Michal Čihař - Blog Archives for English

Gammu 1.37.4

It has been almost three months since last Gammu release and it's time to push fixes out to users. This time the amount of fixes is quite small, covering Huawei devices and text mode for sending SMS.

Full list of changes in 1.37.4:

  • Improved support for Huawei E3131.
  • Fixed SMS support for MULTIBAND 900E.
  • Fixed SMS created in text mode.

Would you like to see more features in Gammu? You an support further Gammu development at Bountysource salt or by direct donation.

Weekly phpMyAdmin contributions 2016-W31

Going back to more or less normal work mode, last week was again more focused on bug handling and improvements.

I've focused on our website, mostly due to some feedback we got from security reviews. It no longer lists MD5 checksums in favor for SHA1 and SHA256. The same change has been applied to themes as well. Besides that I've worked on making the website layout responsive, so that it works reasonably on small screens as well. In the end I've chosen to use Bootstrap for that. This work has been submitted as pull request for review. While working on the hashes, I've realized that we could do more to tell users to verify the downloaded version, so that ended up in second pull request, which adds post download popup showing information how to verify the download (preferring PGP if the release has been signed). Both changes are still pending, but will most likely be merged and put online this week.

Besides website, I've mostly spent time on reviewing pull requests, where we got quite some amount of them and were sitting in the tracker without any feedback. Many of them could be immediately merged, others have received feedback on how to improve them to make them ready for merge.

Handled issues:

Weekly phpMyAdmin contributions 2016-W30

After few weeks of silence, here is another weekly report. The silence was not caused by lack of work being done, but lack of work which could be publicly announced. Things seem to be much calmer now, so regular bug fixing or improvements are on the table now as well.

The biggest improvements this week is cleanup in connection parameters handling, which will allow to specify any additional configuration for control user connection (eg. SSL setup).

Handled issues:

New projects on Hosted Weblate

For almost two months I found very little time to process requests to host free software on Hosted Weblate. Today the queue has been emptied, what means that you can find many new translations there.

To make it short, here is list of new projects:

PS: If you didn't receive reply for your hosting request today, it was probably lost, so don't hesitate to ask again.

Weblate 2.7

Slightly later than on monthly schedule but Weblate 2.7 is out today. This release brings improvements to the API and is first to officially support wlc a command line client for Weblate.

Full list of changes for 2.7:

  • Removed Google web translate machine translation.
  • Improved commit message when adding translation.
  • Fixed Google Translate API for Hebrew language.
  • Compatibility with Mercurial 3.8.
  • Added import_json management command.
  • Correct ordering of listed traslations.
  • Show full suggestion text, not only a diff.
  • Extend API (detailed repository status, statistics, ...).
  • Testsuite no longer requires network access to test repositories.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

wlc 0.4

wlc 0.4, a command line utility for Weblate, has been just released. This release doesn't bring much changes, but still worth announcing.

The most important change is that development repository has been moved under WeblateOrg organization at GitHub, you can now find it at https://github.com/WeblateOrg/wlc. Another important news is that Debian package is currently waiting in NEW queue and will hopefully soon hit unstable.

wlc is built on API introduced in Weblate 2.6 and still being in development. Several commands from wlc will not work properly if executed against Weblate 2.6, first fully supported version will be 2.7 (current git is okay as well, it is now running on both demo and hosting servers). You can usage examples in the wlc documentation.

uTidylib 0.3

Several years ago I've complained about uTidylib not being maintained upstream. Since that time I've occasionally pushed some fixes to my GitHub repository with uTidylib code, but without any clear intentions to take it over.

Time has gone and there was still no progress and I started to consider becoming upstream maintainer as well. I quickly got approval from Cory Dodt, who was the original author of this code, unfortunately he is not owner of the PyPI entry and the claim request seems to have no response (if you know how to get in touch with "cntrlr" or how to take over PyPI module please let me know).

Anyway the amount of patches in my repository is big enough to warrant new release. Additionally Debian bug report about supporting new HTML tidy library came in and that made me push towards releasing 0.3 version of the uTidylib.

As you might guess, the amount of changes against original uTidylib is quite huge, to name the most important ones:

Anyway as I can not update PyPI entry, the downloads are currently available only on my website: https://cihar.com/software/utidylib/

PHP shapefile library

Since quite a long time phpMyAdmin had embedded the bfShapeFiles library for import of geospatial data. Over the time we had to apply fixes to it to stay compatible with newer PHP versions, but there was really no development. Unfortunately, as it seems to be only usable PHP library which can read and write ESRI shapefiles.

With recent switch of phpMyAdmin to dependency handling using Composer I wondered if we should get rid of the last embedded PHP library, which was this one - bfShapeFiles. As I couldn't find alive library which would work well for us, I resisted that for quite long, until pull request to improve it came in. At that point I've realized that it's probably better to separate it and start to improve it outside our codebase.

That's when phpmyadmin/shapefile was started. The code is based on bfShapeFiles, applies all fixes which were used in phpMyAdmin and adds improvements from the pull request. On top of that it has brand new testsuite (the coverage is still much lower than I'd like to have) and while writing the tests several parsing issues have been discovered and fixed. Anyway you can now get the source from GitHub or install using Composer from Packagist.

PS: While fixing parser bugs I've looked at other parsers as well to see how they handle some situations unclear in the specs and I had to fix Python pyshp on the way as well :-).

Weekly phpMyAdmin contributions 2016-W25

As you could see from the release news it has been quite busy week in terms of fixing security issues. It has actually started just after announcement of security audit funded by Mozilla SOS Fund. It seems this is best way to attract attention security reviewers and we got really a lot of it.

So most of work in last two weeks was to deal with incoming security reports. Fortunately there is still nothing critical if you are not using ancient unpatched PHP version which is vulnerable to null termination of strings. This was quite hard work as immediately once we started to think about releasing version with fixes, new report came in and the process repeated several times. Fortunately we've made it to do three security releases (one for each supported branch) and it seems that we've not broken anything (at least there is no bug report indicating that).

Let's see what next weeks bring and how much security work will be there, but we definitely should focus on doing some reviews continuously rather than doing such one off actions.

On the other side in terms of handled public issues this week was really low volume: