides - - - Futhark website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:05 - 00:30 - D.minimalistic - tinyscheme - From tinyscheme to tr7 - how to loose time for glory - Declarative and Minimalistic Computing - devroom - - <p>I'm going to present a scheme R7RS compliant interpreter only named "TR7", a far successor of tinyscheme, meant to be included in other programs for scripting.</p> - <p>As I was searching a tiny scripting language for some project, I found tinyscheme. It is really venerable but old.</p> - -<p>So I searched for a modern replacement in the existing one, browsing the very long list at http://community.schemewiki.org/?scheme-faq-standards#implementations.</p> - -<p>And you what? I have not found one matching my criteria: r7rs compatible, only C, light, easy to add in C programs.</p> - -<p>So I started to modify tiny-scheme to fit my requirement.</p> - -<p>Before work, at noon rest, late in the evening, ... A long effort still not achieved.</p> - -<p>I'd like to get a short time slot to present it.</p> - - José Bollo - - - from tinyscheme to tr7 - - - sources - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:35 - 00:30 - D.minimalistic - fuzionlang - Fuzion Language Update - The marathon run 🏃🏃‍♀️ 🏃‍♂️ from a language prototype to a full implementation and toolchain. - Declarative and Minimalistic Computing - devroom - - <p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>This talk will present the advances in the Fuzion languages since its first -public announcement at FOSDEM 2021. This includes a simplified and cleaned-up -syntax, improved type inference, its safety features, foreign language -interface to Java and an overview of the existing and planned toolchain.</p> - -<p>Fuzion is not only about the language itself, but just as well about the -intermediate representation that is the basis for static analysis, optimization -and back-ends. The talk will give an overview of the format of intermediate code.</p> - <h1>Introduction</h1> - -<p>Fuzion is a modern general purpose programming language that unifies concepts -found in structured, functional and object-oriented programming languages into -the concept of a Fuzion feature. It combines a powerful syntax and safety -features based on the design-by-contract principle with a simple intermediate -representation that enables powerful optimizing compilers and static analysis -tools to verify correctness aspects.</p> - -<p>Fuzion was influenced by many other languages including Java, Python, Eiffel, -Rust, Go, Lua, Kotlin, C#, F#, Nim, Julia, Clojure, C/C++, and many more. The -goal of Fuzion is to define a language that has the expressive power present in -these languages and allow high-performance implementations and powerful analysis -tools. Furthermore, Fuzion addresses requirements for safety-critical -applications by adding support for contracts that enable formal specification and -enable detailed control over run-time checks.</p> - -<p>Many current programming language are getting more and more overloaded with new -concepts and syntax to solve particular development or performance issues. -Languages like Java/C# provide classes, interfaces, methods, packages, anonymous -inner classes, local variables, fields, closures, etc. And these languages are -currently further extended by the introductions of records/structs, value types, -etc. The possibility of nesting these different concepts results in -complexity for the developer and the tools (compilers, VMs) that process and -execute the code.</p> - -<p>For example, the possibility to access a local variable as part of the closure -of a lambda expression may result in the compiler allocating heap space to hold -the contents of that local variable. Hence, the developer has lost control over -the allocation decisions made by the compiler.</p> - -<p>In Fuzion, the concepts of classes, interfaces, methods, packages, fields and -local variables are unified in the concept of a Fuzion feature. The decision -where to allocate the memory associated with a feature (on the heap, the stack -or in a register) is left to the compiler just as well as the decision if -dynamic type information is needed. The developer is left with the single -concept of a feature, the language implementation takes care of all the rest.</p> - -<h1>Fuzion Feature Declarations</h1> - -<p>A Fuzion feature has a name, similar to the name of a class or a function. -The main operation that can be performed on a feature is a feature call. The -constituents of a feature declaration are as follows:</p> - -<h2>Formal Arguments</h2> - -<p>Features may have a list of formal arguments, which are themselves features -implemented as fields. On a call to a feature with formal arguments, actual -arguments have to be provided to the call, unless the list of formal arguments -is empty.</p> - -<h2>Feature Result</h2> - -<p>The result of a feature call is an instance of the feature. Alternatively, a -feature may declare a different result type, then it must return a value of that -type on a call.</p> - -<h2>Closures</h2> - -<p>Features are nested, i.e., every feature is declared within the context of an -outer feature. The only exception is the universe, which is the outermost -feature in Fuzion. A feature can access features declared in its -outer feature or, recursively, any outer feature of these outer features. This -means, a feature declaration also defines a closure of the feature and its -context.</p> - -<p>When calling a feature <em>f1</em> declared as an inner feature of <em>f2</em>, the call must -include a target value which is the result of a call to <em>f2</em>, e.g., <em>f2.f1</em>.</p> - -<h2>Generics</h2> - -<p>Features may have generic type parameters. E.g. a feature declaration may leave -the actual type used within that feature open and to be defined by the user of -the feature.</p> - -<p>The list of generic type parameters may be open, i.e., the number of actual -generic type parameters is not fixed at feature declaration. This turns out to -be useful in the declaration of choice types and functions as explained below.</p> - -<h2>Inheritance</h2> - -<p>Fuzion features can inherit from one or several other features. When inheriting -from an existing features, all inner features of the parent automatically become -inner features of the heir feature. It is possible to redefine inherited -features. In particular, when inheriting from a feature with abstract inner -features, one can implement the inherited abstract features.</p> - -<p>A redefinition of an inherited feature may implement an inherited feature as a -routine or as a field. An inherited feature that is implemented as a field, -however, cannot be redefined as something else since fields might be mutable.</p> - -<p>Inheritance may result in conflicts. An example would be two features with the -same name that are inherited from two different parents. In this case, the heir -must resolve the conflict either by redefining the inherited features and -providing a new implementation or by renaming the inherited features resulting -in two inner features in the heir feature.</p> - -<p>Inheritance and redefinition in Fuzion does not require dynamic binding. By -default, the types defined by features are value types and no run-time overhead -for dynamic binding is imposed by inheritance.</p> - -<h2>A Contract</h2> - -<p>A feature may declare a contract that specifies what the features does and under -which conditions the feature may be called.</p> - -<h2>An implementation</h2> - -<p>Features must have one of the following implementations</p> - -<ul> -<li><p>a routine is a feature implementation with code that is executed on a call</p></li> -<li><p>a field is a memory slot that stores a value and whose contents are returned on a call</p></li> -<li><p>an abstract feature has no implementation and cannot be called directly, but can be implemented by heir features</p></li> -<li><p>an intrinsic feature is a low-level feature implemented by the compiler or -run-time system, e.g., the infix + operator to add two 32-bit integer values -may be an intrinsic operation.</p></li> -</ul> - - -<p>A feature implemented as a routine can contain inner feature declarations.</p> - -<h1>Feature examples</h1> - -<p>Here is an example that declares a feature <em>point</em> that functions similar to a -struct or record in other languages:</p> - -<pre><code>point(x, y i32) is # empty -p1 := point 3 4 -say "p1.x is {p1.x}" # will print "p1.x is 3" -say "p1.y is {p1.y}" # will print "p1.y is 4" -</code></pre> - -<p>The next example shows a feature <em>base</em> that provides an inner feature <em>plus</em> -that adds its argument to the value passed to the enclosing base:</p> - -<pre><code>base(v i32) is - plus(w i32) =&gt; v + w - -b1 := base 30 -b2 := base 100 -say (b1.plus 23) # will print "53" -say (b2.plus 23) # will print "123" -</code></pre> - -<h1>Fuzion Syntax Evolution</h1> - -<p>Fuzion provides two main syntax alternatives, a classic once using semicolons, -braces and parentheses and a modern one using white-space and indentation. Both -are equivalent, there should be tools between these two representations of -source code. The following explains the main ideas how white-space is used -instead of special symbols</p> - -<h2>Separating Statements</h2> - -<h3>Flat line feeds instead of semicolons</h3> - -<p>The classic way to separate statements is by using a semicolon as in</p> - -<pre><code>stmt1; stmt2; stmt3 -</code></pre> - -<p>or</p> - -<pre><code>stmt1; -stmt2; -stmt3; -</code></pre> - -<p>The Fuzion grammar knows a symbol called 'flat line feed', which is a line feed -with the next line starting with white space up to the previous line's -indentation level. A 'flat line feed' is considered equivalent to a semicolon, -so the sequence of three statements above can be written without semicolons as -follows:</p> - -<pre><code>stmt1 -stmt2 -stmt3 -</code></pre> - -<h3>Indenting line feeds to form blocks</h3> - -<p>Code blocks in Fuzion can be build using braces similar to many other languages</p> - -<pre><code>if cond { stmnt1 } else { stmnt2 } - -if cond { - stmnt1 -} else { - stmnt2 -} - -if cond - { - stmnt1 - } -else - { - stmnt2 - } -</code></pre> - -<p>An 'indenting line feed' in Fuzion is a line feed with the next line starting at -a higher indentation level. The parser treats an 'indenting line feed' like a -left brace '{'. Correspondingly, a linefeed that reduces the indentation level -back to the original level is treated like a right brace '}'. The example above -is hence equivalent to</p> - -<pre><code>if cond - stmnt1 -else - stmnt2 -</code></pre> - -<p>Finally, an optional keyword 'then' may as well be used to separate an -expression like the condition in an 'if' from a following expression without the -need of braces:</p> - -<pre><code>if cond then stmnt1 else stmnt2 -</code></pre> - -<h2>Separating calls, arguments and operator expressions</h2> - -<h3>calls without parentheses</h3> - -<p>Fuzion calls do not need parentheses or commas to separate the called feature -and its arguments, i.e., a call</p> - -<pre><code>f(a, b, c) -</code></pre> - -<p>can be written as</p> - -<pre><code>f a b c -</code></pre> - -<p>Parameters are then separated by white space. Line breaks, either flat or -indenting as explained above, end the argument list.</p> - -<p>Parentheses may be needed for nesting calls with arguments, e.g., the code</p> - -<pre><code>f (g x y) (h z) -</code></pre> - -<p>is equivalent to</p> - -<pre><code>f(g(x, y), h(z)) -</code></pre> - -<p>If placed in parentheses, operator expressions may extend over several lines -using an indenting line feed followed by additional flat line feeds, e.g.,</p> - -<pre><code>f (1 + 2 + 3 + 4 + - 5 + 6 + 7 + 8 + - 9 + 10 + 11 + 12) -</code></pre> - -<p>Tuples of values such as '(a, b)' syntactically look like argument lists. A list -of expressions enclosed in parentheses is treated as an argument list only if it -immediately follows the name of a called feature. The code</p> - -<pre><code>f(a, b) -</code></pre> - -<p>hence calls 'f' with two arguments 'a' and 'b'. In case there is white space -after the name of the called feature as in</p> - -<pre><code>f (a, b) -</code></pre> - -<p>the expression in parentheses is passed as an argument, so, in this case 'f' -will be called with a single argument: the tuple '(a, b)'.</p> - -<h3>Array indexing vs. array creation</h3> - -<p>The square brackets '[' and ’]’ are used in Fuzion for two purposes: A -pre-initialized array of fixed size can be created using an expression like -'[x, y, z]', while an array can be indexed using 'a[i]'. Again, white space can -be used to distinguish these two cases:</p> - -<pre><code>a[i] -</code></pre> - -<p>read an element from an array while</p> - -<pre><code>f [x, y, z] -</code></pre> - -<p>create array with elements x, y and z and passes it as an argument in a call to -'f'.</p> - -<h3>Operator expressions</h3> - -<p>Operators are parsed as prefix- or postfix operators if the are not separated by -white space from their target operand, but they are separated by white space on -the other side. This means that the call</p> - -<pre><code>f -x -</code></pre> - -<p>is equivalent to</p> - -<pre><code>f (-x) -</code></pre> - -<p>while</p> - -<pre><code>f - x -f-x -</code></pre> - -<p>both subtract 'x' from 'f'. Furthermore,</p> - -<pre><code>f- x -</code></pre> - -<p>is parsed as</p> - -<pre><code>(f-) x -</code></pre> - -<p>i.e., it calls 'postfix -' on 'f' and, assuming the result is a function, calls -this result with one argument 'x'.</p> - -<p>The precedence of operators that are not separated by white space is stronger -than that of a call, so</p> - -<pre><code>f a-b -</code></pre> - -<p>is equivalent to</p> - -<pre><code>f (a-b) -</code></pre> - -<p>while the precedence of calls is higher than that of operators separated by -white space, i.e,</p> - -<pre><code>f a -b -f a - b -</code></pre> - -<p>are equivalent to</p> - -<pre><code>f (a) (-b) -(f a) - b -</code></pre> - -<p>respectively.</p> - -<h2>White space vs. explicit tokens</h2> - -<p>Attaching semantics to white space might appear dangerous and error-prone to -those not used to it. However, more and more languages (Python, Scala-3, Nim, -Raku, ...) make use of white-space and the experience is generally very positive, -the code is cleaner, easier to read an even easier to maintain. Compiler errors -complaining about unbalanced parentheses or braces are gone and mismatch between -indentation and semantics may no longer occur.</p> - -<p>Furthermore, even languages like Java allow code to have hugely different -semantics if just a single white space is added, e.g., the Java code</p> - -<pre><code>if (cc) x(); elsey(); -if (cc) x(); else y(); -</code></pre> - -<p>changes completely by insertion of a single space character.</p> - -<h1>Fuzion Type Inference</h1> - -<p>Fuzion is statically typed, every expression, every field, every routine result -has a static type known at compile time. Type inference is used to avoid the -need to specify these types explicitly in many situations, reducing the -boilerplate code while keeping the safety of a statically types language.</p> - -<p>Type inference in Fuzion occurs at explicit or implicit assignments. An explicit -assignment is a field declaration with an initial value such as</p> - -<pre><code>v := expr -</code></pre> - -<p>while an implicit assignment occurs, e.g., when a routine returns the value of -its last expression as its result</p> - -<pre><code>sum (x, y u32) =&gt; - x + y -</code></pre> - -<p>or when an argument is passed to a function</p> - -<pre><code>sum 1.234e6 567890 -</code></pre> - -<p>Type inference occurs in two directions: From the value to the field that the -value is assigned to and from the type of the assigned field to the value. -Field declarations using ':=' without an explicit type use the type inferred -from the value, the same holds for routines defined using '=>'.</p> - -<p>On the other hand, the type of expressions such as lambdas or numeric literals are -inferred from what they are assigned to.</p> - -<h2>Type inference from expressions to feature result type</h2> - -<p>When declaring either a field using ':=' or a routine using '=>', the result -type is inferred from the expression that is assigned or returned, respectively:</p> - -<pre><code>v := 123 # type i32, default type for integer literal -v := "hello" # type string -highNibble(b u8) =&gt; b &gt;&gt; 4 # type u8 -origin =&gt; point 0 0 # type point -</code></pre> - -<h2>Type inference from expressions to type arguments</h2> - -<p>Type arguments are inferred from actual arguments as shown by the following -example: Imagine a generic routine <em>square</em> as follows</p> - -<pre><code>square&lt;T: integer&lt;T&gt;&gt; (a T) =&gt; a * a -</code></pre> - -<p>This could be called using explicit type arguments as in</p> - -<pre><code>say (square&lt;i32&gt; 23) -</code></pre> - -<p>or the type can be inferred from the argument type</p> - -<pre><code>say (square 23) -</code></pre> - -<p>As a consequence, type arguments can be omitted in many cases.</p> - -<h2>Type inference for lambdas</h2> - -<p>In Fuzion, inline functions (lambdas) are defined using '->' with the input -variables on the left and the expression on the right. Types for a lambda are -implicitly taken from the target the lambda is assigned to. E.g., the following -example takes a function argument</p> - -<pre><code>print(s string, f (string, i32) -&gt; string) =&gt; - say (f s 3) - -print(f (i32, i32) -&gt; i32) =&gt; - say (f 10 3) - -print "Alice" (s,i -&gt; s * i) # lambda type is (string, i32) -&gt; string -print "Bob" (s,i -&gt; s + i) -print (s,i -&gt; s * i) # lambda type is (i32, i32) -&gt; i32 -print (s,i -&gt; s + i) -</code></pre> - -<h2>Type inference for numeric constants</h2> - -<p>Numeric constants that are assigned to a given type inherit that type. There is -no immediate distinction between plain numeric literals like '123' or ones using -a fractional parts and exponents such as '-0.1234E4'. The target type determines -the type of the constant.</p> - -<pre><code>v1 u32 := 123456 -v2 i8 := -128 -v3 i16 := 32000 -v4 u64 := 1000000000000000000 -v5 i64 := -1000000000000000000 -v6 u16 := 4711 -v7 f32 := 123456 -v8 f64 := 123.456E6 -v9 f64 := 1.0E3 -</code></pre> - -<p>In case the constant is too large for the target -type, or it has a fractional part not representable by the type, a compile-time -error occurs:</p> - -<pre><code>v1 u32 := -123456 # error: negative value assigned to unsigned -v2 i32 := 3000000000 # error: value too large -v3 i8 := 128 # error: value too large -v4 u16 := 65536 # error: value too large -v5 f32 := 123.456E39 # error: overflow -v7 f64 := 123.456E309 # error: overflow -v8 f32 := 7E-46 # error: underflow -</code></pre> - -<h1>Fuzion Intermediate Files</h1> - -<p>Fuzion uses intermediate files during different stages of compilation: module -files that contain library code, application files for whole applications and -Fuzion intermediate representation files that serve as input to the back ends.</p> - -<p>Fuzion uses a simple intermediate code to represent pre-compiled modules and -whole applications. This intermediate code serves as the input for static -analysis tools, optimizers and for different back-ends that produce executable -applications. The goal in the design of the intermediate file format was high -performance and simplicity for tools using this code.</p> - -<p>The intermediate code is a binary format containing features and types in a way -that may be mapped to memory and used directly, so overhead of parsing this -format into an in-memory representation is avoided. In particular, if only parts -of a pre-compiled module are used by an application, there is no need to read and -unpack parts of the module intermediate representation that are not used.</p> - -<p>For features containing code, a very simple stack-based format is used. There -are currently only ten different instructions:</p> - -<ul> -<li>Unit -- produce a value of unit type</li> -<li>Current -- produce the current instance as a value</li> -<li>Constant -- produce a constant value</li> -<li>Assign -- perform an assignment to a field</li> -<li>Call -- perform a call to a given feature</li> -<li>Tag -- convert a value into a tagged value of a choice type</li> -<li>Match -- match a choice type</li> -<li>Box -- convert a value type to a ref type</li> -<li>Unbox -- extract the value from a ref type</li> -<li>Pop -- drop the top element from the stack</li> -</ul> - - -<p>The intermediate code uses indices to refer to features and types within -intermediate files. This means that lookup is very efficient, but it also means -that a change in a library module requires recompilation of all dependent -modules. Any incompatibilities would be found at compile time instead of -resulting in something like Java's 'IncompatibleClassChangeError' at run-time.</p> - -<h1>Foreign language interface</h1> - -<p>Fuzion provides a tool 'fzjava' that takes a Java module file and converts it -into Fuzion features. In the spirit of Fuzion, Java's packages, classes, -interfaces, methods, constructors, static methods and fields are all converted -into Fuzion features. Java methods that may throw an exception are -converted into features resulting in a choice type that is either the exception -type or the result type of that method.</p> - -<p>A few intrinsic functions in the Java interpreter back-end use Java's reflection -API to access the corresponding Java code.</p> - -<p>Here is a example how Java code can be used from Fuzion:</p> - -<pre><code>javaString := java.lang.String.new "Hello Java 🌍!" # create Java string, type Java.java.lang.String -javaBytes := javaString.getBytes "UTF8" # get its UTF8 bytes, type is fuzion.java.Array&lt;i8&gt; -match javaBytes - err error =&gt; say "got an error: $err" - bytes fuzion.java.Array =&gt; - say "string has {bytes.count} bytes: $bytes" - javaString2 := java.lang.String.new bytes 6 bytes.count-6 # create Java string from bytes subset, - say "Hello "+javaString2 # append Java string to Fuzion string and print it -</code></pre> - -<h1>C back-end</h1> - -<p>Fuzion now has a back-end that produces C source code to be compiled to machine -code using clang and LLVM.</p> - -<h1>Fuzion safety</h1> - -<p>A main goal of Fuzion is to provide a development tool for safety-critical -applications. Fuzion brings a number of features that address safety issues at -different levels:</p> - -<ul> -<li><p>Language features</p> - -<ul> -<li>static typing</li> -<li>language simplicity</li> -<li>pre- and post-conditions for design by contract</li> -<li>no wrap-around for standard operations +, -, *, /, etc.</li> -<li>mutability restricted to local contexts</li> -</ul> -</li> -<li><p>Run-time features</p> - -<ul> -<li>dynamic checks where static checks are not sufficient</li> -<li>(real-time) garbage collection</li> -</ul> -</li> -<li><p>Environment features</p> - -<ul> -<li>static linking to specific library versions</li> -<li>static analysis tools</li> -<li>no dynamic code loading</li> -<li>simple intermediate representation, simpler tools</li> -</ul> -</li> -</ul> - - -<h1>Conclusion and Next Steps</h1> - -<p>The Fuzion language definition and implementation are far from stable, but are -getting closer to become useful. Big improvements come from the ability to -pre-compile modules and from the foreign language interface for Java, which -makes a giant code base accessible for Fuzion applications to build on.</p> - -<p>Additionally, new projects such as the language server implementation for Fuzion -by Michael Lill help by integrating Fuzion support in popular IDEs and editors.</p> - -<p>Main points that are missing right now are</p> - -<ul> -<li>a powerful standard library</li> -<li>additional library modules for all sorts of application needs</li> -<li>low-level foreign language interface for C</li> -<li>actual implementations of static analyzers and optimizers</li> -<li>highly optimizing back-ends</li> -<li>garbage collection for the C back-end</li> -<li>documentation, tutorials</li> -<li>enthusiastic contributors and users!</li> -</ul> - - -<p>Please feel free to contact me in case you want to use Fuzion or want to help -making it a success!</p> - - Fridtjof Siebert - - - Fuzion Language Update - - - Fuzion portal website - Fuzion Sources on GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:05 - 00:30 - D.minimalistic - adventuresindataflow - Adventures in Dataflow - - Declarative and Minimalistic Computing - devroom - - <p>"How can we democratize computing?" — that is a sentiment echoed by many people, especially those of us in tech who realize what the general audience is missing out from computing devices, when they use them as passive consumers. If we think of computing devices as programmable tools for active exploration, how should they look like? What programming model should they be based on? It's fair to assume that it shouldn't look like what passes for regular programming nowadays, since that is clearly out of touch with users. Perhaps something more... declarative? ...minimalistic? So, how can we bring declarative and minimalistic computing to the masses? And... maybe we have already?</p> - - - Hisham Muhammad - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:35 - 00:30 - D.minimalistic - minimalsyntaxes - Knowledge Management Through Minimal Syntaxes - Appreciating How Terse Syntaxes Are Capable of Being Combined In Unexpected Ways - Declarative and Minimalistic Computing - devroom - - <p>Presentation of the main components behind gLean - a knowledge-management application which treats problem-domains as a collection of blocks. gLeans USP is in choosing terse components which syntactically do not impede each-other - permitting collections of block to be parsed and interpreted with minimal concerns for complexity. The hope is that gLean will be able to provide YahooPipes style functionality through combining blocks of references; content; annotations; and parsing-logic.</p> - -<p>The following areas are covered:</p> - -<ul> -<li><p>The talk extols the virtue of the individual components (Gemini protocol's GemText; Emacs-Hyperbole's Kotl; the parser and Lisp, TXR; Jonathan McHugh's Qiuy (a 'Recursive Modelling Language')) as exemplary specialist utilities.</p></li> -<li><p>Examples for how Kotl format and GemText markdown can interoperate (to for instance turning a file into representative Kotl blocks; or export Kotl blocks into GemText)</p></li> -<li><p>The beautiful/unholy ability for TXR to read a 'raw' GemText file containing TXR syntax and for a 'compiled' GemText file to emerge (given this unintended behaviour requires no additional coding and was not designed I consider this particularly special)</p></li> -<li><p>The use of annotations leading blocks to provide logical structures for how a document or a collection of documents should be treated</p></li> -</ul> - - <p>The attached slide of the talk is a Gemini compatible rendition.</p> - -<p>Infact the recording is made within Emacs, rather than a Gemini compatible browser.</p> - -<p>If a user has Emacs-Hyperbole installed seek areas featuring the lisp reference that starts with: -&lt;highlight-rexexp ...</p> - -<p>With the cursor on highlight press the ACTION key (usually the modifier (ALT) and the return button simultaneously).</p> - -<p>This should enact the relevant colourscheme that was used for the official presentation.</p> - -<p>Multiple such buttons are positioned throughout the document.</p> - -<p>Enjoy....</p> - - Jonathan McHugh - - - Output of compiling 'raw' GemText file with TXR content - using TXR Lisp parser - 'raw' Raw GemText file featuring TXR syntax which can be compiled in TXR Lisp parser - Slide presentation - adapted for Gemini compatibility - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:05 - 00:40 - D.minimalistic - lispforeveryone - Lisp, but Beautiful; Lisp for Everyone - - Declarative and Minimalistic Computing - devroom - - <p>The old joke goes that LISP stands for "Lots of Irritating Superfluous Parentheses", but another spin could be "LISP Isn't Structurally Parenthetical". Lispers seem to come to like parentheses eventually and defend them, and newcomers with no preconceptions seem to not have problems as much as existing programmers do, but the fear of lisp in the general programming world remains strong. But is parenthetical notation really the best way to represent lisp? In this talk we explore several alternate representations and their practical use, and speculate on a future where everyone could benefit from lisp's unique properties without fear.</p> - - - Christine Lemmer-Webber - Morgan Lemmer-Webber - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:40 - D.minimalistic - spritelygoblins - Spritely Goblins comes to Guile - Distributed, secure, asynchronous programming - Declarative and Minimalistic Computing - devroom - - <p><a href="https://spritelyproject.org/#goblins">Goblins</a> is the core secure distributed programming layer of <a href="https://spritelyproject.org/">Spritely</a>, a project to research and develop the future of networked communication. Goblins was originally written <a href="https://docs.racket-lang.org/goblins/index.html">on top of Racket</a>, but has recently been <a href="https://gitlab.com/spritely/guile-goblins">ported to Guile</a>. See a live demonstration of using the system in action, and learn about its history!</p> - - - Christine Lemmer-Webber - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:25 - 00:35 - D.minimalistic - commonworkflowlang - Concise Common Workflow Language - Concision and elegance in a workflow language using lisp - Declarative and Minimalistic Computing - devroom - - <p>Scientific workflows are readily and most easily expressed as shell scripts. However, shell scripts are notorious for being "duct tape", and are hard to adapt to different hardware and software environments. Workflow languages such as the Common Workflow Language (CWL) were developed to address this pain point. However, CWL does come at the cost of increased verbosity and reduced readability. Even seasoned scientists shy away from writing CWL, and fall back to the familiarity of shell scripts.</p> - -<p>This need not be. There is no reason to inflict the behind-the-scenes complexity of workflow languages on the user. It should be possible to automatically translate (in other words, compile) a simple shell-like script into a workflow language specification. In effect, we create a new domain specific language that is almost as easy to write as a shell script, but compiles to CWL. No other language is better suited to this task of creating domain specific languages than lisp. The lisps with their homoiconicity and unique macro system empower the programmer to use ordinary code to hack the compiler itself.</p> - -<p>In this talk, I will present the Concise Common Workflow Language (ccwl). The Concise Common Workflow Language (ccwl) is a concise syntax to express CWL workflows. It is a compiler that compiles a simple lispy shell-like workflow specification into a CWL workflow. It is implemented in the Scheme programming language, a minimalist dialect of lisp. I will discuss the considerations that went into the design of ccwl, and demonstrate its expressive power with illustrative examples.</p> - - - Arun Isaac - - - Talk slides - - - ccwl website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:40 - D.minimalistic - relationalexplorationofmccarthysamb - A Relational Exploration of McCarthy's 'Amb' - - Declarative and Minimalistic Computing - devroom - - <p>We will investigate what weirdness occurs when John McCarthy's non-deterministic 'amb' operator is added to a LISP interpreter written in a relational style, in the miniKanren constraint logic programming language.</p> - <p>The code for this talk can be found at https://github.com/webyrd/relational-amb</p> - - William Byrd - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:40 - 00:20 - D.minimalistic - lastmilesandboxing - Why everyone needs to know some coding: last-mile sandboxing - - Declarative and Minimalistic Computing - devroom - - <p>We'd all like to use computers to their fullest capability. However, we'd also like to restrict the capability of computers to do things we don't intend. These constraints present a problem: how our computers should determine our intention, when the software we use is written by others. Most programming languages ignore this problem, by running untrusted programs with completely open doors. Browsers run programs with a single policy that is mostly hard-coded (no file system access) but also complex, so that it's often unclear what is protected. In this talk I'll describe my attempts to come up with a model that is both flexible and easy to understand.</p> - <p>This talk will:</p> - -<ul> -<li>elaborate on what makes sandboxing difficult (code is data),</li> -<li>outline past approaches to sandboxing (web browsers), and</li> -<li>summarize the problems of past approaches (who watches the watchers?)</li> -</ul> - - -<p>It will describe a new approach that replaces the hard-coded coarse-grained protections of browsers with declarative fine-grained protections organized by the real-world effects of computers (syscalls). In outline, the approach separates untrusted software in apps from a tiny set of programmable policies. Each policy is advice that applies to a single syscall and decides whether to permit the syscall or not.</p> - -<p>This approach is implemented in a fork of Lua for purely text-mode apps. The browser provides default policies, but tries to gradually empower each person over time to take ownership of the policies on their browser without any mediation from others. In the process, it hopes to educate people on some basic aspects of programming.</p> - -<p>The talk will describe the new challenges posed by this approach, including:</p> - -<ul> -<li>educating people to never paste in code into policies without understanding it</li> -<li>educating people on the value of minimalism in policy code (and indeed all code)</li> -<li>educating people on the need for policy code to itself be side-effect-free</li> -<li>coaching people on good and poor changes to policy code when intended uses are disallowed by policies</li> -</ul> - - - Kartik Agaram - - - Why Everyone Needs to Know Some Coding - - - Project repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:30 - D.distributions - unify_your_distributions - Unify your distributions - How GNU Guix can run on any of your hardware - Distributions - devroom - - <p>Like most developers, I'm against my will a volunteer system administrator. I -take care of my personal and professional notebooks. I also maintain a -powerful build server at home and a remote VPS hosting my blog. From times to -times I even use a single board computer to host some services.</p> - -<p>A few years ago, all those machines ran different, dedicated Linux -distributions: Ubuntu, ArchLinux, Debian, Raspbian, making the maintenance a -nightmare. That was before diving into GNU Guix.</p> - -<p>In this talk, I'll expose how GNU Guix, as an advanced package manager and -Linux distribution can be advantageously used on any kind of machine from -single board computers to VPS machines.</p> - -<p>The declarative aspect of GNU Guix allows to have various operating system -definitions inheriting from each other while the associate tooling such as -"guix system" and "guix deploy" ease the deployment and upgrade tasks.</p> - - - Mathieu Othacehe - - - Slides - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.distributions - overview_of_flatcar_container_linux_test_framework - All's well that tests well - An overview of Flatcar Container Linux test framework - Distributions - devroom - - <p>Flatcar Container Linux is a community driven Linux OS designed to run container workloads: let's see how the community can run the tests and how the Flatcar Team schedules the test before releasing the OS.</p> - <p>Testing an OS, it's quite challenging: defining use-cases is required but since the OS is the base of application workloads, it's not easy to target <em>all</em> the different use-cases. Let's see in this lecture, how we define, write and run tests for Flatcar Container Linux - a community driven OS designed to run container workloads. We will cover the logic of the Kola test framework but also how they integrate in the release cycle of Flatcar. Finally, we will provide some example to run the tests locally and we hope to share some ideas with OS maintainers in order to improve in a global way the way we test Open-Source OS.</p> - - Mathieu Tortuyaux - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.distributions - modding_the_immutable_how_to_extend_flatcar - Modding the Immutable – how to extend Flatcar, an immutable image-based OS - - Distributions - devroom - - <p>Flatcar Container Linux is a fully open source, minimal-footprint, secure by default and always up-to-date Linux distribution for running containers at scale. It is shipped as an image and does not include any package management. OS binaries and libraries reside on a read-only partition. This talk will briefly introduce Flatcar’s core concepts before diving into a detailed discussion on modifying, testing, and vending your own OS images using the SDK.</p> - <p>This talk will discuss building, modifying, and testing Flatcar Container Linux OS images. It will introduce the innerworks of the OS image building process and will enable the audience to craft their own images. While running (release-)tests will also be briefly covered the focus is on modifying and building. Target audience are engineers and tinkerers interested in OS building and in vending immutable OS images that fit their own needs.</p> - -<p>Flatcar Container Linux is a minimal Linux distribution optimised for running containers at scale. It ships OS images – both for installation and update – and lacks a package manager. Binaries in the OS partition (at “/usr”) are immutable after installation. Therefore, modifying the OS to suit one’s needs can be challenging, and deeper changes to the OS will require vending one’s own images.</p> - -<p>After a brief intro to Flatcar’s Gentoo roots, build process, and SDK, this talk will dive into understanding sources and repository structure, running builds, smoke-testing custom images, and running full-blown release tests. We will include a number of pre-recorded CLI demos in the talk to aid understanding. The talk will close with an outlook of how to bring your custom images to production.</p> - - Thilo Fromm - - - - - - - Flatcar project on Github - Flatcar Linux twitter account - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:40 - D.distributions - securing_and_hardening_a_container_host - Securing and Hardening a container host - - Distributions - devroom - - <p>In the age where customer data is turning out to be a new valuable resource for companies, and the increasing data breaches safeguarding the infrastructure is becoming more and more important. We the maintainers of Flatcar Container Linux, an operating system that thrives for security first will present the best practices to harden and secure your container hosts from the delivery to the different environments to ensure reliability, security and performance.</p> - <p>Even the most secured Kubernetes cluster can have security issues in case the underlying OS is not correctly hardened. -In this talk, we will present the best practices to harden and secure your container hosts from the delivery to the different environments to ensure reliability, security and performance. Through an actual live example, we will introduce how Flatcar Container Linux is first built around security, and uses the hardening practices. From SELinux configuration to audit logs passing by its package management - let's see how this container optimized OS distro can contribute to reduce the surface attack and mitigating threats.</p> - - Sayan Chowdhury - - - Securing and Hardening Container Host - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 01:00 - D.distributions - how_the_distro_needs_change_to_help_foss_on_embedded_linux - How The Distro Needs Change to Help FOSS on Embedded Linux - - Distributions - devroom - - <p>Distros have been the backbone of Linux for the past two decades, but with the advances made in cloud technology and infrastructure, they have started to become less relevant as a solution and product in itself. To be specific: Distros have been reduced from being the universal FOSS product that delivers a complete solution to the user, to a set of very nicely maintained “free beer” types of repos full of packages that make up application building blocks for custom stacks packaged with Docker. The good news is that distros did not fail to deliver the spirit of FOSS as badly on the desktop and server side as they have for embedded Linux.</p> - <p>Distros were never focused on enabling the product builder using FOSS to make great products for embedded Linux. This lack of FOSS support for embedded has caused proprietary OS Dinosaurs like Broadcom and Qualcomm to not only survive, but to this day are still the primary choice of SDKs for the majority of embedded Linux devices that leave the factory. What has gone wrong?</p> - -<p>In this session, Alexander Sack will explore how FOSS has failed embedded Linux. He will also present ideas on how a Distro 2.0 can focus on being more than just a packaging repo and can ultimately help FOSS also win embedded Linux.</p> - - Alexander Sack - - - - - Pantavisor project website - Pantavisor project repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:45 - D.distributions - eclipse_oniro_a_production_os - Eclipse Oniro: A production OS - Focus on your applications again - Distributions - devroom - - <p>Imagine you're an engineer at an ODM or OEM working on a IoT product for -the smarthome - from a simple thermostat to security alarms, from set top -boxes to internet gateways.</p> - -<p>Linux is a fairly obvious choice to build these product that have greater -than 128MB of RAM and storage. On resource-constrained devices, an RTOS -such as Zephyr is able to even run on devices with as little as a few -hundred KB of RAM and storage.</p> - -<p>However, the kernel is a small part of the device's software stack - there -is middleware, application frameworks, security policies, key management, -OTA and multi-year maintenance that the company needs to budget into the -device's engineering support costs.</p> - -<p>Viewing the Linux and RTOS ecosystems as two parts of a single product -platform allows for a coherent view of both ecosystems by developers. You -want to make sure that you can apply the same set of software -configurations and policies across both ecosystems e.g. library versions, -compatible protocol suites, security configurations, OTA mechanisms and -even a single set of IP compliance tools.</p> - -<p>As an example, when you decide you want to secure all your network -communications out-of-the-box in your product platform, you need to:</p> - -<ul> -<li>Find an SSL library that'll fit both footprints</li> -<li>Configure it to have a coherent set of modern ciphers compatible across -the two ecosystems</li> -<li>Get the various protocol libraries to build against the chosen SSL -library</li> -<li>Create key provisioning tools that can work across the two ecosystems</li> -<li>Perform interoperability tests</li> -</ul> - - -<p>Now repeat this exercise across every key component of the OS - security -policy, networking features, OTA, toolchain hardening, IP compliance tools -and you end up with a meta-project that spans and contributes to both -ecosystems.</p> - -<p>We've started to build such a open product platform with opinionated -defaults that follow community best practices with Eclipse Oniro. And -this is our story about our plans for the future.</p> - - - Amit Kucheria - - - Eclipse Oniro: A production OS - Focus on your applications again - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:15 - 00:40 - D.distributions - tailored_build_and_release_tools_for_linux_distro_and_forks - Build and release tools tailored to building, releasing and maintaining Linux distributions and forks - - Distributions - devroom - - <p>Maintaining a Linux distribution in a consistent and secure manner is challenging. Maintaining a one-to-one clone, can be even more challenging. Rocky Linux maintains a number of in-house tools to aid in this process and makes it as transparent and auditable as possible.</p> - <p>Rocky Linux is aiming to be an exact RHEL clone. When the project first started out, the landscape of tools to automate imports and orchestrate builds across package types were not widespread. First challenge to tackle was imports and patches. Srpmproc was introduced to facilitate upstream imports with consistent automated patching. Distrobuild was later introduced as a meta-orchestration layer for already existing build tools within the EL ecosystem. We're now introducing Peridot, the next generation cloud-native build and release tools for RPM distributions.</p> - - Mustafa Gezen - - - - - Rocky Linux website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:40 - D.distributions - centos_stream_stable_and_continuous - CentOS Stream: stable and continuous - - Distributions - devroom - - <p>CentOS Stream was introduced in September 2019. In December 2020 it made news, raised a lot of questions and created long hand-wavy discussions and confusing arguments. During 2021 CentOS Stream 9 finally has found its place in the RHEL 9 development process. And now, in early 2022, we can take a good look at how it actually works.</p> - <p>This talk is focused on the development process of the CentOS Stream distribution. We are going to talk about bootstrap, package updates, continuous integration, testing and contribution.</p> - -<p>We welcome distribution developers, but also users which are interested to know what's hidden under the hood of a typical enterprise-level system.</p> - - Aleksandra Fedorova - - - CentOS Stream: stable and continuous - - - CentOS Stream is continuous delivery - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:45 - 00:25 - D.distributions - dos_and_donts_when_building_yocto_based_distro - DOs and DON'Ts when building a Yocto based distribution - What we have learned in a year of building Oniro - Distributions - devroom - - <p>After approximately a year of work, Oniro - the Eclipse Foundation's embedded operating system - has been released -to the public, and is open to bigger changes like rebasing -to a newer Yocto branch and updating toolchains. Now we're -seeing - and can share - what we did well and what we will -have to do differently in the future.</p> - <p>After approximately a year of work, Oniro (https://oniroproject.org/) - the Eclipse -Foundation's embedded operating system - has been released -to the public, and is open to bigger changes like rebasing -to a newer Yocto branch and updating toolchains. Now we're -seeing - and can share - what we did well and what we will -have to do differently in the future.</p> - -<p>We updated a number of packages from dunfell - can this be -avoided or done in a better way? -What can we do about packages that don't have an LTS policy?</p> - -<p>An important goal must be to make rebasing to newer upstream -releases as quick and painless as possible - accumulating -as little technical debt as we can.</p> - - Bernhard Rosenkränzer - Andrei Gherzan - - - - - The Oniro Project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:15 - 00:45 - D.distributions - chimera_linux - Chimera Linux - A BSD/LLVM distro from scratch - Distributions - devroom - - <p>Chimera Linux is a new distribution I started in the middle of 2021, after years of thinking and vague planning. After getting a bunch of real world maintenance experience managing the POWER architecture support in Void Linux, I have decided to make those ideas a reality - a distribution with the Linux kernel, but FreeBSD userland, LLVM/Clang system toolchain and core runtime, musl libc and a fair amount of custom tooling. Right now, it is a bootable system targeting a variety of CPU architectures (aarch64, ppc64le, riscv64, x86_64...) that is easily bootstrappable (and capable of building itself), testable, lightweight and fast (but still in heavy development). It uses the apk package manager (of Alpine Linux) and a completely custom source packages collection and build system written in Python, allowing for sandboxed, fully unprivileged package builds.</p> - <p>The distribution follows a rolling release model for its simplicity and ease of release management, but without insisting on bleeding edge versions. The build tooling is capable of bringing the system up from scratch using any other musl-based distribution as a base (and without requiring any GNU components beyond currently their make implementation) - the system rebuilds itself 3 times for that purpose. Link-time optimization (specifically Clang's thin LTO) is enabled for nearly all packages. The lightweight, dependency-based, supervising 'dinit' service manager takes care of boot, and Wayland is the preferred display server. The system aims to be general purpose, not niche; a primary goal is breaking up some status quos in the Linux ecosystem and provide a truly viable alternative. It should be community driven, open, welcoming and unorthodox, without any pointless dogmatism.</p> - -<p>In the talk I will cover my journey towards having a system capable of boot, what it took to bring up a distribution from scratch and how I dealt with various obstacles, and what I learned on the way, as well as the future of the project. Some basic Linux administration knowledge will be required from the audience, but any somewhat tech-savvy person should be able to follow.</p> - - Daniel Kolesa - - - Chimera Linux - - - Website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:45 - D.distributions - collaboration_instead_of_competition - Collaboration instead of Competition - The Linux Distributions Working Group at the Open Mainframe Project - Distributions - devroom - - <p>Default community distributions are running in the same issues for special architectures. Every Linux distribution has got mostly separate maintainers and hardware distributors are handling these communities really often disconnected. That has been identified also for the architecture s390x. Therefore, openSUSE, Fedora and Debian have established together with IBM a Linux Distributions Working Group for a better collaboration together and with the goal to receive better support. In this presentation you should receive an overview about a good collaboration between Linux distributions and what you can achieve together with such a Working Group.</p> - - - Sarah Julia Kriesch - - - Collaboration instead of Competition - - - Linux Distributions Working Group - Open Mainframe Project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 13:00 - 00:30 - D.embedded - eclipse_mqtt - Eclipse Amlen: Messaging for IoT/Web/Mobile - MQTT Messaging for Fun & Profit - Embedded, Mobile and Automotive - devroom - - <p>Eclipse Amlen is a newly available message broker that focuses on publish/subscribe messaging for IoT/Web/Mobile use-cases. -It has full support for the widely used MQTTv5 and MQTTv3.1.1 protocols. -It is easy to set up and manage and has support for high availability pairs and clusters of brokers.</p> - <p>Amlen is based on an initial contribution of IBM's WIoTP Message Gateway message broker (formerly called MessageSight) so -it has a mature codebase with a long pedigree of use in large deployments, e.g. in the Automotive industry.</p> - -<p>Jon is the project lead for Eclipse Amlen, he is on the OASIS MQTT standards committee and has been the lead architect -for IBM's Message Gateway product as well as one of the initial developers on the codebase.</p> - - Jon Levell - - - - - Official Project website - Amlen Contributor Blog - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.embedded - oniro_blueprints - Oniro Blueprints for IoT devices - From open-source seeds to products - Embedded, Mobile and Automotive - devroom - - <p>In the Eclipse Oniro project, a distributed OS for consumer electronics, -we're proposing a collection of "blueprints" use cases and their implementations -using embedded software on reference hardware.</p> - -<p>Today, we are going to explain our motivations for the blueprints' approach -and of course how to replicate and deploy firmware from sources and -why Oniro can be flexible to create the device of your dream.</p> - <p>Oniro is an ambitious Eclipse project, -one of its challenges is to defragment existing IoT ecosystems.</p> - -<p>To target a bigger heterogeneous range of IoT devices, -openness, flexibility, and interoperability, -should be enabled at the Operating System level.</p> - -<p>Since the beginning of this versatile OS development, -a complementary blueprint concept was introduced -to be more aligned with different aspects of the software and hardware industry.</p> - -<p>Blueprints are standalone projects that are addressing specific uses cases -by providing "semi final integration" that would make use of the underneath technology.</p> - -<p>Those minimal viable products are not only used for demonstration or validation purposes, -but they can serve as a base to create production-ready solutions. -Blueprints also could inspire devices makers to address similar or more sophisticated use cases.</p> - -<p>Today as we speak, our reference blueprints include -a vending machine, an IoT gateway, a door lock, keypad and more.</p> - -<p>The results of our work are going to be demonstrated and we will be presenting -what is common and what differs.</p> - -<p>Each of those achievements are targeting different uses case and different environments, -but many steps can be factorized from building process, customization to -security or IP compliance scanning.</p> - -<p>Expect to see demos on how our Oniro project leverages other opensource projects -like Yocto/OE Embedded distribution, Linux and Zephyr Kernel, LVGL UI toolkit, -OpenThread mesh networking, Web of Things and more.</p> - - Philippe Coval - Andrei Gherzan - - - oniro-blueprints-fosdem2022.pdf - - - Oniro: The Distributed Operating System That Connects Consumer Devices Big and Small - Oniro sources - Oniro Videos - Join Eclipse's Oniro Project - Welcome to FOSDEM2022's Oniro online stand - Oniro IoT Gateway FOSDEM2022 presentation - Oniro Blueprints FOSDEM2022 Presentation slides (Web with videos) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 01:00 - D.embedded - astarte_data_collection - Astarte: from data collection to fleet management - How Astarte evolved from a broker plugin to an IoT ecosystem - Embedded, Mobile and Automotive - devroom - - <p>Astarte is an Open Source IoT framework focused on data management and processing. -The talk will illustrate its concepts, its architecture and it will present a fleet management system developed on top of it.</p> - <p>By providing all the building blocks needed for an IoT project, the Astarte platform has quickly become a turnkey solution able to provide IoT and AI services while also allowing to save time and avoiding reinventing the wheel for any given new IoT usecase. -Its features enabled Astarte to grow into a larger ecosystem, providing integrations with a wider community such as Eclipse Oniro. The Edgehog device manager is the latest addition to this ecosystem: it's a multitenant device manager, built on top of Astarte. -After an introduction on Astarte, the talk will showcase how the platform can be used to provide all the operations expected from a modern device manager, like OTA updates, geolocation, etc. The talk will end sharing further info about the integration with Eclipse Oniro and its roadmap.</p> - - rbino - - - Slides - - - Astarte Github - Edgehog Github - Astarte Website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.embedded - openthread_mesh_network - Running an OpenThread Mesh Network with Linux and Zephyr - Transparent IoT Gatway Blueprint of the Oniro Project - Embedded, Mobile and Automotive - devroom - - <p>The Thread protocol specifies a low-power IoT mesh network. It offers -self-healing, low latency and IPv6 connectivity without a single point of -failure. In addition to the lower layer mesh functionality it also -offers mesh network management, as well as secure onboarding of headless -devices.</p> - -<p>OpenThread is an open source project implementing the Thread protocol and its -components. The focus of this talk is to demonstrate a Linux based OpenThread -border router and Zephyr based mesh nodes. Tight together by a Yocto based -build system this talk shows all components you need to have an IPv6 enabled -micro-processor on a low-power wireless link. The used power is small enough -to allow operating a small sensor for months or years on a coin cell battery in such a -scenario. All served by a Linux based border router to allow for internet -access and end-to-end IPv6 connectivity.</p> - -<p>All of the above is bundled together in an Eclipse Oniro Project blueprint -for a transparent IoT gateway.</p> - - - Stefan Schmidt - - - 2022-02-06-FOSDEM-Running-an-OpenThread-network - - - Blueprint documentaion: - Demonstration video: - Eclipse Oniro Project: - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.embedded - r155_compliance - Towards UN R155 compliance with open source stack - - Embedded, Mobile and Automotive - devroom - - <p>After presenting key constraints of new cybersecurity standards UN R155/R156 regulations, the session presents how redpesk open source stack helps to address those concerns, especially with it secured-by-design architecture.</p> - <p>The UNECE WP.29 regulation R155 for Cyber Security Management and R156 for Software Updates have been adopted in 2021 by UNECE’s World Forum for Harmonization of Vehicle Regulations. This means that cybersecurity is now non-negotiable for accessing the market in more than 60 countries, starting in July 2022.</p> - -<p>The open source secured-by-design stack redpesk helps to fulfill regulatory requirements by providing:</p> - -<ul> -<li>MAC-enabled Linux distribution (SMACK/SELinux)</li> -<li>secure microservices architecture</li> -<li>integration with RTOS for safety</li> -<li>Innovative container engine fitted for embedded</li> -<li>LTS on full car life (approx. 20 years)</li> -<li>SOTA support</li> -</ul> - - - José Bollo - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.embedded - container_manager_in_c - Why Embedded Linux Needs a Container Manager Written in C - - Embedded, Mobile and Automotive - devroom - - <p>Container technology has always been part of the cloud domain, and as such, its roadmap has usually been dictated by the use cases and requirements of that world. In the servers’ domain, resource utilization is nowhere near as relevant as it is in the embedded domain. The different languages and technologies that power the tools and mechanisms through which containers are leveraged in the bare metal server and /cloud worlds just don’t fit into the requirements of embedded.</p> - <p>Despite the above, these past couple of years have seen an aggressive push from cloud-centric companies trying to tell the Embedded Linux ecosystem and its development community that we should make do with Golang, NodeJS and similar solutions and tools. Most are unaware of the challenges when you cram cloud tools into a resource constrained embedded system. Even though the architecture of some of these frameworks have the right intention (LXD), most just lack the interest in understanding the specific requirements of embedded.</p> - -<p>In this talk, we’ll explore how using containers for embedded systems modelling can help facilitate development cycles by enabling modular software architectures. We’ll deep dive into what the real requirements of embedded systems are and how modern container technology can help us meet the actual needs of this world. And lastly, we’ll walk through an example with Pantavisor, an open source container framework implemented for embedded systems.</p> - - Ricardo Mendoza - - - - - Pantavisor Project - Pantavisor Repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.embedded - jetson_ota - Over-the-air (OTA) software updates with NVIDIA Jetson - - Embedded, Mobile and Automotive - devroom - - <p>With over half a million developers worldwide, NVIDIA® JetsonTM is one of the most popular embedded computing platforms that brings AI performance to the Edge in a power-efficient and compact form factor</p> - -<p>In this talk, we will cover in detail a unique way of integrating a robust and secure over-the-air software (OTA) updates with the NVIDIA JetPack 4.6 production release that works for all Jetson System-on-Modules (SoMs) with support for the official L4T (Ubuntu-based) operating system, running JetPack 4.6 or later. As it is built on top of the latest JetPack SDK release, there is no need to have separate integrations when building and deploying applications on different Jetson SoMs. This has the benefit of enormously cutting down the bringup time of an OTA solution to do all types of OTA updates. It has low maintenance costs since it does not involve modifying the boot process and rather relying on officially supported tools by NVIDIA which should not “break” with new L4T releases or board changes. We will cover the details of the integration with the high-level user flow as outline below, which “clones” the running image of a golden device and deploys it in a robust manner to the entire fleet of devices:</p> - -<p>-Download L4T image from NVIDIA --Use NVIDIA tools to flash A/B setup with L4T image --Install Mender as deb package, plus integration layer --Run Mender snapshot to create Artifact --Deploy Artifact snapshot to fleet</p> - <p>With over half a million developers worldwide, NVIDIA® JetsonTM is one of the most popular embedded computing platforms that brings AI performance to the Edge in a power-efficient and compact form factor</p> - -<p>In this talk, we will cover in detail a unique way of integrating a robust and secure over-the-air software (OTA) updates with the NVIDIA JetPack 4.6 production release that works for all Jetson System-on-Modules (SoMs) with support for the official L4T (Ubuntu-based) operating system, running JetPack 4.6 or later. As it is built on top of the latest JetPack SDK release, there is no need to have separate integrations when building and deploying applications on different Jetson SoMs. This has the benefit of enormously cutting down the bringup time of an OTA solution to do all types of OTA updates. It has low maintenance costs since it does not involve modifying the boot process and rather relying on officially supported tools by NVIDIA which should not “break” with new L4T releases or board changes. -We will cover the details of the integration with the high-level user flow as outline below, which “clones” the running image of a golden device and deploys it in a robust manner to the entire fleet of devices:</p> - -<p>-Download L4T image from NVIDIA --Use NVIDIA tools to flash A/B setup with L4T image --Install Mender as deb package, plus integration layer --Run Mender snapshot to create Artifact --Deploy Artifact snapshot to fleet</p> - - Luis Ramirez Vargas - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:45 - D.emulator - grog - Testing Macromedia director in ScummVM - - Emulator Development - devroom - - <p>ScummVM reached a milestone with the release of 2.5.0. Version 0.0.1 was released 20 years ago. The latest release was also the first release that included support for a few Director games.</p> - -<p>MacroMedia Director, later Adobe Director, was a multimedia application authoring platform. Its ease of use led to a huge number of graphic adventure games being written with it. This was the late 90's. Some well known games are the Journeyman Project, Total Distortion and Spaceship Warlock.</p> - -<p>One challenge to over come was to work on the code without breaking other parts. -We'll go over the architecture of ScummVM, dive deeper into the Director Engine and land on how tests improved the code.</p> - - - Roland van Laar - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:45 - 00:45 - D.emulator - z80 - Z80: the last secrets - Microarchitectural leaks, 45 years later - Emulator Development - devroom - - <p>While writing a Z80 emulator, you might ask yourself: should it be 100% accurate ? Maybe not, if you just want to run old software. But what if you're not and this old software accidentally depends on undocumented behavior ? -In this talk we'll explore how, 30 years after its design, a few people on a Russian retro-computing forum reverse engineered an undocumented Z80 register: MEMPTR. And how 6 years later, another even less known secret register was discovered.</p> - - - Anisse Astier - - - Z80 last secrets slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.emulator - bugs_life - CANCELLED Debugging Strategies for Emulator Developers - Are bugs a form of artificial life? - Emulator Development - devroom - - <p>Emulators, especially ones targeting real time performance, can become very complex, and can present unique debugging challenges - more akin to cpu, operating system and compilers than typical software projects.</p> - -<p>In this talk I will cover common and not-so-common classes of bugs that manifest themselves in a vast range of emulators (gameboy, dreamcast, x86/64 usermode will be used as examples), and strategies and heuristics I've used over the years to identify, prevent, mitigate, fix and prevent them from reappearing.</p> - -<p>Both theoretical concepts and background, as well as concrete examples of past bug hunts will be included.</p> - - - Stefanos Kornilios Mitsis Poiitidis - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 02:00 - D.emulator - ps3 - PlayStation 3 Emulation - (Re)implementing the impossible - Emulator Development - devroom - - <p>The PlayStation 3 features one of the most ambitious and fascinating architectures among video game consoles. Once deemed near-impossible to emulate in real-time, we now celebrate the 10th anniversary of its most popular emulator: RPCS3, a free and open-source software capable of running two thirds of the console's catalogue on PC.</p> - -<p>This talk describes the hardware and software stack of the PlayStation 3, covering the IBM Cell/B.E. CPU, Nvidia RSX GPU and Sony's CellOS operating system in detail. We compare these against earlier and later consoles, explaining how their design and complexity has shaped a new generation of emulators and binary translators, before delving into the history and internals of RPCS3 and other PlayStation 3 emulators.</p> - - - Alexandro Sanchez Bach - - - Slides - - - RPCS3 - PlayStation 3 Architecture - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.emulator - fuzz - Fuzzing, or How I Generated 1,000,000 New Processor Test Cases in an Afternoon - Fill your boots. Then fill somebody else's. - Emulator Development - devroom - - <p>Most emulator authors will have encountered a test suite; a series of compliance tests that indicate whether their implementation matches original hardware. But these suites tend to assume a lot of working functionality beyond the part they are specifically testing, often being designed by an intelligent human being to test finished emulators.</p> - -<p>This presentation covers an alternative source and target of tests: random numbers, to test individual processor instructions, so that future emulator authors can test from day one.</p> - - - Thomas Harte - - - - - https://github.com/TomHarte/ProcessorTests - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 01:00 - D.emulator - squirrel - SquirrelJME, Java Flip Phone Emulation - Preserving the history of obsolete cellular devices - Emulator Development - devroom - - <p>SquirrelJME is a from-scratch and clean-room built Java Virtual Machine implementation which targets the J2ME/Java ME runtimes which have been historically used for mobile applications such as those running on flip phones. The presentation will go over the unique challenges of implementing a JVM along with differences compared to traditional CPUs. Additionally due to the rapidly changing nature of traditional desktop Java Virtual Machines, backwards compatibility with older byte codes is not a guarantee, therefor there is a specific need for a non-changing run-time environment for these older applications.</p> - - - Stephanie Gawroriski - - - SquirrelJME, Java Flip Phone Emulation - - - Main Website - GitHub Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 01:00 - D.emulator - emu_config - Static and Dynamic Analysis for Automatic Emulator Configuration - Or: Not asking the user so many damn questions. - Emulator Development - devroom - - <p>A disadvantage of many emulators is that they require the user to know how they should configure a machine — which model, which expansions and peripherals — and what they need to type before they can use their desired classic software. Wouldn't it be nice if the emulator could just figure all that stuff out for you?</p> - -<p>This presentation covers three means of doing so: ahead-of-time static analysis, runtime dynamic analysis, and brute-force try-them-all parallel execution.</p> - - - Thomas Harte - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:45 - D.emulator - venix - A Venix/86 emulator - A step in recreating Venix/86 Sources - Emulator Development - devroom - - <p>Venix/86 was the first commercially available Unix for the IBM PC. PC/IX was the first one that IBM supported, but VentureCom created released this port about the time PC/IX was announced. They ported it to a number of the 'near compatible' systems as well, so for many people the first Unix available on those early 8086/8088 machines was Venix. This included the DEC Rainbow 100B with Venix/86R.</p> - -<p>A companion project to recreate the sources for Venix/86 from 7th edition tapes now available was hampered by the slow speed of the DEC Rainbow, so I wrote the emulator to seed that along.</p> - -<p>This talk will be about the emulator's structure, system call interface and portability to other ancient 8088/8086 Unixes. It will also discuss how many of the early ports coped with lack of a MMU in clever ways. It will touch on the path here, and then focus on the current implementation.</p> - <p>The author had a DEC Rainbow which was supported with Venix/86R. By the time the author was employed post college, copies of it had become impossible to find.</p> - -<p>Recently, A copy surfaced and I started working with it. A number of interesting challenges for creating this port will be discussed. I took the hard path to decompile parts of libc to discover the system call interface, and went through a few preliminary implementations of Venix/86 emulation before arriving at what we have today. After the initial decompile, documentation surfaced, other incomplete copies were found along with some source, all of which confirmed most of the details that had been guessed.</p> - -<p>This has been a labor of love for me, using 4 different x86 emulators, a number of deep searches online to find as much info as I can, disassembly, etc. I'll touch on some of these aspects as well. It's currently running using vm86 on a FreeBSD/i386 bhyve instance hosted on a FreeBSD/amd64 machine nicely... A port to qemu user-* might be possible too.</p> - -<p>This goes hand in hand with another project: recreate the sources that can create a Venix kernel using the now-available 7th Edition sources, which may be a future submission.</p> - - Warner Losh - - - - - Venix Repo for this project - vm86 venix emulator for this talk - Venix System Call Docs - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:15 - 00:45 - D.emulator - fex - FEX-Emu: Fast(-er) x86 emulation for AArch64 - How we're creating a better gaming experience on ARM - Emulator Development - devroom - - <p>QEmu is a great project but it isn't really designed around high performance gaming. -Let's create a new project that is specifically designed for running x86 and x86-64 games on AArch64. -With FEX-Emu now off the ground let's talk about the problems of translating x86 and x86-64 to AArch64. Translating 32-bit games to a 64-bit process encounter a bunch of fun issues. On top of that, translating x86/x64 to Arm has issues that you wouldn't really expect. -Come along for the ride with all the problems we encountered and where our future plans lie with FEX-Emu.</p> - - - Ryan Houdek - - - Slides (odp) - Slides (pptx) - Slides (pdf) - - - FEX-Emu Website - FEX-Emu Github - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:15 - 00:30 - D.mobile - mobile_kernel_snapdragon_410 - Running Mainline Linux on Snapdragon 410 - How we support over 25 devices in postmarketOS - FOSS on Mobile Devices - devroom - - <p>The Qualcomm Snapdragon 410 (msm8916) is a SoC that was used in many smartphones and -tablets around 2015. It is the most mature "aftermarket" platform postmarketOS can offer -at the time of writing. Many of the supported devices are quite usable and have -most of the expected features like phone calls and mobile data working.</p> - -<p>The talk goes over some of the most important challenges that we have faced while -supporting those devices and describes the ways in which we have solved them.</p> - <p>Apart from the Linux kernel, we focus on various other tools and projects like -lk2nd - a shim bootloader that prepares the environment for booting Linux and -hides some device-specific quirks from the kernel. It also unifies the boot and -installation process on all devices.</p> - -<p>We also have other tools and resources to make porting easier. Those include -various documentation or even a fully automated display driver generator -that helps with the fact that each display requires unique initialization.</p> - - Nikita Travkin - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:40 - D.mobile - mobile_graphical_lisp - Portable Parens: Graphical Lisp programs for mobile devices - Techniques for building responsive, touch-friendly GUI applications with functional programming paradigms - FOSS on Mobile Devices - devroom - - <p>Lisp, the second-oldest programming language, has led the way in -advanced programming techniques through decades of variants and -dialects. This talk will show how Lisp is relevant even in the -burgeoning field of mobile Linux distributions, covering four distinct -techniques for writing touch-friendly, responsive GUI applications in -various Lisp implementations:</p> - -<ul> -<li>Embedding</li> -<li>Transpilation</li> -<li>Foreign function interfaces</li> -<li>Networked microservicing</li> -</ul> - - -<p>With fully open source examples for each of the methods, written in -Lisp dialects including Clojure, Scheme and Fennel, this talk will -weigh up the pros and cons of the different techniques with regard to -reliability, performance and long-term sustainability in the software -supply chain.</p> - -<p>Finally, the talk will conclude with a proof-of-concept for a -declarative graphical application with GTK4, showcasing the advanced -functional programming features offered by Lisp, and demonstrated on a -physical PinePhone device running PostmarketOS!</p> - - - Sebastian Crane - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:35 - D.mobile - mobile_kernel_snapdragon_845 - From Android to mainline on the Snapdragon 845 - Extending the life of Android devices with upstream kernels and postmarketOS - FOSS on Mobile Devices - devroom - - <p>Explaining a brief history of Linux on Qualcomm devices, how we got to where we are today and what will come in the future. With a specific focus on the OnePlus 6 and other SDM845 devices with mainline Linux support. As well as what exciting things the future holds!</p> - - - caleb Connolly - - - SDM845 mainline slides - - - postmarketOS website - our close to mainline kernel fork for SDM845 devices - Video recording(WebM/VP9) - Video recording(mp4) - Slides - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:40 - D.mobile - mobile_social_dilemma - Linux Mobile vs. The Social Dilemma - - FOSS on Mobile Devices - devroom - - <p>As FOSS on mobile community, let's do our part to fix the many negative effects of social media and its hostile design patterns. We could become the prime example of how to treat users with respect. To not only give them control over their phone, but also over their attention. From design choices in the operating systems and apps to the platforms we choose to communicate about development.</p> - - - OIiver Smith - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:35 - D.mobile - mobile_modemmanager - ModemManager in your phone - - FOSS on Mobile Devices - devroom - - <p>ModemManager provides a general purpose WWAN management stack, which has served as default WWAN management system for standard GNU/Linux distributions for the last 10 years, primarily focused on providing data connectivity to laptops and desktops. In addition to that, different teams building phones with FOSS operating systems have also considered ModemManager as a good tool to take responsibility for the full data and voice call management in phones, primarily because it supports a broad range of devices and systems: not only standalone WWAN modules, but also WWAN stacks integrated in Qualcomm SoCs.</p> - -<p>This talk will provide an overview of the current state of integration of ModemManager in phones, and what's expected in future releases.</p> - - - Aleksander Morgado - - - FOSDEM 2022 - ModemManager in your phone - - - https://modemmanager.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:45 - 00:35 - D.mobile - mobile_adwaita - Welcome to Libadwaita - - FOSS on Mobile Devices - devroom - - <p>GTK4 is finally ready for production, and with it comes Libadwaita, the next generation of the GNOME app development platform. This new library builds on what Libhandy did for GTK3 but takes it even further, streamlining many of the most common things app developers need to build great apps for GNOME, across both desktop and mobile.</p> - -<p>This includes standardized patterns and widgets for basic layout elements like lists and cards, adaptive navigation, touch/touchpad gestures, easier ways of using color in apps, and much more.</p> - -<p>This talk will give a quick overview of the current capabilities of the platform, and show how app developers are making use of it to build apps that work well on computers of all shapes and sizes.</p> - - - Tobias Bernard - - - Welcome to Libadwaita - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:25 - D.mobile - mobile_calls - Anatomy of GNOME Calls - What goes into making a call in GNOME Calls - FOSS on Mobile Devices - devroom - - <p>In this talk we will take a look at the anatomy of GNOME Calls. -We will cover libraries used and how Calls interacts with them to provide -call functionality and other things you'd expect from a dialer application.</p> - - - Evangelos Ribeiro Tzaras - - - Slides - - - Gitlab Repository - Purism - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.mobile - mobile_phosh - Phosh Contributors Get Together - Get to meet the other Phosh contributors - FOSS on Mobile Devices - devroom - - <p>Get to meet the other Phosh contributors</p> - <p>You're contributing to Phosh or its wider ecosystems as designer, translator, distribution packager, tester or developer (or intend to do so)? Then join us at this get together. There's no formal schedule, it's just about meeting other people since we can't have a RL meeting.</p> - - Guido Günther - - - - - Phosh - Signup - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 01:30 - D.mobile - mobile_closing_session - Closing session - - FOSS on Mobile Devices - devroom - - <p>Closing session for the FOSS on mobile devices devroom. -We reserve the right to have the "Phosh contributors meeting" bleed into this session.</p> - -<p>Come and join us as we're looking back at FOSDEM22, reflect on how our quest for world domination is going -and talk about anything and everything (tangentially) related to FOSS on mobile devices. -While not mandatory grabbing a refreshing (rejuvenating even!) beverages of your choice is highly recommended -as we're closing this years event.</p> - -<p>No dresscode :)</p> - - - Evangelos Ribeiro Tzaras - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 13:00 - 00:10 - D.radio - radio_welcome - Welcome to the Free Software Radio Devroom - - Free Software Radio - devroom - - <p>This presentation will give you an overview what to expect in the Free Software Radio devroom at FOSDEM 2022.</p> - - - Andrej Rode - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:10 - 00:30 - D.radio - radio_openwifi - Opensource WiFi chip (openwifi) progress and future plan - - Free Software Radio - devroom - - <p>The <a href="https://github.com/open-sdr/openwifi">openwifi</a> project (opensource WiFi chip) was firstly introduced in the fsr dev room of FOSDEM2020, Brussels. So it would be our honor to give the annual update of the project in the same event!</p> - -<p>This year we will bring these contents:</p> - -<ul> -<li>Features added in 2021</li> -<li>Bug fixes in 2021</li> -<li>Some initial test results by the R&amp;S CMW270 WiFi tester</li> -<li>The community growth we saw in 2021: the new cheaper hardware; the new applications/papers; etc.</li> -<li>Our current focus and future plan: the progress of WiFi6/802.11ax development; etc.</li> -</ul> - - -<p>Related event:</p> - -<ul> -<li>Feb 6 11:20 (Brussels time): <a href="https://fosdem.org/2022/schedule/event/openwifipynqz1/">Bring openwifi to PYNQ-Z1 with ultra low cost</a> in <a href="https://fosdem.org/2022/schedule/track/libre_open_vlsi_and_fpga/">Libre-Open VLSI and FPGA devroom</a>.</li> -<li><a href="/2022/stands.fosdem.org/stands/openwifi/">openwifi stand</a> welcome you the whole weekend.</li> -</ul> - - - - Xianjun Jiao - - - openwifi project slides for free software radio devroom - - - The openwifi Linux driver and user space tools - The openwifi chip/FPGA design - The main openwifi github site - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:20 - D.radio - radio_litex - Implementing a GNU Radio/LiteX accelerator using a FPGA-based PCIe co-processor - - Free Software Radio - devroom - - <p>Processing tools such as RFNoC by Ettus Research allow for FPGA processing &amp; acceleration however, this can only be used achieved by using USRP devices. gr-litex is an open-source tool that uses GNU Radio with LiteX and allows for different boards by a variety of vendors to achieve processing and acceleration. The project currently uses an Acorn CLE-215+, a cryptocurrency mining accelerator card repurposed as an FPGA for the project.</p> - - - Victor Omoniyi - - - - - gr-litex - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.radio - radio_hellschreiber - Emitting Hellschreiber from a Raspberry Pi GPIO: combining gr-hellschreiber with gr-rpitx - GNU Radio running on an embedded board as emitter - Free Software Radio - devroom - - <p>Hellschreiber is a morse-like graphical transmission of digital data reminiscent of fax over wireless communication media designed in the 1930s and used during the second world war by the German military. Now used by the ham radio community, we consider how hellschreiber is emitted using a Raspberry Pi GPIO pin configured as radiofrequency emitter, an approach made popular by rpitx and generalized to GNU Radio with our gr-rpitx OOT sink block (https://github.com/jmfriedt/gr-rpitx). The transmitted signal is recorded by a RTL-SDR DVB-T receiver and decoded using gr-hellschreiber (https://github.com/tlavarenne/gr-hellschreiber). -Preparing this presentation was an opportunity to become familiar with GNU Radio 3.9 and the presentation concludes with some of the challenges (and solutions) met when porting gr-acars -(https://sourceforge.net/projects/gr-acars/) to this new version of the signal processing framework.</p> - - - Jean-Michel Friedt, Thomas Lavarenne - - - full image of the experimental setup - proceeding manuscript - slides of the presentation - - - short video of a demonstration - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.radio - radio_ofdmradar - gr-ofdmradar: OFDM Radar in GNU Radio - - Free Software Radio - devroom - - <p>All radar is dominated by high-bandwidth, fixed waveforms. All radar? No! A little domain combines communications and sensing, introducing OFDM Radar:</p> - -<p>gr-ofdmradar is a GNU Radio out of tree (OOT) module, providing an OFDM Radar implementation that can be used in simulations and, potentially, hardware. In this talk I will introduce the motivations and theory behind OFDM Radar as described by Martin Braun, present gr-ofdmradar and how it can be used in simulations and conclude with a small outlook at how this module can be used for hardware implementations.</p> - - - David Winter - - - - - GitHub: gr-ofdmradar - Hardware Implementation of OFDM Radar using gr-ofdmradar - Martin Braun, OFDM Radar Algorithms in Mobile Communication Networks - [YouTube] Recording of unprocessed radar return in hardware setup - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.radio - radio_voyager1 - Voyager 1 adventures - - Free Software Radio - devroom - - <p>Voyager 1 is the furthest spacecraft and the first ever to exit the solar system. Fueled by its radioisotope generators, after more than 40 years of flight it is still sending us data about the interstellar medium using its 3.7 metre dish antenna and 8.4 GHz transmitter. In this talk we report two adventures regarding the reception of the Voyager 1 signal.