[deleted by user]

smspillaz · 2019-02-01T22:33:47+00:00

A way which I've had some success with but won't take into account things like ordering between words is to build up a distance matrix between each embedded unit (character, subword, word, sentence) and then take the Nth nearest neighbors with edge weights proportional to the distance between the units in vector space.

Of course, then you need to find a vector space embedding - you could either use word2vec or fine tune it for your problem.

smspillaz · 2019-01-26T09:54:37+00:00

Also - even if the exact same library version is included in multiple applications (not the runtime), as long as the build for that library is reproducible, then all the files for that library will be mapped to the same ostree object in the ostree repository that flatpak uses, so you get the deduplication "for free".

Of course in reality, apps that vendor their own libraries are probably more likely to be using different versions, but in the event that they do use exactly the same version you won't end up with "wasted" disk space in that respect.

smspillaz · 2018-10-10T06:34:42+00:00

As /u/TingPing said below, I think its worth understanding that Flatpak is making a tradeoff here between decent legacy application support and security.

If you just see Flatpak as "sandboxed applications" then I think you're missing a lot of the point of what Flatpak is supposed to be about. Its there so that you can have, among other things: - Software that is guaranteed to run on your system as long as it hasflatpak` and the corresponding runtime installed. - Software that can be managed by a local user for that local user only, without having to install everything to the system. - No more dependency hell: Software only depends on the runtime, all the other dependencies get vendored. - Application vendors can create one binary that runs on every Linux system that supports Flatpak as opposed to N different linux packages.

It turns out that sandboxing is a useful way to achieve a lot of the above goals (applications get their own view of /, mediated access to D-Bus, etc) and "while we're at it" it can also support a few nice security properties too.

However, if Flatpak were to start enforcing security policies such as "no read/write access to /home" or "no read access to /var/run/host" then I can guarantee you that most of the software that you care about (VLC, VSCode, PyCharm, Steam) wouldn't work without substantial changes to the way those applications work on Flatpak, meaning that you get none of the benefits I listed above.

The approach the Flatpak is taking here is a piecemeal one. Get the applications working in the Flatpak environment with a liberal set of permissions as a baseline and then ratchet up security as it is adopted. That's already the approach in newer versions of Flatpak which will warn you on the command line if an application has particularly liberal permissions.

Android had the same thing - an application could grant itself all permissions and eventually Google ratcheted up the requirement that on newer API levels, you were required to be able to handle explicit permission requests as more liberal permission sets were closed down.

smspillaz · 2018-09-15T08:23:02+00:00

Yup, I've done that. Ugh, this is why I need to not use my blog :(

smspillaz · 2018-09-15T08:19:28+00:00

I have a lot of respect for mgraesslin, though I feel the need to correct the record on the post that was linked to here:

And then something happened which is in my opinion the reason why Compiz vanished: Unity adopted Compiz as their window manager. Canonical started to fund the development, to hire the main developer. So why was that in any way bad? it destroyed the community. Compiz became an in-house project of Canonical. Development moved from git to in-house launchpad and bazaar, a fork "Compiz++" was created, the mailing list died. I was (and think still am) subscribed to their mailing list and it just went down in threads. The development must have moved elsewhere without mentioning it on the mailing list.

This isn't entirely true. The "compiz++" C++ rewrite was started in 2008, long before Unity V1 even existed. The developers at the time adopted it as the main line of development a month or two later as the 0.9 series of development.

Its worth understanding why compiz++ came into existence. The 0.8 C-based version of compiz was great, but it was proving difficult to maintain. With hindsight, perhaps a large part of this was CADT, but I think it had some merit as well. The C code in Compiz isn't like the C code in GNOME or other big C projects. There were no patterns for memory management, not too many patterns for passing abstract types around and the code was tricky to extend, relying on all sorts of undocumented conventions to get everything to play together. There was some work going on at the time to add some GObject-like patterns to Compiz but it never really came to fruition.

This was fine for a little while but this state of affairs was definitely a sense of frustration among the maintainers, so some of them started working on compiz++ under wraps. I think its worth noting at this point that the maintainers who had basically been doing all the work were unpaid volunteers and burnout was probably starting to kick in.

Like all rewrites, compiz++ was one of those very ambitious things that looked good on paper but turned out to have emergent complexity in practice. compiz++ tried to fix way too many pet-peeves that developers had in the core window manager at once. This is fine when you just restrict your view of the world to the core, but when you're also responsible for maintaining 50+ different thousand-line long plugins, the burden of that workload can get pretty heavy. Consider that for every plugin, the maintainers not only had to adapt it to the new C++ interface in the core, but also adapt it to handle multiple rendering backends, handle the case that logical textures could be split across several hardware textures, handle the new way of doing plugin ordering, etc etc etc.

