Fedora is a Trademark of Red Hat, Inc, an operating system built by volunteers around the world. This page is provided so that independent volunteers can showcase our contributions to Fedora and Free Software in general. Official Fedora Download page.
|
|
I've cast my votes in Fedora Engineering Steering Comittee. The voting closes tomorrow.
As usual, I've read interview with the candidates, and then decided on my preferences. Red Hat employees get a minus, new faces get plus. There are exceptions, it's not a hard rule!
That's one of the way I contribute to Fedora. Sometimes I blog about elections. I've also been a Fedora packages for almost 18 years!
028/100 of #100DaysToOffload
In a press conference on the morning of 6 January 2026, the mayor of the Commune of Crans-Montana admits there had been no inspection for five years and they only conduct inspections on areas suspected to be high risk, such as kitchens.
After the Pulse nightclub tragedy in Macedonia, the risks of nightclub fires were re-examined and widely documented. Many European countries paid attention.
Industry magazines and web sites frequented by building inspectors and insurance specialists published extensive reports.
From a report by CROSS UK:
On 16th March 2025, a fire broke out at the Pulse nightclub in North Macedonia. Leaving 61 people dead, the fire was reportedly started by indoor fireworks igniting materials inside the club. Many people will remember similar incidents ...
... Netherlands, Romania, Russia, Argentina, the USA, Ecuador, China and Brazil. Around 1,000 people have died in such fires. ...
... the alarming global trend: mass fatalities are still occurring because of the use of pyrotechnics in nightclubs. Furthermore, the frequency and severity of these fires is a real cause for concern. ...
The British seem to get it. Their very detailed national guidance encourages business owners, building designers, inspectors and local authorities to take all measures to prevent mass death:
You need to be aware that certain functions e.g. discos, can present additional dangers for the audience, largely from the effects of over excitement and irrational behaviour; together with the higher noise level and flashing lights. In such circumstances, and particularly where there is a mainly younger audience, you should ensure that there are a sufficient number of competent and adequately trained attendants to cover an emergency situation; and a public address system which can over-ride the performance and be heard clearly in all parts of the premises will be required.
In Switzerland, however, responsibility for writing the standards and enforcing them is split across twenty six different cantons and hundreds of tiny little communes / municipalities.
How many Swiss cantons did an audit after Pulse nightclub? How many did nothing?
The CROSS-UK research report was shared widely and ignited a debate in the industry. International Fire & Safety Journal was one of many outlets to direct people towards the CROSS-UK report.
Is it possible that somebody in at least one Swiss canton read that report and decided to do an audit?
Even if the Swiss authorities find a defect, how long does it take before they protect the public? Look at the case of the illegal legal insurance firm, Parreaux, Thiebaud & Partners. It is alleged that authorities knew about the firm since 2018 but didn't take enforcement action until 2023.
Look at Grenfell Tower and the insulation company. Internal documents show that the manufacturer, Kingspan, knew about fire risk and covered it up.
From the BBC's news report about the inquiry:
Kingspan was dishonest and cynical, Grenfell Inquiry finds
The report published on Wednesday found Kingspan, which is headquartered in County Cavan, was not directly responsible for the fire but showed "complete disregard for fire safety" in how it marketed one of its products.
It also demonstrated "deeply entrenched and persistent dishonesty...in pursuit of commercial gain".
How many building control specialists followed the reports about the Grenfell tragedy and expanded their practice to include the insulation foams, accoustic foams and similar products?
In comments quoted by Le Temps and many other media outlets, I feel the canton's prosecutor, Béatrice Pilloud is now being evasive about the width of the exit staircase:
En ce qui concerne l’étroitesse de l’escalier, j’ai vu l’escalier. J’ai été constaté également sur place, qu’est-ce qu’un escalier étroit, en fait, finalement?
Translated to English:
On matters concerning the narrowness of the staircase, I saw the staircase. I contemplated that on site, what is a narrow staircase, ultimately?
Looking back to the UK regulations, they would simply take out a measuring tape and give us an answer in millimeters. Then they would compare it to the minimum widths in the regulations. Pilloud spent most of her career working as a defense lawyer and when I look at the way she avoided a direct question about the width, I feel that rather than looking for every possible reason to advance the prosecution, she is falling into the habits she developed as a defence lawyer and trying to avoid putting any facts in the open that could become landmines for her political cousins who run the canton and the communes.
In fact, we saw similar phenomena when people made abuse reports. The church appointed a lawyer with the title of "Independent Commissioner" and encouraged victims to take their complaints to him for assessment. The Royal Commission heard allegations that he wasn't active enough in encouraging people to make police reports and some evidence was leaked to other lawyers acting to defend the church:
The Catholic Church's independent commissioner was unable to explain how he received confidential information from a victim of serial paedophile priest Kevin O'Donnell or why it was passed on to the church's lawyers in an apparent breach of confidentiality.
The Royal Commission also raised concerns about the independence of Peter O'Callaghan, QC, who has investigated allegations of clerical abuse for the past 18 years under the church's controversial Melbourne Response.
The church's law firm Corrs Chambers Westgarth was also questioned over its handling of files and sensitive information from three separate arms of the Melbourne Response, which claim to be independent of each other.
One of Mr O'Callaghan's first duties as a lawyer involved representing the concerns of my grandparents in the Liquor Royal Commission. This is ironic, of course, because the late Cardinal Pell would subsequently be prosecuted in relation to allegations involving two choir boys who went looking for the sacramental wine.
The Liquor Royal Commission sought to examine all aspects of the industry, from the viability of small businesses to the safety of the public.
In Switzerland, authorities were considering a proposal to relax fire safety regulations but that has now been put on hold and the consultation extended.
Stéphane Ganzer, the security minister who previously worked as a fireman, told us that they use the same candles / sparklers in every venue without a problem and there must have been a more serious defect in the building that allowed it to catch fire.
After looking at the videos of the moment when the fire started, the media speculated if it was an accoustic foam that was not in conformance with fire regulations.
Now, with the media briefing of 6 January, the commune has admitted that the accoustic foam was inspected only a few weeks ago to ensure it is adequate for noise prevention but they do not mention whether any control of fire safety is performed in the same audit.
This suggests that the neighbors and the commune were so concerned with enforcing Switzerland's super-strict regulations on noise emissions after 10pm that they forced the children into this dangerous underground bunker run by a convicted pimp.
Every Swiss parent knows where their fifteen year old hangs out on a Saturday night if for no other reason than the fact somebody has to drive there to pick them up. Le Constellation was no secret.
As noted in a previous report, the three most senior political figures in the canton all live in the immediate vicinity of Le Constellation. How many times have they been there to pick up their own children after a party?
Liquor licensing, police and fire inspectors normally make random visits to high-risk venues during trading hours. This is well known throughout the world. Does this type of inspection happen from time to time in Valais?
Did the owner, who appears to be a chef, really do the load-bearing walls and the electrical work entirely by himself or did an architect, engineer or electrician provide oversight at various moments during the project?
Journalists found various photos published by the owners during the construction works. Who are all the other people in the photos? Do any of them have professional responsibility or will they be given anonymity?
How many other premises in Canton Valais had assistance from the same engineer and architect? Will the owners of other premises be given anonymity too?
Are there any cantons in Switzerland where the architects and engineers are required to be qualified as in some other countries or can anybody work in these professions, even without a degree?
From a Swiss construction web site:
Job title
The professional title "architect" is not protected in Switzerland. This means that, in principle, anyone can call themselves an architect.
In this "uncontrolled growth", the Bachelor's degree in architecture from a federally accredited university (universities of applied sciences, universities) is a recognized seal of quality. It leads to the title "Bachelor of Arts [FH/UH] in Architecture".
Authorization to practice the profession
Who is allowed to work independently as an architect is regulated by the cantons. There are cantons (e.g. GE, VD, NE) in which the architectural profession is regulated and a license and proof of professional qualifications are required to practice. In other cantons, the profession is not regulated.
What is the role of the insurance company? Did they know they were insuring a night club full of teenagers or were they tricked? Do they require policyholders to have any inspections or certifications above and beyond those mandated by the local municipality?
Look at JuristGate, it looks like one of the women who worked for the rogue insurance company was immediately given a job at another insurance company. Were the insurance companies in collaboration with the Swiss authorities to cover up the extraordinary levels of incompetence?
Looking through the meeting minutes of the municipality, the canton and the federal parliament, can we find previous discussions about the regulation and inspection of night clubs and similar spaces?
Look at how the politicians are hyper-sensitive about foreign people coming to work in Switzerland but they made no scrutiny of these foreign people setting up a high-risk business where children go on Saturday nights and New Year's Eve.
Many other people interacted with Jacques Moretti and Jessica Maric throughout the ten years they spent renovating and operating businesses in Crans-Montana. A genuinely thorough investigation might raise uncomfortable questions about each of their collaborators and all the other premises where any of the same collaborators have had a role in design, construction or supervision. Switzerland is only a small country where everybody is related to everybody else. For that reason, many people would prefer not to open up that can of worms at all because they don't know how many other people might be brought down with the Morettis.
This was never just about the candles or the Morettis.
Please see the rest of the JuristGate reports.
After 2005 again in 2025 I wrote only 8 blog posts. The year was difficult in many different ways. But, from September things became a bit better. I could not do a lot of things which I thought I would do, or rather I promised to do.
I hoping to catch up on those promises in the coming months. That not only includes blog posts on vairous things I am writing/building, but also I have a huge backlog of photos to work on and publish.
Voting is currently open for the Fedora Engineering Steering Committee (FESCo). You have approximately 2 days and 9 hours remaining to participate.
DEADLINE: 2026-01-07 at 23:59:59 UTC
VOTE HERE: https://elections.fedoraproject.org/about/f43-fesco
Please ensure your ballot for the Fedora Linux 43 FESCo Elections is cast before the cutoff.
The post DEADLINE 2026-01-07: Fedora Linux 43 FESCo Elections appeared first on Fedora Community Blog.
I wanted to highlight this interesting new keyboard stabilizer design that the Typeplus Stabilizer offers. It has a hooked wiring ending insert which basically slides/glides along an internal track within the stem housing when actuated. With only a little bit of lube needed, there is no wire ending rattling or ticking that can occur because of that simple hooked wire and track movement design. I will be testing these out first in the 7U spacebar on the Mode Envoy!
Kit: https://kbdfans.com/products/typeplus-x-yikb-screw-in-stabilizer
Long screen cap warning: I recently went back to reimplement a test program I started of a basic VPN TUN application. I implemented a similar version of the work that I placed in the OpenVPN framework but with a highly-modified ARC4 stream cipher.
Source: https://github.com/stoops/vpn/tree/main
This example code will first load in 88-bits worth of /dev/urandom data into an initial seed variable which will then feed the first 32-bits into the srand() algorithm seed. Then the regular rand() function can be used to mix in the generated random data into the seeded random data to create a new stream of random output data to be used by the application.
I tried to make some free apps for both OS’s (MacOS and iOS) and I will try to keep them going into the new year. Looks like I will need to dedicate some work on the newer TurnTable app as it is showing 10 crashes, however, I’m not sure how to be able to determine or debug why the app may have crashed for some users yet… 
It is once again that pre-GSoC time of year where I go around asking GNOME developers for project ideas they are willing to mentor during Google Summer of Code. GSoC is approaching fast, and we should aim to get a preliminary list of project ideas by the end of January.
Internships offer an opportunity for new contributors to join our community and help us build the software we love.
@Mentors, please submit new proposals in our Project Ideas GitLab repository.
Proposals will be reviewed by the GNOME Internship Committee and posted at https://gsoc.gnome.org/2026. If you have any questions, please don’t hesitate to contact us.
Release Candidate versions are available in the testing repository for Fedora and Enterprise Linux (RHEL / CentOS / Alma / Rocky and other clones) to allow more people to test them. They are available as Software Collections, for parallel installation, the perfect solution for such tests, and as base packages.
RPMs of PHP version 8.5.2RC1 are available
RPMs of PHP version 8.4.17RC1 are available
RPMs of PHP version 8.3.30RC1 are available
ℹ️ The packages are available for x86_64 and aarch64.
ℹ️ PHP version 8.3 is now in security mode only, so no more RC will be released.
ℹ️ Installation: follow the wizard instructions.
ℹ️ Announcements:
Parallel installation of version 8.5 as Software Collection:
yum --enablerepo=remi-test install php85
Parallel installation of version 8.4 as Software Collection:
yum --enablerepo=remi-test install php84
Update of system version 8.5:
dnf module switch-to php:remi-8.5 dnf --enablerepo=remi-modular-test update php\*
Update of system version 8.4:
dnf module switch-to php:remi-8.4 dnf --enablerepo=remi-modular-test update php\*
ℹ️ Notice:
Software Collections (php84, php85)
Base packages (php)
The author of these reports is Daniel Pocock, a member of Engineers Australia, Engineers Ireland and an elected representative of the Free Software Fellowship.
Mr Pocock is a citizen of Australia, Ireland and Switzerland.
Mr Pocock was granted Swiss citizenship in the Canton of Vaud, which is adjacent to the bilingual Canton of Valais where the tragedy occurred.
Valais can be thought of as the New Hampshire of Switzerland, a region where businessmen enjoy minimal regulation.
Valais is the third largest canton but it only has a population of 350,000 people. The population is relatively wealthy by European standards but on the other hand, they don't have the depth and breadth of skills that can be found in more populated cantons like Zurich and Geneva.
In Switzerland, each Canton operates with significant autonomy and the federal government has a rather insignificant role in comparison to other countries.
While standards in construction are agreed at a national level, it is the responsibility of each canton to enforce the standards in local premises.
Pocock's first blog after the fire found evidence the night club's owner had done the internal fit-out himself back in 2016:
(Translated to English) It was love at first sight! This Corsican businessman decided to open a business. Conveniently, Le Constellation, in the center of Crans, was for sale. He had to wait until June 2015 to sign the agreement. For six months, Jacques Moretti rolled up his sleeves and completely renovated the establishment. "I did almost everything myself. Look at these walls, there are 14 tons of dry-stone masonry, and the stones come from Saint-Léonard!" Since December 2015, Le Constellation has been showcasing Corsican products: cured meats, wines, beers, myrtle liqueur, and even chestnut-flavored whisky. "But mind you, I'm also keen to feature local Valais products. You have some excellent wines here; it's a pleasure to serve them to my customers." The Corsican admits he feels very much at home here. "You know, we're alike. We're both mountain people at heart. Stubborn, perhaps, but above all, very kind."
French TV channel BFMTV subsequently published statements from witnesses. The statements were repeated by Le Temps in Geneva:
The Hypothesis of a flame on a bottle
The testimony of two French women, gathered by BFMTV, is striking. The two witnesses, who were in the bar that night, recount the panic that seized the customers of Le Constellation and the stampede triggered by the fire.
They mention the use of "candles" placed in champagne bottles. One of them was reportedly held close to the ceiling. "In a few dozen seconds, the entire ceiling was on fire. Everything was made of wood," the two customers recount. They describe how a loud order had been given and a female member of the staff climbed onto a male colleague's shoulders. The fire then spread up to the ground floor of the establishment, they say. Panicked, the customers tried to escape through the exit door. "It was quite small compared to the number of people present. Someone broke a window so that people could get out," one of them adds.
The Canton of Valais shares borders with France and Italy. Shortly before the fire, the new French ambassador was presented to Switzerland in a ceremony in Valais, at the Opal Foundation, the very same location where the local authorities conducted their media briefing after the fire.
On the morning after the fire, four local Swiss officials attended the media briefing. News reports emphasized their roles: the president of the canton, the minister for security, the attorney general and the chief of police. All except the last, the police chief, are political appointments.
By coincidence, three of these four people live in immediate proximity to Crans, where the fire occurred and Lens, where the business owner has another restaurant, Le Vieux Chalet 1978. People need to ask how many times they visited these businesses personally. How well did they know the proprietor and staff?
The attorney general's husband, Francois Pilloud, operates a local winery. In a small canton like Valais, these families have a common interest in promoting the canton as a destination for tourists. The night club owner told the media that he likes to serve wines from local producers in Valais.
During the course of the rescue operation, authorities made their own videos of the police and firemen at work. In the morning, they published a two minute montage of videos emphasizing all the equipment and people mobilized to respond to the crisis.
However, the video is uncomfortable to watch. It feels like a public relations exercise was under way even before the bodies started to be removed and counted. The video showcases all the expensive equipment possessed by canton Valais but the video doesn't tell us anything about their competence for building inspections.
In July 2024, a scaffolding collapsed outside a shopping center in Lausanne, canton Vaud. People died. There were international news reports about the tragedy. Searching online today, I couldn't find any evidence that anybody ever conducted a public inquiry or published a report.
In October 2022, a massive construction crane collapsed beside the University of Lausanne (UNIL). The crane collapsed onto the concrete foundations sending a shockwave through the region. Many people who felt the shockwave feared an accident in the EPFL nuclear reactor. The authorities eventually told us that only one person died. Once again, I can find no further reports about inquiries or public reports about the accident. The accident occurred in Chavannes-près-Renens, the same commune where I was naturalized as a Swiss citizen. I was in the region on the very day of the accident.
Remember the referendum on corporate accountability (Responsible business initiative)? Canton Valais was one of the Cantons that voted No to accountability.
Look at how three of the four senior officials managing the crisis are personally domiciled in the immediate neighbourhood of the nightclub. In a canton with such a small population, it is very likely that some or all of these officials have frequented the businesses owned by Jacques Moretti.
Mathias Reynard is the president of the canton Valais. His official profile tells us that he is domiciled in Savièse, which is adjacent to Lens and Crans. He is a member of the Parti socialiste.
Stéphane Ganzer is the canton's minister for security. His official profile tells us he is domiciled in Veyras which is half way up the hill going to the Crans-Montana resort. Ganzer has twenty years experience as a fireman and this is more valuable than his job as a politician in the circumstances. He is a member of the PLR.Les Libéraux-Radicaux political party.
Frédéric Gisler is the police chief for canton Valais. A public announcement about his appointment gives us details about his career history. The report notes that he has worked as a police inspector, as a prosecutor and as a greffier. In a previous report about corruption, we demonstrated how a greffier is able to exercise the powers of a judge. A prosecutor exercising judge-like powers is a huge conflict of interest. The previous report made the remarkable revelation that Mathieu Parreaux, founder of the illegal legal insurance scheme, had worked as the greffier, similar to a judge, in the tribunal of Monthey. Coincidentally, Monthey is also in the Canton of Valais and Gisler is from Vernayaz, which is much closer to Monthey than the other individuals mentioned here.
Béatrice Pilloud is the attorney general or chief prosecutor for the canton. Her declaration of interests tells us she is a member of the PLR.Les Libéraux-Radicaux political party, that is, the same party as the canton's security minister. Is it appropriate for both of these roles to be linked politically? Her husband is Francois Pilloud. He is a co-owner of the PaP Vins winery and tourism business.
Béatrice Pilloud spent more than twenty years working as a criminal defence lawyer before she decided to work as the attorney general. Therefore, she has switched sides. Is this fair to all the clients she represented and defended over the years?
When people have all these powers and conflicts of interest, it is easy to see how they could use their powers to either cover something up, to punish whistleblowers or to designate somebody as a scapegoat and deceive the public about who is really at fault.
Over 100 survivors have suffered severe and critical injuries from burns and the inhalation of smoke. The crisis teams in three of Switzerlands biggest hospitals are fully occupied treating these unexpected casualties on a public holiday. Yet the Canton of Valais has told visitors in other ski resorts they can continue to ski as long as they don't have accidents.
The earlier blog about the subject identifies Jacques Moretti and his spouse Jessica Maric as co-proprietors/founders of the business where the tragedy occurred.
Ireland suffered a similar tragedy, the Stardust nightclub fire in 1981. Forty eight people died. Forty five years later, the families are still waiting for answers. As a citizen of both Ireland and Switzerland, it bothers me that the same lightning has struck two countries.
The JuristGate investigation found much the same phenomena. FINMA never gave any information to people who purchased the illegal legal insurance. They only published a redacted and anonymized version of their judgment six months later. The JuristGate web site has unredacted it so people can see how Switzerland covers up crime and incompetence.
It is entirely possible that people have committed suicide due to the financial and insurance crisis in Switzerland. These deaths are every bit as bad as the deaths in Le Constellation.
When people like Mr Pocock try to offer professional advice, for example, after the Debian suicide cluster, they are subject to public humiliation and threats of violence (recorded). The lawyers, politicians and small business owners are a group of kissing-cousins. Protecting the reputations and business interests of their families and friends is inextricably intertwined with covering up all the people who failed to prevent this disaster.
Look at the mayor of Basel, Diana von Bidder-Senn. They tell us that she has a PhD in cybersecurity from ETH Zurich but she didn't realize that her own husband was under the influence of social engineering. Can there be any more extreme example of social engineering than a victim who dies by suicide? IBM's annual Cost of a Data Breach report regularly concludes that social engineering is the number one risk for their clients.
JuristGate reports have been published in the hope that Swiss authorities can raise their standards in relation to both cybersecurity and fire safety.
Please see the rest of the JuristGate reports.
A news report appeared about the Geneva airport setting up a zone to welcome family members coming to search for missing and injured victims of the tragic fire at Le Constellation in Crans-Montana, Valais.
My first thought upon reading this report is that it could be a trap, or at the very least, part of a public relations exercise to divert these family members from contact with the journalists and lawyers waiting to greet them.
Incidentally, a lot of journalists are now using ProtonMail, which is based in Switzerland and subject to surveillance by Swiss police. Remember how Arjen Kamphuis disappeared.
My fears about the "welcome zone" for families are well founded: this is exactly what they did to victims of Parreaux, Thiebaud & Partners, the JuristGate scandal.
In April 2023, the Swiss financial regulator, FINMA, made a judgment shutting down the illegal legal insurance scheme. They did not publish the judgment, they did not inform the clients and they did not offer any compensation to the clients whatsoever. To minimize media attention on the ponzi scheme run by Swiss jurists, they issued the judgment simultaneously with the much bigger Credit Suisse crisis.
In September 2023, as the FINMA director was resigning for health reasons, FINMA published a heavily redacted document about an enforcement action that had taken place at some unspecified moment during his tenure. Despite the effort to redact the document, they had inadvertently included an acronym in the filename allowing us to prove the link to JuristGate.
Within days, Daniel Pocock published his first damning exposé on the cross-border scandal.
It looks like at least one of the former employees of the illegal legal insurance company was given help to find a new job so that she would stay quiet about the scandal.
FINMA has never offered any compensation to Mr Pocock and his family.
On 1 November 2023, Mr Pocock was granted Swiss citizenship in the Canton of Vaud.
Shortly after the publication, Mr Pocock began receiving increasingly nasty threats of violence. Mr Pocock recorded people coming to his home uninvited and making threats.
Here is one of the threats from a lawyerist:
Subject: Justcia SA Date: Wed, 13 Dec 2023 17:59:27 +0100 From: Joao Rodrigues Boleiro <joaoboleiro@hotmail.com> To: daniel@pocock.pro Monsieur, Je viens de voir que vous me citez dans votre blog sous le nom de João Boleiro et sans avoir obtenu mon autorisation. Je ne veux pas mêler aux affaires de M. Parreaux. Mon activité en qualité de juriste, titulaire du brevet d’avocat, s’est terminée avec la liquidation de la société Justicia SA. Dès lors, je vous serai gré de retirer immédiatement mon nom de votre blog, faute de quoi je dépose une plainte pénale à votre encontre. Cordialement, Joao RODRIGUES Chemin De-Maisonneuve, 5 1219 Châtelaine
Mr Pocock replied and received more threats, just days before Christmas:
Subject: Re: Justcia SA Date: Wed, 13 Dec 2023 17:10:12 +0000 From: joao rodrigues <joaoboleiro@hotmail.com> To: Daniel Pocock <daniel@pocock.pro> Le problème que vous citez concerne directement M. Parreaux et je vous invite à lui formuler vos doléances. Toutefois, en droit Suisse, vous ne pouvez pas citer une personne sans son autorisation, d'autant plus si cela lui porte atteinte à son honneur (art. 173ss CP). Partant, je maintiens ma demande et n'hésiterai pas à déposer une plainte pénale si vous ne retirez mon de votre blog. Cordialement, João Rodrigues
At 08:30 on 1 January 2026, Mr Pocock's blog was the first to find and publish links to old news reports about owners of Le Constellation doing the renovations by themselves.
Within two days, every media outlet is now running the story that these people have been charged with negligent homicide.
Mr Pocock warned the public that they have at least two other businesses, Le Senso in Crans-Montana and Le Vieux Chalet in Lens (VS) and they have done the construction work themselves in at least one of those businesses.
According to a report in Le Temps, the maximum sentence these people would face is four and a half years in prison. That is less than the sentence given to legendary human rights activist Gerhard Ulrich for creating the Swiss-Corruption.com web site.
The news reports today tell us that the Crans-Montana suspects, facing charges relating to forty deaths and over one hundred seriously injured victims, have been released on unconditional bail. They are even free to travel outside Switzerland. Yet when Gerhard Ulrich dared to publish information about the absurd behaviour of Swiss jurists, they sent the TIGRIS commando unit to molest him and lock him up.
This is grim news: if the foreign journalists, Swiss journalists, the victims or their family members make any "critical commentary" about the Swiss authorities, the building inspections or the suspects, even daring to publish the names of the suspects on social media, they could all be arrested on "criminal speech" charges.
This is no exaggeration: that is exactly what the jurist Rodrigues-Boleiro wrote above with his reference to Art. 173ss CP of the Swiss Criminal Code.
In 2011, Adrian von Bidder-Senn died on the same day Mr Pocock got married. The widow, Diana von Bidder-Senn, became mayor of Basel. There have been countless vendettas against Mr Pocock and his family over more than fifteen years. Mr Pocock has not committed any crime. His presence is a reminder of the possibility that a Swiss citizen, Adrian von Bidder, could be so unhappy that they would take their own life. So they want to snuff out Mr Pocock too so they can pretend everybody is happy. What does it mean to be Swiss?
The Debian suicide cluster, as a whole, is just as bad as the deaths in Le Constellation.
Some of the suicide victims had referred to the behaviour of the overlords. The overlords will do anything to avoid scrutiny of their behaviour. The Swiss jurists habitually gravitate towards the side who has the most money.
The von Bidders are both graduates of the elite ETH Zurich university. On the anniversary of the September 11 attacks, another ETH Zurich employee and Debianist, Axel Beckert, signed a demand asking Swiss authorities to violently attack Mr Pocock and destroy all of his computers and other evidence about the possibility that a Swiss graduate of the ETH Zurich had committed suicide on Mr Pocock's wedding day.
Well done ETH Zurich. Well done Switzerland.
Look again at the emails from Joao Rodrigues-Boleiro and compare them to the demands from ETH Zurich. They are not complaining about any real crimes. They are sooking hysterically about an unpaid volunteer who put his finger on the truth and dared to publish it.
Let's go back to the case of Joao Rodrigues Boleiro. His emails to Mr Pocock do not disclose his relation with the police. In fact, according to his LinkedIn profile, he has also worked as an in-house jurist for the police departments in both canton Valais and canton Geneva.
The founder of the illegal legal insurance scheme, Mathieu Parreaux had worked as a greffier in the tribunal of Monthey, Valais at the same time that he was selling illegal legal protection insurance. That was also around the same time that Joao Rodrigues Boleiro was working with the police and attorney general (procureur / Ministère public) in Sierre and Sion, canton Valais.
Therefore, by identifying the history of Joao Rodrigues Boleiro today, I want to ask the question: how long did Rodrigues-Boleiro's police colleagues know that he quit his police job to go and work for a scam?
After all, Mathieu Parreaux told us on his own LinkedIn post that the authorities knew his company was a scam since 2018, well before the time Joao Rodrigues Boleiro decided to quit his police job and join the insurance racket.
FINMA shut down the illegal legal insurance in April 2023 but even more than a year later, Joao Rodrigues Boleiro was still listed in the Canton Geneva police directory as one of their own jurists.
When he sent the email threats to unpaid volunteer Mr Pocock in December 2023, Joao Rodrigues Boleiro did not show Mr Pocock his police badge or reveal anything about his connections to the police department.