</p> - -<p>In the first part, we show the successful detection of the Voyager 1 signal using one of the 6.1 metre dishes at the Allen Telescope Array in November 2020. Calculations show that using stable frequency references and accurate Doppler correction, this feat might also be possible for amateurs with smaller dishes if they integrate several hours of data to pull out the very weak signal from the noise. In the second part, we use some recordings done by the 100 metre Green Bank Telescope in 2015 and 2020 to decode the data transmitted by Voyager 1. The spacecraft predates the modern CCSDS standards, so its data has some interesting aspects.</p> - -<p>All this work has been done using GNU Radio, Python, and other open source tools. The data and results are publicly available.</p> - - - Daniel Estévez - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.radio - radio_gr3_10 - GR 3.10 - Update and examples of new features - Free Software Radio - devroom - - <p>3.10 is the latest release of GNU Radio and includes some powerful features and new modules. We will step through the new features and what they enable before going further in depth with some examples of the upstreamed Hardware Accelerator Support that was presented last year at FOSDEM. This feature provides streamlined data movement via support of "custom buffers" which allow a device-compatible mapping of the memory presented to a block's work function, eliminating additional ingress/egress in and out of device memory. We will show how this impacts specifically flowgraphs that have CUDA enabled blocks as a concrete example.</p> - - - Josh Morman - - - GR 3.10 Update Slides v2 - - - GNU Radio project website - GNU Radio project repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:10 - D.radio - radio_m17 - Introducing the M17 Project - - Free Software Radio - devroom - - <p>A six minute talk on the M17 Project, an open source digital communications protocol suitable for VHF/UHF and more. Intended for amateur radio terrestrial and space application, many exciting things are possible with this 4-ary FSK layered protocol from a dynamic and motivated international team. This talk will introduce the audience to the project and the purpose, goals, products, opportunities, and enjoyment possible with M17. M17 is not encumbered by US patents.</p> - - - Michelle Thompson - - - - - M17 Project Homepage - OpenRTX FOSS Firmware Homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:30 - D.radio - radio_julia_litex - P2P SDR to GPU Streaming with Julia and LiteX - High throughput PCIe P2P communication for SDR - Free Software Radio - devroom - - <p>In this talk, we report early results in the development of a hardware/software stack enabling direct P2P communication between a Fairwaves XTRX / XYNC SDR and an Nvidia GPU. We are able to saturate a PCIe link (7 Gbps) in loopback mode. IQ samples are streamed from the RF IC at more than 350 Mbps. Implementation of this architecture required the development of a new LiteX-based Artix FPGA gateware, and a new SDR framework written in the Julia programming language. The combination of extremely high throughput, GPU computing power, and efficient Julia code will open the doors to a new generation of phased-array and machine-learning experimentation.</p> - - - Steve Kelly - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:40 - D.openjdk - diversity - Fundamentals Of Diversity & Inclusion For Technologists - - Friends of OpenJDK - devroom - - <p>Enhancing diversity and inclusion in every aspect of technology is an essential conversation everyone should be a part of. In an increasingly interconnected world, we have a shared responsibility to ensure technology is a force that works to benefit everyone, countering structural sources of inequity where needed.</p> - -<p>This session aims to jump start your personal diversity and inclusion journey by explaining the basics in simple terms with relevant examples for technologists. Concepts covered will include unconscious bias, privilege, equity, allyship, covering and microaggressions.</p> - - - Reza Rahman - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:40 - 00:40 - D.openjdk - openjfx - OpenJFX: An Update on Java on the Client - - Friends of OpenJDK - devroom - - <p>JavaFX allows Java developers to create cross-platform user interfaces using their existing Java skills.</p> - -<p>In this session, we give an update about the OpenJFX project where the core development of JavaFX is happening.</p> - <ul> -<li><p>OpenJFX: development in the open. The specification and implementation is done in a very open, community-friendly approach on GitHub. Topics are discussed on a mailinglist, and issues can be created in the Java Bug System.</p></li> -<li><p>Cross Platform: the same Java code that is used to create a user interface on desktop (windows/mac/linux) works on mobile (android/ios) and embedded devices as well. This also allows for a convenient development cycle: development and debugging is typically done using the developers favorite platform and IDE, and the result will work on other systems as well.</p></li> -<li><p>Modern graphical stack: the low-level implementations are shielded from the high-level JavaFX API's. This allows JavaFX implementations to take advantage of modern hardware and drivers, and developers don't have to worry about these implementation details.</p></li> -</ul> - - - Johan Vos - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:40 - D.openjdk - fxgl - AI Pathfinding In FXGL Game Engine - - Friends of OpenJDK - devroom - - <p>FXGL 11 has been a success among JavaFX developers, leveraging high-performance cross-platform support for games and applications. FXGL seamlessly extends JavaFX to bring support for real-world game and application development concepts and techniques, which can be used in both Java and Kotlin.</p> - -<p>In this session, developers will dive deeper into the FXGL AI capabilities and learn how to:</p> - -<ul> -<li>create a 2D navigation grid from a game level,</li> -<li>use A* pathfinding with game objects.</li> -</ul> - - - - Almas Baimagambetov - - - - - FXGL game engine source - Workshop source - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:40 - D.openjdk - pi - Update On Java On The Raspberry Pi - - Friends of OpenJDK - devroom - - <p>An overview of Java projects running on the Raspberry Pi.</p> - -<p>In 2021 the Pi4J project released a completely new second version of its object-oriented GPIO API and implementation library for the Raspberry Pi. Let's take a look at the new documentation site and example projects to get you started with Java development on the Raspberry Pi.</p> - <p>Getting started with Java in a new area - like controlling electronic components - can be challenging, but the Pi4J project aims to make this an easy and fun experience. Thanks to a lot of getting-started tutorials and example projects, different use-cases are handled. The experience of your first "blinking LED" is a really amazing experience for a lot of software developers who never interfaced with electronics before. In this presentation, we will take a look at a few of these examples.</p> - - Frank Delporte - - - - - Pi4J documentation website - Presentations by Frank Delporte - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:40 - D.openjdk - mqtt - Benefits Of MQTT For IoT Apps And Beyond - - Friends of OpenJDK - devroom - - <p>A quick study on several popular MQTT brokers!</p> - -<p>We will learn about the benefits of MQTT, which has become the de facto standard for IoT messaging. The MQTT protocol has in fact undergone a major transformation from its early days as a protocol for handling data transmission in oil pipelines via satellite, to now being able to manage devices operating in the current internet and cloud native environments that are often constrained. We'll take a look at some of the popular implementations of the MQTT broker, such as the Java-based HiveMQ and the C/C++ Eclipse Mosquitto.</p> - <p>IoT applications run on IoT devices and can be created to be specific to almost every industry and vertical, from small devices to large ones, including healthcare, industrial automation, smart homes and buildings, automotive, and wearable technology. The possibilities are limitless. Increasingly, IoT applications are using AI and machine learning to add intelligence to devices. Among all of the variables in the IoT ecosystem, one common theme is the need to be able to handle the constrained operating environment, such as unreliable network connectivity, limited bandwidth, low battery power, and so on. We will take a look into the MQTT protocol, how it has evolved from its early days which was intended for the connection of oil pipelines via satellite, to now the ever-increasing demand in IoT and M2M applications, to how this protocol will evolve to meet the modern needs especially in the current cloud computing era. We will study a few outstanding MQTT libraries that are available in the market, such as the Java-based HiveMQ, and open source libraries such as Eclipse Mosquitto and Apache licensed VerneMQ.</p> - - Mary Grygleski - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:20 - 00:40 - D.openjdk - jakartaee - Jakarta EE: Present & Future - - Friends of OpenJDK - devroom - - <p>Java EE has been re-branded to Jakarta EE and moved to truly open source governance under the Eclipse Foundation. This session overviews what this means, offers a brief tour of the initial releases - Jakarta EE 8/Jakarta EE 9, explores current state and looks to what the future might bring including some key challenges. We will also discuss how these challenges can be overcome through active community engagement.</p> - <p>The technical contents of Jakarta EE 8 is mostly the same as Java EE 8. Jakarta EE 9 further brings the platform into the open by decoupling from the javax namespace to the jakarta namespace. Jakarta EE 10 opens the possibilities for many long pending innovations in key technologies like Jakarta Security, Concurrency, Messaging, REST, Persistence, Batch, NoSQL, MVC and Configuration.</p> - -<p>You should come to this session with your thinking caps on and your sleeves rolled up. There is much to help move forward together that really matters.</p> - - Reza Rahman - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:40 - D.openjdk - deeplearning - Deep Learning for Java Developers - - Friends of OpenJDK - devroom - - <p>For most software developers, mastering AI/machine learning can take months or even years.</p> - <p>Also, there are many technical challenges with integration and putting AI models in production.</p> - -<p>Deep Netts is a Java native Deep Learning Toolkit that solves these problems for Java developers.</p> - -<p>In this session, you will learn how to quickly create more powerful Java applications with AI/Machine Learning by using your Java skills.</p> - - Zoran Sevarac - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:40 - D.openjdk - maven - Faster Apache Maven Builds - - Friends of OpenJDK - devroom - - <p>Builds require a few properties, chief among them reproducibility. I would consider speed to be low on the order of priorities. However, it’s also one of the most limiting factors to your release cycle: if your build takes T, you cannot release faster than each T. Hence, you’ll probably want to speed up your builds after you’ve reached a certain maturity level to enable more frequent releases.</p> - -<p>I want to detail some techniques you can leverage to make your Maven builds faster.</p> - - - Nicolas Frankel - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:40 - D.openjdk - vaadin - Modern Web Apps, 100% Java: Building Web Apps With Vaadin - - Friends of OpenJDK - devroom - - <p>If you're like most people, the words "Java web app" may conjure up memories of ancient Applets or make you think of multi-page apps built with JSPs or Spring MVC with a "little" jQuery sprinkled in for interactivity.</p> - -<p>In this presentation, we'll take a look at a radically different approach to building web apps in Java.</p> - -<p>Vaadin Flow is a unique web framework that lets you build apps in plain Java using an extensive library of included UI components. The resulting app is a highly-interactive single-page app based on the latest web technologies.</p> - -<p>You'll learn the basics of building apps using this open-source framework and be ready to start turning your idea into an app.</p> - - - Marcus Hellberg - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:40 - D.openjdk - debugger - Polyglot Cloud Native Debugger: Going Beyond APM - - Friends of OpenJDK - devroom - - <p>It's 2022 and we still use logs to debug production issues?</p> - -<p>All the unit tests in the world, the largest QA team still can’t stop bugs from slithering into production. With a distributed microservice architecture debugging becomes much harder. Especially across language &amp; machine boundaries. APMs/Logs have limits. There’s a new generation of tools in town…</p> - <p>Production bugs are the WORST bugs. They got through unit tests, integration tests, QA and staging… They are the spores of software engineering. Yet the only tools most of us use to attack that vermin is quaint little log files and APMs. We cross our fingers and put on the Sherlock Holmes hat hoping that maybe that bug has somehow made it into the log… When it isn’t there our only remedy is guesswork of more logging (which bogs performance for everyone and makes the logs damn near unreadable). But we have no choice other than crossing our fingers and going through CI/CD again.</p> - -<p>This is 2021. There are better ways. With modern debugging tools we can follow a specific process as it goes through several different microservices and “step into” as if we were using a local debugger without interrupting the server flow. Magic is possible.</p> - - Shai Almog - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:40 - D.openjdk - jreleaser - Releasing Fast, Easy, and Consistently - - Friends of OpenJDK - devroom - - <p>When a project has reached that stage when it’s a good idea to post binaries, new questions arise such as where should they be posted? How do make it easier for users to install and discover binaries? Where should releases be shared? Most importantly, can it be automated?</p> - <p>There are so many requirements and considerations depending on the distribution channels, wouldn't be great to have a tool to make it easier? JReleaser is a tool that provides answers to these questions and more., it may be used to create GiHub/GitLab/Gitea releases and publish binaries that can be consumed from different distribution channels such as Homebrew, Snap, Scoop, and more. Once published, the release cab be automatically announced on Twitter, Slack, Gitter, Discord, and other communication channels.</p> - - Ixchel Ruiz - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:20 - 00:40 - D.openjdk - process - An Infallible Process to Fix Production Java Apps - - Friends of OpenJDK - devroom - - <p>Your production Java application stops working. An angry customer is waiting for a fix. Your boss is on the line asking what's going on...</p> - -<p>We have all been there. In such situations solving problems quickly makes you trusted and shows your maturity as a developer. That's what being a senior developer looks like.</p> - -<p>This presentation will guide you through a little-known infallible process used by the top Java experts that can get you out of very hard situations! Troubleshoot any problem in your Java applications by using free and open-source tools available in the JDK -- jps, jinfo, jmap, jstack, jcmd, jhsdb, and jdb.</p> - -<p>Be the go-to person in your team to solve hard problems! Understand the common problems professional Java developers face and how to diagnose and solve them quickly.</p> - - - Vipin Sharma - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:30 - 00:50 - D.geospatial - geospatial_jswebgl - Introducing a new JS+WebGL map library - Or «why neither Leaflet, OpenLayers nor MapLibreGL meet my needs» - Geospatial - devroom - - <p>When putting a map on the web, Leaflet, OpenLayers and MaplibreGL (formerly MapboxGL) are popular Javascript FLOSS libraries to do so. This talk will explore some of their features, architectures and shortcomings; and a brand new JS+WebGL library will be introduced, demoing some of its features.</p> - - - Iván Sánchez Ortega - - - Introducing Gleo - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:40 - D.geospatial - geospatial_arlas - Explore OSM data with ARLAS - Get instant geo-analytic view of billions OSM data entries - Geospatial - devroom - - <p>ARLAS Exploration is geo-analytic solution based on big-data technologies. It helps users who have big volumes of spatio-temporal data, to explore it through analytics and geo-analytics views.</p> - -<p>In this devroom we will use ARLAS to explore OSM data with an Analytic perspective. We will go through the following steps: -- Download and index OSM data in a search engine (Elasticsearch) and make it available to exploration by ARLAS stack -- Configure ARLAS dashboards based on this data and create analytical and geo-analytical views</p> - -<p>We will be able to answer questions such as: -- How many buildings are in the downloaded dataset? And how are they distributed geographically ? -- What are the different existing types of buildings? With what proportions ? -- When this data has been created/edited and with what frequency ?</p> - <p>Gisaïa is a geospatial intelligence company based in France. Gisaïa developed ARLAS Exploration, and has built a robust geo-big data ecosystem to continuously update and run it. ARLAS Exploration is open-source and OGC compliant allowing users to integrate it with GIS platforms lending it to high interoperability. This promotes full access to all types of geospatial data.</p> - -<p>ARLAS Exploration is a powerful geoanalytics platform that developers can build on and data scientists can deploy immediately to go into the depths of their geo-big data. With this devroom, Gisaïa will provide a future-centric geoanalytics tool for participants to easily conduct geo-big data analytics.</p> - -<p>As an example, we will show how to use ARLAS with OSM data and get instantly Geo-analytic insights of it.</p> - - Mohamed Hamou - - - Geo-analytic view of OSM data using ARLAS - Raw OSM buildings viewed with ARLAS - - - Tutorials of how to use ARLAS - ARLAS-stack-OSM-tutorial - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.geospatial - geospatial_digital - Open Geodata Digital Spaces - Exploring the digital spaces of OpenStreetMap - Geospatial - devroom - - <p>Open Source Geotechnologies are developed using various socio-technical systems. Understanding of these systems can help us understand the genealogy of the data generation. There are various applications that transcend from the basic understanding of geospatial as technological systems. I am analyzing OpenStreetMap and trying to define its digital spaces to understand what forms of plurality exist in data production. Conceptualization of Digital spaces of OpenStreetMap is important in order to visualise how we can define ethical boundaries and to answer the underlying question of “what is quality?”. I am currently interviewing, sending out questionnaires to OpenStreetMap users and conducting texture analysis of previous conference talks related to OpenStreetMap. In this talk I would like to present my ongoing progress on the research project OSM Utopia and present the small part in which I would like to increase the support from different researchers and practitioners, which is conceptualizing OpenStreetMap digital spaces. -Furthermore, In this talk I explain how I planned to explore the interconnection and interdependence of analogue and digital spatiality of OSM and different research paradigms that needed to be explored. Also, will share the current progress on the way of defining digital spaces of OpenStreetMap and how we can categorise different analogues and digital assemblages that form these digital spaces. Limitations of these methods are also addressed. End goal that is targeted is that the data quality for OpenStreetMap requires a certain level of rethinking.</p> - - - Muhammad Saleem - - - - - - Connected project OSM Utopia - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:45 - D.geospatial - geospatial_fast - Fast, robust predicates for geometric algorithms - A C++ metaprogramming implementation of fast, robust floating-point arithmetics for geometric predicates - Geospatial - devroom - - <p>Many algorithms, such as geospatial predicates or the construction of Delaunay Triangulations, make use of geometric predicates. Common examples of such predicates are orientation tests for 2D or 3D points. If these predicates are evaluated for floating-point coordinates, they can yield incorrect results due to round-off errors, which can cause algorithms to fail or to return invalid constructions. This talk presents a C++ template metaprogramming implementation of fast, robust floating-point predicates, which guarantee correct results without severe performance penalties.</p> - - - Tinko Sebastian Bartels - - - Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:15 - 00:25 - D.geospatial - geospatial_transport - A Better Public Transport App - - Geospatial - devroom - - <p>In this talk I show the app that I've made in two months while learning the Flutter framework. It was built on open data and open source libraries. But what separates it from the rest is not code - but experience. Maps on mobile screens are hard to do properly, and there's always a temptation to add another screen, another button. Turns out you need a bit more than skills to make a perfect app: at least you need to use it daily.</p> - <p>Last year I moved to Tallinn, Estonia, which is known also by it's public transport system - free for city residents. It is so good, reliable and optimized, that I sold my car and use buses and trams exclusively for all my city travels.</p> - -<p>While planning a transit route is pretty straightforward with an official website, usually I need some transit-related information on the go. On a phone. And that's where both the website and many big and small apps show their imperfections. Download sizes, ads, user interface. Instead of focusing on my problems, I have to learn and work around apps' issues.</p> - -<p>As an open source developer, that seemed not an issue - but a challenge. I've made interactive maps for the past ten years, and I know one should not use these libraries with default settings. Nor one should ever rely on zooming. Could I made a map with apps that doesn't require more than a couple of taps to get all the needed information? How hard would it be to keep number of buttons and other interactive elements to minimum, while not sacrificing functions I need every day?</p> - - Ilya Zverev - - - - - GitHub Repository - Google Play Store - App Website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:35 - D.geospatial - geospatial_grass - Spatial query of coordinate reference systems and its integration with GRASS GIS - - Geospatial - devroom - - <p>I introduce a new open-source geospatial project called ProjPicker (Projection Picker). ProjPicker is a Python module that allows the user to select all coordinate reference systems (CRSs) whose extent completely contains given points, polygons, and bounding boxes using set-theoretic logical operators in a postfix notation. The goal of this project is to make it easy and visual to select a desired projection by location. This project was motivated by a GRASS GIS feature request. A new GRASS GIS module g.projpicker that wraps around this project is already available. As part of its integration with GRASS GIS, this new feature will be added to the GRASS location wizard.</p> - - - Huidae Cho - - - - - ProjPicker GitHub Repository - ProjPicker Documentation - ProjPicker Web - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:45 - D.graphics - lvgl - LVGL: A versatile UI toolkit for MCU & CPU - An UI framework for Eclipse Oniro a cross kernel OS - Graphics - devroom - - <p>LVGL is an open-source graphics library to create embedded GUI.</p> - -<p>By its flexibility, this toolkit is well matching Oniro project's requirements to build a multiple kernel OS for IoT devices or enable interactions in a multiple devices environment.</p> - <p>UI toolkits are well established in CPU world (desktop, mobile), but what about in more constrained system ?</p> - -<p>Often tied to one vendor, the choice is often limited. However OpenSource project LVGL provides everything developers need to create embedded GUI with easy-to-use graphical elements, beautiful visual effects and low memory footprint.</p> - -<p>This library is compact and flexible enough to be thread through a regular Linux system. Of course this will not compete with other popular frameworks like Qt or GTK, but it has some advantages worth sharing: where portability matters more than eye candy features.</p> - -<p>Oniro's Bitbake recipes enable makers to build products with user interface in a Yocto environment that can target different kernels or graphics systems.</p> - -<p>Oniro's blueprints will illustrate integration details to match a product requirement.</p> - -<p>Demos of vending machine (running on Linux+Wayland) or keypad (on Zephyr MCU OS) will be shown too.</p> - - Philippe Coval - Gabor Kiss-Vamosi - - - oniro-lvgl-fosdem2022.pdf - - - LVGL : Light and Versatile Graphics Library - LVGL Sources: - Oniro: The Distributed Operating System That Connects Consumer Devices Big and Small - Join Eclipse's Oniro Project - LVGL on Oniro FOSDEM2022 Presentations Slides (Web with videos) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:45 - D.graphics - turnip - The status of turnip driver development. - What happened in 2021 and will happen in 2022 for turnip. - Graphics - devroom - - <ul> -<li>Explain what turnip driver is about and who are working on it.</li> -<li>Explain what is achieved in 2021 on turnip.</li> -<li>Brief plan for turnip development for 2022.</li> -</ul> - - - - Hyunjun Ko - - - The status of Turnip driver development - - - https://gitlab.freedesktop.org/mesa/mesa - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 01:00 - D.graphics - v3dv - v3dv: Status Update for Open Source Vulkan Driver for Raspberry Pi 4 - - Graphics - devroom - - <p>Igalia has been developing a new open source Mesa driver for the Raspberry Pi 4 since December 2019, and FOSDEM 2021 had a presentation with the status of the driver at that point. This talk will describe the current status of the driver, and discuss the improvements on the driver since last year presentation, focusing on all the work that was done to improve the driver performance, and a high level overview of the path that got the driver Vulkan 1.1 conformant. Finally, we will talk about future plans and how to contribute to the on-going development effort.</p> - - - Alejandro Piñeiro - - - v3dv: Status Update for Open Source Vulkan Driver for Raspberry Pi 4 - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:45 - D.graphics - vulkan_borders - Fun with border colors in Vulkan - An overview of the story behind VK_EXT_border_color_swizzle - Graphics - devroom - - <p>The talk will give an overview of texel input operations according to the Vulkan specification text and how border colors, specified when creating Vulkan samplers, are supposed to fit in them. Then, the VK<em>EXT</em>custom<em>border</em>color extension will be explained together with the problems that were found in it thanks to Mesa's Zink OpenGL-on-Vulkan driver. This lead to the creation of the complementary VK<em>EXT</em>border<em>color</em>swizzle extension recently, which will be explained as well.</p> - - - Ricardo Garcia - - - Fun with border colors in Vulkan - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 01:00 - D.graphics - dmabuffeedback - Optimal buffer allocation on Wayland - linux-dmabuf feedback - Graphics - devroom - - <p>Wayland compositors try to make of most of the hardware by displaying directly without any copy pixel buffers coming from clients such as games, browsers and video players. This lowers battery usage, improves latency and leaves the 3D engine free for clients to use. The display engines found in modern GPUs often can support this zero-copy mechanism only if the buffers have been allocated in a special fashion. However, buffers allocated this way won't be optimal for rendering, and only a handful of buffers can be directly displayed.</p> - -<p>As a result, a trade-off between zero-copy display and optimal rendering needs to be made. The compositor is the natural place where a decision can be made, because it has a global view of all apps which need to be presented. Once the compositor has taken a decision, it needs to be communicated to the clients. The brand new linux-dmabuf feedback protocol enables this negotiation between the compositor and the clients.</p> - -<p>If you're up for some window system integration madness, grab some popcorn and come enjoy the show!</p> - - - Simon Ser - - - - - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:30 - D.hpc - big_data_police_crime - HPC for Social & Crime Science - Big Data in Police and Crime Research - HPC, Big Data, and Data Science - devroom - - <p>Many scientific disciplines have benefitted from the availability of big datasets to develop algorithm supported solutions. Recently, this trend has penetrated the fields of crime and police research. The presentation highlights use cases of big data computation and HPC for typical datasets in crime science: crime records, emergency call data, and police GPS data. The focus lies on spatiotemporal applications (i.e., geocoding, map matching, spatial and temporal algorithms). The datasets come from a collaborative project with a Belgian police force and encompass approximately 200,000 crime records and 400 million individual GPS datapoints (x and y coordinates + timestamp). The project aims at establishing the crime preventive effect of police patrols through a longitudinal research design. Besides offering novel computational solutions for crime scientist, these kinds of datasets introduce important ethical considerations as well as potential biases in human-led data entry and collection. These considerations underline the need for social scientists to become more literate in the computational sciences and support the framework of ‘crime science’ as a discipline of exact methods and data sources.</p> - <p>Many scientific disciplines have benefitted from the availability of big datasets to develop algorithm supported solutions. Recently, this trend has penetrated the fields of crime and police research. The presentation highlights use cases of big data computation and HPC for typical datasets in crime science: crime records, emergency call data, and police GPS data. The focus lies on spatiotemporal applications (i.e., geocoding, map matching, spatial and temporal algorithms). The datasets come from a collaborative project with a Belgian police force and encompass approximately 200,000 crime records and 400 million individual GPS datapoints (x and y coordinates + timestamp). The project aims at establishing the crime preventive effect of police patrols through a longitudinal research design. Besides offering novel computational solutions for crime scientist, these kinds of datasets introduce important ethical considerations as well as potential biases in human-led data entry and collection. These considerations underline the need for social scientists to become more literate in the computational sciences and support the framework of ‘crime science’ as a discipline of exact methods and data sources.</p> - - Philipp M. Dau - - - HPC_DEV_CRI_SLIDES - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.hpc - scip_scalable_cytometry_image_processing_dask - SCIP: scalable cytometry image processing using Dask in a high performance computing environment - A software for distributed processing of bioimaging datasets - HPC, Big Data, and Data Science - devroom - - <p>Bioimage analysis is the process of extracting novel insights from microscopy images of tissues, cells or other biological entities. Many tools, such as ImageJ, QuPath or CellProfiler are heavily used by researchers to quantitatively interpret those complex images. These tools perform tasks such as normalization, image segmentation, image masking or feature extraction. However, these tools are designed for usage on local workstations with a GUI and for the most part only allow vertical scaling to deal with an increase in dataset size. This limited scalability poses a problem as bioimaging datasets keep growing in volume.</p> - -<p>Here, we introduce Scalable Cytometry Image Processing (SCIP). SCIP is an open-source tool that implements single-cell bioimage processing on top of Dask, a framework for distributed computing written in Python. By utilizing Dask to execute all computations, scalability is integral to the software allowing it to be executed on high performance computing clusters. Dask's smart task scheduling ensures computational resources are used efficiently. SCIP also takes advantage of Dask features such as fault tolerance, load balancing or data locality. This allows SCIP to process large datasets more efficiently and more robustly compared to other tools.</p> - <p>SCIP was written in Python, and all code is freely available. It can run in local (single-node) or distributed mode. In the latter, Dask's components communicate efficiently using the MPI standard. SCIP can be used as a stand-alone command line tool, or integrated into existing Python scripts using the API.</p> - -<p>For a similar setup, SCIP showed a 4-fold decrease in runtime compared to CellProfiler. SCIP needed considerably less manual work to prepare the dataset for processing thanks to more efficient data input. Comparisons were executed on the Flemish Supercomputer Center Tier-1 high performance cluster. We processed two cytometry datasets containing images of human blood cells: an imaging flow cytometry dataset containing 270,000 6-channel images of 90 by 90 pixels, and a confocal microscopy dataset containing 869 5-channel images of 1600 by 900 pixels.</p> - -<p>The imaging flow cytometry dataset is processed by SCIP in 484 seconds using 80 workers running on 3 compute nodes. Each node has 24 cores (Intel Xeon E5-2680v4 @ 2.4GHz) and 120GB of memory, which is divided over the workers.</p> - -<p>The microscopy dataset is processed by SCIP in 2187 seconds using 16 workers running on 1 compute node. This node has 32 cores (Intel Xeon Silver 4110 CPU @ 2.10GHz) and 364GB memory, which is divided over the workers. This workflow also uses a GPU (Nvidia GeForce RTX 3090) for identifying the cells in the microscopy images.</p> - - Maxim Lippeveld - - - Video slide deck - - - Github repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.hpc - distributed_join_cratedb - Distributed Join Algorithms in CrateDB - How We Made Distributed Joins 23 Thousand Times Faster - HPC, Big Data, and Data Science - devroom - - <p>Join operator is one of the standard operations available in relational databases. In a large-scale distributed scenario, efficiently implementing joins poses unique challenges as the data is usually spread around a cluster of machines instead of stored on a single machine. The goal of this talk is to illustrate the approach to implementing distributed joins in the CrateDB database that exhibits significant performance improvements compared to the existing algorithms. In the first part of the talk, we will cover the limitations of the nested loop and block nested loop join algorithms. The second part will show how the hash algorithm can work in distributed settings by addressing some of its memory limitations. Finally, we will introduce the distributed block hash join algorithm and how it enables CrateDB to analyze massive amounts of data 23 thousand times faster compared to the initial nested loop implementation.</p> - <p>In relational databases, join operators are usually implemented with nested or block nested loop algorithms. However, in a large-scale distributed scenario, the ability to efficiently query massive amounts of data can be challenging. Traditional approaches in implementations of join operators are no longer enough to achieve the high performance of complex joins in distributed data processing systems. For instance, a nested loop algorithm is relatively simple to implement and could be easily adjusted to execute distributed joins. Unfortunately, it comes with a high-performance cost that equals quadratic time complexity with respect to the number of rows of the two tables joined.</p> - -<p>This talk will show our approach to implementing distributed equi-join operator in CrateDB that exhibits significant performance improvements compared to the original nested loop algorithm. CrateDB is an open-source, distributed SQL database that runs queries on millions of data records daily. It scales up to hundreds of nodes and PBs of indexed data making the performance of join operators highly important: it is required to have efficient algorithms that can scale with the input size.</p> - -<p>More specifically, we explore the implementation of the distributed block hash join algorithm. First, we address the memory limitations of the basic hash join algorithm with a switch to block-based processing. Block-based processing refers to a procedure of dividing a large dataset up into smaller blocks that can be worked on separately. As those blocks can be distributed across the CrateDB cluster the join can be executed in parallel using multiple nodes for increased performance and load distribution. Second, we illustrate the changes in the single node block hash join algorithm to enable its distributed execution.</p> - -<p>To evaluate the performance of distributed block hash join algorithm, we run CrateDB benchmarks against two algorithms: the original nested loop algorithm and the single node block hash join algorithm. The benchmark consists of queries with join operators and runs on tables of various sizes, up to 50 million rows. The final result illustrates that the distributed block hash join algorithm enables CrateDB to analyze massive amounts of data 23 thousand times faster than the initial nested loop implementation.</p> - - Marija Selakovic - - - - - - CrateDB source code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.hpc - multidimensional_bloom_filters - Multidimensional Bloom Filters - A Survey of What, When, Why - HPC, Big Data, and Data Science - devroom - - <p>Claude Warren will present an overview of his recent work to implementing multidimensional Bloom filters. This talk will focus on the implementation of the multidimensional Bloom filters, their current use in modern software, and how they are applicable as a multi-column index, an index into large document collections, or an index to encrypted data. The talk will briefly describe Bloom filters and their construction before discussing strategies for the management of multiple Bloom filters; also known as multidimensional Bloom filters. Data from a comparative analysis of several multidimensional Bloom filter strategies will be presented along with discussion of when to select one implementation over another.</p> - -<p>All source code referenced is under the Apache 2 or similar open source license and is available on Github.</p> - - - Claude Warren - - - Multidimensional Bloom Filters - - - Cassandra Index Code - Proposed commons-collectons4 Bloom filter code - Multidimensional Bloom filter evaluation suite - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.hpc - utilizing_amd_gpus - Utilizing AMD GPUs: Tuning, programming models, and roadmap - - HPC, Big Data, and Data Science - devroom - - <p>During FOSDEM 2021, we presented in the same event the LUMI supercomputer and we discussed about the Open Software Platform for GPU-accelerated Computing by AMD (ROCm) ecosystem, how to port CUDA codes to Heterogeneous Interface for Portability (HIP), and some performance results based on the utilization of NVIDIA V100 GPU. In this talk we assume the audience is familiar with the content of the previous presentation. - One year later, we have executed many codes on AMD MI100 GPU, tuned the performance on various codes and benchmarks, utilized and tuned a few programming models such as HIP, OpenMP offloading, Kokkos, and hipSYCL on AMD MI100 and compared their performance additionally with NVIDIA V100 and NVIDIA A100 (including CUDA). Furthermore, a new open source software is released by AMD, called GPUFort, to port Fortran+CUDA/OpenACC codes to Fortran+HIP for AMD GPUs. In this talk we present what we learned through our experience, how we tune the codes for MI100, how we expect to tune them in the future for LUMI GPU, the AMD MI250X, compare the previously mentioned programming models on some kernels across the GPUs, present a performance comparison for single precision benchmark, discuss the updated software roadmap, and a brief update for the porting workflow.</p> - - - Georgios Markomanolis - - - Utilizing AMD GPUs: Tuning, programming models, and roadmap - - - GPUFort - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.hpc - exascale_pmi - Exascale PMI on a heterogeneous sub-exascale Slurm cluster - - HPC, Big Data, and Data Science - devroom - - <p>PMIx (Process Management Interface exascale) is a de-facto standard providing a very efficient interface to launch and control distributed tasks. It was created for exascale HPC systems, where launching a computational job can involve tens of thousands of nodes and bootstrapping MPI (Message Passing Interface) becomes cumbersome. PMIx reduces launch times in such systems from minutes to a few seconds.</p> - -<p>Even though the lower launch times are less critical in smaller clusters (but always welcome), the high efficiency of PMIx is also desirable at sub-exascale. The low data footprint and data exchange, as well as leveraging fast interconnects is useful on systems with lower-end network fabrics. Moreover, its tight integration with the resource manager is very helpful to minimize idling on clusters with limited resources.</p> - -<p>At VUB (Vrije Universiteit Brussel), we have recently transitioned our tier-2 HPC cluster to Slurm and enabled PMIx in a mixture of TCP and InfiniBand networks. We will share the lessons learned in the process and practical tips to deploy a reliable setup with open source software.</p> - - - Alex Domingo - - - Exascale PMI on a heterogeneous sub-exascale Slurm cluster - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.hpc - signal_processing_cupy - Porting Signal processing algorithms to CuPy for precision measurement - - HPC, Big Data, and Data Science - devroom - - <p>At European Organization for Nuclear Research(CERN), for the alignment of large superconducting magnets and cryogenics, an interferometry based system is being devised to identify the position of their elements. -This technique uses interferometry principle and uses sweeping laser to identify the distance of multiple points using Fourier Analysis. The data acquired from photo-detection module, received after a sweep of laser source, needs to undergo sophisticated post processing to obtain the final results. The system must monitor position of a large number of elements every second. Dealing with 1000s of target points in less than 1 second required time-optimized and precise calculation. Thus, GPU was employed to provide faster and precise results. This required to use signal processing algorithms like: Butterworth Filter, Hilbert Transform, Savitzky-Golay smoothing Filter in GPU. -This talk will cover steps involved in adopting signal processing algorithm to GPU to achieve better performance and understand the effects of parallelism achieved. For the initial development, CuPy library for NVIDIA GPUs is used and later moved to implementation in C. CuPy provides wrapper for most of the CUDA toolkit in Python. We will also provide highlight about performance metrics with respect to increase in the data size and possible optimizations of its processing.</p> - - - Mamta Shukla - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.hpc - pira_performance_instrumentation - PIRA: Performance Instrumentation Refinement Automation - - HPC, Big Data, and Data Science - devroom - - <p>PIRA is a tool to automatically filter and focus Score-P's profiling to relevant program regions. -This involves both static, i.e., source-code feature, and dynamic, i.e., runtime information, analysis. -It uses the whole-program call-graph representation MetaCG for its analyses and has been used for automatic (a) hot-spot detection and refinement, (b) scalability analysis, (c) kernel identification, and (d) MPI load-imbalance detection.</p> - -<p>In this talk, we present an overview of MetaCG and PIRA together with its analyses and a focus on the most recent addition of automatic (MPI) load-imbalance detection. -Our experiments on the SPEC CPU 2006 suite show that PIRA automatically constructs overview measurements with runtime overhead &lt; 10%. -For the load-imbalance detection, our experiments on MPI-parallel LULESH and the Ice-sheet and Sea-level System Model~(ISSM) show that PIRA keeps the runtime overhead below 15%, while correctly identifying the existing load imbalances.</p> - -<p>PIRA and MetaCG are available under BSD 3-clause license at https://github.com/tudasc/pira and https://github.com/tudasc/metacg.</p> - - - Jan-Patrick Lehr - - - PIRA - FOSDEM Abstract - - - PIRA Repository - MetaCG Repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.hpc - woods_ood_generalization_benchmarks - WOODS - A set of Benchmarks for Out-of-Distribution Generalization in Time Series Tasks - HPC, Big Data, and Data Science - devroom - - <p>In the last decade, the field of AI has seen a significant surge in capabilities in machine learning techniques. Nowadays, models with up to billions of parameters are trained for vast arrays of downstream tasks and obtain performance that defies what a lot considered possible 20 years ago. However, the reliance of machine learning models on the spurious correlations often prevents them from learning the intrinsic and invariant features of data, leading to their failure to generalize to Out-Of-Distribution (OOD) data. Understanding and overcoming these failures have led to a research program on OOD generalization.</p> - -<p>The field has been extensively explored in the static computer vision tasks (Domainbed, WILDS) but has been severely underexplored for time series tasks essential for multiple areas of applied machine learning, e.g., medical, finance, communication. We propose a set of new open source out-of-distribution generalization datasets for sequential prediction tasks spanning multiple modalities that act as benchmarks for potential algorithms that promote invariant learning. Along with the datasets, we provide a fair and systematic open-source platform for evaluating the performance of existing and potential algorithms on these datasets. We also provide a leaderboard that currently consists of popular algorithms' performance in the field of OOD generalization.</p> - - - Jean-Christophe Gagnon-Audet - - - - - Project page - Github page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.hpc - hpc_knowledge_base - Bringing together open source scientific software development for HPC and beginners - - HPC, Big Data, and Data Science - devroom - - <p>In the scope of the National Research Data Infrastructure Germany (NFDI) we develop and maintain a knowledge-base with guides and best practices about scientific software development – availabe at https://nfdi4ing.pages.rwth-aachen.de/knowledge-base/.</p> - -<p>With the knowledge-base we pursue the goal to make sustainable software development possible for everybody. Most importantly, we want to encourage people without strong computer science background to apply fundamental best practices, e.g., version control, from the start. We believe this is necessary since many engineers – and not computer scientists – write scientific code. Starting from version control, the topics range to fully automated experiments using CI/CD workflows. Many of the existing examples concern OpenFOAM development due to the knowledge-base’s heritage in TU Darmstadt’s CRC 1194. Since then, we also are working with the Lehrstuhl für Hydromechanik und Hydrosystemmodellierung (LH²) as well as with the Institute of Wasserbau and the Institute of Fluidsystemtechnik at TU Darmstadt.</p> - -<p>While curating the content, which we maintain in a Gitlab repository using the HUGO website generator, we realized that one of the most important additions that we provide is an actively maintained and simple glossary. Especially for people not yet very familiar with the technologies used, the pure number of terms can be intimidating and confusing. Our glossary helps by providing brief explanations of relevant terms used throughout the articles. An addition for which we modified the actual HUGO template is that we provide a taxonomy of articles rather than a pure folder structure to ease the navigation.</p> - -<p>The knowledge-base is an on-going effort in which we appreciate feedback and contributions. In the presentation, we will take a closer look on the different materials provided for people developing software, people using software, and how people can actively contribute to the knowledge base through our peer-review process and material creation.</p> - - - Jan-Patrick Lehr - Moritz Schwarzmeier - - - NFDI4Ing Knowledge Base Abstract - Presentation Slides - - - Knowledge Base presented in the talk - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.hpc - open_source_hep - Open source tooling in High-Energy Physics Software - - HPC, Big Data, and Data Science - devroom - - <p>Particle physics experiments have often had a pioneering role in the use of open source software. In this talk we review the current scientific software ecosystem, with particular emphasis on the tooling to build and deploy the typical software stack of an experiment.</p> - <p>Particle colliders are powered by software, from the simulations supporting their design to the systems controlling the running experiment, and would not be feasible without organizing community efforts into open source projects like Geant4 (simulation of the passage of particles through matter), ROOT (general I/O and analysis toolkit), CVMFS (software deployment) and Indico (event organization) and the python tools of the Scikit-HEP project. -However, the numerous libraries have exploded the software stack of new experiments and require often complex dependency management and build tooling. We show how the Spack package manager can adress these problems and make building complex experiment stacks easy and accessible to everyone.</p> - - Valentin Volkl - - - FOSDEM_heptooling Slides - - - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 12:15 - 00:15 - D.javascript - javascript_welcome_day_2 - JavaScript welcome session - day #2 - - JavaScript - devroom - - <p>A short introduction about JavaScript Devroom with some interesting resources about JavaScript and a presentation about this special second day for the FOSDEM JS Devroom.</p> - - - Ludovic Gasc - Fabien Benetou (@Utopiah) - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.javascript - react - React - React Virtual Dom - JavaScript - devroom - - <p>The talk would center on React Virtual Dom</p> - -<ol> -<li>How React Works</li> -<li>How to handle React Logic</li> -<li>The difference between Virtual Dom and Browser Dom</li> -<li>React Architecture.</li> -</ol> - - <p>Talking about React Architecture, give detail information about how react works</p> - - Gabriel Soft - - - - - My GitHub repository for reference to some react project - Reference to react project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 01:00 - D.javascript - writing_less_insecure_javascript - Writing less insecure JavaScript - Practical tips to rule out common mistakes - JavaScript - devroom - - <p>In 2021 we saw several security incidents. Looking closer at it, some patterns emerge, that could help prevent them in the future.</p> - <p>In this talk, you will learn about some precautions you can take for your code, but also what you can do in your team, your company or as part of a community. -Thinking about code as a communication medium means, we also should look at the people to prevent security incidents.</p> - -<p>You will get practical tips that you can realise today. -There are also some recommendations you should bring up in your team to help you stay safer in the future.</p> - -<p>Since there is so much to talk about, the slides are designed as choose-your-own-adventure, but the presentation itself is following a single path.</p> - - André Jaenisch - - - Writing less insecure JavaScript (Export) - Subtitles (without Q+A) - - - Reveal.js presentation with speaker notes - My Twitter Account - My Homepage - 10 npm Security Best Practices by Snyk - OWASP HTML5 Security Cheat Sheet - How to load subtitle file in VLC - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.javascript - somebody_set_up_us_the_bomb - Somebody set up us the bomb - Expansion attacks in Node.js - JavaScript - devroom - - <p>Denial of Service (DoS) bombs are a rudimentary, yet effective, type of attack that's often easy to understand but hard to protect from.</p> - -<p>In this talk I'll cover some common "bombs" such as XML Bombs, YAMLs Bombs and Fork Bombs, and some basic techniques that can help defend from them.</p> - - - Allon Mureinik - - - Slides from the session - - - Source code for benchmarks shared in the session - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.javascript - shedding_light_on_the_shadow_dom - Shedding Light on the Shadow DOM - Learning how, when, and why to use the shadow DOM - JavaScript - devroom - - <p>In the world of design systems and component libraries, developers need to build encapsulated components so they can confidently use them anywhere in an application. The shadow DOM serves to provide this encapsulation, and ensure that a component’s styles and functionality are not affected in the context of a complete application. In this talk, we’ll learn what the shadow DOM is and how to use it when building reusable components. We’ll use Stencil, a web components compiler, to demonstrate the common use cases of the shadow DOM, and where it fits in the context of a design system.</p> - <p>Using the shadow DOM effectively requires a few strategies that may not be well known to developers who only use the light DOM. In this talk, we’ll see how to take advantage of all kinds of common styling paradigms, from using CSS frameworks to global styles for multiple components, all while maintaining style encapsulation. The shadow DOM, like any tool, should only be used for certain situations, and so we’ll look at when to use and when not to use the shadow DOM. For the times when we can’t use the shadow DOM, we’ll see what other strategies we can use to still achieve encapsulation.</p> - - Anthony Giuliano - - - - - - Stencil Documentation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.javascript - building_a_tiny_javascript_runtime_with_quickjs - Building a tiny JavaScript runtime with QuickJS - How I built a runtime with Duktape and then rebuilt it with QuickJS - JavaScript - devroom - - <p>QuickJS is a (small) JavaScript engine by Fabrice Bellard.</p> - -<p>Over the past 6 years I've built a couple of small JS runtimes, first using Duktape, then using QuickJS. The premise was to always use existing libraries to add functionality, including WASM support.</p> - -<p>This presentation will go through the differences of both libraries and the 2 projects I built leveraging them.</p> - <p>There are many libraries out there which one can use to build a JS runtime these days, with the most well known one being V8.</p> - -<p>Node and Deno are both using V8, but how would a different take at building a JS runtime look like?</p> - -<p>I asked myself this question some years ago and started building a small project with Duktape. That project was ultimately a failure, but I learned very valuable lessons in runtime design and always wanted to revisit that project.</p> - -<p>Fast forward a few years, QuickJS was released by Fabrice Bellard, and I was excited! It was so easy to integrate that I began to implement a new runtime using it. This runtime is called txiki.js and while it's a small project it already integrates libuv for fast networking and the event loop, curl for making HTTP requests and wasm3 for WASM (and WASI!) support.</p> - - Saúl Ibarra Corretgé - - - Slides - - - Duktape JS engine - QuickJS engine - txiki.js runtime - Skookum JS runtime - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.javascript - from_microrepos_to_monorepo - From microrepos to monorepo: thrilling adventures in refactoring - On how to tame, and accelerate, builds and tests in a 25 module monorepo - JavaScript - devroom - - <p>Building a monorepo composed of more than 25 modules, internal dependencies and iOS and Android app to boot is a challenge. Doing so fast and under a certain cost threshold might seem daunting. However, in polypoly we’ve tried to do it for the past few months, creating our own build/test tool with 0 dependencies and a straightforward approach to what a monorepo needs, when it needs.</p> - <p>Testing needs to follow the F.I.R.S.T. principles, of which the first one, Fast, is possibly the most important. Fast testing ensures that developers respond quickly to all kind of testing errors, and of course it keeps the cost of testing low.</p> - -<p>Monorepos have additional challenges: dependencies cross language boundaries, dependence graphs are not explicit, and there's the risk of centralising some, none, or all the submodule upstream dependencies.</p> - -<p>At polypoly we have been using a monorepo since May 2021. In this talk we will show how we have tackled this challenge with a series of GitHub actions, as well as creating a tool, build.js, which is geared towards dealing with monorepos.</p> - -<p>We will show how this tool partially solves the speed issue, and what are our plans, going forward, to make tests faster and deal with implicit dependency graphs. We will also examine best practices in the area of monorepo builds for projects whose majority is written in Javascript/Typescript.</p> - - Juan Julián Merelo - - - - - The polyPod, bringing data sovereignity to the people - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.javascript - web_application_localization_without_tears - Web Application Localization Without Tears - Learn how to translate your JS web app fast - JavaScript - devroom - - <p>“The more languages your software knows, the more of a satisfied users you have". However, current software localization in modern JS frameworks and other software is complicated and fairly time-consuming for all involved participants. Thanks to the in-context localization feature of open-source project Tolgee, this tool offers easier localization process, more relevant translations delivery and finally less work for developers.</p> - -<p>The workshop will contain live demo where I would like to describe using Tolgee JavaScript software development kits on simple React.js web application example. However, Tolgee is currently compatible with other frameworks such as Angular, Svelte, Vue.js or Next.js.</p> - -<p>Participants will learn easy localization workflow using by Tolgee tool, simple localization texts management, how to integrate Tolgee into web app in less than one minute, how to take advantage of different Tolgee features as e.g. automatic generation of screenshots or in-context localization.</p> - - - Jan Cizmar - - - - - Docs - Tolgee Platform Github Repo - Tolgee JS packages monorepo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.javascript - symbols_symbols_everywhere - Symbols Symbols everywhere - - JavaScript - devroom - - <p>As part of javascript ES6 (ECMAScript 2015) a new primitive type called symbols was added to the programming language. It is not a widely talked about feature but useful for certain scenarios.</p> - -<p>The talk will explain the following new features and demo how they are used.</p> - -<ul> -<li>What are symbols and why they were introduced</li> -<li>Use cases for symbols</li> -<li>Why would you use them</li> -<li>Creating and Overwriting symbol methods</li> -<li>Well known symbols</li> -<li>Explore core source code of symbols</li> -</ul> - - - - Martin Naughton - - - - - Personal website that i should start updating more - A company i started building software applications - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.javascript - micro_lc - micro-lc: a new micro-frontend orchestrator - The easiest way to micro-frontend - JavaScript - devroom - - <p>micro-lc enables you to create modular applications composed by multiple, independent micro frontends called plugins integrated at runtime. micro-lc consists of a core interface that loads, embeds, and orchestrates plugins, while providing configuration options and useful out-of-the-box features.</p> - -<p>The core components are written in Typescript and React, micro-lc is technology-agnostic, which means that it integrates seamlessly with your favourite toolkit, being it Angular, React, Vue, or anything else you like.</p> - - - Matteo Pietro Dazzi - - - micro-lc presentation - - - Official website - Source code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:10 - D.kotlin - kotlin_devroom_welcome - Kotlin DevRoom Welcoming Remarks - - Kotlin - devroom - - <p>Welcoming participants to the virtual edition of the Kotlin DevRoom @ FOSDEM</p> - - - Nicola Corti - Martin Bonnin - Marco Gomiero - Holger Steinhauer - Julien Salvi - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:10 - 00:30 - D.kotlin - the_state_of_kotlin - The State of Kotlin - Q1 2022 Edition - Kotlin - devroom - - <p>In 2021 Kotlin turned 10 and the team delivered 2 major releases (1.5.0 and 1.6.0) and a few minors. The main themes of those releases were Java interoperability and consistency of the language features. Meanwhile, Kotlin/JS has been promoted to Beta and KMM is on its path to reaching Beta status as well. However, one long-running project in Kotlin is the development of the new compiler, K2, which should set a solid foundation for the language and the ecosystem for the years ahead.</p> - -<p>This session is an overview of the latest developments in Kotlin: the language, tools, compiler, and the ecosystem around it. We're also going to take a look at Kotlin's roadmap to see where are we heading. Come and learn what's new and exciting!</p> - - - Anton Arhipov - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:40 - 00:30 - D.kotlin - advanced_multiplatform_dependency_injection - Advanced multi-platform dependency injection with Kotlin - - Kotlin - devroom - - <p>Dependency Injection is a complicated topic, and when used in a project that compiles to multiple targets through different compilers &amp; runtimes, it can lead to serious headaches. However, the Inversion of Control pattern brings a lot of architecture features and safety.</p> - <p>In this talk, we will see how to use all the power of Kodein-DI, a popular dependency injection library that works everywhere Kotlin can compile to, in a mobile multi-platform project targeting Android, iOS and the mobile Web.</p> - -<p>We will start by using the dependency injection pattern to abstract and test the behavior of multi-platform business modules. We will then see how to debug common dependency management errors.</p> - -<p>Finally, we will enhance our common code using advanced features of Kodein-DI such as set bindings, lazy access, context, and scopes.</p> - - Romain Boisselle - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:10 - 00:30 - D.kotlin - the_beauty_of_kotlin_typing_system - The beauty of Kotlin typing system - - Kotlin - devroom - - <p>The Kotlin typing system is amazingly designed. It was designed and constantly improved for years, and it was built based on experiences from other typing systems. As a result it gives us very comfortable nullability support, type inference, universal guards, and much more. In this presentation, we’ll dive deep into Kotlin typing systems and how small design choices lead to a better programming experience.</p> - <p>The Kotlin typing system is amazingly designed. It was designed and constantly improved for years, and it was built based on experiences from other typing systems. As a result it gives us very comfortable nullability support, type inference, universal guards, and much more. In this presentation, we’ll dive deep into Kotlin typing systems and how small design choices lead to a better programming experience.</p> - - Marcin Moskala - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:40 - 00:30 - D.kotlin - kotlin_code_first_process_modelling_kalasim - Code-first process modeling and analysis with kalasim - Understand and optimize real-world processes at ease - Kotlin - devroom - - <p>kalasim is a discrete event simulator written in pure Kotlin that enables complex, performant, dynamic process models. It provides a statically typed API, dependency injection, modern persistence, structured logging and automation capabilities.</p> - -<p>kalasim is designed for simulation practitioners, process analysts and industrial engineers, who need to go beyond the limitations of existing simulation tools to model and optimize their business-critical use-cases. In contrast to many other simulation tools, kalasim is neither low-code nor no-code. It is code-first to enable change tracking, scaling, refactoring, CI/CD, unit-tests, and the rest of the gang that makes simulation development fun.</p> - -<p>In the talk, we will learn about its core concepts and study several examples from different application domains.</p> - - - Holger Brandl - - - - - Repo - Documentation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 00:30 - D.kotlin - kotlin_plus_maths - Kotlin + Maths - - Kotlin - devroom - - <p>Grab your notebook cause in this talk, we are gonna talk about Math and Kotlin! Especially in the power that Kotlin has to run long operations and the power to perform some calculations like computing min, max, an average of numbers stored in a list! - from sumOf {} to multi-dimensional arrays to charts!</p> - - - Dinorah Tovar - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:30 - D.kotlin - kotlin_clis_and_starwars - Kotlin, CLIs and StarWars! - An introduction to creating CLI applications with Kotlin using Picocli - Kotlin - devroom - - <p>picoCLI is a small library that can be used to create JVM based command line interface applications. Within 30 minutes, we'll look at how to setup a project, create a small application and package it for others to use.</p> - <p>picoCLI is a small library that can be used to create JVM based command line interface applications.</p> - -<p>Within 30 minutes, we'll look at how to setup a project, create a small application and package it for others to use.</p> - -<p>picoCLI is nice for several reasons : CLIs are a great way to automate some commands we run every day. And because it supports Java and Kotlin, we can keep using our main language of choice rather than having to dive into bash or node. Finally, pico applications can be turned into native images using GraalVM, which allows for a nice end user experience.</p> - -<p>By the end of this talk, you'll have a basic knowledge of what picoCLI can do, how to set it up and hopefully ideas of use cases to run it with!</p> - -<p>This is a byte size presentation so it'll have to go fast!</p> - -<ul> -<li>I'll introduce the project in 5 minutes.</li> -<li>Then jump into a starter project and the basic features of the library around. We will compile and test it live. - 20 minutes</li> -<li>Finally, we will look into some of the advanced features, and check at packaging options for end users - 5 minutes</li> -</ul> - - - Julien Lengrand-Lambert - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:10 - 00:30 - D.kotlin - ksp_and_plugins - KSP and Plugins. Optimizing Kotlin Multiplatform common code - - Kotlin - devroom - - <p>KSP (Kotlin Symbol Processing) is an API from Google for writing Kotlin compiler plugins. Using KSP we can write annotation processors to reduce boilerplate and solve cross-cutting concerns. Also KSP is more effective than KAPT. Among the advantages of using it is the support of Kotlin Multiplatform. -Another way to optimize common code is to use Kotlin plugins. -In my talk I would to like to show some samples how to use own plugins and KSP processing in Kotlin Multiplatform app supporting both iOS and Android.</p> - - - Anna Zharkova - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:30 - D.kotlin - dataclassgenerate_shrinking_kotlin_data_classes - DataClassGenerate. Shrinking Kotlin data classes - - Kotlin - devroom - - <p>This talk is a deep dive into Kotlin data classes optimisations. We will find what optimisations are possible, and how to apply them with Kotlin compiler plugins and Android optimisers.</p> - <p>In this talk: -1. We quantify data classes impact on App size -2. Apply general purpose DEX-code optimizations to data classes -3. Introduce DataClassGenerate (DCG), a Kotlin-specific optimisation fod data classes -4. Observe Kotlin Compiler Plugin API and DCG implementation</p> - -<pre><code>- Describes DataClassGenerate approach - 1. @DataClassGenerate annotation - 2. DataClassGenerate compiler plugin - 3. Kotlin Compiler plugin interaction with Redex -</code></pre> - - Sergei Rybalkin - - - Slides - - - Related slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:10 - 00:30 - D.kotlin - mocking_without_reflection_for_kotlin_multiplatform - Mocking without reflection for Kotlin/Multiplatform - - Kotlin - devroom - - <p>Mocking typically involves reflection: an efficient mocker can create implementations of interfaces or even concrete classes on the go by reflecting on their methods and properties. -These required capabilities do not exist in Kotlin/Multiplatform, so we will explore an alternative method to runtime reflection: a compile-time symbol processor.</p> - <p>Using Mocking as an excuse, we will explore how we can use KSP (Kotlin Symbol Processor) to circumvent the absence of reflection and generate efficient mocks at compile time. We will also see the limitations that multiplatform brings to both the KSP Mocker generator and its associated runtime. We will explain the choices that we made when developing the MocKMP multiplatform mocking library, and why they were needed. We will then demonstrate the clean DSL API we offer to describe and verify your mocks. -Finally, we will demonstrate how to architecture all these moving parts (KSP plugin, mocker generator, mocker runtime) using a custom Gradle Plugin to make using MocKMP as easy as it gets.</p> - - Salomon BRYS - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:30 - D.kotlin - from_mobile_to_backend - From Mobile to Backend with Kotlin and Ktor - - Kotlin - devroom - - <p>As mobile developers, we often see the backend world as something magical that "does things". But what if I tell you that you can easily build a backend even if mobile is your thing?</p> - -<p>With this talk, I want to show how it is possible to bring your mobile knowledge (and shift it a little bit) to build a backend with Kotlin and Ktor. I will show how to structure the project, set up Dependency Injection, connect to a database and test everything to have a working backend ready to be deployed.</p> - - - Marco Gomiero - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:10 - 00:30 - D.kotlin - navigating_between_composables - Navigating between Composables - - Kotlin - devroom - - <p>This session will be about how to use Jetpack Compose navigation in your Compose app. It will include the topic of passing arguments through navigation.</p> - - - Maryam Alhuthayfi - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:40 - 00:30 - D.kotlin - not_only_python_kotlin_for_scripts - Not only Python: Kotlin for scripts - - Kotlin - devroom - - <p>Python is ubiquitous in scripts, and it has definite benefits. However, Kotlin developers don't need to migrate to another stack to create scripts.</p> - -<p>In this talk, I'll show you how I use Kotlin to have an always up-to-date GitHub profile.</p> - - - Nicolas Frankel - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:30 - D.kotlin - gradle_a_deeper_look_at_the_kotlin_dsl - Gradle: a deeper look at the Kotlin DSL - Everything you didn't want to know about Gradle Kotlin APIs - Kotlin - devroom - - <p>Originally designed for Groovy, Gradle now supports writing scripts in Kotlin. Writing your scripts in Kotlin brings more compile-type safety and IDE features but also has a few drawbacks.</p> - -<p>In this talk, we will take a look some widely used Groovy constructs, their Kotlin equivalent and what’s happening under the hood. We will explore how Gradle loads scripts and uses Kotlin compiler flags to allow a the Kotlin DSL syntax.</p> - - - Martin Bonnin - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:30 - D.kotlin - livecoding_a_web_server_with_ktor - Live-coding a web server with Ktor - Set up a web server and a client with Ktor in a live coding session. - Kotlin - devroom - - <p>Ktor is a Kotlin framework dedicated to building asynchronous servers and clients in connected systems. -In this session, I will explain and demo the core concepts of Ktor 2 by live coding an HTTP server from scratch using Ktor Server. -Also, we'll take an overview of Ktor Client, from setting it up to making requests and installing plugins.</p> - - - Renaud Mathieu - - - - - Deploy a microservice in Kotlin with Ktor — Part 1 - Deploy a microservice in Kotlin with Ktor — Part 2 - Deploy a microservice in Kotlin with Ktor — Part 3 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:10 - 00:35 - D.kotlin - refactoring_glided_rose_kata - Refactoring Gilded Rose Kata - - Kotlin - devroom - - <p>Gilded Rose refactoring kata is a coding exercise designed to practice your refactoring and test cases writing skills. In this live coding session I will use the Kotlin version of the kata to show how a sequence of small improvements can make a difference taking program design to a better and more functional place. You will see a few refactoring heuristics, IntelliJ tips and tricks and design emerging from seemingly chaotic code.</p> - - - Dmitry Kandalov - - - - - The Easy Way to Create IntelliJ Plugins at VKUG - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:30 - D.open-hardware - corundum - corundum - From a NIC to a Platform for In-Network Compute - Libre-Open VLSI and FPGA - devroom - - <p>The talk provides an introduction to the corundum project, implementing a 100 GbE NIC based on Commercial-off-the-shelf (COTS) FPGA cards, e.g. Xilinx Alveo Cards. The project consists of all necessary RTL components, e.g. PCIe DMA engine, NIC datapath, MAC, PHY and integration of vendor specific IP cores, such as transceivers and PCIe hard-IP cores. In combination with the provided driver and debugging utility the ready-to-experiment state just requires a supported FPGA card + compiler to kick-off playing with the project.</p> - -<p>The existing state provides the platform for future In-Network Compute platform research, allowing for application logic to be balanced across hardware acceleration and software flexibility. The platform uniquely allows for experiments with lower layer protocols, e.g. PHY layer coding.</p> - -<p>The talk concludes with an overview about short term and mid term goals of the project.</p> - - - Ulrich Langenbach - Alex Forencich - - - Corundum - From a NIC to a Platform for In-Network Compute - - - corundum github repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:50 - D.open-hardware - coriolis2 - Coriolis RTL-to-GDSII Toolchain - State of advancement and planned improvements - Libre-Open VLSI and FPGA - devroom - - <p>Sorbonne Université, in collaboration with Chips4Makers and LibreSOC are -working to provide a complete FOSS toolchain to make ASICs in mature -technological nodes, that is, no smaller than 130nm. We take a circuit -description in HDL, synthetize with Yosys but instead of targetting a FPGA, use -an ASIC standard cell library to get the RTL description. From there, with -Coriolis2, we perform the classical steps of a RTL to GDSII flow, that is, -placement, routage along with very basic timing closure.</p> - -<p>We will particularly focus on last year progresses and present the planned -improvements and new features for 2022.</p> - - - Jean-Paul Chaput - - - - - The Coriolis Documentation - Coriolis repository - Checking/examples toolkit - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:30 - D.open-hardware - openwifipynqz1 - Bring openwifi to PYNQ-Z1 with ultra low cost - - Libre-Open VLSI and FPGA - devroom - - <p>Both software-defined radio and FPGA are interesting. Especially, the combination of AD936X RF transceiver and ZYNQ 7020 level FPGA SoC is capable of running openwifi. Price has been keeping average DIYers away from this kind of platform as evaluation boards from ADI and Xilinx are both extremely expensive. Cheaper ones like ANTSDR exist, but seems all of them have tied the RF and ZYNQ chip together, so these are not suitable for generic ZYNQ development anymore.</p> - -<p>In this talk, I want to introduce an openwifi capable low-cost AD936X extension board design and realization for the wildly available PYNQ-Z1 board by Digilent. This provides openwifi and PlutoSDR functionalities meanwhile keeping the major if not all functions of PYNQ-Z1 intact, with summed price potentially lower than all currently available openwifi capable platforms. Similar designs may also be applicable to other ZYNQ boards like ZYBO Z7-20 or Arty Z7-20, thus these could make openwifi available to much more people, especially those who already have a ZYNQ board. Besides this extension board, I'll also touch on tools and workflows for "modern" circuit board DIY, which enabled me to build this 4-layer board with BGA chip comfortably at home.</p> - -<p>For more about openwifi, please visit the Free Software Radio devroom for "Opensource WiFi chip (openwifi) progress and future plan" on Sunday afternoon.</p> - - - Yimin Gu - - - Slides - - - Board files and introduction - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:50 - 00:20 - D.open-hardware - gtkwavecss - Writing GTKWave documents, with style - A Python-based CSS-like mini language for generating GTKWave documents - Libre-Open VLSI and FPGA - devroom - - <p>GTKWave is a nice tool for displaying signal traces, while developing with Hardware Description Languages, and has many formatting features like changing signal color, grouping signals in a hierarchy, etc. However, it can become tedious to manually edit through the GUI. Also, its document format, while ASCII, is a bit cryptic, and contains extra information pertaining to the GUI (window and panel sizes, last modification date, etc.), making it inconvenient for placing in revision control.</p> - -<p>A Domain Specific Language for generating GTKWave documents was developed, separating signal description and structure from style, not unlike HTML+CSS, but described using Python Lists and Dictionaries. This makes it especially suitable for embedding in Python-based Hardware Description Languages and Simulators.</p> - -<p>While it fits my own needs, I'm hopping to gather some feedback on this tiny library, so it could be made more generally useful.</p> - - - Cesar Strauss - - - Writing GTKWave documents, with style - - - Tutorial - Source code - API documentation - Example usage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 01:00 - D.open-hardware - nmigen - nMigen HDL - a way to create hardware in python - Libre-Open VLSI and FPGA - devroom - - <p>nmigen™ is a tool for creating hardware, whether for ASICs or for FPGAs. it is not itself an actual language (like Verilog or VHDL), and it is not like MyHDL which allows translation of a limited subset of python source code into verilog. Instead, nmigen allows you - in python - to create HDL constructs, and to mix those in with the full power of python OO techniques: objects, classes, even multiple inheritance, which is sorely lacking in the Hardware world.</p> - -<p>this talk will go through the background and origins of nmigen, present a short worked-example, present some best-practices for people wishing to transfer over from another HDL, and cover some of the planned advancements.</p> - - - Luke Kenneth Casson Leighton - - - - - nmigen 1.0 repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:45 - 00:40 - D.open-hardware - efabless - Efabless Open ASICs - an update from Mohamed Kassem - Libre-Open VLSI and FPGA - devroom - - <p>This presentation by Mohammed Kaseem, the CTO of e-Fabless, will outline how e-Fabless is empowering Libre/Open VLSI Hardware development. There are two initiatives: ChipIgnite which provides significantly-reduced cost Shuttle runs, and the Google-sponsored Skywater 130nm Programme.</p> - - - Mohamed Kassem - - - - - Chipignite - efabless Open MPW - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 01:00 - D.open-hardware - libresilicon - Using LibreSilicon - How to actually use the process and scaling it - Libre-Open VLSI and FPGA - devroom - - <ul> -<li>An overview of the minimal process flow</li> -<li>Talking about ways to implement it in a garage/shipping container environment.</li> -</ul> - - - - David Lanzendörfer - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:30 - D.libreoffice - lotech_libreoffice73 - LibreOffice 7.3 New Features - - LibreOffice Technology - devroom - - <p>A summary of LibreOffice 7.3 Community new features, with a specific focus on interoperability with Microsoft Office documents</p> - - - Italo Vignoli - - - LibreOffice 7.3 New Features - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.libreoffice - lotech_devexperience - Improving Developer Experience at LibreOffice - - LibreOffice Technology - devroom - - <p>During the previous years, there has been a lot of efforts to improve developer experence (DX) at LibreOffice with the code that has a long history. In this presentation, I talk about various aspects of these improvements, and also the road ahead.</p> - - - Hossein Nourikhah - - - Improving Developer Experience at LibreOffice - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.libreoffice - lotech_operationalcode - Towards an Operational Code Aesthetics - - LibreOffice Technology - devroom - - <p>Towards an Operational Code Aesthetics</p> - - - Stephan Bergmann - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.libreoffice - lotech_curlbased - Curl based HTTP/WebDAV UCP - How we deleted lots of code - LibreOffice Technology - devroom - - <p>LibreOffice uses <em>Universal Content Provider</em>s to access files via various protocols. Due to accidents of history, LibreOffice contained 2 different <em>UCP</em>s for WebDav and HTTP, one based on <em>neon</em> and the other on <em>Apache Serf</em>, each with different bugs and bugfixes.</p> - -<p>For LibreOffice 7.3, thanks to a tender from The Document Foundation, we have replaced both of them with a new <em>UCP</em> based on <em>libcurl</em>, which is designed to meet all currently known requirements, and is able to use the operating system's TLS stack on Windows and macOS.</p> - - - Michael Stahl - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.libreoffice - lotech_editingsimulation - Editing Simulation - - LibreOffice Technology - devroom - - <p>Performance measurements are really challenging when it comes to real life situations. One of them was a user experience while typing on a document. This presentation covers that how we can achieve reliable and repeatable performance tests by implementing clever tools. These tools allow us to find out what happens in the background when a lot of people are typing rapidly and what we can optimize out of it.</p> - - - Mert Tümer - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.libreoffice - lotech_improvedcoverage - Improved coverage analysis for LibreOffice's CI - Our journey towards deeper integration of coverage analysis tools into Jenkins CI - a PrototypeFund project - LibreOffice Technology - devroom - - <p>Improved coverage analysis for LibreOffice's CI. Our journey towards deeper integration of coverage analysis tools into Jenkins CI - a PrototypeFund project</p> - - - Thorsten Behrens - - - talk slides as PDF - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.libreoffice - lotech_libreofficekit - LibreOfficeKit recent developments - - LibreOffice Technology - devroom - - <p>Come and hear about how LibreOffice can be used by other applications via its C++ API called LibreOfficeKit. Its primary use is for document conversion or editing the documents in Collabora Online.</p> - -<p>We are extending the LibreOfficeKit as necessary, and this presentation will talk about the recent developments there.</p> - - - Jan Holesovsky - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.libreoffice - lotech_libreofficegtk4 - LibreOffice GTK4 Port - A status update - LibreOffice Technology - devroom - - <p>Update on of the current state of the GTK4 port of LibreOffice with walk-through.</p> - - - Caolán McNamara - - - slides - - - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.libreoffice - lotech_onlineperformance - Online performance - making collaborative editing quicker - LibreOffice Technology - devroom - - <p>Online performance wins making collaborative editing in your browser quicker.</p> - <p>Collabora Online has a novel model that allows re-using the core LibreOffice Technology to provide rich collaborative editing. Recently we have been been focusing our development on improving the 'feel' and slickness of document editing as a key part of user experience. We have also been working on improving editing performance with larger numbers of concurrent active editors.</p> - -<p>Come and hear about the things that we've found and fixed, both in COOL and also in the LibreOffice core to improve interactivity and to make collaborative editing fly.</p> - - Michael Meeks - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.libreoffice - lotech_lowa - LOWA - LibreOffice WebAssembly - Most recent updates, working code, and ample stories of how we got to have LibreOffice run natively in a browser - LibreOffice Technology - devroom - - <p>LOWA - LibreOffice WebAssembly. Most recent updates, working code, and ample stories of how we got to have LibreOffice run natively in a browser.</p> - - - Thorsten Behrens - - - talk slides as PDF - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.libreoffice - lotech_buildingcoolui - Building Collabora Online UI based on the LibreOffice components - - LibreOffice Technology - devroom - - <p>JSDialog is a "framework" for sharing UI components between Collabora Online and LibreOffice. It was used to bring sidebar, notebookbar and dialogs to the web. It provides native HTML widgets connected to the original LibreOffice code, giving the user rich editing options even on a mobile devices. This talk is a short summary - briefly describing how it works and what is already done.</p> - - - Szymon Kłos - - - Building Collabora UI based on LibreOffice components - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.libreoffice - lotech_coolkubernetes - Collabora Online on kubernetes - Kubernetes setup & deployment - LibreOffice Technology - devroom - - <p>Demonstration of how to deploy the online using kubernetes.</p> - - - Pranam Lashkari - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.libreoffice - lotech_coolasyncsaving - Collabora Online: Async-Saving Design and Testing - - LibreOffice Technology - devroom - - <p>Collabora Online enables viewing, editing, and the collaboration on documents, presentations, and spreadsheets from the convenience of a browser. This talk will explore the challenge of saving and uploading documents to the storage server in an asynchronous way, to improve user experience, better performance, and higher reliability and resiliency. The talk will cover both the design and the challenges of testing a highly critical component of a production product.</p> - - - Ashod Nakashian - - - Collabora Online AsyncSave Design Ashod FOSDEM 2022 - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.libreoffice - lotech_somethingaboutqa - Things you can test in a UITest - - LibreOffice Technology - devroom - - <p>Something about QA</p> - - - Xisco Fauli - - - slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:20 - D.libreoffice - lotech_macrodialog - Macro Dialog feature - - LibreOffice Technology - devroom - - <p>The implementation of a Macro Selector Dialog on client side to execute VBA macros on the server side.</p> - - - Henry Castro - - - Macro Dialog feature - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:20 - 00:40 - D.libreoffice - lotech_odftoolkit - News from the ODF Toolkit - - LibreOffice Technology - devroom - - <p>New ODF Toolkit releases have been released. -How can it help you? Where are we striving for?</p> - <p>New ODF Toolkit releases have been published. -What's missing from the 1.0? -How can it help you? Where are we striving for? -What will be next? What are the synergies between ODF TC? -No incident having ODF Toolkit Co-maintainers and ODF TC Co-editors Michael Stahl and Svante Schubert lined up!</p> - - Svante Schubert - - - - - - ODF Toolkit website - ODF Toolkit GitHub page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 10:00 - 00:30 - D.matrix - matrix_state_of_the_union - The Matrix State of the Union - What's the Matrix Core Team up to? - Matrix.org Foundation & Community - devroom - - <p>The Matrix core team is busier than ever, juggling hundreds of Matrix Spec Core Proposals and undergoing some major techtonic shifts as Matrix evolves into the ultimate secure decentralised communication network. In this talk, we'll give a high-level survey of the state of the core project, including: - * How we're ensuring that flagship clients are as attractive as possible to a mainstream audience - and why we will fail if we don't. - * How we're making Matrix go <em>fast</em> via v3 sync and fast room joins - * How matrix-rust-sdk is becoming a flagship client SDK - * How we're getting a full end-to-end security of the reference Matrix stack - * How we're tackling abuse on the public Matrix network - * How Matrix is evolving to use cases beyond chat.</p> - - - Matthew Hodgson - - - - - Matrix.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:20 - D.matrix - matrix_next_gen_interfaces - The next generation of Matrix interfaces - How we're changing the face of bridge and bot integrations in Matrix - Matrix.org Foundation & Community - devroom - - <p>Matrix has already got the solid framework of many bridge and bot implementations, but has always been missing that polish to make the bridges more accessible.</p> - -<p>In this talk, Will will explain how we're going to build our bridges with an all-new interactive interface and replacing old bot command interfaces with widget based interfaces.</p> - - - Will Hunt - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:50 - 00:20 - D.matrix - matrix_opsdroid - Opsdroid - Building a bot using Python3 - Matrix.org Foundation & Community - devroom - - <p>Opsdroid makes building bots easy with it's modular concept of Connectors, Matchers &amp; Skills. -In this talk I want to showcase how easy it's to build bots using Opsdroid.</p> - <p>We start with a simple "hello bot" and end with a Bot, which uses Rasa NLU (Natural Language Understanding), an AI based platform, to recognize the intent of a message.</p> - - Oleg Fiksel - - - Slides - - - Opsdroid Home - Code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:10 - 00:30 - D.matrix - matrix_events_uninitiatied - Events for the Uninitiated - A Junior's Guide to Events in Matrix - Matrix.org Foundation & Community - devroom - - <p>Events are at the heart of the Matrix Protocol, but what are they? And how does the Protocol build on them to create rooms, room graphs, and other data structures? This talk aims to demystify some of these concepts, giving an overview of events, room event graphs, and associated structures. In the spirit of accessiblity, there will be an attempt to make the talk as approachable as possible for those without a ton of programming experience (although some basic knowledge will be helpful!). We will look at the Matrix specification and if time permits, may even dig into some code in Synapse. If you're interested in hacking on Matrix/Synapse but are newish to programming or intimidated by the core spec, or are just curious, this talk is for you!</p> - - - H. Shay - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:40 - 00:30 - D.matrix - matrix_fast_sync - Making /sync go fast - A deep-dive into Sync v3 - Matrix.org Foundation & Community - devroom - - <p>A deep-dive into Sync v3: a super-fast API to sync Matrix clients with their homeserver. The talk is broken up into a brief history of syncing in Matrix to set the scene before we dive into the problem space and explore how Sync v3 is different and how it addresses one of the most important and complex parts of the Client-Server API: syncing.</p> - <p>Sync v3 is the third iteration of the syncing protocol in Matrix. The first was the now-deprecated /initialSync + /events and the second, still in use today, is /sync. We'll explore why the protocol needed to change then and why the protocol needs to change again now. As part of this, we'll look at <em>how</em> servers implement the /sync v2 API and the constraints they have to work with to explain why /sync can be so slow.</p> - -<p>Armed with this knowledge, we'll work out the aims/goals of a new hypothetical syncing protocol, along with the competing concerns around complexity, speed, bandwidth and flexibility. We'll then look at the Sync v3 proposal and explore the tradeoffs that were made in its design. This will be complemented with demos and diagrams throughout.</p> - - Kegan Dougal - - - - - Sync v3 proxy server - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:10 - 01:00 - D.matrix - matrix_rust_sdk - The matrix-rust-sdk - One SDK to rule them all - Matrix.org Foundation & Community - devroom - - <p>Matrix (https://matrix.org) is an open protocol for secure, decentralised communication - defining an end-to-end-encrypted real-time communication layer for the open Web. Historically the network has been made up of newly written native Matrix clients, or bridges to 3rd party existing chat systems (e.g. Slack, Discord, Telegram).</p> - -<p>The matrix-rust-sdk is a modular Matrix client library, meant to be a robust implementation of the protocol, and to make even the most advanced features such as E2EE easy to use. -This talk will walk you through the design decisions and the tradeoffs that come with it, give you an overview of where we're at and where we're going with Web-Assembly, and finally what the future holds for the matrix-rust-sdk. Finally it will be connected to a real-life example of software using the matrix-rust-sdk: Fractal-Next.</p> - <p>Matrix (https://matrix.org) is an open protocol for secure, decentralised communication - defining an end-to-end-encrypted real-time communication layer for the open Web. Historically the network has been made up of newly written native Matrix clients, or bridges to 3rd party existing chat systems (e.g. Slack, Discord, Telegram).</p> - -<p>The matrix-rust-sdk is a modular Matrix client library, meant to be a robust implementation of the protocol, and to make even the most advanced features such as E2EE easy to use.</p> - -<p>It's a flexible library which can be used both to extend existing projects or to create new ones. It is notably used in the 18 years old IRC client WeeChat to teach it to speak Matrix. It has also been used as base for the re-write of GNOME's Matrix client Fractal.</p> - -<p>Thanks to its very modular nature, clients can either use the whole SDK, like WeeChat and Fractal do, or a sub-component. Element R uses matrix-rust-sdk's crypto crate via Kotlin bindings.</p> - -<p>This talk will walk you through the design decisions and the tradeoffs that come with it, give you an overview of where we're at and where we're going with Web-Assembly, and finally what the future holds for the matrix-rust-sdk. Finally it will be connected to a real-life example of software using the matrix-rust-sdk: Fractal-Next.</p> - -<p>Fractal is a popular Matrix chat client for the GNOME desktop which has been in development since 2017. Fractal was designed to work well for collaboration in large groups, such as free software projects. -For a long time there were two main areas that needed improvements: performance and maintainability were limited. What’s more, it lacked end-to-end encryption (E2EE) support.</p> - -<p>Over the course of 2021 we spent countless hours rewriting Fractal from scratch and now we are close to the first release. Fractal-next is built on top of the matrix-rust-sdk, a set of libraries that help to build Matrix clients. The client, still written in Rust, now uses GTK4. During development, the focus was on performance, maintainability and E2EE. And of course, we kept mobile support.</p> - - Julian Sparber - Damir Jelić - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:10 - 00:05 - D.matrix - matrix_mmo_browser - Building an MMO browser game on Matrix - Managing auth and saves in Matrix - Matrix.org Foundation & Community - devroom - - <p>I'm working on a Massive Multiplayer Online (MMO) browser game which uses Matrix for authentication, authorization and storing save states. -Lobbies and characters are managed as Matrix rooms which allows players to have a copy of their character's data at all times, migrate it to other Matrix accounts or share a character with friends.</p> - <p>What if games allowed you to really own your online characters? -If an online video game shuts down, your character is gone. -All progress, all contacts, all items – lost to you and not available for migration.</p> - -<p>I'm building a tiny proof of concept browser game where you log in with your Matrix account. -All your characters are represented by Matrix rooms and you can migrate them to other Matrix accounts and other gaming servers.</p> - -<p>Instead of sending all communication via Matrix this concept uses a public server software and central gaming servers (HTTP and websockets in this case). -Upon character creation, a game server invites you to your character's room. Every time your character changes the server updates a state event. -If the server gets shutdown, it's easy to set up a new server which allows to migrate character rooms from the old server. -Furthermore, players can analyze their characters without the need to contact the gaming server.</p> - - Christian Paul - - - - - Demo server - Source code - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:15 - 00:05 - D.matrix - matrix_chat_stat - ChatStat - An R package for Matrix stats - Shiny stats for your community goodness - Matrix.org Foundation & Community - devroom - - <p>Remarkably, the Matrix community still does not seem to have a equivalent to things like the venerable mIRCstats or PISG packages (which generate data based on a local IRC log). In this lightning talk, I'll present a new package I'm working on to present similar data for Matrix rooms. We'll have a quick demo and lots of pretty graphs to look at.</p> - <p>ChatStat aims initially to replicate the same kind of HTML report that these older packages created, and we'll show how to use it on your own host to generate stats for your rooms using the Matrix API.</p> - -<p>Since Matrix has bridges, we can also directly gather data on these from connected rooms (e.g. the screenshot shows the split between Matrix and IRC users over a 2 week period) and we will show how to accomplish this too.</p> - -<p>Lastly we'll talk about the underlying data structure and how to use it to build new graphs that ChatStat does not yet do itself.</p> - -<p>Who is this talk for: Anyone who runs one or more Matrix rooms and wishes to generate visualisations of them. Or anyone who likes pretty graphs :)</p> - - Greg Sutcliffe - - - - - GitHub page - Matrix Discussion Room - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:20 - 00:05 - D.matrix - matrix_cinny - Cinny - elegant, modern and secure matrix client - Matrix.org Foundation & Community - devroom - - <p>This talk is about a Matrix client called <a href="https://cinny.in/">Cinny</a>. It is built using reactjs on the top of matrix-js-sdk.</p> - -<p>The main focus behind making Cinny is to have a client that is simple, elegant and doesn't feel heavy on end user. Cinny was launched publicly in end of July 2021 and since then it has matured a lot. Cinny has support for end-to-end encryption with options to import and export encryption keys. It also has basic support for Spaces (coolest feature of Matrix). Cinny also has ton of other features most notably full UIAA (User-Interactive Authentication API including SSO Login), carefully crafted themes, Rich replies, Reactions, Markdown and the list goes on.</p> - -<p>Our roadmap also includes some other great features in near future; such as room settings, full support for spaces and later a responsive interface that also support mobile screens. We are also working on standalone app of Cinny using Tauri (exciting thing here is that app size is considerably less and doesn't require to have chromium to work).</p> - - - Ajay Bura - - - Slides - - - Project website - Github repository - Matrix room - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:25 - 00:05 - D.matrix - matrix_collabs - Collaborative Apps over Matrix using the Collabs Library - - Matrix.org Foundation & Community - devroom - - <p>I will demo Google Docs-style collaborative apps that communicate entirely through Matrix. This means they inherit Matrix's nice properties, including E2EE, decentralization, and user control.</p> - -<p>Under the hood, the apps use Collabs, a TypeScript library I'm developing. Collabs provides collaborative data structures - specifically CRDTs. These are classes that have APIs like ordinary data structures (Map, Array, etc.) but also automatically sync between clients, guaranteeing eventual consistency. I will briefly describe the unique features of Collabs and show what it's like to program an app using the library.</p> - - - Matthew Weidner - - - Collabs Slides PDF (no GIFs) - - - Collabs npm package - Demo site - Slides (with GIFs) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:05 - D.matrix - matrix_diy_photoframe - Create a DIY photoframe using matrix - How to create a DIY photoframe with a raspi and transfer the photos via matrix - Matrix.org Foundation & Community - devroom - - <p>In this presentation I'd like to show you how I created a little DIY photoframe with a raspberry pi and an old TV-screen and how I extended the photo transfer using matrix. -There is already a nice project "photOS" which is a lightweight linux for a DIY photoframe. -Thanks to opensource software I was able to extend it in order to transfer the files not via WebDAV but with matrix having end-to-end encryption as well.</p> - - - dirk - - - - - The photOS linux repo - The photOS fork which supports matrix - The photOS matrix client - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:35 - 00:05 - D.matrix - matrix_custom_stickers - Custom Stickers and Emotes in Matrix! - MSC2545 Demo - Matrix.org Foundation & Community - devroom - - <p>To some stickers and emotes might look nonsensical and disrupting conversations. For others it is a tool to build a community around. In this talk I will present a <a href="https://github.com/matrix-org/matrix-doc/pull/2545">Matrix Spec Change proposal</a>, that allows you to provide your own sticker and emote packs for your community and will compare it to the other proposals. I'll describe how you can share them and create your own. I'll demo the implementation in 1 (or maybe 2?) clients, give an explanation of how they work and how they might evolve in the future.</p> - - - Nicolas Werner - - - - - The MSC - Old and bad demo I did - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:05 - D.matrix - matrix_decentralized_annotations - Decentralized Collaborative Annotations using Matrix - - Matrix.org Foundation & Community - devroom - - <p>This talk showcases Matrix Highlight, a tool built on top of the Matrix protocol to collaboratively annotate and comment on pages on the internet. By building on top of Matrix, we get decentralized, federated, and open web (or more) annotation. This talk will cover a demonstration, using Matrix events for non-messaging purposes, and the benefits of building on Matrix.</p> - - - Daniel Fedorin - - - - - GitHub link for the project - Introductory blog post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:45 - 00:05 - D.matrix - matrix_fluffychat - FluffyChat - Little showcase of the cutest messenger in the [matrix] - Matrix.org Foundation & Community - devroom - - <p>FluffyChat is a cute and easy to use matrix client for all platforms. The app has a Telegram/Signal-like design and user experience and is published as free software. In this lighting talk I would like to show the features and how it is possible to write an open source app, which makes fun.</p> - - - krille - - - - - FluffyChat website - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:50 - 00:05 - D.matrix - matrix_command_control - Matrix for Command and Control Information Systems - - Matrix.org Foundation & Community - devroom - - <p>To enable collaborative work, we will extend our Command and Control Informations System ODIN (https://github.com/syncpoint/ODIN) with the ability to share its data by employing Matrix spaces and rooms</p> - <p>ODIN uses the concepts of projects and layers that contain geo-features. We will show how we map these concepts to spaces and rooms in order to enable collaboration between an arbitrary number of users. Whenever a feature gets changed by one user, we publish a message that contains an action in the corresponding room so other users can apply these actions to their local copy.</p> - - Thomas Halwax - - - ODIN Open source C2IS Replication with Matrix - - - ODIN project page on GitHub - ODIN project page - ODIN matrix space - https:// - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:55 - 00:05 - D.matrix - matrix_power_worker - Matrix for Worker Power - Introduction to Wobbly - Matrix.org Foundation & Community - devroom - - <p>How a movement communicates determines the structure and success of that movement. It could even be said that a movement is the way that it communicates. The labour movement has existed for centuries. Can Matrix increase the movement's power in the next decade and beyond?</p> - <p>Wobbly is a chat app built on Matrix designed for bottom-up worker organising to build a democratic economy and society.</p> - -<p>We're excited about the potential of the Spaces API and the custom JSON events system to build a very powerful tool for democratic self-organising spaces.</p> - -<p>While the project has existed in some form since 2015, we started using Matrix at the start of 2020 and have made much more progress in that time.</p> - - John Evans - - - - - Wobbly matrix app - Wobbly site - Deployed version of wobbly matrix app - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:10 - 00:30 - D.matrix - matrix_ansible - Ansible + Matrix: Through The Looking Glass - A 6 month reflection on the Ansible Community's journey with Matrix - Matrix.org Foundation & Community - devroom - - <p>In August 2021, the Ansible community <a href="https://github.com/ansible-community/community-topics/issues/36">voted</a> to accept Matrix as an official chat platform (alongside and equal to IRC). This marked a major evolution in the communication of the project, and opened the door to more ways for us to connect with each other. It also followed a substantial amount of planning from the community team, in terms of architecture we had in mind. In this talk, we'll take a look back over our original architecture &amp; proposal, how the rollout has gone, and where we think we're going next.</p> - <p>There's much we <em>could</em> cover in this talk, but we'll definitely have content on the 2-homesever architecture we used (and why), on how adoption is going with our community (bridges will feature here, at least) and community building &amp; promotion (expect armchair-sociology while I talk about rich interaction mediums, but also things like newsrooms, interaction fragmentation, etc). I'll also be attempting to gather some feedback from our community to present as well.</p> - -<p>Who is this talk for: We hope it'll be of interest to anyone thinking of recommending Matrix for their community - whether a FOSS community, or more generally, there's things to think about first and arguments that can be re-used. There will also be interest for existing Matrix users too, in terms of lessons learned and wishlist features for the future.</p> - - Greg Sutcliffe - - - - - Ansible Community Space - Ansible Community Docs - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:30 - D.matrix - matrix_moderation - All things with moderation - All about moderation in Matrix - Matrix.org Foundation & Community - devroom - - <p>So you want to moderate your Matrix room, or perhaps your homeserver? You're in the right place. -In this presentation, we'll talk about both the core concepts of federated moderation in Matrix and the main moderation tools. Expect to hear about power levels, redactions, quarantine, abuse reports, Mjölnir and plans for the near future!</p> - - - David Teller - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:10 - 00:30 - D.matrix - matrix_p2p_pinecone - Growing Pinecones for P2P Matrix - The journey so far of building an overlay network - Matrix.org Foundation & Community - devroom - - <p>The success of P2P Matrix depends on an overlay network which can provide good connectivity between users, and scale appropriately. For that we built Pinecone, an implementation of a new routing scheme called "SNEK", along with tools to simulate and to measure various properties such as routing table size and convergence times. This talk will explore some of the core design elements and the challenges of building a decentralised routing protocol.</p> - - - Neil Alexander - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:40 - 00:30 - D.matrix - matrix_filesystem - Self-sovereign end-to-end encrypted file storage on Matrix - How we built a file system on top of Matrix - Matrix.org Foundation & Community - devroom - - <p>Matrix is an open source project run by the non-profit Matrix.org Foundation dedicated to building an open protocol and communication network for decentralised, encrypted communication - providing a viable open alternative to WhatsApp, Slack, Discord and other proprietary communication silos.</p> - -<p>During 2021 we have been exploring how the Matrix protocol can be used for decentralised, end-to-end encrypted online document storage and collaboration as an alternative to centralised proprietary services such as Dropbox and Box. In this talk we will show off our progress so far and the further work that we have planned.</p> - <p>Matrix is essentially a generic mechanism for replicating structured data over a decentralised network of untrusted servers. The first use cases of Matrix have focused on instant messaging and VoIP, but during 2021 we’ve been experimenting with replicating different types of structured data - such as MSC3089 (https://github.com/matrix-org/matrix-doc/blob/travis/msc/trees/proposals/3089-file-tree-structures.md), which models each Matrix room as a directory, which can contain subdirectories by acting as a Matrix Space, which in turn can contain files as normal Matrix file uploads described by appropriate state events. We’ve also been looking at further expressing the file data as structured trees of Matrix events.</p> - -<p>Meanwhile, the need for self-sovereign file-storage and collaboration systems is growing ever more obvious, given the risks of trusting your data unilaterally to a proprietary and typically unencrypted 3rd party cloud service. However, there is currently a trade off between the typical productivity gains from non-privacy centric online collaboration versus the more limited pro-privacy solutions currently available.</p> - -<p>Can Matrix support the next generation of privacy-centric collaboration applications? Providing document and file storage capabilities is one of the areas we’re looking at.</p> - -<p>Topics that we will cover: -* File and folder semantics -* Version history -* Sharing and access control -* Document editing -* Use cases: demos -* Matrix protocol specification work to standardise approach and support interoperability -* Files SDK for JavaScript to make it easy to get started -* Next steps</p> - - Hugh Nimmo-Smith - - - - - Matrix - MSC3089: File tree structures - matrix-files-sdk npm - Web demo using matrix-files-sdk - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:30 - D.matrix - matrix_threading - Mission: threading for all - - Matrix.org Foundation & Community - devroom - - <p>Our mission, if we choose to accept it, is to expand the capabilities of Matrix and Element. Driven by user needs and a desire to deliver threads through teamwork...</p> - <p>In the past few months we were on a mission to bring threading to Matrix. -We first wanted to discover how suited to this problem the current protocol is, and to better understand the users' expectations. -It soon became clear that we would have to make updates to the specification in order to deliver the experience we think will make this feature successful</p> - - Germain Souquet - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:30 - D.matrix - matrix_extend_synapse - Beyond the Matrix: Extend the capabilities of your Synapse homeserver - How to add custom features to Synapse with modules - Matrix.org Foundation & Community - devroom - - <p>Synapse is the main Matrix homeserver implementation, and is maintained by the Matrix.org Foundation. One of the lesser-known features of Synapse is its module system, which allows any developer to write custom functionalities for it, and to extend its capabilities beyond the scope of the Matrix specification.</p> - -<p>In this talk, I will cover the current state of Synapse's module system, which has recently been subject to a big overhaul, as well as how to write and use a simple module.</p> - - - Brendan Abolivier - - - Slides - - - Documentation - ModuleApi class and documentation - Module template - Matrix Live on Synapse modules - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:10 - 00:30 - D.matrix - matrix_mls - MLS meets Matrix - - Matrix.org Foundation & Community - devroom - - <p>MLS (Messaging Layer Security) is an upcoming IETF standard for messaging systems. In this talk, I will discuss some of the work in integrating MLS with Matrix. This will include:</p> - -<ul> -<li>why we would want to use MLS</li> -<li>making MLS work in a decentralised messaging system</li> -<li>how MLS concepts can fit into Matrix</li> -<li>what will be needed to migrate to MLS</li> -</ul> - - - - Hubert Chathi - - - - - Introduction to how MLS works - Notes on how to use MLS in a decentralised setting - My TypeScript implementation of MLS (Decentralised version in decentralised2 branch) - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:40 - 00:20 - D.matrix - matrix_metaverse - Native Group VoIP and Metaverse on Matrix - Building the Matrix with Matrix - Matrix.org Foundation & Community - devroom - - <p>In this talk we'll explain how we've added native decentralized E2E encrypted group video calling to Matrix via MSC3401 (https://github.com/matrix-org/matrix-doc/blob/matthew/group-voip/proposals/3401-group-voip.md), and how this not only provides "decentralized Zoom" style functionality for Matrix, but can also be used as the voice, video and realtime gameplay backbone for building a genuinely decentralized, equitable, free and open piece of the Metaverse on top of Matrix.</p> - -<p>We'll go over how 1 to 1 calls work in Matrix today, our Jitsi widget we've used for group calls so far, and the changes we've made to support native group calls in Matrix. We'll also show off some early concepts for our "Metaverse on Matrix" project, Third Room. Which uses this group call work as well as many other open standards to build a platform for virtual worlds on top of Matrix rooms.</p> - - - Robert Long - - - - - Matrix.org - MSC3401 - Open Metaverse Interoperability Group - Matrix Video Chat Repo - Third Room Repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:10 - D.monitoring - moniobserv2022open - Monitoring and Observability devroom: Opening - - Monitoring and Observability - devroom - - <p>Opening!</p> - - - Richard Hartmann - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:10 - 00:40 - D.monitoring - adapting_otel - Adopting OpenTelemetry and its collector - - Monitoring and Observability - devroom - - <p>In this session, we’ll see why we adopted OpenTelemetry &amp; its collector for an internal platform at Ubisoft - to collect/process/export all our logs, metrics, and traces. -We’ll explain how we handled the required mindset change: why people should instrument more their code, and how to onboard them. -And of course, we’ll talk about the benefits of fully adopting OpenTelemetry.</p> - -<p>The intended audience is people who want to adopt OpenTelemetry, or who are already using part of it - for example the SDK for tracing - and are considering a full switch.</p> - - - Vincent Behar - - - slides - - - The OpenTelemetry project - The OpenTelemetry Collector - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:50 - 00:40 - D.monitoring - multi_dc_cloud_native_observability - Bootstrapping a multi dc cloud native observability stack - - Monitoring and Observability - devroom - - <p>A gentle introduction to Observability and how to setup a highly available monitoring platform across multiple datacenters.</p> - -<p>During this talk we will investigate how we can setup and monitor an monitoring setup across 2 DCs using Prometheus, Loki, Tempo, Alertmanager and Grafana. monitoring some services with some lessons learned along the way.</p> - - - Bram Vogelaar - - - Bootstrapping a multi-DC Observability Stack - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:40 - D.monitoring - pyroscope - Introduction to Continuous Profiling using Pyroscope - How to debug performance issues using profilers - Monitoring and Observability - devroom - - <p>Profiling is an effective way of understanding which parts of your application are consuming the most resources. Traditionally, logs, metrics and traces have been considered the three pillars of observability, but more recently profiling has emerged as a fourth pillar to be used alongside these other observability tools.</p> - -<p>Continuous Profiling, in particular, adds a dimension of time that allows you to understand your system’s resource usage (i.e. CPU, Memory, etc.) over time and gives you the ability to locate, debug, and fix issues related to performance.</p> - -<p>In this talk, we'll present Pyroscope, an Open Source Continuous Profiling platform, explain the particular challenges it needs to tackle and showcase how it can be used to analyze and fix performance bottlenecks:</p> - -<ul> -<li>Describe what Continuous Profiling is and what it brings to the observability universe.</li> -<li>Present Pyroscope, an Open Source Continuous Profiling platform, on a high level.</li> -<li>Dig deeper into Pyroscope's internals, explaining the particularities of its storage engine and how it allows doing Continuous Profiling at scale.</li> -<li>Showcase specific use cases and examples where profiling can be and has been used to detect, analyze and fix performance bottlenecks.</li> -</ul> - - - - Ryan Perry - - - - - Pyroscope github repo - Presentation Slides - Pyroscope storage design - Brendan greg flamegraph post - Parca github repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:40 - D.monitoring - monitoring_kafka_using_ebpf - Monitoring Kafka without instrumentation using eBPF - A talk about Pixie, Kafka and what's next in observability - Monitoring and Observability - devroom - - <p>In this session, we’ll see eBPF monitoring in action applied to the Kafka world as an example of a complex Java application: identify Kafka consumers, producers, and brokers, see how they interact with each other and how many resources they consume. We'll even show how to measure consumer lag without external components. If you want to know what’s next in Java and Kafka observability in Kubernetes, this session is for you.</p> - <p>Imagine a world where you can access metrics, events, traces, and logs in seconds without changing code. Even more, a world where you can run scripts to debug metrics as code. In this session, you will learn about eBPF, a powerful technology with origins in the Linux kernel that holds the potential to fundamentally change how Networking, Observability, and Security are delivered.</p> - -<p>We’ll see eBPF in action applied to the Kafka world using Pixie: we’ll identify Kafka consumers, producers, and brokers, see how they interact with each other and how many resources they consume. We'll even learn how to measure consumer lag without external components. If you want to know what’s next in Kafka observability, this session is for you.</p> - - Anton Rodriguez - Ruizhe Cheng - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:40 - 00:40 - D.monitoring - periskop - Periskop: Exception Monitoring at Scale - A pull-based exception monitoring service inspired by Prometheus - Monitoring and Observability - devroom - - <p>This talk is aimed for engineers operating in distributed environments (or microservices) interested in monitoring exceptions at scale. We introduce the open source project "Periskop", a pull-based exception monitoring service built at SoundCloud and inspired by Prometheus.</p> - <ul> -<li>What problems did we encounter with the traditional push-based model for exception monitoring. - -<ul> -<li>Thundering herd issues with bad deployments</li> -<li>Difficulty navigating large volumes of logs for identifying exceptions</li> -</ul> -</li> -<li>An alternative pull-based model that scales well with the number of exceptions and instances. - -<ul> -<li>Aggregation + sampling for concrete occurrences</li> -<li>Limitations and trade-offs (short lived processes and fork-based application servers)</li> -</ul> -</li> -<li>An implementation of such model into the open source project "Periskop" - -<ul> -<li>Initial Development</li> -<li>Server and client-libraries</li> -<li>Newly added features and roadmap (push-gateway, federation, time series visualization, integrations)</li> -</ul> -</li> -</ul> - - - Jorge Creixell - Marc Tuduri - - - Slides - - - Periskop-Dev Org - Main Project - Original Blog Post - What's New with Periskop in 2022 Blog Post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:40 - D.monitoring - cloud_native_profiling - Profiling in the cloud-native era - - Monitoring and Observability - devroom - - <p>Continuous profiling is a widely used practice at Google but has only recently started gaining popularity in the Observability space, however, resources on this topic are still rare compared to other observability signals especially on open source projects. -This talk intends to educate the wider community about the possibilities of continuous profiling, and give a glimpse into open-source tooling allowing everyone to join in on the practice and enabling everyone to build better software.</p> - <p>For years Google has consistently been able to cut down multiple percentage points in their fleet-wide resource usage every quarter, using techniques described in their “Google-Wide Profiling” paper. Ad-hoc profiling has long been part of the developer’s toolbox to analyze CPU and memory usage of a running process, however, through continuous profiling, the systematic collection of profiles, entirely new workflows suddenly become possible.</p> - -<p>Matthias will start this talk with an introduction to profiling with Go and demonstrate via Parca - an open-source continuous profiling project - how continuous profiling allows for an unprecedented fleet-wide understanding of code at production runtime.</p> - -<p>Attendees will learn how to continuously profile code to help guide building robust, reliable, and performant software and reduce cloud spend systematically in various languages.</p> - - Matthias Loibl - - - - - Google-Wide Profiling: A Continuous Profiling Infrastructure for Data Centers - Parca - Open Source infrastructure-wide continuous profiling - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:40 - 00:40 - D.monitoring - unikraft - Unikraft Performance Monitoring with Prometheus - - Monitoring and Observability - devroom - - <p>Unikraft, and similar unikernels, offer isolation by running a single application inside a separated virtual machine. As such, extracting information from the machine can prove difficult. Moreover, because Unikraft offers support for running a single process at a time, alternate solutions had to be found for exporting data. Prometheus is a common tool used to collect and visualize data that offers decoupling from the observed system, as such, we saw it as a prime candidate for exporting information.</p> - -<p>Our solution was to port a Prometheus exporter inside Unikraft as a separate library and run it on a separate thread. Information from the unikernel is extracted by Prometheus through an intermediary library, named ukstore, that behaves like a simplified ProcFS. ukstore offers an easy method for accessing information and metrics from the system. Using Prometheus with Unikraft, we are thus able to extract performance metrics from highly-specialized virtual machines, store them in a time series database and display them using plots.</p> - <p>The main interface between configuration and statistics data from Unikraft and applications is ukstore. It is based on ProcFS and offers easy “folder/data” access. This solves the problem of searching through headers to find functions that offer information. The main advantage of ukstore is that all of its setup is done at build-time so there is no impact on the boot-time. Furthermore, it has flexibility, by offering the possibility to create both static entries (created at build-time) and dynamic entries (created at run-time).</p> - -<p>Metrics inside Unikraft are provided by the libraries that generate them. As such, every library can contain functions that offer usage data. At the moment, work was done to offer metrics related to memory, networking, and thread-locking, with metrics related to file systems and the CPU underway. The end goal is to cover as much of the known metrics from Linux, offered through ProcFS, and expose them through ukstore.</p> - -<p>Porting a Prometheus exporter came with the challenge of finding one with the least amount of dependencies, whilst still retaining the usual format. We chose an exporter and adapted it through patches to successfully interact with Unikraft and exposed available performance metrics through it. With all the above puzzle pieces put together, Unikraft instances can be monitored reliably with a minimal impact on the performance of the instances themselves.</p> - - Cezar Craciunoiu - - - Unikraft Performance Monitoring with Prometheus - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:20 - 00:40 - D.monitoring - learn_from_otel_traces - What More Can I Learn From My OpenTelemetry Traces? - - Monitoring and Observability - devroom - - <p>Of the three observability data types supported by OpenTelemetry (metrics, logs, and traces) the latter is the one with most potential. Tracing gives users insights into how requests are processed by microservices in a modern, cloud-native architecture.