From e73a68ec536a27268ef8b05eaa121d2b678389d4 Mon Sep 17 00:00:00 2001
From: scateu <scateu@gmail.com>
Date: Wed, 27 Feb 2019 01:01:47 +0800
Subject: [PATCH] MIME multipart/alternative: Plain text first. (RFC2046)

---
 feed2exec/email.py                          |   15 +-
 feed2exec/tests/cassettes/planet-debian.mbx | 6930 +++++++++----------
 feed2exec/tests/files/breaking_news.mbx     |   18 +-
 feed2exec/tests/files/planet-debian.mbx     | 1616 ++---
 feed2exec/tests/files/restic.mbx            |   20 +-
 feed2exec/tests/files/rsswithpermalink.mbx  |   64 +
 feed2exec/tests/files/udd.mbx               |   12 +-
 feed2exec/tests/files/weird-dates.mbx       |   18 +-
 feed2exec/tests/test_plugins.py             |   12 +-
 9 files changed, 4389 insertions(+), 4316 deletions(-)
 create mode 100644 feed2exec/tests/files/rsswithpermalink.mbx

diff --git a/feed2exec/email.py b/feed2exec/email.py
index 848327a..0cb9607 100644
--- a/feed2exec/email.py
+++ b/feed2exec/email.py
@@ -48,6 +48,9 @@ def make_message(feed, item, to_addr=None, cls=email.message.Message):
     cs.body_encoding = '8bit'
     msg = MIMEMultipart('alternative', boundary)
     html_parts = []
+    msg_attach_queue_plain = []
+    msg_attach_queue_html = []
+    msg_attach_queue_part = []
     for content in params.get('content', []):
         if not content.value:
             continue
@@ -62,7 +65,7 @@ def make_message(feed, item, to_addr=None, cls=email.message.Message):
         html.replace_header('Content-Transfer-Encoding', '8bit')
         if subtype == 'html':
             html_parts.append(content.value)
-        msg.attach(html)
+        msg_attach_queue_html.append(html)
 
     if not msg.get_payload() and params.get('summary'):
         # no content found, fallback on summary
@@ -74,9 +77,11 @@ def make_message(feed, item, to_addr=None, cls=email.message.Message):
                         _subtype=subtype, _charset=cs)
         if subtype == 'plain':
             msg = part
+            # clear HTML attach queue
+            msg_attach_queue_html = []
         else:
             html_parts.append(params.get('summary'))
-            msg.attach(part)
+            msg_attach_queue_part.append(part)
     for content in html_parts:
         # plain text version available
         params['content_plain'] = html2text_filter.parse(content)
@@ -86,7 +91,11 @@ def make_message(feed, item, to_addr=None, cls=email.message.Message):
         text = MIMEText(body.encode('utf-8'),
                         _subtype='plain', _charset=cs)
         text.replace_header('Content-Transfer-Encoding', '8bit')
-        msg.attach(text)
+        msg_attach_queue_plain.append(text)
+
+    for _m in msg_attach_queue_plain + msg_attach_queue_part + msg_attach_queue_html:  # final output
+        msg.attach(_m)   # According to RFC 2046, plain text comes first, better.
+
     payload = msg.get_payload()
     if len(payload) == 1:
         msg = payload.pop()
diff --git a/feed2exec/tests/cassettes/planet-debian.mbx b/feed2exec/tests/cassettes/planet-debian.mbx
index d78c212..1296aba 100644
--- a/feed2exec/tests/cassettes/planet-debian.mbx
+++ b/feed2exec/tests/cassettes/planet-debian.mbx
@@ -6,120 +6,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Steinar H. Gunderson: Introducing Narabu, part 2: Meet the GPU
 Message-ID: http-blog-sesse-net-blog-tech-2017-10-19-19-16_introducing_narabu_part_2_meet_the_gpu-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://blog.sesse.net/blog/tech/2017-10-19-19-16_introducing_narabu_part_2_meet_the_gpu.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/sesse.png" width="74" height="85" alt="" align="right" style="float: right;">  <p>Narabu is a new intraframe video codec. You may or may not want to read
-<a href="https://blog.sesse.net/blog/tech/2017-10-18-09-25_introducing_narabu_part_1_introduction">part 1</a>
-first.</p>
-
-<p>The GPU, despite being extremely more flexible than it was fifteen years
-ago, is still a very different beast from your CPU, and not all problems
-map well to it performance-wise. Thus, before designing a codec, it's
-useful to know what our platform looks like.</p>
-
-<p>A GPU has lots of special functionality for graphics (well, duh), but we'll
-be concentrating on the <em>compute shader</em> subset in this context, ie., we
-won't be drawing any polygons. Roughly, a GPU (as I understand it!) is built
-up about as follows:</p>
-
-<p>A GPU contains 1–20 cores; NVIDIA calls them SMs (shader multiprocessors),
-Intel calls them subslices. (Trivia: A typical mid-range Intel GPU contains two cores,
-and thus is designated GT2.) One such core usually runs the same program,
-although on different data; there are exceptions, but typically, if your
-program can't fill an entire core with parallelism, you're wasting energy.
-Each core, in addition to tons (thousands!) of registers, also has some
-“shared memory” (also called “local memory” sometimes, although that term
-is overloaded), typically 32–64 kB, which you can think of in two ways:
-Either as a sort-of explicit L1 cache, or as a way to communicate
-internally on a core. Shared memory is a limited, precious resource in
-many algorithms.</p>
-
-<p>Each core/SM/subslice contains about 8 execution units (Intel
-calls them EUs, NVIDIA/AMD calls them something else) and some memory
-access logic. These multiplex a bunch of threads (say, 32) and run in
-a round-robin-ish fashion. This means that a GPU can handle memory stalls
-much better than a typical CPU, since it has so many streams to pick from;
-even though each thread runs in-order, it can just kick off an operation
-and then go to the next thread while the previous one is working.</p>
-
-<p>Each execution unit has a bunch of ALUs (typically 16) and executes code in a SIMD
-fashion. NVIDIA calls these ALUs “CUDA cores”, AMD calls them “stream
-processors”. Unlike on CPU, this SIMD has full scatter/gather support
-(although sequential access, especially in certain patterns, is <em>much</em> more efficient
-than random access), lane enable/disable so it can work with conditional
-code, etc.. The typically fastest operation is a 32-bit float muladd;
-usually that's single-cycle. GPUs <em>love</em> 32-bit FP code. (In fact, in some
-GPU languages, you won't even have 8-, 16-bit or 64-bit types. This is
-annoying, but not the end of the world.)</p>
-
-<p>The vectorization is not exposed to the user in typical code (GLSL has some
-vector types, but they're usually just broken up into scalars, so that's a
-red herring), although in some programming languages you can get to swizzle
-the SIMD stuff internally to gain advantage of that (there's also schemes for
-broadcasting bits by “voting” etc.). However, it is crucially important to
-performance; if you have divergence within a warp, this means the GPU needs
-to execute both sides of the if. So less divergent code is good.</p>
-
-<p>Such a SIMD group is called a warp by NVIDIA (I don't know if the others have
-names for it). NVIDIA has SIMD/warp width always 32; AMD used to be 64 but
-is now 16. Intel supports 4–32 (the compiler will autoselect based on a bunch of
-factors), although 16 is the most common.</p>
-
-<p>The upshot of all of this is that you need massive amounts of parallelism
-to be able to get useful performance out of a CPU. A rule of thumb is that
-if you could have launched about a thousand threads for your problem on CPU,
-it's a good fit for a GPU, although this is of course just a guideline.</p>
-
-<p>There's a ton of APIs available to write compute shaders. There's CUDA (NVIDIA-only, but the
-dominant player), D3D compute (Windows-only, but multi-vendor),
-OpenCL (multi-vendor, but highly variable implementation quality),
-OpenGL compute shaders (all platforms except macOS, which has too old drivers),
-Metal (Apple-only) and probably some that I forgot. I've chosen to go for
-OpenGL compute shaders since I already use OpenGL shaders a lot, and this
-saves on interop issues. CUDA probably is more mature, but my laptop is
-Intel. :-) No matter which one you choose, the programming model looks very
-roughly like this pseudocode:</p>
-
-<pre>for (size_t workgroup_idx = 0; workgroup_idx &lt; NUM_WORKGROUPS; ++workgroup_idx) {   // in parallel over cores
-        char shared_mem[REQUESTED_SHARED_MEM];  // private for each workgroup
-        for (size_t local_idx = 0; local_idx &lt; WORKGROUP_SIZE; ++local_idx) {  // in parallel on each core
-                main(workgroup_idx, local_idx, shared_mem);
-        }
-}
-</pre>
-
-<p>except in reality, the indices will be split in x/y/z for your convenience
-(you control all six dimensions, of course), and if you haven't asked for too
-much shared memory, the driver can silently make larger workgroups if it
-helps increase parallelity (this is totally transparent to you). main()
-doesn't return anything, but you can do reads and writes as you wish;
-GPUs have large amounts of memory these days, and staggering amounts of
-memory bandwidth.</p>
-
-<p>Now for the bad part: Generally, you will have no debuggers, no way of
-logging and no real profilers (if you're lucky, you can get to know how long
-each compute shader invocation takes, but not what takes time within the
-shader itself). Especially the latter is maddening; the only real recourse
-you have is some timers, and then placing timer probes or trying to comment
-out sections of your code to see if something goes faster. If you don't
-get the answers you're looking for, forget printf—you need to set up a
-separate buffer, write some numbers into it and pull that buffer down to
-the GPU. Profilers are an essential part of optimization, and I had really
-hoped the world would be more mature here by now. Even CUDA doesn't give
-you all that much insight—sometimes I wonder if all of this is because
-GPU drivers and architectures are <em>meant</em> to be shrouded in mystery for
-competitiveness reasons, but I'm honestly not sure.</p>
-
-<p>So that's it for a crash course in GPU architecture. Next time, we'll start
-looking at the Narabu codec itself.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -234,6 +125,115 @@ So that's it for a crash course in GPU architecture. Next time, we'll start
 looking at the Narabu codec itself.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/sesse.png" width="74" height="85" alt="" align="right" style="float: right;">  <p>Narabu is a new intraframe video codec. You may or may not want to read
+<a href="https://blog.sesse.net/blog/tech/2017-10-18-09-25_introducing_narabu_part_1_introduction">part 1</a>
+first.</p>
+
+<p>The GPU, despite being extremely more flexible than it was fifteen years
+ago, is still a very different beast from your CPU, and not all problems
+map well to it performance-wise. Thus, before designing a codec, it's
+useful to know what our platform looks like.</p>
+
+<p>A GPU has lots of special functionality for graphics (well, duh), but we'll
+be concentrating on the <em>compute shader</em> subset in this context, ie., we
+won't be drawing any polygons. Roughly, a GPU (as I understand it!) is built
+up about as follows:</p>
+
+<p>A GPU contains 1–20 cores; NVIDIA calls them SMs (shader multiprocessors),
+Intel calls them subslices. (Trivia: A typical mid-range Intel GPU contains two cores,
+and thus is designated GT2.) One such core usually runs the same program,
+although on different data; there are exceptions, but typically, if your
+program can't fill an entire core with parallelism, you're wasting energy.
+Each core, in addition to tons (thousands!) of registers, also has some
+“shared memory” (also called “local memory” sometimes, although that term
+is overloaded), typically 32–64 kB, which you can think of in two ways:
+Either as a sort-of explicit L1 cache, or as a way to communicate
+internally on a core. Shared memory is a limited, precious resource in
+many algorithms.</p>
+
+<p>Each core/SM/subslice contains about 8 execution units (Intel
+calls them EUs, NVIDIA/AMD calls them something else) and some memory
+access logic. These multiplex a bunch of threads (say, 32) and run in
+a round-robin-ish fashion. This means that a GPU can handle memory stalls
+much better than a typical CPU, since it has so many streams to pick from;
+even though each thread runs in-order, it can just kick off an operation
+and then go to the next thread while the previous one is working.</p>
+
+<p>Each execution unit has a bunch of ALUs (typically 16) and executes code in a SIMD
+fashion. NVIDIA calls these ALUs “CUDA cores”, AMD calls them “stream
+processors”. Unlike on CPU, this SIMD has full scatter/gather support
+(although sequential access, especially in certain patterns, is <em>much</em> more efficient
+than random access), lane enable/disable so it can work with conditional
+code, etc.. The typically fastest operation is a 32-bit float muladd;
+usually that's single-cycle. GPUs <em>love</em> 32-bit FP code. (In fact, in some
+GPU languages, you won't even have 8-, 16-bit or 64-bit types. This is
+annoying, but not the end of the world.)</p>
+
+<p>The vectorization is not exposed to the user in typical code (GLSL has some
+vector types, but they're usually just broken up into scalars, so that's a
+red herring), although in some programming languages you can get to swizzle
+the SIMD stuff internally to gain advantage of that (there's also schemes for
+broadcasting bits by “voting” etc.). However, it is crucially important to
+performance; if you have divergence within a warp, this means the GPU needs
+to execute both sides of the if. So less divergent code is good.</p>
+
+<p>Such a SIMD group is called a warp by NVIDIA (I don't know if the others have
+names for it). NVIDIA has SIMD/warp width always 32; AMD used to be 64 but
+is now 16. Intel supports 4–32 (the compiler will autoselect based on a bunch of
+factors), although 16 is the most common.</p>
+
+<p>The upshot of all of this is that you need massive amounts of parallelism
+to be able to get useful performance out of a CPU. A rule of thumb is that
+if you could have launched about a thousand threads for your problem on CPU,
+it's a good fit for a GPU, although this is of course just a guideline.</p>
+
+<p>There's a ton of APIs available to write compute shaders. There's CUDA (NVIDIA-only, but the
+dominant player), D3D compute (Windows-only, but multi-vendor),
+OpenCL (multi-vendor, but highly variable implementation quality),
+OpenGL compute shaders (all platforms except macOS, which has too old drivers),
+Metal (Apple-only) and probably some that I forgot. I've chosen to go for
+OpenGL compute shaders since I already use OpenGL shaders a lot, and this
+saves on interop issues. CUDA probably is more mature, but my laptop is
+Intel. :-) No matter which one you choose, the programming model looks very
+roughly like this pseudocode:</p>
+
+<pre>for (size_t workgroup_idx = 0; workgroup_idx &lt; NUM_WORKGROUPS; ++workgroup_idx) {   // in parallel over cores
+        char shared_mem[REQUESTED_SHARED_MEM];  // private for each workgroup
+        for (size_t local_idx = 0; local_idx &lt; WORKGROUP_SIZE; ++local_idx) {  // in parallel on each core
+                main(workgroup_idx, local_idx, shared_mem);
+        }
+}
+</pre>
+
+<p>except in reality, the indices will be split in x/y/z for your convenience
+(you control all six dimensions, of course), and if you haven't asked for too
+much shared memory, the driver can silently make larger workgroups if it
+helps increase parallelity (this is totally transparent to you). main()
+doesn't return anything, but you can do reads and writes as you wish;
+GPUs have large amounts of memory these days, and staggering amounts of
+memory bandwidth.</p>
+
+<p>Now for the bad part: Generally, you will have no debuggers, no way of
+logging and no real profilers (if you're lucky, you can get to know how long
+each compute shader invocation takes, but not what takes time within the
+shader itself). Especially the latter is maddening; the only real recourse
+you have is some timers, and then placing timer probes or trying to comment
+out sections of your code to see if something goes faster. If you don't
+get the answers you're looking for, forget printf—you need to set up a
+separate buffer, write some numbers into it and pull that buffer down to
+the GPU. Profilers are an essential part of optimization, and I had really
+hoped the world would be more mature here by now. Even CUDA doesn't give
+you all that much insight—sometimes I wonder if all of this is because
+GPU drivers and architectures are <em>meant</em> to be shrouded in mystery for
+competitiveness reasons, but I'm honestly not sure.</p>
+
+<p>So that's it for a crash course in GPU architecture. Next time, we'll start
+looking at the Narabu codec itself.</p>
 --===============testboundary==--
 
 From planet-debian Thu Oct 19 14:21:14 2017
@@ -244,20 +244,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Norbert Preining: Analysing Debian packages with Neo4j
 Message-ID: https-www-preining-info-blog-p-6831
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://www.preining.info/blog/2017/10/analysing-debian-packages-with-neo4j/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>I just finished the presentation at the <a href="https://www.meetup.com/Neo4j-Online-Meetup/">Neo4j Online Meetup</a> on getting the Debian <a href="https://wiki.debian.org/UltimateDebianDatabase">UDD</a> into a <a href="https://neo4j.com/">Neo4j</a> graph database. Besides the usual technical quibbles it did work out quite well.</p>
-<p><img alt="" class="aligncenter size-full wp-image-6832" height="498" src="https://www.preining.info/blog/wp-content/uploads/2017/10/neo4j-debian-talk.png" width="796" /></p>
-<p>The code for pulling the data from the UDD, as well as converting and importing it into Neo4j is available on <a href="https://github.com/norbusan/debian-graph">Github Debian-Graph</a>. The slides are also available on Github: <a href="https://github.com/norbusan/debian-graph/blob/master/slides/preining-debian-packages-neo4j.pdf">preining-debian-packages-neo4j.pdf</a>.</p>
-<p>There are still some things I want to implement, time permitting, because it would be a great tool for better integration for Debian. In any case, graph databases are lots of fun to play around.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -285,6 +276,15 @@ would be a great tool for better integration for Debian. In any case, graph
 databases are lots of fun to play around.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>I just finished the presentation at the <a href="https://www.meetup.com/Neo4j-Online-Meetup/">Neo4j Online Meetup</a> on getting the Debian <a href="https://wiki.debian.org/UltimateDebianDatabase">UDD</a> into a <a href="https://neo4j.com/">Neo4j</a> graph database. Besides the usual technical quibbles it did work out quite well.</p>
+<p><img alt="" class="aligncenter size-full wp-image-6832" height="498" src="https://www.preining.info/blog/wp-content/uploads/2017/10/neo4j-debian-talk.png" width="796" /></p>
+<p>The code for pulling the data from the UDD, as well as converting and importing it into Neo4j is available on <a href="https://github.com/norbusan/debian-graph">Github Debian-Graph</a>. The slides are also available on Github: <a href="https://github.com/norbusan/debian-graph/blob/master/slides/preining-debian-packages-neo4j.pdf">preining-debian-packages-neo4j.pdf</a>.</p>
+<p>There are still some things I want to implement, time permitting, because it would be a great tool for better integration for Debian. In any case, graph databases are lots of fun to play around.</p>
 --===============testboundary==--
 
 From planet-debian Thu Oct 19 08:33:31 2017
@@ -295,90 +295,13 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Daniel Pocock: FOSDEM 2018 Real-Time Communications Call for Participation
 Message-ID: https-danielpocock-com-341-at-https-danielpocock-com
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://danielpocock.com/fosdem-2018-rtc-cfp
 
 --===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/pocock.png" width="65" height="85" alt="" align="right" style="float: right;">  <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p><a href="https://fosdem.org">FOSDEM</a> is one of the world's premier meetings of free software developers, with over five thousand people attending each year.  FOSDEM 2018 takes place 3-4 February 2018 in Brussels, Belgium.</p>
-<p>This email contains information about:</p>
-<ul><li>Real-Time communications dev-room and lounge,</li>
-<li>speaking opportunities,</li>
-<li>volunteering in the dev-room and lounge,</li>
-<li>related events around FOSDEM, including the XMPP summit,</li>
-<li>social events (the legendary FOSDEM Beer Night and Saturday night dinners provide endless networking opportunities),</li>
-<li>the Planet aggregation sites for RTC blogs</li>
-</ul><h2>Call for participation - Real Time Communications (RTC)</h2>
-<p>The Real-Time dev-room and Real-Time lounge is about all things involving real-time communication, including: XMPP, SIP, WebRTC, telephony, mobile VoIP, codecs, peer-to-peer, privacy and encryption.  The dev-room is a successor to the previous XMPP and telephony dev-rooms.  We are looking for speakers for the dev-room and volunteers and participants for the tables in the Real-Time lounge.</p>
-<p>The dev-room is only on Sunday, 4 February 2018.  The lounge will be present for both days.</p>
-<p>To discuss the dev-room and lounge, please join the FSFE-sponsored <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free RTC mailing list</a>.</p>
-<p>To be kept aware of major developments in Free RTC, without being on the discussion list, please join the <a href="http://lists.freertc.org/mailman/listinfo/announce">Free-RTC Announce list</a>.</p>
-<h3>Speaking opportunities</h3>
-<p>Note: if you used FOSDEM Pentabarf before, please use the same account/username</p>
-<p>Real-Time Communications dev-room: deadline 23:59 UTC on 30 November.  Please use the Pentabarf system to submit a talk proposal for the dev-room.  On the "General" tab, please look for the "Track" option and choose "Real Time Communications devroom".  <a href="https://penta.fosdem.org/submission/FOSDEM18/">Link to talk submission</a>.</p>
-<p>Other dev-rooms and lightning talks: some speakers may find their topic is in the scope of more than one dev-room.  It is encouraged to apply to more than one dev-room and also consider proposing a lightning talk, but please be kind enough to tell us if you do this by filling out the notes in the form.</p>
-<p>You can find the full list of dev-rooms <a href="https://www.fosdem.org/2018/schedule/tracks/">on this page</a> and apply for a lightning talk at <a href="https://fosdem.org/submit">https://fosdem.org/submit</a></p>
-<p>Main track: the deadline for main track presentations is 23:59 UTC 3 November.  Leading developers in the Real-Time Communications field are encouraged to consider <a href="https://fosdem.org/submit">submitting a presentation to the main track</a>.</p>
-<h3>First-time speaking?</h3>
-<p>FOSDEM dev-rooms are a welcoming environment for people who have never given a talk before.  Please feel free to contact the dev-room administrators personally if you would like to ask any questions about it.</p>
-<h3>Submission guidelines</h3>
-<p>The Pentabarf system will ask for many of the essential details.  Please remember to re-use your account from previous years if you have one.</p>
-<p>In the "Submission notes", please tell us about:</p>
-<ul><li>the purpose of your talk</li>
-<li>any other talk applications (dev-rooms, lightning talks, main track)</li>
-<li>availability constraints and special needs</li>
-</ul><p>You can use HTML and links in your bio, abstract and description.</p>
-<p>If you maintain a blog, please consider providing us with the URL of a feed with posts tagged for your RTC-related work.</p>
-<p>We will be looking for relevance to the conference and dev-room themes, presentations aimed at developers of free and open source software about RTC-related topics.</p>
-<p>Please feel free to suggest a duration between 20 minutes and 55 minutes but note that the final decision on talk durations will be made by the dev-room administrators based on the received proposals.  As the two previous dev-rooms have been combined into one, we may decide to give shorter slots than in previous years so that more speakers can participate.</p>
-<p>Please note FOSDEM aims to record and live-stream all talks.  The CC-BY license is used.</p>
-<h2>Volunteers needed</h2>
-<p>To make the dev-room and lounge run successfully, we are looking for volunteers:</p>
-<ul><li>FOSDEM provides video recording equipment and live streaming, volunteers are needed to assist in this</li>
-<li>organizing one or more restaurant bookings (dependending upon number of participants) for the evening of Saturday, 4 February</li>
-<li>participation in the Real-Time lounge</li>
-<li>helping attract sponsorship funds for the dev-room to pay for the Saturday night dinner and any other expenses</li>
-<li>circulating this Call for Participation (<a href="https://lists.fosdem.org/pipermail/fosdem/2017-October/002636.html">text version</a>) to other mailing lists</li>
-</ul><h2>Related events - XMPP and RTC summits</h2>
-<p>The XMPP Standards Foundation (XSF) has traditionally held a summit in the days before FOSDEM.  There is discussion about a similar summit taking place on 2 February 2018.  <a href="http://wiki.xmpp.org/web/Summit_22">XMPP Summit web site</a> - please join the <a href="http://mail.jabber.org/mailman/listinfo/summit">mailing list</a> for details.</p>
-<h2>Social events and dinners</h2>
-<p>The traditional FOSDEM beer night occurs on Friday, 2 February.</p>
-<p>On Saturday night, there are usually dinners associated with each of the dev-rooms.  Most restaurants in Brussels are not so large so these dinners have space constraints and reservations are essential.  Please subscribe to the <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free-RTC mailing list</a> for further details about the Saturday night dinner options and how you can register for a seat.</p>
-<h2>Spread the word and discuss</h2>
-<p>If you know of any mailing lists where this CfP would be relevant, please forward this email (<a href="https://lists.fosdem.org/pipermail/fosdem/2016-October/002481.html">text version</a>). If this dev-room excites you, please blog or microblog about it, especially if you are submitting a talk.</p>
-<p>If you regularly blog about RTC topics, please send details about your blog to the planet site administrators:</p>
-<table><tbody><tr><th></th>
-<th>Planet site</th>
-<th>Admin contact</th>
-</tr><tr><th>All projects</th>
-<td><a href="http://planet.freertc.org">Free-RTC Planet (http://planet.freertc.org)</a></td>
-<td><a href="mailto:planet@freertc.org">contact planet@freertc.org</a></td>
-</tr><tr><th>XMPP</th>
-<td><a href="http://planet.jabber.org">Planet Jabber (http://planet.jabber.org)</a></td>
-<td><a href="mailto:ralphm@ik.nu">contact ralphm@ik.nu</a></td>
-</tr><tr><th>SIP</th>
-<td><a href="http://planet.sip5060.net">Planet SIP (http://planet.sip5060.net)</a></td>
-<td><a href="mailto:planet@sip5060.net">contact planet@sip5060.net</a></td>
-</tr><tr><th>SIP (Español)</th>
-<td><a href="http://planet.sip5060.net/es/">Planet SIP-es (http://planet.sip5060.net/es/)</a></td>
-<td><a href="mailto:planet@sip5060.net">contact planet@sip5060.net</a></td>
-</tr></tbody></table><p>Please also link to the Planet sites from your own blog or web site as this helps everybody in the free real-time communications community.</p>
-<h2>Contact</h2>
-<p>For any private queries, contact us directly using the address <a href="mailto:fosdem-rtc-admin@freertc.org">fosdem-rtc-admin@freertc.org</a> and for any other queries please ask on the <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free-RTC mailing list</a>.</p>
-<p>The dev-room administration team:</p>
-<ul><li><a href="http://code.saghul.net/">Saúl Ibarra Corretgé</a> (<a href="mailto:saghul@gmail.com">email</a>)</li>
-<li><a href="https://iain.learmonth.me/">Iain R. Learmonth</a> (<a href="mailto:irl@debian.org">email</a>)</li>
-<li><a href="https://ralphm.net/blog/">Ralph Meijer</a> (<a href="mailto:ralphm@ik.nu">email</a>)</li>
-<li><a href="http://blog.miconda.eu/">Daniel-Constantin Mierla</a> (<a href="mailto:miconda@gmail.com">email</a>)</li>
-<li><a href="https://danielpocock.com">Daniel Pocock</a> (<a href="mailto:daniel@pocock.pro">email</a>)</li>
-</ul></div></div></div>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
+Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
@@ -581,6 +504,83 @@ The dev-room administration team:
    [30]: <mailto:daniel@pocock.pro>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/pocock.png" width="65" height="85" alt="" align="right" style="float: right;">  <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p><a href="https://fosdem.org">FOSDEM</a> is one of the world's premier meetings of free software developers, with over five thousand people attending each year.  FOSDEM 2018 takes place 3-4 February 2018 in Brussels, Belgium.</p>
+<p>This email contains information about:</p>
+<ul><li>Real-Time communications dev-room and lounge,</li>
+<li>speaking opportunities,</li>
+<li>volunteering in the dev-room and lounge,</li>
+<li>related events around FOSDEM, including the XMPP summit,</li>
+<li>social events (the legendary FOSDEM Beer Night and Saturday night dinners provide endless networking opportunities),</li>
+<li>the Planet aggregation sites for RTC blogs</li>
+</ul><h2>Call for participation - Real Time Communications (RTC)</h2>
+<p>The Real-Time dev-room and Real-Time lounge is about all things involving real-time communication, including: XMPP, SIP, WebRTC, telephony, mobile VoIP, codecs, peer-to-peer, privacy and encryption.  The dev-room is a successor to the previous XMPP and telephony dev-rooms.  We are looking for speakers for the dev-room and volunteers and participants for the tables in the Real-Time lounge.</p>
+<p>The dev-room is only on Sunday, 4 February 2018.  The lounge will be present for both days.</p>
+<p>To discuss the dev-room and lounge, please join the FSFE-sponsored <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free RTC mailing list</a>.</p>
+<p>To be kept aware of major developments in Free RTC, without being on the discussion list, please join the <a href="http://lists.freertc.org/mailman/listinfo/announce">Free-RTC Announce list</a>.</p>
+<h3>Speaking opportunities</h3>
+<p>Note: if you used FOSDEM Pentabarf before, please use the same account/username</p>
+<p>Real-Time Communications dev-room: deadline 23:59 UTC on 30 November.  Please use the Pentabarf system to submit a talk proposal for the dev-room.  On the "General" tab, please look for the "Track" option and choose "Real Time Communications devroom".  <a href="https://penta.fosdem.org/submission/FOSDEM18/">Link to talk submission</a>.</p>
+<p>Other dev-rooms and lightning talks: some speakers may find their topic is in the scope of more than one dev-room.  It is encouraged to apply to more than one dev-room and also consider proposing a lightning talk, but please be kind enough to tell us if you do this by filling out the notes in the form.</p>
+<p>You can find the full list of dev-rooms <a href="https://www.fosdem.org/2018/schedule/tracks/">on this page</a> and apply for a lightning talk at <a href="https://fosdem.org/submit">https://fosdem.org/submit</a></p>
+<p>Main track: the deadline for main track presentations is 23:59 UTC 3 November.  Leading developers in the Real-Time Communications field are encouraged to consider <a href="https://fosdem.org/submit">submitting a presentation to the main track</a>.</p>
+<h3>First-time speaking?</h3>
+<p>FOSDEM dev-rooms are a welcoming environment for people who have never given a talk before.  Please feel free to contact the dev-room administrators personally if you would like to ask any questions about it.</p>
+<h3>Submission guidelines</h3>
+<p>The Pentabarf system will ask for many of the essential details.  Please remember to re-use your account from previous years if you have one.</p>
+<p>In the "Submission notes", please tell us about:</p>
+<ul><li>the purpose of your talk</li>
+<li>any other talk applications (dev-rooms, lightning talks, main track)</li>
+<li>availability constraints and special needs</li>
+</ul><p>You can use HTML and links in your bio, abstract and description.</p>
+<p>If you maintain a blog, please consider providing us with the URL of a feed with posts tagged for your RTC-related work.</p>
+<p>We will be looking for relevance to the conference and dev-room themes, presentations aimed at developers of free and open source software about RTC-related topics.</p>
+<p>Please feel free to suggest a duration between 20 minutes and 55 minutes but note that the final decision on talk durations will be made by the dev-room administrators based on the received proposals.  As the two previous dev-rooms have been combined into one, we may decide to give shorter slots than in previous years so that more speakers can participate.</p>
+<p>Please note FOSDEM aims to record and live-stream all talks.  The CC-BY license is used.</p>
+<h2>Volunteers needed</h2>
+<p>To make the dev-room and lounge run successfully, we are looking for volunteers:</p>
+<ul><li>FOSDEM provides video recording equipment and live streaming, volunteers are needed to assist in this</li>
+<li>organizing one or more restaurant bookings (dependending upon number of participants) for the evening of Saturday, 4 February</li>
+<li>participation in the Real-Time lounge</li>
+<li>helping attract sponsorship funds for the dev-room to pay for the Saturday night dinner and any other expenses</li>
+<li>circulating this Call for Participation (<a href="https://lists.fosdem.org/pipermail/fosdem/2017-October/002636.html">text version</a>) to other mailing lists</li>
+</ul><h2>Related events - XMPP and RTC summits</h2>
+<p>The XMPP Standards Foundation (XSF) has traditionally held a summit in the days before FOSDEM.  There is discussion about a similar summit taking place on 2 February 2018.  <a href="http://wiki.xmpp.org/web/Summit_22">XMPP Summit web site</a> - please join the <a href="http://mail.jabber.org/mailman/listinfo/summit">mailing list</a> for details.</p>
+<h2>Social events and dinners</h2>
+<p>The traditional FOSDEM beer night occurs on Friday, 2 February.</p>
+<p>On Saturday night, there are usually dinners associated with each of the dev-rooms.  Most restaurants in Brussels are not so large so these dinners have space constraints and reservations are essential.  Please subscribe to the <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free-RTC mailing list</a> for further details about the Saturday night dinner options and how you can register for a seat.</p>
+<h2>Spread the word and discuss</h2>
+<p>If you know of any mailing lists where this CfP would be relevant, please forward this email (<a href="https://lists.fosdem.org/pipermail/fosdem/2016-October/002481.html">text version</a>). If this dev-room excites you, please blog or microblog about it, especially if you are submitting a talk.</p>
+<p>If you regularly blog about RTC topics, please send details about your blog to the planet site administrators:</p>
+<table><tbody><tr><th></th>
+<th>Planet site</th>
+<th>Admin contact</th>
+</tr><tr><th>All projects</th>
+<td><a href="http://planet.freertc.org">Free-RTC Planet (http://planet.freertc.org)</a></td>
+<td><a href="mailto:planet@freertc.org">contact planet@freertc.org</a></td>
+</tr><tr><th>XMPP</th>
+<td><a href="http://planet.jabber.org">Planet Jabber (http://planet.jabber.org)</a></td>
+<td><a href="mailto:ralphm@ik.nu">contact ralphm@ik.nu</a></td>
+</tr><tr><th>SIP</th>
+<td><a href="http://planet.sip5060.net">Planet SIP (http://planet.sip5060.net)</a></td>
+<td><a href="mailto:planet@sip5060.net">contact planet@sip5060.net</a></td>
+</tr><tr><th>SIP (Español)</th>
+<td><a href="http://planet.sip5060.net/es/">Planet SIP-es (http://planet.sip5060.net/es/)</a></td>
+<td><a href="mailto:planet@sip5060.net">contact planet@sip5060.net</a></td>
+</tr></tbody></table><p>Please also link to the Planet sites from your own blog or web site as this helps everybody in the free real-time communications community.</p>
+<h2>Contact</h2>
+<p>For any private queries, contact us directly using the address <a href="mailto:fosdem-rtc-admin@freertc.org">fosdem-rtc-admin@freertc.org</a> and for any other queries please ask on the <a href="https://lists.fsfe.org/mailman/listinfo/free-rtc">Free-RTC mailing list</a>.</p>
+<p>The dev-room administration team:</p>
+<ul><li><a href="http://code.saghul.net/">Saúl Ibarra Corretgé</a> (<a href="mailto:saghul@gmail.com">email</a>)</li>
+<li><a href="https://iain.learmonth.me/">Iain R. Learmonth</a> (<a href="mailto:irl@debian.org">email</a>)</li>
+<li><a href="https://ralphm.net/blog/">Ralph Meijer</a> (<a href="mailto:ralphm@ik.nu">email</a>)</li>
+<li><a href="http://blog.miconda.eu/">Daniel-Constantin Mierla</a> (<a href="mailto:miconda@gmail.com">email</a>)</li>
+<li><a href="https://danielpocock.com">Daniel Pocock</a> (<a href="mailto:daniel@pocock.pro">email</a>)</li>
+</ul></div></div></div>
 --===============testboundary==--
 
 From planet-debian Wed Oct 18 19:31:14 2017
@@ -591,286 +591,65 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Joey Hess: extending Scuttlebutt with Annah
 Message-ID: http-joeyh-name-blog-entry-extending_scuttlebutt_with_annah
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://joeyh.name/blog/entry/extending_Scuttlebutt_with_Annah/
 
 --===============testboundary==
-Content-Type: text/html; charset="utf-8"
+Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
+Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/joeyh2.png" width="84" height="75" alt="" align="right" style="float: right;">  <p>This post has it all. Flotillas of sailboats, peer-to-peer wikis, games,
-and de-frogging. But, I need to start by talking about some tech you may not
-have heard of yet...</p>
+http://joeyh.name/blog/entry/extending_Scuttlebutt_with_Annah/
 
-<ul>
-<li><p><a href="https://www.scuttlebutt.nz/">Scuttlebutt</a> is way for friends to share feeds
-of content-addressed messages, peer-to-peer. Most Scuttlebutt clients
-currently look something like facebook, but there are also github clones,
-chess games, etc. Many private encrypted conversations going on.
-All entirely decentralized.<br />
-(My scuttlebutt feed can be viewed <a href="https://viewer.scuttlebot.io/@BCM6DHYJvWzwWi1lFl2tjDXjaqyZAEmJH5ZONSpXhtc=.ed25519">here</a>)</p></li>
-<li><p><a href="https://hackage.haskell.org/package/annah">Annah</a> is a purely
-functional, strongly typed language. Its design allows individual atoms
-of the language to be put in content-addressed storage, right down to
-data types. So the value <code>True</code> and a hash of the definition of what
-<code>True</code> is can both be treated the same by Annah's compiler.<br />
-(Not to be confused with my sister, Anna, or part of the Debian Installer
-with the same name that I wrote long ago.)</p></li>
-</ul>
+This post has it all. Flotillas of sailboats, peer-to-peer wikis, games, and
+de-frogging. But, I need to start by talking about some tech you may not have
+heard of yet...
 
+  * [Scuttlebutt][1] is way for friends to share feeds of content-addressed messages, peer-to-peer. Most Scuttlebutt clients currently look something like facebook, but there are also github clones, chess games, etc. Many private encrypted conversations going on. All entirely decentralized.  
+(My scuttlebutt feed can be viewed [here][2])
 
-<p>So, how could these be combined together, and what might the result look
-like?</p>
+   [1]: <https://www.scuttlebutt.nz/>
+   [2]: <https://viewer.scuttlebot.io/@BCM6DHYJvWzwWi1lFl2tjDXjaqyZAEmJH5ZONSpXhtc=.ed25519>
 
-<p>Well, I could start by posting a Scuttlebutt message that <a href="http://sigil.place/prelude/annah/1.0/Bool/True">defines what
-True is</a>. And another
-Scuttlebutt message defining
-<a href="http://sigil.place/prelude/annah/1.0/Bool/False">False</a>. And then,
-another Scuttlebutt message to
-<a href="http://sigil.place/prelude/annah/1.0/Bool/and">define the AND function</a>,
-which would link to my messages for <code>True</code> and <code>False</code>. Continue this until
-I've built up enough Annah code to write some almost useful programs.</p>
+  * [Annah][3] is a purely functional, strongly typed language. Its design allows individual atoms of the language to be put in content-addressed storage, right down to data types. So the value `True` and a hash of the definition of what `True` is can both be treated the same by Annah's compiler.  
+(Not to be confused with my sister, Anna, or part of the Debian Installer with
+the same name that I wrote long ago.)
 
-<p>Annah can't do any IO on its own (though it can model IO similarly to how
-Haskell does), so for programs to be actually useful, there needs to be
-Scuttlebutt client support. The way typing works in Annah, a program's type
-can be expressed as a Scuttlebutt link. So a Scuttlebutt client that wants
-to run Annah programs of a particular type can pick out programs that link
-to that type, and will know what type of data the program consumes and
-produces.</p>
+   [3]: <https://hackage.haskell.org/package/annah>
 
-<p>Here are a few ideas of what could be built, with fairly simple client-side
-support for different types of Annah programs...</p>
+So, how could these be combined together, and what might the result look like?
 
-<ul>
-<li><p><strong>Shared dashboards.</strong>
-<a href="https://viewer.scuttlebot.io/%25WPDqs%2FYnkPgjpGJrx36%2FoXgPHnmy6Ket29K4jMyVHyQ%3D.sha256">Boats in a flotilla are communicating via Scuttlebutt</a>,
-and want to share a map of their planned courses. Coders collaborating
-via Scuttlebutt want to see an overview of the state of their project.</p>
+Well, I could start by posting a Scuttlebutt message that [defines what True
+is][4]. And another Scuttlebutt message defining [False][5]. And then, another
+Scuttlebutt message to [define the AND function][6], which would link to my
+messages for `True` and `False`. Continue this until I've built up enough
+Annah code to write some almost useful programs.
 
-<p>For this, the Scuttlebutt client needs a way to run a selected Annah
-program of type <code>Dashboard</code>, and display its output like a Scuttlebutt
-message, in a dashboard window. The dashboard message gets updated
-whenever other Scuttlebutt messages come in. The Annah program picks out
-the messages it's interested in, and generates the dashboard message.</p>
+   [4]: <http://sigil.place/prelude/annah/1.0/Bool/True>
+   [5]: <http://sigil.place/prelude/annah/1.0/Bool/False>
+   [6]: <http://sigil.place/prelude/annah/1.0/Bool/and>
 
-<p>So, send a message updating your boat's position, and everyone sees it
-update on the map. Send a message with updated weather forecasts as
-they're received, and everyone can see the storm developing.
-Send another message updating a waypoint to avoid the storm,
-and steady as you go...</p>
+Annah can't do any IO on its own (though it can model IO similarly to how
+Haskell does), so for programs to be actually useful, there needs to be
+Scuttlebutt client support. The way typing works in Annah, a program's type
+can be expressed as a Scuttlebutt link. So a Scuttlebutt client that wants to
+run Annah programs of a particular type can pick out programs that link to
+that type, and will know what type of data the program consumes and produces.
 
-<p>The coders, meanwhile, probably tweak their dashboard's code every day.
-As they add git-ssb repos, they make the dashboard display an
-overview of their bugs. They get CI systems hooked in and feeding
-messages to Scuttlebutt, and make the dashboard go green or red. They
-make the dashboard A-B test itself to pick the right shade of red.
-And so on...</p>
+Here are a few ideas of what could be built, with fairly simple client-side
+support for different types of Annah programs...
 
-<p>The dashboard program is stored in Scuttlebutt so everyone is on the same
-page, and the most recent version of it posted by a team member gets
-used. (Just have the old version of the program notice when there's a
-newer version, and run that one..)</p>
+  * **Shared dashboards.** [Boats in a flotilla are communicating via Scuttlebutt][7], and want to share a map of their planned courses. Coders collaborating via Scuttlebutt want to see an overview of the state of their project.
 
-<p>(Also could be used in disaster response scenarios, where the data
-and visualization tools get built up on the fly in response to local needs,
-and are shared peer-to-peer in areas without internet.)</p></li>
-<li><p><strong>Smart hyperlinks.</strong> When a hyperlink in a Scuttlebutt message points to a
-Annah program, optionally with some Annah data, clicking on it can
-run the program and display the messages that the program generates.</p>
+   [7]: <https://viewer.scuttlebot.io/%25WPDqs%2FYnkPgjpGJrx36%2FoXgPHnmy6Ket29K4jMyVHyQ%3D.sha256>
 
-<p>This is the most basic way a Scuttlebutt client could support Annah
-programs, and it could be used for tons of stuff. A few examples:</p>
-
-<ul>
-<li><strong>Hiding spoilers.</strong>
-Click on the link and it'll display a spoiler about a book/movie.</li>
-<li><strong>A link to whatever I was talking about one year ago today.</strong>
-That opens different messages as time goes by. Put it in your Scuttlebutt
-profile or something. (Requires a way for Annah to get the current
-date, which it normally has no way of accessing.)</li>
-<li><strong>Choose your own adventure or twine style games.</strong>
-Click on the link and the program starts the game, displaying
-links to choose between, and so on.</li>
-<li><strong>Links to custom views.</strong>
-For example, a link could lead to a combination of messages from
-several different, related channels. Or could filter messages in some
-way.</li>
-</ul>
-</li>
-<li><p><strong>Collaborative filtering.</strong> Suppose I don't want to see
-frog-related memes in my Scuttlebutt client. I can write a
-Annah program that calculates a message's frogginess, and outputs a
-<code>Filtered Message</code>. It can leave a message unchanged, or filter it out,
-or perhaps minimize its display. I publish the Annah program on my feed,
-and tell my Scuttlebutt client to filter all messages through it before
-displaying them to me.</p>
-
-<p>I published the program in my Scuttlebutt feed, and so my friends
-can use it too. They can build other filtering functions for other
-stuff (such an an excess of orange in photos), and integrate my
-frog filter into their filter program by simply composing the two.</p>
-
-<p>If I like their filter, I can switch my client to using it. Or not.
-Filtering is thus subjective, like Scuttlebutt, and the subjectivity is
-expressed by picking the filter you want to use, or developing a
-better one.</p></li>
-<li><p><strong>Wiki pages.</strong> Scuttlebutt is built on immutable append-only logs; it
-doesn't have editable wiki pages. But they can be built on top using
-Annah.</p>
-
-<p>A smart link to a wiki page is a reference to the Annah program
-that renders it. Of course being a wiki, there will be more smart
-links on the wiki page going to other wiki pages, and so on.</p>
-
-<p>The wiki page includes a smart link to edit it. The editor needs basic
-form support in the Scuttlebutt client; when the edited wiki page is
-posted, the Annah program diffs it against the previous version and
-generates an <code>Edit</code> which gets posted to the user's feed. Rendering the
-page is just a matter of finding the <code>Edit</code> messages for it from
-people who are allowed to edit it, and combining them.</p>
-
-<p>Anyone can fork a wiki page by posting an <code>Edit</code> to their feed. And can
-then post a smart link to their fork of the page.</p>
-
-<p>And anyone can merge other forks into their wiki page (this posts a
-control message that makes the Annah program implementing the wiki accept
-those forks' <code>Edit</code> messages). Or grant other users permission to edit
-the wiki page (another control message). Or grant other users
-permissions to grant other users permissions.</p>
-
-<p>There are lots of different ways you might want your wiki to work.
-No one wiki implementation, but lots of Annah programs. Others
-can interact with your wiki using the program you picked, or fork it and
-even switch the program used. Subjectivity again.</p></li>
-<li><p><strong>User-defined board games.</strong> The Scuttlebutt client finds
-Scuttlebutt messages containing Annah programs of type <code>Game</code>,
-and generates a tab with a list of available games.</p>
-
-<p>The players of a particular game all experience the same game interface,
-because the code for it is part of their shared Scuttlebutt message pool,
-and the code to use gets agreed on at the start of a game.</p>
-
-<p>To play a game, the Scuttlebutt client runs the Annah program, which
-generates a description of the current contents of the game board.</p>
-
-<p>So, for chess, use Annah to define a <code>ChessMove</code> data type,
-and the Annah program takes the feeds of the two players, looks
-for messages containing a <code>ChessMove</code>, and builds up a description
-of the chess board.</p>
-
-<p>As well as the pieces on the game board, the game board description
-includes Annah functions that get called when the user moves a
-game piece. That generates a new <code>ChessMove</code> which gets recorded
-in the user's Scuttlebutt feed.</p>
-
-<p>This could support a wide variety of board games. If you don't mind the
-possibility that your opponent might cheat by peeking at the random seed,
-even games involving things like random card shuffles and dice rolls
-could be built. Also there can be games like Core Wars where the gamers
-themselves write Annah programs to run inside the game.</p>
-
-<p>Variants of games can be developed by modifying and reusing game
-programs. For example, timed chess is just the chess program
-with an added check on move time, and time clock display.</p></li>
-<li><p><strong>Decentralized chat bots.</strong> Chat bots are all the rage (or were a few
-months ago, tech fads move fast), but in a decentralized system like
-Scuttlebutt, a bot running on a server somewhere would be a ugly point
-of centralization. Instead, write a Annah program for the bot.</p>
-
-<p>To launch the bot, publish a message in your own personal Scuttlebutt
-feed that contains the bot's program, and a nonce.</p>
-
-<p>The user's Scuttlebutt client takes care of the rest. It looks for messages
-with bot programs, and runs the bot's program. This generates or updates
-a Scuttlebutt message feed for the bot.</p>
-
-<p>The bot's program signs the messages in its feed using a private key
-that's generated by combining the user's public key, and the bot's nonce.
-So, the bot has one feed per user it talks to, with deterministic
-content, which avoids a problem with forking a Scuttlebutt feed.</p>
-
-<p>The bot-generated messages can be stored in the Scuttlebutt database like any
-other messages and replicated around. The bot appears as if it were a
-Scuttlebutt user. But you can have conversations with it while you're
-offline.</p>
-
-<p>(The careful reader may have noticed that deeply private messages sent to
-the bot can be decrypted by anyone! This bot thing is probably a bad idea
-really, but maybe the bot fad is over anyway. We can only hope. It's
-important that there be at least one bad idea in this list..)</p></li>
-</ul>
-
-
-<p>This kind of extensibility in a peer-to-peer system is exciting! With these
-new systems, we can consider lessons from the world wide web and replicate
-some of the good parts, while avoiding the bad. Javascript has been both
-good and bad for the web. The extensibility is great, and yet it's a
-neverending security and privacy nightmare, and it ties web pages ever more
-tightly to programs hidden away on servers. I believe that Annah combined
-with Scuttlebutt will comprehensively avoid those problems. Shall we build it?</p>
-
-<hr />
-
-<p>This exploration was sponsored by Jake Vosloo on
-<a href="https://patreon.com/joeyh">Patreon</a>.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-http://joeyh.name/blog/entry/extending_Scuttlebutt_with_Annah/
-
-This post has it all. Flotillas of sailboats, peer-to-peer wikis, games, and
-de-frogging. But, I need to start by talking about some tech you may not have
-heard of yet...
-
-  * [Scuttlebutt][1] is way for friends to share feeds of content-addressed messages, peer-to-peer. Most Scuttlebutt clients currently look something like facebook, but there are also github clones, chess games, etc. Many private encrypted conversations going on. All entirely decentralized.  
-(My scuttlebutt feed can be viewed [here][2])
-
-   [1]: <https://www.scuttlebutt.nz/>
-   [2]: <https://viewer.scuttlebot.io/@BCM6DHYJvWzwWi1lFl2tjDXjaqyZAEmJH5ZONSpXhtc=.ed25519>
-
-  * [Annah][3] is a purely functional, strongly typed language. Its design allows individual atoms of the language to be put in content-addressed storage, right down to data types. So the value `True` and a hash of the definition of what `True` is can both be treated the same by Annah's compiler.  
-(Not to be confused with my sister, Anna, or part of the Debian Installer with
-the same name that I wrote long ago.)
-
-   [3]: <https://hackage.haskell.org/package/annah>
-
-So, how could these be combined together, and what might the result look like?
-
-Well, I could start by posting a Scuttlebutt message that [defines what True
-is][4]. And another Scuttlebutt message defining [False][5]. And then, another
-Scuttlebutt message to [define the AND function][6], which would link to my
-messages for `True` and `False`. Continue this until I've built up enough
-Annah code to write some almost useful programs.
-
-   [4]: <http://sigil.place/prelude/annah/1.0/Bool/True>
-   [5]: <http://sigil.place/prelude/annah/1.0/Bool/False>
-   [6]: <http://sigil.place/prelude/annah/1.0/Bool/and>
-
-Annah can't do any IO on its own (though it can model IO similarly to how
-Haskell does), so for programs to be actually useful, there needs to be
-Scuttlebutt client support. The way typing works in Annah, a program's type
-can be expressed as a Scuttlebutt link. So a Scuttlebutt client that wants to
-run Annah programs of a particular type can pick out programs that link to
-that type, and will know what type of data the program consumes and produces.
-
-Here are a few ideas of what could be built, with fairly simple client-side
-support for different types of Annah programs...
-
-  * **Shared dashboards.** [Boats in a flotilla are communicating via Scuttlebutt][7], and want to share a map of their planned courses. Coders collaborating via Scuttlebutt want to see an overview of the state of their project.
-
-   [7]: <https://viewer.scuttlebot.io/%25WPDqs%2FYnkPgjpGJrx36%2FoXgPHnmy6Ket29K4jMyVHyQ%3D.sha256>
-
-For this, the Scuttlebutt client needs a way to run a selected Annah program
-of type `Dashboard`, and display its output like a Scuttlebutt message, in a
-dashboard window. The dashboard message gets updated whenever other
-Scuttlebutt messages come in. The Annah program picks out the messages it's
-interested in, and generates the dashboard message.
+For this, the Scuttlebutt client needs a way to run a selected Annah program
+of type `Dashboard`, and display its output like a Scuttlebutt message, in a
+dashboard window. The dashboard message gets updated whenever other
+Scuttlebutt messages come in. The Annah program picks out the messages it's
+interested in, and generates the dashboard message.
 
 So, send a message updating your boat's position, and everyone sees it update
 on the map. Send a message with updated weather forecasts as they're received,
@@ -1005,53 +784,255 @@ This exploration was sponsored by Jake Vosloo on [Patreon][8].
    [8]: <https://patreon.com/joeyh>
 
 
---===============testboundary==--
-
-From planet-debian Wed Oct 18 10:00:19 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Wed, 18 Oct 2017 10:00:19 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Michal &#268;iha&#345;: Gammu 1.38.5
-Message-ID: https-blog-cihar-com-archives-2017-10-18-gammu-1385-utm_source-rss2
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://blog.cihar.com/archives/2017/10/18/gammu-1385/?utm_source=rss2
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
 
-<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>Today, <a href="https://wammu.eu/download/gammu/1.38.5/">Gammu 1.38.5</a> has been released. After long period of bugfix only releases, this comes with several new noteworthy features.</p>
-<p>The biggest feature probably is that SMSD can now handle USSD messages as well. Those are usually used for things like checking remaining credit, but it's certainly not limited to this. This feature has been contributed thanks to funding on <a href="https://www.bountysource.com/teams/gammu">BountySource</a>.</p>
-<p>You can read more information in the <a href="https://wammu.eu/download/gammu/1.38.5/">release announcement</a>.</p>
+<img src="http://planet.debian.org/heads/joeyh2.png" width="84" height="75" alt="" align="right" style="float: right;">  <p>This post has it all. Flotillas of sailboats, peer-to-peer wikis, games,
+and de-frogging. But, I need to start by talking about some tech you may not
+have heard of yet...</p>
 
-<p style="font-size: smaller;">
-Filed under: 
+<ul>
+<li><p><a href="https://www.scuttlebutt.nz/">Scuttlebutt</a> is way for friends to share feeds
+of content-addressed messages, peer-to-peer. Most Scuttlebutt clients
+currently look something like facebook, but there are also github clones,
+chess games, etc. Many private encrypted conversations going on.
+All entirely decentralized.<br />
+(My scuttlebutt feed can be viewed <a href="https://viewer.scuttlebot.io/@BCM6DHYJvWzwWi1lFl2tjDXjaqyZAEmJH5ZONSpXhtc=.ed25519">here</a>)</p></li>
+<li><p><a href="https://hackage.haskell.org/package/annah">Annah</a> is a purely
+functional, strongly typed language. Its design allows individual atoms
+of the language to be put in content-addressed storage, right down to
+data types. So the value <code>True</code> and a hash of the definition of what
+<code>True</code> is can both be treated the same by Annah's compiler.<br />
+(Not to be confused with my sister, Anna, or part of the Debian Installer
+with the same name that I wrote long ago.)</p></li>
+</ul>
 
-<a href="https://blog.cihar.com/archives/debian/">Debian</a>
 
-<a href="https://blog.cihar.com/archives/english/">English</a>
+<p>So, how could these be combined together, and what might the result look
+like?</p>
 
-<a href="https://blog.cihar.com/archives/gammu/">Gammu</a>
+<p>Well, I could start by posting a Scuttlebutt message that <a href="http://sigil.place/prelude/annah/1.0/Bool/True">defines what
+True is</a>. And another
+Scuttlebutt message defining
+<a href="http://sigil.place/prelude/annah/1.0/Bool/False">False</a>. And then,
+another Scuttlebutt message to
+<a href="http://sigil.place/prelude/annah/1.0/Bool/and">define the AND function</a>,
+which would link to my messages for <code>True</code> and <code>False</code>. Continue this until
+I've built up enough Annah code to write some almost useful programs.</p>
 
-</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
+<p>Annah can't do any IO on its own (though it can model IO similarly to how
+Haskell does), so for programs to be actually useful, there needs to be
+Scuttlebutt client support. The way typing works in Annah, a program's type
+can be expressed as a Scuttlebutt link. So a Scuttlebutt client that wants
+to run Annah programs of a particular type can pick out programs that link
+to that type, and will know what type of data the program consumes and
+produces.</p>
 
-https://blog.cihar.com/archives/2017/10/18/gammu-1385/?utm_source=rss2
+<p>Here are a few ideas of what could be built, with fairly simple client-side
+support for different types of Annah programs...</p>
 
-Today, [Gammu 1.38.5][1] has been released. After long period of bugfix only
-releases, this comes with several new noteworthy features.
+<ul>
+<li><p><strong>Shared dashboards.</strong>
+<a href="https://viewer.scuttlebot.io/%25WPDqs%2FYnkPgjpGJrx36%2FoXgPHnmy6Ket29K4jMyVHyQ%3D.sha256">Boats in a flotilla are communicating via Scuttlebutt</a>,
+and want to share a map of their planned courses. Coders collaborating
+via Scuttlebutt want to see an overview of the state of their project.</p>
 
-   [1]: <https://wammu.eu/download/gammu/1.38.5/>
+<p>For this, the Scuttlebutt client needs a way to run a selected Annah
+program of type <code>Dashboard</code>, and display its output like a Scuttlebutt
+message, in a dashboard window. The dashboard message gets updated
+whenever other Scuttlebutt messages come in. The Annah program picks out
+the messages it's interested in, and generates the dashboard message.</p>
 
-The biggest feature probably is that SMSD can now handle USSD messages as
+<p>So, send a message updating your boat's position, and everyone sees it
+update on the map. Send a message with updated weather forecasts as
+they're received, and everyone can see the storm developing.
+Send another message updating a waypoint to avoid the storm,
+and steady as you go...</p>
+
+<p>The coders, meanwhile, probably tweak their dashboard's code every day.
+As they add git-ssb repos, they make the dashboard display an
+overview of their bugs. They get CI systems hooked in and feeding
+messages to Scuttlebutt, and make the dashboard go green or red. They
+make the dashboard A-B test itself to pick the right shade of red.
+And so on...</p>
+
+<p>The dashboard program is stored in Scuttlebutt so everyone is on the same
+page, and the most recent version of it posted by a team member gets
+used. (Just have the old version of the program notice when there's a
+newer version, and run that one..)</p>
+
+<p>(Also could be used in disaster response scenarios, where the data
+and visualization tools get built up on the fly in response to local needs,
+and are shared peer-to-peer in areas without internet.)</p></li>
+<li><p><strong>Smart hyperlinks.</strong> When a hyperlink in a Scuttlebutt message points to a
+Annah program, optionally with some Annah data, clicking on it can
+run the program and display the messages that the program generates.</p>
+
+<p>This is the most basic way a Scuttlebutt client could support Annah
+programs, and it could be used for tons of stuff. A few examples:</p>
+
+<ul>
+<li><strong>Hiding spoilers.</strong>
+Click on the link and it'll display a spoiler about a book/movie.</li>
+<li><strong>A link to whatever I was talking about one year ago today.</strong>
+That opens different messages as time goes by. Put it in your Scuttlebutt
+profile or something. (Requires a way for Annah to get the current
+date, which it normally has no way of accessing.)</li>
+<li><strong>Choose your own adventure or twine style games.</strong>
+Click on the link and the program starts the game, displaying
+links to choose between, and so on.</li>
+<li><strong>Links to custom views.</strong>
+For example, a link could lead to a combination of messages from
+several different, related channels. Or could filter messages in some
+way.</li>
+</ul>
+</li>
+<li><p><strong>Collaborative filtering.</strong> Suppose I don't want to see
+frog-related memes in my Scuttlebutt client. I can write a
+Annah program that calculates a message's frogginess, and outputs a
+<code>Filtered Message</code>. It can leave a message unchanged, or filter it out,
+or perhaps minimize its display. I publish the Annah program on my feed,
+and tell my Scuttlebutt client to filter all messages through it before
+displaying them to me.</p>
+
+<p>I published the program in my Scuttlebutt feed, and so my friends
+can use it too. They can build other filtering functions for other
+stuff (such an an excess of orange in photos), and integrate my
+frog filter into their filter program by simply composing the two.</p>
+
+<p>If I like their filter, I can switch my client to using it. Or not.
+Filtering is thus subjective, like Scuttlebutt, and the subjectivity is
+expressed by picking the filter you want to use, or developing a
+better one.</p></li>
+<li><p><strong>Wiki pages.</strong> Scuttlebutt is built on immutable append-only logs; it
+doesn't have editable wiki pages. But they can be built on top using
+Annah.</p>
+
+<p>A smart link to a wiki page is a reference to the Annah program
+that renders it. Of course being a wiki, there will be more smart
+links on the wiki page going to other wiki pages, and so on.</p>
+
+<p>The wiki page includes a smart link to edit it. The editor needs basic
+form support in the Scuttlebutt client; when the edited wiki page is
+posted, the Annah program diffs it against the previous version and
+generates an <code>Edit</code> which gets posted to the user's feed. Rendering the
+page is just a matter of finding the <code>Edit</code> messages for it from
+people who are allowed to edit it, and combining them.</p>
+
+<p>Anyone can fork a wiki page by posting an <code>Edit</code> to their feed. And can
+then post a smart link to their fork of the page.</p>
+
+<p>And anyone can merge other forks into their wiki page (this posts a
+control message that makes the Annah program implementing the wiki accept
+those forks' <code>Edit</code> messages). Or grant other users permission to edit
+the wiki page (another control message). Or grant other users
+permissions to grant other users permissions.</p>
+
+<p>There are lots of different ways you might want your wiki to work.
+No one wiki implementation, but lots of Annah programs. Others
+can interact with your wiki using the program you picked, or fork it and
+even switch the program used. Subjectivity again.</p></li>
+<li><p><strong>User-defined board games.</strong> The Scuttlebutt client finds
+Scuttlebutt messages containing Annah programs of type <code>Game</code>,
+and generates a tab with a list of available games.</p>
+
+<p>The players of a particular game all experience the same game interface,
+because the code for it is part of their shared Scuttlebutt message pool,
+and the code to use gets agreed on at the start of a game.</p>
+
+<p>To play a game, the Scuttlebutt client runs the Annah program, which
+generates a description of the current contents of the game board.</p>
+
+<p>So, for chess, use Annah to define a <code>ChessMove</code> data type,
+and the Annah program takes the feeds of the two players, looks
+for messages containing a <code>ChessMove</code>, and builds up a description
+of the chess board.</p>
+
+<p>As well as the pieces on the game board, the game board description
+includes Annah functions that get called when the user moves a
+game piece. That generates a new <code>ChessMove</code> which gets recorded
+in the user's Scuttlebutt feed.</p>
+
+<p>This could support a wide variety of board games. If you don't mind the
+possibility that your opponent might cheat by peeking at the random seed,
+even games involving things like random card shuffles and dice rolls
+could be built. Also there can be games like Core Wars where the gamers
+themselves write Annah programs to run inside the game.</p>
+
+<p>Variants of games can be developed by modifying and reusing game
+programs. For example, timed chess is just the chess program
+with an added check on move time, and time clock display.</p></li>
+<li><p><strong>Decentralized chat bots.</strong> Chat bots are all the rage (or were a few
+months ago, tech fads move fast), but in a decentralized system like
+Scuttlebutt, a bot running on a server somewhere would be a ugly point
+of centralization. Instead, write a Annah program for the bot.</p>
+
+<p>To launch the bot, publish a message in your own personal Scuttlebutt
+feed that contains the bot's program, and a nonce.</p>
+
+<p>The user's Scuttlebutt client takes care of the rest. It looks for messages
+with bot programs, and runs the bot's program. This generates or updates
+a Scuttlebutt message feed for the bot.</p>
+
+<p>The bot's program signs the messages in its feed using a private key
+that's generated by combining the user's public key, and the bot's nonce.
+So, the bot has one feed per user it talks to, with deterministic
+content, which avoids a problem with forking a Scuttlebutt feed.</p>
+
+<p>The bot-generated messages can be stored in the Scuttlebutt database like any
+other messages and replicated around. The bot appears as if it were a
+Scuttlebutt user. But you can have conversations with it while you're
+offline.</p>
+
+<p>(The careful reader may have noticed that deeply private messages sent to
+the bot can be decrypted by anyone! This bot thing is probably a bad idea
+really, but maybe the bot fad is over anyway. We can only hope. It's
+important that there be at least one bad idea in this list..)</p></li>
+</ul>
+
+
+<p>This kind of extensibility in a peer-to-peer system is exciting! With these
+new systems, we can consider lessons from the world wide web and replicate
+some of the good parts, while avoiding the bad. Javascript has been both
+good and bad for the web. The extensibility is great, and yet it's a
+neverending security and privacy nightmare, and it ties web pages ever more
+tightly to programs hidden away on servers. I believe that Annah combined
+with Scuttlebutt will comprehensively avoid those problems. Shall we build it?</p>
+
+<hr />
+
+<p>This exploration was sponsored by Jake Vosloo on
+<a href="https://patreon.com/joeyh">Patreon</a>.</p>
+--===============testboundary==--
+
+From planet-debian Wed Oct 18 10:00:19 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Wed, 18 Oct 2017 10:00:19 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Michal &#268;iha&#345;: Gammu 1.38.5
+Message-ID: https-blog-cihar-com-archives-2017-10-18-gammu-1385-utm_source-rss2
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://blog.cihar.com/archives/2017/10/18/gammu-1385/?utm_source=rss2
+
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+https://blog.cihar.com/archives/2017/10/18/gammu-1385/?utm_source=rss2
+
+Today, [Gammu 1.38.5][1] has been released. After long period of bugfix only
+releases, this comes with several new noteworthy features.
+
+   [1]: <https://wammu.eu/download/gammu/1.38.5/>
+
+The biggest feature probably is that SMSD can now handle USSD messages as
 well. Those are usually used for things like checking remaining credit, but
 it's certainly not limited to this. This feature has been contributed thanks
 to funding on [BountySource][2].
@@ -1069,6 +1050,25 @@ Filed under: [Debian][4] [English][5] [Gammu][6]
    [6]: <https://blog.cihar.com/archives/gammu/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>Today, <a href="https://wammu.eu/download/gammu/1.38.5/">Gammu 1.38.5</a> has been released. After long period of bugfix only releases, this comes with several new noteworthy features.</p>
+<p>The biggest feature probably is that SMSD can now handle USSD messages as well. Those are usually used for things like checking remaining credit, but it's certainly not limited to this. This feature has been contributed thanks to funding on <a href="https://www.bountysource.com/teams/gammu">BountySource</a>.</p>
+<p>You can read more information in the <a href="https://wammu.eu/download/gammu/1.38.5/">release announcement</a>.</p>
+
+<p style="font-size: smaller;">
+Filed under: 
+
+<a href="https://blog.cihar.com/archives/debian/">Debian</a>
+
+<a href="https://blog.cihar.com/archives/english/">English</a>
+
+<a href="https://blog.cihar.com/archives/gammu/">Gammu</a>
+
+</p>
 --===============testboundary==--
 
 From planet-debian Wed Oct 18 08:25:00 2017
@@ -1079,52 +1079,128 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Steinar H. Gunderson: Introducing Narabu, part 1: Introduction
 Message-ID: http-blog-sesse-net-blog-tech-2017-10-18-09-25_introducing_narabu_part_1_introduction-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://blog.sesse.net/blog/tech/2017-10-18-09-25_introducing_narabu_part_1_introduction.html
 
 --===============testboundary==
-Content-Type: text/html; charset="utf-8"
+Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/sesse.png" width="74" height="85" alt="" align="right" style="float: right;">  <p>Narabu is a new intraframe video codec, from the Japanese verb
-<em>narabu</em> (並ぶ), which means to line up or be parallel.</p>
+http://blog.sesse.net/blog/tech/2017-10-18-09-25_introducing_narabu_part_1_introduction.html
 
-<p>Let me first state straight up that Narabu isn't where I hoped it would be at
+Narabu is a new intraframe video codec, from the Japanese verb _narabu_ (並ぶ),
+which means to line up or be parallel.
+
+Let me first state straight up that Narabu isn't where I hoped it would be at
 this stage; the encoder isn't fast enough, and I have to turn my attention to
 other projects for a while. Nevertheless, I think it is interesting as a
 research project in its own right, and I don't think it should stop me from
-trying to write up a small series. :-)</p>
+trying to write up a small series. :-)
 
-<p>In the spirit of <a href="https://www.microsoft.com/en-us/research/wp-content/uploads/2016/12/State-the-Problem-Before-Describing-the-Solution.pdf">Leslie
-Lamport</a>,
-I'll be starting off with describing what problem I was trying to solve,
-which will hopefully make the design decisions a lot clearer. Subsequent
-posts will dive into background information and then finally Narabu itself.</p>
+In the spirit of [Leslie Lamport][1], I'll be starting off with describing
+what problem I was trying to solve, which will hopefully make the design
+decisions a lot clearer. Subsequent posts will dive into background
+information and then finally Narabu itself.
 
-<p>I want a codec to send signals between different instances of
-<a href="https://nageru.sesse.net/">Nageru</a>, my free software video mixer,
-and also longer-term between other software, such as recording or
-playout. The reason is pretty
-obvious for any sort of complex configuration; if you are doing e.g.
-both a stream mix and a bigscreen mix, they will naturally want to use
-many of the same sources, and sharing them over a single GigE connection
-might be easier than getting SDI repeaters/splitters, especially when
-you have a lot of them. (Also, in some cases, you might want to share
-synthetic signals, such as graphics, that never existed on SDI in the
-first place.)</p>
+   [1]: <https://www.microsoft.com/en-us/research/wp-content/uploads/2016/12/State-the-Problem-Before-Describing-the-Solution.pdf>
 
-<p>This naturally leads to the following demands:</p>
+I want a codec to send signals between different instances of [Nageru][2], my
+free software video mixer, and also longer-term between other software, such
+as recording or playout. The reason is pretty obvious for any sort of complex
+configuration; if you are doing e.g. both a stream mix and a bigscreen mix,
+they will naturally want to use many of the same sources, and sharing them
+over a single GigE connection might be easier than getting SDI
+repeaters/splitters, especially when you have a lot of them. (Also, in some
+cases, you might want to share synthetic signals, such as graphics, that never
+existed on SDI in the first place.)
 