When UBS was being prosecuted in 2010, Mr Pocock went to Switzerland in good faith to help them improve their business processes. But some of the native Swiss people are the most deeply racist crackpots Mr Pocock has ever encountered. Some of these people are deeply jealous of professionals like Mr Pocock who were born in other countries and speak Swiss languages with an accent. They are too stubborn to listen and they use the police to hide their own sheer incompetence. Now forty of their own children are dead and over one hundred have been scarred for life by third degree burns.
On 15 January 2023, Mr Pocock dared to speculate what a model police officer looks like. A few weeks later, the police officer identified by Mr Pocock was awarded the National Emergency Medal for his efforts during the Australian bushfires. In other words, Victoria Police have had their best and brightest watching Mr Pocock for a long time. A rogue employee of ETH Zurich, which claims to be a leading research institution, tried to organize a lynching because Mr Pocock is a reliable judge of character.
That point needs to be emphasized: Mr Pocock called out his old friend as an exemplary police officer and the person in question won the National Emergency Medal. On 9 September 2023, Mr Pocock told the Cambridgeshire coroner about the risks of the Debian toxic culture and three days after that warning, the next victim died. Mr Pocock has an uncanny habit of being right about people. Snobby people have a fit when you hold a mirror up to them.
Look at how Joao Rodrigues Boleiro from the Canton Valais police and Axel Beckert from ETH Zurich tried to bully Mr Pocock into silence in the documents cited above.
Amnesty International published a report about the Swiss police using violence to "arrest" and sexually abuse Trevor Kitchen for his reports about financial corruption.
Trevor Kitchen, a 41-year-old British citizen resident in Switzerland, was arrested by police in Chiasso (canton of Ticino) on the morning of 25 December 1992 in connection with offences of defamation and insults against private individuals. In a letter addressed to the Head of the Federal Department of Justice and Police in Berne and to the Tribunal in Bellinzona (Ticino) on 3 June 1993 he alleged that two police officers arrested him in a bar in Chiasso and, after handcuffing him, accompanied him to their car in the street outside. They then bent him over the car and hit him around the head approximately seven times and carried out a body search during which his testicles were squeezed. He claimed he was then punched hard between the shoulder blades several times. He said he offered no resistance during the arrest.
He was then taken to a police station in Chiasso where he was questioned in Italian (a language he does not understand) and stated that during the questioning "The same policeman that arrested me came into the office to shout at me and hit me once again around the head. Another policeman forced me to remove all of my clothes. I was afraid that they would use physical force again; they continued to shout at me. The one policeman was pulling at my clothes and took my trouser belt off and removed my shoe laces. Now I stood in the middle of an office completely naked (for 10 minutes) with the door wide open and three policemen staring at me, one of the policemen put on a pair of rubber surgical gloves and instructed me to crouch into a position so that he could insert his fingers into my anus, I refused and they all became angry and started shouting and demonstrating to me the position which they wanted me to take, laughing, all were laughing, these police were having a good time. They pointed at my penis, making jokes, hurling abuse and insults at me, whilst I stood completely still and naked. Finally, when they finished laughing, one of the policemen threw my clothes onto the floor in front of me. I got dressed."
He was transferred to prison some hours later and in his letter claimed that during the night he started to experience severe pains in his chest, back and arms. He asked a prison guard if he could see a doctor but the request was refused and he claimed the guard kicked him. He was released on 30 December 1993. Medical reports indicated that since his release he had been experiencing recurrent pain in the area of his chest and right shoulder and had been receiving physiotherapy for an injury to the upper thoracic spine and his right shoulder girdle.
Read more about the JuristGate scandal.
News reports have appeared about an explosion at the bar Le Constellation in Crans-Montana, Switzerland.
A 2016 news report from Le Nouvelliste quotes the owner of the bar around his acquisition of the establishment:
Coup de foudre! Ce commerçant corse décide d’ouvrir une affaire. Ça tombe bien, le Constellation, au centre de Crans, est à remettre. Il faudra attendre juin 2015 pour signer un accord. Durant six mois, Jacques Moretti retrousse ses manches et relooke l’établissement. «J’ai quasiment tout fait moi-même. Regardez ces murs, il y a 14 tonnes de pierres sèches, elles viennent de Saint-Léonard!» Depuis décembre 2015, le Constellation sert d’écrin aux produits corses. Charcuteries, vins, bières, liqueur de myrte et même whisky au parfum de châtaigne. «Mais attention, j’ai à cœur de présenter aussi le terroir valaisan. Vous avez de très bons vins, c’est un plaisir de les servir à mes clients.» Le Corse avoue se sentir très bien chez nous. «Vous savez, on est pareil. On est d’abord des montagnards. Avec la tête dure, mais surtout avec beaucoup de gentillesse.»
Translated to English:
(Translated to English) It was love at first sight! This Corsican businessman decided to open a business. Conveniently, Le Constellation, in the center of Crans, was for sale. He had to wait until June 2015 to sign the agreement. For six months, Jacques Moretti rolled up his sleeves and completely renovated the establishment. "I did almost everything myself. Look at these walls, there are 14 tons of dry-stone masonry, and the stones come from Saint-Léonard!" Since December 2015, Le Constellation has been showcasing Corsican products: cured meats, wines, beers, myrtle liqueur, and even chestnut-flavored whisky. "But mind you, I'm also keen to feature local Valais products. You have some excellent wines here; it's a pleasure to serve them to my customers." The Corsican admits he feels very much at home here. "You know, we're alike. We're both mountain people at heart. Stubborn, perhaps, but above all, very kind."
Jacques Moretti on LinkedIn.
The news report notes he did everything himself but doesn't pose questions about whether controlled works, such as the electrical, gas and fire safety systems, were a DIY.
The Facebook page for the bar has been taken down. The bar published a profile, with pictures and contact details, on the site of the local tourist office.
These are the details the owners chose to make public:
Rue Centrale 35
3963 Crans-Montana
constellationcransmontana@gmail.com
+41 78 717 14 86
www.facebook.com/leconstellation
Switzerland has 26 cantons and each canton maintains its own business register.
I previously had to research the scandal involving an illegal legal insurance scheme being operated across the border between Switzerland and France. The presence of records about multiple nominee owners and business entities in different cantons made it hard to find the truth. Nonetheless, the truth came out on the JuristGate web site.
Le Constellation is in the Canton of Valais and the business records can be searched in this public database.
The search reveals the owners are Jacques Moretti, a French citizen domiciled in Lens and Jesicca Maric, his spouse, who is also a French citizen.
The records mention they are domiciled in the Swiss village Lens, not to be confused with the French city of the same name.
Searching for their names finds other businesses, including Le Vieux Chalet 1978, and Le Senso.
More links
Article about the couple in Altitude Immobilier magazine
Blog about their other restaurant from food critic Gilles Pudlowski.
To read more about researching businesses in Switzerland, please see the JuristGate web site.
A few weeks ago I released Johnnycanencrypt 0.18.0. It is a Python module written in Rust, which provides OpenPGP functionality including allows usage of Yubikey 4/5 as smartcards.
This release was in response of CVE-2025-67897 against
sequoia-pgp. This forced me to update to the latest
2.1.0 release of Sequoia.
On Dec 17 we released systemd v259 into the wild.
In the weeks leading up to that release (and since then) I have posted a series of serieses of posts to Mastodon about key new features in this release, under the #systemd259 hash tag. In case you aren't using Mastodon, but would like to read up, here's a list of all 25 posts:
I intend to do a similar series of serieses of posts for the next systemd release (v260), hence if you haven't left tech Twitter for Mastodon yet, now is the opportunity.
My series for v260 will begin in a few weeks most likely, under the #systemd260 hash tag.
In case you are interested, here is the corresponding blog story for systemd v258, here for v257, and here for v256.
George and Amal Clooney have been in the news today after receiving French citizenship.
An interesting observation is that their villa is almost right next door to the Benedictine monastary established by Dom Alcuin Reid.
( Directions)
Dom Alcuin Reid is from Melbourne. He left the seminary for reasons that have not been well explained. He was invited to operate the English-speaking Benedictine monastery in the south of France. In 2022, a bishop outside France secretly ordained Dom Alcuin Reid as a priest. One of the other monks was secretly ordained as a deacon. The public and the Catholic faithful remain in the dark.
The story of secret ordinations taking place in the church reminded me of the secret demotions used to hide the Debian suicide cluster. What an uncanny coincidence. One of the victims died on our wedding day and it was Palm Sunday.
Nonetheless, the monastery invites male visitors over 18 to come and live with them and discover the monastic lifestyle. The advertisement doesn't state the fact the next-door-neighbors are the Clooneys:
Our classical Benedictine monastic observance is centred upon the solemn celebration of the Sacred Liturgy according to the older, classical forms of the Roman and Monastic Rites and is supported through our manual and intellectual work.
The Monastère Saint-Benoît welcomes all to their celebrations of the Monastic Office and Holy Mass (celebrated in Latin according to the usus antiquior) in our beautiful 10th century Romanesque church. The weekly schedule is posted here.
Men of 18 years of age or over are welcome to ask to stay in the monastery guest accommodation for a time of retreat and should contact the Guest Master. Our guest accommodation is limited. Ladies and families are welcome to arrange their own accommodation locally and are able to participate in the monastic offices, all of which are open to the public and are celebrated in the monastery church.
Monks are available for Confession or spiritual advice. The Monks welcome requests for prayer and accept intentions for Mass to be offered. Please contact us.
Men discerning the possibility of a Benedictine vocation are welcome to visit the monastery and to share in its daily life and work for an extended period. In the first instance they should write to the Prior.
The Monastery welcomes those who wish to associate themselves more formally with the prayer and the work of the community as Oblates. For further details, contact the Master of Oblates.
By coincidence, I had the fortunate opportunity to meet Mgr Rey, the former bishop of this region, at a recent event in Lyon.
Please follow the Catholic.Community web site and make it your home page.
After my talk about TeX syntax-highlighting font at TUG2025 conference, then vice-president of TeX Users Group, Boris Veytsman approached me with a proposal to develop a Math counterpart for the beautiful Arsenal font designed by Andrij Shevchenko.
What followed was a deep dive into the TeXbook to learn about math font parameters, OpenType Math specification, and related documentation & resources. Fortunately, FontForge has really good support for editing Math tables; and the base font used (KpMath-Sans by Daniel Flippo) already had all the critical parameters set (which needed slight adjustments). I started the development of Arsenal Math by integrating the glyphs for Latin letters, Arabic numerals, some symbols etc. and with proper scaling & stem thickness corrections, for regular, bold, italic and bolditalic variants, plus math calligraphic letters. In addition, a lot of Math kerning (known as ‘cut-ins’ in OpenType parlance) was added to improve the spacing.
Being an OpenType font — XeTeX, LuaTeX or some Unicode math typesetting engine (e.g. MS Word) is required to use Arsenal Math. Boris did testing and provided many feedback, and Vaishnavy Murthy graciously reviewed the glyph changes I made. The CTAN admins were quite helpful to get the font accepted into the repository. There is a style file and fontspec file supplied with the fonts to make the usage easy. The sources are available at RIT fonts repository.
Boris also donated funding for the project, but he had already paid me many folds by mailing The TeXbook autographed by Donald Knuth for me, so I requested the LaTeX devfund team to use funding for another project. Karl Berry suggested to write an article about the development process, which is published in the issue 46:3 of the TUGboat journal, and has a lot more technical details.
The learning experience of Math typesetting internals, and contributing to the TeX ecosystem has been a fulfilling spare-time work for me in 2025. Many thanks to all those involved!
On Sunday, I published some brief comments about the Eurozone, Bulgaria, fake news, inflation and bullion. Shortly afterwards, various reports appeared which contradict my own comments.
Techrights has asked Debt as the new currency?.
In fact, most banks are expected to hold some form of reserve. The reserve is actually a loan to the government. In countries with central banks, the central bank lends money to the government and it is authorized to print banknotes and make other loans. The founding of the Bank of England famously involves a loan of GBP 1.2 million to the British Government. The loan is a liability for the British government and it is an asset for the Bank of England. Off the back of this asset, the Bank can print banknotes.
Therefore, the Techrights headline was wrong: there is nothing new about debts backing up currency. Interested readers can discover more by reading about money supply or the history of central banking, in which the British have a special status.
Australia's ABC has gone on to comment that silver prices declined and palladium crashed on Monday, 29 December. They justify the comment by explaining that professional investors regard any downward price move over ten percent is a crash.
Most traders view such a price plunge as a market crash.
Fact checking, traders assign a volatility rating to every stock, every commodity and every corporate bond.
People can look at the volatility rating before they decide to purchase a stock, a metal or a bond. If you choose to put your money in an investment with a very high volatility rating then you can not use the word "crash" every time it swings ten percent in a single day.
Despite the high volatility of precious metals, people have been buying these things as long term investments to protect against inflation. Here is one of those Irish photos demonstrating how many silver coins you can buy with EUR 1,000. There is a stack of coins for every two year interval since 2007. There are ten stacks, implying the purchaser spent 10 x 1,000 = EUR 10,000 in total to buy the 607 coins in the photo.
At the silver price peak on 26 December, the coins were worth EUR 70 each, that is a total of EUR 42,500.
After the ABC's "crash" on Monday, the coins were worth EUR 64 each, that is a total of EUR 38,848. It is smaller than the peak price but it is still a lot more than the long term cost of buying the coins.
When I saw the article about a crash, I wondered whether these over-generalized comments were created by a real journalist or by artificial intelligence.
Last week, the same ABC web site published a report about an "up-crash" in the markets as people speculate on the artificial intelligence stocks.
Every stock and every metal has a bubble from time to time. Good investment may be nothing more than picking the bubble that is less wrong than the other bubbles.
Do we say that the Euro has crashed now that the number of silver coins we can purchase has fallen by more than fifty percent in twelve months?
If you took the four grams of free silver mentioned in my previous blog, as it was free, did you lose anything at all when the price changed? That depends on which metric you use to measure the price. The free grams of bullion are still available today but it feels like it won't be long before they reduce the size of the promotion.
J’utilise Kodi depuis 2012, à l’époque où le projet s’appelait encore XBMC. Ma toute première installation tournait sur un Raspberry Pi sous Raspbian. Les médias étaient stockés sur mon PC, puis mon NAS et partagés via Samba (SMB pour les intimes). Un setup simple, efficace. Avec l’arrivée des Smart TV, j’ai fini par remplacer le […]
Cet article Pourquoi j’ai quitté Kodi pour Wholphin est apparu en premier sur Guillaume Kulakowski's blog.