</p> - -<p>Jaeger and Grafana can visualize a single trace, showing how an individual request traversed your entire system. This helps for distributed debugging and analysis, but using traces only this way is limiting.</p> - -<p>What if you stored tracing data in a SQL database? You could ask global questions about your system. You could find slow communication paths, where the error rate spiked since the last deployment, or where the request rate suddenly dropped. Thus, tracing can be used proactively to help you spot issues before your customers do.</p> - -<p>This talk will show you how to do all the above by ingesting OpenTelemetry traces into a PostgreSQL/TimescaleDB database, and building custom dashboards using SQL to make the most out of your tracing data.</p> - <ul> -<li>What is a trace?</li> -<li>What is OpenTelemetry?</li> -<li>View an OpenTelemetry trace in Jaeger</li> -<li>Overview of OpenTelemetry trace data model</li> -<li>How it might be represented in a relational-database model - PostgreSQL</li> -<li>Demonstrate a variety of SQL queries which provide insights into a system explaining the value</li> -<li>View these queries in a Grafana dashboard</li> -</ul> - - - John Pruitt - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:25 - D.mysql - mysql_flame - Flame Graphs for MySQL DBAs - Yet another way to visualize performance data - MySQL - devroom - - <p>Flame graph is way to visualize profiling data that allows the most frequent code paths to be identified quickly and accurately. They can be generated using Brendan Gregg's open source programs on github.com/brendangregg/FlameGraph, which create interactive SVG files to be checked in browser. The source of profiling data does not really matter - it can be perf profiler, bpftrace, Performance Schema, EXPLAIN output or any other source that allows to convert the data into the expected format of comma-separated "path" plus metric per line.</p> - <p>Different types of Flame Graphs (CPU, Off-CPU, Memory, Differential etc) are presented. Various tools and approaches to collect profile information of different aspects of MySQL server internal working are presented Several real-life use cases where Flame Graphs helped to understand and solve the problem are discussed.</p> - - Valerii Kravchuk - - - - - - My talk on similare subject at recent Percona Live - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:25 - D.mysql - relational_model_dev - The relational model in the modern development age - Towards an improved operational paradigm, illustrated by Vitess - MySQL - devroom - - <p>Relational databases have invested in the performance of the relational model, but not as much in developer flows, creating an operational barrier driving developers away. We present an improved paradigm that brings back ownership into developers hands, illustrated by recent developments in Vitess.</p> - <p>The relational model is one of the oldest surviving models in computer science. But while relational databases have evolved to meet modern load, throughput and scalability needs, they have not evolved as much to meet developers' needs.</p> - -<p>The schema, at the heart of the relational model, remain a major operational blocker in modern development flows. Developing and deploying schema changes is unlike any other development and deployment flow in practice today. Operational complexity and constraints, lack of conflict resolution, difficulty or inability to undeploy, and the need to understand database internals, all make relational schema development deter developers, who look for other solutions elsewhere.</p> - -<p>In this session we will review these impediments and how they came to be, and offer a modern take, that gives developers back their ownership of their data and flows. Recent developments in Vitess, an open source CNCF project, introduce new capabilities that change the relational development paradigm. We will discuss:</p> - -<ul> -<li>Development flow: hiding the operational complexity</li> -<li>Deployments and scheduled schema migrations</li> -<li>Undeploy: revertible changes</li> -<li>Align schema and code: declarative schemas, idempotent deployments, and version control</li> -</ul> - - - Shlomi Noach - - - - - Vitess project page - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:25 - D.mysql - proxysql_cluster - ProxySQL Cluster: challenges and solutions to synchronizeconfigurationacross multiple decentralized cluster nodes - - MySQL - devroom - - <p>As a reverse proxy for MySQL databases, ProxySQL is being used in various infrastructure sizes and it is not surprising to see deployments with thousands of nodes running. Such large deployments introduce some interesting challenges because nodes can be initialized or destroyed at any time. -This session will describe the challenges in configuring such large deployments of nodes, the most common external tools to configure ProxySQL, and then focus on improved ProxySQL native clustering solutions that allows auto-discovery, bootstrap, and a distributed decentralized reconfiguration.</p> - - - René Cannaò - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:25 - D.mysql - pxc_non_blocking - Percona XtraDB Cluster(PXC) Non blocking operations, what you need to know to avoid pitfalls - - MySQL - devroom - - <p>Performing simple DDL operations as ADD/DROP INDEX in a tightly connected cluster as PXC, can become a nightmare. -Metalock will prevent Data modifications for long period of time and to bypass this, we need to become creative, like using Rolling schema upgrade or Percona online-schema-change. -With NBO, we will be able to avoid such craziness at least for a simple operation like adding an index. -In this brief talk I will illustrate what you should do to see the negative effect of NON using NBO, as well what you should do to use it correctly and what to expect out of it.</p> - - - Marco Tusa (the Grinch) - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 01:00 - D.mysql - mysql_clusterset - MySQL InnoDB ClusterSet - The integrated solution for disaster recovery of InnoDB Clusters - MySQL - devroom - - <p>MySQL InnoDB ClusterSet brings multi-datacenter capabilities to our High Availability solutions and makes it very easy to set up a disaster recovery architecture. Think multiple MySQL InnoDB Clusters into one single database architecture, fully managed from MySQL Shell, and with full MySQL Router integration to make it easy to access the entire architecture.</p> - -<p>In this session, we will cover the various use-cases and features of InnoDB ClusterSet while guiding you on how to set it up from an existing InnoDB Cluster, extend it, manage it, and deal with the various possible failures, all using Shell's AdminAPI. We will also cover each individual feature of MySQL Router integration which makes connections to the database architecture easy.</p> - - - Kenny Gryp - Miguel Araújo - - - MySQL InnoDB ClusterSet - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:25 - D.mysql - mysql_k8s_demystified - MySQL on Kubernetes demystified - How foolishness can lead you to fell in a very dangerous trap - MySQL - devroom - - <p>The constant pressure to move DATA in containers and Kubernetes is creating a lot of confusion and misunderstanding. <br/> -This is particularly dangerous when talking about Relational Database Management System.<br/> -MySQL, as well as Oracle, Postgres or SQL Server, is a RDBM, as such subject to the erroneous interpretation caused by this new crazy shining things that will solve all. -In this short talk we will clarify, that first of all, we are not looking to something new and second why we need to be very careful when talking about using Kubernetes and containers for RDBMS.</p> - - - Marco Tusa (the Grinch) - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 01:00 - D.mysql - mysql_operator_k8s - MySQL Operator for Kubernetes - - MySQL - devroom - - <p>On both, public and private clouds, Kubernetes is the most commonly used Orchastration framework for managing cloud services. Aside from management of microscervices it can be extended with operators for managing more complex services. The new MySQL Operator for Kubernetes is such an operator, automating MySQL InnoDB Cluster Management inside Kubernetes and integrated product of the MySQL product family. - In this session lead developer Johannes Schlüter will discuss how the MySQL Operator works and how it can automate deployment and management of InnoDB Cluster inside Kubernetes.</p> - - - Johannes Schlüter - - - Demo Runbook - MySQL Operator - - - GitHub - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:45 - D.mysql - mysql_component - Newest MySQL component services features - or how to make an HTTP server accessing table data in a component - MySQL - devroom - - <p>We will explore the latest component services offered by the server. And then we will check how one can use the table access service to make a HTTP server component that allows access to table data via HTTP without a middle-man.</p> - <p>The MySQL development team is constantly adding new and very useful component services. These can be leveraged by creative component authors to produce useful MySQL server add-ons. Check the latest additions to the service list and see some of them in action through a HTTP server component that serves table data.</p> - - Joro Kodinov - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:15 - 00:35 - D.mysql - mysql_pitr_rockstar - MySQL 8.0: Logical Backups, Snapshots and PITR like a rockstar - - MySQL - devroom - - <p>Logical dumps are becoming popular again. MySQL Shell parallel dump &amp; load utility changed to way to deal with logical dumps, certainly when using instances in the cloud. -MySQL 8.0 released also an awesome physical snapshot feature with CLONE.</p> - -<p>In this session, I will show how to use these two ways of saving your data and how to use the generated backup to perform point-in-time recovery like a rockstar with MySQL 8.0 in 2022 !</p> - - - Frédéric Descamps - - - MySQL 8.0 - Backup and Point-in-time Recovery like a rockstar - - - MySQL Community Server - lefred's blog: tribulations of a MySQL Evangelist - The Oracle MySQL Blog - Planet MySQL - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:55 - 00:10 - D.mysql - mysql_backup - Why your backup strategy is wrong? - A brief overview of MySQL backup concepts - MySQL - devroom - - <p>"If you have a hammer, all you see is nails." also known as the Law of the Instrument describes the cognitive bias that involves over-reliance on a familiar tool. To protect MySQL data, a DBA must have a toolbox full of the proper utensils. To know only one approach is not enough.</p> - <p>In this talk, we will cover the following topics: -- Why your backup strategy is probably wrong? -- The Schröendinger Backup -- Backups: Cold, hot... and warm? -- The right answer is not always the logical one. -- Replication is not the solution. -- Point-in-time recovery. -- Don't try this at prod: Test your backups.</p> - - Pep Pla - - - Why your backup strategy is wrong? - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:10 - 00:50 - D.mysql - efficient_mysql - Efficient MySQL Performance - A Book in 40 Minutes - MySQL - devroom - - <p>This presentation introduces the major topics and most important points of the new book <a href="https://oreil.ly/efficient-mysql-performance">Efficient MySQL Performance</a> published by O’Reilly (Dec. 2021). And like the book, this presentation is intended for software engineers using MySQL, not managing it (but DBAs are gladly welcomed). In 40 minutes, we’ll quickly cover topics including query metrics, indexes and indexing, data access patterns, server metrics, and more. At the end, you’ll have a “lay of the land” for understanding the aspects of MySQL that affect performance, and you’ll understand where to go and what to learn next to increase performance.</p> - - - Daniel Nichter - - - - - Efficient MySQL Performance (O’Reilly) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:25 - D.mysql - mysql_cpu - MySQL Performance on Modern CPU: Intel vs AMD vs ARM - - MySQL - devroom - - <p>For years CPU choice for MySQL was pretty boring - just chose what Intel Made CPU you want. In recent years the situation changed with AMD producing very competitive Server grade CPUs and ARM going from being the leading CPU manufacturers for low-power gadgets to being inside some of the highest performance server chips.</p> - -<p>In this presentation, we will look into current CPU choices through MySQL Lense - which CPUs provide the best performance for single threaded and high concurrency workloads and which help to achieve the best price/performance.</p> - - - Peter Zaitsev - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:25 - D.mysql - mysql_recap - Release Note Highlights from 2021 - Recap '23 to '27 - MySQL - devroom - - <p>The new releases of MySQL Server in 2021 had some very interesting changes. This session covers the highlights, the contributions, and changes made during the last year. After 25 years of MySQL, there are still plenty of new features in the code. This is a quick catchup for those who have not perused the release notes.</p> - <p>The new releases of MySQL Server in 2021 had some very interesting changes. This session covers the highlights, the contributions, and changes made during the last year. After 25 years of MySQL, there are still plenty of new features in the code. This is a quick catchup for those who have not perused the release notes.</p> - - Dave Stokes - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 13:00 - 00:30 - D.network - using_ndpi_to_efficiently_classify_network_traffic - Network Traffic Classification for Cybersecurity and Monitoring - - Network - devroom - - <p>Security and monitoring applications need to classify traffic in order to identify applications protocols, misuses, similarities, communications patterns not easily identifiable by hand. nDPI is a library that implements various algorithms for traffic analysis able to detect outliers, anomalies, traffic clusters, behavioural changes efficiently in streaming (i.e. while traffic is flowing). Goal of this presentation is to show how nDPI can be used in real life to inspect network traffic and spot patterns worth to be analysed in detail.</p> - <p>Modern network security and monitoring applications need to analyse traffic efficiently in streaming fashion (i.e. while traffic is flowing). This is in order to detect interesting traffic patterns in realtime without dumping data on a database and performing computationally expensive queries in batches. Many network developers do not have skills for efficiently analyse traffic, and data scientists often do not have skills to understand the complex nature of network traffic. For this reason nDPI, a popular open-source deep packet inspection library, has been enhanced with various algorithms and techniques that dramatically simplify traffic analysis and that should ease the creation of applications able to efficiently spot traffic patterns and anomalies. -This talk will introduce some of these algorithms present in nDPI and show how they can be used in real-life at high-speed, contrary to many applications that are inefficient and often based on languages (e.g. Python and R) that are not designed to analyse traffic in streaming at 10 Gbit+ on commodity hardware.</p> - - Luca Deri - - - Presentation slides - - - nDPI - Open and Extensible LGPLv3 Deep Packet Inspection Library. - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.network - why_rule_based_monitoring_is_still_great - Why rule-based monitoring is (still) great - - Network - devroom - - <p>A rules-based approach has been the standard in network monitoring for many years, for a good reason. In this talk, we'll recap the advantages of a rule-based approach and how it's still relevant to this day. The speaker will also show how you can implement rules using <a href="https://checkmk.com/">Checkmk</a>, an open source IT monitoring software and discuss the entry of AI technology into infrastructure monitoring.</p> - - - Faye Tandog - Robin Gierse - - - - - Checkmk - Everything monitored - Checkmk FOSDEM Stand - Checkmk Stand Matrix Room - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:20 - D.network - peer_to_peer_hole_punching_without_centralized_infrastructure - Peer-to-peer hole punching without centralized infrastructure - How libp2p can traverse NATs and firewalls without coordination through central STUN and TURN servers. - Network - devroom - - <p><a href="https://libp2p.io">libp2p</a> is a universal, cross-platform, multi-language, modular peer-to-peer networking library powering multiple large-scale networks, for example IPFS.</p> - -<p>In the first part of the talk we’ll present the basic building blocks of the library and explain how they fit together. In the second part, we’ll take a closer look at the recently added decentralized hole punching feature, allowing NAT and firewall traversal without the need for any central coordination servers (STUN and TURN).</p> - - - Max Leonard Inden - - - slides.pdf - - - libp2p - Official Website - libp2p - Specifications - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:20 - D.network - keep_appetite_for_the_stats - Keep appetite for the stats, it costs nothing - Presentation of the statistics consumption model in VPP from the costless low-level design to their exploitation in userspace - Network - devroom - - <p><a href="https://fd.io/">VPP (aka Vector Packet Processing)</a> is a fast network stack running in Linux userspace. -It is designed to handle packets with high performance, which makes gathering statistics efficiently a must have.</p> - -<p>The model that has been chosen in <a href="https://fd.io/">VPP</a> to provide up to date statistics is built upon shared memory and optimistic locking. -The counters are updated in this shared memory at a rather low cost by the data plane and can be read out at almost any time by all the consumers. -We will first describe this model in more details.</p> - -<p>The consumption of these stats may take various forms depending on the use case and the application needs. -That's why we have developed different high-level components to access them:</p> - -<p>1) A filesystem in userspace: thanks to <a href="https://github.com/hanwen/go-fuse">go-fuse</a>, we can mount a filesystem ordering statistics in folders and files, in a similar fashion to '/proc' in Linux</p> - -<p>2) A <a href="https://prometheus.io/">Prometheus</a> agent: applied to <a href="https://github.com/calico-vpp">Calico/VPP</a>, a new dataplane for <a href="https://www.tigera.io/project-calico/">Calico</a> - the popular cloud native <a href="https://kubernetes.io/">Kubernetes</a> network plugin - based on <a href="https://fd.io/">VPP</a>. Prometheus is integrated as a monitoring tool in order to export our statistics in the form of real-time metrics collected from targets. Metrics come from our pod interfaces statistics, and targets are <a href="https://github.com/calico-vpp">Calico/VPP</a> agents running on our <a href="https://kubernetes.io/">Kubernetes</a> cluster nodes.</p> - -<p>During the presentation, you will have a quick demo of these components.</p> - - - Arthur de Kerhor - Hedi Bouattour - - - VPP stats segment & consumers - - - FD.io VPP dataplane - go-fuse Github repo - Prometheus - Kubernetes - Calico project - calico-vpp Github project - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:20 - D.network - comparing_dpdk_rcu_and_user_space_rcu_library - Faster memory reclamation with DPDK RCU - Comparing the DPDK and Userspace RCU libraries - Network - devroom - - <p><a href="https://www.dpdk.org">DPDK</a> added a RCU library with a novel method to reclaim resources. We have been running tests to understand the performance differences between the <a href="https://www.dpdk.org">DPDK</a> RCU and the <a href="https://liburcu.org/">user space RCU library</a>. In our tests, we find that <a href="https://www.dpdk.org">DPDK</a> RCU can perform reclamation faster and perform significantly better when pre-emptive readers are involved. Other than the performance, <a href="https://www.dpdk.org">DPDK</a> RCU has several advantages such as not requiring a background thread for reclaiming resources and the ability to integrate with existing libraries without having to modify the application.</p> - -<p>This talk will present various testing done on <a href="https://www.dpdk.org">DPDK</a> RCU and the <a href="https://liburcu.org/">user space RCU library</a> and their results. It will go into the details of pre-emptive reader problem, which affects use cases beyond <a href="https://www.dpdk.org">DPDK</a>, and show that <a href="https://www.dpdk.org">DPDK</a> RCU library can reduce the reclamation time significantly.</p> - - - Nathan Brown - - - Faster Memory Reclamation with DPDK RCU- Slides - - - DPDK RCU Programmer's Guide - DPDK Homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.network - evolution_of_vpp - BGP/OSPF with VPP at >100Mpps - Introducing the Linux Controlplane - Network - devroom - - <p>In this talk, we will demonstrate high performance routing using open-source <a href="https://fd.io">VPP</a> and it's underlying <a href="https://dpdk.org">Data Plane Development Kit</a>. This talk highlights the authors work on integrating the Linux ControlPlane which makes BGP, OSPF, etc available with VPP. We'll then turn to a popular DPDK based loadtesting tool <a href="https://trex-tgn.cisco.com">TRex</a>, and discuss performance benchmarking results from the field using the author's <a href="https://ipng.ch/">AS8298</a> as practical example.</p> - - - Pim van Pelt - - - IPng Networks - VPP - - - Articles describing VPP work - VPP homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.network - predictable_network_traffic_in_kubernetes - Predictable Network Traffic in Kubernetes - - Network - devroom - - <p>The software applications of the Cloud Native era have a huge dependency on the network, these microservices are bound to a single concern and utilize the network to communicate with each other. The dependency on the network continues to grow as more and more microservices depend on it. However, there is no way to predictably leverage the network for the specific demands of your application. What if we could tag certain applications as needing a priority from the network. This would enhance the networking capabilities offered from Kubernetes and compliment the deployment of applications that require predictable behavior of the network.</p> - <p>More industries are migrating to Kubernetes and evolving their knowledge of the Cloud Native ecosystem. As this trend accelerates, apps with specialized requirements are emerging, such as high-priority apps. High-priority apps require predictable high performance, which can be difficult to achieve in clusters with 100s or 1000s of containers. They require and expect platform capabilities such as dedicated resources, less context switching, and efficient packet processing. In the context of the network, high-priority apps need to execute predictably, leaving no room for extra jitter. Pinning CPU cores may help with determinism but introduces a platform-specific mechanism that fails to embrace the abstraction of Cloud Native deployments. This presentation will cover application-specific queuing and steering technology that dedicates hardware NIC queues to application-specific threads of execution.</p> - - Dave Cremins - Abdul Halim - - - Predictable Network Traffic in Kubernetes - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.network - contour_kubernetes_ingress_controller_and_much_more_101 - Contour - Kubernetes Ingress Controller and much more 101 - Introduction to Contour and Contour community! - Network - devroom - - <p>Contour is an open source Kubernetes Ingress controller providing the Control Plane for the Envoy Edge and Service proxy. Contour supports dynamic configuration updates and multi-team Ingress delegation out of the box while maintaining a lightweight profile. Contour is currently CNCF Incubating project!</p> - -<h1>In this talk:</h1> - -<p>We will do a Contour 101 intro, do a short demo of some of the deployment methods for Contour inside a Kubernetes cluster, demonstrate some of Contour's main features, and highlight the benefits Contour can bring to your setup. Along the way, we will walk though Contour's architecture we will also touch base on the Contour community, including how the community works and why we think you will want to join us!</p> - -<h1><strong>Come and joins us!</strong></h1> - <p>Orlin Vasilev aka Orlin - Community Manager for Contour - past life: +15 years of SysAdmin/Infra Engineer/Cloud Engineer/DevOps/SRE</p> - - Orlin Vasilev - - - Slides - - - Project's GitHub - Project's Home Page - Kind's Home Page - Kubernetes' Page - Demo and Slide deck - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.network - kubernetes_networking_is_there_a_cheetah - Kubernetes networking : is there a cheetah within your Calico? - Even faster kubernetes clusters with Calico, VPP and memif - Network - devroom - - <p>Kubernetes is great, containers are lightweight &amp; disposable, networking is simple yet powerful. But when -it comes to network oriented applications, oh that can be slow !</p> - -<p>That's how the Calico/VPP integration first came up, as a way to address performance bottlenecks, making -VPP's performance the motor of Calico's functionalities in Kubernetes. It speeds up container -networking, but also allows us to expose even faster functionalities directly to the applications. -So with this in place, how can we go even faster, while still preserving the Kubernetes abstractions ?</p> - -<p>We'll present how applications can leverage userspace interfaces, what this allows regarding -network performance &amp; additional functionalities and how the Calico/VPP integration makes this happen -under the hood.</p> - - - Nathan Skrzypczak - Christopher Tomkins - - - FOSDEM 2022 Calico_VPP is there a cheetah within your Calico - - - Calico-VPP dataplane - Project Calico - VPP fd.io - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:30 - D.network - challenges_and_opportunities_in_performance_benchmarking_of_service_mesh_for_the_edge - Challenges and Opportunities in Performance Benchmarking of Service Mesh for the Edge - - Network - devroom - - <p>As Edge deployments move closer towards the end devices, low latency communication among Edge aware applications is one of the key tenants of Edge service offerings. In order to simplify application development, service mesh architectures have emerged as the evolutionary architectural paradigms for taking care of bulk of application communication logic such as health checks, circuit breaking, secure communication, resiliency (among others), thereby decoupling application logic with communication infrastructure. The latency to throughput ratio needs to be measurable for high performant deployments at the Edge. Providing benchmark data for various edge deployments with Bare Metal and virtual machine-based scenarios, this paper digs into architectural complexities of deploying service mesh at edge environment, performance impact across north-south and east-west communications in and out of a service mesh leveraging popular open-source service mesh Istio/Envoy using a simple on-prem Kubernetes cluster. The performance results shared indicate performance impact of Kubernetes network stack with Envoy data plane. Microarchitecture analyses indicate bottlenecks in Linux based stacks from a CPU micro-architecture perspective and quantify the high impact of Linux’s Iptables rule matching at scale. We conclude with the challenges in multiple areas of profiling and benchmarking requirement and a call to action for deploying a service mesh, in latency sensitive environments at Edge.</p> - <p>The pervasiveness of Edge computing and Service Mesh constructs within a cloud native environment have almost been at the same time during last few years. Requirements of Edge compute to be able to unify both Information &amp; Communication Technology (ICT) and Operational Technology (OT) have brought together cloud native deployments and microservice based service offerings to the Edge infrastructure]. While Kubernetes been the most popular model of deploying cloud native infrastructure to offer software services, service mesh is the emergent application deployment paradigm that decouples application from developing most of the software defined networking aspects of microservice interactions. This paper introduces features of service mesh that are architecturally suitable for Edge compute service offerings and application development principles. To understand applicability of service mesh, architectural principles need to be understood to figure out suitability of various benefits mesh benefits to customized Edge deployments. This talk introduces and correlates various Edge requirements to the service mesh’s architectural guidelines. Then further dig into deployment considerations of service mesh with Edge deployment types to provide practical communication challenges between the two. This talk: -- Provides benchmark tests and their results that provides the impact of service mesh on simple Kubernetes based deployments using Istio &amp; Envoy as service mesh and its sidecar proxy, that can be leveraged for Edge environments. -- Provides detailed analysis of the software used to identify bottlenecks using Top-Down Microarchitectural Analysis and CPU Hot Spot analysis. -- Summarizes the gaps identified during the detailed testing of these open-source components -- Showcases the impact of utilizing service mesh for edge computing.</p> - - Sunku Ranganath - Mrittika Ganguli - - - ChallengesandOpportunities in Performance Benchmarking ofService Mesh for the Edge - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.network - 2_cluster_kubernetes_with_calico_bgp_interconnect_and_wireguard_all_without_leaving_your_laptop - 2-cluster Kubernetes, with Calico, BGP Interconnect and WireGuard... All Without Leaving Your Laptop! - - Network - devroom - - <p>Wouldn’t it be great to be able to dabble with Kubernetes, Calico, BGP, and WireGuard in a totally safe, totally zero-cost, and easily (!!) reproducible local laptop or workstation environment?</p> - -<p>If you agree, I’m here for you. In this engaging, hands-on and fun session I’ll share with you how I built two four-node Kubernetes clusters, peering with BGP, forwarding with WireGuard, all inside my laptop, and how you can do the same, for fun, learning, and profit. Or, well, just fun and learning, actually.</p> - -<p>When working with these technologies (especially BGP), cost, risk and complexity are the usual barriers to learning. Let's remove them and get back to enjoying our learning.</p> - - - Christopher Tomkins - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 13:10 - 00:45 - D.design - osd_how_do_we_design_open_source_communities_to_be_more_diverse_equitable_and_inclusive - How do we design open source communities to be more diverse, equitable, and inclusive? - - Open Source Design - devroom - - <p>The CHAOSS project represents a potential force for power and good in open source and is demonstrating significant progress toward its stated aims during its first four years. In particular, the CHAOSS project advances the development of metrics and programs that can help other projects to first understand their own diversity, equity, and inclusion and second work to improve their project in these areas. This roundtable includes speakers who took part in a year-long reflection on DEI practices within the CHAOSS project. The roundtable talk will help other open source projects in their work towards improving diversity, equity, and inclusion by exploring practices within the CHAOSS project first, then using those examples as points of reference for other projects. In particular, the roundtable talk will advance these goals, aimed at answering the question of: How do we design open source communities to be more diverse, equitable, and inclusive?</p> - - - matt.germonprez - - - - - CHAOSS community - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - 10:00 - 01:00 - D.postgresql - postgresql_solving_the_knapsack_problem_with_recursive_queries_and_postgresql - Solving the knapsack problem with recursive queries and PostgreSQL - - PostgreSQL - devroom - - <p>Optimization problems are everywhere, from deciding which clothes to pack in our luggage (aka the knapsack problem), to selecting the tasks that will be worked during a sprint. Trying to solve these type of problems by hand is a tedious task often resulting in sub-optimal decisions.</p> - -<p>In this talk, we'll understand how PostgreSQL recursive queries can help. Starting from the proper problem definition, we'll then explore how to build queries that call themselves recursively, what are the risks associated with this approach and safeguards we can set to optimise performances. Finally we'll demonstrate how two new features released in PostgreSQL 14 enable an easier handling of the recursive statements.</p> - -<p>If you're into PostgreSQL and eager to understand how recursion works, this session is for you!</p> - - - Francesco Tisiot - - - Knapsack Slides - - - original blog post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 01:00 - D.postgresql - postgresql_json_in_postgresql_learning_with_a_case_study - JSON in PostgreSQL - Learning with a case study - - PostgreSQL - devroom - - <p>PostgreSQL provides great support for JSON objects and every developer working -with this data type should learn how to take advantage of it. Instead of going -through the documentation on how to use JSON in PostgreSQL, in this talk we will -use a case study to learn by example. We will also complement the usage of JSON -by introducing other data types such as ARRAY. We will also review some design -decisions to turn JSON objects into columns and vice versa when it's convenient. -This talk will help you to axe the archaic Entity-Attribute-Value (EAV) pattern -from your database.</p> - - - Boriss Mejias - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:30 - D.postgresql - postgresql_how_to_create_lots_of_sample_time_series_data_with_postgresql_generate_series - How to create (lots!) of sample time-series data with PostgreSQL generate_series() - - PostgreSQL - devroom - - <p>Exploring new features in PostgreSQL or reproducing an unusual query plan can be tricky without representative data to utilize. While there are a plethora of sources for sample data and tools to import it, you can end up spending too much time finding representative data to work with. In our day-to-day work at Timescale, we often need to quickly create lots of sample time-series data to demonstrate new features, run a benchmark, or help community members with examples as they learn.</p> - -<p>Although using real application data would be ideal, PostgreSQL provides the generate_series() function which makes it easy to create a representative time-series dataset using varying cardinalities and different lengths of time.</p> - -<p>In this talk we'll introduce generate_series() and demonstrate how to use it to create realistic-looking time-series data of all shapes and sizes, using custom PostgreSQL user-defined functions. Once we've mastered the basics, we'll dial it up a notch by incorporating PostgreSQL math functions and relational data to create realistic time-series patterns of data for various use cases like sales or website visits.</p> - - - Ryan Booz - - - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:30 - D.postgresql - postgresql_future_postgres_challenges - Future Postgres Challenges - - PostgreSQL - devroom - - <p>Postgres has been a vibrant project for decades, and probably will be popular for decades to come. However, as with any complex endeavor, challenges are always lurking. This talk explores the many project, competitive, and technical challenges in the future that could derail its success. By exploring these challenges, we will be better able to avoid them.</p> - - - Bruce Momjian - - - - - slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.postgresql - postgresql_postgresql_distributed_secure_database_ecosystem_building - PostgreSQL Distributed & Secure Database Ecosystem Building - This session will focus on introducing how to empower PostgreSQL thanks to the ecosystem provided by Apache ShardingSphere - an open source distributed database, plus an ecosystem users and developers need for their database to provide a customized and cloud-native experience. - PostgreSQL - devroom - - <p>As the most popular open source relational database in the world, PostgreSQL keeps attracting the significant attention it deserves. With the ever increasing data storage and query requirements, new challenges are brought forward for horizontal elastic expansion and security of the PostgreSQL database. -How to provide existing PostgreSQL databases with incremental capabilities such as data sharding, data encryption and other functions is of great concern to many PostgreSQL users. -This session will focus on introducing how to empower PostgreSQL thanks to the ecosystem provided by Apache ShardingSphere - an open source distributed database, plus an ecosystem users and developers need for their database to provide a customized and cloud-native experience. ShardingSphere doesn't quite fit into the usual industry mold of a simple distributed database middleware solution. ShardingSphere recreates the distributed pluggable system, enabling actual user implementation scenarios to thrive and contributing valuable solutions to the community and the database industry. -The aim of ShardingSphere is the Database Plus concept.</p> - <p>Database Plus sets out to build a standard layer and an ecosystem layer above the fragmented database's basic services. A unified and standardized database usage specification provides for upper-level applications, and the challenges faced by businesses due to underlying databases fragmentation get minimized as much as possible. To link databases and applications, it uses traffic and data rendering and parsing. It provides users with enhanced core features, such as a distributed database, data security, database gateway, and stress testing. -ShardingSphere uses a pluggable kernel architecture for Database Plus. That means there's modularity, which provides flexibility for the user. Demos and notable use cases in production environments that are from the Asia equivalents of FAANG (Facebook, Amazon etc.) will be used to introduce the use and implementation of these functions for PostgreSQL databases.</p> - - Juan Pan - - - - - - Twitter - GitHub Repo - Slack Community - Project Website - Medium - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:30 - D.postgresql - postgresql_automatically_refresh_materialized_views_in_postgresql - Automatically refresh materialized views in PostgreSQL - Tactics to make refreshing a painless process - PostgreSQL - devroom - - <p>Since PostgreSQL 9.3 introduced materialized views, it’s been an important feature that many users leverage to power dashboards, pre-compute information, or execute common queries in a much faster manner.</p> - -<p>On the flip side, if your database often gets updated, keeping your materialized views up-to-date can be challenging. Especially when working with time-series data where timeliness is often an important requirement. In this talk, I will share some tactics to keep your materialized views up-to-date in PostgreSQL and how to use REFRESH MATERIALIZED VIEW efficiently to fit your use case.</p> - <p>Let’s say you have a real-time dashboard fueled by a PostgreSQL materialized view. How can you make sure that this materialized view is always up-to-date, hence the dashboard is showing up-to-date information as well? How can you avoid read-locks while refreshing the view or minimize refresh periods? These are some of the questions many users ask when starting to work with PostgreSQL materialized views.</p> - -<p>In this talk, I will explore these questions further and show some tactics on how you can optimize the process of refreshing your PostgreSQL materialized views and keeping them maintained. I will dissect the REFRESH MATERIALIZED VIEW command and its usage and show additional tips on how you can make refreshing materialized views as painless as possible.</p> - - Attila Tóth - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 01:00 - D.postgresql - postgresql_working_effectively_with_support_the_community - Working effectively with (-support-) the community - This talk is for those who are new to PostgreSQL or those who just started, or all the others that want to hear a personal story: When I started with PostgreSQL around 10 years ago, I came with an Oracle background. It took me quite some time to understand how the PostgreSQL project is organized, how the community is working and how to deal with issues I've faced when I needed support. This is not a technical talk at all, but it should save you quite some time in your journey with PostgreSQL. - PostgreSQL - devroom - - <p>This talk is for those who are new to PostgreSQL or those who just started, or all the others that want to hear a personal story: When I started with PostgreSQL around 10 years ago, I came with an Oracle background. It took me quite some time to understand how the PostgreSQL project is organized, how the community is working and how to deal with issues I've faced when I needed support. This is not a technical talk at all, but it should save you quite some time in your journey with PostgreSQL.</p> - - - Daniel Westermann - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 01:00 - D.postgresql - postgresql_exploring_linux_memory_usage_and_io_performance_for_cloud_native_databases - Exploring Linux Memory Usage and IO Performance for Cloud Native Databases - - PostgreSQL - devroom - - <p>Linux and containers are similar in that they provide operating system resources such as memory and storage. These resources—along with CPU and networking— are key factors to achieve optimal performance.</p> - -<p>In this session, we'll explore how memory allocation at the container or operating system level influences the performance of buffered disk IO, which is typically how IO is handled by PostgreSQL. We'll also examine Linux memory management details and the different ways disk IO could be performed. From there, we'll walk through a number of examples that reveal the typical dynamics of cached and non-cached IOs, as well as the differences between the two.</p> - -<p>Understanding these dynamics is critical to learn how PostgreSQL IO works.</p> - - - Frits Hoogland - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 01:00 - D.postgresql - postgresql_slow_things_down_to_make_them_go_faster - Slow things down to make them go faster - - PostgreSQL - devroom - - <p>It's easy to get misled into overconfidence based on the performance of powerful servers, given today's monster core counts and RAM sizes. However, the reality of high concurrency usage is often disappointing, with less throughput than one would expect. Because of its internals and its multi-process architecture, PostgreSQL is very particular about how it likes to deal with high concurrency and in some cases it can slow down to the point where it looks like it's not performing as it should. In this talk we'll take a look at potential pitfalls when you throw a lot of work at your database. Specifically, very high concurrency and resource contention can cause problems with lock waits in Postgres. Very high transaction rates can also cause problems of a different nature. Finally, we will be looking at ways to mitigate these by examining our queries and connection parameters, leveraging connection pooling and replication, or adapting the workload.</p> - <p>Topics:<br/> -1. Understand what we mean by high concurrency.<br/> -2. Understand ACID &amp; MVCC in Postgres.<br/> -3. Understand how high concurrency affects Postgres performance.<br/> -4. Understand how locks/latches affect Postgres performance.<br/> -5. Understand how high transaction rates can affect Postgres.<br/> -6. Mitigation strategies for high concurrency scenarios.</p> - - Jimmy Angelakos - - - Slow things down to make them go faster - - - Presentation slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 01:00 - D.postgresql - postgresql_lesser_known_postgresql_features - Lesser Known PostgreSQL Features - Features you already have but may not know about! - PostgreSQL - devroom - - <p>In the talk I want to present a few lesser know, but useful features you may never heard about! For example, do you know how you can get the number of inserted and update rows in an upsert? how to create reproducible random data for testing and demonstrations? match a text against multiple patterns without complicated condition? How about using \copy with multi-line queries? All that and more... in my talk :)</p> - <p>In this talk I'll present lesser known features in PostgreSQL such as:</p> - -<ul> -<li>How you can get the number of inserted and update rows in an upsert</li> -<li>How to create reproducible random data for testing and demonstration</li> -<li>How to match a text against multiple patterns without complicated condition</li> -<li>How to use \copy with multi-line queries</li> -<li>And many more fun features from the deep end of the documentation!</li> -</ul> - - - Haki Benita - - - - - Lesser Known PostgreSQL Features - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:15 - 00:10 - D.public-code - public_code_welcome - Welcome to the Public Code devroom - - Public Code - devroom - - <p>A brief introduction and overview of what you can expect from the Public Code devroom at FOSDEM.</p> - - - Jan Ainali - - - - - Introductory blog post - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:20 - D.public-code - joint_open_source_development - Joint open source development in cross-border context - - Public Code - devroom - - <p>X-Road® is open-source software and ecosystem solution that provides unified and secure data exchange between organisations. X-Road is a digital public good verified by the Digital Public Goods Alliance, and it’s released under the MIT open source license and is available free of charge. X-Road is used as a national data exchange solution in Estonia, Finland, Iceland and many other countries around the world.</p> - -<p>Nordic Institute for Interoperability Solutions (NIIS) is a non-profit association with the mission to ensure the development and strategic management of X-Road® and other cross-border components for digital government infrastructure. The republics of Estonia, Finland and Iceland are members of NIIS.</p> - -<p>In my talk, I'm going to give an overview of X-Road first. Then, I'm going to discuss the organisational structure of NIIS and the development model of X-Road. The main scope of the presentation is to discuss joint open source development in cross-border context.</p> - - - Petteri Kivimäki - - - Joint Open-Source Development in Cross-Border Context - - - https://niis.org - https://x-road.global - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:25 - D.public-code - developers_italia - Developers Italia, four years later - - Public Code - devroom - - <p>In 2017, Italy launched a key initiative to improve public services by opening up the development of a handful of core technologies and allowing an open governance community to gather around public code. The effort resulted in the launch of two projects: Developers Italia and Designers Italia, which started a virtuous ecosystem involving administrations, businesses, and enthusiasts who want to improve public services and citizens' lives. Today, the two communities attract over 20.000 technical talents capable of contributing to their country's development and have created together hundreds of open source packages. We launched internationally at FOSDEM 2018, with the help of the Free Software community. We're returning four years later to provide updates, share lessons learned, and continue the conversation on how to make Italy the most hacker-friendly country in the world.</p> - - - Riccardo Iaconelli - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:35 - 00:35 - D.public-code - lessons_from_danish_os2 - Lessons from the Danish OS2 - Maturing governance - Public Code - devroom - - <p>A strong organization is an important part of governing a public code base. The association OS2 scores their IT-solutions after a governance model divided into three levels, which shows the maturing of the code and the organization surrounding it. This talk will cover lessons learned and why scoring is not enough.</p> - <p>The Danish OS2 – Public Digitization Network is an association with 78 public organizations as members. OS2 is not a developing house, not code stewards, rather the association supports development and maintenance of open source IT-solutions through collaboration between public entities and private IT-companies. Solutions are developed as open source and made publicly available. OS2 maintain a governance model which all solutions must comply. In this talk by Rasmus Frey, the head of the main secretariat in OS2, will describe the organization and explain some elements of when it goes well or wrong in governing a public codebase and its life in the public sector.</p> - - Rasmus Frey - - - Slidedeck - Lessons from Danish OS2 - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:20 - 00:25 - D.public-code - publiccodeyml - PublicCode.yml - index all public software! - - Public Code - devroom - - <p>PublicCode.yml is a decentralized standard for indexing public software developed by both public and private entities. The specification has always been an open project, but as of December 15th, it has fully transitioned to an open-governance model. Denmark, France, Germany, Israel, and Italy were the official founding countries, and we are looking for more participants to join us. In this presentation, we'll go over the technical ecosystem, current implementations, and how you can get involved - either as a Free Software project or as a government - to promote the use and development of Free Software by public entities, and how to help your Free Software project gain more adoption in public institutions.</p> - - - Riccardo Iaconelli - - - - - GitHub organization - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:55 - 00:20 - D.public-code - 9000_public_code_repositories - We listed +9000 public code repositories. Now what? - How to build valuable services on top of fragile assets - Public Code - devroom - - <p>The French administration recently announced https://code.gouv.fr, a website listing more than 9000 repositories from the French public sector. What next?</p> - <p>In this lightening talk, I want to quickly explain how we built this and what we find in these repositories. The core of my talk will be about what valuable services we aim to provide to public agencies on top of this list, depending on who they are and what they need. As this topic is partly speculative, we are eager to engage with the audience in a short discussion on what they think would be valuable.</p> - - Bastien - - - - - code.gouv.fr - Repos from Etalab Free Software task force - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:25 - 00:20 - D.public-code - beware_of_culture - Beware of culture - – what to do as a community manager? - Public Code - devroom - - <p>Facilitating a sense of belonging across different cultures in the Danish public sector. A community manager’s point of view.</p> - <p>We have many active communities in the Danish open source network OS2. As the communication and community manager, it is on me to facilitate a welcoming and introcluding atmosphere between the members and the network. My methods are primarily focused on written text, storytelling, and case stories. But not one strategy will work on everybody. The 'cultures' I will be referring to are the local cultures in the different IT-departments in the public sector. All the open source products OS2 governs should ideally allow for any person to come with ideas - regardless of the local culture of procuring and reusing software.</p> - -<p>This talk will not be technical but rather point to the "soft" element of governing an public open source product.</p> - - Charlotte Heikendorf - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:55 - 00:45 - D.public-code - decidim - Decidim - Free Open Source Participatory Democracy for Cities and Organizations - Public Code - devroom - - <p>Decidim (decidim.org) is a digital platform for participatory democracy, built entirely and collaboratively as free open source software. More specifically, Decidim is a web environment (a framework) produced in Ruby on Rails (a programming language) that allows anyone to create and configure a website platform to be used as a political network for democratic participation. The platform can be deployed by any organization (local/regional/national governments, associations, universities, NGOs, or cooperatives) to host large scale citizen participatory processes for strategic planning, participatory budgeting, public consultations and collaborative policy-making. The project was launched in 2017 in Barcelona and, 4 years later, there are more than 400 active instances of Decidim around the world. In this talk we will present the lessons from this outreach process advocating for a radical model of participatory democracy in contexts as different as the Helsinki City Council, the Mexico City Government, the New York City Commission on Civic Engagement, the French National Assembly, the Italian Government or the European Commission.</p> - - - Andrés Pereira de Lucena - - - Decidim FOSDEM presentation - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:50 - 00:30 - D.public-code - bluetooth_beyond_digital_contact_tracing - Bluetooth beyond Digital Contact Tracing - Using Bluetooth for wider public healthcare improvements - Public Code - devroom - - <p>The Herald Project created a reliable API for data exchange used in nations' COVID-19 Digital Contact Tracing applications. The same Bluetooth LE and MESH technology can be used to improve healthcare operations - replacing aging pagers, finding healthcare equipment, navigating through complex environments, and in wearables for personal healthcare monitoring.</p> - <p>This presentation talks about the use of the Herald API beyond Digital Contact Tracing, using a mix of opensource software, hardware, and data. This can be used to implement public health policy whilst respecting individual freedoms, including freedom of movement internationally.</p> - - Adam Fowler - - - Main Presentation Slides - - - Project website - Project GitHub organisation - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 01:00 - D.public-code - aleksis - AlekSIS, the Free School Information System - Taking on digitisation and digital education at once - Public Code - devroom - - <p>Public schools are one natural way to get people in contact with free software, and helping them shape their digital environment with it. The AlekSIS project develops a free, open School Information System that doubles as a platform for students of any age to develop apps to digitise their own schools.</p> - <p>School Information Systems are programs that help to digitise several processes in public or private schools, reaching from timetables and substitution plans over school meal plans, digital class registers, up to payment systems, and much more.</p> - -<p>Starting out as two independent solutions for School Information Systems, AlekSIS is an actively developed free software project, made by students, teachers, and software engineers together. It is designed to be both a stable and secure software solution, readily available for schools, and a platform that can be used in classes to learn and teach coding. Students can make their own apps, that are seamlessly integrated into the platform, to help digitise real-world scenarios at their schools.</p> - -<p>In this talk, we will show what AlekSIS is, and explain the scheme behind making it a learning platform for young app developers at the same time.</p> - - Dominik George - Jonathan Weth - Jonathan K - - - Presentation slides - - - AlekSIS project website - schul-frei project - Teckids e.V. - AlekSIS repos on EduGit - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:15 - D.public-code - educamadrid - EducaMadrid, the Free and Educational Technology Platform of Madrid - - Public Code - devroom - - <p>EducaMadrid is an Educational Technology Platform based on Free Software that offers multiple interconnected and complementary services: school websites, teachers' blogs, virtual classrooms, media library, cloud, mail, videoconferencing, MAdrid_linuX, etc.</p> - -<p>It offers the possibility to develop digital competence, communication between students and teachers and to implement teaching processes both face-to-face and remotely in a secure, free and sustainable environment.</p> - - - Adolfo Sanz De Diego - - - - - - https://www.educa2.madrid.org/educamadrid/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:05 - 00:15 - D.public-code - open_source_policy - Open Source Policy - Creating value beyond code - Public Code - devroom - - <p>In this lighting talk we want to talk about the potential of open source not only for code, but also for policy documents.</p> - -<p>One of the pillars to promote open government at any level of government is that there should exist an open data policy. However, in the Mexican context, although one already exists at the federal level, very few states and municipalities have open data policies. This is partly due to the lack of knowledge and culture about open government, especially at the municipal level.</p> - -<p>From Codeando México we work to promote citizen participation and open government, and we have carried out several exercises to co-create open data policies with the three levels of government: federal, state and municipal.</p> - -<p>With this experience, we saw the need for the creation of an open data policy with a free use license. This policy, a work in progress, will be hosted in an open repository, will allow any level of government that wants to have an open data policy to adopt it and adapt it to their needs in a short time.</p> - -<p>This project is nourished not only by the experience of Mexican civil society of the last 10 years but also, being an open source project, it will be in continuous evolution and improvement with the contributions of governments, civil society and any interested citizen.</p> - - - Ricardo Mirón - - - Open Source Policy Slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:20 - D.public-code - closing_public_code - Closing of the Public Code devroom - Reflections from the day - Public Code - devroom - - <p>Closing of the devroom with some reflections of what we have heard through the day. What might happen next and what would we like to see more of next year?</p> - - - Boris van Hoytema - Jan Ainali - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:30 - D.python - python_kafka - Get to know Apache Kafka with Jupyter Notebooks - - Python - devroom - - <p>Apache Kafka is recognised as the best data streaming platform around, but it can be difficult to observe what is happening when you are just getting started with this excellent technology platform. In this session, you will get a tour of key Kafka features using the delightful web UI of Jupyter notebooks.</p> - -<p>Use the notebooks to see Kafka and Python in action, producing and consuming records. We’ll also cover how to get the best from your application by making good use of topic partitioning and consumer groups. From high-level concepts to nitty-gritty details, this session will equip you with the skills you need to build applications with Kafka. Recommended for anyone curious about Apache Kafka or using Jupyter to work with or learn new data platforms.</p> - - - Francesco Tisiot - - - Apache Kafka Jupyter Notebooks - - - github repository - slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:25 - D.python - python_async_sqlalchemy - Introducing Asynchronous SQLAlchemy - - Python - devroom - - <p>Driven by the immense popularity of asynchronous frameworks, such as FastAPI, asynchronous database support suddenly became a hot topic in the Python community. As talking to your database often forms a significant portion of the input and output of your application, it's important to do that asynchronously as well. With the release of version 1.4, SQLAlchemy added support for Asynchronous I/O for both its core and ORM features. This means that you can now use the popular SQL toolkit for Python in your asynchronous applications.</p> - -<p>In my talk, I will introduce you to the newly added support for asyncio in SQLAlchemy. I will go over how easy it is to set up the new AsyncEngine, point you to some of the differences with synchronous SQLAlchemy, and show you some of the pitfalls to avoid. In addition, I will also show you how you can run your existing synchronous SQLAlchemy code asynchronously to help you transition to a fully asynchronous application. By the end of my talk, you should know enough to start your own asynchronous SQLAlchemy adventure.</p> - - - Sebastiaan Zeeff - - - - - SQLAlchemy Documentation — Asynchronous I/O (asyncio) - Talk Slides and Additional Information - LinkedIn - Twitter - Code + Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.python - python_concurrency_in_webapps - Handling Concurrency in Web Application - How *not* to build a URL Shortener - Python - devroom - - <p>Concurrency in web applications is so easy to get wrong, and so hard to identify and debug when it comes to bite you. In this talk I'm going to present common concurrency issues with even the simplest application, and suggest ways to identify and prevent them!</p> - <p>In this talk I'll present common issues, and different approaches for dealing with concurrency:</p> - -<ul> -<li>Why it is better to ask for forgiveness instead of permission when dealing with concurrency</li> -<li>What is the TOCTOU (time-of-check-time-of-use) problem, how it can happen and how to address it</li> -<li>How database locking can help with concurrency, and how to avoid it!</li> -<li>How and when to rely on database features to maintain correctness</li> -</ul> - - - Haki Benita - - - - - Personal welsite - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:25 - D.python - python_type_safety - Sleep better with type-safe Python - - Python - devroom - - <p>Type hints are an essential part of modern Python. By combining type hints with a static type checker and libraries which enable runtime type checking, it is possible to achieve runtime type-safe Python applications.</p> - -<p>This talk discusses the motivation for extensive usage of type hints, how to gradually add types to existing projects, how to deal with untyped dependencies, and finally, how to achieve runtime type-safety without sacrificing performance.</p> - - - Jerry Pussinen - - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:30 - D.python - python_unicode - Messing with unicode - A few possible attacks with unicode - Python - devroom - - <p>Let's look at a few 'tricks' with unicode that can make a program look like it's doing (or not doing, for that matter) something it doesn't. Based on the findings in a recent publication, these are well worth being aware of; both from a security point of view and for simply being on your guard against friends who may be trying to pull a prank on you :-D.</p> - -<p>These tricks are well suited for trojan attacks as it can be difficult to detect even with a manual code review thanks to aspects of unicode like bidirectional (bidi) control characters.</p> - <p>The talk is based on some of the possibilites described in the paper "Trojan Source: Invisible vulnerabilities" by Nicholas Boucher and Ross Anderson of University of Cambridge. The implications of this work with regard to Python has been outlined in PEP 672.</p> - -<p>Examples of using/abusing unicode inlude: - - Look-alike characters (homoglyphs) being used to make two different functions and make calls of one function look like that of the other (eg: Cyrillic е and Latin e are too similar for us to distinguish easily). - - Use bidi control characters to make a part of the appear to be present when it's actually part of a comment. - - Classic trick of naming files so that even an .exe file can look like a .pdf. - - Use of invisible characters to make strings that look same when they aren't.</p> - - Julin Shaji - - - messing_with_unicode.pdf - - - Paper describing the unicode attacks - PEP 672 - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.python - python_spyql - SPyQL - SQL with Python in the middle - Making command-line data processing more intuitive, readable and powerful - Python - devroom - - <p><a href="https://github.com/dcmoura/spyql">SPyQL</a> is SQL with Python in the middle, an open-source project fully written in Python for making command-line data processing more intuitive, readable and powerful. Try mixing in the same pot: a SQL SELECT for providing the structure, Python expressions for defining transformations and conditions, the essence of awk as a data-processing language, and the JSON handling capabilities of jq.</p> - -<p>In this event I will describe the SPyQL language, highlighting its unique features. By the end of this presentation you will know how to write SPyQL queries (probably you already know :-) ), and you will be looking forward to starting using it! I will be solving the task of calculating aggregations in awk (for a CSV), in jq (for a JSON) and in SPyQL (for both). I will then show you a couple more examples where we will be using SPyQL 1) to automate a scaling operation of k8s pods, and 2) to continuously calculate statistics from a Kafka data stream.</p> - <p>How does a SPyQL query looks like?</p> - -<pre><code>IMPORT pendulum AS p -SELECT - (p.now() - p.from_timestamp(purchase_ts)).in_days() AS days_ago, - sum_agg(price * quantity) AS total -FROM csv -WHERE department.upper() == 'IT' and purchase_ts is not Null -GROUP BY 1 -ORDER BY 1 -TO json -</code></pre> - -<p>Simple, readable, and, as all SPyQL programs, it's an 1-liner. In a single statement we are 1) reading a CSV (of purchases) with automatic header detection, dialect detection, type inference and casting, 2) filtering out records that do not belong to the IT department or do not have a purchase timestamp 3) summing the total purchases and grouping by how many days ago they happened, 4) sorting from the most to the least recent day and 5) writing the result in JSON format. All this without loading the dataset into memory.</p> - -<p>SPyQL will change data-processing in the terminal, making it accessible to anyone who knows a little-bit of Python and understands the basics of a SQL SELECT. -On the other hand, it will give super-powers to experienced users. The possibilities are endless as you can import any Python library, and pipe data from/to any command-line tool. From querying APIs and Kafka, to write to files or databases, SPyQL will be the tool of choice for processing data in the command-line!</p> - - Daniel Moura - - - Slides for SPyQL @ FOSDEM22 - - - SPyQL repo at GitHub - SPyQL demo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.python - python_mimics - Mimics - Records operations to replay them later - - Python - devroom - - <p>https://github.com/maarten-dp/mimics is a tool with the intention to defer actions done on objects or classes. These actions can then be executed at a later date when the subject, to which these actions should be applied to, is available. This is mostly a joke project with no real world applications, but it has some neat implementations showcasing the power of python.</p> - - - Maarten De Paepe - - - fosdem 2022 slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:30 - D.python - python_feature_flags - Implementing and managing feature flags - How to effectively manage your feature flags in a monolitic Django application - Python - devroom - - <p>When developing a plateform with a large code base, multiple Django applications in a monolith, feature flags are a must have to keep your release cycle short. Those allow teams to develop a feature throughout multiple releases without users being aware that this feature is under development. Shorter release cycle are still possible without hindering quality teams or users.</p> - -<p>At GitGuardian, we use feature flags for multiple purposes: distinguishing between code deployment and feature rollout, managing differences for premium accounts and A/B testing. We will talk about how we handle feature flags for saas and on premise deployment and how to avoid some common on premise pitfalls with feature flags.</p> - - - Mehdi Raddadi - - - FOSDEM 2022 - How to manage feature flags - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:25 - D.python - python_cubicweb - CubicWeb: bootstraping a web-application from RDF data - - Python - devroom - - <p>We made the Web accessible to human. -We are making the web accessible to computers with Linked Open Data (LOD - https://www.w3.org/standards/semanticweb/data). -More and more RDF data is created by people and institutions to contribute to the LOD. -However, publishing this RDF data with content negotiation is rarely done, because there is no on-shelve solution. -Moreover, there is no easy to use user interface to manage linked data (including CRUD operations, but also user permissions, rendering, etc.).</p> - -<p>CubicWeb is a SCMS (Semantic Content Management System) for Linked Open Data (https://forge.extranet.logilab.fr/cubicweb/cubicweb). -This python-based framework can be used to import OWL schema and RDF data automatically to generate a new CubicWeb instance. -This instance can be used out-of-the-box as a single application to serve RDF data through a conventional web interface for browsing and through -content negotiation for downloading. No need to configure anything, just import and launch the app. -The CubicWeb framework implements an administration interface to manage data easily even -for non-technical people. All the common features of a web application framework are available.</p> - - - Fabien Amarger - - - CubicWeb: bootstraping a web-application from RDF data - - - official CubicWeb repository - OWL2yams project: generate CubicWeb instance from RDF data - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - - - 10:00 - 00:05 - D.dependency - devroom_introduction - Devroom introduction - - Software composition and dependency management - devroom - - <p>The devroom intro by devroom organization team!</p> - - - Kate Stewart - Philippe Ombredanne - Antoine Mottier - Michael C. Jaeger - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:05 - 00:15 - D.dependency - package_url_and_version_range_spec - Package URL and Version range spec - Towards mostly universal dependency resolution - Software composition and dependency management - devroom - - <p>Package URLs are a compact way to identify software packages across multiple ecosystems. -Together with the new "vers" Version Range Specifier, these two mini specs will offer a -new way to create new, mostly universal dependency resolvers and installers, working -across ecosystems.</p> - <p>Because <strong>no tech stack is an island</strong> running on a single programming language and in a single package ecosystem, we need a way to <strong>talk about packages across ecosystems</strong>: talk about their type, name, location, version and dependent version ranges. <strong>purl</strong> and <strong>vers</strong> are an attempt to solve this problem.</p> - -<p>How to talk about packages, dependencies and vulnerabilities using a common language?</p> - -<p>I will present <strong>Package URL</strong>, a way to references package across ecosystems which is emerging as a de-facto standard. And I will introduce a new work-in-progress, mostly universal notation to express version ranges to be used in resolving package dependencies such as "I require package foo, version 2.0 or later versions" and referencing affected vulnerable packages versions as in "vulnerability CVE-123 affects package bar, version 3.1 and version 4.2 but not version 5".</p> - -<p>These two will show a way to create new, mostly universal dependency resolvers and installers, working across ecosystems and we will promote the rise of universal package managements where one tool and one unified spec can rule them all.</p> - - Philippe Ombredanne - - - Package URL and Version range spec presentation - Package URL and Version range spec presentation (libreoffice) - Video - - - Purl Spec - VERS spec - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:20 - 00:20 - D.dependency - dependency_ospo - How OSPOs can help secure the software supply chain - - Software composition and dependency management - devroom - - <p>Legal Risk Mitigation is one of the three main functions of an <a href="https://github.com/todogroup/ospodefinition.org">OSPO</a> (designated places where open source is supported, nurtured, shared, explained, and grown inside an organization). OSPOs often oversee aspects of a company’s open source license compliance process and supply chain as one of the first activities. The responsibilities include:</p> - -<ul> -<li>Maintaining open source license compliance reviews and oversight</li> -<li>Running a review process for inbound code use</li> -<li>Ensuring that the company contributes back to open source projects effectively</li> -</ul> - - -<p>To a certain degree, any organization calling itself an OSPO likely indicates the organization has reached a maturity stage where Executive-level recognition that OSS is an important strategic asset and builds a critical mass of processes, procedures, and tools to streamline and facilitate open source consumption and participation across divisions. Indeed, these activities also include a wide range of software composition analysis solutions such as Software Bill of Materials (SBOM), license management scanning, or continuous monitoring tools.</p> - -<p>While some OSPOs rely on Software composition analysis vendors like Synopsys and Tidelift, others decide to make their own built-in solutions. During this presentation, Ana Jimenez, PM at <a href="https://todogroup.org/members/">TODO group</a> (an open community of organizations who run OSPOs worldwide), will introduce the evolution and expansion of OSPOs over the years from a supply chain perspective, some of the common SCA tooling used, as well as how OSPOs can contribute and nurture the <a href="https://landscape.todogroup.org/card-mode?category=sca&amp;grouping=category">ecosystem of SCA tools</a> to adapt to the needs of the different industries.</p> - - - Ana Jimenez Santamaria - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:40 - 00:20 - D.dependency - open_source_license_compliance_project - Developing an open source license compliance project : our trials, tribulations and achievements - - Software composition and dependency management - devroom - - <p>This talk aims at presenting our trials and tribulations as well as our achievements in designing a compliance software project for open source licenses.</p> - -<p><em>"Are all module licenses in our software project compliant with each other ?"</em> -Many of our customers have asked us this question even though they already had a plethora of software solutions (not always FOSS software) dealing with this topic. -This surprised us, and led us to seek out the cause of their uncertainty. We then discovered that many solutions only look for potential risks and provide reports both too detailed, from the legal POV, for practical use by an engineer, and too technical for practical use by a lawyer.</p> - -<p>As engineers are bound to do, we thought there might be a technical solution to this and launched a project. -As engineers launching a project are bound to do, we encountered a few hitches and made some discoveries along the way.</p> - -<p>Today, here we are to show off the problems we encountered and how we overpassed them, but also to mention that we are open to your contributions (on technical matter or just for suggestions).</p> - <p>The features of the project are mainly conditioned by our clients: - - the ability to process a variety of unstructured inputs (zip archives containing code, github or gitlab, dependency manager package lists, and various hypertext links to libraries) ; - - the requirement of preserving corporate code confidentiality whether in SaaS or on-premise ; - - outputting a very structured and human-readable report listing actual non-compliances and potential ways to solve these non-compliances ; - - designing the strategy for integrating our open source software compliance project with CI/CD processes ; - - and for the non-client-conditioned feature : our product owner decreed that there could be no false negatives in non-compliance detection.</p> - -<p>After a first PoC based on pre-existing code analysis tools (oss review toolkit, licensee, scancode...), we understood that some roadblocks would remain if no improvements were made. -It is not about reinventing the wheel, but moving from wood to rubber. -So we made a new PoC including Machine Learning and the results are much more promising. We will release it very soon under AGPL v3 license.</p> - - Pierre Marty - - - - - Presentation support - GitHub repo - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:20 - D.dependency - how_to_manage_oss_license_obligation_and_sbom_using_sw360_new_features - How to manage OSS license obligations and SBoM by SW360's new features - - Software composition and dependency management - devroom - - <p>The management of SBoM (software bill of material) is very important for companies to comply with the OpenChain specification.The latest features of SW360 support the management of license obligations and the management of SBOMs in SPDX format. In this presentation, I will introduce and demonstrate the features of SW360.</p> - <p>OpenChain ISO/IEC 5230 is the International Standard for open source license compliance. In the OpenChain specification, there are descriptions of SBoM management and OSS license obligations, and SW360 has features to help with both of these.</p> - -<p>SPDX is an open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. This is also ISO standard (ISO/IEC 5962:2021). A new feature in SW360 is the ability to register, import, and export software component information according to the SPDX format, making it easier to integrate with other tools and manage information received from other companies.</p> - -<p>For managing OSS licenses in SW360, the information about license obligations can be imported from the OSADL (Open Source Automation Development Lab) web site. This OSADL's web site provides a machine-readble summary of the main points of the OSS license in a form that anyone can get. (Licensed by CC-BY-4.0). New features in SW360 allows you to quickly import this OSADL license obigation information into your company's SW360.</p> - -<p>The features introduced presentation may include some that are still under development.</p> - - Kouki Hama - - - How to manage OSS license obligations and SBoM by SW360's new features - - - GitHub SW360 - WebSite SW360 - Open Source License Checklists by OSADL - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:20 - 00:40 - D.dependency - software_composition_dependency_panel_1 - Panel 1: Processing Dependencies and Compositions and Software - - Software composition and dependency management - devroom - - <p>Granted that software composition and dependency processing are very relevant for software engineering. The presentations have pointed out how such processing is embedded into activities of an organization. We would like to gather feedback about how the current status of adoption and integration looks like.</p> - - - Maximilian Huber - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:20 - D.dependency - break - Break - - Software composition and dependency management - devroom - - <p>break</p> - - - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:20 - 00:20 - D.dependency - scanning_for_known_vulnerabilities_in_an_embedded_distribution - Scanning for known vulnerabilities in an embedded distribution - A return on experience from the Eclipse Oniro project - Software composition and dependency management - devroom - - <p>A Linux distribution is a great playing field for testing tools for -vulnerability scanning. It is even a better playing field if it includes -more operating system kernels, like the Eclipse Oniro project does. -Eclipse Oniro targets the Internet of Things (IOT) domain, where fixing -security issues is critical.</p> - -<p>In this talk, Marta is going to present a return on experience of -scanning for known vulerabilities (CVEs) in the Eclipse Oniro project. -The presentation is going to start with an overview of tools based on -Yocto's cve-check and additions from the Oniro project. Then it will -cover examples of fixes, situations when we found errors in databases -and tools, and how we fixed them. Finally, Marta -is going to describe ideas of improvements in existing tools and propose -new tools that can help the community.</p> - - - Marta Rybczynska - - - Scanning in Oniro-Slides - - - A previous presentation covering the more general topic of security in the distribution at Embedded Linux Conference 2021 - Oniro project and its security tooling - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:40 - 00:20 - D.dependency - reporting_vulnerabilities_within_complex_software_environment_cve_bin_tool - Reporting vulnerabilities within a complex software environment - Using the CVE-Bin-Tool - Software composition and dependency management - devroom - - <p>Detecting known software vulnerabilities is hard to do perfectly. However, the CVE Binary Tool is a tool which has been designed to analyse and trace dependencies by performing a binary analysis that attempts to detect the versions of the libraries in compiled applications in order to determine the vulnerabilities that may be present. Since the tool was initially released, the number of libraries which can be detected has steadily increased so now over 100 libraries can be detected primarily through the effort of students working under the Google Summer of Code (GSOC) programme. Supported libraries have typically been prioritised based on the number and frequency of vulnerabilities reported in the CVE database. The latest version of tool released at the end of 2021 has added capabilities to perform vulnerability scanning of Linux distros, Python applications and to consume Software Bill of Materials (both the SPDX and CycloneDX formats are supported). Further enhancements are planned in 2022.</p> - -<p>This presentation will describe how the tool works, how to use it in a number of use cases and show how you can contribute to further develop the capabilities of the tool.</p> - - - Anthony Harrison - - - - - CVE Bin Tool Repo - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:00 - 00:20 - D.dependency - commoditising_open_source_risk_management - Commoditising Open Source Risk Management - First Open Source SCA Platform - Software composition and dependency management - devroom - - <p>SCANOSS disrupts the SCA market by offering the first fully Open Source SCA Platform. From the mining tools to the database engine, scanning engine, CLIs to a fully featured Multiplatform Auditing UI. It is all pure open source and available to use. SCANOSS aims at commoditising Open Source Risk Management and driving SBOM adoption not only for large corporations, but also for independent developers and SMEs who are key parts of the Software Supply Chain.</p> - - - Julian Coccia - - - - - SCANOSS Homepage - Software Transparency Foundation - OSSKB Homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:20 - 00:40 - D.dependency - software_composition_dependency_panel_2 - Panel 2: Dependencies for Vulnerability Discovery and Tracking - - Software composition and dependency management - devroom - - <p>One important use of dependency information is for the identification and discovery of vulnerabilities. The presentations present diverse interesting projects and approaches. We want to understand if the current approaches address the needs of cybersecurity efforts, how they compare to threats beyond dependency vulnerabilities, and how they can be combined, extended, and learn from each other.</p> - - - Diomidis Spinellis - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:20 - D.dependency - lunch_break - Lunch Break - - Software composition and dependency management - devroom - - <p>lunch break</p> - - - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:20 - 00:20 - D.dependency - generating_sbom_for_your_code_using_oss_review_toolkit - Generating SBOM for your code using OSS Review Toolkit - - Software composition and dependency management - devroom - - <p>In this talk Thomas will present how one can use OSS Review Toolkit (ORT) to build a CI/CD workflow to do license/security compliance and generate SBOMs. The talk will include a demonstration of OSS Review Toolkit and how its various features in combination with GitLab-based process can be used to automated FOSS reviews requirements (incl. SPDX SBOM generation) and use crowdsourcing within an organization and the FOSS community to overcome challenges such as large amounts of scan results or missing/incorrect FOSS package metadata.