-<ul>
-<li>Intraframe-only; every frame must be compressed independently. 
-(This isn't strictly needed for all use cases, but is much more
-flexible, and common in any kind of broadcast.)</li>
-<li>Need to handle 4:2:2 color, since that's what most capture sources
-give out, and we want to transmit the raw signals as much as possible.
-Fairly flexible in input resolution (divisible by 16 is okay, limited
+   [2]: <https://nageru.sesse.net/>
+
+This naturally leads to the following demands:
+
+  * Intraframe-only; every frame must be compressed independently. (This isn't strictly needed for all use cases, but is much more flexible, and common in any kind of broadcast.)
+  * Need to handle 4:2:2 color, since that's what most capture sources give out, and we want to transmit the raw signals as much as possible. Fairly flexible in input resolution (divisible by 16 is okay, limited to only a given set of resolutions is not).
+  * 720p60 video in less than one CPU core (ideally much less); the CPU can already pretty be busy with other work, like x264 encoding of the finished stream, and sharing four more inputs at the same time is pretty common. What matters is mostly a single encode+decode cycle, so fast decode doesn't help if the encoder is too slow.
+  * Target bitrates around 100-150 Mbit/sec, at similar quality to MJPEG (ie. 45 dB PSNR for most content). Multiple signals should fit into a normal GigE link at the same time, although getting it to work over 802.11 isn't a big priority.
+  * Both encoder and decoder robust to corrupted or malicious data; a dropped frame is fine, a crash is not.
+  * Does not depend on uncommon or expensive hardware, or GPUs from a specific manufacturer.
+  * GPLv3-compatible implementation. I already link to GPLv3 software, so I don't have a choice here; I cannot link to something non-free (and no antics with dlopen(), please).
+
+There's a bunch of intraframe formats around. The most obvious thing to do
+would be to use Intel Quick Sync to produce H.264 (intraframe H.264 blows
+basically everything else out of the sky in terms of PSNR, and QSV hardly uses
+any power at all), but sadly, that's limited to 4:2:0. I thought about
+encoding the three color planes as three different monochrome streams, but
+monochrome is not supported either.
+
+Then there's a host of software solutions. x264 can do 4:2:2, but even on
+ultrafast, it gobbles up an entire core or more at 720p60 at the target
+bitrates (mostly in entropy coding). FFmpeg has implementations of all kinds
+of other codecs, like DNxHD, CineForm, MJPEG and so on, but they all use much
+more CPU for encoding than the target. NDI would seem to fit the bill exactly,
+but fails the licensing check, and also isn't robust to corrupted or malicious
+data. (That, and their claims about video quality are dramatically overblown
+for any kinds of real video data I've tried.)
+
+So, sadly, this leaves only really one choice, namely rolling my own. I
+quickly figured I couldn't beat the world on CPU video codec speed, and didn't
+really want to spend my life optimizing AVX2 DCTs anyway, so again, the GPU
+will come to our rescue in the form of compute shaders. (There are some other
+GPU codecs out there, but all that I've found depend on CUDA, so they are
+NVIDIA-only, which I'm not prepared to commit to.) Of course, the GPU is quite
+busy in Nageru, but if one can make an efficient enough codec that one stream
+can work at only 5% or so of the GPU (meaning 1200 fps or so), it wouldn't
+really make a dent. (As a spoiler, the current Narabu encoder isn't there for
+720p60 on my GTX 950, but the decoder is.)
+
+In the next post, we'll look a bit at the GPU programming model, and what it
+means for how our codec needs to look like on the design level.
+
+
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/sesse.png" width="74" height="85" alt="" align="right" style="float: right;">  <p>Narabu is a new intraframe video codec, from the Japanese verb
+<em>narabu</em> (並ぶ), which means to line up or be parallel.</p>
+
+<p>Let me first state straight up that Narabu isn't where I hoped it would be at
+this stage; the encoder isn't fast enough, and I have to turn my attention to
+other projects for a while. Nevertheless, I think it is interesting as a
+research project in its own right, and I don't think it should stop me from
+trying to write up a small series. :-)</p>
+
+<p>In the spirit of <a href="https://www.microsoft.com/en-us/research/wp-content/uploads/2016/12/State-the-Problem-Before-Describing-the-Solution.pdf">Leslie
+Lamport</a>,
+I'll be starting off with describing what problem I was trying to solve,
+which will hopefully make the design decisions a lot clearer. Subsequent
+posts will dive into background information and then finally Narabu itself.</p>
+
+<p>I want a codec to send signals between different instances of
+<a href="https://nageru.sesse.net/">Nageru</a>, my free software video mixer,
+and also longer-term between other software, such as recording or
+playout. The reason is pretty
+obvious for any sort of complex configuration; if you are doing e.g.
+both a stream mix and a bigscreen mix, they will naturally want to use
+many of the same sources, and sharing them over a single GigE connection
+might be easier than getting SDI repeaters/splitters, especially when
+you have a lot of them. (Also, in some cases, you might want to share
+synthetic signals, such as graphics, that never existed on SDI in the
+first place.)</p>
+
+<p>This naturally leads to the following demands:</p>
+
+<ul>
+<li>Intraframe-only; every frame must be compressed independently. 
+(This isn't strictly needed for all use cases, but is much more
+flexible, and common in any kind of broadcast.)</li>
+<li>Need to handle 4:2:2 color, since that's what most capture sources
+give out, and we want to transmit the raw signals as much as possible.
+Fairly flexible in input resolution (divisible by 16 is okay, limited
 to only a given set of resolutions is not).</li>
 <li>720p60 video in less than one CPU core (ideally much less); the CPU can
 already pretty be busy with other work, like x264 encoding of the
@@ -1173,256 +1249,83 @@ Narabu encoder isn't there for 720p60 on my GTX 950, but the decoder is.)</p>
 
 <p>In the next post, we'll look a bit at the GPU programming model, and what
 it means for how our codec needs to look like on the design level.</p>
+--===============testboundary==--
+
+From planet-debian Wed Oct 18 00:54:15 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Wed, 18 Oct 2017 00:54:15 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Norbert Preining: Kobo firmware 4.6.9995 mega update (KSM, nickel patch, ssh, fonts)
+Message-ID: https-www-preining-info-blog-p-6827
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://www.preining.info/blog/2017/10/kobo-firmware-4-6-9995-mega-update-ksm-nickel-patch-ssh-fonts/
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-http://blog.sesse.net/blog/tech/2017-10-18-09-25_introducing_narabu_part_1_introduction.html
+https://www.preining.info/blog/2017/10/kobo-firmware-4-6-9995-mega-update-ksm-nickel-patch-ssh-fonts/
 
-Narabu is a new intraframe video codec, from the Japanese verb _narabu_ (並ぶ),
-which means to line up or be parallel.
+It has been ages that I haven’t updated the MegaUpdate package for Kobo. Now
+that a new and seemingly rather bug-free and quick firmware release (4.6.9995)
+has been released, I finally took the time to update the whole package to the
+latest releases of all the included items. The update includes all my favorite
+patches and features: Kobo Start Menu, koreader, coolreader, pbchess, ssh
+access, custom dictionaries, and some side-loaded fonts.
 
-Let me first state straight up that Narabu isn't where I hoped it would be at
-this stage; the encoder isn't fast enough, and I have to turn my attention to
-other projects for a while. Nevertheless, I think it is interesting as a
-research project in its own right, and I don't think it should stop me from
-trying to write up a small series. :-)
+[Kobo Logo][1]
 
-In the spirit of [Leslie Lamport][1], I'll be starting off with describing
-what problem I was trying to solve, which will hopefully make the design
-decisions a lot clearer. Subsequent posts will dive into background
-information and then finally Narabu itself.
+   [1]: <http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png>
 
-   [1]: <https://www.microsoft.com/en-us/research/wp-content/uploads/2016/12/State-the-Problem-Before-Describing-the-Solution.pdf>
+So what are all these items:
 
-I want a codec to send signals between different instances of [Nageru][2], my
-free software video mixer, and also longer-term between other software, such
-as recording or playout. The reason is pretty obvious for any sort of complex
-configuration; if you are doing e.g. both a stream mix and a bigscreen mix,
-they will naturally want to use many of the same sources, and sharing them
-over a single GigE connection might be easier than getting SDI
-repeaters/splitters, especially when you have a lot of them. (Also, in some
-cases, you might want to share synthetic signals, such as graphics, that never
-existed on SDI in the first place.)
+  * firmware ([thread][2]): the basic software of the device, shipped by Kobo company
+  * Metazoa firmware patches ([thread][3]): fix some layout options and functionalities, see below for details.
+  * Kobo Start Menu (V08, update 5b [thread][4]): a menu that pops up _before_ the reading software (nickel) starts, which allows to start alternative readers (like koreader) etc.
+  * KOreader ([koreader-nightly-20171004][5], [thread][6]): an alternative document reader that supports epub, azw, pdf, djvu and many more
+  * pbchess and CoolReader ([2017.10.14][7], [thread][8]): a chess program and another alternative reader, bundled together with several other games
+  * kobohack ([web site][9]): I only use the ssh server
+  * ssh access ([old post][10]: makes a full computer from your device by allowing you to log into it via ssh
+  * custom dictionaries ([thread][11]): this fix updates dictionaries from the folder `customdicts` to the Kobo dictionary folder. For creating your own Japanese-English dictionary, see this [blog entry][12]
+  * side-loaded fonts: GentiumBasic and GentiumBookBasic, Verdana, DroidSerif, and [Charter-eInk][13]
 
-   [2]: <https://nageru.sesse.net/>
+   [2]: <https://www.mobileread.com/forums/showthread.php?t=291197>
+   [3]: <http://www.mobileread.com/forums/showthread.php?t=260100>
+   [4]: <https://www.mobileread.com/forums/showthread.php?t=266821>
+   [5]: <https://github.com/koreader/koreader/releases/tag/v2017.10.04-nightly>
+   [6]: <http://www.mobileread.com/forums/showthread.php?t=216960>
+   [7]: <http://pbchess.vlasovsoft.net/files/test/pbchess_2017.10.14_kobo.zip>
+   [8]: <http://www.mobileread.com/forums/showthread.php?t=222803>
+   [9]: <http://code.google.com/p/kobohack-j/>
+   [10]: <https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/> (ssh (or telnet) on the Kobo Glo)
+   [11]: <http://www.mobileread.com/forums/showthread.php?t=197828>
+   [12]: <https://www.preining.info/blog/2015/08/japanese-english-dictionary-for-kobo/> (Japanese-English dictionary for Kobo)
+   [13]: <http://www.mobileread.com/forums/showthread.php?t=260978>
 
-This naturally leads to the following demands:
+## Install procedure
 
-  * Intraframe-only; every frame must be compressed independently. (This isn't strictly needed for all use cases, but is much more flexible, and common in any kind of broadcast.)
-  * Need to handle 4:2:2 color, since that's what most capture sources give out, and we want to transmit the raw signals as much as possible. Fairly flexible in input resolution (divisible by 16 is okay, limited to only a given set of resolutions is not).
-  * 720p60 video in less than one CPU core (ideally much less); the CPU can already pretty be busy with other work, like x264 encoding of the finished stream, and sharing four more inputs at the same time is pretty common. What matters is mostly a single encode+decode cycle, so fast decode doesn't help if the encoder is too slow.
-  * Target bitrates around 100-150 Mbit/sec, at similar quality to MJPEG (ie. 45 dB PSNR for most content). Multiple signals should fit into a normal GigE link at the same time, although getting it to work over 802.11 isn't a big priority.
-  * Both encoder and decoder robust to corrupted or malicious data; a dropped frame is fine, a crash is not.
-  * Does not depend on uncommon or expensive hardware, or GPUs from a specific manufacturer.
-  * GPLv3-compatible implementation. I already link to GPLv3 software, so I don't have a choice here; I cannot link to something non-free (and no antics with dlopen(), please).
+### Download
 
-There's a bunch of intraframe formats around. The most obvious thing to do
-would be to use Intel Quick Sync to produce H.264 (intraframe H.264 blows
-basically everything else out of the sky in terms of PSNR, and QSV hardly uses
-any power at all), but sadly, that's limited to 4:2:0. I thought about
-encoding the three color planes as three different monochrome streams, but
-monochrome is not supported either.
+### Mark6 – Kobo GloHD
 
-Then there's a host of software solutions. x264 can do 4:2:2, but even on
-ultrafast, it gobbles up an entire core or more at 720p60 at the target
-bitrates (mostly in entropy coding). FFmpeg has implementations of all kinds
-of other codecs, like DNxHD, CineForm, MJPEG and so on, but they all use much
-more CPU for encoding than the target. NDI would seem to fit the bill exactly,
-but fails the licensing check, and also isn't robust to corrupted or malicious
-data. (That, and their claims about video quality are dramatically overblown
-for any kinds of real video data I've tried.)
+firmware: [Kobo 4.6.9995 for GloHD][14]
 
-So, sadly, this leaves only really one choice, namely rolling my own. I
-quickly figured I couldn't beat the world on CPU video codec speed, and didn't
-really want to spend my life optimizing AVX2 DCTs anyway, so again, the GPU
-will come to our rescue in the form of compute shaders. (There are some other
-GPU codecs out there, but all that I've found depend on CUDA, so they are
-NVIDIA-only, which I'm not prepared to commit to.) Of course, the GPU is quite
-busy in Nageru, but if one can make an efficient enough codec that one stream
-can work at only 5% or so of the GPU (meaning 1200 fps or so), it wouldn't
-really make a dent. (As a spoiler, the current Narabu encoder isn't there for
-720p60 on my GTX 950, but the decoder is.)
+   [14]: <http://download.kobobooks.com/firmwares/kobo6/Oct2017/kobo-update-4.6.9995.zip>
 
-In the next post, we'll look a bit at the GPU programming model, and what it
-means for how our codec needs to look like on the design level.
+Mega update: [Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz][15]
 
+   [15]: <http://www.preining.info/software/Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz>
 
---===============testboundary==--
+### Mark5 – Aura
 
-From planet-debian Wed Oct 18 00:54:15 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Wed, 18 Oct 2017 00:54:15 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Norbert Preining: Kobo firmware 4.6.9995 mega update (KSM, nickel patch, ssh, fonts)
-Message-ID: https-www-preining-info-blog-p-6827
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://www.preining.info/blog/2017/10/kobo-firmware-4-6-9995-mega-update-ksm-nickel-patch-ssh-fonts/
+firmware: [Kobo 4.6.9995 for Aura][16]
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>It has been ages that I haven’t updated the MegaUpdate package for Kobo. Now that a new and seemingly rather bug-free and quick firmware release (4.6.9995) has been released, I finally took the time to update the whole package to the latest releases of all the included items. The update includes all my favorite patches and features: Kobo Start Menu, koreader, coolreader, pbchess, ssh access, custom dictionaries, and some side-loaded fonts.</p>
-<p><a href="http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png"><img alt="Kobo Logo" class="aligncenter size-full wp-image-1241" height="380" src="http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png" width="720" /></a></p>
-<p>So what are all these items:</p>
-<ul>
-<li>firmware (<a href="https://www.mobileread.com/forums/showthread.php?t=291197">thread</a>): the basic software of the device, shipped by Kobo company</li>
-<li>Metazoa firmware patches (<a href="http://www.mobileread.com/forums/showthread.php?t=260100">thread</a>): fix some layout options and functionalities, see below for details.</li>
-<li>Kobo Start Menu (V08, update 5b <a href="https://www.mobileread.com/forums/showthread.php?t=266821">thread</a>): a menu that pops up <em>before</em> the reading software (nickel) starts, which allows to start alternative readers (like koreader) etc.</li>
-<li>KOreader (<a href="https://github.com/koreader/koreader/releases/tag/v2017.10.04-nightly">koreader-nightly-20171004</a>, <a href="http://www.mobileread.com/forums/showthread.php?t=216960">thread</a>): an alternative document reader that supports epub, azw, pdf, djvu and many more</li>
-<li>pbchess and CoolReader (<a href="http://pbchess.vlasovsoft.net/files/test/pbchess_2017.10.14_kobo.zip">2017.10.14</a>, <a href="http://www.mobileread.com/forums/showthread.php?t=222803">thread</a>): a chess program and another alternative reader, bundled together with several other games</li>
-<li>kobohack (<a href="http://code.google.com/p/kobohack-j/">web site</a>): I only use the ssh server</li>
-<li>ssh access (<a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">old post</a>: makes a full computer from your device by allowing you to log into it via ssh</li>
-<li>custom dictionaries (<a href="http://www.mobileread.com/forums/showthread.php?t=197828">thread</a>): this fix updates dictionaries from the folder <tt>customdicts</tt> to the Kobo dictionary folder. For creating your own Japanese-English dictionary, see this <a href="https://www.preining.info/blog/2015/08/japanese-english-dictionary-for-kobo/" title="Japanese-English dictionary for Kobo">blog entry</a></li>
-<li>side-loaded fonts: GentiumBasic and GentiumBookBasic, Verdana, DroidSerif, and <a href="http://www.mobileread.com/forums/showthread.php?t=260978">Charter-eInk</a></li>
-</ul>
-<p><span id="more-6827"></span></p>
-<h2>Install procedure</h2>
-<h3>Download</h3>
-<h3>Mark6 – Kobo GloHD</h3>
-<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo6/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for GloHD</a></p>
-<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz</a> </p>
-<h3>Mark5 – Aura</h3>
-<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo5/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for Aura</a></p>
-<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark5/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark5/KoboRoot.tgz</a> </p>
-<h3>Mark4 – Kobo Glo, Aura HD</h3>
-<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo4/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for Glo and AuraHD</a></p>
-<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark4/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark4/KoboRoot.tgz</a> </p>
-<h3>Latest firmware</h3>
-<p><strong>Warning:</strong> Sideloading or crossloading the incorrect firmware can break/brick your device. The link below is for <strong>Kobo GloHD ONLY</strong>.</p>
-<p>The first step is to update the Kobo to the latest firmware. This can easily be done by just getting the latest firmware from the links above and unpacking the zip file into the <tt>.kobo</tt> directory on your device. Eject and enjoy the updating procedure.</p>
-<h3>Mega update</h3>
-<p>Get the combined <tt>KoboRoot.tgz</tt> for your device from the links above and put it into the <tt>.kobo</tt> directory, then eject and enjoy the updating procedure again.</p>
-<p>After this the device should reboot and you will be kicked into KSM, from where after some time of waiting Nickel will be started. If you consider the fonts too small, select <tt>Configure</tt>, then the <tt>General</tt>, and <tt>add item</tt>, then select <tt>kobomenuFontsize=55</tt> and <tt>save</tt>.</p>
-<h2>Remarks to some of the items included</h2>
-<p>The full list of included things is above, here are only some notes about what specific I have done.</p>
-<ul>
-<li>Metazoa firmware patches
-<p>Included patches from the <a href="http://www.mobileread.com/forums/showthread.php?t=260100">Metazoa firmware patches</a>:</p>
-<pre lang="sadas">Custom left &amp; right margins
-Fix three KePub fullScreenReading bugs
-Change dicthtml strings to micthtml
-Default ePub monospace font (Courier)
-Custom reading footer style
-Dictionary pop-up frame size increase
-Increase The Cover Size In Library
-Increasing The View Details Container
-New home screen increasing cover size
-Reading stats/Author name cut when the series is showing bug fix 
-New home screen subtitle custom font
-Custom font to Collection and Authors names
-</pre>
-<p>If you need/want different patches, you need to do the patching yourself.</p>
-</li><li>kobohack-h
-<p><a href="http://code.google.com/p/kobohack-j/">Kobohack</a> (latest version 20150110) originally provided updated libraries and optimizations, but unfortunately it is now completely outdated and using it is not recommended for the library part. I only include the ssh server (dropbear) so that connections to the Kobo via ssh.
-</p></li>
-<li>ssh fixes
-<p>See the detailed instructions <a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">here</a>, the necessary files are already included in the mega upload. It updates the <tt>/etc/inittab</tt> to run also <tt>/etc/init.d/rcS2</tt>, and this one again starts the <tt>inetd</tt> server and run user supplied commands in <tt>/mnt/onboard/run.sh</tt> which is where your documents are.
-</p></li>
-<li>Custom dictionaries
-<p>The necessary directories and scripts are already included in the above combined KoboRoot.tgz, so nothing to be done but dropping updated, fixed, changed dictionaries into your Kobo root into the directory <tt>customdict</tt>. After this you need to reboot to get the actual dictionaries updated. See this <a href="http://www.mobileread.com/forums/showthread.php?t=197828">thread</a> for more information. The adaptions and script mentioned in <a href="http://www.mobileread.com/forums/showpost.php?p=2401477&amp;postcount=26">this post</a> are included in the mega update. </p></li>
-</ul>
-<h2><strong>WARNINGS</strong></h2>
-<p>If this is the first time you install this patch, you to fix the password for root and disable telnet. This is an important step, here are the steps you have to take (taken from <a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">this old post</a>):</p>
-<ol>
-<li>Turn on Wifi on the Kobo and find IP address<br />
-Go to Settings – Connect and after this is done, go to Settings – Device Information where you will see something like<code><br />
-IP Address:     192.168.1.NN</code><br />
-(numbers change!)</li>
-<li>telnet into your device<br />
-<code>telnet 192.168.1.NN</code><br />
-it will ask you the user name, enter “root” (without the quotes) and no password</li>
-<li>(ON THE GLO) change home directory of root<br />
-edit /etc/passwd with vi and change the entry for root by changing the 6th field from: “/” to “/root” (without the quotes). After this procedure the line should look like<br />
-<code>root::0:0:root:/root:/bin/sh</code><br />
-don’t forget to save the file</li>
-<li>(ON THE GLO) create ssh keys for dropbear<br />
-<code>[root@(none) ~]# mkdir /etc/dropbear<br />
-[root@(none) ~]# cd /etc/dropbear<br />
-[root@(none) ~]# dropbearkey -t dss -f dropbear_dss_host_key<br />
-[root@(none) ~]# dropbearkey -t rsa -f dropbear_rsa_host_key</code></li>
-<li>(ON YOUR PERSONAL COMPUTER) check that you can log in with ssh<br />
-<code>ssh root@192.168.1.NN</code><br />
-You should get dropped into your device again</li>
-<li>(ON THE GLO) log out of the telnet session (the first one you did)<br />
-<code>[root@(none) ~]# exit</code></li>
-<li>(ON THE GLO) in your ssh session, change the password of root<br />
-<code>[root@(none) ~]# passwd</code><br />
-you will have to enter the new password two times. Remember it well, you will not be easily able to recover it without opening your device.</li>
-<li>(ON THE GLO) disable telnet login<br />
-edit the file /etc/inetd.conf.local on the GLO (using vi) and remove the telnet line (the line starting with 23).</li>
-<li>restart your device</li>
-</ol>
-<p>The combined KoboRoot.tgz is provided without warranty. If you need to reset your device, don’t blame me!</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://www.preining.info/blog/2017/10/kobo-firmware-4-6-9995-mega-update-ksm-nickel-patch-ssh-fonts/
-
-It has been ages that I haven’t updated the MegaUpdate package for Kobo. Now
-that a new and seemingly rather bug-free and quick firmware release (4.6.9995)
-has been released, I finally took the time to update the whole package to the
-latest releases of all the included items. The update includes all my favorite
-patches and features: Kobo Start Menu, koreader, coolreader, pbchess, ssh
-access, custom dictionaries, and some side-loaded fonts.
-
-[Kobo Logo][1]
-
-   [1]: <http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png>
-
-So what are all these items:
-
-  * firmware ([thread][2]): the basic software of the device, shipped by Kobo company
-  * Metazoa firmware patches ([thread][3]): fix some layout options and functionalities, see below for details.
-  * Kobo Start Menu (V08, update 5b [thread][4]): a menu that pops up _before_ the reading software (nickel) starts, which allows to start alternative readers (like koreader) etc.
-  * KOreader ([koreader-nightly-20171004][5], [thread][6]): an alternative document reader that supports epub, azw, pdf, djvu and many more
-  * pbchess and CoolReader ([2017.10.14][7], [thread][8]): a chess program and another alternative reader, bundled together with several other games
-  * kobohack ([web site][9]): I only use the ssh server
-  * ssh access ([old post][10]: makes a full computer from your device by allowing you to log into it via ssh
-  * custom dictionaries ([thread][11]): this fix updates dictionaries from the folder `customdicts` to the Kobo dictionary folder. For creating your own Japanese-English dictionary, see this [blog entry][12]
-  * side-loaded fonts: GentiumBasic and GentiumBookBasic, Verdana, DroidSerif, and [Charter-eInk][13]
-
-   [2]: <https://www.mobileread.com/forums/showthread.php?t=291197>
-   [3]: <http://www.mobileread.com/forums/showthread.php?t=260100>
-   [4]: <https://www.mobileread.com/forums/showthread.php?t=266821>
-   [5]: <https://github.com/koreader/koreader/releases/tag/v2017.10.04-nightly>
-   [6]: <http://www.mobileread.com/forums/showthread.php?t=216960>
-   [7]: <http://pbchess.vlasovsoft.net/files/test/pbchess_2017.10.14_kobo.zip>
-   [8]: <http://www.mobileread.com/forums/showthread.php?t=222803>
-   [9]: <http://code.google.com/p/kobohack-j/>
-   [10]: <https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/> (ssh (or telnet) on the Kobo Glo)
-   [11]: <http://www.mobileread.com/forums/showthread.php?t=197828>
-   [12]: <https://www.preining.info/blog/2015/08/japanese-english-dictionary-for-kobo/> (Japanese-English dictionary for Kobo)
-   [13]: <http://www.mobileread.com/forums/showthread.php?t=260978>
-
-## Install procedure
-
-### Download
-
-### Mark6 – Kobo GloHD
-
-firmware: [Kobo 4.6.9995 for GloHD][14]
-
-   [14]: <http://download.kobobooks.com/firmwares/kobo6/Oct2017/kobo-update-4.6.9995.zip>
-
-Mega update: [Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz][15]
-
-   [15]: <http://www.preining.info/software/Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz>
-
-### Mark5 – Aura
-
-firmware: [Kobo 4.6.9995 for Aura][16]
-
-   [16]: <http://download.kobobooks.com/firmwares/kobo5/Oct2017/kobo-update-4.6.9995.zip>
+   [16]: <http://download.kobobooks.com/firmwares/kobo5/Oct2017/kobo-update-4.6.9995.zip>
 
