We Make Fedora

News reports have been reminding us on a regular basis that the Pentagon is limiting the support it provides to allies. European countries need to listen to President Trump and take defence more seriously, especially cybersecurity.

My advice to Dr Amandine "cryptie" Jambert is quite simple: if she wants to help Europe faces the challenges ahead, she needs to admit she was fooled by the FSFE misfits. More importantly, she needs to apologize to those people she fooled and recruited to join the same scam.

If Jambert feels bad, it's not because of harassment. It is because she was fooled and she has been used so effectively to fool others too. To clear her conscience, she needs to own up to that and apologize.

If she can't make this admission and apology in her own personal context, how can she be effective in her role as an expert in an office of the European Commission.

From the Catechism, paragraph 1847:

1847. "God created us without us: but he did not will to save us without us." To receive his mercy, we must admit our faults. "If we say we have no sin, we deceive ourselves, and the truth is not in us. If we confess our sins, he is faithful and just, and will forgive our sins and cleanse us from all unrighteousness."

1849 Sin is an offense against reason, truth, and right conscience; it is failure in genuine love for God and neighbor caused by a perverse attachment to certain goods. It wounds the nature of man and injures human solidarity. It has been defined as "an utterance, a deed, or a desire contrary to the eternal law."

What this tells us is that when Jambert is unable to admit that she was fooled by the FSFE misfits because of her ego. Ego is frequently a factor in sinful behaviour.

The catechism goes on

1859 Mortal sin requires full knowledge and complete consent. It presupposes knowledge of the sinful character of the act, of its opposition to God's law. It also implies a consent sufficiently deliberate to be a personal choice. Feigned ignorance and hardness of heart133 do not diminish, but rather increase, the voluntary character of a sin.

What this tells us is that when Jambert and I both became aware of the FSF/FSFE deception in 2017, our continued participation with full knowledge and complete consent would have become mortal sin. I understood and I quickly resigned. Why didn't Jambert?

Subject: FSF asking us to change our name II
Date: Tue, 23 May 2017 08:39:00 +0000
From: Matthias Kirschner <mk@fsfe.org>
To: ga@fsfeurope.org

Dear members,

as we wrote in our last mail we have again been approached by the FSF to
change our name. Below there is a summary of the situation as well as
the proposed next steps. Please let us know if you have any questions.
It is longer than I wished for, but we had several new people join the
GA since the last time we discussed this.

...

Look at the consequences for people who have been fooled by the FSFE misfits.

Subject: Re: Financial results 2016 online
Date: Tue, 23 May 2017 23:11:46 +0200
From: Reinhard MÃ¼ller <reinhard@fsfe.org>
Organization: Free Software Foundation Europe
To: team@lists.fsfe.org

Hi, Max!

Am 2017-05-23 um 22:37 schrieb Max Mehl:
> This seems to be the first year
> with a turnover of more than 1 million Euros, right?

Not quite, at least not for my definition of the word "turnover" ðŸ™‚. It
would be more like 650k (the income), which is still the highest value
we ever had.

> It seems the non-Fellowship-donations have increased by more than 80%
> (which is a remarkable number!). Could you please elaborate why this is
> the case? Have there been single huge donations, or rather multiple
> medium donations? Are they connected to our legal work or something
> else?

In 2016, we received a significant sum from an inheritance where FSFE
was the principal heir. The deceased person stated very clearly in the
last will that FSFE is expected to not make much noise around this, and
we of course respected this.

We also received a significant one-time donation from Lars P Mathiassen
who is listed on our ThankGNUs page anyway.

...

These people ask us to trust them on serious issues such as electronic payments facilitated by blockchain and cryptocurrency. How can we trust Jambert's advice on those topics if she can't even recognize the confusion between FSF and the fake FSFE misfits?

Dr Amandine "cryptie" Jambert has a PhD in cryptography and a safe government job, previously at CNIL and now at the European Data Protection Board (EDPB).

What on earth is the motive for this woman and some associates to lie and attack my family when my father died?

Out of coincidence, Pierre-Elliott BÃ©cue, of the French military cybersecurity office ANSSI obtained his PhD at the same university as Jambert only ten years later. Like Jambert, BÃ©cue has also been observed attacking my family at the time when my father died and immediately after the conviction of the late Cardinal George Pell.

The previous blog went over the history of the lies, making it clear that Jambert has always had conflicts of interest.

Nonetheless, for any crime, it is always important to look at the motive in some detail.

Cryptography, in general, hopes to solve two main problems. Firstly, you want to make sure that messages are protected from eavesdropping. We call that encryption. Secondly, you want to make sure the person at the other end of the communications channel really is who they claim to be, that is authentication.

We often use the fictional characters Alice, Bob, Eve and Mallory to demonstrate these concepts with a diagram. Here, to help Jambert see it in these terms, I've overlaid Jambert, the real Richard Stallman and the fake FSFE president Matthias Kirschner on top of Alice, Bob & Mallory.

Amandine Jambert, cryptie, EDPB, CNIL, Richard Stallman, RMS, FSF, Matthias Kirschner, FSFE

In a technical sense, we have various ways to solve those encryption and authentication problems using advanced mathematics. The mathematics isn't important in this case.

Focus on the second part of the cryptography problem given above, the importance of verifying the authenticity of the person or organization you are corresponding with. In cryptography, our goal is to communicate with the real Bob, or in this case, the real Richard Stallman, founder of the real FSF.

According to my previous blog about Jambert's history, she was recruited to join the Free Software Foundation Europe (FSFE) misfits in 2012. Was she one of many people who were fooled and believed we were joining the FSF and Dr Richard Stallman?

Should an expert in authenticating people be able to tell the difference between the FSF and the FSFE at the moment she was fooled to join the fake group, FSFE?

For five years from 2012 to 2017, Jambert may have been oblivious to the fact the FSFE misfits are not really part of the FSF. The FSF decided not to give a public warning so it is understandable that many people remained in the dark.

Nonetheless, when this issue was brought to our attention in 2017, in writing, we both became aware of it at the same time. Why was Jambert unable to understand this was a serious problem of identity/impersonation? People have communicated with, done voluntary work for and given money to the fake FSFE misfits believing it is a subsidiary or branch of the real FSF. From 2017, Jambert and I were both aware that people were being fooled.

I resigned from the FSFE in disgust in September 2018. Jambert stayed with the group until October 2023 and continues to associate with them in various ways.

Jambert's inability to comprehend and respond to this problem of authentication in the real world, even after I made public concerns about it, casts doubt over her own professional competence and her integrity. For example, in July 2018, she participated in the promotional video at Strasbourg to help the Germans recruit more French-speaking victims.

In parallel to this, we have the JuristGate scandal in Switzerland. For five years, the Swiss financial regulator, FINMA, appeared to be contemplating whether the company was a law office or an insurance office. During that time, professionals from other insurance companies and even a jurist from the Swiss police were fooled to quit their jobs and come and work for the rogue firm.

Why was the regulator unable to recognize it for what it was?

Back to Jambert, even if she doesn't care about being fooled by the Nigerian fraud, her attacks on my family are utterly selfish. As a member of the public service, why doesn't she take a moment to think about all the other victims of the fraud? How does Dr Richard Stallman feel when some other group is using his name to collect money from the public?

Jambert's lie has a motive. It looks like she is a woman in denial about her own incompetence, at least with respect to the FSF/FSFE dilemma, on matters of integrity, identity and authentication. As these concepts are fundamental to the practice of cryptography and e-commerce, she is lying to avoid answering further questions about her collusion in the FSF/FSFE deception.

As we are confronted with problems such as electronic cryptocurrency payments and artificial-intelligence generated videos, it is more vital than ever that professionals like Jambert need to show the highest level of integrity. Before she can help us with those challenges, she needs to come clean about the FSF/FSFE dilemma.

Things like this happen all the time and when we detect it, we have to be able to recognize what is going on and speak up. Look at the fake security company, Crypto AG that operated for decades in Switzerland. Now everybody knows it was really the CIA and BND.

It should be no big surprise that the FSFE misfits are just another scam.

In 2022, a woman from Lyon, France was tricked to quit the job she had held for seven years and go to work for an illegal legal insurance company in Geneva, Switzerland. Even the financial regulator, FINMA, knew about the illegal legal insurance company for up to five years but a series of tricks stopped them from shutting it down earlier.

Look at the analogous case of Dr Diana von Bidder-Senn, the mayor of Basel in Switzerland. Like Jambert, Diana von Bidder-Senn has a PhD in cybersecurity from the elite ETH Zurich. Yet she was unable to recognize that her own husband was being tricked by the social engineering attacks that have corrupted Debianism.

Subject: Re: condolences for Adrian
Date: Mon, 25 Apr 2011 15:02:18 +0200
From: Diana von Bidder <diana@fortytwo.ch>
To: Stefano Zacchiroli <leader@debian.org>

Dear Stefano
Thank you for your wonderful mail! Yes Debian and people were very
important to Adrian. I was glad that he was not only sitting alone in
front of his computer but to know that there are people out there that
estimate him and are his friends even if most of you did not know each
other personally.
The way you describe him (empathy, calm, insight, ... - just the Adrian
I know) assures me on how good friends of Adrian are out there. And I
will always continue to think of this (in a good way!) when continuing
to use debian (which I became quite fond of because of Adrian).
It's a pity that he couldn't go to Banja Luca anymore which he did so
much look forward to. Anyway, I wish you all the best and hope you
continue your good work.

- Diana

Her husband, Adrian von Bidder-Senn died on the very same day Carla and I got married. There appear to be many known victims in the Debian suicide cluster who were all tricked. They pretended that Debianism is a family but that is a trick. Read the detailed history of Adrian von Bidder-Senn's death on our wedding day.

Hello Fedora Community,

We are back with the final update on the Packit as Fedora dist-git CI change proposal. Our journey to transition Fedora dist-git CI to a Packit-based solution is entering its concluding stage. This final phase marks the transition of Packit-driven CI from an opt-in feature to the default mechanism for all Fedora packages, officially replacing the legacy Fedora CI and Fedora Zuul Tenant on dist-git pull requests.

What we have completed

Over the past several months, we have successfully completed the first three phases of this rollout:

Phase 1: Introduced Koji scratch builds.
Phase 2: Implemented standard installability checks.
Phase 3: Enabled support for user-defined TMT tests via Testing Farm.

Through the opt-in period, we received invaluable feedback from early adopters, allowing us to refine the reporting interface and ensure that re-triggering jobs via PR comments works seamlessly.

Users utilising Zuul CI have been already migrated to using Packit. You can find the details regarding this transition in this discussion thread.

The Final Phase: Transition to Default

We are now moving into the last phase, where we are preparing to switch to the default. After that, you will no longer need to manually add your project to the allowlist. Packit will automatically handle CI for every Fedora package. The tests themselves aren’t changing – Testing Farm still does the heavy lifting.

Timeline & Expectations

Our goal, as previously mentioned, is to complete the switch and enable Packit as the default CI by the end of February 2026. The transition is currently scheduled for February 16, 2026.

To ensure a smooth transition, we are currently working on the final configuration of the system. This includes:

Opt-out mechanism: While Packit will be the default, an opt-out mechanism will be available for packages with specialised requirements. This will be documented at packit.dev/fedora-ci.
Documentation updates: Following the switch, we will also adjust official documentation in other relevant places, such as docs.fedoraproject.org/en-US/ci/, to reflect the new standard.

We will keep you updated via our usual channels in case the target date shifts. You can also check our tasklist in this issue.

How to prepare and provide feedback

You can still opt-in today to test the workflow on your packages and help us catch any edge cases before the final switch.

While we are currently not aware of any user-facing blockers, we encourage you to let us know if you feel there is something we have missed. Our current priority is to provide a matching feature set to the existing solutions. Further enhancements and new features will be discussed and planned once the switch is successfully completed.

Bugs/Feature Requests: Please use our issue tracker.
Discussion: Join the conversation on discussion.fedoraproject.org.
Chat: Reach out to us in the #packit:fedora.im channel on Matrix.

We want to thank everyone who has tested the service so far. Your support is what makes this transition possible!

Best,

the Packit team

The post Packit as Fedora dist-git CI: final phase appeared first on Fedora Community Blog.

In the previous blog about the FOSDEM democracy panel discussion, I looked at how GNOME misfits attacked the volunteer Sonny Piers.

What does an ideal community representative look like? Well, there isn't one. The overlords prefer to have stooges and puppets in the boards and committees.

Now we pull aside the skirt of the FSFE misfits and look at how two female employees were given voting rights. There are thousands of very talented female developers out there who will never be allowed to vote or speak.

Why do they put these two paid employees on the voting roll but there were over 1,500 Fellows doing voluntary work and making donations to the FSFE misfits and none of those Fellows can vote any more?

Subject: GA membership application
From: Polina Malaja <polina@fsfe.org>
Date: 06/10/2017, 17:23
To: Matthias Kirschner <mk@fsfe.org>

Dear Matthias,

I would like to apply for the FSFE's GA. Please see my application below.

Thank you in advance.

Kind regards,

Polina

--

# Application

I have been involved with the FSFE already for more than 2 years. During
this time, in addition to becoming a full-time staffer, I have become a
strong supporter of the Free Software movement in general. I fully
support the ideas behind openness, collaboration and Free culture (as in
free from restrictions to reuse ideas, mix and match for a greater
creativity and innovation, and not 'free' as in 'gratis') where Free
Software is one of the strongest and most crucial movements for the
modern society.

I can say that the time spent in the FSFE has greatly contributed to my
personal and professional growth in both legal and policy work, and I
would be delighted to participate in the discussions on the GA level
concerning the future of the FSFE. I believe I can bring in a point of
view of a non-technical Free Software supporter who is affiliated with
the movement from policy and legal perspective.

--
Polina Malaja - Policy Analyst - Legal Coordinator
Free Software Foundation Europe, Schoenhauser Allee 6/7, 10119 Berlin
Contact: t +49-30-27595290 | Blog: blogs.fsfe.org/polina
Your support enables our work (fsfe.org/join)

From: Ulrike Sliwinski
Date: October 2017
To: Matthias Kirschner <mk@fsfe.org>
Hi Matthias,

hereby I am applying to become a member of FSFE's General Assembly. Even
though I am neither very familiar with the technical sides of Free
Software nor with FSFE's political undertakings I am sure I can
contribute from FSFE's administrative perspective, e.g. being the person
who sees and distributes lots of incoming requests in our ticket system.

Another reason for the decision to become part of the General Assembly
is that all male staffers of FSFE are members but none of the female
staffers are. With my application I would also like to help to support
FSFE's public image in this regard.

Kind regards,
Ulrike
-- 
Ulrike Sliwinski, Office Manager
Out of office on Fridays.
Free Software Foundation Europe e.V.
Schönhauser Allee 6/7, 10119 Berlin,+49-30-27595290.
Registered: Amtsgericht Hamburg, VR 17030.
Your support enables our work (fsfe.org/join)

In the detailed history of Amandine "cryptie" Jambert, we looked at how Jambert eventually admitted that "harassment" rumours were a lie to cover up her conflict of interest.

As part of the analysis, we presented evidence that Jambert is not mentioned in any of the 20,000 copyright files in Debian because she isn't a developer either. None of the women granted voting rights by the FSFE misfits appear to have any authorship status under copyright law.

To make an analogy, under real estate law, the owners of buildings are the landlords and the people who live in the buildings are the tenants. Imagine if the tenants could form an association, keep all the rent for themselves and make decisions for the landlords. Imagine if the landlords were not allowed to vote or make decisions. It sounds absurd. But that is the very nature of these free software umbrella groups. It is people who write no code trying to make decisions on behalf of the people who do write the code.

Debian is one of the largest collections of free, open source software with over 20,000 packages. We can search the copyright notices of all 20,000 packages using the Debian search system and see if any of these women have any status or if they are just two more stooges:

Click here to search for Polina Malaja, from the FSFE misfits in the debian/copyright files:

Polina Malaja, Council of European National Top-Level Domain Registries, CENTR, Debian, FSFE, copyright, license, groupie, president, cyberbully

Click here to search for Ulrike Sliwinski:

Ulrike Sliwinski, Debian, FSFE, copyright, license, groupie, cyberbully

Polina Malaja and domain name censorship facilitating plagiarism

Notice how Polina Malaja has gone to work for CENTR, Council of European National Top-Level Domain Registries.

In recent times, people have sought to hide the identity of real Debian co-authors by censorsing/stealing domain names. This is basically a form of plagiarism.

Has Polina Malaja, with her job at CENTR, had some role in facilitating this plagiarism and obfuscating who the real authors are?

The manner in which Matthias Kirschner has granted voting rights to various women like this causes a lot of embarassment for all the women.

People should not be angry at me for simply disclosing the emails and revealing the truth about this corruption. If anybody is angry about this, look at the overlords who do the choosing.

In a blog about grooming, Queen Kwong puts it like this:

The Curse of Being Chosen

Not all abuse is obvious. It can look like praise. It can look like opportunity. ...

At nineteen, Cassie met Sean Combs. He was her boss, her label head, her mentor, and eventually, her boyfriend. According to her lawsuit, she was surveilled, isolated, coerced ... . But this isn't only a case of blatant violence. It's one of domination disguised as devotion. It's a portrayal оf how grooming conditions victims for escalating patterns of control and harm.

...

Being chosen is the oldest trick in the book.

Say what you will about Baby Reindeer, but it did something most shows avoid—it depicted the messy, convoluted truth about abuse. ...

...

Using women as stooges, giving these two women the power to vote so they can jump the queue, makes them feel "chosen". Many abuse victims have also spoken about feeling "chosen". It is just another form of exploitation because everybody realizes these women were not chosen for the quantity of code they shared.

What happens when women were not willing to be complicit and subservient for the overlords? Ask Susanne Eiswirt and Galia Mancheva and read the harrowing story of why Galia sued Matthias Kirschner and FSFE:

Even after my lawyer warned him to terminate all attempts to communicate with me and send someone else to pick up my work laptop, he came in person to my house, and was very irritated that I was not alone.

Proton

I usually run things through GE-Proton, however this is the rare case when that has disappointed me. While the game installed fine for me and the launcher was semi functionaly, it wouldn’t actually start the game.

So this time around, it’s gonna be dwproton - installing it is pretty simple, grab ProtonPlus from flathub using your software center of convenience. Then simply run it and find dwproton in the list, hit install and you’re done.

Make sure to restart Steam if you had it running.

Steam

If you’re on SteamDeck (or other Steam gamemode session) make sure to switch to Desktop first.
Download the windows installer: https://endfield.gryphline.com/en-us - bottom right corner of the page and I recommend you to immediately mute the tab in your browser ;)
Add it to Steam as a non-steam game (Menu -> Games -> Add a non-steam game to my Library)
Right click the added installer and go to its Properties -> Compatibility -> Force the use of dwproton.
Play -> it should now run the installer, follow the steps to install it, all the defaults are fine. If the launcher automatically starts it at the end, close it.

We’ve now installed the launcher but we can’t exactly execute it directly just yet. Let’s sort that out:

Right click the installer in steam again, this time we’re gonna change the Target field to "/home/deck/.steam/steam/steamapps/compatdata/<ID>/pfx/drive_c/Program Files/GRYPHLINK/Launcher.exe"
- You may have noticed the <ID> there - this is a generated ID for your non steam game and it’s probably different from mine. To find out what it is, simply navigate to that location and take a look at which folder was modified last. That’s the correct one.
- If you’re not on Steam Deck the /home/deck is gonna be different - that’s your home folder and it will be your username.
- And don’t forget the quotes!
You’re actually done now. It will work with gamescope, mangohud, or any other shenanigans that you’re used to. Probably. Use the Launch options same as with any other Steam game.
Use the SteamGridDB Decky Plugin to change the artwork on Steam, or SDGBoop (flatpak) in combination with steamgriddb.com
Cleanup - you can now delete the installer.

Enjoy!

Find me in the Fedora Linux Discord if you have any issues or questions.

Endfield on Fedora Linux

Today, we announce Amutable, our âœ¨ new âœ¨ company. We â€“ @blixtra@hachyderm.io, @brauner@mastodon.social, @davidstrauss@mastodon.social, @rodrigo_rata@mastodon.social, @michaelvogt@mastodon.social, @pothos@fosstodon.org, @zbyszek@fosstodon.org, @daandemeyer@mastodon.social @cyphar@mastodon.social, @jrocha@floss.social and yours truly â€“ are building the ðŸš€ next generation of Linux systems, with integrity, determinism, and verification â€“ every step of the way.

For more information see â†’ https://amutable.com/blog/introducing-amutable

replyfast is a Python module to receive and send messages on Signal.

You can install it via

python3 -m pip install replyfast

uv pip install replyfast

I have to add Windows builds to CI though.

I have a script to help you to register as a device, and then you can send and receive messages.

I have a demo bot which shows both sending and rreceiving messages, and also how to schedule work following the crontab syntaxt.

    scheduler.register(
        "*/5 * * * *",
        send_disk_usage,
        args=(client,),
        name="disk-usage",
    )

This is all possible due to the presage library written in Rust.

Another week another recap here in longer form. I started to get all caught up from the holidays this week, but then got derailed later in the week sadly.

Infra tickets migrated to new forejo forge

On tuesday I migrated our https://pagure.io/fedora-infrastructure (pagure) repo over to https://forge.fedoraproject.org/infra/tickets/ (forgejo).

Things went mostly smoothly, the migration tool is pretty slick and I borrowed a bunch from the checklist that the quality folks put together ( https://forge.fedoraproject.org/quality/tickets/issues/836 ) Thanks Adam and Kamil!

There are still a few outstanding things I need to do:

We need to update our docs everywhere it mentions the old url, I am working on a pull request for that.
I cannot seem to get the fedora-messaging hook working right It might well be something I did wrong, but it is just not working
Of course no private issues migrated, hopefully someday (soon!) we will be able to just migrate them over once there's support in forgejo.
We could likely tweak the templates a bit more.

Once I sort out the fedora-messaging hook I should be able to look at moving our ansible repo over, which will be nice. forgejo's pull request reviews are much nicer, and we may be able to leverage lots of other fun features there.

Mass rebuild finished

Even thought it started late (was supposed to start last wed, but didn't end up starting really until friday morning) it finished over the weekend pretty easily. There was some cleanup and such and then it was tagged in.

I updated my laptop and everything just kept working. I would like to shout out that openqa caught a mozjs bug landing (again) that would have broken gdm, so that got untagged and sorted and I never hit it here.

Scrapers redux

Wed night I noticed that one of our two network links in the datacenter was topping out (10GB). I looked a bit, but marked it down to the mass rebuild landing and causing everyone to sync all of rawhide.

Thursday morning there were more reports of issues with the master mirrors being very slow. Network was still saturated on that link (the other 10G link was only doing about 2-3GB/sec).

On investigation, it turned out that scrapers were now scraping our master mirrors. This was bad because all the BW used downloading every package ever over http and was saturating the link. These seemed to mostly be what I am calling "type 1" scrapers.

"type 1" are scrapers coming from clouds or known network blocks. These are mostly known in anubis'es list and it can just DENY them without too much trouble. These could also manually be blocked, but you would have to maintain the list(s).

"type 2" are the worse kind. Those are the browser botnets, where the connections are coming from a vast diverse set of consumer ip's and also since they are just using someone elses computer/browser they don't care too much if they have to do a proof of work challenge. These are much harder to deal with, but if they are hitting specific areas, upping the amount of challenge anubis gives those areas helps if only to slow them down.

First order of business was to setup anubis in front of them. There's no epel9 package for anubis, so I went with the method we used for pagure (el8) and just set it up using a container. There was a bit of tweaking around to get everything set, but I got it in place by mid morning and it definitely cut the load a great deal there.

Also, at the same time it seems we had some config on download servers for prefork apache. Which, we have not used in a while. So, I cleaned all that up and updated things so their apache setup could handle lots more connections.

The BW used was still high though, and a bit later I figured out why. The websites had been updated to point downloads of CHECKSUM files to the master mirrors. This was to make sure they were all coming from a known location, etc. However, accidentially _all_ artifact download links were pointing to the master mirrors. Luckly we could handle the load and also luckily there wasn't a release so it was less people downloading. Switching that back to point to mirrors got things happier.

So, hopefully scrapers handled again... for now.

Infra Sprint planning meeting

So, as many folks may know, our Red Hat teams are all trying to use agile and scrum these days. We have various things in case anyone is interested:

We have daily standup notes from each team member in matrix. They submit with a bot and it posts to a team room. You can find them all in #cle-standups:fedora.im space on matrix. This daily is just a quick 'what did you do', 'what do you plan to do' any notes or blockers.
We have been doing retro/planning meetings, but those have been in video calls. However, there's no reason they need to be there, so I suggested and we are going to try and just meet on matrix for anyone interested. The first of these will be monday in the #meeting-3:fedoraproject.org room at 15UTC. We will talk about the last 2 weeks and plan for what planned things we want to try and get in the next 2.

The forge projects boards are much nicer than the pagure boards were, and we can use them more effectively. Here's how it will work:

Right now the current sprint is in: https://forge.fedoraproject.org/infra/tickets/projects/325 and the next one is in: https://forge.fedoraproject.org/infra/tickets/projects/326

On monday we will review the first, move everything that wasn't completed over to the second, add/tweak the second one then close the first one, rename the 'next' to 'current' and add a new current one. This will allow us to track what was done in which sprint and be able to populate things for the next one.

Additionally, we are going to label tickets that come in and are just 'day-to-day' requests that we need to do and add those to the current sprint to track. That should help us get an idea of things that we are doing that we cannot plan for.

Mass update/reboot outage =========================o

Next week we are also going to be doing a mass update/reboot cycle with outage on thrusday. This is pretty overdue as we haven't done such since before the holidays.

comments? additions? reactions?

As always, comment on mastodon: https://fosstodon.org/@nirik/115951447954013009

The Honourable Mrs Justice Collins Rice is a judge in the British High Court. In the British system, the High Court is actually the first level of the justice system for certain types of dispute. Cases can progress from there to the Court of Appeal, the Supreme Court and eventually the Privy Council.

Mrs Justice Collins Rice was secretary to the Leveson Inquiry in 2011-2012. That was the inquiry into the practices of the press, including some high profile violations of privacy. A lot of the work done by the inquiry and the British parliament has subsequently been circumvented by the rise of social control media.

I had a quick look over the judgment (KB-2024-001270) and wanted to make it easier for non-lawyers to understand what is really going on here. Very sadly, the courts tend to favour people who have lots of money to spend digging up dirt on their opponent and using expensive lawyers to regurgitate it as evidence.

The punishment in perspective

In 1973, Monsignor James William Murray abused a much younger woman who had been a patient in a psychiatric hospital. The woman only reported the abuse decades later after Monsignor Murray had become the Bishop for the city of Geelong. Monsignor Murray was given a $500 fine and returned to his duties as a Bishop. That was approximately £200 at the exchange rate in the year 2000.

In 2004, two girls went home with footballers Stephen Milne and Leigh Montana. One girl can't remember anything to complain about but the other went to the police. After ten years, in 2013, Milne made a guilty plea and was fined $15,000 without a conviction. That is approximately £8,000 based on the exchange rate from 2013.

In November 2025, Mrs Justice Collins Rice ordered the Techrights authors, Roy Schestowitz and Rianne Schestowitz, to pay £75,000 for an allegation of defaming Matthew Garrett from Debianism.

Am I the only person who is suspicious about the notion that Techrights commentary is worse than rape?

Trolling credentials

I don't have any legal expertise like Mrs Justice Collins Rice but when it comes to trolling, which is what Garrett was accused of, I'm the guy who used the WIPO UDRP to troll God and God gave me a response too.

I simply referred to the priest in the video as Father X.

He had been laying low for years. It looks like he retired immediately before the Royal Commission commenced interviewing people.

After my publication in the WIPO UDRP process, which had been forced upon me like a rape, the Archdiocese of Melbourne used the occasion of the Paris Olympics to put out a report reflecting on the role of said priest in Australian sport. His name was repeated in full multiple times in the report and in numerous social media posts linking to the report.

Around the same time, Instagram was used to publish a photo of the same priest with a senior government minister.

Having trolled God and got a response, I consider myself an expert on trolling and I declare Matthew Garrett is a troll.

Judge fooled

From the full judgment.

9. ... He told me that he and Mrs Schestowitz had taken a deliberate decision not to submit any evidence or call any witnesses, on financial grounds. ...

This tells us that the Techrights publishers were on the back foot from the outset. Their web sites don't have any advertising and they don't appear to generate any revenue. It looks like they are publishing as a hobby.

25 ... Garrett is chiefly accused of an online campaign of material which is (variously) criminal, illegal or offensive. The criminal matters alleged include cybercrime, hate crime, .... . Other illegal matters alleged include defamation, harassment and online abuse.

35 ... Garrett is accused of publishing a range of toxic or highly offensive online material

We found some real examples of Garrett being Garrett and published them below to jog everybody's memory and help Techrights prepare an appeal.

38 ... Garrett states that his reputation in England is both established, and 'immensely important' to him. Before 2009 he had worked for the University of Cambridge and had done other Cambridge-based work, starting by doing contract work and working for a tech start-up, before going on to work for Collabora (described as a private open-source software consulting company headquartered in Cambridge) and for Red Hat, a US company with a wholly-owned British subsidiary which had been his employer here.

Bigger ego means a bigger claim for compensation.... he demands special treatment because of his connection with the famous University of Cambridge. Look at the death of Chris Rutter from Clare College. Don't forget the even bigger scandal of Matthew Falder at Clare College, Cambridge.

In all the false rape accusations printed further down, Garrett is using a ucam.org University of Cambridge alumni email address to puff himself up and add weight to the libel he created.

Remember, Garrett's former employer IBM Red Hat has been found guilty of harassing me in the WIPO UDRP.

58. The authorship or control of these accounts has consistently been strenuously denied by Dr Garrett. ...

64. Sixth, one of the sockpuppet accounts on one occasion posted a short insult in the Irish language. Dr Garrett's evidence is that he does not speak Irish and would have been incapable of posting that insult.

Fact check: everybody has a bit of Irish in them (who said that?)

69. It is plain that the onslaught of sockpuppet trolling to which Mrs Schestowitz in particular was subjected was a truly appalling experience ....

71. It is also plain enough that Dr and Mrs Schestowitz have found it entirely straightforward to convince themselves that Dr Garrett was behind the trolling. But the task they have given themselves in pleading the truth defence in defamation proceedings is to establish or prove, on the balance of probabilities, that that is objectively true. And they have made that exceptionally difficult for themselves by advancing no evidence for it. I can only uphold a truth defence if I am given a sufficient evidential basis for doing so. I have looked hard ...

This is where their limited legal budget has seen them go to court with insufficient evidence. I found some evidence myself and published it below so people can see the truth about Garrett.

73. I found Dr Garrett in general a straightforward witness who gave a clear account of himself under sustained challenge in the witness box. I have been given no proper basis for rejecting his plain, unqualified and vehement denial that he ever had anything to do with the sockpuppet campaign against Dr and Mrs Schestowitz.

74. ... There is no such evidence he has threatened, abused or harassed anyone, or that he has espoused or promulgated repugnant and hateful views. ...

89. A defamation claimant in these circumstances is entitled to a judgment, and to remedies, which repudiate the publications complained of, vindicate his reputation, and restore his good name.

What about the good name of all the other people defamed by Debianism or social control media at large?

Garrett publishing defamation about Dr Jacob Appelbaum

There can be nothing worse than deliberately disparaging the bedroom manners of another man.

I previously demonstrated that Debianists had an active role in falsifying the harassment rumours against Dr Jacob Appelbaum.

As an aggravating factor, they have rehearsed these rumours and then taken it in turns to repeat them over and over again. The manner in which they use multiple people to reinforce the lie is itself a bit like gang rape. Garrett's participation in this type of group-based defamation and harassment campaign is far more serious than participation in a single sock-puppet account.

Here are some messages Garrett sent to one of the mailing lists. Notice how he sends them over and over again, that is an aggravating factor and tells us a lot about his true character.

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 09:18:55 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Sun, Aug 30, 2020 at 05:56:45PM +0200, Debian Community News Team wrote:

> What is really remarkable is that Debian ignored this evidence and began
> processing Lange's application to become a Debian Developer in the same
> week that they were expelling Jacob Appelbaum

...

Jake sexually assaulted and raped multiple people. Are you asserting that it was inappropriate for him to be removed from the NM process once Debian was made aware of this?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 09:53:31 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Aug 31, 2020 at 10:28:24AM +0200, Debian Community News Team wrote:
> 
> 
> On 31/08/2020 10:18, Matthew Garrett wrote:
> > On Sun, Aug 30, 2020 at 05:56:45PM +0200, Debian Community News Team wrote:
> > 
> >> What is really remarkable is that Debian ignored this evidence and began
> >> processing Lange's application to become a Debian Developer in the same
> >> week that they were expelling Jacob Appelbaum
> > 
> > Jake sexually assaulted and raped multiple people. Are you asserting 
> > that it was inappropriate for him to be removed from the NM process once 
> > Debian was made aware of this?
> 
> Matthew, when you post an email like that without evidence it is hearsay
> and defamation.

The content of jacobappelbaum.net is literally not hearsay.

> The ball is in the court of the accusers.  Until they visit a police
> station, Jake is innocent until proven guilty, like every other man.

Jake has not been found legally guilty of rape or sexual assault. That does not mean that Jake did not commit rape or sexual assault. After all, nobody who you've accused of acting inappropriately has been found guilty of doing so in a court of law.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 18:31:24 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Aug 31, 2020 at 11:12:36AM +0200, Debian Community News Team wrote:

> Debian Community News is impartial and welcomes all sides of the story.

Except for the side of the story where people have described Jake's behaviour towards them, apparently.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 19:38:15 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Aug 31, 2020 at 08:31:37PM +0200, Debian Community News Team wrote:
> 
> 
> On 31/08/2020 19:31, Matthew Garrett wrote:
> > On Mon, Aug 31, 2020 at 11:12:36AM +0200, Debian Community News Team wrote:
> > 
> >> Debian Community News is impartial and welcomes all sides of the story.
> > 
> > Except for the side of the story where people have described Jake's 
> > behaviour towards them, apparently.
> 
> Please see the earlier email: if those people sign witness statements,
> Debian Community News would publish them.

Have you signed witness statements regarding any of the accusations you've made?
 -- Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 20:22:26 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Aug 31, 2020 at 09:01:00PM +0200, Debian Community News Team wrote:

> We didn't witness the Daniel Lange incident so we don't know if it is
> true.

But you've reported on it anyway, despite there being no signed witness statement. Why will you not afford the stories of Jake's victims equal coverage?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 22:07:33 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Aug 31, 2020 at 09:50:06PM +0200, Debian Community News Team wrote:
> 
> 
> On 31/08/2020 21:22, Matthew Garrett wrote:
> > On Mon, Aug 31, 2020 at 09:01:00PM +0200, Debian Community News Team wrote:
> > 
> >> We didn't witness the Daniel Lange incident so we don't know if it is
> >> true.
> > 
> > But you've reported on it anyway, despite there being no signed witness 
> > statement. Why will you not afford the stories of Jake's victims equal 
> > coverage?
> 
> If there are real victims out there, their voices are diluted by the
> falsified 3 cases, not by Debian Community News.

Why will you not afford the stories of Jake's victims equal coverage?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Mon, 31 Aug 2020 23:25:14 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 12:12:43AM +0200, Debian Community News Team wrote:
> On 31/08/2020 23:07, Matthew Garrett wrote:
> > On Mon, Aug 31, 2020 at 09:50:06PM +0200, Debian Community News Team wrote:
> >>
> >>
> >> On 31/08/2020 21:22, Matthew Garrett wrote:
> >>> On Mon, Aug 31, 2020 at 09:01:00PM +0200, Debian Community News Team wrote:
> >>>
> >>>> We didn't witness the Daniel Lange incident so we don't know if it is
> >>>> true.
> >>>
> >>> But you've reported on it anyway, despite there being no signed witness 
> >>> statement. Why will you not afford the stories of Jake's victims equal 
> >>> coverage?
> >>
> >> If there are real victims out there, their voices are diluted by the
> >> falsified 3 cases, not by Debian Community News.
> > 
> > Why will you not afford the stories of Jake's victims equal coverage?
> 
> If you care about their best interests, is it better for them to have
> publicity in Debian Community News or to have a serious trial in a
> serious court?

When you refuse to present the victims' side of events, you are not acting in a neutral way. Why do you seek to defend a rapist while refusing to present the accusations?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Lange & Debian: DebConf, aggression towards volunteers
Date: Tue, 1 Sep 2020 00:00:12 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 12:42:52AM +0200, Debian Community News Team wrote:

> Defending a rapist from false accusations is not defending rape.

Are you claiming that the stories on jacobappelbaum.net are false?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 1 Sep 2020 09:52:17 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 10:26:40AM +0200, Debian Community News Team wrote:

> a) The different approaches taken to complaints about Appelbaum and
> Lange, even though both complaints arrived at the same time.

One of these complaints involved multiple accusations of rape and sexual assault. The other involved an accusation of aggressive and disrespectful behaviour. Do you believe that these things are equivalent?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 1 Sep 2020 19:06:58 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 11:44:42AM +0200, Debian Community News Team wrote:
> 
> 
> On 01/09/2020 10:52, Matthew Garrett wrote:
> > On Tue, Sep 01, 2020 at 10:26:40AM +0200, Debian Community News Team wrote:
> > 
> >> a) The different approaches taken to complaints about Appelbaum and
> >> Lange, even though both complaints arrived at the same time.
> > 
> > One of these complaints involved multiple accusations of rape and sexual 
> > assault. The other involved an accusation of aggressive and 
> > disrespectful behaviour. Do you believe that these things are 
> > equivalent?
> 
> If one complaint is more serious than the other, does that make the
> complaint more true than the other?

Those are orthogonal. Do you believe it's unreasonable that complaints of different severity would have different outcomes?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 1 Sep 2020 19:36:21 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 08:11:20PM +0200, Debian Community News Team wrote:
> 
> 
> On 01/09/2020 20:06, Matthew Garrett wrote:
> > On Tue, Sep 01, 2020 at 11:44:42AM +0200, Debian Community News Team wrote:
> >>
> >>
> >> On 01/09/2020 10:52, Matthew Garrett wrote:
> >>> On Tue, Sep 01, 2020 at 10:26:40AM +0200, Debian Community News Team wrote:
> >>>
> >>>> a) The different approaches taken to complaints about Appelbaum and
> >>>> Lange, even though both complaints arrived at the same time.
> >>>
> >>> One of these complaints involved multiple accusations of rape and sexual 
> >>> assault. The other involved an accusation of aggressive and 
> >>> disrespectful behaviour. Do you believe that these things are 
> >>> equivalent?
> >>
> >> If one complaint is more serious than the other, does that make the
> >> complaint more true than the other?
> > 
> > Those are orthogonal. Do you believe it's unreasonable that complaints 
> > of different severity would have different outcomes?
> 
> The difference between the outcomes is so vast that the moon could pass
> through the gap, hence the deeper analysis in today's blog

The difference between the accusations is also vast.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 1 Sep 2020 19:54:38 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 08:40:53PM +0200, Debian Community News Team wrote:

> There is one fact that is identical in both cases, Daniel Lange and
> Jacob Appelbaum are both innocent until proven guilty.

Nobody's asking for either of them to be imprisoned. Why do you believe that someone who has been credibly accused of multiple cases of rape or sexual assault is entitled to membership of a volunteer organisation?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 1 Sep 2020 22:40:27 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 11:16:01PM +0200, Debian Community News Team wrote:
> 
> 
> On 01/09/2020 20:54, Matthew Garrett wrote:
> > On Tue, Sep 01, 2020 at 08:40:53PM +0200, Debian Community News Team wrote:
> > 
> >> There is one fact that is identical in both cases, Daniel Lange and
> >> Jacob Appelbaum are both innocent until proven guilty.
> > 
> > Nobody's asking for either of them to be imprisoned. Why do you believe 
> > that someone who has been credibly accused of multiple cases of rape or 
> > sexual assault is entitled to membership of a volunteer organisation?
> 
> Why do you believe an anonymous doxing campaign has more credibility
> than the Universal Declaration of Human Rights, which proclaims that
> everybody is innocent until proven guilty?

The Universal Declaration of Human Rights does not require that a volunteer organisation grant membership to a rapist, even if said rapist has not been found guilty in a court of law.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Wed, 2 Sep 2020 00:48:17 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 06:02:19PM -0500, quiliro wrote:
> quiliro <quiliro@riseup.net> writes:
> 
> > Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> The Universal Declaration of Human Rights does not require that a 
> >> volunteer organisation grant membership to a rapist, even if said rapist 
> >> has not been found guilty in a court of law.
> > Are you aserting that Jacob Appelbaum is guilty or are you talking about
> > someone else? If you cannot prove something, it is a lie.
> Or rather, it is libel.

Have I been found guilty of libel?
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Wed, 2 Sep 2020 01:04:50 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 06:57:15PM -0500, quiliro wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Tue, Sep 01, 2020 at 06:02:19PM -0500, quiliro wrote:
> >> quiliro <quiliro@riseup.net> writes:
> >> 
> >> > Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> >> The Universal Declaration of Human Rights does not require that a 
> >> >> volunteer organisation grant membership to a rapist, even if said rapist 
> >> >> has not been found guilty in a court of law.
> >> > Are you aserting that Jacob Appelbaum is guilty or are you talking about
> >> > someone else? If you cannot prove something, it is a lie.
> >> Or rather, it is libel.
> >
> > Have I been found guilty of libel?
> 
> No. Are you? "If you cannot prove something, it is a lie." Do you comply?

Are you a court?
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Wed, 2 Sep 2020 00:40:21 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 05:59:46PM -0500, quiliro wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> > The Universal Declaration of Human Rights does not require that a 
> > volunteer organisation grant membership to a rapist, even if said rapist 
> > has not been found guilty in a court of law.
> Are you aserting that Jacob Appelbaum is guilty or are you talking about
> someone else? If you cannot prove something, it is a lie.

I am asserting that he's a rapist, an assertion that is backed up by an array of publicly available evidence.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Wed, 2 Sep 2020 01:05:43 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 07:00:03PM -0500, quiliro wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Tue, Sep 01, 2020 at 05:59:46PM -0500, quiliro wrote:
> >> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> > The Universal Declaration of Human Rights does not require that a 
> >> > volunteer organisation grant membership to a rapist, even if said rapist 
> >> > has not been found guilty in a court of law.
> >> Are you aserting that Jacob Appelbaum is guilty or are you talking about
> >> someone else? If you cannot prove something, it is a lie.
> >
> > I am asserting that he's a rapist, an assertion that is backed up by an 
> > array of publicly available evidence.
> 
> You are backing it up by gossip. Nobody in that website is presenting
> their proof. They cannot not be held to their word. It is impossible to
> verify if they say the truth or if they lie.

Reporting of first hand experiences is not gossip.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Wed, 2 Sep 2020 01:54:44 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Sep 01, 2020 at 07:40:50PM -0500, quiliro wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Tue, Sep 01, 2020 at 07:00:03PM -0500, quiliro wrote:
> >> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> 
> >> > On Tue, Sep 01, 2020 at 05:59:46PM -0500, quiliro wrote:
> >> >> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> >> > The Universal Declaration of Human Rights does not require that a 
> >> >> > volunteer organisation grant membership to a rapist, even if said rapist 
> >> >> > has not been found guilty in a court of law.
> >> >> Are you aserting that Jacob Appelbaum is guilty or are you talking about
> >> >> someone else? If you cannot prove something, it is a lie.
> >> >
> >> > I am asserting that he's a rapist, an assertion that is backed up by an 
> >> > array of publicly available evidence.
> >> 
> >> You are backing it up by gossip. Nobody in that website is presenting
> >> their proof. They cannot not be held to their word. It is impossible to
> >> verify if they say the truth or if they lie.
> >
> > Reporting of first hand experiences is not gossip.
> 
> If you believe what others say, that is your problem. I'd rather have
> proof.

How are you defining "proof" here?
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Sun, 6 Sep 2020 02:29:24 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Sat, Sep 05, 2020 at 06:53:57PM -0500, quiliro wrote:

> Something that is "backed up by an array of publicly available
> evidence." This you have said. But you have not shown. A web page is not
> first hand testimonies.

Yes it is.

> The author is the only first hand testimony if it is verifiable. First 
> hand testimonies must not only be shown. Those testimonies must also 
> demonstrate that someone was penetrated sexually.

They do.

> That defines rape. Also, if someone says something, that does not mean 
> it is true. So proof is something much more complicated than what you 
> are presenting and requires much more verification.

So, again, what do you mean by "proof"? What do you need to see here?
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Sun, 6 Sep 2020 04:14:09 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Sat, Sep 05, 2020 at 09:24:50PM -0500, quiliro wrote:

> A "yes it is"/"no it isn't" discussion will get us nowhere. In the end,
> no facts are in those words, just opinions. Unless you support with
> other evidence, I will not be convinced and will regard them as false
> accusations. I will drop it from now with you because you will not
> contribute anything useful.

What other evidence do you need? Why is your default to assume that these people are lying?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Mon, 7 Sep 2020 20:24:47 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Sep 07, 2020 at 10:36:03AM -0500, quiliro wrote:

> There is no evidence of any rape. There are anonymous texts only that
> accuse him of it. Why asume Jake is lying, when he is the only one that
> is putting his name on it?

Written descriptions of events are literally evidence.
 > The person should not prove per is innocent. The accuser does not need
> to be open. But must show evidence beyond doubt of guilt.

That's the standard held in a court of law. But falsely accusing someone of rape is also a crime, and you seem willing to assert that Jake's victims are guilty of that.

> If you do not want to hang around him because you think it is probable
> he is guilty, that is understandable. Another thing is dragging others
> to take suspicions as irrefutable truth. If that was somone's attitude
> against you, they would think you have a hidden agenda in favour of
> someone who has interests against Jake. But even if there are thinks
> that look spooky in your acts, no one has not made that accusation
> against you because the evidence is not enough.

Daniel has repeatedly suggested that organisations that chose to cut ties with Jake acted inappropriately. Is it reasonable to question Daniel's motivations?
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: expulsions vs Reproducible Builds
Date: Tue, 8 Sep 2020 02:46:33 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Sep 07, 2020 at 05:47:14PM -0500, quiliro wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Mon, Sep 07, 2020 at 10:36:03AM -0500, quiliro wrote:
> >
> >> There is no evidence of any rape. There are anonymous texts only that
> >> accuse him of it. Why asume Jake is lying, when he is the only one that
> >> is putting his name on it?
> >
> > Written descriptions of events are literally evidence.
> 
> They are evidence that someone knows how to write, not that someone did
> something depicted in that text.

It might not be sufficient evidence to convince you, but that doesn't mean it's not evidence.
 > >> The person should not prove per is innocent. The accuser does not need
> >> to be open. But must show evidence beyond doubt of guilt.
> >
> > That's the standard held in a court of law. But falsely accusing someone 
> > of rape is also a crime, and you seem willing to assert that Jake's 
> > victims are guilty of that.
> 
> I cannot accuse anyone because all of them are aliases. The only one
> that has done that openly is you. I am not interested in accusing you. I
> am just interested in rescueing the name of a person that has done
> good...at least from what I have seen personally. RMS, Assange,
> Appelbaum look like victims. I cannot prove it. But they deserve to be
> held innocent until proved guilty...in my book.

You said that you would treat them as false accusations. That's not merely deciding that Jake is innocent until proven guilty, that's saying that you believe a set of people are guilty of breaking the law. To be clear, it is absolutely your right to believe that Jake's accusers are breaking the law! But you can't simultaneously say that you believe Jake is innocent until proven guilty while also saying that those who accuse him are guilty despite not having been proven so.

> >> If you do not want to hang around him because you think it is probable
> >> he is guilty, that is understandable. Another thing is dragging others
> >> to take suspicions as irrefutable truth. If that was somone's attitude
> >> against you, they would think you have a hidden agenda in favour of
> >> someone who has interests against Jake. But even if there are thinks
> >> that look spooky in your acts, no one has not made that accusation
> >> against you because the evidence is not enough.
> >
> > Daniel has repeatedly suggested that organisations that chose to cut 
> > ties with Jake acted inappropriately. Is it reasonable to question 
> > Daniel's motivations?
> 
> It is reasonable to have an opinion about it. His motivations are
> clear. He felt that FSFE was under bad leadership. He shows it.

What does that have to do with his repeated suggestions that it was inappropriate for Debian to cut ties with Jake?

> This thread has reached a point there is no more you have contributed to
> this discussion in the last few emails. There is enough evidence to
> conclude that you have no proof that a the crime was commited. I will
> not discuss any other thing about the topic unless there is credible
> evidence. I do not trust the direction you are taking this "yes it is /
> no it isn't" conversation. I feel your intentions are not clean and that
> you try to act against me. It looks as if you are trying trick me in
> several ways. I will not answer any more of your questions.

Despite asking you several times, you have failed to say what you would actually need to see in order to conclude that Jake is a rapist. What do you mean by "credible evidence"?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: NSA, GCHQ & Debian links, Jonathan Wiltshire, Tiger Computing?
Date: Tue, 27 Oct 2020 22:01:06 +0000
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Oct 27, 2020 at 08:56:06AM +0100, Daniel Pocock wrote:
> 
> 
> On 27/10/2020 05:15, Matthew Garrett wrote:
> > On Mon, Oct 26, 2020 at 10:30:57PM +0100, Debian Community News Team wrote:
> >> Garfield is going to love this... Tiger Computing could be the link from
> >> GCHQ to Debian
> >>
> >> https://debian.community/jonathan-wiltshire-debian-falsified-harassment-claims-tiger-computing-gchq/
> > 
> > Could you walk us through this a little more clearly? Is the suggestion 
> > that GCHQ infiltrated DAM and that your expulsion from Debian was 
> > encouraged by individuals working for the British signal intelligence 
> > organisation?
> 
> Are you suggesting the individuals working for the British signal
> intelligence organisation are lazy and never thought of infiltrating
> Debian because they are busy doing crosswords?

If GCHQ wanted to infiltrate Debian then I have no doubt that they could do so. Are you asserting that they have done so?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Daniel Pocock censored at Techrights by its administrator
Date: Tue, 30 Mar 2021 09:52:23 +0000
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Sun, Mar 21, 2021 at 07:42:43PM +0100, Debian Community News Team wrote:

> If accusers are so certain that Jacob Appelbaum is a rapist, why do they
> spend so much time trying to censor web sites but in four years, not one
> accuser had time to visit a police station and file a report?

Does visiting a police station change whether or not something happened?

Subject: Re: Pentagon linked to RMS, Jacob Appelbaum plots through Debian
Date: Sun, 4 Apr 2021 02:13:54 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Sun, Apr 04, 2021 at 12:37:54AM +0200, Daniel Pocock wrote:
> 
> Both RMS and Appelbaum cases... Pentagon, White House

Why do you keep defending a rapist?

Subject: Re: Pentagon linked to RMS, Jacob Appelbaum plots through Debian
Date: Mon, 5 Apr 2021 18:38:22 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Apr 05, 2021 at 10:54:02AM -0400, Robert Call (Bob) wrote:
> On Sun, 2021-04-04 at 02:13 +0100, Matthew Garrett wrote:
> > On Sun, Apr 04, 2021 at 12:37:54AM +0200, Daniel Pocock wrote:
> > > Both RMS and Appelbaum cases... Pentagon, White House
> > 
> > Why do you keep defending a rapist?
> >
> 
> Why do you continue to apply labels to people based on hearsay and the
> toxic mob? You nor anyone else has provided **any** compelling evidence
> that Appelbaum is a "rapist". 

Multiple people provided first hand accounts of his actions towards them.

Subject: Re: Pentagon linked to RMS, Jacob Appelbaum plots through Debian
Date: Mon, 5 Apr 2021 22:05:12 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Apr 05, 2021 at 04:04:43PM -0400, Robert Call (Bob) wrote:
> Again, it's hearsay until you've provided corroborating evidence that
> would back up such claims. You can assert the claim is true all you
> want but the burden of proof is on YOU! If you can't provide such
> evidence, I suggest you stop with these toxic games of telephone.

Such as https://hypatia.ca/2016/06/07/he-said-they-said/, an incident in which a third party was present and supports the telling of events? Or https://medium.com/@eqe/not-working-for-us-bff58e96c2ea, which also involves a witness supporting the account of one of his victims? If not, what sort of corroborating evidence are you looking for?

But on a side-note - why pick this specific topic to leap to someone's defence? Daniel's been engaging in a long-term harassment campaign against multiple volunteer contributors to Debian based on, well, zero evidence at all. Are you as angry about that?

Subject: Re: Pentagon linked to RMS, Jacob Appelbaum plots through Debian
Date: Tue, 6 Apr 2021 12:12:40 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Tue, Apr 06, 2021 at 01:09:17PM +0200, Daniel Pocock wrote:
> Organizations need a process for evaluating incidents like this fairly
> and objectively.

What was your process for evaulating Jake's behaviour fairly and objectively? Why did you conclude that the accusations weren't sufficient for you to believe them?

Subject: Re: Elections
Date: Sat, 29 May 2021 03:30:33 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: quiliro@riseup.net
CC: discussion@lists.fsfellowship.eu

On Fri, May 28, 2021 at 08:54:57PM -0500, quiliro@riseup.net wrote:

> I mean that a community which was backing Richard Stallman and his quest
> of freedom is being programatically taken over by someone who opposes
> him and conflates his opinions with rape.  Yes, I believe that is you.
> I believe that people who do really care about freedom would handle the
> issue in a different way and would not support this puppety move from
> corporations.

I don't believe that I've ever conflated his opinions with rape? It's possible that I've been careless with wording at some point, but while I may disagree with Stallman on multiple points I wouldn't categorise any of those as amounting to sex crimes. I will say that I've spent extensive amounts of time working with him to attempt to help him understand why some of his behaviour hurts free software rather than helping it, and was only willing to take this step because I saw no other viable approach.

I also disagree with the claim that I've "taken over" this community in any way. As I said, I believe that functional representation of this community requires at least three people, and I've asked Daniel to give me access to the blog in order to broadcast an appeal for people who'd be willing to assist in that. I'm not proposing to unilaterally appoint people, but in the absence of anyone else who was willing to stand for election we clearly need to find some way to identify potential candidates.

Subject: Re: Elections
Date: Fri, 4 Jun 2021 21:43:55 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: quiliro@riseup.net
CC: discussion@lists.fsfellowship.eu

On Fri, Jun 04, 2021 at 03:02:38PM -0500, quiliro@riseup.net wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> > Where did I perform this conflation?
> 
> Sun, 4 Apr 2021 02:13:54 +0100 on this mailing list.

I was referring to Jake (hence "a rapist", meaning I was only talking about one of the people mentioned there). Sorry if I wasn't clear - I disagree with RMS on multiple topics, but I don't believe him to be a rapist or for his acts to be anywhere near as bad as Jake's.

Subject: Re: Elections
Date: Sat, 5 Jun 2021 04:23:15 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: quiliro@riseup.net
CC: discussion@lists.fsfellowship.eu

On Fri, Jun 04, 2021 at 09:15:20PM -0500, quiliro@riseup.net wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Fri, Jun 04, 2021 at 03:02:38PM -0500, quiliro@riseup.net wrote:
> >> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> > Where did I perform this conflation?
> >> 
> >> Sun, 4 Apr 2021 02:13:54 +0100 on this mailing list.
> >
> > I was referring to Jake (hence "a rapist", meaning I was only talking 
> > about one of the people mentioned there). Sorry if I wasn't clear - I 
> > disagree with RMS on multiple topics, but I don't believe him to be a 
> > rapist or for his acts to be anywhere near as bad as Jake's.
> 
> I do not see either as bad.  I am no one to judge them because I have no
> direct experience with any major problem with them.  I can only retrieve
> testimonies which I cannot evaluate the truth or circumstances which
> have surrounded the alleged hurt caused.  I only can see the direct
> benefit obtained by me from both of them: the free software movement and
> anonymity, respectively.

I can - Jake raped or sexually assaulted several people I know. No social benefit can be used to justify that.

Subject: Re: Elections
Date: Sun, 6 Jun 2021 03:38:24 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: quiliro@riseup.net
CC: discussion@lists.fsfellowship.eu

On Sat, Jun 05, 2021 at 08:36:27PM -0500, quiliro@riseup.net wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> > I can - Jake raped or sexually assaulted several people I know. No 
> > social benefit can be used to justify that.
> 
> I can't because I have no evidence.  The evidence you present is not
> convincing to me.

If I've seen evidence that's convincing to me, what is the appropriate way for me to describe Jake?

Subject: Re: Elections
Date: Sun, 6 Jun 2021 19:07:25 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: quiliro@riseup.net
CC: discussion@lists.fsfellowship.eu

On Sun, Jun 06, 2021 at 12:18:46PM -0500, quiliro@riseup.net wrote:
> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> 
> > On Sat, Jun 05, 2021 at 08:36:27PM -0500, quiliro@riseup.net wrote:
> >> Matthew Garrett <mjg59@srcf.ucam.org> writes:
> >> > I can - Jake raped or sexually assaulted several people I know. No 
> >> > social benefit can be used to justify that.
> >> 
> >> I can't because I have no evidence.  The evidence you present is not
> >> convincing to me.
> >
> > If I've seen evidence that's convincing to me, what is the appropriate 
> > way for me to describe Jake?
> 
> The way you do it is appropriate for you.  How can I know what is
> appropriate for you?  Perhaps you meant to ask something else.

So there's nothing wrong with me calling Jake a rapist if I've seen evidence that convinces me that he's a rapist?

Subject: Re: Elections
Date: Mon, 7 Jun 2021 07:16:16 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
Reply-To: discussion@lists.fsfellowship.eu
To: discussion@lists.fsfellowship.eu

On Mon, Jun 07, 2021 at 07:24:08AM +0200, Debian Community News Team wrote:

> If Garrett and his Debian buddies were in that group watching an alleged
> rape, why did they just watch it without trying to stop it?

I wasn't?

On Ted Walther, prostitute defamation, drugs & Debian

Subject: Re: Ted Walther's Expulsion
Resent-Date: Sat, 20 May 2006 05:53:26 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Sat, 20 May 2006 11:53:01 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Sat, May 20, 2006 at 12:59:02AM -0500, martin f krafft wrote:

> People have almost stopped talking about it. Let's not revive it.
> This is my preferred strategy.

"Everyone" believes that Ted was kicked out because he brought a prostitute to dinner. Given the uncertainty about how true this is[1], I think making it publically clear that Ted was expelled because of a long-running pattern of disruptive and anti-social behaviour would be worthwhile.

[1] Especially since it often seems to be accompanied by "Ted threatened to kill prostitutes on planet", which appears to be demonstrably untrue. Ted did enough bad things that we can argue in favour of his expulsion without having to resort to that.
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Events at the DebConf Dinner
Resent-Date: Mon,  5 Jun 2006 09:36:32 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Mon, 05 Jun 2006 10:36:40 -0400
From: Micah Anderson <micah@debian.org>
To: debian-private@lists.debian.org
CC: debian-private@lists.debian.org



MJ Ray wrote:> I bring it up because there seemed a blind spot about other
> drugs which were probably present and maybe played some role
> in the described mess.  I'd hate to see a formal dinner where
> they were banned, but it seems important that DDs are aware of
> them and any future stewards can handle their effects humanely.
I don't know how people got onto the topic of speculating what drugs
various people were using at the debconf formal dinner, but it seems
really obtuse and highly speculative for no particular purpose than just
to blahblah for the fun of it. I find such a discussion about things
that were "probably present and maybe played some role" to be incredible
wastes of bandwidth.

If people want to discuss the potential variables of drugs, drink, red
meat, sleep, caffeine, altitude, synesthesia induced by the mariachis,
air quality affect, water, etc. please do it at your local pub with
friends, where speculative gossip belongs, rather than spewing it all
over my inbox like Montezuma's revenge.

micah

Subject: Re: Java, drugs and rock&roll
Resent-Date: Fri, 16 Jun 2006 09:04:08 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Fri, 16 Jun 2006 15:03:56 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Fri, Jun 16, 2006 at 03:55:23PM +0200, Sven Luther wrote:

> I believe that such a behaviour has no place in debian, and is indeed of the
> kind of hatefull bashing of minorities and other such that is being discussed
> in these moments.

Discrimination against people who don't work well as part of a team is a perfectly reasonable thing to do. It's a minority that I'd rather didn't exist in Debian at all.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Java, drugs and rock&roll
Resent-Date: Fri, 16 Jun 2006 09:48:25 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Fri, 16 Jun 2006 15:48:16 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Fri, Jun 16, 2006 at 04:10:50PM +0200, Bill Allombert wrote:

> I posit that people starting expulsion process are part of that
> category.  If you prefer to get rid of people instead of working with
> them, you do no not work well as part of a team.

Are you suggesting that anyone who felt the project would be better off without Ted is unable to work well as part of a team?

It's an unfortunate fact that it is impossible to work with some people without making compromises that limit your own enjoyment of the activity. As an (extreme) example, the fact that my officemate is currently showing signs of extreme paranoia (to the extent of unplugging my computer and phone whenever I'm not in the office) makes it impossible to work with her. Is my willingness to start a formal complaints procedure against her a sign that I'm not a good team player?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Java, drugs and rock&roll
Resent-Date: Sat, 17 Jun 2006 07:06:06 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Sat, 17 Jun 2006 13:05:56 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Fri, Jun 16, 2006 at 05:06:45PM +0200, Bill Allombert wrote:
> On Fri, Jun 16, 2006 at 03:48:16PM +0100, Matthew Garrett wrote:
> > Are you suggesting that anyone who felt the project would be better off 
> > without Ted is unable to work well as part of a team?
> 
> There have been no expulsion process started against Jonathan, and the
> DAM still have not published their rationale for removing him, so
> no, I was not suggesting that.

Ok, let me rephrase the question. If I had started an expulsion process against Ted, would you have accused me of being unable to work well as part of a team?

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Release management and discussion
Resent-Date: Tue, 29 Aug 2006 02:53:48 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Tue, 29 Aug 2006 08:53:43 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Tue, Aug 29, 2006 at 12:03:30AM -0500, Manoj Srivastava wrote:

>         I must be doing something right. My concerns about the
>  relationships and other intangibles (like reactions of payment to
>  some members making an effort [the scientific American recently had
>  the results of only rewarding one monkey with bananas when two were
>  required to pull them within reach]) have now been framed first as
>  childish temper tantrums, and now by the DPL as "religious" arguments,
>  neatly sidestepping actually facing the concerns I raised.

Dude, he was calling /me/ childish. I really don't think you can argue with him on that point.

(No, I've no idea why I'm still here either. I'm sure I'll stop getting these soon :) )
-- 
Matthew Garrett | mjg59@srcf.ucam.org

Subject: Re: Release management
Resent-Date: Mon, 28 Aug 2006 11:34:30 -0500 (CDT)
Resent-From: debian-private@lists.debian.org
Date: Mon, 28 Aug 2006 17:34:20 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: debian-private@lists.debian.org

On Mon, Aug 28, 2006 at 06:18:48PM +0200, Josselin Mouette wrote:

> This is not about paying people. This is about paying the developers
> themselves. About splitting the developer base in two. About conflicts
> of interests.

Now that my resignation is pending, I'll just take the opportunity to say something I've wanted to for a long time:

Fuck you Joss. Fuck you vigorously with a chainsaw. Your continual whining and conspiracy theories have done more to encourage me to stab people to death than anyone else in recent history. I hope you have a miserable life that lasts longer than you want it to. And I mean that in the most sincere and honest manner possible. Should we ever come into contact socially, please do not attempt to initiate communication with me.

Love,
-- 
Matthew Garrett | mjg59@srcf.ucam.org

If you have a real concern about abuse, don't waste time behaving like a sock puppet, go to the police

Pope Benedict died on 31 December 2022.

Cardinal George Pell appeared in news reports a few days later. They revealed he had been living in Rome after his acquittal and release from a prison in Australia.

One of the news reports directed me to the unredacted version of the dossier about the Archdiocese of Melbourne. It was fascinating reading through the minutes of the church's internal committees side-by-side with the evidence from debian-private (leaked) whisper network.

On 10 January 2023, I decided to drive across the Great St Bernard Pass to Italy and file a complaint with the Carabinieri.

The late Cardinal Pell died by the time I arrived back home that night.

If Garrett really knows something about abuse, why does he waste so much time on free software mailing lists acting like a sock puppet?

Incidentally, the Cardinals wear a Red Hat, a lot like Garrett's former employer, IBM Red Hat. The UDRP panel found that I am a victim of harassment and abuse by Garrett's former employer.

Police receipt and Great St Bernard tunnel receipt:

Please see the chronological history of how the Debian harassment and abuse culture evolved.

(1716711, 1804171) Free Software Foundation Europe e.V. vs. Le ministère des armées, Tribunal Administratif de Melun.

Hitler's birthday, 20 April, was a special occasion every year under the fascist dictatorship, on par with the King's Birthday in the Commonwealth. Incidentally, the British monarchy are really Germans.

We previously considered the fact that Debianists elected a German leader on Hitler's birthday and then they did exactly the same thing again the following year.

In 2017, the German FSFE misfits began a legal case against the French military. FSFE misfits disputed the French military's decision to sign a contract with Microsoft.

The case was eventually resolved in 2021 with a judgment against the Germans / FSFE misfits. For those who failed to notice at the time, the tribunal handed down the judgment on Hitler's birthday:

FSFE, judgment, France, military, microsoft

While the full name of the FSFE is Free Software Foundation Europe, internal statistics and mailing list traffic levels demonstrate that the majority of these people are Germans and they do not represent Europe at large, they only represent themselves.

Throughout the legal procedure and trial, an employee of the French government, Dr Amandine Jambert from CNIL was part of the internal mailing lists used for discussions at the FSFE. Was this a conflict of interest when the FSFE was taking legal action against her own employer?

In the email below, Jambert does not state her full name, she only uses the sockpuppet identity "Cryptie" and she does not have any email signature disclosing her position within an agency of the French state.

The FSFE misfits claim to be a peak body for Free Software activism in Europe. They claim to comply with Transparency International guidelines. As the saying goes, do as we say, not as we do.

In 2023, when Jambert resigned from the FSFE misfits, she finally admitted she has a conflict of interest, implicitly admitting that she lied about harassment to avoid facing a basic ethical question.

Subject: 	Re: Fwd: [April - Atelier] Open Bar : Une action en justice dans les tuyaux et DSI des Armées pro-microsoft
Date: 	Wed, 30 Aug 2017 13:15:58 +0200
From: 	Cryptie <cryptie@fsfe.org>
To: 	team@lists.fsfe.org, Hugo Roy <hugo@hugoroy.eu>, france@lists.fsfe.org



Hi all,

I think it would be a good idea to tell them what we did/ plan to do as, in France, they are those that could help us if we need.

Best,
Cryptie

Le 30 août 2017 13:12:00 GMT+02:00, Hugo Roy <hugo@hugoroy.eu> a écrit :



    Hi all,

    Important info: the company (Nexedi) will be represented by a lawyer
    that I know well, because he sucks.

    I think this makes it paramount that FSFE also sues, to ensure that
    things are done right and limit any damage that this guy may do.

    Matze: maybe you remember, I talked about this guy and how he miserably
    failed a lawsuit (on a similar topic against Microsoft) last year.


    On 2017-08-30 12:43, Hugo Roy wrote:

        Hi there,

        You will find attached an April internal mailing list relating
        to the
        Microsoft - French Ministry of Defense contract, about which
        FSFE sent
        a request for information (in the potentiality of a lawsuit).

        A company (Nexedi) is, apparently, going to sue over this too.

        Thinking about replying to April that FSFE is also thinking about a
        lawsuit and to keep April updated (and that we are happy to work
        with
        them, as usual). Thoughts?

        Best,
        Hugo

    ------------------------------------------------------------------------

    Team mailing list
    Team@lists.fsfe.org
    https://lists.fsfe.org/mailman/listinfo/team


-- 
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.

Remember, in May 2018, the FSFE staff had an Extraordinary General Meeting without the developers present and they voted to remove the elections from the constitution of the association. They have not had a full election since 2017.

In July 2018, a few weeks after removing elections from the constitution, the German FSFE misfits went to RMLL in Strasbourg and they recorded a video of Jambert talking about democracy in French.

Amandine Jambert, cryptie, FSFE, balloons, RMLL, EDPB, CNIL, Strasbourg

Exclusive: Andreas Tille did not trust accusations against Dr Jacob Appelbaum

Andreas Tille wrote the message in 2016 and it received numerous replies from people who felt that Dr Appelbaum had been a victim of false accusations and bullying. There is a snobby set at large in Debian who like to make dramas and pretend they are experts on everything and everybody.

We saw the same phenomena with the Zizian murders. These people live in a bubble and they are preoccupied with the idea that LGBT is right and everybody else is wrong.

Human rights law says otherwise: everybody is innocent until proven guilty, whether we have a healthy lifestyle or not.

Subject: Re: What is true and what is false in accusations against Jacob Appelbaum
Date: Sat, 13 Aug 2016 23:30:08 +0200
From: Patrick Matthäi <pmatthaei@debian.org>
To: Andreas Tille <andreas@an3as.eu>, Debian Private List <debian-private@lists.debian.org>

Am 13.08.2016 um 23:07 schrieb Andreas Tille:
> Hi folks,

Hi Andreas
>
> I just read this article
>
>    http://www.zeit.de/kultur/2016-08/jacob-appelbaum-rape-sexual-abuse-allegations
>
> I think that people who decided to expel Jacob had solid information
> from first person insight.  I have met Jakob at DebConf 15 in Heidelberg
> and I was quite sad to see him in a different light when we excluded him
> from Debian.  This article confused me even more since on one hand I
> personally do not subscribe to several things in this article but on the
> other hand I consider the "In doubt for the accused" principle violated.
>
> What do we in Debian really know about all this for sure?  Its not that
> I trust an article since its just in the news, but I never read any
> detailed information that has backed up our decision.

I already read the past e-mails about Jacob on private and did not
reacted on them, with a good reason..
WHO from our Debian community knows the truth except of Jacob (and/or
the maybe involved persons)? If most persons from here knew him as a
good person, is this relevant for the justice? Or is it relevant if he
was a troll..  We can watch the people only before their had!
I do not know what "discussing" this topic here will help to get new
information, it will just end in coursing.
I want to follow the german law, which says "not guilty till proven
otherwise". You are also german and I think this is a good law. Please
follow it also on this list.

Please see the chronological history of how the Debian harassment and abuse culture evolved.

After the public revelation that Tom Silvagni was convicted of abuse, many people remain less than certain about what is really true and false.

The woman making the accusation expressed outrage on social control media. The media reported her comments anonymously. Yet it feels unfair that the woman can use the media to spread her side of the story anonymously while the appeal is still in progress.

When her comments were reported, Channel 7 decided to show us footage of the young woman's feet as she was walking out of the court.

In other words, while the media is obliged to protect the woman's identity, they are encouraging anybody who knows the two parties to ask questions and check facts on both sides of the case.

A lot of these disputes involve questions of politics, status and humiliations. If you look at the cases in the Debian suicide cluster, some of the men wrote complaints about being tricked to work as unpaid volunteers while fellow "volunteers" really got paid all along. Some of these people wrote about feeling humiliated just as victims of rape and abuse feel humiliated. Why did Adrian von Bidder-Senn die on our wedding day?

Most fans of Australian football are familiar with the long-running saga of Stephen Milne. The accusation against Milne was similar in many ways as it involved a party with two footballers and two women. Yet the Milne accusation is even more serious than the accusation against Tom. Milne was only given a penalty of $15,000 and he never spent one day in prison. Tom, on the other hand, has been given six years in prison. In these circumstances, it is only natural for people to ask why Tom has received inconsistent treatment from the justice system.

Tom's father Stephen Silvagni has a saint-like status in Australian football. The Silvagni name resonates like the name of Roger Federer in tennis or Tiger Woods in golf.

Tom's grandfather played two premierships with Carlton. Tom's father, Stephen, played over three hundred games with Carlton and then went to work in club management. But due to internal politics in the club, Stephen Silvagni resigned and went to work for rival club Saint Kilda.

This is ironic because St Kilda are simply known as the Saints but there is nothing Saint-like in what has been alleged. Yet the irony doesn't stop there. Looking at the official list of Australians proposed for Sainthood, we find none other than the legendary Dr John Billings.

The Catholic Church teaches us against the use of contraception and abortion. Nonetheless, Dr Billings developed and promoted the Billings Method for Natural Family Planning and it is the only method of contraception or "planned parenthood" that is endorsed by the Church. Every Pope in the last fifty years has given personal praise to the work of Dr Billings. Here is a news report on the Vatican web site:

Pope Francis upholds "Billings Revolution"

In a message to participants in the WOOMB International Congress Rome on the Billings Method, Pope Francis highlights its ongoing contribution to the understanding of human sexuality and to a fuller appreciation of the relational and procreative dimensions of the couple, saying that use of methods based on the natural rhythms of fertility should be encouraged.

and from the original text of the statement from Pope Francis:

John and Evelyn Billings conducted careful scientific research and developed a simple method, accessible to women and couples, for natural knowledge of fertility, offering them a valuable tool for the responsible management of procreative choices.

In fact, Dr Billings, who is on track to join the other Saints, as in heavenly saints rather than St-Kilda saints, is also a former student of Melbourne's Xavier College, just like my father and I and also the convicted Tom Silvagni.

At the end of year 12, we all received a yearbook from the school with a letter from our school captain. He tells us:

we always had the opportunity to accept or reject all that Xavier offered us

According to the report by the Daily Mail:

both Silvagni and Ms Iaconis testified that they distinctly recalled Mr LoGuidice entering their bedroom to ask for a condom, contradicting his account.

The Herald Sun goes even further, claiming there is a text message about the condoms.

A text message asking for a condom, a doctored Uber receipt and a dark bedroom in the luxury home of one of Melbourne's most famous families ...

The implication is that all of these wealthy families are spending vast amounts of money to send their sons and daughters to these schools and as soon as they graduate, they forget everything. If all four people in the house had been using condoms at some point during the party and they admitted that in court then all four of them have admitted what the church regards as a sin.

Social media has been full of links to stories about Tom Silvagni and Alannah Iaconis having a secret baby. Fact checking web sites are making rival claims that it is a hoax or clickbait.

In fact, if they had a secret baby then the reference to secrecy can only imply they put the baby up for adoption. In that case, there would be no news stories about the baby. Wealthy families have a lot of experience maintaining secrecy around such pregnancies. Therefore, we can not say the rumour is true and we can not say the rumour is a hoax either. It is what Donald Rumsfeld once described as one of the "unknown unknowns".

For Catholic families, every unborn baby is considered to be alive and this implies that every abortion is considered to be a murder. When very young women have an unplanned pregnancy, if they keep it totally secret they may be able to obtain an abortion on their own. However, if their parents or their school discover the pregnancy the girl will be encouraged to have the baby in secret and give it up for adoption. Therefore, the secret baby/adoption rumour is plausible and that is one reason it spreads easily on social control media.

A famous jurist William Blackstone makes the statement:

It is better that ten guilty persons escape than that one innocent suffer.

With that in mind, it is important that people who support these football clubs are asking for evidence and asking for both sides of the story.

Carlton Football Club advertises open training sessions where fans can meet each other. They have a Run for Respect each year. The next one is on 8 February 2026. This provides a good place for fans of the club to ask questions.

Likewise, the Saints advertise open training sessions and community events where fans can meet in person and avoid the fake news on social control media.

HDR YouTube video clip I used for testing

Last year brought a wealth of new features and fixes to Firefox on Linux. Besides numerous improvements and bug fixes, I want to highlight some major achievements: HDR video playback support, reworked rendering for fractionally scaled displays, and asynchronous rendering implementation. All this progress was enabled by advances in the Wayland compositor ecosystem, with new features implemented by Mutter and KWin.

HDR

The most significant news on the Wayland scene is HDR support, tracked by Bug 1642854. It’s disabled by default but can be enabled in recent Wayland compositors using the gfx.wayland.hdr preference at about:config (or by gfx.wayland.hdr.force-enabled if you don’t have an HDR display).

HDR mode uses a completely different rendering path, similar to the rendering used on Windows and macOS. It’s called native rendering or composited rendering, and it places specific application layers directly into the Wayland compositor as subsurfaces.

The first implementation was done by Robert Mader (presented at FOSDEM), and I unified the implementation for HDR and non-HDR rendering paths as new WaylandSurface object.

The Firefox application window is actually composited from multiple subsurfaces layered together. This design allows HDR content like video frames to be sent directly to the screen while the rest of the application (controls and HTML page) remains in SDR mode. It also enables power-efficient rendering when video frames are decoded on the graphics card and sent directly to the screen (zero-copy playback). In fullscreen mode, this rendering is similar to mpv or mplayer playback and uses minimal power resources.

I also received valuable feedback from AMD engineers who suggested various improvements to HDR playback. We removed unnecessary texture creation over decoded video frames (they’re now displayed directly as wl_buffers without any GL operations) and implemented wl_buffer recycling as mpv does.

For HDR itself (since composited rendering is available for any video playback), Firefox on Wayland uses the color-management-v1 protocol to display HDR content on screen, along with BT.2020 video color space and PQ color transfer function. It uses 10-bit color vectors, so you need VP9 version 2 to decode it in hardware. Firefox also implements software decoding and direct upload to dmabuf frames as a fallback.

The basic HDR rendering implementation is complete, and we’re now in the testing and bug-fixing phase. Layered rendering is quite tricky as it involves rapid wl_surface mapping/unmapping and quick wl_buffer switches, which are difficult to handle properly. HDR rendering of scaled surfaces is still missing—we need fractional-scale-v2 for this (see below), which allows positioning scaled subsurfaces directly in device pixels. We also need to test composited/layered rendering for regular web page rendering to ensure it doesn’t drain your battery. You’re very welcome to test it and report any bugs you find.

Fractional scale

The next major work was done for fractional scale rendering, which shipped in Firefox 147.0. We updated the rendering pipeline and widget sizing to support fractionally scaled displays (scales like 125%, etc.). This required reworking the widget size code to strictly upscale window/surface sizes and coordinates and never downscale them, as downscaling introduces rounding errors.

Another step was identifying the correct rounding algorithm for Wayland subsurfaces and implementing it. Wayland doesn’t define rounding for it, only for toplevel windows, so we’re in a gray area here. I was directed to Stable rounding by Michel Daenzer. It’s used by Mutter and Sway so Firefox implements it for those two compositors while using a different implementation for KWin. This may be updated to use the fractional-scale-v2 protocol when it becomes available.

Fractional scaling is enabled by default, and you should see crisp and clear output regardless of your desktop environment or screen scale.

Asynchronous rendering

Historically, Firefox disabled and re-enabled the rendering pipeline for scale changes, window create/destroy events, and hide/show sequences. This stems from Wayland’s architecture, where a Wayland surface is deleted when a window becomes invisible or is submitted to the compositor with mismatched size/scale (e.g., 111 pixels wide at 200% scale).

Such rendering disruptions cause issues with multi-threaded rendering—they need to be synchronized among threads, and we must ensure surfaces with the wrong scale aren’t sent to the screen, as this leads to application crashes due to protocol errors.

Firefox 149.0 (recent nightly) has a reworked Wayland painting pipeline (Bug 1739232) for both EGL and software rendering. Scale management was moved from wl_buffer fixed scale to wp_viewport, which doesn’t cause protocol errors when size/scale doesn’t match (producing only blurred output instead of crashes).

We also use a clever technique: the rendering wl_surface / wl_buffer / EGLWindow is created right after window creation and before it’s shown, allowing us to paint to it offscreen. When a window becomes visible, we only attach the wl_surface as a subsurface (making it visible) and remove the attachment when it’s hidden. This allows us to keep painting and updating the backbuffer regardless of the actual window status, and the synchronized calls can be removed.

This brings speed improvements when windows are opened and closed, and Linux rendering is now synchronized with the Windows and macOS implementations.

… and more

Other improvements include a screen lock update for audio playback, which allows the screen to dim but prevents sleep when audio is playing. We also added asynchronous Wayland object management to ensure we cleanly remove Wayland objects without pending callbacks, along with various stability fixes.

And there are even more challenges waiting for us Firefox Linux hackers:

Wayland session restore (session-restore-v1) to restore Firefox windows to the correct workspace and position.
Implement drag and drop for the Firefox main window, and possibly add a custom Wayland drag and drop handler to avoid Gtk3 limitations and race conditions.
Utilize the fractional-scale-v2 protocol when it becomes available.
Investigate using xdg-positioner directly instead of Gtk3 widget positioning to better handle popups.
Vulkan video support via the ffmpeg decoder to enable hardware decoding on NVIDIA hardware.

And of course, we should plan properly before we even start. Ready, Scrum, Go!

RPMs of Redis version 8.6 are available in the remi-modular repository for Fedora ≥ 42 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).

⚠️ Warning: this is a pre-release version not ready for production usage.

1. Installation

Packages are available in the redis:remi-8.6 module stream.

1.1. Using dnf4 on Enterprise Linux

# dnf install https://rpms.remirepo.net/enterprise/remi-release-<ver>.rpm
# dnf module switch-to redis:remi-8.6/common

1.2. Using dnf5 on Fedora

# dnf install https://rpms.remirepo.net/fedora/remi-release-<ver>.rpm
# dnf module reset  redis
# dnf module enable redis:remi-8.6
# dnf install redis --allowerasing

You may have to remove the valkey-compat-redis compatibilty package.

2. Modules

Some optional modules are also available:

RedisBloom as redis-bloom
RedisJSON as redis-json
RedisTimeSeries as redis-timeseries

These packages are weak dependencies of Redis, so they are installed by default (if install_weak_deps is not disabled in the dnf configuration).

The modules are automatically loaded after installation and service (re)start.

The modules are not available for Enterprise Linux 8.

3. Future

Valkey also provides a similar set of modules, requiring some packaging changes already applied in Fedora official repository.

Redis may be proposed for unretirement and be back in the Fedora official repository, by me if I find enough motivation and energy, or by someone else.

I may also try to solve packaging issues for other modules (e.g. RediSearch). For now, module packages are very far from Packaging Guidelines, so obviously not ready for a review.

4. Statistics

redis

redis-bloom

redis-json

redis-timeseries

When debugging Qemu, it might be helpoful to instrument Linux Kernel to see when interrupts get received, or see data on the other side of a transfer. If you have to modify the Kernel on a regular basis, it can be faster to build it in place than to build a customer RPM/DEB and install inside the VM. Here is how I have been going about updating the kernel.

In order for this to work, your VM and your Hypervisor should be running a compatable version of the Toolchain used to build the kernel. I would suggest using a common Fedora/Ubuntu version for both machines.

NFS on the Hypervisor

We are going to use the Network File System (NFS) to share files between the Hypervisor and the Virtual machine. There are many steps to setting up NFS, and I did not record all of the permutations I tried to get it to work. I do know I had to: install RPMS, figure out what directories to export, and make sure the NFS daemon was running.

I can see that I have these two services running:

nfs-mountd.service
nfs-server.service

I aslo see I have these RPM installed

rpmquery -a | grep nfs
libnfsidmap-2.8.3-2.rc3.fc42.aarch64
sssd-nfs-idmap-2.11.1-1.fc42.aarch64
libnfs-6.0.2-6.fc42.aarch64
libnfs-devel-6.0.2-6.fc42.aarch64
nfs-utils-2.8.3-2.rc3.fc42.aarch64
qemu-block-nfs-9.2.4-2.fc42.aarch64

My file /etc/nfs.conf is unchanged from the default install

In my install, the exports are in /etc/exports.d/adam.exports and look like this:

/home/ayoung *(rw,sync,insecure,all_squash,anonuid=6352,anongid=65603)
/home/grose *(rw,sync,insecure,all_squash,anonuid=1000,anongid=1001)

NFS Client in the VM

The IP address is that of the Hypervisor. Adapt to your network settings.

I keep both the Hypervisor and VM directories consistent
mount -t nfs4 10.76.112.72:/home/ayoung /home/ayoung

Build the Kernel on The Hypervisor

Run the following commands inside your Linux directory on your hypervisor. I have mine in /home/ayoung/linux.

make -j $(nproc) && make -j $(nproc)

Install the Kernel in the VM

Since the Linux directory above is mounted in the VM at /home/ayoung/linux, I can complete the install process inside the VM.

make -j $(nproc) modules_install && make -j $(nproc) install

reboot

The Qemu implementation uses a Flattened Device Tree (FTD) to manage the virtual implementation of the physical devices in a machine. I need to create a FTD entry for the MCTP-PCC implementation I am writing in Qemu. Since this is new to me, and I am working (as I most often do) via Ttrial and error, I want to see the FTD entry after I write it. Here is how I am dumping it.

In my script to run the virtual machine, I modify the machine entry from:

-machine virt \

-machine virt,dumpdtb=/tmp/qemu_virt.dtb \

And run the VM. It does not run for very long, and I get this output instead:

[2026-01-22T18:40:07Z INFO virtiofsd] Client disconnected, shutting down

However, I have now created a file at /tmp/qemu_virt.dtb. In order to view the contents of this file, I use the Device Tree Compiler (DTC) like this:

dtc -I dtb -O dts -o /tmp/qemu_dtb.txt /tmp/qemu_virt.dtb

The -I option says the input format is device tree binary, the -O says that the output format is human readable domain-specific-language, and the -o option says where to put the output file. The final parameter is the input file, which has no flag.

If I then look at the txt file I can see the following block:

        mctp_pcc@a008000 {
                interrupts = <0x00 0x50 0x04 0x00 0x51 0x04>;
                reg = <0x00 0xa008000 0x00 0x8000>;
                compatible = "mctp-pcc";
        };

When developing Linux Kernel code, I have found myself wanting to have a test fixture inside the Firmware that lets me inspect the values communicated out of and into the Linux Kernel. I am currently writing one such fixture in Qemu. And I have an interrupt that is not getting handled by the Linux Kernel, I think because it is not getting delivered.

I have found it quite valuable to run this Qemu process in the Gnu Debugger. Here is how I (with help) got to the bottom of the mystery.

One prep step is to disable some reporting in GDB. WHen GDB starts, it offers to load in debug info, but I do not need or want that. By default, GDB will break one each signal of SIGUSR1, and there are too many of them. GDB also it prints output each time a thread ends, and I don;t care about that. Add the following line to ~/.gdbinit

set debuginfod enabled off
handle SIGUSR1 noprint nostop
set print thread-events off

(Or you can type these into the gdb command prompt.)

Here is how I am running the VM. Note that the first line points to a version of Qemu that I have built myself.

gdb --args ../qemu/build/qemu-system-aarch64 \
        -machine virt \
        -enable-kvm \
        -m 16G \
        -cpu host \
        -smp 16 \
        -nographic \
        -bios /usr/share/edk2/aarch64/QEMU_EFI.fd \
        -drive if=none,file=../virt/my_vm.qcow2,id=hd0 \
        -device virtio-blk-device,drive=hd0,bootindex=0 \
        -drive file=../virt/Fedora_Server_dvd_aarch64_42_1.1.iso,id=cdrom,if=none,media=cdrom \
        -object memory-backend-file,id=mem,size=16G,mem-path=/dev/shm,share=on \
        -numa node,memdev=mem  \
        -chardev socket,id=char0,path=/tmp/virtiofs_socket  \
        -virtfs local,path=/root/adam/linux,mount_tag=mylinux,security_model=passthrough,id=fs0 \
        -device virtio-scsi-device \
        2>&1 | tee /tmp/qemu.log

While there is a -gdb flag that you can include in the qemu command line, I found it did not work for me. Additionally, I may take the gdb –args string into an env var, and use that to switch whether or not to debug.

The –args flag passes on the command line arguments into gdb to be used when the program is run. Thus, once we are on the gdb command prompt, we can set a break point like this:

break pcc_timer_callback

And then simply call run without any parameters.

Since this VM is launching the Linux Kernel, there will be points in the process where the command prompt returns and you can type. For example, during grub, you can hit return to speed through the timer and launch the selected kernel: or change the selected kernel if you want. For my workflow, I need to log in to console, and then run a test script. It is this test script that triggers the break point I set above.

One benefit to gdb is that it tells what functions are really assigned to the function pointers. For example, in the raise_irq call chain, there is a call to

irq->handler(irq->opaque, irq->n, level);

And stepping through, I can see that it steps into

kvm_arm_gic_set_irq(s->num_irq, irq, level);

And thus I can inspect the irq number:

(gdb) print irq
$1 = 80

This IS the number I assigned. However…later on I see this code is executed (hw/intc/arm_gic_kvm.c starting at line 57):

 if (irq < (num_irq - GIC_INTERNAL)) {
        /* External interrupt. The kernel numbers these like the GIC
         * hardware, with external interrupt IDs starting after the
         * internal ones.
         */
        irqtype = KVM_ARM_IRQ_TYPE_SPI;
        cpu = 0;
        irq += GIC_INTERNAL;
    }

At first I didn’t think much of it, but, later on, a coworker and I started looking inside the Linux kernel at /proc/interrupts I see these pair of lines.

12: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 GICv3 80 Level pcc-mbox
13: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 GICv3 81 Level pcc-mbox
14: 37 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 GICv3 33 Level uart-pl011

So the interrupt handler is registered, but no interrupts have been delivered. THe 80 and 81 are the interrupt numbers. My coworker suggested I look at the next line. The UART has an interrupt of 33, but inside the Qemu code, I see this:

static const int a15irqmap[] = {
    [VIRT_UART0] = 1,

And looking for that specific UART create code:

int irq = vms->irqmap[uart];
...
    qemu_fdt_setprop_cells(ms->fdt, nodename, "interrupts",
                               GIC_FDT_IRQ_TYPE_SPI, irq,
                               GIC_FDT_IRQ_FLAGS_LEVEL_HI);

The UART is registered as Interrupt 33 inside the Linux Kernel, but Interrupt 1 inside Qemu. Lets go look at the value for GIC_INTERNAL

#define GIC_INTERNAL 32

What happens if we add 32 to the interrupt value in the code that reports the interrupt ID to the Kernel? My test runs. I can’t right now look at the interrupt delivery, as I have an infinite loop, and that is not a surprise as this code is still under development.

Two years ago, I started to look into writing a tree-sitter parser as part of the “Day of Learning” at my employer. As I write and edit many RPM Spec files (also at work), I wanted better highlighting in my text editor, which is Neovim.

I had attempted to start the project the year before but was lost. The next year, the tree-sitter documentation improved, and I finally understood the basics and began developing tree-sitter-rpmspec.

RPM Spec is challenging (horrible) to parse. RPM spec files are parsed in multiple stages, roughly following these phases:

Phase 1. Macro expansion pass

Macros (%{name}, %{version}, %define, %global, etc.) are expanded
This happens before the spec is interpreted as instructions
Macros can be nested and are expanded recursively

Phase 2. Conditional evaluation

%if, %ifarch, %ifos, %endif blocks are evaluated
This determines which sections of the spec are active

Phase 3. Section parsing and execution

The preamble (Name, Version, Release, etc.) is parsed first
Then each section (%description, %prep, %build, %install, %files, etc.) is parsed
Some sections like %files have their own sub-parsing for file attributes
Once parsed it will start executing different scriptlets to build and install the package.

As soon as BuildArch is involved, the RPM parser needs to be able to re-read the spec file. This is one reason why it can’t read spec files from stdin, see e.g. here.

Writing a tree-sitter parser for spec files is not straightforward. There are many pitfalls and edge cases. The two most difficult challenges are figuring out when a section ends. There is no marker or indentation. It ends when the next section starts. However right before the next section could be an %if. Does that %if belong to the section before or is it a top-level if like #ifdef in C.

If you’re interested in the details, there is a DESIGN.md explaining some design decisions. In short, the parser.c was reaching 64MB and -Woverflow was triggered. This led to implementing an external scanner, which reduced the size to ~20MB. I rewrote the scanner.c at least 5 times from scratch. In the last rewrite, I started with the most simplest approach and built on from there, focusing on balanced parenthesis parsing for %{expand: string}.

Yesterday, I hit the breakthrough. I successfully parsed parametric macros correctly. With this milestone, I was able write injection queries to run tree-sitter-bash on the scriptlets shell code! This means we can highlight the bash parts now!

The image shows a the Samba spec file with syntax highlighting. — tree-sitter-rpmspec syntax highlighting including tree-sitter-bash injections.

https://gitlab.com/cryptomilk/tree-sitter-rpmspec

Prague is calling! The deadline for the Flock 2026 CFP (Call for Proposals) is fast approaching. You have until Monday, February 2nd to submit your session ideas for Fedoraâ€™s premier contributor conference.

We are returning to the heart of Europe (June 14â€“16) to define the next era of our operating system. Whether you are a kernel hacker, a community organizer, or an emerging local-first AI enthusiast, Flock is where the roadmap for the next year in Fedora gets written.

If you havenâ€™t submitted yet, here is why you should.

Why Submit to the Flock 2026 CFP?

This year isn’t just about maintenance; it is about architecture. As we look toward Fedora Linux 45 and 46, we are also laying the upstream foundation for Enterprise Linux 11. This includes RHEL 11, CentOS Stream 11, EPEL 11, and the downstream rebuilder ecosystem around the projects. The conversations happening in Prague will play a part in the next decade of modern Linux enterprise computing.

To guide the schedule, we are looking for submissions across our Four Foundations:

1. Freedom (The Open Frontier)

How are we pushing the boundaries of what Open Source can do? We are looking for Flock 2026 CFP submissions covering:

Open Source AI: PyTorch, vLLM, and the AI supply chain.
RISC-V: Enabling Fedora on the next generation of open silicon.
Open Hardware: Drivers, firmware, and board support. GPU enablement?

2. Friends (Our Fedora Story)

Code is important, but community is critical. We need sessions that focus on the human element:

Mentorship: Case studies on moving contributors from “Lurker” to “Leader.”
Inclusion: Strategies for building a more globally-inclusive project.
Community Ops: The logistics and operations of running a massive global project.

3. Features (Engineering Core)

The “Nitty-Gritty” of the distribution. If you work on the tools that build the OS every six months, we want you on stage:

Release Engineering: Improvements to Dist-git, packager tools ecosystem, and the build pipeline. Distribution security. Konflux?
Quality Assurance: Automated testing and CI/CD workflows.
Packaging: Best practices for RPM, Flatpak, and OCI containers.

4. First (Blueprint for the Future)

Fedora is “First.” This track is for the visionaries:

Strategy: What does Fedora look like in 2028?
Downstream Alignment: How upstream changes flow downstream.
New Spins: Atomic Desktops, Cloud Native innovations, and new Editions.

Important Dates & Travel Info

CFP Deadline: Monday, February 2, 2026 (23:59 UTC)
Travel Assistance Deadline: March 8, 2026
Event Dates: June 14â€“16, 2026
Location: OREA Hotel Andel’s

If you require financial support to attend, please remember that the Flock 2026 CFP submission is separate from the Travel Subsidy application, but speakers are prioritized. Make sure to apply for the Travel Subsidy by March 8.

How to Submit to Flock 2026 CFP

Don’t let the deadline slip past you. Head over to our CFP platform and draft your proposal today.

Submit to the Flock 2026 CFP

See you in Prague!

Note: AI (Google Gemini) edited human-generated content first written by me, the author, to write this article. I, the author, edited the AI-generated output before making this Community Blog article. If you notice mistakes, please provide a correction as a reply to this topic.

The post 2 Weeks Left: The Flock 2026 CFP Ends Feb 2 appeared first on Fedora Community Blog.

Hi folks! Over the last couple of weeks, we have migrated nearly all the quality team's repositories from Pagure (the old Fedora forge) to the new, Forgejo-based Fedora Forge. As part of this, I've figured out a process for doing CI with Forgejo Actions. I also came up with a way to do automated LLM pull request reviews, for those interested in that.

For the impatient, you can just look at / copy the two workflows in python-wikitcms, but you'll at least need to read the stuff about runners below.

Forgejo Actions works very similarly to GitHub Actions, by design. You create a .forgejo/workflows directory in your project and define workflows in it. The syntax is almost entirely compatible with GitHub Actions, but with several missing features.

Some very commonly-used shared actions, like actions/checkout, are ported to Forgejo so you can use them directly. Other shared and third-party actions can be used by giving a full URL to them - e.g. uses: https://github.com/actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.3.0 - but whether a given action will work or not depends on whether it's written to assume it's running on public GitHub, and whether Forgejo has all the features it needs.

Probably the most noticeable difference with using GitHub Actions is runner availability and environment. If you have a public GitHub project you can define workflows with something like runs-on: ubuntu-latest; behind the scenes, GitHub maintains a farm of runners with various labels, of which ubuntu-latest is one, and your jobs will run on any available runner with that label. The available environments for public GitHub repos are a handful of Ubuntu, Windows and macOS versions.

The staging instance of Fedora Forge has a few universal runners you can use like this. Currently each has only one, unique, label, so you can't specify workflows with a label like fedora and have them run on any available runner; you have to just pick one of the labels, and your jobs will always run on that runner. Maybe this will get changed at some point. But the runners are available to all repos in the staging instance, so you can just define a workflow and get it run.

Currently the production instance has no universal runners like this; runners are limited to specific organizations. The releng and infra organizations have runners, and now I requested one, the quality organization has one too. If you want to run workflows for projects in a different organization, the first thing you'll need to do is file a ticket to request runner(s) for that organization. If you have admin access to an organization, you can see whether it has runners, and what labels they have, by visiting https://forge.fedoraproject.org/org/<organization>/settings/actions/runners.

Once your org has at least one runner, you can define workflows and they'll run, as long as you set the runs-on value to a label that at least one of the runners has.

However, you might be surprised by the default environment: it's currently Debian Bookworm. Until that gets fixed, you may be interested in the container directive for workflows, which lets you define any arbitrary container image to be used:

    container:
      image: quay.io/fedora/fedora:latest

There is one little gotcha with this, though. Many GitHub actions, including checkout, are written in Node, but Fedora's stock container images don't have Node installed. So you have to install it before running checkout or anything else that uses Node.

Put it all together, and here's the workflow I've defined for doing CI on Python projects with Tox:

name: CI via Tox
on:
  pull_request:
    types: [opened, synchronize]

jobs:
  tox:
    runs-on: fedora
    container:
      image: quay.io/fedora/fedora:latest
    steps:
      - name: Install required packages
        run: dnf -y install nodejs tox git
      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
        with:
          fetch-depth: 0
      - name: Install Python interpreters
        run: for py in 3.6 3.9 3.10 3.11 3.12 3.13; do dnf -y install python$py; done
      - name: Test with tox
        run: tox

That runs whenever a pull request is opened or pushed (the on section). It expects a runner with the fedora label (the runs-on setting). It uses the fedora:latest container image from quay.io (the container setting). From that image, we install packages we're going to need - including nodejs (the first step). Then we run actions/checkout to check out the PR (the second step, the uses one). Then we install all the Python interpreters we need, and run tox (the final two steps). Of course, if your project isn't Python or doesn't use Tox, you'll have to tweak this a bit, but hopefully you get the general idea.

If you're security-minded, you might notice there's no permissions setting in this workflow. That's because Forgejo currently does not support fine-grained permissions in the automatically-generated workflow tokens. In Forgejo, the automatically-generated token always has full read/write privileges unless it's operating on a pull request from a fork, in which case it has only read permissions. Nothing finer-grained is possible at present. If you need something finer-grained, you have to generate a token manually, save it as a repository secret, and adjust your workflow (somehow) to use that and hide the automatically-generated token as far as is practically possible (that's outside the scope of this post).

So that's CI! What about LLM pull request review? Well, if you dislike or are not interested in that, stop reading now. If you are interested, here's a recipe:

name: AI Code Review
on:
  pull_request_target:
    types: [labeled]

jobs:
  ai-review:
    if: forgejo.event.label.name == 'ai-review-please'
    runs-on: fedora
    container:
      image: registry.gitlab.com/redhat/edge/ci-cd/ai-code-review:v2.3.0
    steps:
      - name: Run AI Review
        env:
          AI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
        run: ai-code-review --platform forgejo --pr-number ${{ forgejo.event.pull_request.number }} --post

  # this has to be a separate job because ai-code-review container does not have nodejs in it
  # also note this does not work for PRs from forks because of a forgejo bug
  # https://codeberg.org/forgejo/forgejo/issues/10733
  remove-label:
    runs-on: fedora
    steps:
      - uses: https://github.com/actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1.3.0
        with:
          labels: ai-review-please

That will cause the ai-code-review tool to review the pull request and post its analysis as a comment.

Just a couple of things to note here. I decided to have the LLM review happen only when a pull request is given a special label. LLM reviews are relatively expensive, and also quite verbose; you don't necessarily want one cluttering up the ticket any time a pull request is created or edited, and you may not want to make it possible for someone to charge some LLM usage to your account as often as they like just by creating or editing a pull request.

So, to use this recipe you have to create a label called ai-review-please in your repository. You can do this by going to "Issues", then clicking "Labels", then "New label". Give it whatever color and description you like. Any time you add that label to a PR, the review process will be triggered. Before adding the label to a PR you should probably make sure the PR is well-intentioned and not attempting any kind of prompt injection to get ai-code-review to disclose a secret or mess with the repository.

The other thing is you need an AI provider API key. In this recipe we have a Gemini API key saved as a repository secret called GEMINI_API_KEY. To create repository secrets, go to repository "Settings", then "Actions", then "Secrets", and click "Add secret". In the workflow, we make the repository secret called GEMINI_API_KEY (secrets.GEMINI_API_KEY) available in the container as the environment variable AI_API_KEY; ai-code-review reads it in from there. Gemini is the default LLM provider for ai-code-review. You can also use OpenAI or Anthropic by adding an --ai-provider argument to the ai-code-review call in the workflow (obviously, then, the secret you export as AI_API_KEY must be a valid key for that provider). I'm hoping that in the not-too-distant future, we'll have an LLM model provider in Fedora infra, running open source models, that we can use for this purpose; for now, unfortunately, we have to use the hyperscaler ones.

Finally, as noted in the comment, the workflow is intended to remove the ai-review-please label when it runs (so you don't have to remove it manually, then add it again, if you want another review later), but this does not currently work for pull requests from forks due to a Forgejo bug (because we're using pull_request_target the workflow token should have write permissions even for a fork PR, but it doesn't). If you use it on a fork PR, you'll have to remove the label manually once the workflow has triggered.

You can, of course, change the on block to be the same as the CI recipe if you want to have LLM review run automatically whenever a PR is created or edited - but do make sure whoever's paying the bills for the API key is OK with that, and monitor the repo to make sure nobody starts creating hundreds of PRs to try and blow your budget...and hope/pray nobody manages a successful prompt injection attack. On the whole I'd stick with the label (only repository admins can label PRs, so a non-admin attacker can't apply the label themselves to trigger the review).

This is a followup to my previous post about how I tried Ambient Code.

TL;DR: I opened a PR (#specfile/508) and had to take over in the end.

Where did we end?

Claude Code proposed a solid implementation plan to us, Stella (the staff engineer agent) approved it.

Released on 2026-01-18.
This is a bugfix release which also brings some minor feature enhancements.

Features

client: when downloading packages use the --fallback-unsigned option to tell Koji to fall back to getting unsigned packages if it can't get signed ones (#6039).
server: allow retrieving a (Fedora) release by searching for rawhide (#6061).
server: added an X-Bodhi-Agent header to emails sent on update comments (#6065).
server: don't send a comment email notification to the comment author (#6066).

Bug fixes

server: avoid manually setting TestGatingStatus.waiting on Update before calling update_test_gating_status() (#6044).
server: builds with too long NVR (>100 chars) are now ignored by the automatic updates consumer (#6063).

Contributors

The following developers contributed to this release of Bodhi:

Adam Williamson
Mattia Verga

Greetings everyone. Happy new year!

This last week was the first full week I was back at it after the holidays.

Holidays

So, how did that go? It was pretty good. I did manage to finish my december of docs with only missing one day. Closed about 40 tickets, made about 30 pr's for infra docs. Good progress. I might try and resume doing them, it is kind of nice to chip away at them over time.

I got a number of home projects done that I kept not having time for:

Migrated all my bespoke firewall rules to nftables
Fixed up my email setup to block more junk
setup fail2ban finally when the ssh and dovecot and postfix brute forcers were making my logs hard to read. I wasn't worried about any of them getting in, but no reason not to just block them all.

Also did a bunch of learning about solar and home backups and batteries. I'm likely to pull the trigger on a solar system before too long.

Sadly, the world in 2026 is pretty horrible, but I will do my best to do what I can to help others and hope we can all collectively return the world to some sanity.

FESCo

fesco elections completed and I was elected again. Thanks so much everyone who voted for me. I will try and do my best (as always). If you have some concern or issue for fesco, feel free to let me know.

I think the slate of candidates were all excellent and I look forward to working with the new members to make fedora better.

Catchup

I tried to keep an eye out on things during the holidays, so catching up wasn't as bad as if I ignored everything, but still a lot to process through. I have now I think mostly done so, so if you asked me something or sent me a message looking for a reply and haven't seen it yet, please do check with me again.

mass rebuild

The f44 mass rebuild started, all be it a few days late. There was a large boost update and then some last minute tools builds that had to get in, but it's finally going now since yesterday. Typically these take a few days to rebuild most everything, then there's a few stragglers. I am not sure if it will be done by monday, but it shouldn't be too far off that. Then, we will merge things in and start getting ready for branching in a few weeks.

forge move

Next tuesday ( 2026-01-20 at 21UTC) I plan to migrate the fedora infra ticket tracker ( https://pagure.io/fedora-infrastructure ) to the new forge ( https://forge.fedoraproject.org/infra/tickets ). I sent out an announcement and will try and make things as smooth as possible.

If you do interact with infra you may want to login to forge and set your notifications as you like. Right now email notifications are not on by default, so if you want emails you need to enable them in your prefs.

I'm really looking forward to having this moved. We will likely look at moving our ansible repo after this and a few others. Our docs repo was already moved before the holidays.

Upcoming

I have a few things I really want to get to soon:

I want to FINALLY land the pesign changes to sign secure boot via sigul. I have a pr I made last year, need to fix it up some, deploy and test.
I want to look into the 502's people have been seeing and try and figure out where in the proxy stack thats happening and hopefully fix it up.
We got over 100 tickets pending last week. I processed/fixed a number, but we are still up to 92 as of today. I'd like to fight those down again.

comments? additions? reactions?

As always, comment on mastodon: https://fosstodon.org/@nirik/115911910269440220

In a previous post, we looked at how Debianists wanted to use Swiss police to find and arrest whisteblowers who use Proton Mail. As it turns out, the Swiss police had already arrested the Albanian female whisteblowers at Zurich airport in 2017.

After being released from custody, the whistleblowers visited the famous Lion monument in the city of Luzern.

This is Anisa Kuci and Kristi Progri from the famous Open Labs hackerspace in Albania, now working for GNOME Foundation:

In medieval times, Swiss guards were mercenaries who bravely offered protection to kings and queens in all the royal courts of Europe. Their role was similar to that of the Cuban guards assigned to protect the president of Venezuela.

Today, the only remaining Swiss guard unit protects the Pope in the Vatican. The other units were all disbanded.

The Lion monument honors 760 guards who lost their lives in the service of the French royal court. They were overrun by a much larger force, they held their ground only to be massacred during the French Revolution in 1792.

While the Swiss guards were commended for their bravery, Swiss jurists, such as those we examine on the JuristGate web site have been nothing but despicable cowards.

When the Software Freedom Institute was founded in 2021, IBM Red Hat was terrified and sent lawyerists to harass the Institute. The Institute had purchased Swiss legal protection insurance and immediately asks the Swiss jurists to help defend the Institute from IBM Red Hat. The Jurists were terrified and made up excuses, running away to hide behind the skirts of mother Helvetica:

Subject: 	Re: Fwd: Red Hat, Inc. v. Daniel Pocock / Software Freedom Institute SA - FA2201001980642 - Commencement - E-mail 3/3
Date: 	Fri, 18 Feb 2022 14:18:22 -0800
From: 	PT Partners <info@ptpartners.ch>
To: 	daniel@softwarefreedom.institute

Chère cliente, cher client, cher partenaire,

Votre message a bien été réceptionné. Nous vous répondrons aussi vite que possible. Suite à l'envoi de votre courriel, merci de ne pas écrire de mails supplémentaires jusqu'à la prise de contact de l'un de nos collaborateurs.

En raison des féries judiciaires, nos délais de réponse minimums sont suspendus. Nous vous reviendrons cependant au plus vite.

Cordialement,

-- 
Mathieu Parreaux
Associé

     Parreaux, Thiébaud & Partners
     Département juridique
     Avenue des Grandes Communes 8
     1213 Petit-Lancy
     022 342 38 94

Second response, four days later...

Subject: 	Re: Fwd: Red Hat, Inc. v. Daniel Pocock / Software Freedom Institute SA - FA2201001980642 - Commencement - E-mail 3/3
Date: 	Tue, 22 Feb 2022 06:39:55 -0800
From: 	Mathieu Parreaux <m.parreaux@ptpartners.ch>
To: 	daniel@softwarefreedom.institute

Bonjour,

Merci pour votre courriel. Je le traiterai aussi rapidement que possible. Mes délais de réponse sont de 1 à 3 jours ouvrables. Si vous êtes un client Platinum et que le cas est urgent, vous pouvez me joindre sur mon portable personnel.

Cordialement,

-- 
/     [L’excellence au travers des actes]/
/
/__ /    Mathieu Parreaux

      Managing Partner
      https://www.ptpartners.ch/

      Siège de Genève____
      Av. des Grandes-Communes 8
      1213 Petit-Lancy
      022 342 38 94

A skeleton response was prepared by the Institute and sent to the jurists to help them get started:

Subject: 	Re: Fwd: Red Hat, Inc. v. Daniel Pocock / Software Freedom Institute SA - FA2201001980642 - Commencement - E-mail 3/3
Date: 	Tue, 22 Feb 2022 16:01:54 +0100
From: 	Luc Zimmermann <l.zimmermann@ptpartners.ch>
To: 	Daniel Pocock <daniel@softwarefreedom.institute>
CC: 	PT Partners <info@ptpartners.ch>, Mathieu Parreaux <m.parreaux@ptpartners.ch>

Cher Monsieur,

Merci de votre message et ses annexes.

J'ai répondu audit message ce jour sur la chaîne d'e-mails principale/pertinente.

Avec mes sentiments dévoués,

/
/
/__ /    Luc Zimmermann

      Titulaire du brevet d'avocat
      https://www.ptpartners.ch/

      Siège de Genève____
      Avenue des Grandes-Communes 8
      1213 Petit-Lancy
      022 342 38 94

Le mar. 22 févr. 2022 à 15:39, Daniel Pocock  a écrit :

    Bonjour

    Ils demandent un réponse ce semaine, jusqu'à 28.02.2022

    J'ai trouvé quelque preuves et j'ai ecrit un skeleton du réponse,
    ci-joint

    Daniel

The following morning, Luc Zimmermann sends an excuse about not helping victims of UDRP harassment in Switzerland.

Subject: 	Re: Fwd: Red Hat, Inc. v. Daniel Pocock / Software Freedom Institute SA - FA2201001980642 - Commencement - E-mail 3/3
Date: 	Wed, 23 Feb 2022 09:32:52 +0100
From: 	Luc Zimmermann <l.zimmermann@ptpartners.ch>
To: 	Daniel Pocock <daniel@softwarefreedom.institute>
CC: 	PT Partners <info@ptpartners.ch>, Mathieu Parreaux <m.parreaux@ptpartners.ch>

Cher Monsieur,

Merci de votre retour.

Je prends bonne note qu'il ne s'agit pas du même cas que celui pour lequel je vous ai adressé un e-mail séparé de réponse le 22.02.22 (à 16h01).

Nous prenons en charge des cas qui relèvent du droit suisse, p. ex. un litige à l'étranger qui a un for en Suisse et a pour droit applicable le droit suisse, de sorte que, comme dit, ici, nous ne pouvons entrer en matière.

Vous remerciant de votre compréhension, je vous prie d'agréer, cher Monsieur, mes salutations distinguées,

/
/

/__ /    Luc Zimmermann

      Titulaire du brevet d'avocat
      https://www.ptpartners.ch/

      Siège de Genève____
      Avenue des Grandes-Communes 8
      1213 Petit-Lancy
      022 342 38 94

The jurist who sent these excuses, Luc Zimmermann, is also a member of Le Centre (The Center) political party and he has a prominent role in the Geneva Municipal Council. The same political party has been linked to conflicts of interest in the prosecution of the Crans-Montana tragedy.

The Institute's director had to spend a whole Sunday preparing the response to the UDRP harassment on his own.

The legal panel ruled that the UDRP case was created for the purpose of harassing the Institute and it was an abuse of the administrative procedure.

In these circumstances, why were the Swiss jurists so cowardly?

In their marketing, they claim that no case is ever rejected.

Consider the irony: the cowardly jurists were unwilling to defend the UDRP case even though the Institute was on the right side of the law. Yet it was the jurists themselves who were usurping the reputation of the legendary Tissot boss Francois Thiébaud.

Last year, I've spent few months exchanging emails and packet dumps with Zoom's support. They provide videoconferencing software which gave me connectivity problems . Specifically, Zoom client, on my work Macbook, when connected to my home network, failed. To make reporting harded, Zoom's webpage did not open in Chrome on that laptop neither.

Perplexingly, my private Fedora laptop, on the same network, had no problems whatsoever. I'll spare the details of weeks-long investigation (no, it wasn't DNS' fault; nor Cloudflare's).

The problem sourceâ€¦

MacOS X DHCP client ignores Maximum Transfer Unit (option 26) from DHCP server!

I couldn't believe it, but there are tons of similar reports over the net. Apparently, Apple deems MTU information not trustworthy. Well, thank you ğŸ��, there went weeks of my time.

Why do I even have non-standard MTU in my network?: Since my ISP was acquired, I had to deal with blast-from-the-past networking. Plain, reliable Ethernet connection was replaced with PPPoE, lowering the MTU to 1492 bytes, bringing distaste and headaches.
Why other webpages and software continued working?: Most communications use TCP/IP protocol, which knows how to deal with decreased MTU. Modern pages (and Zoom) try to use QUIC protocol. It works over UDP. UDP has no mechanisms of Path MTU discovery and too big packets are just dropped. PMPTU for QUIC is still at a draft stage.
Why it started to happening recently?: Due to other circuimstances, I had disabled IPv6 connectivity for my work laptop around summer last year. I didn't noticed at the time, but before that, Zoom worked fine over IPv6. MTU information from RA is good enough for Apple, whereas from DHCP is a no-no.

Kudos to Zoom Support, for spotting the MTU problem in the end.

030/100 of #100DaysToOffload

This is a report created by CLE Team, which is a team containing community members working in various Fedora groups for example Infrastructure, Release Engineering, Quality etc. This team is also moving forward some initiatives inside Fedora project.

Week: 12 Jan â€“ 16 Jan 2026

Fedora Infrastructure

This team is taking care of day to day business regarding Fedora Infrastructure.
Itâ€™s responsible for services running in Fedora infrastructure.
Ticket tracker

CentOS Infra including CentOS CI

This team is taking care of day to day business regarding CentOS Infrastructure and CentOS Stream Infrastructure.
Itâ€™s responsible for services running in CentOS Infratrusture and CentOS Stream.
CentOS ticket tracker
CentOS Stream ticket tracker

Release Engineering

This team is taking care of day to day business regarding Fedora releases.
Itâ€™s responsible for releases, retirement process of packages and package builds.
Ticket tracker

Mass Rebuild is GO for Wednesday, January 14th.

QE

This team is working on day to day business regarding Fedora CI and testing.

Multi-signed shim Test Day is live
The OpenQA needly editor Needly from Lukas Ruzicka is now packaged on Flathub
An OpenQA test for Fedora Media Writer is mostly done, now testing on staging

Forgejo

This team is working on deployment of forge.fedoraproject.org.
Ticket tracker

Fedora Localization migration – Groups [A] [B] [C], teams and namespaces created
Konflux integration organisation and groups created
Forge action runner for quality organization
Konflux pipelines for distgit added – images for distgit instance ready on quay. Work in progress for fedora-rawhide based images.

RISC-V

We’re still blocked by a complex in potential both binutils and debugedit We have a reproducer and some leads, but no clear â€œchain of blameâ€� yet. Weâ€™re still actively working on this with several folks.
- (Details: We have about 1433 packages that build something that include `*.a` (archive file). We know the affected packages are roughly <200 packages , but that’s likely because we’re just shipping the static libraries. The count of 1433 drops to 440 if we exclude OCaml, GHC, and MinGW.)

UX

We have a new teenage contributor in Fedora Design! He has completed his first ticket
Logo variations for Project Hummingbird have been uploaded.
All files for printed materials created for Fedora at FOSDEM have been sent to stakeholders.
Held an initial brainstorming session for revamping the Fedora Design docs [epic].

If you have any questions or feedback, please respond to this report or contact us on #admin:fedoraproject.org channel on matrix.

The post Community Update – Week 03 2026 appeared first on Fedora Community Blog.

RPMs of PHP version 8.5.2 are available in the remi-modular repository for Fedora â‰¥ 41 and Enterprise Linux â‰¥ 8 (RHEL, Alma, CentOS, Rocky...).

RPMs of PHP version 8.4.17 are available in the remi-modular repository for Fedora â‰¥ 41 and Enterprise Linux â‰¥ 8 (RHEL, Alma, CentOS, Rocky...).

RPMs of PHP version 8.3.30 are available in the remi-modular repository for Fedora â‰¥ 41 and Enterprise Linux â‰¥ 8 (RHEL, Alma, CentOS, Rocky...).

â„¹ï¸� These versions are also available as Software Collections in the remi-safe repository.

â„¹ï¸� The packages are available for x86_64 and aarch64.

â„¹ï¸� There is no security fix this month, so no update for version 8.2.30.

Version announcements:

â„¹ï¸� Installation: Use the Configuration Wizard and choose your version and installation mode.

Replacement of default PHP by version 8.5 installation (simplest):

On Enterprise Linux (dnf 4)

dnf module switch-to php:remi-8.5/common

On Fedora (dnf 5)

dnf module reset php
dnf module enable php:remi-8.5
dnf update

Parallel installation of version 8.5 as Software Collection

yum install php85

Replacement of default PHP by version 8.4 installation (simplest):

On Enterprise Linux (dnf 4)

dnf module switch-to php:remi-8.4/common

On Fedora (dnf 5)

dnf module reset php
dnf module enable php:remi-8.4
dnf update

Parallel installation of version 8.4 as Software Collection

yum install php84

Replacement of default PHP by version 8.3 installation (simplest):

On Enterprise Linux (dnf 4)

dnf module switch-to php:remi-8.3/common

On Fedora (dnf 5)

dnf module reset php
dnf module enable php:remi-8.3
dnf update

Parallel installation of version 8.3 as Software Collection

yum install php83

And soon in the official updates:

Fedora Rawhide now has PHP version 8.5.2
Fedora 43 - PHP 8.4.17
Fedora 42 - PHP 8.4.17

âš ï¸� To be noticed :

EL-10 RPMs are built using RHEL-10.1
EL-9 RPMs are built using RHEL-9.7
EL-8 RPMs are built using RHEL-8.10
intl extension now uses libicu74 (version 74.2)
mbstring extension (EL builds) now uses oniguruma5php (version 6.9.10, instead of the outdated system library)
oci8 extension now uses the RPM of Oracle Instant Client version 23.9 on x86_64 and aarch64
A lot of extensions are also available; see the PHP extensions RPM status (from PECL and other sources) page

â„¹ï¸� Information:

Base packages (php)

Software Collections (php83 / php84 / php85)

Somebody on the SUSE internal chat mentiond the blog post of PyCA maintainers on the current state of OpenSSL, and I felt the need to add my €0.02 from the M2Crypto maintainer’s point of view.

I completely agree. When I read “Network Security with OpenSSL” by Viega, Messier, and Chandra, I had some idea what they are talking about (modulo some threading chapters which made my brain hurt, but multiprocessing does that to me every time). Since 3.0 I have no idea. I have been promised by Tomáš Mráz (then still my colleague in Red Hat) that changes in the first post-HeartBleed release (1.1.1?) will make API stable. Then they completely rewritten it in 3.0 again. It never got stable. Every minor release without one exception everybody has to port their software to new API.
Documentation is atrocious. For such high-profile security library it is crazy how poor their documentation is and it is getting worse. I really believe their manpages were much better, but given that their API is completely out of control no wonder they are not able to document it. I spent days of my time trying to fix https://todo.sr.ht/~mcepl/m2crypto/9 and in the end creation of new X509 extension is such magic, that I had to look through the source code, because some aspects of it are just not documented at all, and the in the end the fix severely limits what can be done, because I have never managed to achieve all what I wanted.
However, and that’s the most crucial point for me. M2Crypto is not PyCA: it is not an universal cryptography library for Python programmers, but it is nothing more and nothing less than legacy Python bindings for OpenSSL for legacy applications, so I will never abandon it. If somebody proposes LibreSSL/etc. patch, I am willing to take it, but switching from OpenSSL would be loosing raison d'être of it.
One point aside: I remember too much, so I do remember when PyCA was originally created, that it was not meant to be OpenSSL Python bindings even as much as it is now. It was meant to have multiple changeable backends (there were even some drafts I believe of Windows CryptoAPI and Apple API ,either CDSA and CSSM or Security Framework, not sure). Perhaps they could return to that idea.