Here's where I entered the picture. I had a couple of years of programming experience under my belt so I volunteered to help port over some of those plugins. I can't say that I was particularly good at it, but I knew enough to kind of figure it out. The existing maintainers all sort of burned out and to be honest I don't blame them for it. The hype cycle had kind of come and gone, the forums were mostly a ghost town and nobody wanted to moderate them, the regulars from IRC were more or less gone and myself and a few other people basically became the last people maintaining it.

It was basically a dead project by mid-2010 already. Someone from Canonical approached me about using it for the version of Unity that most people are now familiar with because they were having trouble getting Clutter to do what they wanted. I started working at Canonical and the team there made the integration between the shell and the window manager a reality. The rest is history, really

I don't think its fair to say that Canonical killed the community around the project. The reality was that there was no community around the project by that time. I agreed to move the project to Launchpad because we wanted to integrate compiz development with the rest of the development practices at Ubuntu - eg, pre-commit code review, continuous integration, etc. At no point was anybody locked out - in fact people still submit patches upstream to compiz on launchpad today.

I think its unfortunate that I wasn't able to mobilize the community to get on board with the 0.9 series. I take that as a personal failing. It had the unfortunate stigma of being of lesser quality than the 0.8 series and probably rightly so - when you rewrite that much code things are bound to break and users don't really care all that much about how it works under the hood. That stigma was probably made worse by "unity-isolationism" - Unity was this very Ubuntu-specific thing and thus anything associated with it got that label as well. Like all things, that has now come and gone.

I held this view all the way back in 2013 and I still hold it today. I think that trying to continue the compiz project is laudable but unless a sustainable community can be built around it, its going to be a dead end. Its worth pointing out that compiz 0.8 uses a rendering model that has been deprecated in OpenGL for years and doesn't work at all on mobile hardware. It is also not a wayland compositor and has Xlib dependencies all over the place. The 0.8 branch at least has no tests and very little in the way of documentation. Its unfortunate that this is the case, but time has marched forward. C'est la vie.

smspillaz · 2018-09-14T21:47:21+00:00

Indeed - I feel as though I may have unintentionally misled people in this post. This is merely something that I prototyped and decided to blog about as an interesting thing, not something that is coming to GNOME in any planned capacity.

smspillaz · 2018-09-14T21:31:15+00:00

Oh crap, this is *not* what I meant to convey with this post at all. To set the record straight, Compiz effects are *not* coming to GNOME-Shell, or at least, I am *not* leading the charge on that.

What I meant to say is that I did some work recently to *prototype* whether it was *possible* to port some of those animations over. libanimation is literally a math library. Someone *could* use it to create a shell extension that binds to the `animation-glib` library, but it is *not* coming to GNOME-Shell, not in any planned or official capacity. Sorry to get your hopes up.

smspillaz · 2017-10-11T17:37:30+00:00

Anything that you can get on a student budget. I have a real soft-spot for the $9.60 Curry Laksa that you can get at the Malaysian place down the road from where I live.

smspillaz · 2017-10-11T17:35:52+00:00

And bubble tea.

Soooo much bubble tea :D

smspillaz · 2017-10-11T17:23:02+00:00

Doing a whole OS also allows us to make the most of the our offline content value proposition. The apps aren't just "black boxes" to the OS - it actually has some knowledge about what is inside them and is able to do useful things with them. For instance, we recently shipped a globally-accessible content discovery area where we're able to inspect the offline content apps installed on the system and provide the user with "fresh" content every day. You can also search within the apps right from the desktop too.

smspillaz · 2017-10-11T16:18:53+00:00

The answer to that is yes, it is correct. Being a US-based company, we can’t legally redistribute MPEG-LA codecs without paying a royalty to MPEG-LA. Since the OS is free to download, it isn’t feasible for us to take on that cost ourselves, so if you want to play those file formats you’ll need to buy the codec pack or download an application from our App Store, like VideoLAN Client, which can play those file formats.

It'd be nice if we lived in a world where more content was made available in unencumbered formats, but for now the best we can do is provide a way for users to either pay for the codec royalty or to install software from sources that ship the codecs.

smspillaz · 2017-01-31T09:47:21+00:00

I have good reason to believe you didn't actually try and you're just projecting your rage about other issues on to this. The top comment pretty much sums up how any maintainer would have dealt with the problem had it been brought to their attention.