 Mega update: [Kobo-4.6.9995-combined/Mark5/KoboRoot.tgz][17]
 
@@ -1567,6 +1470,103 @@ The combined KoboRoot.tgz is provided without warranty. If you need to reset
 your device, don’t blame me!
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>It has been ages that I haven’t updated the MegaUpdate package for Kobo. Now that a new and seemingly rather bug-free and quick firmware release (4.6.9995) has been released, I finally took the time to update the whole package to the latest releases of all the included items. The update includes all my favorite patches and features: Kobo Start Menu, koreader, coolreader, pbchess, ssh access, custom dictionaries, and some side-loaded fonts.</p>
+<p><a href="http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png"><img alt="Kobo Logo" class="aligncenter size-full wp-image-1241" height="380" src="http://www.preining.info/blog/wp-content/uploads/2013/07/kobo_720w.png" width="720" /></a></p>
+<p>So what are all these items:</p>
+<ul>
+<li>firmware (<a href="https://www.mobileread.com/forums/showthread.php?t=291197">thread</a>): the basic software of the device, shipped by Kobo company</li>
+<li>Metazoa firmware patches (<a href="http://www.mobileread.com/forums/showthread.php?t=260100">thread</a>): fix some layout options and functionalities, see below for details.</li>
+<li>Kobo Start Menu (V08, update 5b <a href="https://www.mobileread.com/forums/showthread.php?t=266821">thread</a>): a menu that pops up <em>before</em> the reading software (nickel) starts, which allows to start alternative readers (like koreader) etc.</li>
+<li>KOreader (<a href="https://github.com/koreader/koreader/releases/tag/v2017.10.04-nightly">koreader-nightly-20171004</a>, <a href="http://www.mobileread.com/forums/showthread.php?t=216960">thread</a>): an alternative document reader that supports epub, azw, pdf, djvu and many more</li>
+<li>pbchess and CoolReader (<a href="http://pbchess.vlasovsoft.net/files/test/pbchess_2017.10.14_kobo.zip">2017.10.14</a>, <a href="http://www.mobileread.com/forums/showthread.php?t=222803">thread</a>): a chess program and another alternative reader, bundled together with several other games</li>
+<li>kobohack (<a href="http://code.google.com/p/kobohack-j/">web site</a>): I only use the ssh server</li>
+<li>ssh access (<a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">old post</a>: makes a full computer from your device by allowing you to log into it via ssh</li>
+<li>custom dictionaries (<a href="http://www.mobileread.com/forums/showthread.php?t=197828">thread</a>): this fix updates dictionaries from the folder <tt>customdicts</tt> to the Kobo dictionary folder. For creating your own Japanese-English dictionary, see this <a href="https://www.preining.info/blog/2015/08/japanese-english-dictionary-for-kobo/" title="Japanese-English dictionary for Kobo">blog entry</a></li>
+<li>side-loaded fonts: GentiumBasic and GentiumBookBasic, Verdana, DroidSerif, and <a href="http://www.mobileread.com/forums/showthread.php?t=260978">Charter-eInk</a></li>
+</ul>
+<p><span id="more-6827"></span></p>
+<h2>Install procedure</h2>
+<h3>Download</h3>
+<h3>Mark6 – Kobo GloHD</h3>
+<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo6/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for GloHD</a></p>
+<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark6/KoboRoot.tgz</a> </p>
+<h3>Mark5 – Aura</h3>
+<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo5/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for Aura</a></p>
+<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark5/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark5/KoboRoot.tgz</a> </p>
+<h3>Mark4 – Kobo Glo, Aura HD</h3>
+<p>firmware: <a href="http://download.kobobooks.com/firmwares/kobo4/Oct2017/kobo-update-4.6.9995.zip">Kobo 4.6.9995 for Glo and AuraHD</a></p>
+<p>Mega update: <a href="http://www.preining.info/software/Kobo-4.6.9995-combined/Mark4/KoboRoot.tgz">Kobo-4.6.9995-combined/Mark4/KoboRoot.tgz</a> </p>
+<h3>Latest firmware</h3>
+<p><strong>Warning:</strong> Sideloading or crossloading the incorrect firmware can break/brick your device. The link below is for <strong>Kobo GloHD ONLY</strong>.</p>
+<p>The first step is to update the Kobo to the latest firmware. This can easily be done by just getting the latest firmware from the links above and unpacking the zip file into the <tt>.kobo</tt> directory on your device. Eject and enjoy the updating procedure.</p>
+<h3>Mega update</h3>
+<p>Get the combined <tt>KoboRoot.tgz</tt> for your device from the links above and put it into the <tt>.kobo</tt> directory, then eject and enjoy the updating procedure again.</p>
+<p>After this the device should reboot and you will be kicked into KSM, from where after some time of waiting Nickel will be started. If you consider the fonts too small, select <tt>Configure</tt>, then the <tt>General</tt>, and <tt>add item</tt>, then select <tt>kobomenuFontsize=55</tt> and <tt>save</tt>.</p>
+<h2>Remarks to some of the items included</h2>
+<p>The full list of included things is above, here are only some notes about what specific I have done.</p>
+<ul>
+<li>Metazoa firmware patches
+<p>Included patches from the <a href="http://www.mobileread.com/forums/showthread.php?t=260100">Metazoa firmware patches</a>:</p>
+<pre lang="sadas">Custom left &amp; right margins
+Fix three KePub fullScreenReading bugs
+Change dicthtml strings to micthtml
+Default ePub monospace font (Courier)
+Custom reading footer style
+Dictionary pop-up frame size increase
+Increase The Cover Size In Library
+Increasing The View Details Container
+New home screen increasing cover size
+Reading stats/Author name cut when the series is showing bug fix 
+New home screen subtitle custom font
+Custom font to Collection and Authors names
+</pre>
+<p>If you need/want different patches, you need to do the patching yourself.</p>
+</li><li>kobohack-h
+<p><a href="http://code.google.com/p/kobohack-j/">Kobohack</a> (latest version 20150110) originally provided updated libraries and optimizations, but unfortunately it is now completely outdated and using it is not recommended for the library part. I only include the ssh server (dropbear) so that connections to the Kobo via ssh.
+</p></li>
+<li>ssh fixes
+<p>See the detailed instructions <a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">here</a>, the necessary files are already included in the mega upload. It updates the <tt>/etc/inittab</tt> to run also <tt>/etc/init.d/rcS2</tt>, and this one again starts the <tt>inetd</tt> server and run user supplied commands in <tt>/mnt/onboard/run.sh</tt> which is where your documents are.
+</p></li>
+<li>Custom dictionaries
+<p>The necessary directories and scripts are already included in the above combined KoboRoot.tgz, so nothing to be done but dropping updated, fixed, changed dictionaries into your Kobo root into the directory <tt>customdict</tt>. After this you need to reboot to get the actual dictionaries updated. See this <a href="http://www.mobileread.com/forums/showthread.php?t=197828">thread</a> for more information. The adaptions and script mentioned in <a href="http://www.mobileread.com/forums/showpost.php?p=2401477&amp;postcount=26">this post</a> are included in the mega update. </p></li>
+</ul>
+<h2><strong>WARNINGS</strong></h2>
+<p>If this is the first time you install this patch, you to fix the password for root and disable telnet. This is an important step, here are the steps you have to take (taken from <a href="https://www.preining.info/blog/2013/07/ssh-or-telnet-on-the-kobo-glo/" title="ssh (or telnet) on the Kobo Glo">this old post</a>):</p>
+<ol>
+<li>Turn on Wifi on the Kobo and find IP address<br />
+Go to Settings – Connect and after this is done, go to Settings – Device Information where you will see something like<code><br />
+IP Address:     192.168.1.NN</code><br />
+(numbers change!)</li>
+<li>telnet into your device<br />
+<code>telnet 192.168.1.NN</code><br />
+it will ask you the user name, enter “root” (without the quotes) and no password</li>
+<li>(ON THE GLO) change home directory of root<br />
+edit /etc/passwd with vi and change the entry for root by changing the 6th field from: “/” to “/root” (without the quotes). After this procedure the line should look like<br />
+<code>root::0:0:root:/root:/bin/sh</code><br />
+don’t forget to save the file</li>
+<li>(ON THE GLO) create ssh keys for dropbear<br />
+<code>[root@(none) ~]# mkdir /etc/dropbear<br />
+[root@(none) ~]# cd /etc/dropbear<br />
+[root@(none) ~]# dropbearkey -t dss -f dropbear_dss_host_key<br />
+[root@(none) ~]# dropbearkey -t rsa -f dropbear_rsa_host_key</code></li>
+<li>(ON YOUR PERSONAL COMPUTER) check that you can log in with ssh<br />
+<code>ssh root@192.168.1.NN</code><br />
+You should get dropped into your device again</li>
+<li>(ON THE GLO) log out of the telnet session (the first one you did)<br />
+<code>[root@(none) ~]# exit</code></li>
+<li>(ON THE GLO) in your ssh session, change the password of root<br />
+<code>[root@(none) ~]# passwd</code><br />
+you will have to enter the new password two times. Remember it well, you will not be easily able to recover it without opening your device.</li>
+<li>(ON THE GLO) disable telnet login<br />
+edit the file /etc/inetd.conf.local on the GLO (using vi) and remove the telnet line (the line starting with 23).</li>
+<li>restart your device</li>
+</ol>
+<p>The combined KoboRoot.tgz is provided without warranty. If you need to reset your device, don’t blame me!</p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 17 20:21:28 2017
@@ -1577,58 +1577,250 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Sune Vuorela: KDE still makes Qt
 Message-ID: http-pusling-com-blog-p-448
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://pusling.com/blog/?p=448
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+http://pusling.com/blog/?p=448
+
+A couple of years ago, I made a blog post, [KDE makes Qt][1], with data about
+which percentage of Qt contributions came from people starting in KDE.
+Basically, how many Qt contributions are made by people who used KDE as a
+“gateway” drug into it.
+
+   [1]: <http://pusling.com/blog/?p=362>
+
+I have now updated the graphs with data until the end of September 2017:
+
+KDE still makes Qt
+
+Many of these changes are made by people not directly as a result of their KDE
+work, but as a result of their paid work. But this doesn’t change the fact
+that KDE is an important project for attracting contributors to Qt, and a very
+good place to find experienced Qt developers.
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/sune.png" width="65" height="90" alt="" align="right" style="float: right;">  <p>A couple of years ago, I made a blog post, <a href="http://pusling.com/blog/?p=362">KDE makes Qt</a>, with data about which percentage of Qt contributions came from people starting in KDE. Basically, how many Qt contributions are made by people who used KDE as a “gateway” drug into it.</p>
-<p>I have now updated the graphs with data until the end of September 2017:</p>
-<p><img alt="KDE still makes Qt" src="https://i.imgur.com/nTIqvlj.png" /></p>
-<p>Many of these changes are made by people not directly as a result of their KDE work, but as a result of their paid work. But this doesn’t change the fact that KDE is an important project for attracting contributors to Qt, and a very good place to find experienced Qt developers.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
+<img src="http://planet.debian.org/heads/sune.png" width="65" height="90" alt="" align="right" style="float: right;">  <p>A couple of years ago, I made a blog post, <a href="http://pusling.com/blog/?p=362">KDE makes Qt</a>, with data about which percentage of Qt contributions came from people starting in KDE. Basically, how many Qt contributions are made by people who used KDE as a “gateway” drug into it.</p>
+<p>I have now updated the graphs with data until the end of September 2017:</p>
+<p><img alt="KDE still makes Qt" src="https://i.imgur.com/nTIqvlj.png" /></p>
+<p>Many of these changes are made by people not directly as a result of their KDE work, but as a result of their paid work. But this doesn’t change the fact that KDE is an important project for attracting contributors to Qt, and a very good place to find experienced Qt developers.</p>
+--===============testboundary==--
+
+From planet-debian Tue Oct 17 19:29:02 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Tue, 17 Oct 2017 19:29:02 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Reproducible builds folks: Reproducible Builds: Weekly report #129
+Message-ID: https-reproducible-alioth-debian-org-blog-posts-129
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://reproducible.alioth.debian.org/blog/posts/129/
+
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+https://reproducible.alioth.debian.org/blog/posts/129/
+
+Here's what happened in the [Reproducible Builds][1] effort between Sunday
+October 8 and Saturday October 14 2017:
+
+   [1]: <https://reproducible-builds.org>
+
+## Upcoming events
+
+  * On Saturday 21st October, [Holger Levsen will present][2] at [All Systems Go!][3] in Berlin, Germany on reproducible builds.
+
+   [2]: <https://cfp.all-systems-go.io/en/ASG2017/public/events/117>
+   [3]: <https://all-systems-go.io/>
+
+  * On Tuesday 24th October, [Chris Lamb will present][4] at [All Things Open 2017][5] in Raleigh, NC, USA on reproducible builds.
+
+   [4]: <https://allthingsopen.org/talk/you-think-youre-not-a-target-a-tale-of-three-developers/>
+   [5]: <https://allthingsopen.org>
+
+  * On Wednesday 25th October, [Holger Levsen will present][6] at the [Open Source Summit Europe][7] in Prague, Czech Republic on reproducible builds.
+
+   [6]: <https://osseu17.sched.com/event/BxJs/reproducible-builds-we-made-lots-of-progress-in-many-places-but-were-still-far-from-our-goals-of-changing-the-software-world-holger-levsen>
+   [7]: <https://osseu17.sched.com>
+
+  * From October 31st - November 2nd we will be holding the [3rd Reproducible Builds summit][8] in Berlin. If you are working in the field of reproducible builds, you should totally be there. Please contact us if you have any questions! Quoting from the [public invitation mail][9]:
+    
+       [8]: <https://reproducible-builds.org/events/berlin2017/>
+   [9]: <https://lists.reproducible-builds.org/pipermail/rb-general/2017-October/000653.html>
+
+    These dates are inclusive, ie. the summit will be 3 full days from "9 to 5".
+    Best arrive on Monday October 30th and leave on the evening of Thursday, 3rd
+    at the earliest.
+    
+    
+    Meeting content
+    ===============
+    
+    The exact content of the meeting is going to be shaped by the
+    participants, but here are the main goals:
+    
+     - Update & exchange about the status of reproducible builds in various
+       projects.
+     - Establish spaces for more strategic and long-term thinking than is possible
+       in virtual channels.
+     - Improve collaboration both between and inside projects.
+     - Expand the scope and reach of reproducible builds to more projects.
+     - Brainstorming / Designing several things, eg:
+      - designing tools enabling end-users to get the most benefits from
+        reproducible builds.
+      - design of back-ends needed for that.
+     - Work together and hack on solutions.
+    
+    There will be a huge variety of topics to be discussed. To give a few
+    examples:
+    - continuing design and development work on .buildinfo infrastructure
+    - build-path issues everywhere
+    - future directions for diffoscope, reprotest & strip-nondeterminism
+    - reproducing signed artifacts such as RPMs
+    - discussing formats and tools we can share
+    - sharing proposals for standards and documentation helpful to spreading the
+      reproducible effort
+    - and many many more.
+    
+    Please think about what you want discuss, brainstorm & learn about at this
+    meeting!
+    
+    
+    Schedule
+    ========
+    
+    Preliminary schedule for the three days:
+    
+    9:00 Welcome and breakfast
+    9:30 Meeting starts
+    12:30 Lunch
+    17:00 End of the official schedule
+    
+    Gunner and Beatrice from Aspiration will help running the meeting. We will
+    collect your input in subsequent emails to make the best of everyone's time.
+    Feel free to start thinking about what you want to achieve there. We will also
+    adjust topics as the meeting goes.
+    
+    Please note that we are very likely to spend large parts of the meeting away
+    from laptops and closer to post-it notes. So make sure you've answered any
+    critical emails *before* Tuesday morning! :)
+    
+
+## Reproducible work in other projects
+
+Pierre Pronchery reported that that he has [built the foundations for doing
+more reproducibility work in NetBSD][10].
+
+   [10]: <https://lists.reproducible-builds.org/pipermail/rb-general/2017-October/000654.html>
+
+## Packages fixed
+
+Upstream bugs and patches:
+
+  * Bernhard M. Wiedemann: 
+    * [qutim][11] used RANDOM which is unpredictable and unreproducible.
+    * [dpdk][12] used locale-dependent sort.
+
+   [11]: <https://bugs.launchpad.net/qutim/+bug/1724148>
+   [12]: <http://dpdk.org/ml/archives/dev/2017-October/078193.html>
+
+Reproducibility non-maintainer uploads in Debian:
+
+  * Chris Lamb: 
+    * [mailfront][13] for bugs [#777431][14] & [#847020][15].
+    * [plib-doc][16] for bugs [#778971][17] & [#557676][18].
+    * [ipsvd][19] for bugs [#777417][20] & [#846890][21].
+  * Holger Levsen 
+    * [keyutils][22] for bug [#828681][23].
+
+   [13]: <https://tracker.debian.org/pkg/mailfront>
+   [14]: <https://bugs.debian.org/777431>
+   [15]: <https://bugs.debian.org/847020>
+   [16]: <https://tracker.debian.org/pkg/plib-doc>
+   [17]: <https://bugs.debian.org/778971>
+   [18]: <https://bugs.debian.org/557676>
+   [19]: <https://tracker.debian.org/pkg/ipsvd>
+   [20]: <https://bugs.debian.org/777417>
+   [21]: <https://bugs.debian.org/846890>
+   [22]: <https://tracker.debian.org/pkg/keyutils>
+   [23]: <https://bugs.debian.org/828681>
+
+QA fixes in Debian:
+
+  * Adrian Bunk: 
+    * [#878329][24] filed against [sonic-visualiser][25].
+    * [#878333][26] filed against [tree-puzzle][27].
+
+   [24]: <https://bugs.debian.org/878329>
+   [25]: <https://tracker.debian.org/pkg/sonic-visualiser>
+   [26]: <https://bugs.debian.org/878333>
+   [27]: <https://tracker.debian.org/pkg/tree-puzzle>
+
+## Reviews of unreproducible packages
+
+6 package reviews have been added, 30 have been updated and 37 have been
+removed in this week, adding to our knowledge about [identified issues][28].
+
+   [28]: <https://tests.reproducible-builds.org/debian/index_issues.html>
+
+## Weekly QA work
+
+During our reproducibility testing, FTBFS bugs have been detected and reported
+by:
+
+  * Adrian Bunk (40)
+  * Eric Valette (1)
+  * Markus Koschany (1)
+
+## diffoscope development
+
+  * Ximin Luo: 
+    * Containers: diff the metadata of containers in one central location in the code, so that deep-diff works between all combinations of different container types. This lets us finally close [#797759][29].
+    * Tests: add a complete set of cases to test all pairs of container types.
+  * Chris Lamb: 
+    * Temporarily skip the test for ps2ascii(1) in [ghostscript][30] > 9.21 which now outputs text in a slightly different format.
+    * UI wording improvements.
 
-http://pusling.com/blog/?p=448
+   [29]: <https://bugs.debian.org/797759>
+   [30]: <https://tracker.debian.org/pkg/ghostscript>
 
-A couple of years ago, I made a blog post, [KDE makes Qt][1], with data about
-which percentage of Qt contributions came from people starting in KDE.
-Basically, how many Qt contributions are made by people who used KDE as a
-“gateway” drug into it.
+## reprotest development
 
-   [1]: <http://pusling.com/blog/?p=362>
+Version [0.7.3][31] was uploaded to unstable by Ximin Luo. It included
+[contributions][32] already covered by posts of the previous weeks, as well as
+new ones:
 
-I have now updated the graphs with data until the end of September 2017:
+   [31]: <https://tracker.debian.org/news/879113>
+   [32]: <https://anonscm.debian.org/git/reproducible/reprotest.git/log/?h=0.7.3>
 
-KDE still makes Qt
+  * Ximin Luo: 
+    * Add a `--env-build` option for testing builds under different sets of environment variables. This is meant to help the discussion over at [#876055][33] about how we should deal with different types of environment variables in a stricter definition of reproducibility.
+    * UI and logging tweaks and improvements.
+    * Simplify the `_shell_ast` module and merge it into `shell_syn`.
 
-Many of these changes are made by people not directly as a result of their KDE
-work, but as a result of their paid work. But this doesn’t change the fact
-that KDE is an important project for attracting contributors to Qt, and a very
-good place to find experienced Qt developers.
+   [33]: <https://bugs.debian.org/876055>
 
+## Misc.
 
---===============testboundary==--
+This week's edition was written by Ximin Luo, Chris Lamb and Holger Levsen &
+reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
 
-From planet-debian Tue Oct 17 19:29:02 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Tue, 17 Oct 2017 19:29:02 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Reproducible builds folks: Reproducible Builds: Weekly report #129
-Message-ID: https-reproducible-alioth-debian-org-blog-posts-129
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://reproducible.alioth.debian.org/blog/posts/129/
 
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
@@ -1824,214 +2016,22 @@ already covered by posts of the previous weeks, as well as new ones:</p>
 <ul>
 <li>Ximin Luo:
 
-<ul>
-<li>Add a <code>--env-build</code> option for testing builds under different sets of
-environment variables. This is meant to help the discussion over at
-<a href="https://bugs.debian.org/876055">#876055</a> about how we should deal with different types of
-environment variables in a stricter definition of reproducibility.</li>
-<li>UI and logging tweaks and improvements.</li>
-<li>Simplify the <code>_shell_ast</code> module and merge it into <code>shell_syn</code>.</li>
-</ul>
-</li>
-</ul>
-
-
-<h2>Misc.</h2>
-
-<p>This week's edition was written by Ximin Luo, Chris Lamb and Holger Levsen &amp;
-reviewed by a bunch of Reproducible Builds folks on IRC &amp; the mailing lists.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://reproducible.alioth.debian.org/blog/posts/129/
-
-Here's what happened in the [Reproducible Builds][1] effort between Sunday
-October 8 and Saturday October 14 2017:
-
-   [1]: <https://reproducible-builds.org>
-
-## Upcoming events
-
-  * On Saturday 21st October, [Holger Levsen will present][2] at [All Systems Go!][3] in Berlin, Germany on reproducible builds.
-
-   [2]: <https://cfp.all-systems-go.io/en/ASG2017/public/events/117>
-   [3]: <https://all-systems-go.io/>
-
-  * On Tuesday 24th October, [Chris Lamb will present][4] at [All Things Open 2017][5] in Raleigh, NC, USA on reproducible builds.
-
-   [4]: <https://allthingsopen.org/talk/you-think-youre-not-a-target-a-tale-of-three-developers/>
-   [5]: <https://allthingsopen.org>
-
-  * On Wednesday 25th October, [Holger Levsen will present][6] at the [Open Source Summit Europe][7] in Prague, Czech Republic on reproducible builds.
-
-   [6]: <https://osseu17.sched.com/event/BxJs/reproducible-builds-we-made-lots-of-progress-in-many-places-but-were-still-far-from-our-goals-of-changing-the-software-world-holger-levsen>
-   [7]: <https://osseu17.sched.com>
-
-  * From October 31st - November 2nd we will be holding the [3rd Reproducible Builds summit][8] in Berlin. If you are working in the field of reproducible builds, you should totally be there. Please contact us if you have any questions! Quoting from the [public invitation mail][9]:
-    
-       [8]: <https://reproducible-builds.org/events/berlin2017/>
-   [9]: <https://lists.reproducible-builds.org/pipermail/rb-general/2017-October/000653.html>
-
-    These dates are inclusive, ie. the summit will be 3 full days from "9 to 5".
-    Best arrive on Monday October 30th and leave on the evening of Thursday, 3rd
-    at the earliest.
-    
-    
-    Meeting content
-    ===============
-    
-    The exact content of the meeting is going to be shaped by the
-    participants, but here are the main goals:
-    
-     - Update & exchange about the status of reproducible builds in various
-       projects.
-     - Establish spaces for more strategic and long-term thinking than is possible
-       in virtual channels.
-     - Improve collaboration both between and inside projects.
-     - Expand the scope and reach of reproducible builds to more projects.
-     - Brainstorming / Designing several things, eg:
-      - designing tools enabling end-users to get the most benefits from
-        reproducible builds.
-      - design of back-ends needed for that.
-     - Work together and hack on solutions.
-    
-    There will be a huge variety of topics to be discussed. To give a few
-    examples:
-    - continuing design and development work on .buildinfo infrastructure
-    - build-path issues everywhere
-    - future directions for diffoscope, reprotest & strip-nondeterminism
-    - reproducing signed artifacts such as RPMs
-    - discussing formats and tools we can share
-    - sharing proposals for standards and documentation helpful to spreading the
-      reproducible effort
-    - and many many more.
-    
-    Please think about what you want discuss, brainstorm & learn about at this
-    meeting!
-    
-    
-    Schedule
-    ========
-    
-    Preliminary schedule for the three days:
-    
-    9:00 Welcome and breakfast
-    9:30 Meeting starts
-    12:30 Lunch
-    17:00 End of the official schedule
-    
-    Gunner and Beatrice from Aspiration will help running the meeting. We will
-    collect your input in subsequent emails to make the best of everyone's time.
-    Feel free to start thinking about what you want to achieve there. We will also
-    adjust topics as the meeting goes.
-    
-    Please note that we are very likely to spend large parts of the meeting away
-    from laptops and closer to post-it notes. So make sure you've answered any
-    critical emails *before* Tuesday morning! :)
-    
-
-## Reproducible work in other projects
-
-Pierre Pronchery reported that that he has [built the foundations for doing
-more reproducibility work in NetBSD][10].
-
-   [10]: <https://lists.reproducible-builds.org/pipermail/rb-general/2017-October/000654.html>
-
-## Packages fixed
-
-Upstream bugs and patches:
-
-  * Bernhard M. Wiedemann: 
-    * [qutim][11] used RANDOM which is unpredictable and unreproducible.
-    * [dpdk][12] used locale-dependent sort.
-
-   [11]: <https://bugs.launchpad.net/qutim/+bug/1724148>
-   [12]: <http://dpdk.org/ml/archives/dev/2017-October/078193.html>
-
-Reproducibility non-maintainer uploads in Debian:
-
-  * Chris Lamb: 
-    * [mailfront][13] for bugs [#777431][14] & [#847020][15].
-    * [plib-doc][16] for bugs [#778971][17] & [#557676][18].
-    * [ipsvd][19] for bugs [#777417][20] & [#846890][21].
-  * Holger Levsen 
-    * [keyutils][22] for bug [#828681][23].
-
-   [13]: <https://tracker.debian.org/pkg/mailfront>
-   [14]: <https://bugs.debian.org/777431>
-   [15]: <https://bugs.debian.org/847020>
-   [16]: <https://tracker.debian.org/pkg/plib-doc>
-   [17]: <https://bugs.debian.org/778971>
-   [18]: <https://bugs.debian.org/557676>
-   [19]: <https://tracker.debian.org/pkg/ipsvd>
-   [20]: <https://bugs.debian.org/777417>
-   [21]: <https://bugs.debian.org/846890>
-   [22]: <https://tracker.debian.org/pkg/keyutils>
-   [23]: <https://bugs.debian.org/828681>
-
-QA fixes in Debian:
-
-  * Adrian Bunk: 
-    * [#878329][24] filed against [sonic-visualiser][25].
-    * [#878333][26] filed against [tree-puzzle][27].
-
-   [24]: <https://bugs.debian.org/878329>
-   [25]: <https://tracker.debian.org/pkg/sonic-visualiser>
-   [26]: <https://bugs.debian.org/878333>
-   [27]: <https://tracker.debian.org/pkg/tree-puzzle>
-
-## Reviews of unreproducible packages
-
-6 package reviews have been added, 30 have been updated and 37 have been
-removed in this week, adding to our knowledge about [identified issues][28].
-
-   [28]: <https://tests.reproducible-builds.org/debian/index_issues.html>
-
-## Weekly QA work
-
-During our reproducibility testing, FTBFS bugs have been detected and reported
-by:
-
-  * Adrian Bunk (40)
-  * Eric Valette (1)
-  * Markus Koschany (1)
-
-## diffoscope development
-
-  * Ximin Luo: 
-    * Containers: diff the metadata of containers in one central location in the code, so that deep-diff works between all combinations of different container types. This lets us finally close [#797759][29].
-    * Tests: add a complete set of cases to test all pairs of container types.
-  * Chris Lamb: 
-    * Temporarily skip the test for ps2ascii(1) in [ghostscript][30] > 9.21 which now outputs text in a slightly different format.
-    * UI wording improvements.
-
-   [29]: <https://bugs.debian.org/797759>
-   [30]: <https://tracker.debian.org/pkg/ghostscript>
-
-## reprotest development
-
-Version [0.7.3][31] was uploaded to unstable by Ximin Luo. It included
-[contributions][32] already covered by posts of the previous weeks, as well as
-new ones:
-
-   [31]: <https://tracker.debian.org/news/879113>
-   [32]: <https://anonscm.debian.org/git/reproducible/reprotest.git/log/?h=0.7.3>
-
-  * Ximin Luo: 
-    * Add a `--env-build` option for testing builds under different sets of environment variables. This is meant to help the discussion over at [#876055][33] about how we should deal with different types of environment variables in a stricter definition of reproducibility.
-    * UI and logging tweaks and improvements.
-    * Simplify the `_shell_ast` module and merge it into `shell_syn`.
-
-   [33]: <https://bugs.debian.org/876055>
-
-## Misc.
+<ul>
+<li>Add a <code>--env-build</code> option for testing builds under different sets of
+environment variables. This is meant to help the discussion over at
+<a href="https://bugs.debian.org/876055">#876055</a> about how we should deal with different types of
+environment variables in a stricter definition of reproducibility.</li>
+<li>UI and logging tweaks and improvements.</li>
+<li>Simplify the <code>_shell_ast</code> module and merge it into <code>shell_syn</code>.</li>
+</ul>
+</li>
+</ul>
 
-This week's edition was written by Ximin Luo, Chris Lamb and Holger Levsen &
-reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
 
+<h2>Misc.</h2>
 
+<p>This week's edition was written by Ximin Luo, Chris Lamb and Holger Levsen &amp;
+reviewed by a bunch of Reproducible Builds folks on IRC &amp; the mailing lists.</p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 17 11:33:56 2017
@@ -2042,11 +2042,82 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Jonathan Dowland: Electric Dreams
 Message-ID: http-jmtd-net-log-electric_dreams
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://jmtd.net/log/electric_dreams/
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+http://jmtd.net/log/electric_dreams/
+
+_No spoilers, for those who have yet to watch it..._
+
+Channel 4 have been broadcasting a new 10-part series called _Electric Dreams_
+, based on some of the short fiction of Philip K Dick. The series was
+commissioned after Channel 4 lost _Black Mirror_ to Netflix, perhaps to try
+and find something tonally similar. _Electric Dreams_ is executive-produced by
+Brian Cranston, who also stars in one of the episodes yet to broadcast.
+
+I've read all of PKD's short fiction[1][1] but it was a long time ago so I
+have mostly forgotten the stories upon which the series is based. I've quite
+enjoyed going back and re-reading them after watching the corresponding
+episodes to see what changes they've made. In some cases the changes are
+subtle or complementary, in other cases they've whittled the original story
+right out and installed a new one inside the shell. A companion compilation
+has been published with just the relevant short stories in it, and from what
+I've seen browsing it in a book shop it also contains short introductions
+which might be worth a read.
+
+   [1]: <http://jmtd.net/log/#fn:1>
+
+Things started strong with _The Hood Maker_ , which my wife also enjoyed,
+although she was disappointed to realise we wouldn't be revisiting those
+characters in the future. The world-building was strong enough that it seemed
+like a waste for a single episode.
+
+My favourite episode of those broadcast so far was _The Commuter_ , starring
+Timothy Spall. The changes made were complementary and immensely expanded the
+emotional range of the story. In some ways, a key aspect of the original story
+was completely inverted, which I found quite funny: my original take on Dick's
+story was Dick implying a particular outcome was horrific, whereas it becomes
+desirable in the TV episode.
+
+[Episode 4, *Crazy Diamond*][2]
+
+   [2]: <http://jmtd.net/log/electric_dreams/crazy_diamond.jpg>
+
+Episode 4, _Crazy Diamond_
+
+One of the stories most hollowed-out was _Sales Pitch_ which was the basis for
+Tony Grisoni’s episode _Crazy Diamond_ , starring Steve Buscemi and Sidse
+Babett Knudsen. Buscemi was good but Knudsen totally stole every frame she was
+in. Fans of the cancelled Channel 4 show _Utopia_ should enjoy this one: both
+were directed by Marc Munden and the directing, photography and colour balance
+really recall it.
+
+The last episode broadcast was _Real Life_ directed by Ronald D Moore of
+_Battlestar Galactica_ reboot fame and starring Anna Paquin. Like _Sales
+Pitch_ it bears very little resemblance to the original story. It played
+around with similar ideas explored in a lot of Sci-Fi movies and TV shows but
+left me a little flat; I didn't think it contributed much that I hadn't seen
+before. I was disappointed that there was a relatively conclusive ending.
+There was a subversive humour in the Dick short that was completely lost in
+the retelling. The world design seemed pretty generic.
+
+I'm looking forward to _Autofac_ , which is one of the shorts I can remember
+particularly enjoying.
+
+* * *
+
+  1. as collected in the 5 volumes of _The Collected Stories of Philip K Dick_ , although I don't doubt there are some stragglers that were missed out when that series was compiled.[ ↩][3]
+
+   [3]: <http://jmtd.net/log/#fnref:1>
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
@@ -2117,91 +2188,147 @@ when that series was compiled.<a class="reversefootnote" href="http://jmtd.net/l
 
 </ol>
 </div>
+--===============testboundary==--
+
+From planet-debian Tue Oct 17 05:38:00 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Tue, 17 Oct 2017 05:38:00 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Russ Allbery: Bundle haul
+Message-ID: https-www-eyrie-org-eagle-journal-2017-10-002-html
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://www.eyrie.org/~eagle/journal/2017-10/002.html
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-http://jmtd.net/log/electric_dreams/
-
-_No spoilers, for those who have yet to watch it..._
-
-Channel 4 have been broadcasting a new 10-part series called _Electric Dreams_
-, based on some of the short fiction of Philip K Dick. The series was
-commissioned after Channel 4 lost _Black Mirror_ to Netflix, perhaps to try
-and find something tonally similar. _Electric Dreams_ is executive-produced by
-Brian Cranston, who also stars in one of the episodes yet to broadcast.
-
-I've read all of PKD's short fiction[1][1] but it was a long time ago so I
-have mostly forgotten the stories upon which the series is based. I've quite
-enjoyed going back and re-reading them after watching the corresponding
-episodes to see what changes they've made. In some cases the changes are
-subtle or complementary, in other cases they've whittled the original story
-right out and installed a new one inside the shell. A companion compilation
-has been published with just the relevant short stories in it, and from what
-I've seen browsing it in a book shop it also contains short introductions
-which might be worth a read.
-
-   [1]: <http://jmtd.net/log/#fn:1>
-
-Things started strong with _The Hood Maker_ , which my wife also enjoyed,
-although she was disappointed to realise we wouldn't be revisiting those
-characters in the future. The world-building was strong enough that it seemed
-like a waste for a single episode.
+https://www.eyrie.org/~eagle/journal/2017-10/002.html
 
-My favourite episode of those broadcast so far was _The Commuter_ , starring
-Timothy Spall. The changes made were complementary and immensely expanded the
-emotional range of the story. In some ways, a key aspect of the original story
-was completely inverted, which I found quite funny: my original take on Dick's
-story was Dick implying a particular outcome was horrific, whereas it becomes
-desirable in the TV episode.
+Confession time: I started making these posts (eons ago) because a close
+friend did as well, and I enjoyed reading them. But the main reason why I
+continue is because the primary way I have to keep track of the books I've
+bought and avoid duplicates is, well, grep on these posts.
 
-[Episode 4, *Crazy Diamond*][2]
+I should come up with a non-bullshit way of doing this, but time to do more
+elegant things is in short supply, and, well, it's my blog. So I'm boring all
+of you who read this in various places with my internal bookkeeping. I do try
+to at least add a bit of commentary.
 
-   [2]: <http://jmtd.net/log/electric_dreams/crazy_diamond.jpg>
+This one will be more tedious than most since it includes five separate
+[Humble Bundles][1], which increases the volume a lot. (I just realized I'd
+forgotten to record those purchases from the past several months.)
 
-Episode 4, _Crazy Diamond_
+   [1]: <https://www.humblebundle.com/books/>
 
-One of the stories most hollowed-out was _Sales Pitch_ which was the basis for
-Tony Grisoni’s episode _Crazy Diamond_ , starring Steve Buscemi and Sidse
-Babett Knudsen. Buscemi was good but Knudsen totally stole every frame she was
-in. Fans of the cancelled Channel 4 show _Utopia_ should enjoy this one: both
-were directed by Marc Munden and the directing, photography and colour balance
-really recall it.
+First, the individual books I bought directly:
 
-The last episode broadcast was _Real Life_ directed by Ronald D Moore of
-_Battlestar Galactica_ reboot fame and starring Anna Paquin. Like _Sales
-Pitch_ it bears very little resemblance to the original story. It played
-around with similar ideas explored in a lot of Sci-Fi movies and TV shows but
-left me a little flat; I didn't think it contributed much that I hadn't seen
-before. I was disappointed that there was a relatively conclusive ending.
-There was a subversive humour in the Dick short that was completely lost in
-the retelling. The world design seemed pretty generic.
+Ilona Andrews — Sweep in Peace (sff)  
+Ilona Andrews — One Fell Sweep (sff)  
+Steven Brust — Vallista (sff)  
+Nicky Drayden — The Prey of Gods (sff)  
+Meg Elison — The Book of the Unnamed Midwife (sff)  
+Pat Green — Night Moves (nonfiction)  
+Ann Leckie — Provenance (sff)  
+Seanan McGuire — Once Broken Faith (sff)  
+Seanan McGuire — The Brightest Fell (sff)  
+K. Arsenault Rivera — The Tiger's Daughter (sff)  
+Matthew Walker — Why We Sleep (nonfiction)  
 
-I'm looking forward to _Autofac_ , which is one of the shorts I can remember
-particularly enjoying.
+Some new books by favorite authors, a few new releases I heard good things
+about, and two (Night Moves and Why We Sleep) from references in on-line
+articles that impressed me.
 
-* * *
+The books from security bundles (this is mostly work reading, assuming I'll
+get to any of it), including a blockchain bundle:
 
-  1. as collected in the 5 volumes of _The Collected Stories of Philip K Dick_ , although I don't doubt there are some stragglers that were missed out when that series was compiled.[ ↩][3]
+Wil Allsop — Unauthorised Access (nonfiction)  
+Ross Anderson — Security Engineering (nonfiction)  
+Chris Anley, et al. — The Shellcoder's Handbook (nonfiction)  
+Conrad Barsky & Chris Wilmer — Bitcoin for the Befuddled (nonfiction)  
+Imran Bashir — Mastering Blockchain (nonfiction)  
+Richard Bejtlich — The Practice of Network Security (nonfiction)  
+Kariappa Bheemaiah — The Blockchain Alternative (nonfiction)  
+Violet Blue — Smart Girl's Guide to Privacy (nonfiction)  
+Richard Caetano — Learning Bitcoin (nonfiction)  
+Nick Cano — Game Hacking (nonfiction)  
+Bruce Dang, et al. — Practical Reverse Engineering (nonfiction)  
+Chris Dannen — Introducing Ethereum and Solidity (nonfiction)  
+Daniel Drescher — Blockchain Basics (nonfiction)  
+Chris Eagle — The IDA Pro Book, 2nd Edition (nonfiction)  
+Nikolay Elenkov — Android Security Internals (nonfiction)  
+Jon Erickson — Hacking, 2nd Edition (nonfiction)  
+Pedro Franco — Understanding Bitcoin (nonfiction)  
+Christopher Hadnagy — Social Engineering (nonfiction)  
+Peter N.M. Hansteen — The Book of PF (nonfiction)  
+Brian Kelly — The Bitcoin Big Bang (nonfiction)  
+David Kennedy, et al. — Metasploit (nonfiction)  
+Manul Laphroaig (ed.) — PoC || GTFO (nonfiction)  
+Michael Hale Ligh, et al. — The Art of Memory Forensics (nonfiction)  
+Michael Hale Ligh, et al. — Malware Analyst's Cookbook (nonfiction)  
+Michael W. Lucas — Absolute OpenBSD, 2nd Edition (nonfiction)  
+Bruce Nikkel — Practical Forensic Imaging (nonfiction)  
+Sean-Philip Oriyano — CEHv9 (nonfiction)  
+Kevin D. Mitnick — The Art of Deception (nonfiction)  
+Narayan Prusty — Building Blockchain Projects (nonfiction)  
+Prypto — Bitcoin for Dummies (nonfiction)  
+Chris Sanders — Practical Packet Analysis, 3rd Edition (nonfiction)  
+Bruce Schneier — Applied Cryptography (nonfiction)  
+Adam Shostack — Threat Modeling (nonfiction)  
+Craig Smith — The Car Hacker's Handbook (nonfiction)  
+Dafydd Stuttard & Marcus Pinto — The Web Application Hacker's Handbook
+(nonfiction)  
+Albert Szmigielski — Bitcoin Essentials (nonfiction)  
+David Thiel — iOS Application Security (nonfiction)  
+Georgia Weidman — Penetration Testing (nonfiction)  
 
-   [3]: <http://jmtd.net/log/#fnref:1>
+Finally, the two SF bundles:
 
+Buzz Aldrin & John Barnes — Encounter with Tiber (sff)  
+Poul Anderson — Orion Shall Rise (sff)  
+Greg Bear — The Forge of God (sff)  
+Octavia E. Butler — Dawn (sff)  
+William C. Dietz — Steelheart (sff)  
+J.L. Doty — A Choice of Treasons (sff)  
+Harlan Ellison — The City on the Edge of Forever (sff)  
+Toh Enjoe — Self-Reference ENGINE (sff)  
+David Feintuch — Midshipman's Hope (sff)  
+Alan Dean Foster — Icerigger (sff)  
+Alan Dean Foster — Mission to Moulokin (sff)  
+Alan Dean Foster — The Deluge Drivers (sff)  
+Taiyo Fujii — Orbital Cloud (sff)  
+Hideo Furukawa — Belka, Why Don't You Bark? (sff)  
+Haikasoru (ed.) — Saiensu Fikushon 2016 (sff anthology)  
+Joe Haldeman — All My Sins Remembered (sff)  
+Jyouji Hayashi — The Ouroboros Wave (sff)  
+Sergei Lukyanenko — The Genome (sff)  
+Chohei Kambayashi — Good Luck, Yukikaze (sff)  
+Chohei Kambayashi — Yukikaze (sff)  
+Sakyo Komatsu — Virus (sff)  
+Miyuki Miyabe — The Book of Heroes (sff)  
+Kazuki Sakuraba — Red Girls (sff)  
+Robert Silverberg — Across a Billion Years (sff)  
+Allen Steele — Orbital Decay (sff)  
+Bruce Sterling — Schismatrix Plus (sff)  
+Michael Swanwick — Vacuum Flowers (sff)  
+Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 1: Dawn (sff)  
+Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 2: Ambition (sff)  
+Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 3: Endurance (sff)  
+Tow Ubukata — Mardock Scramble (sff)  
+Sayuri Ueda — The Cage of Zeus (sff)  
+Sean Williams & Shane Dix — Echoes of Earth (sff)  
+Hiroshi Yamamoto — MM9 (sff)  
+Timothy Zahn — Blackcollar (sff)  
 
---===============testboundary==--
+Phew. Okay, all caught up, and hopefully won't have to dump something like
+this again in the near future. Also, more books than I have any actual time to
+read, but what else is new.
 