</p> - - - Thomas Steenbergen - - - - - Project main code repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:40 - 00:20 - D.dependency - sbom_resolver_generating_detailed_sboms_for_alpine - SBOM Resolver - Generating detailed SBOMs for Alpine - - Software composition and dependency management - devroom - - <p>In the light of increasing importance of supply chain security, obtaining detailed and accurate Software Bills of Material (SBOMs) for software images is fundamentally important. In this talk, we will present a tool called SBOM Resolver which generates detailed SBOMs for Alpine software images. It specifically leverages meta-data from the Alpine package management system to resolve all dependencies of a list of desired packages and enhances the resulting SBOM with additional information such as patches applied by the Alpine community.</p> - -<p>The current implementation is specific to Alpine, however, this presentation aims to introduce the key concepts and based on those start a discussion of how to apply SBOM Resolver to other distributions.</p> - - - Georg Kunz - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:20 - D.dependency - fasten_fine_grained_analysis_software_ecosystems_networks - FASTEN: Fine-Grained Analysis of Software Ecosystems as Networks - - Software composition and dependency management - devroom - - <p>In modern software development, it is common to use open-source software (OSS) to boost productivity. According to the National Vulnerability Database, OSS often has security vulnerabilities. On the other hand, research has shown that developers do not update their dependencies. Because existing security tools suffer from a high false-positive rate as they analyze software at the package level.</p> - -<p>FASTEN analyzes software packages at the finer-grain level by producing an enormous network of software ecosystems. This allows giving vulnerability information at the method level. With this information, developers are notified when their code uses vulnerable methods, and hence they are more confident to update their dependencies. The said functionality will be provided in the famous package managers such as Maven and PyPI.</p> - - - Amir Mir - - - - - FASTEN's GitHub repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:40 - D.dependency - software_composition_dependency_panel_3 - Panel 3: Creating SBOMs - - Software composition and dependency management - devroom - - <p>The Software Bill-of-Material (SBOM) is the foundation when it comes to the exchange between tools and organizations. SBOMs are not new as the session has outlined, rather, mature approaches exist. We would encourage a discussion about the current experience when exchanging SBOMs between organizations and tools today.</p> - - - Antoine Mottier - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:20 - 00:20 - D.dependency - on_backporting_practices_in_package_dependency_networks - On Backporting Practices in Package Dependency Networks - - Software composition and dependency management - devroom - - <p>The practice of backporting aims to bring the benefits of a bug or vulnerability fix from a higher to a lower release of a software package. When such a package adheres to semantic versioning, backports can be recognised as new releases in a lower major train. This is particularly useful in case a substantial number of software packages continues to depend on that lower major train. In this talk, we discuss the backporting practices in four popular package distributions, namely Cargo, npm, Packagist and RubyGems. We observe that many dependent packages could benefit from backports provided by their dependencies. In particular, we find that a majority of security vulnerabilities affect more than one major train but are only fixed in the highest one, letting thousands of dependent packages exposed to the vulnerability. Despite that, we find that backporting updates is quite infrequent, and mostly practised by long-lived and more active packages for a variety of reasons.</p> - <p>The full paper associated with this talk can be found at https://doi.org/10.1109/TSE.2021.3112204 -The research has been carried out in the context of the Belgian SECOASSIST "Excellence of Science" Research Project https://secoassist.github.io</p> - - Ahmed Zerouali - Tom Mens - - - Back to the Past -- Analysing Backporting Practices in Package Dependency Networks - - - IEEE TSE article "Back to the Past -- Analysing Backporting Practices in Package Dependency Networks" - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:40 - 00:20 - D.dependency - dependency_owasp - Operationalize SBOM with OWASP Dependency-Track - - Software composition and dependency management - devroom - - <p>Dependency-Track is an intelligent Component Analysis platform that allows organizations to operationalize the use of CycloneDX Software Bill of Materials (SBOM). The platform allows organizations to quickly identify and reduce risk in the software supply chain and is ideal for use in modern DevSecOps environments, procurement, and M&amp;A.</p> - -<p>Discover the benefits of leveraging OWASP CycloneDX Software Bill of Materials along with OWASP Dependency-Track.</p> - <p>Dependency-Track maintains accurate and complete inventory of all libraries, frameworks, applications, containers, operating systems, firmware, hardware, and services across an organization. The platform provides full-stack traceability for the cloud, for the enterprise, for smart devices, and for IoT.</p> - -<p>Dependency-Track can quickly identify vulnerable components and supports multiple sources of vulnerability intelligence including the National Vulnerability Database (NVD), Sonatype OSS Index, GitHub Advisories, and VulnDB from Risk Based Security. The platform has a flexible policy engine and identifies security, operational, and license risk across development teams, suppliers, and partners in the supply chain.</p> - - Steve Springett - - - - - https://dependencytrack.org/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:20 - D.dependency - tracking_software_dependencies - Tracking Software Dependencies - - Software composition and dependency management - devroom - - <p>The accurate identification of software elements and their dependency relationships are critical for understand when specific software is exploitable. Different types of dependencies necessary for security use cases will be explored.</p> - <p>Recently identified vulnerabilities found in Log4j has made it clear that we need to be able to track how software is included and used in applications and systems. The first challenge is identifying the software element (be it an application, library, component, file, snippet) accurately when there may be multiple ways to refer to it. The next challenge is clearly articulating the dependencies between these software elements. Once a vulnerability is identified and correlated with a well identified software element, the dependency information can be used to find if any key software elements may be impacted.</p> - -<p>This talk will go through the approaches for identifying software via external references, as well as they types of relationships that have proven useful in tools so far to map out dependencies between the elements that tools producing SPDX SBOMs have found useful to date. We will demonstrate a proof of concept utility where an SPDX document with relationship information can be used to query the OSV online vulnerability database.</p> - - Kate Stewart - Gary O'Neall - - - - - SPDX community homepage - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:20 - 00:40 - D.dependency - software_composition_dependency_panel_4 - Panel 4: Software Compositions and Dependency Tools - - Software composition and dependency management - devroom - - <p>As the presentations discuss, identifying dependencies can be a tedious task. It depends on the software project itself, as well as the used technology stack how certain dependencies can be identified. In the panel discussion about the special stories when trying to identify all dependencies.</p> - - - Philippe Ombredanne - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - 10:00 - 00:10 - D.sds - sds_ceph_csi_k8s_migration - Migrate to Ceph-CSI - Migrate your persistent volumes from old volume plugins to Ceph-CSI - Software Defined Storage - devroom - - <p>Currently, to access storage, many different type of Volume Plugins are used. But many of them like "FlexVolume" and "In-tree" are either OLD, or deprecated.</p> - -<p>In our talk, we wish to discuss the solution of the same, by sharing information about the different types of volume plugins; and demonstrating the migration procedure from deprecated plugins to the latest "CEPH-CSI"(https://github.com/ceph/ceph-csi); with a pre-recorded demo of the same.</p> - - - Yug Gupta - Subham Rai - - - - - persistent-volume-migrator - ceph-csi - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.sds - sds_garage_introduction - Introducing Garage, a new storage platform for self-hosted geo-distributed clusters - - Software Defined Storage - devroom - - <p>Garage is a new storage system for building geo-distributed storage clusters. Garage is developped by Deuxfleurs, an experimental self-hosting collective.</p> - -<p>Garage targets primarily home-grown clusters composed of second-hand commodity hardware, spread over multiple physical locations for redundancy. This deployment scenario implies strong constraints on the software, such as having to deal with slow nodes and high latency between nodes. In a fist part of this talk, we will show how Garage's design enables it to function very well in this scenario, contrarily to other solutions we have tested such as Minio or Glusterfs.</p> - -<p>Garage is focused on implementing the Amazon S3 protocol, a de-facto standard that makes it directly usable as a storage backend for many web applications (such as Nextcloud) or as a backup target. A second part of this talk will be focused on showing how Garage integrates with Deuxfleurs' current self-hosting stack, and how it can be easily configured with a variety of applications.</p> - - - Alex Auvolat - - - - - Website - Source code - Benchmarks - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.sds - sds_replicate_and_migrate_ceph_rgw_to_cloud - Data Replication and Migration from Ceph RGW to Cloud - - Software Defined Storage - devroom - - <p>With seemingly insatiable demand for and growth of data within the organizations, secure and quick movement of the data often becomes a challenge in any Hybrid Cloud enviroment. The external tools and multi-cloud gateway providers add overhead to the latency and may not leverage full capabilities of On-Prem infrastructure. To overcome this, Ceph distributed storage, often handling petabytes of data, provides ways to move data directly from its OnPrem S3 RGW servers to multiple cloud providers, thus easing data movement.</p> - -<p>In this session, we will briefly discuss about the CloudSync and CloudTransition features in Ceph RadosGateway (RGW) which can be used to replicate and migrate data to any external cloud providers.</p> - <p>We will also look into how to configure and enable these features, their current limitation and future work.</p> - -<p>As a pre-requisite, it would help to know what ceph object gateway is and how it works (https://docs.ceph.com/en/latest/radosgw/)</p> - - Soumya Koduri - - - Data Migration and Replication from Ceph RGW to Cloud - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:40 - D.sds - sds_cosi_update - COSI : a brief update - - Software Defined Storage - devroom - - <p>For applications in Kubernetes, CSI provides a way to consume file/block storage for their workloads. The main motivation behind the Container Object Storage Interface is to provide a similar experience for Object Store. Basic idea is to provide a generic, dynamic provisioning API to consume the object store and the app pods can access the bucket in the underlying object-store like a PVC. The major challenge for this implementation there is no standard protocol defined for object and the COSI project need to be vendor agonistic. For example, in the case of RGW, the application can request for S3 bucket and Swift bucket from the same ceph-cosi driver. Ideally, the Kubernetes resource for the bucket can be migrated to the different cloud if the drivers support it and the application can seamlessly continue with the same k8s object. It won't handle the orchestration/management of object store, rather it will be another client and provide bucket access on behalf of applications running in Kubernetes. -A similar session was given in last FOSDEM'21, but the whole project went through design changes and will share that information.</p> - - - Jiffin Tony Thottan - - - - - ceph-cosi-driver - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 14:20 - 00:55 - D.valgrind - valgrind_freebsd - Upstreaming the FreeBSD Port - - Valgrind - devroom - - <p>Introduction - about me. Overview of the FreeBSD ports system. History of the FreeBSD port. The mechanics of how Valgrind works - the launcher, stack creation, ELF parsing and much more (but not in too much detail). A description of some of the major issues that were fixed. How clang code generation differs from GCC and the kinds of problems that it causes. Future work - outstanding bugs and other hardware platforms.</p> - - - Paul Floyd - - - Upstreaming Keynote Slides - Upstreaming PDF - Upstreaming PowerPoint - Plain text transcript - - - Github repo used during the upstreaming process - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:20 - 00:25 - D.valgrind - valgrind_avx512 - Enable AVX-512 instructions in Valgrind - - Valgrind - devroom - - <p>AVX-512 is a set of vector assembly instructions available on Intel Xeon Phi processors (for example, Skylake). To allow Valgrind analyze the code compiled with these instructions, they have to be explicitly enabled in Valgrind. -The presentation will briefly describe the specifics of AVX-512 instructions and describe in more detail the way it is has been prototyped in Valgrind.</p> - - - Tanya Volnina - - - AVX-512 Valgrind slides - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:50 - 00:35 - D.valgrind - valgrind_debuginfo - Valgrind and debuginfo - - Valgrind - devroom - - <p>With debuginfo Valgrind can provide more useful information about issue found. But till recently it was sometimes hard to get at the debuginfo and valgrind startup time would be really slow parsing the debuginfo. With the introduction of debuginfod support getting the debuginfo is much easier, if your distribution supports it. And the parsing of debuginfo has been improved dramatically. This talk will explain how debuginfod integrates with valgrind and how the debuginfo parsing was improved.</p> - - - Mark Wielaard - - - Valgrind and Debuginfo slides - Valgrind and Debuginfo transcript - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:25 - D.valgrind - valgrind_riscv - Valgrind on RISC-V - - Valgrind - devroom - - <p>Valgrind is an instrumentation framework with support for a wide range of general-purpose processor architectures. RISC-V is a modern open-standard architecture which has seen increasing adoption lately. The talk describes an effort to add support for this new architecture in Valgrind.</p> - -<p>The talk provides a brief overview of the dynamic translation in Valgrind and a short introduction to the RISC-V architecture. It then discusses implementation work to add support for RISC-V in Valgrind, and finally presents the current state of this project and outlines future plans.</p> - - - Petr Pavlu - - - - - - https://github.com/petrpavlu/valgrind-riscv64/ - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:25 - D.valgrind - valgrind_isa31 - Adding Power ISA 3.1 instruction support to Valgrind - - Valgrind - devroom - - <p>The Power ISA 3.1 is an extension of the Power instruction set. The presentation is targeted at the Valgrind developer who is interested in implementing new instruction support in Valgrind. The presentation will discuss implementing new instuctions using Iops, clean helpers and dirty helpers in Valgrind. A brief discussion of the functionality of the new instructions in the Power ISA 3.1 instruction set will also be discussed.</p> - - - Carl Love - - - Adding ISA 3.1 support to Valgrind - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.valgrind - valgrind_20 - 20 years of Valgrind - Celebration - Valgrind - devroom - - <p>Valgrind is 20 years old now! On July 27, 2002 Valgrind 1.0 was released. And the initial commit to the code repository was March 22, 2002. But the real birthday of Valgrind might go back as far as the Norse Mythology. Please come and join us for a celebration of (at least) 20 years of Valgrind. A retrospective of the project and (your) ideas for the next 20 years.</p> - - - Julian Seward - Mark Wielaard - - - - - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - 10:00 - 00:30 - D.web3 - peergos - Peergos - Combining peer-to-peer connectivity, end-to-end encryption and fine grained access control to build a secure and privacy focused self-certifying web protocol - - Web3 Infrastructure - devroom - - <p>Peergos gives users total control over their data. That means: Where it is, Who can see it, Who can't see it.</p> - -<p>Used as a global file system, Peergos provides a private space where you can store, share and view your media and documents. Individual content can be shared outside peergos via secret links and whole static sites can be hosted via a gateway.</p> - -<p>Used as an application platform, Peergos provides productivity tools like a calendar, todo/project boards and document viewer/editors. In the near future users will be able to add their own applications using the same secure application protocol.</p> - -<p>Used as a communication platform, Peergos provides a social media feed, group chat and an email bridge.</p> - -<p>Peergos is open source and self-hostable.</p> - -<p>This talk with introduce Peergos. It will expand on the project's goals, its architecture and some of the technical details. It will provide a walkthrough of the current functionality and a sneak-peak of what the future may hold.</p> - - - kevin o'dwyer - - - Peergos Slides - - - Peergos website - Main Github repository - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 10:30 - 00:30 - D.web3 - ahau - Āhau: Māori Identity & Data Sovereignty - - Web3 Infrastructure - devroom - - <p>Āhau is a FOSS project from Aotearoa New Zealand, built to meet the data needs of Māori. This talk will share insights from thinking in a less Eurocentric way about data, and how the need for data sovereignty has lead us to p2p data models, which fit really well with human-focused systems. Over the last 3 years, we've built a desktop application on secure scuttlebutt that is currently in use by hapū and iwi (tribal groups) to record family histories and create tribal registries.</p> - <p>Slides: https://mixmix.gitlab.io/fosdem22-ahau/#/</p> - -<p>Repo: https://www.gitlab.com/ahau/ahau</p> - -<p>Homepage: https://ahau.io/</p> - -<p>Technologies: -- secure scuttlebutt - http://dev.scuttlebutt.nz, https://scuttlebutt.nz (p2p messaging) -- tangle-js - https://gitlab.com/tangle-js (used to build ssb-crut) (CRDT-like tech) -- hyperdrive - https://github.com/hypercore-protocol/hyperdrive (hyper/ DAT for large files) -- sodium-native - https://github.com/sodium-friends/sodium-native (encryption)</p> - - Mix Irving - - - - - Āhau website - Code repo - Slides - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:00 - 00:30 - D.web3 - wasm4d - WASM for dummies - A very short primer in a series of acts - Web3 Infrastructure - devroom - - <p>Web Assembly has been touted to be the next best thing after containerization. But what is WASM exactly? Why are people so excited about it and how is it relevant in this day and age? Has Javascript finally found a worthy replacement? "WASM for dummies" is a talk that was born out of the necessity for more content in this space. Also, it definitely contains a lot of stuff the speaker wishes somebody would have spoken about when she began her journey.</p> - - - Divya Mohan - - - Slides for the presentation - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 11:30 - 00:30 - D.web3 - aqua_fluence - AquaVM: Empowering distributed systems with Fluence - - Web3 Infrastructure - devroom - - <p>At Fluence we are developing an open stack solution that allows developers to choreograph and compose distributed, peer-to-peer hosted services. An integral pillar of this stack is AquaVM, github.com/fluencelabs/aquavm, a composability medium developed in Rust. AquaVM is the Rust-based AIR interpreter compiles to WebAssembly and allows for the seamless orchestration of peer-to-peer hosted, Wasm-based services. In this talk, we demonstrate and discuss the use of AIR and some it internals. Moreover, we present the project evolution from its beginning in the context of Rust and Wasm.</p> - - - Mike Voronov - - - - - source code of the interpreter - source code of the compiler - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:00 - 00:25 - D.web3 - humanity - xHumanity and Web3 - xHumanity - reputation, reduction of fake news, and privacy - Web3 Infrastructure - devroom - - <p>xHumanity is a project that started from the idea of identifying the future of digital identities. This concern resonated all over the globe. We thus gathered an international team. Our concern is based on the increased impact social media has on our lives, but also the context of the amplification of disinformation actions. -We aim to run a foundation focused on providing our audience with a digital platform based on three pillars, which are reputation, reduction of fake news, and privacy. We aim to empower customers by providing them with a better way of living.</p> - <p>Reputation -Blockchain technology could help all parties involved in any types of transactions. But not alone. To construct a secure and trustable transaction we need to start with valid data. This data in our case will be provided through reputation protocol. Everyone's reputation passport will reduce friction between parties.</p> - -<p>Privacy -xHumanity enables decentralized identities: self-managed identities hold that individuals should have control over their own personal data and determine how it is shared with others. End-to-end encrypted communication: the difference between xHumanity and the current messaging app landscape is that xHumanity does not require users’ phone numbers to provide access to its services and features.</p> - -<p>Reduction of fake news -One of our main goals is to reduce and eliminate fake news from the internet space through a few principles from the gaming theory. Peoples’ involvement in the game is essential, as they are the main actors in creating new social rules.</p> - - Cosmin Vranceanu - - - - - - - https://xhumanity.org - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 12:30 - 00:35 - D.web3 - fluence - Commoditizing P2P development - With Aqua language and Fluence - Web3 Infrastructure - devroom - - <p>yeah</p> - <p>Peer-to-peer protocols seem nice and promising, but are actually hard to design and implement properly. Fluence addresses this problem with Aqua, the new-gen distributed language designed for programming p2p networks that can help in a variety of multi-agent scenarios, from notifications pushing to consensus algorithms. We will speak about the infrastructure and tooling we have, and how to make a simple p2p protocol with a few lines of code.</p> - - Dmitry Kurinskiy - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:05 - 00:25 - D.web3 - earthstar - Earthstar - The merits of being a bicycle when everything else is a hyperloop. - Web3 Infrastructure - devroom - - <p>Earthstar is a specification and Javascript library for building online tools you can truly call your own.</p> - -<p>By being light, simple, and cheap, bicycles confer huge amounts agency to their users. 'Web3' doesn't have a lot of bicycles.</p> - -<p>Instead it's got a lot of hyperloops: slick, complex, expensive, and with very little application.</p> - -<p>What can we learn from bicycles when we design new tools for the web? Earthstar occupies a relatively unexplored band of the contemporary web3 spectrum: ephemerality, lightness, offline-ness, malleability, and serving groups of people who already know each other.</p> - -<p>This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073. Applications are still open, you can apply today.</p> - - - Sam Gwilym - - - - - https://earthstar-project.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 13:30 - 00:25 - D.web3 - ipfs - Edges Are Infrastructure: IPFS Everywhere for a More Resilient Future - Adventures in IPFS support across Bluetooth, mobile devices, XR and more! - Web3 Infrastructure - devroom - - <p>This is an overview of IPFS integrations across various platforms, devices and network transports - including browser integrations, video demos of IPFS apps on a native web3-based OS on Pixel 3, IPFS content loaded into various XR devices like Oculus Quest and HTC Vive Flow, and mobile-to-mobile IPFS apps via Bluetooth LE.</p> - - - Dietrich Ayala - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:00 - 00:30 - D.web3 - quark - The Quark Browser - Uncovering the paths through the web - Web3 Infrastructure - devroom - - <p>The internet is an entire universe. Countless links emerge and die off every minute. Each of us have our own habits and patterns across it. Our browsing is increasingly complex, so it makes no sense why we're still using technology based on filing cabinets -- tabs, files, folders. Quark is the DWeb browser x social platform that shows you paths across the internet. Imagine if you could bump into someone else looking at similar content/search results, see where they've been, and tag along to discover content together.</p> - -<p>In this presentation, I'll share use cases for The Quark Browser, as well as how this tool can address the existential crises of the siloed Web 2.0 internet by making the internet more serendipitous, visual, and communal.</p> - <p>The internet is bustling with activity, but today we can only meet and interact with others at specific “parties.” These online "parties" are free to enter, serve free drinks, and play good music. But in exchange, the hosts of these parties sell your information. The Quark Browser asks the question: What if you can meet and interact with like-minded people <em>anywhere</em> on the internet?</p> - -<p>The Quark Browser delivers the decentralized p2p vision of DWeb and makes it accessible to the public, no matter their level of technical understanding. Unlike most Web3 companies which innovate with a financial, privacy, or technical focus, Quark does so from a unique interaction design approach. Our vision is product-focused – to build a dynamic, living, and persistent “playground” that nurtures meaningful social connections. With a business model, technology stack, and experience design that learns from the mistakes of Web 2.0, Quark aims to bring variety and serendipity to the content we discover, connect ideas via relational maps, and help us build peer-to-peer communities of likeminded people all in line with the browsing experience.</p> - -<p>We are a two-person team of multi-time founders – Joy, the Founder/CEO, and Sam, the founding Product Designer. This is Joy’s fourth startup, and Sam’s second. Sam’s first startup at age 14 was featured in the Colombian equivalent of “Financial Times” and was invited to Shark Tank. He is a Gen-Z self-learner which makes him familiar with the modern pain points in complex browsing. Joy completed a master's thesis on the very problem that Quark solves. She has worked for companies such as Apple, IDEO, and Fiat Chrysler Automobiles. Her undergraduate degree is in mechanical engineering and human-computer interaction from Georgia Tech, and her master's in interdisciplinary design engineering from the Royal College of Art and Imperial College London. We are looking for a CTO/Tech Lead to help lead the technological development.</p> - - Joy Q Zhang - - - Slides - - - Use case for The Quark Browser for sustainability research - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 14:30 - 00:30 - D.web3 - swarm - Swarm, what's in it for me? - Developers edition - Web3 Infrastructure - devroom - - <p>The option to choose a decentralized storage network in the stack of your application is far-reaching but perhaps not well understood. In this presentation, I intent to give guidance and understanding by answering the question of when it makes sense to use Swarm in your stack. -I start with a brief introduction to Swarm after which I highlight 3 (not so) typical applications which already run on top of Swarm. I end by introducing the paradigm shift that we see happening when developers start to explore Swarm and truly get to know what it means for them--the avenues that Swarm opens and the new patterns that can be explored.</p> - -<p>I hope to see you at my presentation and be sure to take all your questions to the live Q&amp;A!</p> - - - Rinke Hendriksen - - - - - Ethereum Swarm - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:00 - 00:30 - D.web3 - libp2p - State of libp2p - Status quo and future roadmap of the peer-to-peer networking library libp2p. - Web3 Infrastructure - devroom - - <p><a href="https://libp2p.io">libp2p</a> is a universal, cross-platform, multi-language, modular peer-to-peer networking library powering multiple large-scale networks, for example IPFS, Ethereum 2, Filecoin or Polkadot.</p> - -<p>We will discuss the current state of the project, eyeball the various language implementations, take a look at the many live networks running on top of libp2p today and finally cover the project roadmap for the years to come.</p> - - - Max Leonard Inden - - - slides.pdf - - - Project Homepage - Specifications - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 15:30 - 00:30 - D.web3 - hyperhyper - Hyper Hyper Space: In-browser p2p applications - A quick tour on using the browser as a p2p node - Web3 Infrastructure - devroom - - <p>A quick tour on using Hyper Hyper Space datatypes to create fully distributed structures for collaborative applications.</p> - -<p>We'll start with a simple last-writer-wins JSON object, to complex structures like a moderated chat room and a simple ledger.</p> - -<p>Then we'll open them inside a web browser, using plain javascript, and show how the web can be used as a platform for truly peer-to-peer applications.</p> - <p>The Hyper Hyper Space library offers two things:</p> - -<ul> -<li><p>A data modeling language, that presents building blocks to create and compose CRDT-like operational datatypes, that are backed by a Merkle-DAG.</p></li> -<li><p>A synchronization protocol for Hyper Hyper Space datatypes, with an implementation that works both in-browser (through WebRTC &amp; IndexedDB) and NodeJS.</p></li> -</ul> - - -<p>In this talk we'll focus on how to use the modeling language, and see in practice how to use the created objects inside a web browser using JavaScript.</p> - - Santiago Bazerque - - - - - Project Homepage - Demo - Core Library - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:00 - 00:30 - D.web3 - where - Collabortive group self-awareness with Where, a Holochain app - A demo of how distributed ledger tech can up-regulate group capacity. - Web3 Infrastructure - devroom - - <p>A playground for group self-awareness (awhereness?) on holochain</p> - <p>Groups, especially remote collaborative groups, often lack contextual information about collaborators that makes working together harder. Co-locating oneself across a number of spaces in the context of a group (or groups) provides an important avenue for improving both sense-making and working together. Where provides a generalized grammar for creating shared maps for groups to see the emergent "whereness" of each other, as well as the grammatics to self-evolve these spaces and how to represent "location" in them.</p> - -<p>Read more in Eric's blog post about Where (https://eric.harris-braun.com/blog/2021/09/16/id-377) and explore the details in Where's github repo (https://github.com/lightningrodlabs/where)</p> - - Eric Harris-Braun - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 16:30 - 00:25 - D.web3 - didkit - Verifiable Credentials and Decentralized Identifiers with DIDKit - - Web3 Infrastructure - devroom - - <p>We present DIDKit, a toolkit for Verifiable Credentials and Decentralized Identifiers, implemented in Rust. This includes an introduction to Verifiable Credentials ("VCs"), a W3C Recommendation; to Decentralized Identifiers ("DIDs"), a Proposed W3C Recommendation; and to the signing formats used with these: JSON Web Signatures (JWS) and Linked Data Proofs. Charles Lehner will demo using DIDKit to issue, present and verify verifiable credentials using DIDs based on cryptographic keypairs. Charles is joined by Juan Caballero (@bumblefudge) for the Q&amp;A.</p> - - - Charles Lehner - - - Slides (PDF export) - Slides (zip archive) - Verifiable Presentation with embedded Verifiable Credential, generated during the demo - - - ssi: core library used in DIDKit - DIDKit: Toolkit for Decentralized Identifiers and Verifiable Credentials - DIDKit - dev portal - Slides (web page) - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:00 - 00:25 - D.web3 - solid - Building Interoperable Applications with Solid in 2022 - - Web3 Infrastructure - devroom - - <p>Each time a new software project is created, a new data silo is also made. Solid, the decentralized web network pioneered by Tim Berners-Lee, aim to combat the expanding number of data silos by standardizing a global decentralized knowledge graph. Though, this is easier said than done. Ensuring all applications using the knowledge graph are interoperable is a massive undertaking.</p> - -<p>This talk will detail the ongoing efforts to make it easier for application developers to build interoperable applications, the yet to be implemented future visions for interoperability, and how these methods can be used in other decentralized web projects outside of Solid.</p> - - - Jackson Morgan - - - - - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - 17:30 - 00:30 - D.web3 - onecommons - How to build a free and open cloud - - Web3 Infrastructure - devroom - - <p>This talk will explore how we can bring open source collaboration to building and running cloud services. We present our vision of "Open Cloud Services" that provide the same openness and freedom to users and developers as open-source software. But running a cloud service requires resources so how can that be funded? An ideal solution would be simple, equitable and fair -- and not compromise the ethos of open source. We'll discuss our attempt at solving this puzzle, a funding mechanism we call cloud funding. -Next, we'll introduce Unfurl, our DevOps tool for building reproducible, cloud-provider independent open cloud services and then look to future Web3 and decentralization technologies that make this possible -- specifically how blockchain-based decentralized data and remote attestation, transparent and reproducible open cloud services, and next-generation secure-computing cloud infrastructure all combine to provide the building blocks of a free and open cloud.</p> - - - Adam Souzis - - - Slides for Talk - - - https://onecommons.org - Video recording(WebM/VP9) - Video recording(mp4) - Chat room (web) - Chat room (app) - Hallway chat room (web) - Hallway chat room (app) - Submit feedback - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 10:00 - 00:15 - S.kde - kde_news - KDE News - Adam Szopa - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - 10:30 - 00:30 - S.kde - kde_plasma - Plasma 5.24 tour - Adam Szopa, Aniqa Khokhar and Paul Brown - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - 12:00 - 01:00 - S.kde - kde_tokodon - Live coding session with Tokodon - Carl Schwan - KDE Community stand - standtrack - - - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 09:00 - 09:00 - I.infodesk - infodesk_sunday - The Virtual FOSDEM Infodesk (Sunday) - - Infodesk - infodesk - - <p>Need any assistance during the event? Join us in here!</p> - - - - - - - Chat room (web) - Chat room (app) - Submit feedback - - - - - - diff --git a/FosdemTests/schedule_2023.xml b/FosdemTests/schedule_2023.xml deleted file mode 100644 index caf4248..0000000 --- a/FosdemTests/schedule_2023.xml +++ /dev/null @@ -1,119 +0,0 @@ - - - - FOSDEM 2023 - - ULB (Université Libre de Bruxelles) - Brussels - 2023-02-04 - 2023-02-05 - 2 - 09:00:00 - 00:05:00 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Localizable.xcstrings b/Localizable.xcstrings new file mode 100644 index 0000000..d06f41c --- /dev/null +++ b/Localizable.xcstrings @@ -0,0 +1,299 @@ +{ + "sourceLanguage" : "en", + "strings" : { + "%@" : { + + }, + "🇺🇦" : { + + }, + "🍺" : { + + }, + "🔨" : { + + }, + "🧑‍💻" : { + + }, + "About" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Over" + } + } + } + }, + "Bookmarks only" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Alleen favorieten" + } + } + } + }, + "Chat" : { + "extractionState" : "manual", + "localizations" : { + "en" : { + "stringUnit" : { + "state" : "translated", + "value" : "Chat" + } + } + } + }, + "Description" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Omschrijving" + } + } + } + }, + "Details" : { + + }, + "Favorite" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Favoriet" + } + } + } + }, + "Filter lists" : { + + }, + "Filters" : { + + }, + "FOSDEM" : { + + }, + "Fosdem %@" : { + "extractionState" : "manual" + }, + "Future events only" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Alleen toekomstige presentaties" + } + } + } + }, + "Hi, SMillerDev here.\nAs a Homebrew maintainer and Nextcloud/news developer I love going to FOSDEM,\nbut as an Apple user the apps are not as plentyful as for Android.\nThat's why I made this!\nIf you find this app useful, consider donating to the folowing causes:" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Hi, SMillerDev hier.\nAls een Homebrew maintainer en Nextcloud/news developer vind ik het leuk om naar FOSDEM te gaan. Maar als Apple gebruiker zijn er niet zo veel apps als op Android. Daarom heb ik deze gemaakt!\n\nAls je deze app handig vind, overweeg dan te doneren aan de volgende doelen: " + } + } + } + }, + "Homebrew" : { + + }, + "If you have improvements you can suggest them at:" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Als je verbeteringen hebt, kan je ze melden op:" + } + } + } + }, + "Links" : { + + }, + "Live Video" : { + + }, + "Local timezone" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Lokale tijdzone" + } + } + } + }, + "My events" : { + "extractionState" : "manual", + "localizations" : { + "en" : { + "stringUnit" : { + "state" : "translated", + "value" : "My bookmarks" + } + }, + "nl" : { + "stringUnit" : { + "state" : "needs_review", + "value" : "Mijn keuzes" + } + } + } + }, + "No Bookmarks yet" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Nog geen favorieten" + } + } + } + }, + "No description" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Geen omschrijving beschikbaar" + } + } + } + }, + "No links" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Geen links beschikbaar" + } + } + } + }, + "No video available 😔" : { + + }, + "People" : { + "extractionState" : "manual", + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Sprekers" + } + } + } + }, + "Room available" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Plekken beschikbaar" + } + } + } + }, + "Room full" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Kamer vol" + } + } + } + }, + "Rooms" : { + "extractionState" : "manual", + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Locaties" + } + } + } + }, + "Settings" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Instellingen" + } + } + } + }, + "Share web link" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Deel web link" + } + } + } + }, + "Still loading events" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Presentaties laden nog" + } + } + } + }, + "The issue tracker" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "De issue tracker" + } + } + } + }, + "Tracks" : { + "extractionState" : "manual", + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Onderwerpen" + } + } + } + }, + "Ukraine" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Oekraïne" + } + } + } + }, + "Year" : { + "localizations" : { + "nl" : { + "stringUnit" : { + "state" : "translated", + "value" : "Jaar" + } + } + } + } + }, + "version" : "1.0" +} \ No newline at end of file diff --git a/Package.resolved b/Package.resolved index ff793bf..12e9411 100644 --- a/Package.resolved +++ b/Package.resolved @@ -1,16 +1,23 @@ { - "object": { - "pins": [ - { - "package": "SwiftyXMLParser", - "repositoryURL": "https://github.com/yahoojapan/SwiftyXMLParser.git", - "state": { - "branch": null, - "revision": "d7a1d23f04c86c1cd2e8f19247dd15d74e0ea8be", - "version": "5.6.0" - } + "pins" : [ + { + "identity" : "pentabarfkit", + "kind" : "remoteSourceControl", + "location" : "https://github.com/SMillerDev/PentabarfKit", + "state" : { + "branch" : "main", + "revision" : "845f413bd7bb48c4bed1650153a33bbaf184c941" } - ] - }, - "version": 1 + }, + { + "identity" : "swiftyxmlparser", + "kind" : "remoteSourceControl", + "location" : "https://github.com/yahoojapan/SwiftyXMLParser.git", + "state" : { + "revision" : "d7a1d23f04c86c1cd2e8f19247dd15d74e0ea8be", + "version" : "5.6.0" + } + } + ], + "version" : 2 } diff --git a/Package.swift b/Package.swift index 06d8e34..37a25ee 100644 --- a/Package.swift +++ b/Package.swift @@ -1,4 +1,4 @@ -// swift-tools-version:5.7 +// swift-tools-version:5.9 import PackageDescription let package = Package( @@ -9,10 +9,10 @@ let package = Package( products: [ ], dependencies: [ - .package(url: "https://github.com/yahoojapan/SwiftyXMLParser.git", from: "5.0.0"), + .package(url: "https://github.com/SMillerDev/PentabarfKit", .branch("main")) ], targets: [ - .target(name: "Fosdem", dependencies: ["SwiftyXMLParser"], path: "Fosdem"), + .target(name: "Fosdem", dependencies: ["PentabarfKit"], path: "Fosdem"), .testTarget( name: "FosdemTests", dependencies: ["Fosdem"],