C'était le mardi 15 décembre 2025 que la maintenance de Fedora Linux 41 a pris fin.

Qu'est-ce que c'est ?

Un mois après la sortie d'une version de Fedora n, ici Fedora Linux 43, la version n-2 (donc Fedora Linux 41) n'est plus maintenue.

Ce mois sert à donner du temps aux utilisateurs pour faire la mise à niveau. Ce qui fait qu'en moyenne une version est officiellement maintenue pendant 13 mois.

En effet, la fin de vie d'une version signifie qu'elle n'aura plus de mises à jour et plus aucun bogue ne sera corrigé. Pour des questions de sécurité, avec des failles non corrigées, il est vivement conseillé aux utilisateurs de Fedora Linux 41 et antérieurs d'effectuer la mise à niveau vers Fedora Linux 43 ou 42.

Que faire ?

Si vous êtes concernés, il est nécessaire de faire la mise à niveau de vos systèmes. Vous pouvez télécharger des images CD ou USB plus récentes.

Il est également possible de faire la mise à niveau sans réinstaller via DNF ou GNOME Logiciels.

GNOME Logiciels a également dû vous prévenir par une pop-up de la disponibilité de Fedora Linux 43 ou 42. N'hésitez pas à lancer la mise à niveau par ce biais.

Cela fait depuis Fedora 19 que je publie sur la liste de diffusion de Fedora-fr une revue de presse de chaque sortie d'une nouvelle version. Récapituler quels sites en parle et comment. Maintenant, place à Fedora Linux 43.

Bien entendu je passe sous silence mon blog et le forum de fedora-fr.

Sites web d'actualité

Soit 4 sites.

Les vidéos

Linuxtricks.

Soit 1 vidéos.

Bilan

Le nombre de sites parlant de Fedora Linux 43 est en légère baisse.

Les deux semaines après sa sortie, nous avons eu globalement une augmentation de visites par rapport à la semaine d'avant de cet ordre là :

Forums : hausse de 19% (près de 600 visites en plus)
Documentation : données non interprétables à cause d'une masse de visiteurs chinois (bots ?) sur cette section depuis septembre 2025
Le site Fedora-fr : hausse de 5% (soit 20 visites en plus)

Si vous avez connaissance d'un autre lien, n'hésitez pas à partager !

Rendez-vous pour Fedora Linux 44.

Financial markets are undergoing rapid change at the moment and mum-and-dad investors are looking for advice and inspiration.

A Youtube channel has appeared using the name MileniumCrypto ( Youtube link) to help people. The channel publishes French language videos recorded by an anonymous male voice.

The channel has a link to a French web site, https://www.milenium-crypto.fr which links to another web site https://www.atreide-ventures.fr. That web site, in turn is associated with a French company using the name Atreide Ventures SAS (SIREN 931 427 561).

The company was founded in July 2024 using another French company, Hamilton Invest (SIREN 908 634 793) as a stooge director.

Hamilton Invest itself has a single director, Marlon (Sean) Hamilton-Bekhti, born in January 1990. Mr Hamilton-Bekhti is associated with at least seven French companies and two British companies Light Keys Conciergerie Limited and Lowlands Inc Limited. The British records at Companies House tell us he is a French citizen with a domicile in Switzerland.

There is another investment company with exactly the same name operating in Hong Kong and the Philipines. The web site https://atreidesventures.co/ has been registered since 5 October 2023. Their web site has a picture of their directors and they appear to be a completely different group of people. It looks like the French scam company has chosen to use the name of an existing business to obfuscate themselves behind the MileniumCrypto brand.

For the first nine months the business was trading, nobody sending investments to the company would have any way to know it was connected to the Parreaux community.

Approximately nine months later, in March 2025, the French Atreide Ventures SAS company removed the first stooge director Hamilton Invest and replaced it with Didier Simon René Parreaux, born January 1960.

We found him living in Thonex, Switzerland and linked to the company Hach Lange Sàrl. Here we found a photo of him. We presume he is related to Mathieu Elias Parreaux (bankrupt and banned), Hodan Parreaux-Hussein, Marla Sofia Parreaux and Arnaud Parreaux.

Didier Parreaux only remained as a director for three months. On 16 July 2025, he was removed and replaced by two new directors, Marla Sofia Parreaux and Badra Fettache, born in November 1973.

On 10 October 2025, the scam company Atreide Ventures SAS changed its business address from the French village of Gaillard, on the Swiss border, to the address 7 impasse Paquet-Merel, 69009, Lyon. Lyon is the global headquarters of Interpol.

The new address appears to be a residential building and the French residence of Madame Badra Fettache.

Badra Fettache has also operated a Swiss business, ASC Consulting in Geneva and more remarkably, when Mathieu Elias Parreaux became bankrupt, Badra took over control of one of his other companies, Polytek SA.

We found that Badra Fettache is also listed as a former employee of the city of Lyon.

Compare the man's voice in the milenium-crypto videos on Youtube to the recordings of Mathieu Parreaux on Radio Lac.

milenium-crypto is really Mathieu Parreaux asking more French victims to advance money into another Ponzi scheme.

On 24 October 2025, the French Autorité Marchés Financiers published an official warning about the web site atreide-ventures.fr.

Keen observers of the scandal watched all the videos and found a moment where Parreaux's desktop is visible and we can see his name there too.

Cryptocurrency is a great concept for specialists but for everybody else, it is simply a new way to get scammed. Beware.

Remember, Mathieu Elias Parreaux is a Swiss jurist and he started his previous business, Parreaux, Thiébaud & Partners while working as the greffier in the Tribunal of Monthey, Canton Valais.

The Swiss financial regulator knew about his activities for five years before they shut him down.

The French authorities have published a warning about his business but they did not shut the business down. The business is still trading and publishing videos every few days.

Please see the rest of the JuristGate reports.

The bankruptcy of Mathieu Parreaux published his date of birth (11 November 1992) and his home address at Allée des Roseaux 1, Châtelaine 1219, Switzerland. He is a Swiss citizen originating from the commune of La Brévine, Canton Neuchatel.

Searching the address in public business records, we find a sole trader using the business name Fancy Concept. The business is at the same address and the proprietor is Marla Sofia Parreaux. Marla's date of birth appears in another public business register as August 1997. Marla is also linked to addresses in France, in both Gaillard and Lyon Vaise, for a business Atreide Ventures SAS (931 427 561) which is a front for Milenium Crypto.

Based on these dates of birth, people have speculated whether Marla is the wife, sister or cousin of ringleader Mathieu Parreaux.

We could not find any public web site for Fancy Concept in Switzerland. We found various other businesses around Europe using exactly the same name, including Fancy Concept in Bari, Italy and Fancy Concept in Sterrebeek, Belgium.

What was the purpose of creating this business? Did the Parreaux community hope to benefit from the brand created by other businesses using the same generic name? Or did they hope to be obfuscated by the very generic name and the presence of many similar names in search results?

With a very generic business name like this, it could just as easily be selling women's products, cryptocurrencies or even both at the same time.

Mathieu Parreaux was subject to a bankruptcy procedure in 2023. Marla Parreaux began the new business Fancy Concept on 26 September 2024. Did this business provide a way for Mathieu Parreaux to continue trading under a business registered to his wife?

Atreide Ventures was created in France at almost exactly the same time but using other directors. Marla Parreaux was only added as a director in 2025. When Atreide Ventures was created, they stated the business objective:

Activités auxiliaires de services financiers et d'assurance

Translated to English, they state that Atreide Ventures provides auxiliary services for the finance and insurance industries. Yet FINMA's order from April 2023 bans Mathieu Parreaux from working in insurance.

Did Marla Parreaux even know that a business had been created in her name? Remember, Mathieu Parreaux and some of his jurist colleagues had also worked as greffier in the tribunal. He may have been able to use some mechanism to complete the business registration without Marla Parreaux being aware her name was used as a director.

While that seems far-fetched, remember they had fooled a woman in France to quit her old job and come and work for them immediately before FINMA shut down the whole scam.

Please see the rest of the JuristGate reports.

Ambient Code is a platform (not covered here) and a collection of AI coding agents and workflows designed to help with software development. I decided to give it a shot and see how well their agents can analyze and contribute to one of our projects in Packit org. The first tool we are going to use is called agentready. It checks how well a project is maintained and suited for AI-assisted development.

Cela fait maintenant un bon moment que je possède un NAS, et je n’avais encore jamais pris le temps de décrire réellement ma stack ni les applications que j’y héberge. Cet article est donc l’occasion de corriger cela. Références et inspiration S’il ne fallait citer qu’une seule référence incontournable dans le monde du self-hosted, ce […]

Cet article Comment j’organise mon NAS et mes services auto-hébergés est apparu en premier sur Guillaume Kulakowski's blog.

In December, I did my first Advent of Code (opens in new tab). I used Ansible, which is a terrible choice for programming challenges but that’s part of the fun!

Note

I gave myself these rules:

Week: 05 Jan – 09 Jan 2026

Fedora Infrastructure

This team is taking care of day to day business regarding Fedora Infrastructure.
It’s responsible for services running in Fedora infrastructure.
Ticket tracker

[FESCo] Five badges for F43-F47 changes have been pushed [A] [B] [C] [D] [E]
Cannot send emails via smtp-auth server for orphaned packages process
error 500 on cgit hosted on fedorapeople.org
new group for Universal Blue

CentOS Infra including CentOS CI

This team is taking care of day to day business regarding CentOS Infrastructure and CentOS Stream Infrastructure.
It’s responsible for services running in CentOS Infratrusture and CentOS Stream.
CentOS ticket tracker
CentOS Stream ticket tracker

Release Engineering

This team is taking care of day to day business regarding Fedora releases.
It’s responsible for releases, retirement process of packages and package builds.
Ticket tracker

Preparatory steps for the next Mass Rebuild which is currently scheduled for next week, Wednesday January 14th.

If you have any questions or feedback, please respond to this report or contact us on #admin:fedoraproject.org channel on matrix.

The post Community Update – Week 02 2026 appeared first on Fedora Community Blog.

Py (daughter) is now 11 years old, and she spends a lot of time on Scratch, makes beautiful and fun things. But, she thinks she is not a programmer as she is moving blocks and not typing code like us. I had questions for long time about how to move this Scratch generation into programming in general via Python. EktuPy is my probable solution.

Home page

In simple words, we have an editor to write code in the left, and a Canvas/stage on the left. You can do all the similar things you do on scratch here, I have a list of examples in the editor.

Hello World

We use PyScript and thanks to Astral we have both Ruff and ty for LSP/linting support in the editor (using webassembly). The whole code is executing on the browser of the user.

Drawing via keyboard

Drawing via pen

Pong

Yesterday I took part in the monthly PyScript Fun call because Nicholas reminded me, had fun to demonstrate it there and watched what others are building.

Two Sprites

The first time Py pocked around for 1:30 hours, she gave me 11 bugs, and next for 5 minutes and asked me to get tutorials, she did not want to read the documentation. So, for every example in the editor we have tutorials, not too detailed yet, but good enough to start.

Tutorial

You can create an account and save your programs. You can share them as public from your dashboard, then others can find those in the explorepage and run the code or remix if they want.

Space shooter

I am super nostalgic about one implementation :)

Oh, because I think kids may not have to learn about async programming in this platform, calls like wait() or ask() or play_sound_until_done() or wait_until() are all synchronous for the edtior, and then some AST transformer adds the async/await as needed.

Feel free to try this out, share the link to your kid or teachers/parents you know. Let me know how to improve. I will publish the codebase, a Django application with proper license and hopefully we can make it even better togather.

This project was not possible without all the work done before, including Scratch, or CodeMirror for the edtior, PyScript / PyOdide, the bigger Python community and Claude/Opus4.5 for incredicable TypeScript/Javascript help :)

The tmt web app is a simple web application that makes it easy to explore and share test and plan metadata without needing to clone repositories or run tmt commands locally.

At the beginning, there was the following user story:

As a tester, I need to be able to link the test case(s) verifying the issue so that anyone can easily find the tests for the verification.

Traceability is an important aspect of the testing process. It is essential to have a bi-directional link between test coverage and issues covered by those tests so that we can easily:

identify issues covered by the given test
locate tests covering given issues

Link issue from test

Implementing the first direction in tmt was relatively easy: We just defined a standard way to store links with their relations. This is covered by the core link key which holds a list of relation:link pairs. Here’s an example test metadata:

summary: Verify correct escaping of special characters
test: ./test.sh
link:
  - verifies: https://issues.redhat.com/browse/TT-206

Link test from issue

The solution for the second direction was not that straightforward. Thanks to its distributed nature, tmt does not have any central place where a Jira issue could point to. There is no server which keeps information about all tests and stores a unique id number for each which could be used in the link.

Instead of integers, we’re using the fmf id as the unique identifier. It contains url of the git repository and name of the test. Optionally, it can also define ref instead of using the default branch and path to the fmf tree if it’s not in the git root.

The tmt web app accepts an fmf id of the test or plan or both, clones the git repository, extracts the metadata, and returns the data in your preferred format:

HTML for human-readable viewing
JSON or YAML for programmatic access

The service is currently available at the following location:

https://tmt.testing-farm.io/

Here’s an example of what the parameters would look like when requesting information about a test in the default branch of a git repository:

https://tmt.testing-farm.io/?test-url=…&test-name=…

By default, a human-readable HTML version of the output is provided to the user. Include the format parameter in order to choose your preferred format:

https://tmt.testing-farm.io/?test-url=…&test-name=…&format=yaml

It is possible to link a test, a plan, or both test and plan. The last option can be useful when a single test is executed under several plans. Here’s how the human readable version looks like:

Create new tests

In order to make the linking as smooth as possible, the tmt test create command was extended to allow automated linking to Jira issues.

First make sure you have the .config/tmt/link.fmf config prepared. Check the Link Issues section for more details about the configuration.

issue-tracker:
  - type: jira
    url: https://issues.redhat.com
    tmt-web-url: https://tmt.testing-farm.io/
    token: ***

When creating a new test, use the --link option to provide the issue which is covered by the test:

tmt test create /tests/area/feature --template shell --link verifies:https://issues.redhat.com/browse/TT-206

The link will be added to both test metadata and the Jira issue. Just note that the Jira link will be working once you push the changes to the remote repository.

Link existing objects

It’s also possible to use the tmt link command to link issue with already existing tests or plans:

tmt link --link verifies:https://issues.redhat.com/browse/TT-206 /tests/core/escaping

If both test and plan should be linked to the issue, provide both test and plan as the names:

tmt link --link verifies:https://issues.redhat.com/browse/TT-206 /tests/core/escaping /plans/features/core

This is how the created links would look like in Jira:

Closing notes

As a proof of concept, for now there is only a single public instance of the tmt web app deployed, so be aware that it can only explore git repositories that are publicly available. For the future we consider creating an internal instance in order to be able to access internal repositories as well.

We are looking for early feedback. If you run into any problems or any missing features, please let us know by filing a new issue. Thanks!

The post Improve traceability with the tmt web app appeared first on Fedora Community Blog.

Two year afters PHP 8.0, and as announced, PHP version 8.1.34 was the last official release of PHP 8.1

To keep a secure installation, the upgrade to a maintained version is strongly recommended:

PHP 8.2 has security only support and will be maintained until December 2026.
PHP 8.3 has security only support and will be maintained until December 2027.
PHP 8.4 has active support and will be maintained until December 2026 (2028 for security).
PHP 8.5 has active support and will be maintained until November 2027 (2029 for security).

Read :

ℹ️ However, given the very important number of downloads by the users of my repository the version is still available in remi repository for Enterprise Linux (RHEL, CentOS, Alma, Rocky...) and Fedora and will include the latest security fixes.

⚠️ This is a best effort action, depending on my spare time, without any warranty, only to give users more time to migrate. This can only be temporary, and upgrade must be the priority.

You can also watch the sources repository on github.

Link: https://support.google.com/mail/answer/16604719?hl=en

First, Yahoo cancels simple mail forwarding. Then I try to use the Google gmailify feature to get my email as well as be able to send mail on behalf of my domain name. Next, Google cancels gmailify so now I have recently switched everything over to Fastmail, which offers both of these features plus the label organization and filtering capabilities — but for a price of course. Anyway, I’ve been using Gmail for many many years since it was Beta as my default mail client but now that time has come to an end sadly…

39c3

This is a quick notes post about the recent Chaos Computer Congress. It was nice to participate again after two years.

Talks

All Sorted by Machines of Loving Grace? "AI", Cybernetics, and Fascism and how to Intervene
The talk explores the roots of today's tech fascism and its love for tech. Full of nice rants.
A post-American, enshittification-resistant internet
A very condensed talk, in the usual style of Cory Doctorow. A bit optimistic, but the whole analysis definitely worths it. I loved the phrase "Time to seize the means of computation!".
AI Agent, AI Spy
Based on a Signal Foundation research. How AI compromises the trust we usually have on operating systems. Very critical when you are relying on end-to-end encryption, making the assumption that you can trust both ends.
Coding Dissent: Art, Technology, and Tactical Media
Artistic practices that engage with sociotechnical systems through tactical interventions. Showcasing certain Art/Tech projects with political impact.
Suing spyware in Europe: news from the front!
The current status of the legal action against European governments using spyware (like Pegasus and Predator) to spy on people.

Self-organized sessions

Repressions and Surveillance of Pro-Palestine Speech in Germany
An overview of how German authorities have engaged in systematic repression of Pro-Palestine speech. With a reference to a new Berlin law that allows police to physically compromoise devices by intruding into private homes.
Running a NGO on FreeSoftware
Fascillitated by FSFE to showcase what kind software is being used for day to day operations. Many other tech people from other NGOs participated in the discussion. Common struggles on getting away from big tech companies.
Tales of apartheid
Stories of a Palestinian Israeli citizen on what Apartheid actually looks like.

Projects

Some quick links on projects and ideas captured in my notes based on discussions during the Congress.

AI War Cloud αn interactive database exploring the connection of tech companies with military operations and warfare. This was set up as an interactive installation during the Congress.
I was reminded again about Tor Snowflake proxy project. Something we could fairly easily set up on LibreOps.
plaintext, yet another chat project. This one aims on being a decentralized social network that uses plain text files over HTTP.
Solarpunk missions, that run through out the Congress but can be an inspiration for future projects.
Anubis AI firewall. If your website is suffering from excessive AI bots scraping.
Congress Checklist could be handy for the next one ;)

Last month, I attended the GNOME.Asia Summit 2025 held at the IIJ office in Tokyo. This was my fourth time attending the summit, following previous events in Taipei (2010), Beijing (2015), and Delhi (2016).

As I live near Tokyo, this year’s conference was a unique experience for me: an opportunity to welcome the international GNOME community to my home city rather than traveling abroad. Reconnecting with the community after several years provided a helpful perspective on how our ecosystem has evolved.

Addressing the post-quantum transition

During the summit, I delivered a keynote address regarding post-quantum cryptography (PQC) and desktop. The core of my presentation focused on the “Harvest Now, Decrypt Later” (HNDL) type of threats, where encrypted data is collected today with the intent of decrypting it once quantum computing matures. The talk was followed by the history and the current status of PQC support in crypto libraries including OpenSSL, GnuTLS, and NSS, and concluded with the next steps recommended for the users and developers.

It is important to recognize that classical public key cryptography, which is vulnerable to quantum attacks, is integrated into nearly every aspect of the modern desktop: from secure web browsing and apps using libsoup (Maps, Weather, etc.) to the underlying verification of system updates. Given that major government timelines (such as NIST and the NSA’s CNSA 2.0) are pushing for a full migration to quantum-resistant algorithms between 2027 and 2035, the GNU/Linux desktop should prioritize “crypto-agility” to remain secure in the coming decade.

From discussion to implementation: Crypto Usage Analyzer

One of the tools I discussed during my talk was crypto-auditing, a project designed to help developers identify and update the legacy cryptography usage. At the time of the summit, the tool was limited to a command-line interface, which I noted was a barrier to wider adoption.

Inspired by the energy of the summit, I spent part of the recent holiday break developing a GUI for crypto-auditing. By utilizing AI-assisted development tools, I was able to rapidly prototype an application, which I call “Crypto Usage Analyzer”, that makes the auditing data more accessible.

Conclusion

The summit in Tokyo had a relatively small audience, which resulted in a cozy and professional atmosphere. This smaller scale proved beneficial for technical exchange, as it allowed for focused discussions on desktop-related topics than is often possible at larger conferences.

Attending GNOME.Asia 2025 was a reminder of the steady work required to keep the desktop secure and relevant. I appreciate the efforts of the organizing committee in bringing the summit to Tokyo, and I look forward to continuing my work on making security libraries and tools more accessible for our users and developers.

I've cast my votes in Fedora Engineering Steering Comittee. The voting closes tomorrow.

As usual, I've read interview with the candidates, and then decided on my preferences. Red Hat employees get a minus, new faces get plus. There are exceptions, it's not a hard rule!

That's one of the way I contribute to Fedora. Sometimes I blog about elections. I've also been a Fedora packages for almost 18 years!

https://badges.fedoraproject.org/pngs/ivoted-f43.png

028/100 of #100DaysToOffload

After 2005 again in 2025 I wrote only 8 blog posts. The year was difficult in many different ways. But, from September things became a bit better. I could not do a lot of things which I thought I would do, or rather I promised to do.

I hoping to catch up on those promises in the coming months. That not only includes blog posts on vairous things I am writing/building, but also I have a huge backlog of photos to work on and publish.

Hello! I am not posting here any more. You can find me here instead. Most Planets should be updated already (I've an MR open for Planet Gnome), but if you're subscribed to my feed directly please update it.

comments

I wanted to highlight this interesting new keyboard stabilizer design that the Typeplus Stabilizer offers. It has a hooked wiring ending insert which basically slides/glides along an internal track within the stem housing when actuated. With only a little bit of lube needed, there is no wire ending rattling or ticking that can occur because of that simple hooked wire and track movement design. I will be testing these out first in the 7U spacebar on the Mode Envoy!

Kit: https://kbdfans.com/products/typeplus-x-yikb-screw-in-stabilizer

Long screen cap warning: I recently went back to reimplement a test program I started of a basic VPN TUN application. I implemented a similar version of the work that I placed in the OpenVPN framework but with a highly-modified ARC4 stream cipher.

Source: https://github.com/stoops/vpn/tree/main

This example code will first load in 88-bits worth of /dev/urandom data into an initial seed variable which will then feed the first 32-bits into the srand() algorithm seed. Then the regular rand() function can be used to mix in the generated random data into the seeded random data to create a new stream of random output data to be used by the application.

I tried to make some free apps for both OS’s (MacOS and iOS) and I will try to keep them going into the new year. Looks like I will need to dedicate some work on the newer TurnTable app as it is showing 10 crashes, however, I’m not sure how to be able to determine or debug why the app may have crashed for some users yet…

It is once again that pre-GSoC time of year where I go around asking GNOME developers for project ideas they are willing to mentor during Google Summer of Code. GSoC is approaching fast, and we should aim to get a preliminary list of project ideas by the end of January.

Internships offer an opportunity for new contributors to join our community and help us build the software we love.

@Mentors, please submit new proposals in our Project Ideas GitLab repository.

Proposals will be reviewed by the GNOME Internship Committee and posted at https://gsoc.gnome.org/2026. If you have any questions, please donâ€™t hesitate to contact us.

Release Candidate versions are available in the testing repository for Fedora and Enterprise Linux (RHEL / CentOS / Alma / Rocky and other clones) to allow more people to test them. They are available as Software Collections, for parallel installation, the perfect solution for such tests, and as base packages.

RPMs of PHP version 8.5.2RC1 are available

as base packages in the remi-modular-test for Fedora 41-43 and Enterprise Linux ≥ 8
as SCL in remi-test repository

RPMs of PHP version 8.4.17RC1 are available

as base packages in the remi-modular-test for Fedora 41-43 and Enterprise Linux ≥ 8
as SCL in remi-test repository

RPMs of PHP version 8.3.30RC1 are available

as base packages in the remi-modular-test for Fedora 41-43 and Enterprise Linux ≥ 8
as SCL in remi-test repository

ℹ️ The packages are available for x86_64 and aarch64.

ℹ️ PHP version 8.3 is now in security mode only, so no more RC will be released.

ℹ️ Installation: follow the wizard instructions.

ℹ️ Announcements:

Parallel installation of version 8.5 as Software Collection:

yum --enablerepo=remi-test install php85

Parallel installation of version 8.4 as Software Collection:

yum --enablerepo=remi-test install php84

Update of system version 8.5:

dnf module switch-to php:remi-8.5
dnf --enablerepo=remi-modular-test update php\*

Update of system version 8.4:

dnf module switch-to php:remi-8.4
dnf --enablerepo=remi-modular-test update php\*

ℹ️ Notice:

EL-10 packages are built using RHEL-10.1 and EPEL-10.1
EL-9 packages are built using RHEL-9.7 and EPEL-9
EL-8 packages are built using RHEL-8.10 and EPEL-8
oci8 extension uses the RPM of the Oracle Instant Client version 23.9 on x86_64 and aarch64
intl extension uses libicu 74.2
RC version is usually the same as the final version (no change accepted after RC, exception for security fix).
versions 8.3.30, 8.4.17 and 8.5.2 are planed for January 15th, in 2 weeks.

Software Collections (php84, php85)

Base packages (php)

A few weeks ago I released Johnnycanencrypt 0.18.0. It is a Python module written in Rust, which provides OpenPGP functionality including allows usage of Yubikey 4/5 as smartcards.

This release was in response of CVE-2025-67897 against sequoia-pgp. This forced me to update to the latest 2.1.0 release of Sequoia.

On Dec 17 we released systemd v259 into the wild.

In the weeks leading up to that release (and since then) I have posted a series of serieses of posts to Mastodon about key new features in this release, under the #systemd259 hash tag. In case you aren't using Mastodon, but would like to read up, here's a list of all 25 posts:

Post #1: systemd-resolved Hooks
Post #2: dlopen() everything
Post #3: systemd-analyze dlopen-metadata
Post #4: run0 --empower
Post #5: systemd-vmspawn --bind-user=
Post #6: Musl libc support
Post #7: systemd-repart without device name
Post #8: Parallel kmod loading in systemd-modules-load.service
Post #9: NvPCR Support
Post #10: systemd-analyze nvcpcrs
Post #11: systemd-repart Varlink IPC API
Post #12: systemd-vmspawn block device serial
Post #13: systemd-repart --defer-partitions-empty= + --defer-partitions-factory-reset=
Post #14: userdb support for UUID queries
Post #15: Wallclock time in service completion logging
Post #16: systemd-firstboot --prompt-keymap-auto
Post #17: $LISTEN_PIDFDID
Post #18: Incremental partition rescanning
Post #19: ExecReloadPost=
Post #20: Transaction order cycle tracking
Post #21: systemd-firstboot facelift
Post #22: Per-User systemd-machined + systemd-importd
Post #23: systemd-udevd's OPTIONS="dump-json"
Post #24: systemd-resolved's DumpDNSConfiguration() IPC Call
Post #25: DHCP Server EmitDomain= + Domain=

I intend to do a similar series of serieses of posts for the next systemd release (v260), hence if you haven't left tech Twitter for Mastodon yet, now is the opportunity.

My series for v260 will begin in a few weeks most likely, under the #systemd260 hash tag.

In case you are interested, here is the corresponding blog story for systemd v258, here for v257, and here for v256.

After my talk about TeX syntax-highlighting font at TUG2025 conference, then vice-president of TeX Users Group, Boris Veytsman approached me with a proposal to develop a Math counterpart for the beautiful Arsenal font designed by Andrij Shevchenko.

What followed was a deep dive into the TeXbook to learn about math font parameters, OpenType Math specification, and related documentation & resources. Fortunately, FontForge has really good support for editing Math tables; and the base font used (KpMath-Sans by Daniel Flippo) already had all the critical parameters set (which needed slight adjustments). I started the development of Arsenal Math by integrating the glyphs for Latin letters, Arabic numerals, some symbols etc. and with proper scaling & stem thickness corrections, for regular, bold, italic and bolditalic variants, plus math calligraphic letters. In addition, a lot of Math kerning (known as ‘cut-ins’ in OpenType parlance) was added to improve the spacing.

Fig. 1: Arsenal Math specimen, contributed by CVR.

Being an OpenType font â€” XeTeX, LuaTeX or some Unicode math typesetting engine (e.g. MS Word) is required to use Arsenal Math. Boris did testing and provided many feedback, and Vaishnavy Murthy graciously reviewed the glyph changes I made. The CTAN admins were quite helpful to get the font accepted into the repository. There is a style file and fontspec file supplied with the fonts to make the usage easy. The sources are available at RIT fonts repository.

Boris also donated funding for the project, but he had already paid me many folds by mailing The TeXbook autographed by Donald Knuth for me, so I requested the LaTeX devfund team to use funding for another project. Karl Berry suggested to write an article about the development process, which is published in the issue 46:3 of the TUGboat journal, and has a lot more technical details.

Fig. 2: The TeXbook autographed by Don Knuth for me.

The learning experience of Math typesetting internals, and contributing to the TeX ecosystem has been a fulfilling spare-time work for me in 2025. Many thanks to all those involved!

J’utilise Kodi depuis 2012, à l’époque où le projet s’appelait encore XBMC. Ma toute première installation tournait sur un Raspberry Pi sous Raspbian. Les médias étaient stockés sur mon PC, puis mon NAS et partagés via Samba (SMB pour les intimes). Un setup simple, efficace. Avec l’arrivée des Smart TV, j’ai fini par remplacer le […]

Cet article Pourquoi j’ai quitté Kodi pour Wholphin est apparu en premier sur Guillaume Kulakowski's blog.

When running all my shell as a Distrobox containers, Ctrl-Shift-N in foot doesn’t work (see this ticket for the explanation), because it doesn’t know anything about the process running inside of it, so it doesn’t know what’s the $PWD of the shell running in it. I was struggling with this for a year, and I have never came with a good solution. I found a suggestion to parse the window title to get the current directory, but I see that my window title is more broken than anything, so it seems really unreliable.

However, these thoughts lead me towards thinking about those weird OSC strings and particularly OSC-7. I liked particularly the idea of a dedicated OSC-7 handler (further discussion is for fish, porting to POSIX shells is left as an excercise for the reader). So, when I rewrite __fish_update_cwd_osc like this (leaving $PWD in a special file), I have current directory in /tmp/.osc7_cwd:

function __fish_update_cwd_osc --description 'Notify terminals when $PWD might have changed' \
    --on-variable=PWD --on-event=fish_prompt
    set -l host $hostname
    if [ "$TERM" = dumb ]
        return
    end

    set -l enc_pwd (string escape --style=var -- $PWD)
    printf \e\]7\;file://%s%s\a $host $enc_pwd

    printf $host\t$enc_pwd >/tmp/.osc7_cwd
end

(if you are using one of terminal emulators mentioned in the original code, you need to acommodate for them too)

And then, when I add this snippet to my ~/.config/fish/config.fish:

if status is-interactive
    # Commands to run in interactive sessions can go here
    set -l cwd_file /tmp/.osc7_cwd
    if test -r $cwd_file
        set -l new_cwd (string split \t (cat $cwd_file))[2]
        cd (string unescape --style=var $new_cwd)
    end
end

then a new shell (ANY new shell) starts in the same directory as the one which changed $PWD last time.

It is probably not the ideal solution, but five seconds into using it, it seems like something which could work for me.

I am certain that the other shells could achieve the same, but this makes me appreciate an extreme versatility and elegance of fish.

2025 is almost gone now, so I thought I would look back on the year for some interesting high and low lights. I'm sure to miss some things here, or miss mentioning someone who did a bunch of work on something, but I will do my best.

Datacenter moves

There was one gigantic Datacenter move, and one smaller one. Overall I am glad we moved and we are in a much better situation for doing so, but I really hope we can avoid moving more in 2026. It takes so much planning and energy and work and there is so much else to do that has to be put on hold.

As a reminder, some of those advantages:

We have lots of new machines. They are newer/faster/better in almost every way.
dual 25G links on all the new machines (and 10G on old ones)
all nvme storage in new machines
space to expand for things like riscv builders and such.
ipv6 support finally

So much of my year was datacenter moves. :(

Scrapers and outages

This year was sadly also the year of the scrapers. They are hammering pretty much everyone these days and it's quite sad. We did deploy anubis and it really helped a lot for most of the scrapers, but the's another group of them it wasn't able to. For those before the holidays I just tossed enough resources at our stuff that they can scrape and we can just not care. I'm not sure what next year will look like for this however, so we will just keep doing the best we can. I did adjust caching some that also really helped (all the src static files are cached now).

There were also a number of outages toward the end of the year, which I really am not happy about. There were a number of reasons for them:

A tcp_timeout issue which turned out to be a firewall bug that was super hard to track down.
The scrapers causing outages.
I myself caused a few outages with a switching loop of power10 lpars. ;(
Various smaller outages.

We have dicusssed a bunch of things to improve outages and preventing them, so hopefully next year will be happier on that front.

Power10

Speaking of power10, that was quite the saga. We got the machines, but the way we wanted to configure them didn't end up working so we had to move to a much more complex setup using a virtual hardware management console appliance and lpars and sr-iov and more. It's pretty complex, but we did get everything working in the end.

Fedora releases

We got Fedora 42 and 43 released this year, and pretty much on time too. 43 seems to be a release with a lot of small issues sadly, not sure why. From the postgresql upgrades, dovecot changing config format completely, nftables not enabled and matrix-synapse not being available, my home upgrades were not as smooth as usual.

Home Assistant

This was defintely a fun year of poking at home assistant and adding sensors and tweaking around with it. It's a nice fun hobby and does give you real data to solve real problems around your house. Also, all your data is your own and stored locally. This has really turned my perception of iot things all around. Before I woulde deliberately not connect things, now I connect them if they can be made only to talk to my home assistant.

I added a weather station, a rain guage, a new zigbee controller, a bunch of smart power plugs and temp sensors, and much more. I expect more on the way in 2026. Just when I think I have automated or instermented everything, there's a new thing coming along.

AI

I'm still in the 'There are in fact use cases for LLM's' group, but I am pretty weary of all the people wedging them in where they are not in fact a good use case, or insisting you find _some_ case no matter what.

I've found some of them useful for some things. I think this will continue to grow over time, but I think we need to be measured.

On the other side I don't get the outrage for things like calibre adding some support for LLM's. Its there, but it does exactly nothing by default. You have to set it up with your desired provider before it will do anything. It really doesn't affect you if you don't want to use it.

laptop

I have stuck with using my Lenovo slim 7x as my main laptop for most of this year. The main thing I still miss is webcam working (but I have an external one so it's not the end of the world). I'm looking forward to the X2 laptops out in the next few months. I really hope qualcomm has learned from the X1 ones and X2 will go better, but time will tell.

Fedmsg finally retired

We finally managed to turn off our old message bus. It took far too long, but I think it went pretty smoothly overall in the end. Thanks to much to Michal Konečný for doing everything around this.

nagios (soon to be) retired

Thanks to a bunch of work from Greg Sutcliffe, we have our zabbix setup pretty much done for a phase one and have officially announced that nagios is going to be retired.

iptables finally retired

We moved all our iptables setup over to nftables. There were a few hiccups, but overall it went pretty smoothly. Thanks to James Antill for all the work on this.

Blogs

I wrote a bunch more blogs this year, mostly for weekly recaps, but also a few home assistant review blogs. I find it enjoyable to do the recaps, although I don't really get much in the way of comments on them, so no idea if anyone else cares about them. I'll probibly continue to do them in 2026, but I might change it to do them sunday night or friday so I don't have to think about doing them saturday morning.

The world

The world was very depressing in 2025 in general, and thats speaking as someone living life on the easiest difficulty level ( https://whatever.scalzi.com/2012/05/15/straight-white-male-the-lowest-difficulty-setting-there-is/ ) I really hope sanity, science and kindness can make some recovery in 2026.

I'll probibly see about doing a 'looking forward to 2026' post soon.

comments? additions? reactions?

As always, comment on mastodon: https://fosstodon.org/@nirik/115794282914919436

At the TUG2025 conference, I presented a talk about the development of a new colour font, which does automatic syntax highlighting for TeX documents/snippets. The idea was floated by CVR, and was inspired by a prior-art of HTML/CSS syntax highlighting font by Heikki Lotvonen.

Syntax highlighting is achieved by specialized grammar files or packages on desktop applications, code editors, the Web, and typesetting systems like TeX. Some of these tools are heavy (e.g. prism.js or pygmentize package). A light-weight alternative would be a font that uses recent OpenType technologies to do syntax highlighting of code snippets. I developed such a font, for highlighting TeX code snippets.

Fig. 1: OpenType colour font doing syntax highlighting of TeX document.

There are some novelties in the developed font:

It supports both COLRv0 and COLRv1 colour format specifications (separate fonts, but generated from the same source).
Supports plain TeX, LaTeX2 and LaTeX3 macro names.
A novel set of OpenType shaping rules for TeX syntax colouring.

The base font used is M+ Code Latin by Coji Morishita. The details of the development, use cases, and limitations can be found in the 46:2 issue of the TUGboat journal publication. The binary font and sources are available at RIT fonts repository.

Webtop یک کانتینر است که به شما اجازه می‌دهد یک دسکتاپ کامل لینوکسی (با توزیع‌هایی مثل Alpine، Ubuntu، Arch، Fedora و غیره) را داخل مرورگر وب اجرا کنید. یعنی از طریق هر مرورگر مدرن، دسکتاپ یا همان «میزکار لینوکس» داشته باشید. مهم‌ترین ویژگی‌ها پشتیبانی از چند توزیع و محیط دسکتاپ: Webtop با توزیع‌ها و محیط […]

The post اجرای دسکتاپ لینوکس در مرورگر با Webtop first appeared on طرفداران فدورا.

We Make Fedora

January 27, 2026

What we have completed

The Final Phase: Transition to Default

Timeline & Expectations

How to prepare and provide feedback

Polina Malaja and domain name censorship facilitating plagiarism

The Curse of Being Chosen

Being chosen is the oldest trick in the book.

Proton

Steam

Enjoy!

January 26, 2026

January 24, 2026

Infra tickets migrated to new forejo forge

Mass rebuild finished

Scrapers redux

Infra Sprint planning meeting

comments? additions? reactions?

January 23, 2026

The punishment in perspective

Trolling credentials

Judge fooled

Garrett publishing defamation about Dr Jacob Appelbaum

On Ted Walther, prostitute defamation, drugs & Debian

If you have a real concern about abuse, don't waste time behaving like a sock puppet, go to the police

How a Melbourne seminary became the breeding ground for paedophile rings

Exclusive: Andreas Tille did not trust accusations against Dr Jacob Appelbaum

Pope Francis upholds "Billings Revolution"

HDR

Fractional scale

Asynchronous rendering

… and more

1. Installation

1.1. Using dnf4 on Enterprise Linux

1.2. Using dnf5 on Fedora

2. Modules

3. Future

4. Statistics

Table of contents

NFS on the Hypervisor

NFS Client in the VM

Build the Kernel on The Hypervisor

Install the Kernel in the VM

January 22, 2026

January 21, 2026

January 20, 2026

Phase 1. Macro expansion pass

Phase 2. Conditional evaluation

Phase 3. Section parsing and execution

Why Submit to the Flock 2026 CFP?

1. Freedom (The Open Frontier)

2. Friends (Our Fedora Story)

3. Features (Engineering Core)

4. First (Blueprint for the Future)

Important Dates & Travel Info

How to Submit to Flock 2026 CFP

January 19, 2026

Where did we end?

January 18, 2026

Features

Bug fixes

Contributors

January 17, 2026

Holidays

FESCo

Catchup

mass rebuild

forge move

Upcoming

comments? additions? reactions?

January 16, 2026

Fedora Infrastructure

CentOS Infra including CentOS CI

Release Engineering

QE

Forgejo

RISC-V

UX

January 15, 2026