When running all my shell as a Distrobox containers, Ctrl-Shift-N in
foot doesn’t work (see this ticket for the explanation),
because it doesn’t know anything about the process running inside of it,
so it doesn’t know what’s the $PWD of the shell running in it. I was
struggling with this for a year, and I have never came with a good
solution. I found a suggestion to parse the window title
to get the current directory, but I see that my window title is more
broken than anything, so it seems really unreliable.
However, these thoughts lead me towards thinking about those weird OSC
strings and particularly OSC-7. I liked particularly the idea of
a dedicated OSC-7 handler (further discussion is for fish, porting to
POSIX shells is left as an excercise for the reader). So, when I rewrite
__fish_update_cwd_osc like this (leaving $PWD in a special file),
I have current directory in /tmp/.osc7_cwd:
function __fish_update_cwd_osc --description 'Notify terminals when $PWD might have changed' \
--on-variable=PWD --on-event=fish_prompt
set -l host $hostname
if [ "$TERM" = dumb ]
return
end
set -l enc_pwd (string escape --style=url -- $PWD)
printf \e\]7\;file://%s%s\a $host $enc_pwd
printf $host\t$enc_pwd >/tmp/.osc7_cwd
end
(if you are using one of terminal emulators mentioned in the original code, you need to acommodate for them too)
And then, when I add this snippet to my ~/.config/fish/config.fish:
if status is-interactive
# Commands to run in interactive sessions can go here
set -l cwd_file /tmp/.osc7_cwd
if test -r $cwd_file
set -l new_cwd (string split \t (cat $cwd_file))[2]
cd (string unescape --style=url $new_cwd)
end
end
then a new shell (ANY new shell) starts in the same directory as the one
which changed $PWD last time.
It is probably not the ideal solution, but five seconds into using it, it seems like something which could work for me.
I am certain that the other shells could achieve the same, but this makes me appreciate an extreme versatility and elegance of fish.
Bulgaria joined the European Union in 2007 and they anticipate adopting the Euro as their currency on 1 January 2026.
The decision to use the Euro has been divisive. Polls suggest that a majority of citizens would prefer to defer or completely cancel the decision to adopt the Euro. Everybody from the political parties to the Russians are getting in on the conflict. At the beginning of December, the Bulgarian parliament was asked to consider putting the Euro to a referendum.
The European authorities understand that if Bulgaria changes their mind or if the Euro transition flops badly, it could have major ramifications for every other country who is already part of the Euro.
In particular, ever since banks began using currencies that have no link to gold and silver, the currencies have been entirely dependent on public perception. A Euro rejection or flop in Bulgaria would undermine perception in unpredictable ways. Other countries would think twice before joining in the future.
With that in mind, the banks have well and truly prepared for every imaginable disaster, whether it is the accidental death of a prime minister or Russian cyberattacks.
While the Bulgarian public did not get to vote on the Euro per se, they are voting with their wallets. Reports claim that Bulgaria, the poorest country in Europe, is now the third highest country on the table of private bullion ownership.
As in previous Euro changeovers, the authorities have promised that price police will check the prices of essential goods and services in a range of businesses before and after 1 January. Businesses who obviously increase their prices and blame the Euro have been threatened with punishment.
In practice, we've seen that businesses in other countries have found indirect ways to work around inflation. For example, in Ireland, a lot of restaurants periodically make a complete overhaul of their menu. They change the ingredients and serving sizes and there is no easy way to make a like-for-like comparison to the menu before Ireland got the Euro many years ago.
On top of that, businesses that don't increase their prices will probably fail completely. New businesses will appear and replace the old businesses. The new businesses will charge new prices and the price police will not be able to punish them because they didn't exist before the Euro changeover.
The gold and silver prices in the media typically show a chart that is always going up.
A far better way to look at the prices of these metals is to ask if you took one thousand Euro from your salary and invested it in silver every December, how many coins would you get?
Somebody made a "chart" by stacking the silver coins they acquired over more than twenty years. It has got people talking in Ireland. In 2007, when Bulgaria joined the European Union, one thousand Euros could buy 92 silver coins. Today, one thousand Euro only buys fifteen coins.
The well known BullionVault web site currently puts 4 grams of free silver into each new account. The new normal for silver prices may make them downgrade this policy and future customers may only get 2 or 3 grams free.
The terms and conditions discourage people from creating multiple accounts in their own name. There appears to be no reason multiple people in the same family, for example, the husband, wife and each child can't each open an account and claim 4 grams of silver in their own name.
Now that I've speculated about that, look out for new terms and conditions that limit the free 4 grams of silver to one person at the same address.
2025 is almost gone now, so I thought I would look back on the year for some interesting high and low lights. I'm sure to miss some things here, or miss mentioning someone who did a bunch of work on something, but I will do my best.
There was one gigantic Datacenter move, and one smaller one. Overall I am glad we moved and we are in a much better situation for doing so, but I really hope we can avoid moving more in 2026. It takes so much planning and energy and work and there is so much else to do that has to be put on hold.
As a reminder, some of those advantages:
We have lots of new machines. They are newer/faster/better in almost every way.
dual 25G links on all the new machines (and 10G on old ones)
all nvme storage in new machines
space to expand for things like riscv builders and such.
ipv6 support finally
So much of my year was datacenter moves. :(
This year was sadly also the year of the scrapers. They are hammering pretty much everyone these days and it's quite sad. We did deploy anubis and it really helped a lot for most of the scrapers, but the's another group of them it wasn't able to. For those before the holidays I just tossed enough resources at our stuff that they can scrape and we can just not care. I'm not sure what next year will look like for this however, so we will just keep doing the best we can. I did adjust caching some that also really helped (all the src static files are cached now).
There were also a number of outages toward the end of the year, which I really am not happy about. There were a number of reasons for them:
A tcp_timeout issue which turned out to be a firewall bug that was super hard to track down.
The scrapers causing outages.
I myself caused a few outages with a switching loop of power10 lpars. ;(
Various smaller outages.
We have dicusssed a bunch of things to improve outages and preventing them, so hopefully next year will be happier on that front.
Speaking of power10, that was quite the saga. We got the machines, but the way we wanted to configure them didn't end up working so we had to move to a much more complex setup using a virtual hardware management console appliance and lpars and sr-iov and more. It's pretty complex, but we did get everything working in the end.
We got Fedora 42 and 43 released this year, and pretty much on time too. 43 seems to be a release with a lot of small issues sadly, not sure why. From the postgresql upgrades, dovecot changing config format completely, nftables not enabled and matrix-synapse not being available, my home upgrades were not as smooth as usual.
This was defintely a fun year of poking at home assistant and adding sensors and tweaking around with it. It's a nice fun hobby and does give you real data to solve real problems around your house. Also, all your data is your own and stored locally. This has really turned my perception of iot things all around. Before I woulde deliberately not connect things, now I connect them if they can be made only to talk to my home assistant.
I added a weather station, a rain guage, a new zigbee controller, a bunch of smart power plugs and temp sensors, and much more. I expect more on the way in 2026. Just when I think I have automated or instermented everything, there's a new thing coming along.
I'm still in the 'There are in fact use cases for LLM's' group, but I am pretty weary of all the people wedging them in where they are not in fact a good use case, or insisting you find _some_ case no matter what.
I've found some of them useful for some things. I think this will continue to grow over time, but I think we need to be measured.
On the other side I don't get the outrage for things like calibre adding some support for LLM's. Its there, but it does exactly nothing by default. You have to set it up with your desired provider before it will do anything. It really doesn't affect you if you don't want to use it.
I have stuck with using my Lenovo slim 7x as my main laptop for most of this year. The main thing I still miss is webcam working (but I have an external one so it's not the end of the world). I'm looking forward to the X2 laptops out in the next few months. I really hope qualcomm has learned from the X1 ones and X2 will go better, but time will tell.
We finally managed to turn off our old message bus. It took far too long, but I think it went pretty smoothly overall in the end. Thanks to much to Michal Konečný for doing everything around this.
Thanks to a bunch of work from Greg Sutcliffe, we have our zabbix setup pretty much done for a phase one and have officially announced that nagios is going to be retired.
We moved all our iptables setup over to nftables. There were a few hiccups, but overall it went pretty smoothly. Thanks to James Antill for all the work on this.
I wrote a bunch more blogs this year, mostly for weekly recaps, but also a few home assistant review blogs. I find it enjoyable to do the recaps, although I don't really get much in the way of comments on them, so no idea if anyone else cares about them. I'll probibly continue to do them in 2026, but I might change it to do them sunday night or friday so I don't have to think about doing them saturday morning.
The world was very depressing in 2025 in general, and thats speaking as someone living life on the easiest difficulty level ( https://whatever.scalzi.com/2012/05/15/straight-white-male-the-lowest-difficulty-setting-there-is/ ) I really hope sanity, science and kindness can make some recovery in 2026.
I'll probibly see about doing a 'looking forward to 2026' post soon.
At the TUG2025 conference, I presented a talk about the development of a new colour font, which does automatic syntax highlighting for TeX documents/snippets. The idea was floated by CVR, and was inspired by a prior-art of HTML/CSS syntax highlighting font by Heikki Lotvonen.
Syntax highlighting is achieved by specialized grammar files or packages on desktop applications, code editors, the Web, and typesetting systems like TeX. Some of these tools are heavy (e.g. prism.js or pygmentize package). A light-weight alternative would be a font that uses recent OpenType technologies to do syntax highlighting of code snippets. I developed such a font, for highlighting TeX code snippets.
There are some novelties in the developed font:
COLRv0 and COLRv1 colour format specifications (separate fonts, but generated from the same source).The base font used is M+ Code Latin by Coji Morishita. The details of the development, use cases, and limitations can be found in the 46:2 issue of the TUGboat journal publication. The binary font and sources are available at RIT fonts repository.
Webtop یک کانتینر است که به شما اجازه میدهد یک دسکتاپ کامل لینوکسی (با توزیعهایی مثل Alpine، Ubuntu، Arch، Fedora و غیره) را داخل مرورگر وب اجرا کنید. یعنی از طریق هر مرورگر مدرن، دسکتاپ یا همان «میزکار لینوکس» داشته باشید. مهمترین ویژگیها پشتیبانی از چند توزیع و محیط دسکتاپ: Webtop با توزیعها و محیط […]
The post اجرای دسکتاپ لینوکس در مرورگر با Webtop first appeared on طرفداران فدورا.We did five releases of Copr that included these new features:
We did eight releases of Mock with these features:
We wrote two articles for Fedora Magazine and six other blogposts.
Pavel developed norpm, which allows safe parsing of SPEC files.
We handled several issues in labs where Copr builders are: insufficient resources for s390x, problems with networking of ppc64le, moving x86_64 builders to a different datacenter, allocated high-performing builders for ppc64le…
Jakub added descriptions to resource pools so we can thank our donors.
Jakub wrote a nice page describing why you should use Mock.
Pavel upstreamed Tekton Pipelines for Konflux.
You built 1.4 million packages in Copr in 2025. And Copr serves about 44TB of DNF repositories.
Besides Copr, we maintain several projects and this year we did these notable releases:
We successfully launched Log Detective as a prototype in January. Put it fully in production mode in May. And we have been improving it since then.
Jiri set up metrics to measure whether changes in LLM models are improving responses.
We finished the development phase of Pulp integration. The first month of 2026 will be focused on operation - migrating users’ data to the Pulp backend.
We want to put rpmeta in production and dynamically allocate high-performance builders when your build will take too much time on a normal builder.
If you want to affect what else we do in 2026, you can check our backlog and cast your vote (use an emoticon for comment #0) or add a comment on how much time the feature will save if implemented. And we will choose the card that will have the most significant impact.
Time for another weekly recap, but since I am on vacation for the holidays already, this one is things I've done at home. 🙂
There's often things I just don't have time for or energy for in my home infrastructure, so I add those things to a list and try and do those things over the holidays. Of course often I don't get to them all, or even most of them, but it's a nice list to look at for things to do.
This week:
== December of docs progress
I've kept up on my 'december of docs' plan. I've done a pull request and/or processed some docs tickets every day. When we moved the infra docs to pagure a number of years ago, we opened tickets on all our standard operating procedures to review and update them, so I have been slowly working thought them. So far about 30ish tickets closed and 20ish prs (some tickets I just closed because the sop was moot or didn't need any changes).
== iptables to nftables
I switched my home networks to use nftables directly. I just never got around to it and kept using iptables. The conversion was pretty simple with iptables-restore-translate / ip6tables-restore-translate. I also went though all my rules and dropped a bunch of old ones i no longer needed. You might wonder why I don't just move to firewalld? I could have, but my home network is a bit complicated and firewalld just seemed like overhead/complexity. I got everything working, then the next day I happened to reboot my main home server and... my wireguard tunnels wouldn't work. I couldn't see why the rules all looked fine. Finally I noticed that firewalld was starting and stepping all over my rules. It must have been enabled on install, but iptables started before it so it just failed, but nftables loaded later and it messed it up.
== frame work firmware day / fixing my media pc.
I have 4(!) framework motherboards. They were all downversion on firmware and my media pc (11th gen intel) stopped working for some reason.
The 11th gen intel board was the orig one I got with my first framework laptop several years ago now. When I upgraded to the 12th gen intel one, I moved this motherboard to a coolermaster external case and repurposed it for my media pc. Things worked for a while, but then I couldn't get it to boot, and because it was in the external case it was hard to tell why. So, I pulled it out and stuck it into a laptop case and it booted fine, but I realized the firmware was so old it didn't handle the "I am not in a laptop" mode very well at all. This one needed me to enable lvfs-testing and update firmware, then download and use a usb to upgrade it again. The first one was needed to in order to add support for upgrading firmware from the usb.
Next up was the 12th gen intel one I had gotten to replace the 11th gen. This one I also moved to a coolermaster case after upgrading to the ryzen board, and this one also wasn't booting. I swapped it into the laptop chassis and upgaded it to the latest firmware and then left it in that chassis/laptop.
The first rzyen one I got to replace the 12th gen intel one I decided to swap over to being the media center pc as it's faster/nicer. I got it updated in the laptop and swapped it into the coolermaster case, but then...it wouldn't boot. Red and Blue flashing lights and no booting. Poking around on the net I found that you can get past this by pressing and holding the case open switch 10 times in a row. Indeed this worked to get it booting up. It's still a bit anoying though because the ryzen board has a slightly different layout around the power switch and the coolermaster case doesn't work quite right on those boards like it does on the intel ones. I did manage to get it booting, but the power switch could use a bit of rework to avoid this problem. ;(
The last board is in my 'hot spare' laptop and was already up to date on firmware. Thanks lvfs!
== Some fun with 'health connect'
I played around with health connect on my grapheneos phone. It notified me that I could connect devices to it. I am not sure if this support is new or I just never noticed it before now.
My understanding of the way this works is that you can approve specific sensors to write data and applications that have permission to read that data. Everything stays on your phone unless you approve some application that syncs it off elsewhere.
In my case I enabled the 'number of steps' sensor (which currently is the only thing I have to write data into health connect) and then enabled the android home assistant app to read it. So, I now have a nice home assistant sensor that lets me see how many steps I walked each day. Kinda nice to have the historical data in home assistant.
I'm looking into getting a CGM (continious glucose monitor) sensor, and that I could also share with home assistant to keep historical data.
I'm a bit surprised that this setup is so reasonable.
As always, comment on mastodon: https://fosstodon.org/@nirik/115754591222815006
جشن باستانی شب یلدا بر همه ایرانیان شاد و خجسته باد. یلدا، بلندترین شب سال، بهانهای زیباست برای کنار هم بودن، زنده نگه داشتن مهر و دوستی و استقبال از روشنایی پس از تاریکی. امیدواریم این شب کهن، سرآغاز روزهایی پر از آرامش، سلامتی و شادی برای شما و خانوادهتان باشد و گرمای صمیمیت، خانههایتان […]
The post یلدا بلندترین شب سال و جشن پیروزی نور بر تاریکی first appeared on طرفداران فدورا.This is a report created by CLE Team, which is a team containing community members working in various Fedora groups for example Infratructure, Release Engineering, Quality etc. This team is also moving forward some initiatives inside Fedora project.
Week: 15 – 19 December 2025
This team is working on deployment of forge.fedoraproject.org.
Ticket tracker
This team is taking care of day to day business regarding Fedora Infrastructure.
It’s responsible for services running in Fedora infrastructure.
Ticket tracker
This team is taking care of day to day business regarding CentOS Infrastructure and CentOS Stream Infrastructure.
It’s responsible for services running in CentOS Infratrusture and CentOS Stream.
CentOS ticket tracker
CentOS Stream ticket tracker
This team is taking care of day to day business regarding Fedora releases.
It’s responsible for releases, retirement process of packages and package builds.
Ticket tracker
This team is working on day to day business regarding Fedora CI and testing.
If you have any questions or feedback, please respond to this report or contact us on #admin:fedoraproject.org channel on matrix.
The post Community Update – Week 51 2025 appeared first on Fedora Community Blog.
RPMs of PHP version 8.5.1 are available in the remi-modular repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).
RPMs of PHP version 8.4.16 are available in the remi-modular repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).
RPMs of PHP version 8.3.29 are available in the remi-modular repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).
RPMs of PHP version 8.2.30 are available in the remi-modular repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).
RPMs of PHP version 8.1.34 are available in the remi-modular repository for Fedora ≥ 41 and Enterprise Linux ≥ 8 (RHEL, Alma, CentOS, Rocky...).
ℹ� These versions are also available as Software Collections in the remi-safe repository.
ℹ� The packages are available for x86_64 and aarch64.
🛡� These Versions fix 4 security bugs (CVE-2025-14177, CVE-2025-14178, CVE-2025-14180), so the update is strongly recommended.
Version announcements:
ℹ� Installation: Use the Configuration Wizard and choose your version and installation mode.
Replacement of default PHP by version 8.5 installation (simplest):
On Enterprise Linux (dnf 4)
dnf module switch-to php:remi-8.5/common
On Fedora (dnf 5)
dnf module reset php dnf module enable php:remi-8.5 dnf update
Parallel installation of version 8.5 as Software Collection
yum install php85
Replacement of default PHP by version 8.4 installation (simplest):
On Enterprise Linux (dnf 4)
dnf module switch-to php:remi-8.4/common
On Fedora (dnf 5)
dnf module reset php dnf module enable php:remi-8.4 dnf update
Parallel installation of version 8.4 as Software Collection
yum install php84
Replacement of default PHP by version 8.3 installation (simplest):
On Enterprise Linux (dnf 4)
dnf module switch-to php:remi-8.3/common
On Fedora (dnf 5)
dnf module reset php dnf module enable php:remi-8.3 dnf update
Parallel installation of version 8.3 as Software Collection
yum install php83
And soon in the official updates:
⚠� To be noticed :
ℹ� Information:
Base packages (php)
Software Collections (php83 / php84 / php85)
unsubstantiated character assassinationand consequently awarded me significant damages. That's not what this post is about, as such. It's about the sole meaningful claim made that tied me to the abuse.
The facts linking the Claimant to the sock puppet accounts include, on the IRC network: simultaneous dropped connections to the mjg59_ and elusive_woman accounts. This is so unlikely to be coincidental that the natural inference is that the same person posted under both names. "elusive_woman" here is an account linked to the harassment, and "mjg59_" is me. This is actually a surprisingly interesting claim to make, and it's worth going into in some more detail.
*elusive_woman has quit (Ping timeout: 2m30s), followed by one reading
*mjg59_ has quit (Ping timeout: 2m30s). The timestamp listed for the first is 09:52, and for the second 09:53. Is that actually simultaneous? We can actually gain some more information - if you hover over the timestamp links on the right hand side you can see that the link is actually accurate to the second even if that's not displayed. The first event took place at 09:52:52, and the second at 09:53:03. That's 11 seconds apart, which is clearly not simultaneous, but maybe it's close enough. Figuring out more requires knowing what a "ping timeout" actually means here.
Hello testers, we are happy to announce that Kiwi TCMS is going to FOSDEM 2026 in Brussels. This is where you can find us:
We would like to meet with all of you and talk about open source, software testing and test management!
If you like what we're doing and how Kiwi TCMS supports various communities please help us!
This is a part of the Fedora Linux 43 FESCo Elections Interviews series. Voting is open to all Fedora contributors. The voting period starts today, Wednesday 17th December and closes promptly at 23:59:59 UTC on Wednesday, 7th January 2026.
I have used Fedora as my daily driver since 2003 and have actively contributed to Fedora since 2004. (Example: I designed the current Fedora logo and website design.) I am very passionate about the open source approach to technology. I first started using Linux as a high school student (my first Linux was Red Hat 5.1) and being able to use free software tools like Gimp when I couldn’t afford Photoshop made an outsized impact on my life. (I explain my background in Linux and open source in-depth in this interview with Malcolm Gladwell: https://youtu.be/SkXgG6ksKTA?si=RMXNzyzH9Tr6AuwN )
Technology has an increasingly large impact over society. We should have agency over the technology that impacts our lives. Open source is how we provide that agency. We’re now in a time period with a new disruptive technology (generative AI) that – regardless if you think it is real or not, is having real impact on computing. Fedora and other open source projects need to be able to provide the benefits of this new technology, the open source way and using open source software. Small, local models that are easy for our users to deploy on their own systems using open source tooling will provide them the ability to benefit AI’s strengths without having to sacrifice the privacy of their data.
There is a lot of hype around AI, and a lot of very legitimate concerns around its usage including the intellectual property concerns of the pre-trained data, not having enough visibility into what data is part of pre-trained data sets, the working conditions under which some of the data is labeled under, the environmental impact of the training process, the ethics of its usage. Open source projects in particular are getting pummeled by scraping bots hungry to feed coding models. There are folks in the tech industry who share these legitimate concerns that prefer to avoid AI and hope that it the bubble will just pop and it will go away. This strategy carries significant risks, however, and we need a more proactive approach. The technology has legitimate uses and the hype is masking them. When the hype dies down, and the real value of this new technology is more visible, it will be important for the type of community members we have in Fedora with their commitment to open source principles and genuinely helping people to have had a seat at the table to shape this technology.
(You can see a short video where I talk a bit more indepth about the pragmatic, privacy and open source-focused approach I take to AI here: https://youtu.be/oZ7EflyAPUw?si=HSbNhq_3NelXoX2J)
In the past I have been quite skeptical about generative AI and worried about its implications for open source. (I continue to be skeptical and annoyed by the hype surrounding it.) I’ve spent the past couple of years looking at open source licensed models and building open source generative AI tooling – getting hands on, deep experience to understand it – and as a result I have seen first hand the parts of this technology that have real value. I want FESCo to be able to make informed decisions when AI issues come up.
My background is in user experience engineering, and I am so excited about what this technology will mean for improving usability and accessibility for users of open source software. For example, we never have enough funding or interest to solve serious a11y problems; now we could generate text summaries of images & describe the screen out loud with high-quality audio from text-to-voice models for low vision users! I want open source to benefit from these and even more possibilities to reach and help more people so they can enjoy software freedom as well.
I have served in multiple governance roles in Fedora including time on the Fedora Council, the Mindshare Committee, lead of various Fedora Outreachy rounds (I have mentored dozens of interns in Fedora), and founder / lead of the Design team over many years. More importantly, I have deep Linux OS expertise, I have deep expertise in user experience, and I have a depth in AI technology to offer to FESCo. I believe my background and skills will enable FESCo to make responsible decisions in the best interest of open source and user agency, particularly around the usage of AI in Fedora and in the Fedora community. We will absolutely need to make decisions as a governing group in the AI space, and they should be informed by that specific expertise.
I founded and ran the Fedora Design Team for 17 years. It was the first major Linux distribution community-lead design team, and often as a team we’ve been asked by other distros and open source projects for help (so we expanded to call ourselves the “Community Design Team.”) Over the years I’ve designed the user experience and user interfaces for many components in Fedora including our background wallpapers, anaconda, virt-manager, the GNOME font-chooser, and a bunch of other stuff. I moved on from the Fedora Design role to lead design for Podman Desktop and to work more with the Podman team (who are also part of the Fedora community) for a couple of years, and I also led the InstructLab open source LLM fine-tuning project and corresponding Linux product from Red Hat (RHEL AI.) For the past year or so I have returned to working on core Linux on the Red Hat Enterprise Linux Lightspeed team, and my focus is on building AI enhancements to the Linux user experience. My team is part of the Fedora AI/ML SIG and we’re working on packaging user-facing components and tooling for AI/ML for Fedora, so folks who would like to work with LLMs can do so and the libraries and tools they need will be available. This includes building and packaging the linux-mcp-server and packaging goose, a popular open source AI agent, and all of their dependencies.
My career has focused on benefiting Fedora users by improving the user experience of using open source technology, and being collaborative and inclusive while doing so.
Data is the best way to handle disagreements when working as part of a team. Opinions are wonderful and everyone has them, but decisions are based made with real data. Qualitative data is just as important as quantitative data, by the way. That can be gathered by talking directly to the people most impacted by the decision (not necessarily those who are loudest about it) and learning their perspective. Then informing the decision at hand with that perspective.
A methodology I like to follow in the face of disagreements is “disagree and let’s see.” (This was coined by Molly Graham, a leadership expert.) A decision has to be made, so let’s treat it like an experiment. I’ll agree to run an experiment, and track the results (“let’s see”) and advocate for a pivot if it turns out that the results point to another way (and quickly.) Being responsible to track the decision and its outcomes and bringing it back to the table, over time, helps build trust in teams like FESCo so folks who disagree know that if the decision ended up being the wrong one, that it can and will be revisited based on actual outcomes.
Another framework I like to use in disagreements is called 10-10-10, created by Suzy Welch. It involves thinking through: how will this decision matter in 10 minutes? How about 10 months? How about 10 years? This frame of thought can diffuse some of the chargedness of disagreement when all of the involved people realize the short or long term nature of the issue together at the same time.
Acknowledging legitimate concerns and facing them head on instead of questioning or sidelining others’ lived experience and sincerely-held beliefs and perspectives is also incredibly important. Listening and building bridges between community members with different perspectives, and aligning them to the overall projects goals – which we all have in common as we work in this community – is really helpful to help folks look above the fray and be a little more open-minded.
I understand there is a campaign against my running for FESCo because myself and a colleague wrote an article that walked through real, undoctored debugging sessions with a locally-hosted, open source model in order to demonstrate the linux-mcp-server project.
I want to make it clear that I believe any AI enhancements that are considered for Fedora need a simple opt-in button, and no AI-based solutions should be the default. (I’ve spoken about this before, recently on the Destination Linux Podcast: https://youtu.be/EJZkJi8qF-M?t=3020) The user base of Fedora and other open source operating systems come to their usage in part due to wanting agency over the technology they use and having ownership and control over their data. The privacy-focused aspects of Fedora have spanned the project’s existence and that must be respected. We cannot ignore AI completely, but we must engage with it thoughtfully and in a way that is respectful of our contributors and user base.
To that end, should you elect to grant me the privilege of a seat to FESCo this term:
My core software engineering background is in user experience and usability, and I believe in the potential of small, local models to improve our experience with software without compromising our privacy and agency. I welcome ongoing community input on these principles and other boundaries you’d like to see around emerging technologies in Fedora.
The post F43 FESCo Elections: Interview with Máirín Duffy (duffy/mizmo) appeared first on Fedora Community Blog.
This is a part of the Fedora Linux 43 FESCo Elections Interviews series. Voting is open to all Fedora contributors. The voting period starts today, Wednesday 17th December and closes promptly at 23:59:59 UTC on Wednesday, 7th January 2026.
I want to be a member of FESCo to represent the interests of users, developers and maintainers of what we call Atomic, Bootable Container, Image Based or Immutable variants of Fedora (CoreOS, Atomic Desktops, IoT, bootc, etc.).
I think that what we can build around those variants of Fedora is the best path forward for broader adoption of Fedora and Linux in the general public and not just in developer circles.
I thus want to push for better consideration of the challenges specific to Atomic systems in all parts of Fedora: change process, infrastructure, release engineering, etc.
I also want to act as a bridge with other important communities built around this ecosystem such as Flathub, downstream projects such as Universal Blue, Bazzite, Bluefin, Aurora, and other distributions such as Flatcar Linux, GNOME OS, KDE Linux, openSUSE MicroOS, Aeon or ParticleOS.
I primarily contribute to Fedora as a maintainer for the Fedora Atomic Desktops and Fedora CoreOS. I am also part of the KDE SIG and involved in the Bootable Containers (bootc) initiative.
My contributions are focused on making sure that those systems become the most reliable platform for users, developers and contributors. This includes both day to day maintenance work, development such as enabling safe bootloader updates or automatic system updates and coordination of changes across Fedora (switching to zstd compressed initrds as an example).
While my focus is on the Atomic variants of Fedora, I also make sure that the improvements I work on benefit the entire Fedora project as much as possible.
I’ve listed the Fedora Changes I contributed to on my Wiki profile: https://fedoraproject.org/wiki/User:Siosm.
Disagreements are a normal part of the course of a discussion. It’s important to give the time to everyone involved to express their positions and share their context. Limiting the scope of a change or splitting it into multiple phases may also help.
Reaching a consensus should always be the preferred route but sometimes this does not happen organically. Thus we have to be careful to not let disagreements linger on unresolved and a vote is often needed to reach a final decision. Not everyone may agree with the outcome of the vote but it’s OK, we respect it and move on.
Most decisions are not set in stone indefinitely and it’s possible to revisit one if the circumstances changed. A change being denied at one point may be accepted later when improved or clarified.
This is mostly how the current Fedora Change process works and I think it’s one of the strength of the Fedora community.
I’ve been a long time Fedora user. I started contributing more around 2018 and joined Red Hat in 2020 where I’ve been working on systems such as Fedora CoreOS and RHEL CoreOS as part of OpenShift. I am also part of other open source communities such as Flathub and KDE and I am committed to the upstream first, open source and community decided principles.
The post F43 FESCo Elections: Interview with Timothée Ravier (siosm/travier) appeared first on Fedora Community Blog.
This is a part of the Fedora Linux 43 FESCo Elections Interviews series. Voting is open to all Fedora contributors. The voting period starts today, Wednesday 17th December and closes promptly at 23:59:59 UTC on Wednesday, 7th January 2026.
I accepted this nomination because I believe FESCo would benefit from fresh perspectives, and I think that these new perspectives will also help to lower the entrance barriers for Fedora.
Governance bodies stay healthy when they welcome new voices alongside experienced members, and I want to be part of that renewal.
Technologies like eBPF are redefining what’s possible in Linux–observability, security, networking–but they also bring packaging challenges that we haven’t fully solved, such as kernel version dependencies, CO-RE relocations, BTF requirements, and SELinux implications.
On FESCo, I want to help Fedora stay ahead of these challenges rather than merely reacting to them. I want to advocate for tooling and guidelines that will help make complex kernel-dependent software easier to package.
I founded and currently lead the Fedora eBPF Special Interest Group. Our goal is to make eBPF a first-class citizen in Fedora, improving the experience for the developers who are building observability, security, and networking tools and figuring out how to package software that has deep kernel dependencies.
On the packaging side, I maintain bpfman (an eBPF program manager) and several Rust crates that support eBPF and container tooling. I’ve also learned the hard way that Rust dependency vendoring is… an adventure. 
Before Fedora, I spent years in the OpenStack community. I served as PTL (Project Team Lead) for the Kuryr project, the bridge between container and OpenStack networking and was active in the Kubernetes SIG. That experience taught me a lot about running open source projects: building consensus across companies, mentoring contributors, managing release cycles, and navigating the politics of large upstream communities.
I try to bring that same upstream, community-first mindset to Fedora. My hope is that the patterns we establish in the eBPF SIG become useful templates for other packagers facing similar challenges.
I start by assuming good intent. If someone is in the discussion, it’s because they do also care about the outcome, even though they may have another point of view.
I also try not to speculate about why someone holds a particular view. Assigning motives derails technical conversations fast. Instead, I focus on keeping things facts-driven: what does the code actually do, what do users need, what are the real constraints? Egos don’t ship software, and sticking to concrete data keeps discussions productive.
When disagreements persist, I find it helps to identify what everyone does agree on and use that as a new starting point. You’d be surprised how often this unblocks a stalled conversation.
Also, I think that it’s important to step back. It’s tempting to want the final word, but that can drag things on forever without real progress. Miscommunication happens and not every discussion needs a winner.
I believe in Fedora’s Four Foundations: Freedom, Friends, Features, First. What draws me to this community is the “Friends” part: there’s a place in Fedora for anyone who wants to help, regardless of background or technical skill level. Open source is at its best when it’s genuinely welcoming, and I want FESCo to reflect that.
From my time in the OpenStack community, I learned that healthy projects focus on protecting, empowering, and promoting: protecting the open development process and the values that make the community work; empowering contributors to do great work without painful barriers; and promoting not just the software, but the people who build and use it. I try to bring that mindset to everything I do.
I also believe strongly in working upstream. The changes we make should benefit not just Fedora users, but the broader open source ecosystem. When we solve a hard problem here, that knowledge should flow back to upstream projects and other distributions.
I’ll be at FOSDEM 2026. FOSDEM embodies what I love about open source: a non-commercial space where communities meet to share knowledge freely. If you’re there, come say hi.
The post F43 FESCo Elections: Interview with Daniel Mellado (dmellado) appeared first on Fedora Community Blog.
After the recent abuse judgment, today we will find out about Tom Silvagni's sentence. Dad died shortly after his employer, the late Cardinal Pell, was sentenced to prison. The cardinal was subsequently acquitted in his appeal to the High Court. Dad was a Carlton supporter. He would be turning in his grave at the thought that Stephen Silvagni's son could be a rapist.
Suppression orders were lifted last week and the media have finally identified Tom Silvagni as the latest Australian football personality to be convicted of abuse.
News reports were quick to comment on the fact the Silvagni brothers all attended Xavier College, the elite Catholic boys school attended by my father and I. As explained in a previous blog, after moving from Bendigo to Melbourne for my final year of school, I used to cycle from Pentridge Prison to Xavier College each day while Tom really is in prison for at least one Christmas and maybe more.
The alleged incident took place in January 2024. That appears to be four years after Tom completed year 12. References to the school are therefore not helpful in any specific way. In a general sense, all we can say is there is a correlation between wealth and abuse, just as there is a correlation between wealth and attendance at elite schools. But correlation is not causation. The Chanel Contos "petition" about consent demonstrated that incidents of this nature were alleged to happen in every elite school of every denomination. The Federal Court published the Katharine Thornton Dossier about their former boss, the attorney general Christian Porter. In his case, it is alleged that abuse took place while he was representing another elite school at the national debating contest. An allegation against a student on an official school trip is far more severe than an allegation against a former student.
Tom had started a job as a player agent at Kapital Sports Management shortly before the incident. The Wayback machine has captured images of Tom with his colleagues as well as his profile:
Tom is a recently accredited AFL Player Agent and works closely with our team of experienced agents at the ground level. Tom has “lived” the industry through his family ties and is a great resource to Kapital given he has recently experienced playing in AFL pathways. Tom offers great perspective to the young draftees as they navigate the system and is a great relationship piece with our draft talent.
After the conviction was announced, the victim was invited to make a unilateral victim impact statement. She used much of that opportunity to direct her comments against Tom. She made little reference to anybody else at the party and no reference to the cultural and legal problems around abuse in Australia.
Shiannon Corcoron writes a strongly man-hating piece about the trial:
was about how the rights of the wealthy and powerful can override the rights of the small, the weak, the vulnerable and the truth. This man-child ...
As the accuser is anonymous, we do not know if she was small or weak. The facts do confirm she was vulnerable at that particular moment in time: she had gone to sleep in a bed with another man. She believed he would stay the night. The other man left at 2am, leaving the complainant alone and vulnerable.
The polarizing nature of these comments can be further exposed with reference to a parallel case in the United Kingdom. On the same day as the judgment in Melbourne, a British police officer failed in their appeal to overturn dismissal for gross misconduct. In the British case, the attacker was not a male police officer, it was a female police officer, PC Pamela Pritchard. While the police sacked her, there is no mention of any criminal prosecution for her actions.
Look at the women running around the world of open source software encouraging people to gang up on each other:
Comments like that are incredibly dangerous. In the world of football, Tom may have seen the way the Director of Public Prosecutions (DPP) handled the case against Stephen Milne and he may have felt that a yes to one man is almost as good as a yes to both men.
Abuse is not about the offender's gender. It is about power, having a gang on your side or just being incredibly drunk and stupid.
There are at least two sides to every story. Looking at the falsified harassment claims in the world of open source software, I was able to find internal emails manipulating journalists to repeat false accusations against Dr Jacob Appelbaum. If somebody was really abused, why did they try to fight their battle through B-grade journalists rather than going directly to the police?
One of the more notable examples in Australia was the wrongful persecution of Alex Matters from the ALP. Sky News conducted an excellent interview with Mr Matters about what it is like to be wrongly accused of abuse.
Based on these cases, I feel it is wise to be very cautious when somebody raises an accusation. It is important to listen and write down evidence but it is foolish to repeat an accusation willy-nilly on social control media.
Silvagni's lawyers argued that due to the high profile of his family and his young age, he would be at unreasonable risk of self-harm or suicide if the story of the trial was published by the media. On this basis, the entire trial was conducted in secret and his identity only revealed after he was convicted.
There have been vast discussions about privacy, censorship and the credibility of mental health concerns.
Research into the mental health issue suggests that everybody in proximity to bullying and persecution, including family members, team mates, Carlton fans, friends of Tom's mum and Xavier alumni are going to collectively suffer some stress due to the public denunciation of the Silvagni family.
Take a moment to think about Tom's brothers and their families.
Ben was dating Eve Markoski-Wood. Eve's biological father, inconveniently named Rapoff, was convicted and jailed on drug offences. Eve's mother is a reality TV star and Eve uses the name of her step-father. It looks like Eve broke off the relationship with Ben shortly after the charges were officially declared. Britain's Daily Mail tabloid speculated that the "tyranny of distance" had forced them apart but now we know the real reason.
Jack had a very successful few years playing for Carlton. He arrived in the club at the same time as Grace Phillips took up a role as a social media intern. Grace was fortunate to strike up a relationship with her new colleague, the star recruit and son of one of the club legends. They married in 2023 and not long after, in 2024 they had a baby son, Charlie. How is the child going to feel when it arrives for its first day at school and some other five year old asks about uncle Tom?
Tom's girlfriend, Alannah Iocanis, who was a friend of the accuser, is also one of these influencer/model personalities in the world of social control media. With her boyfriend in jail, will other celebrities be willing to date her? Will she be able to maintain the influencer/model lifestyle or will she have to get a job in a supermarket or coffee shop?
Alannah was chosen as a finalist in Miss Universe Australia 2025 even while her boyfriend was on trial for rape. Many pages about her participation have vanished as news got around.
Alannah's model agency, KHOO, has removed her profile.
Many of the media reports do not mention the names of the other people attending the party. It is vital to understand that Anthony Lo Giudice, the other man who had been in the room with the girl was a close relative of the Carlton football club president, Mark Lo Giudice. At the same time, it is important to understand that Tom's father, one of the legends of Carlton, had been refusing to speak to Mark Lo Giudice for a number of years.
Channel 7 report about Anthony Lo Giudice and the sequence of events and Anthony's LinkedIn.
When the reader is aware of all these challenging relationships, they can begin to contemplate the possibility that people have had a role in manipulating the girl or manipulating Tom or manipulating both of them to create a crisis.
Tom's girlfriend, Alannah Iocanis, had invited the victim to the four-way party and she arrived after midnight. Tom's best friend was having an open relationship with the victim. Think of the film Cruel Intentions from 1999. It remains a masterpiece of this genre.
Within minutes of the alleged abuse, the victim had used her mobile phone to alert multiple people that she was an abuse victim. Being only nineteen years old, she may not have realized the extent to which these text messages would change her life. The identities of abuse victims can't be published by the press in Australia, nonetheless, her name has been shared widely between people in her circle of friends, people she thought she could trust and the football clubs concerned.
Without a mobile phone, she may have had time to think about her response to the situation. Once she had gone down the path of telling multiple people, she was unable to turn back.
News reports were quick to emphasize that Tom is accused of using deception to gain access to the sleeping nineteen year old. He has admitted using deception, a falsified Uber receipt, to obfuscate the identities of those really in the house at the time of the alleged abuse.
I suspect many people would feel a sense of shock if accused of abuse and some may be tempted to put up barriers to protect themselves. The trial of Tom Silvagni found that his response was not merely a spontaneous lie made up on the spur of the moment, it was a co-ordinated deception involving at least one other person and a forged document.
During the nearly 10-day trial, Crown prosecutor Jeremy McWilliams told jurors the rapes were committed 'not through threats, not through force… but through deception,' with Silvagni impersonating his friend to trick the woman.
In Debianism, the former leader sent this email in December 2018:
You are well-aware that I have been nothing but scrupulous and gentlemanly with regards to your personal privacy and thus I would refuse to cite any outside or otherwise offer any objective rebuttals to your claims on a public forum.
Yet records show he had spent much of 2018 sending defamatory emails behind my back at a time when I lost two family members. Nothing could be a more hideous violation of privacy.
We've seen similar extremes as Matthias Kirschner uses the name FSFE to impersonate the real FSF in Boston. In a previous blog, I compared the FSFE to a Nigerian 911 scam.
Tom Silvagni is accused of using deception/impersonation to procure sex with one of his best friend's girlfriends. Chris Lamb and Matthias Kirschner used deception on a similar scale to procure victims' work while pretending to be independent voluntary organizations. In the latter case, we saw victims killed themselves in the Debian suicide cluster. One victim died on our wedding day.
Hi there, blog readers! For the last week or so I've been poking into AI code review tools. Yes, this is partly because of the Red Hat "you must do AI things!" policy. But also, to be honest, because they seem to be...actually good now. I set up AI reviews for pull requests to our openQA test repo as an experiment. But especially over the last couple of months, they've got to the point where well over half of the review notes are actually useful, and the writing style isn't so awful I want to stab myself in the eyeballs. So I'd quite like to keep doing them, but in a more open source-y way. So far I've simply been cloning the pull requests to a GitHub mirror of the repo that exists solely to get AI reviews done. That repo has Gemini Code Assist enabled so the PRs are reviewed by Gemini automatically, e.g. here. It's very simple, but entirely closed source, there's no control over it, and Google could take it away at any time.