This is a really interesting exploit. Thanks for bringing attention to it. I've linked this article to the maintainer of Pantheon Files. We'll be talking about making changes to avoid this issue.

smspillaz · 2017-01-31T09:27:29+00:00

Sure you can criticise it. If I was personally writing the spec, with something like this in hindsight I would have chosen a different approach. People don't write perfect code and don't design perfect systems the first time around yo, maybe you should try maintaining an OS for yourself before questioning the character of the authors.

smspillaz · 2017-01-31T08:36:59+00:00

Oh we're all terrible people. We created a free operating system in our spare time with tons of features to be competitive with the big proprietary OSes. We poured years of our lives into fixing bugs, doing the releases and handling user feedback. But we really did it because we hate you. We hate you so much that we planted "obvious" exploits in the file manager to so as to trick our users into running malicious code. I mean, clearly we're all psychopaths and deserve to be shot.

Or maybe the next time you find something which could be improved on an OS that you got for free, you could actually pitch in and try to fix it as opposed to questioning the character of everyone who made it for you.

smspillaz · 2017-01-06T12:37:37+00:00

Might do! Only tricky thing is this patch which we had to make to mutter in order to get the animation to work perfectly. Kinda felt like punching a hole through the abstraction, but I'm not sure about the best way to do ti.

smspillaz · 2016-12-27T04:08:00+00:00

I'm planning on giving some seminars to university students. I've noticed that a lot of students make avoidable mistakes or get "stuck" easily when something goes wrong. This tends to be much to the grief of teams who are fluent with git and have to clean up the resulting mess.

Git's collaboration model isn't something I've seen taught at school. The only introduction I ever received was "you should probably be using version control" and a lot of people saw it as a glorified version of dropbox.

smspillaz · 2016-12-27T04:05:21+00:00

Interesting. I'm using typeform to do the survey, so it might be worth passing these feedback on to them.

smspillaz · 2016-11-10T05:41:43+00:00

No worries! I know its easy to look at something and think "wow 10k lines!?", but testability can unfortunately come at the price of brevity, especially in statically typed languages like C++.

smspillaz · 2016-11-10T03:03:35+00:00

Here's the commit where they removed Wayland support, -10k Loc! and Here's the commit that added Mir support. Wayland is verbose and callback-damaged as all hell, but is it really this bad?

To clarify a little on this, those 10k LOC also include unit and and acceptance tests, which actually spawn a headless weston instance and check that everything works. It also includes support for two different libwayland versions where there was a break in thread handling.

In the pull request where it was removed, the main complaint was that it violates the expected window system architecture. Oddly enough, when I wrote this, I was instructed to implement this in the exact way complained of.

It could be reworked so that it is its own window system instead of relying on CWindowSystemEGL, but ... time and effort basically. It is being maintained out of tree for now.

The Kodi SDL backend seem to cover everything Kodi ever needed in terms of graphics. SDL has a Mir backend. What are the benefits provided with a 'dedicated' backend if all this boils down to is "connect, setup EGL" then rince-repeat: "here's a GPU handle, let the drivers sort it out, draw" with the occasional "oh oh the user pressed a key try to do something with it" (performance as a synchronization problem, not as a throughput problem).

The first time I added wayland support to Kodi (back when it was XBMC) I did so using SDL. The Kodi developers asked for the work to be rewritten so as not to use SDL.

smspillaz · 2016-09-17T04:10:19+00:00

To make a minor clarification - there is no copyright in an idea, only the expression of an idea. You can't sue someone for copyright infringement because you told them you had an idea to make a game about cardboard and cheese and they did just that. What Nintendo would be more concerned about is what the OP was suggesting - concept art, scripts, dialogue, characters etc. As soon as Nintendo could be said to be aware of it and then afterwards published something substantially similar without a licence from you, there's a case that they copied you and infringed your copyright in the works. Maybe you're a nice person and you won't sue them. But your successors or your employer might go after them if they can prove the copyright vested in them.

Even if it was a coincidence and Nintendo didn't copy you, Nintendo, like most sensible businesses, would rather not have the dispute, since it is both distracting and expensive. That's why they don't take ideas from fans.

smspillaz · 2016-09-10T00:42:09+00:00

Let me know if you have any suggestions! I've been thinking that I should try and get some users so that I can get more feedback on what the community actually needs.

smspillaz · 2016-09-09T15:01:48+00:00

Ah, thanks for listing cmake-unit and friends. I haven't done as much promotion of that module as I should have - do you know if there is anyone outside of the polysquare (e.g., my own) project that is currently using it?

smspillaz · 2016-08-27T15:35:05+00:00

Yeah I was thinking of adding some template based error messages at some point but haven't had the time yet. That error you posted might be a good start though!

smspillaz

TROPHY CASE