Dirk Eddelbuettel: RcppEigen 0.3.3.9.2 on CRAN: Maintenance
April 8, 2022, 11:31 PM
A new release 0.3.3.9.2 of RcppEigen arrived on CRAN today (and already went to Debian). Eigen is a C++ template library for linear algebra: matrices, vectors, numerical solvers, and related algorithms.
This update was (as it happens) requested by CRAN as R aims to bring the Fortran / C interface to best practices. We call dgesdd twice in one example and use a character argument, and the-powers-that-be now prefer better control over that character argument. So we did. Another change, kindly cont...
Reproducible Builds: Reproducible Builds in March 2022
April 8, 2022, 8:14 AM
Welcome to the March 2022 report from the Reproducible Builds project! In our monthly reports we outline the most important things that we have been up to over the past month.
The in-toto project was accepted as an “incubating project” within the Cloud Native Computing Foundation (CNCF). in-toto is a framework that protects the software supply chain by collecting and verifying relevant data. It does so by enabling libraries to collect information about software supply chain actions and ...
Jacob Adams: The Unexpected Importance of the Trailing Slash
April 8, 2022, 12:00 AM
For many using Unix-derived systems today, we take for granted
that /some/path and /some/path/ are the same.
Most shells will even add a trailing slash for you when you press the Tab key
after the name of a directory or a symbolic link to one.
However, many programs treat these two paths as subtly different in certain cases,
which I outline below, as all three have tripped me up
in various ways1.
POSIX and Coreutils
Perhaps the trickiest use of the trailing slash in a distinguishing way is in...
Steinar H. Gunderson: Ubuntu plocate security review
April 7, 2022, 2:30 PM
Seemingly, the Ubuntu security team made a (quick!) review of plocate prior to
inclusion in main. I'm pretty happy about the result:
I reviewed plocate 1.1.15-1ubuntu2 as checked into jammy. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
plocate is a locate implementation based on posting lists and io_uring,
intended as a drop-in replacement for mlocate.
- No CVE History.
- Build-Depends on liburing and libzstd
- The pre/post inst/rm scripts adds a ploc...
Jonathan Dowland: Hope in a Darkened Heart
April 6, 2022, 8:01 PM
I first heard Virginia Astley via Lauren Laverne, who played (I think) "With my
eyes wide open" from her first album, "From Gardens Where We Feel Secure". Mostly
ambient, a conceptual piece about a garden in an English Summer, spanning dawn to
dusk. Bucolic ambient, dream pop.
It was a little outside my wheel-house, but I loved it, and wanted to find out
more. I soon learned that official, physical copies of it were rare and
Some time later I stumbled across her second album...
Thorsten Alteholz: My Debian Activities in March 2022
April 6, 2022, 5:01 PM
This month I accepted 332 and rejected 15 packages. This ratio gives a reason to hope. The overall number of packages that got accepted was 342.
This was my ninety-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.
This month my all in all workload has been 40h. During that time I did LTS and normal security uploads of:
[DLA 2932-1] tiff security update for three CVEs
[DLA 2931-1] cyrus-sasl2 security for one CVE
Bits from Debian: Infomaniak Platinum Sponsor of DebConf22
April 6, 2022, 10:30 AM
We are very pleased to announce that Infomaniak
has committed to support DebConf22 as a
Platinum sponsor. This is the fourth year in a row that Infomaniak is
sponsoring The Debian Conference with the higher tier!
Infomaniak is Switzerland's largest web-hosting company,
also offering backup and storage services, solutions for event organizers,
live-streaming and video on demand services.
It wholly owns its datacenters and all elements critical to the functioning of the services and products prov...
Jonathan Dowland: One, by Be
April 6, 2022, 8:59 AM
The sublime One, by Be is a pastoral, English summer time instrumental improvisation around field recordings and the theme of the honey bee. A lovely piece to accompany deep thinking. I’m reminded of Virginia Astley. Be are associated with Caught by the River, a collective who explore ways of setpping out of daily digital live and embrace, nature, walks, calm, etc....
Jonathan Dowland: My Life In The Bush Of Ghosts
April 6, 2022, 8:59 AM
My Life In The Bush Of Ghosts is a weird sound-collage-style album by Brian
Eno and David Byrne, released in 1981. It has African-inspired rhythms layered
with lots of samples from American radio and TV. It sounds almost like a field
recording of the United States was made by wildlife surveyors.
My copy is the UK first
which includes the track "Qu'ran" which was removed from later editions (and
re-instated again later on).
I previously wrote about uploading multitracks for two
Jonathan Dowland: Death from Above
April 6, 2022, 8:59 AM
I received the last two Death From Above albums at Christmas and this weekend managed to give the first (Outrage Is Now) a spin. Pretty colours! They remain one of the best bands to see live. Last time I saw them in a support slot in Newcastle. My friend Rob, a man of few words said “I wouldn’t want to have to follow them on stage!”...
Jonathan Dowland: Stanley Kubrick's A Clockwork Orange (Music From The Soundtrack)
April 6, 2022, 8:59 AM
I was reminded of this record over the weekend, as Radio 4's Front Row was
discussing the 50th anniversary of Kubrick's movie. To me, the
soundtrack has a strange, whimsical, almost cynical element to it (especially
with the selection of things like Pomp and Circumstance), but I was
familiar with the movie before the soundtrack and it might just be the
association that triggers those feelings.
I think I picked this up at Tynemouth Market when I lived close by, but I'm
not sure. I am sur...
Matthew Garrett: Bearer tokens are just awful
April 5, 2022, 6:54 AM
As I mentioned last time, bearer tokens are not super compatible with a model in which every access is verified to ensure it's coming from a trusted device. Let's talk about that in a bit more detail.First off, what is a bearer token? In its simplest form, it's simply an opaque blob that you give to a user after an authentication or authorisation challenge, and then they show it to you to prove that they should be allowed access to a resource. In theory you could just hand someone a randomly gen...
Dirk Eddelbuettel: RcppSpdlog 0.0.8 on CRAN: Upstream Update
April 5, 2022, 12:48 AM
A new version 0.0.8 of RcppSpdlog is now on CRAN. RcppSpdlog bundles spdlog, a wonderful header-only C++ logging library with all the bells and whistles you would want that was written by Gabi Melman, and also includes fmt by Victor Zverovich.
This release brings a new upstream release 1.10.0 of spdlog. The (minimal) NEWS entry for this release follows.
Changes in RcppSpdlog version 0.0.8 (2022-04-04)
Upgraded to upstream releases spdlog 1.10.0
Courtesy of my CRANberries, there is also a dif...
Dirk Eddelbuettel: RcppArmadillo 0.11.0.0.0 on CRAN: Upstream Updates
April 5, 2022, 12:42 AM
Click here to read the complete article