We're in the middle of migrating Fedora projects from Pagure to our new Forgejo instance, so I decided to try and get some sort of AI review system integrated with Forgejo. And I kinda succeeded! I wrote a Forgejo integration for ai-code-review, a tool I found that was written by another Red Hatter, and managed to set up a proof-of-concept Forgejo Actions workflow using it on a repo I own that's hosted at Codeberg (since Codeberg has public Forgejo Actions runners available; we don't have Actions entirely set up in the Fedora instance yet). Right now it's using Gemini as the model provider just because that was the easiest thing to set up for a PoC, but ai-code-review's design makes the LLM provider easily pluggable, so it's trivial to swap it out. Long term I hope we'll get a Fedora LLM provider set up, serving open source models, and we can make it use that. There's an Ollama backend, and adding an OpenAI API backend should be pretty easy.
Before going any further with that, though, I decided to look around and see if there are other tools out there, and if so, which might be the best one. I poked around a bit and found a few, and wrote up a very half-assed comparative assessment. I figured this might interest others, so I've prettied it up a tiny bit and put it below. I make no claims that this is comprehensive, accurate or fair, please send all complaints to the happyassassin.net HR department! The takeaway is that I'll probably keep working on the ai-code-review approach and also experiment with forking Qodo's archived open-source pr-agent project and see if I can add Forgejo support to it, to compare it against ai-code-review.
If anyone knows of any I missed, please let me know! I briefly looked at RhodeCode but discounted it because it's a whole-ass forge, not just a review tool. ReviewBoard doesn't seem to have any LLM integration as best as I could tell.
ai-code-review (Juanje) and pr-agent (Qodo/Codium) seem the best options.
Of the RH-developed, greenfield projects, ai-code-review is more featureful and better architected than ai-codereview, and not tied to an RH-internal model provider.
Of the existing public projects, ai-pr-reviewer (CodeRabbit) was very tied to GitHub, has no documented standalone deployment ability, and was archived fairly early in development. Plus it's in TypeScript. Kodus is actively developed, but similarly is in TypeScript, deployment looks complex, and from what I've seen I don't love its review style. Hard to say why but the project overall gives me a sloppy vibe. pr-agent (Qodo) had the longest development history and seems the most mature and capable at the point where it was abandoned (well, they actually seem to have done a heel turn and gone closed source / SaaS). It has a documented standalone deployment process which looks relatively simple and subject to integration into generic CI workflows.
Audacity یک نرمافزار ویرایش و ضبط صدا دیجیتال است که بهصورت رایگان و منبع باز (open-source) برای کاربران در سرتاسر جهان عرضه میشود. میتوان آن را روی سیستمعاملهای ویندوز، macOS و لینوکس نصب و استفاده کرد. این نرمافزار یکی از محبوبترین ابزارها برای ویرایش صدا، ساخت پادکست، میکس موسیقی و ضبط صدا بهصورت چند ترک (multi-track) […]
The post معرفی و نصب نرم افزار Audacity در فدورا لینوکس first appeared on طرفداران فدورا.A few weeks ago I released Johnnycanencrypt 0.17.0. It is a Python module written in Rust, which provides OpenPGP functionality including allows usage of Yubikey 4/5 as smartcards.
verify_userpin and verify_adminpin functions. #1861.22.00.27.1expect calls and no unwrap calls.cargo clippy warnings.The build system now moved back to maturin. I managed to clean up CI, and now testing properly in all 3 platforms (Linux, Mac, Windows). Till this release I had to manually test the smartcard functionalities by connecting a Yubikey in Linux/Mac systems, but that will change for the future releases. More details will come out soon :)
Another busy week for me and Fedora infrastructure in general, and also the last working week of the year for me. I am out on vacation for the holidays and back 2026-01-12.
Of course I will be around and checking in for outages/urgent issues and working on things in the community that I find enjoyable.
( see: https://www.scrye.com/blogs/nirik/posts/2023/12/13/time-off-when-youre-paid-to-work-in-a-community/ )
This last monday was the physical datacenter move. It had been pushed back for various reasons, but I am glad we could get it done and over with this year.
Things didn't go as smoothly as planned unfortunately.
There was bad weather in the area of the datacenters (snow and ice). The truck transporting things took a bit longer to arrive, the folks doing the move had to head home before things became impassible and also took longer to get back in to finish cabling. :(
There was a miscommunication between planning folks and datacenter folks on the ground: we thought that everything was moving to dual 10G network (so networking can upgrade/reboot switches and we are fine). The folks doing the actual cabling thought that we were just reconnecting things the way the old datacenter was setup (1 1G connection). So, it took a while to get 10G all connected and configured.
Of course there were some casualties too: One machine (our retrace server) had a broken rail. DC folks got it setup anyhow, but new rails are going to need to be installed soon. And another of our servers for some reason refuses to accept any mgmt passwords. That will need to be reset locally.
There's one cursed machine that has a 10G network card in it, and lspci on the server shows it, but it has no interfaces for it, and the mgmt interface doesn't show it at all. Probibly the card is dead or otherwise needs vendor intervention.
Otherwise important things are back up with some reinstalling and cleanup to be done. Here's hoping for a datacenter moveless 2026!
I did a bunch of tweaking since last week to try and get things in a state where we could not need manual intervention for scraper handling. This included some httpd changes, some proxy changes and a bit of hardware tuning. So far, we are doing good. I haven't had to manually look at it much this week. We have still been under scraper load, but blocking the blame endpoint really helped along with the other tuning. I hope it will be a quiet holidays.
So far we are just under half of december gone by, and so far I have kept up working on at least one docs pr/ticket every day.
We have moved infra docs over to forge now also!
You can see activity here:
https://forge.fedoraproject.org/infra/docs/activity/monthly
Hopefully I can keep it up. We are down about 21 tickets now. Perhaps I can even do a bit more now that I am on holidays.
Happy holidays everyone!
As always, comment on mastodon: https://fosstodon.org/@nirik/115713891385384001
I've found time for dist-upgrade of my home server, finally. As usual, there was one thing
needing manual intervention: PostgreSQL update. But this time it was more complicated.
Between Fedora 42 and 43, PostgreSQL jumped from v16 to v18. And postgresql-setup --upgrade
handles adjacent versions upgrades only. Fortunately, Fedora ships other version-suffixed
packages for this database.
It is possible (and needed!) to use postgresql-server17 and postgresql17-upgrade packages as an intermediate
step in the upgrade. Commands are documented in bz#2411778#c1.
It should be included in F43 Common Bugs
list, but it isn't. (And the list itself was moved from Wiki into Discourse…)
Note to self: the upgrade always fails with my customised postgresql.conf.
Remember to plant the default config for the duration of postgresql upgrade.
026/100 of #100DaysToOffload
My defaults are set for Linux Kernel development, but I have been in Qemu land lately and these values make it easier to format.
set shiftwidth=4
set expandtab
set tabstop=4
retab
Using ebpf and the bpftrace command line utility, you can perform simple reporting on function calls. Here’s an example:
/usr/bin/bpftrace -e \
'
BEGIN{@WFE=false}
kfunc:queue_poll / args.qp->wfe == @WFE / { @start= elapsed}
kretfunc:queue_poll /args.qp->wfe == @WFE / { @delta = elapsed - @start; @total+=@delta }
END{ @ = stats(@delta) }'
This is for the function queue_poll, specifically when the wfe field of the gp parameter is set to false. To figure out if you can even look at queue_poll, use the kernel symbols:
grep queue_poll /proc/kallsymsSimetimes symbols get inlined and you cannot break on them, but this one happens to be in my kernel.
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 353:
IPv4 and IPv6 configuration dialogs now automatically pre-fill network prefix length and default gateway. Prefix length defaults to classful addressing in IPv4 and /64 prefix is suggested for IPv6. Classless addressing is fully supported and manual overrides are available, the default gateway is calculated as the first usable address of the subnet.
Cockpit 353 is available now:
WebKitGTK 2.50.3 contains a workaround for CVE-2025-13947, an issue that allows websites to exfiltrate files from your filesystem. If you’re using Epiphany or any other web browser based on WebKitGTK, then you should immediately update to 2.50.3.
Websites may attach file URLs to drag sources. When the drag source is dropped onto a drop target, the website can read the file data for its chosen files, without any restrictions. Oops. Suffice to say, this is not how drag and drop is supposed to work. Websites should not be able to choose for themselves which files to read from your filesystem; only the user is supposed to be able to make that choice, by dragging the file from an external application. That is, drag sources created by websites should not receive file access.
I failed to find the correct way to fix this bug in the two afternoons I allowed myself to work on this issue, so instead my overly-broad solution was to disable file access for all drags. With this workaround, the website will only receive the list of file URLs rather than the file contents.
Apple platforms are not affected by this issue.
Google Antigravity یک پلتفرم نوآورانه توسعه نرمافزار است که توسط گوگل طراحی شده و بر پایه عاملهای هوش مصنوعی (AI Agents) کار میکند. این ابزار، فراتر از یک محیط توسعه (IDE) ساده است. در واقع یک سکوی «عاملمحور» (agent-first) است که به شما امکان میدهد تا وظایف پیچیدهی کدنویسی را به رباتهای هوشمند بسپارید. گوگل […]
The post معرفی و نصب Google Antigravity first appeared on طرفداران فدورا.I am sharing a story about donating, volunteering, and supporting the things I believe in to show you that there is something you could do with your skills or financial assets to turn the world in a better direction.
It’s not a secret that I donate more than $3000 a year for projects that align with my values and spend at least 80h a year volunteering. You might ask why I do something like that instead of buying a new computer or lying on the beach.Â
Let me share a a story with you:
I started supporting open-source and free software projects in 2004 when I joined the Mozilla community (the maker of Firefox).
I contributed with my skills – localization, fixing and reporting bugs, doing small code changes, and talking to people about Privacy and Freedom on the web. After that, I used the same skills for helping projects like Fedora, CreativeCommons, EFF, and more.
What was my motivation? Why did I do that?
Sometimes more than skills is needed. The majority of the projects and ideas need money. Donating helps them stay alive, motivated, and focused on their work.
At some point, I realized I could only support a few projects and ideas with my skills because I am changing, and they are changing as well, or simply because I need more time. I asked one of my mentors how I could still support their mission, and the answer was straightforward – help us with money.
Then I remembered my first days as a FOSS developer, back in the 2000s, when I received financial support for one of my projects (whois XMLRPC gateway), and how I felt. It was awesome!
Identify what change you want to see in the world and find a way to support it with your skills, peers, money, goods, or anything they need. They can’t do it by themselves. Change is a group sport.
Even though I bragged a bit initially, the best way to help and donate is to do it silently, focusing on the value you get for yourself and the value you provide to the mentee or the project!
Good luck!
Photo by Elaine Casap on Unsplash
hey everyone, it's saturday so time for another recap of adventures in fedora infrastructure and other fedora areas.
I started a discussion thread about the current scrapers we are dealing with. To summarize, anubis has cut out a bunch of them and really helped out quite a lot. It has caused some issues with clients as well, but we have been working thought those as we hear about them. The remaining scrapers are large botnets of browsers, probibly running on end user machines. Those are more troublesome to deal with.
The discussion thread is at: https://discussion.fedoraproject.org/t/scrapers-and-ideas-for-how-to-deal-with-them/175760 if anyone would like to read or contribute.
We had another run in with them eariler this morning. A great way to spend saturday morning, but I did look more carefully this time. The main cause of issues was them hitting src.fedoraproject.org and it's /history/ and /blame/ endpoints. This was causing the backend to have to do a somewhat expensive git blame/history call to the local repos and since it took a bit to come back requests piled up and latency went way up. I have for now blocked those endpoints in the src.fedoraproject.org web interface. This brought everything back to normal. If you need to do those things, you can easily clone the git repo locally and do them.
This last week, I moved pagure.io (virtually) to the new datacenter. Unfortunately it didn't go as smoothly as I had hoped. All the data synced over in about 15minutes or so, but then I tried to test it before switching it live and it just wasn't allowing me to authenticate on git pushes. Finally the light bulb went on and I realized that pagure was checking for auth, but it wasn't 'pagure.io' yet because I hadn't updated dns. ;( It's always DNS. :) After that everything went fine. There were a few loose I had to fix up the next day: mirroring out was not working because we didn't have ssh outgoing listed as allowed. Uploading releases wasn't working due to a selinux labeling issue, and finally our s390x builders couldn't reach it because I forgot they needed to do that. Hopefully pagure.io is all happy now and I even gave it more resources in the new dc.
Monday the actual physical move happens. See: https://pagure.io/fedora-infrastructure/issue/12955 for more details. Mostly, folks shouldn't notice these machines moving. abrt submissions will be down, and download-cc-rdu01 will be down, but otherwise it should be a big nothing burger for most folks. Machines will move monday and we will work tuesday to reinstall/reconfigure things and bring it all back up.
There is going to be a short outage of our fedora.im and fedoraproject.org matrix servers. We are migrating to the new MAS setup (Matrix Authentication Server). This will allow clients to use things like element-x and also is a important step we wanted to complete before moving forward on deploying our own matrix servers.
A number of groups have already moved over to forge.fedoraproject.org from pagure.io. I really was hoping to move infrastructre, but haven't had the cycles yet. We do have the orgs created now and are planning on moving our docs over very soon. I don't know if we will move tickets before the end of the year or not, but we will see.
So, I committed myself to doing a docs pr/issue/something every day in December, and so far I am doing so! 6 days and 6 PR's and more tickets updated. Hopefully I can keep it up.
As always, comment on mastodon: https://fosstodon.org/@nirik/115674367344830186
در این ویدیو جذاب، تیم سازنده با همراهی لینوس توروالدز، خالق هسته (Kernel) سیستم عامل گنو/لینوکس تلاش میکنند یک کامپیوتر «کاملاً ایدهآل» برای اجرای لینوکس بسازند. در طول ویدیو، از انتخاب دقیق قطعات سختافزاری گرفته تا بررسی نکات فنی و بهینهسازی تجربه کاربری، همهچیز با نگاه تخصصی و واقعگرایانه توروالدز و نصب فدورا پیش میرود. […]
The post ساخت کامپیوتر ایدهآل برای لینوکس با نظر لینوس توروالدز first appeared on طرفداران فدورا.We're happy to announce Kiwi TCMS version 15.2!
IMPORTANT:
This is a minor version release which includes security related updates, several improvements, new API methods and updated translations.
You can explore everything at https://public.tenant.kiwitcms.org!
---
Public container image (x86_64):
pub.kiwitcms.eu/kiwitcms/kiwi latest f8a2e8b0ce01 716MB
IMPORTANT: version tagged and multi-arch container images are available only to subscribers!
hub.kiwitcms.eu/kiwitcms/version 15.2 (aarch64) 8df913ae4061 06 Dec 2025 734MB hub.kiwitcms.eu/kiwitcms/version 15.2 (x86_64) 96d6cd67103a 06 Dec 2025 716MB hub.kiwitcms.eu/kiwitcms/enterprise 15.2-mt (aarch64) 976dfcbd1e50 06 Dec 2025 1GB hub.kiwitcms.eu/kiwitcms/enterprise 15.2-mt (x86_64) 4e528923ba04 06 Dec 2025 976MB
IMPORTANT: version tagged, multi-arch and Enterprise container images are available only to subscribers!
Follow the Upgrading instructions from our documentation.
Happy testing!
---
If you like what we're doing and how Kiwi TCMS supports various communities please help us grow!
Release Candidate versions are available in the testing repository for Fedora and Enterprise Linux (RHEL / CentOS / Alma / Rocky and other clones) to allow more people to test them. They are available as Software Collections, for parallel installation, the perfect solution for such tests, and as base packages.
RPMs of PHP version 8.5.1RC1 are available
RPMs of PHP version 8.4.16RC1 are available
RPMs of PHP version 8.3.29RC1 are available
ℹ️ The packages are available for x86_64 and aarch64.
ℹ️ PHP version 8.2 is now in security mode only, so no more RC will be released.
ℹ️ Installation: follow the wizard instructions.
ℹ️ Announcements:
Parallel installation of version 8.5 as Software Collection:
yum --enablerepo=remi-test install php85
Parallel installation of version 8.4 as Software Collection:
yum --enablerepo=remi-test install php84
Parallel installation of version 8.3 as Software Collection:
yum --enablerepo=remi-test install php83
Update of system version 8.5:
dnf module switch-to php:remi-8.5 dnf --enablerepo=remi-modular-test update php\*
Update of system version 8.4:
dnf module switch-to php:remi-8.4 dnf --enablerepo=remi-modular-test update php\*
Update of system version 8.3:
dnf module switch-to php:remi-8.3 dnf --enablerepo=remi-modular-test update php\*
ℹ️ Notice:
Software Collections (php83, php84, php85)
Base packages (php)
Wait, what? RISC-V? In ‘the diary of AArch64 porter’? WTH?
Yes, I started working on Fedora packaging for the 64-bit RISC-V architecture port.
About a week ago, one of my work colleagues asked me about my old post about speeding up Mock. We had a discussion, I pointed him to the Mock documentation, and gave some hints.
It turned out that he was working on RISC-V related changes to Fedora packages. As I had some spare cycles, I decided to take a look. And I sank…
The 64-bit RISC-V port of Fedora Linux is going quite well. There are over 90% of Fedora packages already built for that architecture. And there are several packages with the riscv64 specific changes, such as:
Note that these changes are temporary. There are people working on solving toolchain issues, languages are being bootstrapped (there was a review of Java changes earlier this week), patches are being integrated upstream and in Fedora, and so on.
There is the Fedora RISC-V tracker website showing the progress of the port:
This is a simple way to check what to work on. And there are several packages, not built yet due to use of “ExclusiveArch” setting in them.
The quick look at work needed reminded me of the 2012-2014 period, when I worked on the same stuff but for AArch64 ports (OpenEmbedded, Debian/Ubuntu, Fedora/RHEL). So I had a knowledge, I knew the tools and started working.
In the beginning, I went through entries in the tracker and tried to triage as many packages as possible, so it will be more visible which ones need work and which can be ignored (for now). The tracker went from seven to over eighty triaged packages in a few days.
Then I looked at changes done by current porters. Which usually meant David Abdurachmanov. I used his changes as a base for the changes needed for Fedora packaging, while trying to minimise the amount of them to the minimum required.
I did over twenty pull requests to Fedora packages during a week of work.
But which hardware did I use to run those hundreds of builds? Was it HiFive Premier P550? Or maybe Milk-V Titan or another RISC-V SBC?
Nope. I used my 80-core, Altra-based, AArch64 desktop to run all those builds. With the QEMU userspace helper.
You see, Mock allows to run builds for foreign architectures — all you need is
the proper qemu-user-static-* package and you are ready to go:
$ fedpkg mockbuild -r fedora-43-riscv64
You can extract the “fedora-43-riscv64” Mock config from the mock-riscv64-configs.patch hosted on Fedora RISC-V port forge. I hope that these configuration files may be found in the “mock-core-configs” in Fedora soon.
At some point I had 337 qemu-user-static-riscv processes running at same
time. And you know what? It was still faster than a native build on 64-bit
RISC-V hardware.
But, to be honest, I only compared a few builds, so it may be better with other builders. Fedora RISC-V Koji uses wide list of SBCs to build on:
Also note that using QEMU is not a solution for building a distribution. I used it only to check if package builds, and then scrap the results.
Will I continue working on the RISC-V port of Fedora Linux? Probably yes. And, at some point, I will move to integrating those changes into CentOS Stream 10.
For sure I do not want to invest in RISC-V hardware. Existing models are not worth the money (in my opinion), incoming ones are still old (RVA20/RVA22) and they are slow. Maybe in two, three years there will be something fast enough.
With 2025 drawing to an end Kiwi TCMS is happy to share some highlights from our usage statistics. It is really insightful to see the myriad of organizations using Kiwi TCMS.
Disclaimer: the information below was obtained via anonymous analytics and represents only instances of Kiwi TCMS which had recorded over 1000 events between 01 Jan 2025 and 31 Dec 2025 (data updated after publication). We've used publicly available data in order to identify these organizations. Note that we don't keep track of individuals or IP addresses!
If you like what we're doing and how Kiwi TCMS supports various communities please help us!
I am thrilled to announce the release of cmocka 2.0, a milestone for the cmocka project.
cmocka is a unit testing framework for C, designed to be simple, portable, and easy to use. It provides a straightforward API for writing and running tests, making it an excellent choice for developers who need to ensure the reliability and correctness of their C code.
cmocka began its journey in 2011 as a successor to Google’s cmockery. I first tried to get in contact with the developers as several bugs which have been fixed started to bitrot in their bug track. I started to fix those issues first and then address many of its limitations while maintaining the philosophy of simplicity. Since then, it has grown to become a widely-used testing framework in the C ecosystem, powering test suites for numerous closed and open-source projects.
It’s important to note that cmocka is a spare-time project. As such, things sometimes move slower than I’d like, but I try to remain committed to deliver solid, reliable releases.
This release represents a major modernization effort, bringing cmocka firmly into the “modern” C99 era while maintaining the simplicity and ease of use that users have come to expect.
One of the most significant changes in cmocka 2.0 is the migration to C99 standard integer types. The LargestIntegralType typedef has been replaced with intmax_t and uintmax_t from stdint.h, providing better type safety and portability across different platforms. Additionally, we’ve adopted the bool type where appropriate, making the code more expressive and self-documenting.
Using intmax_t and uintmax_t also allows to print better error messages. So you can now find e.g. assert_int_equal and assert_uint_equal.
cmocka 2.0 introduces a comprehensive set of type-specific assertion macros, including `assert_uint_equal()`, `assert_float_equal()`, and enhanced pointer assertions. The mocking system has also been significantly improved with type-specific macros like `will_return_int()` and `will_return_float()`. The same for parameter checking etc.
The framework now supports TAP 14 (Test Anything Protocol) with YAML diagnostics, making it easier to integrate with modern CI/CD pipelines and test result analyzers. cmocka 2.0 also supports multiple simultaneous output formats, giving you flexibility in how you consume test results.
In addition to the existing CMake support, cmocka 2.0 now includes Meson build system integration, catering to projects using modern build tools.
While cmocka 2.0 includes many improvements and changes, we’ve maintained API stability to ensure a smooth upgrade path for existing users. The ABI (Application Binary Interface) has changed, but this isn’t a concern for a unit testing library since tests are typically recompiled with each build. Your existing test code should continue to work with minimal or no modifications.
In case you find any issues you can report a bug here.
I would like to thank all the contributors who’ve helped make this release possible, whether through code contributions, bug reports, documentation improvements, or simply using cmocka in their projects.
You can download cmocka 2.0 from cmocka.org or install it through your distribution’s package manager. Full API documentation is available here. The complete changelog can be found here.
Happy testing!
We are happy to announce that the GNOME Foundation is sponsoring an Outreachy project for the December 2025 Outreachy cohort.
Outreachy provides internships to people subject to systemic bias and impacted by underrepresentation in the tech industry where they are living.
Let’s welcome Malika Asman! Malika will be working with Lucas Baudin on improving document signing in Papers, our document viewer.
The new contributor will soon get their blogs added to Planet GNOME making it easy for the GNOME community to get to know them and the projects that they will be working on. We would like to also thank our mentor, Lucas for supporting Outreachy and helping new contributors enter our project.
If you have any questions, feel free to reply to this Discourse topic or message us privately at soc-admins@gnome.org.
I’ve spent a few number of months ironing out some remaining edge cases and code paths to get this highly modified version of OpenVPN to work as stable as I intended it to. It’s basically a lighter-weight TCP-protocol focused-version of OVPN with a number of extra huge unused libraries removed, including WIN32, which I never have run anything on for the last few decades at least now. The summary of all the modifications I made comes out to roughly 3,000 lines added and over 25,000 lines of code removed! I did not remove the UDP library or protocol files from it since that was the OG VPN protocol and it doesn’t really get in the way of things, I may just leave it be anyway.
Warning: This is a really long screen capture to scroll through!
~
Over the last year, the Copr team has put a lot of effort into supporting Pulp as a storage for Copr build results. It is now time to realize the investment.
At this very moment, Copr hosts ~35k projects from ~8k Fedora users. The data consumption sits around ~37TB with only ~3TB of free disk space. With a very few exceptions, everything is stored in our “Copr backend” storage.
Our current storage is a RAID array of block devices with the Ext4 filesystem. For various reasons, AWS block devices larger than 16TB are either hard to maintain or expensive. We plan to solve this problem by migrating to an S3 object storage and Pulp, which is a mature and durable-by-default solution for managing software repositories.
We have already migrated all Copr team projects to Pulp to dogfood the integration on ourselves, and we have already migrated one large project to avoid running out of disk space.
Our goal is to stop using the current “Copr backend” storage for all new projects and migrate all existing project results to Pulp.
To summarize, the change should be transparent to you, there are no UI/UX changes, and your builds may be paused while your project is being migrated.
For a detailed, step-by-step plan with dates and tracked progress, please see the Pulp Migration Schedule. Roughly, the plan is as follows:
If you have any questions or worries regarding our migration of data to Pulp, please let us know:
I keep not having time to work on documentation, and it's so very important, so in an effort to see what progress I can make I am going to try and submit / merge at least one doc pull-request or close / comment on at least one docs ticket every day in december.
I'm going to concentrate on the infrastructure docs of course, but I might branch out into other areas where I could help.
When we moved our docs over to https://pagure.io/infra-docs-fpo/ we also created tickets to review all our standard operating procedures, and I can definitely work on cutting those down.
I also might miss some days, but then again I might do more on some other days, but I am going to try and do something every day in december. The most challenging days are likely to be in the next few weeks before the holdays as I am trying to get a datacenter move done and finish things up.
I'm just doing this myself, but if others would like to join in feel free to do so! I'd also love to have folks reviewing the pr's I submit also.
Should be fun!
Comments/replies:
Here is a short shell script to show last logins from SSH, XRDP, SUDO and Cockpit. In addition it show potential disk problems from S.M.A.R.T.
#!/bin/sh
default_since='-1days'
default_priority=info
read -r -d "" data << END_OF_DATA
System login ^ systemd-logind ^ info ^ ^ New session
XRDP ^ xrdp-sesman ^ debug ^ -5days ^ logged in|Received system login request
Cockpit login ^ cockpit-session ^ ^ ^ session opened
SUDO ^ sudo ^ ^ ^ session opened
Storage problems ^ smartd ^ ^ -1days ^ uncorrectable|unreadable
END_OF_DATA
trim() {
local s="$*"
# remove leading whitespace
s="${s#"${s%%[![:space:]]*}"}"
# remove trailing whitespace
s="${s%"${s##*[![:space:]]}"}"
printf '%s' "$s"
}
IFS="^"
echo "$data" | while read title slid priority since grep; do
effective_since=$default_since
effective_priority=$default_priority
[[ -n "$(trim $since)" ]] && effective_since="$(trim $since)"
[[ -n "$(trim $priority)" ]] && effective_priority="$(trim $priority)"
echo "$(trim $title)"
journalctl \
--no-pager \
--no-tail \
--since $effective_since \
--priority $effective_priority \
--reverse \
--grep "$(trim $grep)" \
-- SYSLOG_IDENTIFIER="$(trim $slid)"
echo; echo
doneI made it with the help of Cockpit Logs feature that shows the actual command being executed based on how you configure it.
The most important part of the script is the journalctl command. Everything else are defaults, the list of desired syslog identifiers and what to extract from them, and output formatting.
Cockpit is the modern Linux admin interface. We release regularly.
Here are the release notes from Cockpit 352 and cockpit-machines 345:
Cockpit’s healtchard will now show warning when the system was shutdown uncleanly.
Cockpit used to add both VNC and SPICE graphics when creating new virtual machines. Now only VNC graphics are added. We have made this change since Cockpit itself does not benefit from SPICE graphics, and we think that opening the SPICE port for a running machine should be intentional on part of the user and not happen silently and surprisingly.
Cockpit 352 and cockpit-machines 345 are available now:
comments? additions? reactions?
As always, comment on mastodon: https://fosstodon.org/@nirik/115794282914919436