X-Git-Url: https://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/b4ef080250d688bdc4fbeaf55f50fc89c8c435f2..ae5db6d19f3d85fdd5e7bd4c12be28fa3f15fc43:/blog/archive/2014/04/04.rss?ds=inline
diff --git a/blog/archive/2014/04/04.rss b/blog/archive/2014/04/04.rss
index e41c34d999..71971f80f2 100644
--- a/blog/archive/2014/04/04.rss
+++ b/blog/archive/2014/04/04.rss
@@ -6,6 +6,144 @@
http://people.skolelinux.org/pere/blog/
+
+ Half the Coverity issues in Gnash fixed in the next release
+ http://people.skolelinux.org/pere/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html
+ http://people.skolelinux.org/pere/blog/Half_the_Coverity_issues_in_Gnash_fixed_in_the_next_release.html
+ Tue, 29 Apr 2014 14:20:00 +0200
+ <p>I've been following <a href="http://www.getgnash.org/">the Gnash
+project</a> for quite a while now. It is a free software
+implementation of Adobe Flash, both a standalone player and a browser
+plugin. Gnash implement support for the AVM1 format (and not the
+newer AVM2 format - see
+<a href="http://lightspark.github.io/">Lightspark</a> for that one),
+allowing several flash based sites to work. Thanks to the friendly
+developers at Youtube, it also work with Youtube videos, because the
+Javascript code at Youtube detect Gnash and serve a AVM1 player to
+those users. :) Would be great if someone found time to implement AVM2
+support, but it has not happened yet. If you install both Lightspark
+and Gnash, Lightspark will invoke Gnash if it find a AVM1 flash file,
+so you can get both handled as free software. Unfortunately,
+Lightspark so far only implement a small subset of AVM2, and many
+sites do not work yet.</p>
+
+<p>A few months ago, I started looking at
+<a href="http://scan.coverity.com/">Coverity</a>, the static source
+checker used to find heaps and heaps of bugs in free software (thanks
+to the donation of a scanning service to free software projects by the
+company developing this non-free code checker), and Gnash was one of
+the projects I decided to check out. Coverity is able to find lock
+errors, memory errors, dead code and more. A few days ago they even
+extended it to also be able to find the heartbleed bug in OpenSSL.
+There are heaps of checks being done on the instrumented code, and the
+amount of bogus warnings is quite low compared to the other static
+code checkers I have tested over the years.</p>
+
+<p>Since a few weeks ago, I've been working with the other Gnash
+developers squashing bugs discovered by Coverity. I was quite happy
+today when I checked the current status and saw that of the 777 issues
+detected so far, 374 are marked as fixed. This make me confident that
+the next Gnash release will be more stable and more dependable than
+the previous one. Most of the reported issues were and are in the
+test suite, but it also found a few in the rest of the code.</p>
+
+<p>If you want to help out, you find us on
+<a href="https://lists.gnu.org/mailman/listinfo/gnash-dev">the
+gnash-dev mailing list</a> and on
+<a href="irc://irc.freenode.net/#gnash">the #gnash channel on
+irc.freenode.net IRC server</a>.</p>
+
+
+
+
+ Install hardware dependent packages using tasksel (Isenkram 0.7)
+ http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
+ http://people.skolelinux.org/pere/blog/Install_hardware_dependent_packages_using_tasksel__Isenkram_0_7_.html
+ Wed, 23 Apr 2014 14:50:00 +0200
+ <p>It would be nice if it was easier in Debian to get all the hardware
+related packages relevant for the computer installed automatically.
+So I implemented one, using
+<a href="http://packages.qa.debian.org/isenkram">my Isenkram
+package</a>. To use it, install the tasksel and isenkram packages and
+run tasksel as user root. You should be presented with a new option,
+"Hardware specific packages (autodetected by isenkram)". When you
+select it, tasksel will install the packages isenkram claim is fit for
+the current hardware, hot pluggable or not.<p>
+
+<p>The implementation is in two files, one is the tasksel menu entry
+description, and the other is the script used to extract the list of
+packages to install. The first part is in
+<tt>/usr/share/tasksel/descs/isenkram.desc</tt> and look like
+this:</p>
+
+<p><blockquote><pre>
+Task: isenkram
+Section: hardware
+Description: Hardware specific packages (autodetected by isenkram)
+ Based on the detected hardware various hardware specific packages are
+ proposed.
+Test-new-install: mark show
+Relevance: 8
+Packages: for-current-hardware
+</pre></blockquote></p>
+
+<p>The second part is in
+<tt>/usr/lib/tasksel/packages/for-current-hardware</tt> and look like
+this:</p>
+
+<p><blockquote><pre>
+#!/bin/sh
+#
+(
+ isenkram-lookup
+ isenkram-autoinstall-firmware -l
+) | sort -u
+</pre></blockquote></p>
+
+<p>All in all, a very short and simple implementation making it
+trivial to install the hardware dependent package we all may want to
+have installed on our machines. I've not been able to find a way to
+get tasksel to tell you exactly which packages it plan to install
+before doing the installation. So if you are curious or careful,
+check the output from the isenkram-* command line tools first.</p>
+
+<p>The information about which packages are handling which hardware is
+fetched either from the isenkram package itself in
+/usr/share/isenkram/, from git.debian.org or from the APT package
+database (using the Modaliases header). The APT package database
+parsing have caused a nasty resource leak in the isenkram daemon (bugs
+<a href="http://bugs.debian.org/719837">#719837</a> and
+<a href="http://bugs.debian.org/730704">#730704</a>). The cause is in
+the python-apt code (bug
+<a href="http://bugs.debian.org/745487">#745487</a>), but using a
+workaround I was able to get rid of the file descriptor leak and
+reduce the memory leak from ~30 MiB per hardware detection down to
+around 2 MiB per hardware detection. It should make the desktop
+daemon a lot more useful. The fix is in version 0.7 uploaded to
+unstable today.</p>
+
+<p>I believe the current way of mapping hardware to packages in
+Isenkram is is a good draft, but in the future I expect isenkram to
+use the AppStream data source for this. A proposal for getting proper
+AppStream support into Debian is floating around as
+<a href="https://wiki.debian.org/DEP-11">DEP-11</a>, and
+<a href="https://wiki.debian.org/SummerOfCode2014/Projects#SummerOfCode2014.2FProjects.2FAppStreamDEP11Implementation.AppStream.2FDEP-11_for_the_Debian_Archive">GSoC
+project</a> will take place this summer to improve the situation. I
+look forward to seeing the result, and welcome patches for isenkram to
+start using the information when it is ready.</p>
+
+<p>If you want your package to map to some specific hardware, either
+add a "Xb-Modaliases" header to your control file like I did in
+<a href="http://packages.qa.debian.org/pymissile">the pymissile
+package</a> or submit a bug report with the details to the isenkram
+package. See also
+<a href="http://people.skolelinux.org/pere/blog/tags/isenkram/">all my
+blog posts tagged isenkram</a> for details on the notation. I expect
+the information will be migrated to AppStream eventually, but for the
+moment I got no better place to store it.</p>
+
+
+
FreedomBox milestone - all packages now in Debian Sid
http://people.skolelinux.org/pere/blog/FreedomBox_milestone___all_packages_now_in_Debian_Sid.html