-From planet-debian Tue Oct 17 05:38:00 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Tue, 17 Oct 2017 05:38:00 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Russ Allbery: Bundle haul
-Message-ID: https-www-eyrie-org-eagle-journal-2017-10-002-html
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://www.eyrie.org/~eagle/journal/2017-10/002.html
 
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
@@ -2355,133 +2482,6 @@ Phew.  Okay, all caught up, and hopefully won't have to dump something
 like this again in the near future.  Also, more books than I have any
 actual time to read, but what else is new.
 </p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://www.eyrie.org/~eagle/journal/2017-10/002.html
-
-Confession time: I started making these posts (eons ago) because a close
-friend did as well, and I enjoyed reading them. But the main reason why I
-continue is because the primary way I have to keep track of the books I've
-bought and avoid duplicates is, well, grep on these posts.
-
-I should come up with a non-bullshit way of doing this, but time to do more
-elegant things is in short supply, and, well, it's my blog. So I'm boring all
-of you who read this in various places with my internal bookkeeping. I do try
-to at least add a bit of commentary.
-
-This one will be more tedious than most since it includes five separate
-[Humble Bundles][1], which increases the volume a lot. (I just realized I'd
-forgotten to record those purchases from the past several months.)
-
-   [1]: <https://www.humblebundle.com/books/>
-
-First, the individual books I bought directly:
-
-Ilona Andrews — Sweep in Peace (sff)  
-Ilona Andrews — One Fell Sweep (sff)  
-Steven Brust — Vallista (sff)  
-Nicky Drayden — The Prey of Gods (sff)  
-Meg Elison — The Book of the Unnamed Midwife (sff)  
-Pat Green — Night Moves (nonfiction)  
-Ann Leckie — Provenance (sff)  
-Seanan McGuire — Once Broken Faith (sff)  
-Seanan McGuire — The Brightest Fell (sff)  
-K. Arsenault Rivera — The Tiger's Daughter (sff)  
-Matthew Walker — Why We Sleep (nonfiction)  
-
-Some new books by favorite authors, a few new releases I heard good things
-about, and two (Night Moves and Why We Sleep) from references in on-line
-articles that impressed me.
-
-The books from security bundles (this is mostly work reading, assuming I'll
-get to any of it), including a blockchain bundle:
-
-Wil Allsop — Unauthorised Access (nonfiction)  
-Ross Anderson — Security Engineering (nonfiction)  
-Chris Anley, et al. — The Shellcoder's Handbook (nonfiction)  
-Conrad Barsky & Chris Wilmer — Bitcoin for the Befuddled (nonfiction)  
-Imran Bashir — Mastering Blockchain (nonfiction)  
-Richard Bejtlich — The Practice of Network Security (nonfiction)  
-Kariappa Bheemaiah — The Blockchain Alternative (nonfiction)  
-Violet Blue — Smart Girl's Guide to Privacy (nonfiction)  
-Richard Caetano — Learning Bitcoin (nonfiction)  
-Nick Cano — Game Hacking (nonfiction)  
-Bruce Dang, et al. — Practical Reverse Engineering (nonfiction)  
-Chris Dannen — Introducing Ethereum and Solidity (nonfiction)  
-Daniel Drescher — Blockchain Basics (nonfiction)  
-Chris Eagle — The IDA Pro Book, 2nd Edition (nonfiction)  
-Nikolay Elenkov — Android Security Internals (nonfiction)  
-Jon Erickson — Hacking, 2nd Edition (nonfiction)  
-Pedro Franco — Understanding Bitcoin (nonfiction)  
-Christopher Hadnagy — Social Engineering (nonfiction)  
-Peter N.M. Hansteen — The Book of PF (nonfiction)  
-Brian Kelly — The Bitcoin Big Bang (nonfiction)  
-David Kennedy, et al. — Metasploit (nonfiction)  
-Manul Laphroaig (ed.) — PoC || GTFO (nonfiction)  
-Michael Hale Ligh, et al. — The Art of Memory Forensics (nonfiction)  
-Michael Hale Ligh, et al. — Malware Analyst's Cookbook (nonfiction)  
-Michael W. Lucas — Absolute OpenBSD, 2nd Edition (nonfiction)  
-Bruce Nikkel — Practical Forensic Imaging (nonfiction)  
-Sean-Philip Oriyano — CEHv9 (nonfiction)  
-Kevin D. Mitnick — The Art of Deception (nonfiction)  
-Narayan Prusty — Building Blockchain Projects (nonfiction)  
-Prypto — Bitcoin for Dummies (nonfiction)  
-Chris Sanders — Practical Packet Analysis, 3rd Edition (nonfiction)  
-Bruce Schneier — Applied Cryptography (nonfiction)  
-Adam Shostack — Threat Modeling (nonfiction)  
-Craig Smith — The Car Hacker's Handbook (nonfiction)  
-Dafydd Stuttard & Marcus Pinto — The Web Application Hacker's Handbook
-(nonfiction)  
-Albert Szmigielski — Bitcoin Essentials (nonfiction)  
-David Thiel — iOS Application Security (nonfiction)  
-Georgia Weidman — Penetration Testing (nonfiction)  
-
-Finally, the two SF bundles:
-
-Buzz Aldrin & John Barnes — Encounter with Tiber (sff)  
-Poul Anderson — Orion Shall Rise (sff)  
-Greg Bear — The Forge of God (sff)  
-Octavia E. Butler — Dawn (sff)  
-William C. Dietz — Steelheart (sff)  
-J.L. Doty — A Choice of Treasons (sff)  
-Harlan Ellison — The City on the Edge of Forever (sff)  
-Toh Enjoe — Self-Reference ENGINE (sff)  
-David Feintuch — Midshipman's Hope (sff)  
-Alan Dean Foster — Icerigger (sff)  
-Alan Dean Foster — Mission to Moulokin (sff)  
-Alan Dean Foster — The Deluge Drivers (sff)  
-Taiyo Fujii — Orbital Cloud (sff)  
-Hideo Furukawa — Belka, Why Don't You Bark? (sff)  
-Haikasoru (ed.) — Saiensu Fikushon 2016 (sff anthology)  
-Joe Haldeman — All My Sins Remembered (sff)  
-Jyouji Hayashi — The Ouroboros Wave (sff)  
-Sergei Lukyanenko — The Genome (sff)  
-Chohei Kambayashi — Good Luck, Yukikaze (sff)  
-Chohei Kambayashi — Yukikaze (sff)  
-Sakyo Komatsu — Virus (sff)  
-Miyuki Miyabe — The Book of Heroes (sff)  
-Kazuki Sakuraba — Red Girls (sff)  
-Robert Silverberg — Across a Billion Years (sff)  
-Allen Steele — Orbital Decay (sff)  
-Bruce Sterling — Schismatrix Plus (sff)  
-Michael Swanwick — Vacuum Flowers (sff)  
-Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 1: Dawn (sff)  
-Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 2: Ambition (sff)  
-Yoshiki Tanaka — Legend of the Galactic Heroes, Volume 3: Endurance (sff)  
-Tow Ubukata — Mardock Scramble (sff)  
-Sayuri Ueda — The Cage of Zeus (sff)  
-Sean Williams & Shane Dix — Echoes of Earth (sff)  
-Hiroshi Yamamoto — MM9 (sff)  
-Timothy Zahn — Blackcollar (sff)  
-
-Phew. Okay, all caught up, and hopefully won't have to dump something like
-this again in the near future. Also, more books than I have any actual time to
-read, but what else is new.
-
-
 --===============testboundary==--
 
 From planet-debian Tue Oct 17 05:22:48 2017
@@ -2492,25 +2492,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Norbert Preining: Japanese TeX User Meeting 2017
 Message-ID: https-www-preining-info-blog-p-6823
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://www.preining.info/blog/2017/10/japanese-tex-user-meeting-2017/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p><img alt="" class="alignleft size-full wp-image-6825" height="128" src="https://www.preining.info/blog/wp-content/uploads/2017/10/texconf2017.png" width="128" />Last saturday the <a href="https://texconf2017.tumblr.com/">Japanese TeX User Meeting</a> took place in Fujisawa, Kanagawa. For those who have been at the <a href="https://tug.org/tug2013/">TUG 2013</a> in Tokyo you will remember that the Japanese TeX community is quite big and vibrant. On Saturday about 50 users and developers gathered for a set of talks on a variety of topics.</p>
-<p>The first talk was by <a href="https://www.lambdanote.com/">Keiichiro Shikano (鹿野 桂一郎)</a> on using Markup text to generate (La)TeX and HTML. He presented a variety of markup formats, including his own tool <a href="https://github.com/k16shikano/xml2tex">xml2tex</a>.</p>
-<p>The second talk was my <a href="http://www.trueroad.jp/">Masamichi Hosoda (細田 真道)</a> on reducing the size of PDF files using PDFmark extraction. As a contributor to many projects including <a href="https://www.gnu.org/software/texinfo/">Texinfo</a> and <a href="http://lilypond.org/">LilyPond</a>, Masamichi Hosoda tells us horror stories about multiple font embedding in the manual of LilyPond, the permanent need for adaption to newer <a href="https://www.ghostscript.com/">Ghostscript</a> versions, and the very recent development in Ghostscript prohibiting the merge of font definitions in PDF files.</p>
-<p>Next up was Yusuke Terada (寺田 侑祐) on grading exams using TeX. Working through hundreds and hundreds of exams and do the grading is something many of us are used to and I think nobody really enjoys it. Yusuke Terada has combined various tools, including scans, pdf merging using pdfpages, to generate gradable PDF which were then checked on an iPad. On the way he did hit some limits in dvipdfmx on the number of images, but this was obviously only a small bump on the road. Now if that could be automatized as a nice application, it would be a big hit I guess!</p>
-<p>The forth talk was by Satoshi Yamashita (山下 哲) on the preparation of slides using <a href="http://ketpic.com/">KETpic</a>. KETpic is a long running project by Setsuo Takato (高遠節夫) for the generation of graphics, in particular using <a href="https://www.cinderella.de/">Cinderella</a>. KETpic and KETcindy integrates with lots of algebraic and statistical programs (R, Maxima, SciLab, …) and has a long history of development. Currently there are activities to incorporate it into TeX Live.</p>
-<p>The fifth talk was by Takuto Asakura (朝倉 卓人) on programming TeX using <a href="https://ctan.org/pkg/expl3">expl3</a>, the main building block of the <a href="http://www.latex-project.org/latex3/">LaTeX3 project</a> and already adopted by many TeX developers. Takuto Asakura came to fame on this years <a href="http://www.gust.org.pl/bachotex/2017-en/">TUG/BachoTeX 2017</a> when he won the <a href="http://www.gust.org.pl/bachotex/wjmartin-en">W. J. Martin Prize</a> for his presentation <a href="http://www.gust.org.pl/bachotex/2017-en/program#Asakura_1">Implementing bioinformatics algorithms in TeX</a>. I think we can expect great new developments from Takuto!</p>
-<p>The last talk was by myself on fmtutil and updmap, two of the main management programs in any TeX installation, presenting the changes introduced over the last year, including the most recent release of TeX Live. Details have been posted on my blog, and a lengthy <a href="https://www.tug.org/TUGboat/tb38-2/tb119preining.pdf">article</a> in <a href="https://www.tug.org/TUGboat/tb38-2/">TUGboat 38:2, 2017</a> is available on this topic, too.</p>
-<p>After the conference about half of the participants joined a social dinner in a nearby Izakaya, followed by a after-dinner beer tasting at a local craft beer place. Thanks to Tatsuyoshi Hamada for the organization.</p>
-<p>As usual, the Japanese TeX User Meetings are a great opportunity to discuss new features and make new friends. I am always grateful to be part of this very nice community! I am looking forward to the next year’s meeting.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -2597,6 +2583,20 @@ new features and make new friends. I am always grateful to be part of this
 very nice community! I am looking forward to the next year’s meeting.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p><img alt="" class="alignleft size-full wp-image-6825" height="128" src="https://www.preining.info/blog/wp-content/uploads/2017/10/texconf2017.png" width="128" />Last saturday the <a href="https://texconf2017.tumblr.com/">Japanese TeX User Meeting</a> took place in Fujisawa, Kanagawa. For those who have been at the <a href="https://tug.org/tug2013/">TUG 2013</a> in Tokyo you will remember that the Japanese TeX community is quite big and vibrant. On Saturday about 50 users and developers gathered for a set of talks on a variety of topics.</p>
+<p>The first talk was by <a href="https://www.lambdanote.com/">Keiichiro Shikano (鹿野 桂一郎)</a> on using Markup text to generate (La)TeX and HTML. He presented a variety of markup formats, including his own tool <a href="https://github.com/k16shikano/xml2tex">xml2tex</a>.</p>
+<p>The second talk was my <a href="http://www.trueroad.jp/">Masamichi Hosoda (細田 真道)</a> on reducing the size of PDF files using PDFmark extraction. As a contributor to many projects including <a href="https://www.gnu.org/software/texinfo/">Texinfo</a> and <a href="http://lilypond.org/">LilyPond</a>, Masamichi Hosoda tells us horror stories about multiple font embedding in the manual of LilyPond, the permanent need for adaption to newer <a href="https://www.ghostscript.com/">Ghostscript</a> versions, and the very recent development in Ghostscript prohibiting the merge of font definitions in PDF files.</p>
+<p>Next up was Yusuke Terada (寺田 侑祐) on grading exams using TeX. Working through hundreds and hundreds of exams and do the grading is something many of us are used to and I think nobody really enjoys it. Yusuke Terada has combined various tools, including scans, pdf merging using pdfpages, to generate gradable PDF which were then checked on an iPad. On the way he did hit some limits in dvipdfmx on the number of images, but this was obviously only a small bump on the road. Now if that could be automatized as a nice application, it would be a big hit I guess!</p>
+<p>The forth talk was by Satoshi Yamashita (山下 哲) on the preparation of slides using <a href="http://ketpic.com/">KETpic</a>. KETpic is a long running project by Setsuo Takato (高遠節夫) for the generation of graphics, in particular using <a href="https://www.cinderella.de/">Cinderella</a>. KETpic and KETcindy integrates with lots of algebraic and statistical programs (R, Maxima, SciLab, …) and has a long history of development. Currently there are activities to incorporate it into TeX Live.</p>
+<p>The fifth talk was by Takuto Asakura (朝倉 卓人) on programming TeX using <a href="https://ctan.org/pkg/expl3">expl3</a>, the main building block of the <a href="http://www.latex-project.org/latex3/">LaTeX3 project</a> and already adopted by many TeX developers. Takuto Asakura came to fame on this years <a href="http://www.gust.org.pl/bachotex/2017-en/">TUG/BachoTeX 2017</a> when he won the <a href="http://www.gust.org.pl/bachotex/wjmartin-en">W. J. Martin Prize</a> for his presentation <a href="http://www.gust.org.pl/bachotex/2017-en/program#Asakura_1">Implementing bioinformatics algorithms in TeX</a>. I think we can expect great new developments from Takuto!</p>
+<p>The last talk was by myself on fmtutil and updmap, two of the main management programs in any TeX installation, presenting the changes introduced over the last year, including the most recent release of TeX Live. Details have been posted on my blog, and a lengthy <a href="https://www.tug.org/TUGboat/tb38-2/tb119preining.pdf">article</a> in <a href="https://www.tug.org/TUGboat/tb38-2/">TUGboat 38:2, 2017</a> is available on this topic, too.</p>
+<p>After the conference about half of the participants joined a social dinner in a nearby Izakaya, followed by a after-dinner beer tasting at a local craft beer place. Thanks to Tatsuyoshi Hamada for the organization.</p>
+<p>As usual, the Japanese TeX User Meetings are a great opportunity to discuss new features and make new friends. I am always grateful to be part of this very nice community! I am looking forward to the next year’s meeting.</p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 17 05:10:20 2017
@@ -2607,41 +2607,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: =?utf-8?q?Fran=C3=A7ois_Marier=3A_Checking_Your_Passwords_Against_the_Have_I_Been_Pwned_List?=
 Message-ID: http-feeding-cloud-geek-nz-posts-checking-your-passwords-against-hibp
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://feeding.cloud.geek.nz/posts/checking-your-passwords-against-hibp/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<p>Two months ago, Troy Hunt, the security professional behind
-<a href="https://haveibeenpwned.com/">Have I been pwned?</a>,
-<a href="https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/">released</a>
-an incredibly comprehensive
-<a href="https://haveibeenpwned.com/Passwords">password list</a> in the hope that it
-would allow web developers to steer their users away from passwords that
-have been compromised in past breaches.</p>
-
-<p>While the list released by HIBP is hashed, the plaintext passwords are out
-there and one should assume that password crackers have access to them.
-So if you use a password on that list, you can be fairly confident
-that it's very easy to guess or crack your password.</p>
-
-<p>I wanted to check my <strong>active</strong> passwords against that list to check whether
-or not any of them are compromised and should be changed immediately. This
-meant that I needed to download the list and do these lookups locally since
-it's not a good idea to send your current passwords to this third-party
-service.</p>
-
-<p>I put my tool up on <a href="https://launchpad.net/hibp-pwlookup">Launchpad</a> /
-<a href="https://pypi.python.org/pypi/hibp-pwlookup">PyPI</a> and you are more than
-welcome to give it a go. Install <a href="https://www.postgresql.org/">Postgres</a> and
-<a href="http://initd.org/psycopg/">Psycopg2</a> and then follow the
-<a href="https://git.launchpad.net/hibp-pwlookup/tree/README.txt">README instructions</a>
-to setup your database.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -2680,6 +2650,36 @@ to give it a go. Install [Postgres][6] and [Psycopg2][7] and then follow the
    [8]: <https://git.launchpad.net/hibp-pwlookup/tree/README.txt>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<p>Two months ago, Troy Hunt, the security professional behind
+<a href="https://haveibeenpwned.com/">Have I been pwned?</a>,
+<a href="https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/">released</a>
+an incredibly comprehensive
+<a href="https://haveibeenpwned.com/Passwords">password list</a> in the hope that it
+would allow web developers to steer their users away from passwords that
+have been compromised in past breaches.</p>
+
+<p>While the list released by HIBP is hashed, the plaintext passwords are out
+there and one should assume that password crackers have access to them.
+So if you use a password on that list, you can be fairly confident
+that it's very easy to guess or crack your password.</p>
+
+<p>I wanted to check my <strong>active</strong> passwords against that list to check whether
+or not any of them are compromised and should be changed immediately. This
+meant that I needed to download the list and do these lookups locally since
+it's not a good idea to send your current passwords to this third-party
+service.</p>
+
+<p>I put my tool up on <a href="https://launchpad.net/hibp-pwlookup">Launchpad</a> /
+<a href="https://pypi.python.org/pypi/hibp-pwlookup">PyPI</a> and you are more than
+welcome to give it a go. Install <a href="https://www.postgresql.org/">Postgres</a> and
+<a href="http://initd.org/psycopg/">Psycopg2</a> and then follow the
+<a href="https://git.launchpad.net/hibp-pwlookup/tree/README.txt">README instructions</a>
+to setup your database.</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct 16 18:23:45 2017
@@ -2690,31 +2690,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Gustavo Noronha Silva: Who knew we still had low-hanging fruits?
 Message-ID: https-blog-kov-eti-br-p-402
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
-Archived-At: https://blog.kov.eti.br/2017/10/who-knew-we-still-had-low-hanging-fruits/
-
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/kov.png" width="65" height="86" alt="" align="right" style="float: right;">  <p>Earlier this month I had the pleasure of attending the Web Engines Hackfest, hosted by Igalia at their offices in A Coruña, and also sponsored by my employer, <a href="http://collabora.com/" title="Collabora Ltd.">Collabora</a>, Google and Mozilla. It has grown a lot and we had many new people this year.</p>
-<p>Fun fact: I am one of the 3 or 4 people who have attended all of the editions of the hackfest since its inception in 2009, when it was called WebKitGTK+ hackfest \o/</p>
-<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_204405.jpg"><img alt="20171002_204405" class="alignright size-large wp-image-404" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_204405-1024x576.jpg" width="660" /></a></p>
-<p>It was a great get together where I met many friends and made some new ones. Had plenty of discussions, mainly with <a href="https://blogs.igalia.com/tonikitoo/">Antonio Gomes</a> and Google’s Robert Kroeger, about the way forward for Chromium on Wayland.</p>
-<p>We had the opportunity of explaining how we at Collabora cooperated with igalians to implemented and optimise a Wayland nested compositor for WebKit2 to share buffers between processes in an efficient way even on broken drivers. Most of the discussions and some of the work that led to this was done in <a href="https://blog.kov.eti.br/2016/09/webkitgtk-2-14-and-the-web-engines-hackfest/" title="WebKitGTK+ 2.14 and the Web Engines Hackfest">previous</a> <a href="https://blog.kov.eti.br/2016/10/web-engines-hackfest-2016/" title="Web Engines Hackfest 2016!">hackfests</a>, by the way!</p>
-<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_193518.jpg"><img alt="20171002_193518" class="alignright size-large wp-image-405" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_193518-1024x576.jpg" width="660" /></a></p>
-<p>The idea seems to have been mostly welcomed, the only concern being that Wayland’s interfaces would need to be tested for security (fuzzed). So we may end up going that same route with Chromium for allowing process separation between the UI and GPU (being renamed Viz, currently) processes.</p>
-<p>On another note, and going back to the title of the post, at Collabora we have recently adopted <a href="https://about.mattermost.com/">Mattermost</a> to replace our internal IRC server. Many Collaborans have decided to use Mattermost through an Epiphany Web Application or through a simple Python application that just shows a GTK+ window wrapping a WebKitGTK+ WebView.</p>
-<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_101952.jpg"><img alt="20171002_101952" class="alignright size-large wp-image-407" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_101952-1024x576.jpg" width="660" /></a></p>
-<p>Some people noticed that when the connection was lost Mattermost would take a very long time to notice and reconnect – its web sockets were taking a long, long time to timeout, according to our colleague Andrew Shadura.</p>
-<p>I did some quick searching on the codebase and noticed WebCore has a NetworkStateNotifier interface that it uses to get notified when connection changes. That was not implemented for WebKitGTK+, so it was likely what caused stuff to linger when a connection hiccup happened. Given we have <a href="https://developer.gnome.org/gio/stable/GNetworkMonitor.html">GNetworkMonitor</a>, implementation of the missing interfaces required only <a href="https://bugs.webkit.org/attachment.cgi?id=322383&amp;action=prettypatch">3 lines of actual code</a> (plus the necessary boilerplate)!</p>
-<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/Screenshot-from-2017-10-16-11-13-39.png"><img alt="screenshot-from-2017-10-16-11-13-39" class="alignright size-large wp-image-406" height="152" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/Screenshot-from-2017-10-16-11-13-39-1024x236.png" width="660" /></a></p>
-<p>I was surprised to still find such as low hanging fruit in WebKitGTK+, so I decided to look for more. Turns out WebCore also has a notifier for low power situations, which was implemented only by the iOS port, and causes the engine to throttle some timers and avoid some expensive checks it would do in normal situations. This required a few more lines to implement using upower-glib, but <a href="https://bugs.webkit.org/attachment.cgi?id=322532&amp;action=prettypatch">not that many either</a>!</p>
-<p>That was the fun I had during the hackfest in terms of coding. Mostly I had fun just lurking in break out sessions discussing the past, present and future of tech such as WebRTC, Servo, Rust, WebKit, Chromium, WebVR, and more. I also beat a few challengers in Street Fighter 2, as usual.</p>
-<p>I’d like to say thanks to Collabora, Igalia, Google, and Mozilla for sponsoring and attending the hackfest. Thanks to Igalia for hosting and to Collabora for sponsoring my attendance along with two other Collaborans. It was a great hackfest and I’m looking forward to the next one! See you in 2018 =)</p>
+Archived-At: https://blog.kov.eti.br/2017/10/who-knew-we-still-had-low-hanging-fruits/
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -2807,6 +2787,26 @@ was a great hackfest and I’m looking forward to the next one! See you in 2018
 =)
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/kov.png" width="65" height="86" alt="" align="right" style="float: right;">  <p>Earlier this month I had the pleasure of attending the Web Engines Hackfest, hosted by Igalia at their offices in A Coruña, and also sponsored by my employer, <a href="http://collabora.com/" title="Collabora Ltd.">Collabora</a>, Google and Mozilla. It has grown a lot and we had many new people this year.</p>
+<p>Fun fact: I am one of the 3 or 4 people who have attended all of the editions of the hackfest since its inception in 2009, when it was called WebKitGTK+ hackfest \o/</p>
+<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_204405.jpg"><img alt="20171002_204405" class="alignright size-large wp-image-404" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_204405-1024x576.jpg" width="660" /></a></p>
+<p>It was a great get together where I met many friends and made some new ones. Had plenty of discussions, mainly with <a href="https://blogs.igalia.com/tonikitoo/">Antonio Gomes</a> and Google’s Robert Kroeger, about the way forward for Chromium on Wayland.</p>
+<p>We had the opportunity of explaining how we at Collabora cooperated with igalians to implemented and optimise a Wayland nested compositor for WebKit2 to share buffers between processes in an efficient way even on broken drivers. Most of the discussions and some of the work that led to this was done in <a href="https://blog.kov.eti.br/2016/09/webkitgtk-2-14-and-the-web-engines-hackfest/" title="WebKitGTK+ 2.14 and the Web Engines Hackfest">previous</a> <a href="https://blog.kov.eti.br/2016/10/web-engines-hackfest-2016/" title="Web Engines Hackfest 2016!">hackfests</a>, by the way!</p>
+<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_193518.jpg"><img alt="20171002_193518" class="alignright size-large wp-image-405" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_193518-1024x576.jpg" width="660" /></a></p>
+<p>The idea seems to have been mostly welcomed, the only concern being that Wayland’s interfaces would need to be tested for security (fuzzed). So we may end up going that same route with Chromium for allowing process separation between the UI and GPU (being renamed Viz, currently) processes.</p>
+<p>On another note, and going back to the title of the post, at Collabora we have recently adopted <a href="https://about.mattermost.com/">Mattermost</a> to replace our internal IRC server. Many Collaborans have decided to use Mattermost through an Epiphany Web Application or through a simple Python application that just shows a GTK+ window wrapping a WebKitGTK+ WebView.</p>
+<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_101952.jpg"><img alt="20171002_101952" class="alignright size-large wp-image-407" height="371" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/20171002_101952-1024x576.jpg" width="660" /></a></p>
+<p>Some people noticed that when the connection was lost Mattermost would take a very long time to notice and reconnect – its web sockets were taking a long, long time to timeout, according to our colleague Andrew Shadura.</p>
+<p>I did some quick searching on the codebase and noticed WebCore has a NetworkStateNotifier interface that it uses to get notified when connection changes. That was not implemented for WebKitGTK+, so it was likely what caused stuff to linger when a connection hiccup happened. Given we have <a href="https://developer.gnome.org/gio/stable/GNetworkMonitor.html">GNetworkMonitor</a>, implementation of the missing interfaces required only <a href="https://bugs.webkit.org/attachment.cgi?id=322383&amp;action=prettypatch">3 lines of actual code</a> (plus the necessary boilerplate)!</p>
+<p><a href="https://blog.kov.eti.br/wp-content/uploads/2017/10/Screenshot-from-2017-10-16-11-13-39.png"><img alt="screenshot-from-2017-10-16-11-13-39" class="alignright size-large wp-image-406" height="152" src="https://blog.kov.eti.br/wp-content/uploads/2017/10/Screenshot-from-2017-10-16-11-13-39-1024x236.png" width="660" /></a></p>
+<p>I was surprised to still find such as low hanging fruit in WebKitGTK+, so I decided to look for more. Turns out WebCore also has a notifier for low power situations, which was implemented only by the iOS port, and causes the engine to throttle some timers and avoid some expensive checks it would do in normal situations. This required a few more lines to implement using upower-glib, but <a href="https://bugs.webkit.org/attachment.cgi?id=322532&amp;action=prettypatch">not that many either</a>!</p>
+<p>That was the fun I had during the hackfest in terms of coding. Mostly I had fun just lurking in break out sessions discussing the past, present and future of tech such as WebRTC, Servo, Rust, WebKit, Chromium, WebVR, and more. I also beat a few challengers in Street Fighter 2, as usual.</p>
+<p>I’d like to say thanks to Collabora, Igalia, Google, and Mozilla for sponsoring and attending the hackfest. Thanks to Igalia for hosting and to Collabora for sponsoring my attendance along with two other Collaborans. It was a great hackfest and I’m looking forward to the next one! See you in 2018 =)</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct 16 15:32:01 2017
@@ -2817,28 +2817,11 @@ To: to@example.com
 From: Yves-Alexis <corsac@debian.org>
 Subject: Yves-Alexis Perez: OpenPGP smartcard transition (part 1.5)
 Message-ID: http-www-corsac-net-rub-blog-post-1589
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.corsac.net/?rub=blog&post=1589
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/corsac-planet.png" width="80" height="81" alt="" align="right" style="float: right;">  <p>Following the news about the ROCA vulnerability (weak key
-generation in Infineon-based smartcards, more info <a href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17">here</a> and
-<a href="https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/">
-here</a>) I can confirm that the Almex smartcard I mentionned on
-<a href="https://www.corsac.net/index.php?rub=blog&amp;post=1588">my last post</a> (which
-are Infineon based) are indeed vulnerable.</p>
-<p>I've contacted Almex to have more details, but if you were
-interested in buying that smartcard, you might want to refrain for
-now.</p>
-<p>It does *not* affect keys generated off-card and later injected
-(the process I use myself).</p>
-<p> </p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -2859,6 +2842,23 @@ It does *not* affect keys generated off-card and later injected (the process I
 use myself).
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/corsac-planet.png" width="80" height="81" alt="" align="right" style="float: right;">  <p>Following the news about the ROCA vulnerability (weak key
+generation in Infineon-based smartcards, more info <a href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17">here</a> and
+<a href="https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/">
+here</a>) I can confirm that the Almex smartcard I mentionned on
+<a href="https://www.corsac.net/index.php?rub=blog&amp;post=1588">my last post</a> (which
+are Infineon based) are indeed vulnerable.</p>
+<p>I've contacted Almex to have more details, but if you were
+interested in buying that smartcard, you might want to refrain for
+now.</p>
+<p>It does *not* affect keys generated off-card and later injected
+(the process I use myself).</p>
+<p> </p>
 --===============testboundary==--
 
 From planet-debian Mon Oct 16 08:00:00 2017
@@ -2869,11 +2869,79 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Iain R. Learmonth: No more no surprises
 Message-ID: https-iain-learmonth-me-blog-2017-2017w421
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://iain.learmonth.me/blog/2017/2017w421/
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+https://iain.learmonth.me/blog/2017/2017w421/
+
+[Debian][1] has generally always had, as a rule, “sane defaults” and “no
+surprises”. This was completely shattered for me when [Vim][2] decided to
+hijack the mouse from my terminal and break all copy/paste functionality. This
+has occured since the release of Debian 9.
+
+   [1]: <https://www.debian.org/>
+   [2]: <http://www.vim.org/>
+
+I expect for my terminal to behave consistently, and this is broken every time
+I log in to a Debian 9 system where I have not configured Vim to disable this
+functionality. I also see I’m [not][3] [alone][4] [in][5] [this][6]
+[frustration][7].
+
+   [3]: <https://www.preining.info/blog/2017/10/fixing-vim-in-debian/?utm_source=dlvr.it&utm_medium=twitter>
+   [4]: <https://unix.stackexchange.com/questions/318824/vim-cutpaste-not-working-in-stretch-debian-9>
+   [5]: <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839112>
+   [6]: <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864074>
+   [7]: <https://unix.stackexchange.com/questions/187695/how-to-disable-mouse-support-in-terminal>
+
+To fix this, in your `.vimrc`:
+
+    
+    
+    if !has("gui_running")
+      set mouse=
+    endif
+    
+
+(This will check to see if your using GVim or similar, where it would be
+reasonable to expect the mouse to work.)
+
+This is perhaps not aggresive enough though. I _never_ want to have console
+applications trying to use the mouse. I’ve configured rxvt to do things like
+open URLs in Firefox, etc. that I always want to work, and I always want my
+local clipboard to be used so I can copy/paste between remote machines.
+
+I’ve found a [small patch][8] that would appear to disable mouse reporting for
+rxvt, but unfortunately I cannot do this through an Xresources option. If
+someone is looking for something to do for [Hacktoberfest][9], I’d love to see
+this be an option for rxvt without re-compiling:
+
+    
+       [8]: <https://gist.github.com/matildah/a467a5f45ae7e1a173a16da41640778f>
+   [9]: <https://hacktoberfest.digitalocean.com/>
+
+    diff --git a/src/rxvt.h b/src/rxvt.h
+    index 5c7cf66..2751ba3 100644
+    --- a/src/rxvt.h
+    +++ b/src/rxvt.h
+    @@ -646,7 +646,7 @@ enum {
+     #define PrivMode_ExtMouseRight  (1UL<<24) // xterm pseudo-utf-8, but works in non-utf-8-locales
+     #define PrivMode_BlinkingCursor (1UL<<25)
+     
+    -#define PrivMode_mouse_report   (PrivMode_MouseX10|PrivMode_MouseX11|PrivMode_MouseBtnEvent|PrivMode_MouseAnyEvent)
+    +#define PrivMode_mouse_report   0 /* (PrivMode_MouseX10|PrivMode_MouseX11|PrivMode_MouseBtnEvent|PrivMode_MouseAnyEvent) */
+     
+     #ifdef ALLOW_132_MODE
+     # define PrivMode_Default (PrivMode_Autowrap|PrivMode_ShiftKeys|PrivMode_VisibleCursor|PrivMode_132OK)
+    
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
@@ -2924,88 +2992,125 @@ this be an option for rxvt without re-compiling:</p>
  #ifdef ALLOW_132_MODE
  # define PrivMode_Default (PrivMode_Autowrap|PrivMode_ShiftKeys|PrivMode_VisibleCursor|PrivMode_132OK)
 </pre></div>
+--===============testboundary==--
+
+From planet-debian Mon Oct 16 04:47:00 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Mon, 16 Oct 2017 04:47:00 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Russ Allbery: Free software log (September 2017)
+Message-ID: https-www-eyrie-org-eagle-journal-2017-10-001-html
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://www.eyrie.org/~eagle/journal/2017-10/001.html
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-https://iain.learmonth.me/blog/2017/2017w421/
+https://www.eyrie.org/~eagle/journal/2017-10/001.html
 
-[Debian][1] has generally always had, as a rule, “sane defaults” and “no
-surprises”. This was completely shattered for me when [Vim][2] decided to
-hijack the mouse from my terminal and break all copy/paste functionality. This
-has occured since the release of Debian 9.
+I said that I was going to start writing these regularly, so I'm going to
+stick to it, even when the results are rather underwhelming. One of the goals
+is to make the time for more free software work, and I do better at doing
+things that I record.
 
-   [1]: <https://www.debian.org/>
-   [2]: <http://www.vim.org/>
+The only piece of free software work for September was that I made [rra-c-
+util][1] compile cleanly with the Clang static analyzer. This was fairly
+tedious work that mostly involved unconfusing the compiler or converting
+(semi-intentional) crashes into explicit asserts, but it unblocks using the
+Clang static analyzer as part of the automated test suite of my other projects
+that are downstream of rra-c-util.
 
-I expect for my terminal to behave consistently, and this is broken every time
-I log in to a Debian 9 system where I have not configured Vim to disable this
-functionality. I also see I’m [not][3] [alone][4] [in][5] [this][6]
-[frustration][7].
+   [1]: <https://www.eyrie.org/~eagle/software/rra-c-util/>
 
-   [3]: <https://www.preining.info/blog/2017/10/fixing-vim-in-debian/?utm_source=dlvr.it&utm_medium=twitter>
-   [4]: <https://unix.stackexchange.com/questions/318824/vim-cutpaste-not-working-in-stretch-debian-9>
-   [5]: <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839112>
-   [6]: <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864074>
-   [7]: <https://unix.stackexchange.com/questions/187695/how-to-disable-mouse-support-in-terminal>
+One of the semantic changes I made was that the vector utilities in rra-c-util
+(which maintain a resizable array of strings) now always allocate room for at
+least one string pointer. This wastes a small amount of memory for empty
+vectors that are never used, but ensures that the `strings` struct member is
+always valid. This isn't, strictly speaking, a correctness fix, since all the
+checks were correct, but after some thought, I decided that humans might have
+the same problem that the static analyzer had. It's a lot easier to reason
+about a field that's never NULL. Similarly, the replacement function for a
+missing `reallocarray` now does an allocation of size 1 if given a size of 0,
+just to avoid edge case behavior. (I'm sure the behavior of a realloc with
+size 0 is defined somewhere in the C standard, but if I have to look it up,
+I'd rather not make a human reason about it.)
 
-To fix this, in your `.vimrc`:
+I started on, but didn't finish, making rra-c-util compile without Clang
+warnings (at least for a chosen set of warnings). By far the hardest problem
+here are the Clang warnings for comparisons between unsigned and signed
+integers. In theory, I like this warning, since it's the cause of a lot of
+very obscure bugs. In practice, gah does C ever do this all over the place,
+and it's incredibly painful to avoid. (One of the biggest offenders is
+`write`, which returns a `ssize_t` that you almost always want to compare
+against a `size_t`.) I did a bunch of mechanical work, but I now have a lot of
+bits of code like:
 
     
     
-    if !has("gui_running")
-      set mouse=
-    endif
+         if (status < 0)
+             return;
+        written = (size_t) status;
+        if (written < avail)
+            buffer->left += written;
     
 
-(This will check to see if your using GVim or similar, where it would be
-reasonable to expect the mouse to work.)
+which is ugly and unsatisfying. And I also have a ton of casts, such as with:
 
-This is perhaps not aggresive enough though. I _never_ want to have console
-applications trying to use the mouse. I’ve configured rxvt to do things like
-open URLs in Firefox, etc. that I always want to work, and I always want my
-local clipboard to be used so I can copy/paste between remote machines.
+    
+    
+        buffer_resize(buffer, (size_t) st.st_size + used);
+    
 
-I’ve found a [small patch][8] that would appear to disable mouse reporting for
-rxvt, but unfortunately I cannot do this through an Xresources option. If
-someone is looking for something to do for [Hacktoberfest][9], I’d love to see
-this be an option for rxvt without re-compiling:
+since `st.st_size` is an `off_t`, which may be signed. This is all deeply
+unsatisfying and ugly, and I think it makes the code moderately harder to
+read, but I do think the warning will potentially catch bugs and even security
+issues.
 
-    
-       [8]: <https://gist.github.com/matildah/a467a5f45ae7e1a173a16da41640778f>
-   [9]: <https://hacktoberfest.digitalocean.com/>
+I'm still torn. Maybe I can find some nice macros or programming styles to
+avoid the worst of this problem. It definitely requires more thought, rather
+than just committing this huge mechanical change with lots of ugly code.
 
-    diff --git a/src/rxvt.h b/src/rxvt.h
-    index 5c7cf66..2751ba3 100644
-    --- a/src/rxvt.h
-    +++ b/src/rxvt.h
-    @@ -646,7 +646,7 @@ enum {
-     #define PrivMode_ExtMouseRight  (1UL<<24) // xterm pseudo-utf-8, but works in non-utf-8-locales
-     #define PrivMode_BlinkingCursor (1UL<<25)
-     
-    -#define PrivMode_mouse_report   (PrivMode_MouseX10|PrivMode_MouseX11|PrivMode_MouseBtnEvent|PrivMode_MouseAnyEvent)
-    +#define PrivMode_mouse_report   0 /* (PrivMode_MouseX10|PrivMode_MouseX11|PrivMode_MouseBtnEvent|PrivMode_MouseAnyEvent) */
-     
-     #ifdef ALLOW_132_MODE
-     # define PrivMode_Default (PrivMode_Autowrap|PrivMode_ShiftKeys|PrivMode_VisibleCursor|PrivMode_132OK)
-    
+Mostly, this kind of nonsense makes me want to stop working on C code and go
+finish learning Rust....
+
+Anyway, apart from work, the biggest thing I managed to do last month that was
+vaguely related to free software was upgrading my personal servers to stretch
+(finally). That mostly went okay; only a few things made it unnecessarily
+exciting.
+
+The first was that one of my systems had a very tiny / partition that was too
+small to hold the downloaded debs for the upgrade, so I had to resize it (VM
+disk, partition, and file system), and that was a bit exciting because it has
+an old-style DOS partition table that isn't aligned (hmmm, which is probably
+why disk I/O is so slow on those VMs), so I had to use the obsolete `fdisk
+-c=dos` mode because I wasn't up for replacing the partition right then.
 
+The second was that my first try at an upgrade died with a segfault during the
+libc6 postinst and then every executable segfaulted. A mild panic and a rescue
+disk later (and thirty minutes and a lot of swearing), I tracked the problem
+down to libc6-xen. Nothing in the dependency structure between jessie and
+stretch forces libc6-xen to be upgraded in lockstep or removed, but it's
+earlier in the search path. So ld.so gets upgraded, and then finds the old
+libc6 from the libc6-xen package, and the mismatch causes immediate segfaults.
+A `chroot dpkg --purge` from the rescue disk solved the problem as soon as I
+knew what was going on, but that was a stressful half-hour.
 
---===============testboundary==--
+The third problem was something I should have known was going to be an issue:
+an old Perl program that does some internal stuff for one of the services I
+ran had a `defined @array` test that has been warning for eons and that I
+never fixed. That became a full syntax error with the most recent Perl, and
+then I fixed it incorrectly the first time and had a bunch of trouble tracking
+down what I'd broken. All sorted out now, and everything is happily running
+stretch. (ejabberd, which other folks had mentioned was a problem, went
+completely smoothly, although I suspect I now have too many of the plugin
+packages installed and should do a purging.)
 
-From planet-debian Mon Oct 16 04:47:00 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Mon, 16 Oct 2017 04:47:00 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Russ Allbery: Free software log (September 2017)
-Message-ID: https-www-eyrie-org-eagle-journal-2017-10-001-html
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://www.eyrie.org/~eagle/journal/2017-10/001.html
 
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
@@ -3133,111 +3238,6 @@ mentioned was a problem, went completely smoothly, although I suspect I
 now have too many of the plugin packages installed and should do a
 purging.)
 </p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://www.eyrie.org/~eagle/journal/2017-10/001.html
-
-I said that I was going to start writing these regularly, so I'm going to
-stick to it, even when the results are rather underwhelming. One of the goals
-is to make the time for more free software work, and I do better at doing
-things that I record.
-
-The only piece of free software work for September was that I made [rra-c-
-util][1] compile cleanly with the Clang static analyzer. This was fairly
-tedious work that mostly involved unconfusing the compiler or converting
-(semi-intentional) crashes into explicit asserts, but it unblocks using the
-Clang static analyzer as part of the automated test suite of my other projects
-that are downstream of rra-c-util.
-
-   [1]: <https://www.eyrie.org/~eagle/software/rra-c-util/>
-
-One of the semantic changes I made was that the vector utilities in rra-c-util
-(which maintain a resizable array of strings) now always allocate room for at
-least one string pointer. This wastes a small amount of memory for empty
-vectors that are never used, but ensures that the `strings` struct member is
-always valid. This isn't, strictly speaking, a correctness fix, since all the
-checks were correct, but after some thought, I decided that humans might have
-the same problem that the static analyzer had. It's a lot easier to reason
-about a field that's never NULL. Similarly, the replacement function for a
-missing `reallocarray` now does an allocation of size 1 if given a size of 0,
-just to avoid edge case behavior. (I'm sure the behavior of a realloc with
-size 0 is defined somewhere in the C standard, but if I have to look it up,
-I'd rather not make a human reason about it.)
-
-I started on, but didn't finish, making rra-c-util compile without Clang
-warnings (at least for a chosen set of warnings). By far the hardest problem
-here are the Clang warnings for comparisons between unsigned and signed
-integers. In theory, I like this warning, since it's the cause of a lot of
-very obscure bugs. In practice, gah does C ever do this all over the place,
-and it's incredibly painful to avoid. (One of the biggest offenders is
-`write`, which returns a `ssize_t` that you almost always want to compare
-against a `size_t`.) I did a bunch of mechanical work, but I now have a lot of
-bits of code like:
-
-    
-    
-         if (status < 0)
-             return;
-        written = (size_t) status;
-        if (written < avail)
-            buffer->left += written;
-    
-
-which is ugly and unsatisfying. And I also have a ton of casts, such as with:
-
-    
-    
-        buffer_resize(buffer, (size_t) st.st_size + used);
-    
-
-since `st.st_size` is an `off_t`, which may be signed. This is all deeply
-unsatisfying and ugly, and I think it makes the code moderately harder to
-read, but I do think the warning will potentially catch bugs and even security
-issues.
-
-I'm still torn. Maybe I can find some nice macros or programming styles to
-avoid the worst of this problem. It definitely requires more thought, rather
-than just committing this huge mechanical change with lots of ugly code.
-
-Mostly, this kind of nonsense makes me want to stop working on C code and go
-finish learning Rust....
-
-Anyway, apart from work, the biggest thing I managed to do last month that was
-vaguely related to free software was upgrading my personal servers to stretch
-(finally). That mostly went okay; only a few things made it unnecessarily
-exciting.
-
-The first was that one of my systems had a very tiny / partition that was too
-small to hold the downloaded debs for the upgrade, so I had to resize it (VM
-disk, partition, and file system), and that was a bit exciting because it has
-an old-style DOS partition table that isn't aligned (hmmm, which is probably
-why disk I/O is so slow on those VMs), so I had to use the obsolete `fdisk
--c=dos` mode because I wasn't up for replacing the partition right then.
-
-The second was that my first try at an upgrade died with a segfault during the
-libc6 postinst and then every executable segfaulted. A mild panic and a rescue
-disk later (and thirty minutes and a lot of swearing), I tracked the problem
-down to libc6-xen. Nothing in the dependency structure between jessie and
-stretch forces libc6-xen to be upgraded in lockstep or removed, but it's
-earlier in the search path. So ld.so gets upgraded, and then finds the old
-libc6 from the libc6-xen package, and the mismatch causes immediate segfaults.
-A `chroot dpkg --purge` from the rescue disk solved the problem as soon as I
-knew what was going on, but that was a stressful half-hour.
-
-The third problem was something I should have known was going to be an issue:
-an old Perl program that does some internal stuff for one of the services I
-ran had a `defined @array` test that has been warning for eons and that I
-never fixed. That became a full syntax error with the most recent Perl, and
-then I fixed it incorrectly the first time and had a bunch of trouble tracking
-down what I'd broken. All sorted out now, and everything is happily running
-stretch. (ejabberd, which other folks had mentioned was a problem, went
-completely smoothly, although I suspect I now have too many of the plugin
-packages installed and should do a purging.)
-
-
 --===============testboundary==--
 
 From planet-debian Mon Oct 16 01:18:39 2017
@@ -3248,44 +3248,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Norbert Preining: Fixing vim in Debian
 Message-ID: https-www-preining-info-blog-p-6814
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://www.preining.info/blog/2017/10/fixing-vim-in-debian/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>I was wondering for quite some time why on my server vim behaves so stupid with respect to the mouse: Jumping around, copy and paste wasn’t possible the usual way. All this despite having</p>
-<pre lang="shell">  set mouse=
-</pre>
-<p>in my <tt>/etc/vim/vimrc.local</tt>. Finally I found out why, thanks to bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864074">#864074</a> and fixed it.</p>
-<p><img alt="" class="aligncenter size-full wp-image-6815" height="430" src="https://www.preining.info/blog/wp-content/uploads/2017/10/fixing-debian-vim.jpg" width="800" /></p>
-<p>The whole mess comes from the fact that, when there is no <tt>~/.vimrc</tt>, vim loads <tt>defaults.vim</tt> <strong>after</strong> <tt>vimrc.local</tt> and thus overwriting several settings put in there.</p>
-<p>There is a comment (I didn’t see, though) in <tt>/etc/vim/vimrc</tt> explaining this:</p>
-<pre lang="vim">" Vim will load $VIMRUNTIME/defaults.vim if the user does not have a vimrc.
-" This happens after /etc/vim/vimrc(.local) are loaded, so it will override
-" any settings in these files.
-" If you don't want that to happen, uncomment the below line to prevent
-" defaults.vim from being loaded.
-" let g:skip_defaults_vim = 1
-</pre>
-<p>I agree that this is a good way to setup vim on a normal installation of Vim, but the Debian package could do better. The problem is laid out clearly in the bug report: If there is no <tt>~/.vimrc</tt>, settings in <tt>/etc/vim/vimrc.local</tt> are overwritten.</p>
-<p>This is as counterintuitive as it can be in Debian – and I don’t know any other package that does it in a similar way.</p>
-<p>Since the settings in <tt>defaults.vim</tt> are quite reasonable, I want to have them, but only fix a few of the items I disagree with, like the mouse. At the end what I did is the following in my <tt>/etc/vim/vimrc.local</tt>:</p>
-<pre lang="vim">if filereadable("/usr/share/vim/vim80/defaults.vim")
-  source /usr/share/vim/vim80/defaults.vim
-endif
-" now set the line that the defaults file is not reloaded afterwards!
-let g:skip_defaults_vim = 1
-
-" turn of mouse
-set mouse=
-" other override settings go here
-</pre>
-<p>There is probably a better way to get a generic load statement that does not depend on the Vim version, but for now I am fine with that.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -3352,114 +3319,54 @@ There is probably a better way to get a generic load statement that does not
 depend on the Vim version, but for now I am fine with that.
 
 
---===============testboundary==--
-
-From planet-debian Sun Oct 15 22:00:00 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Sun, 15 Oct 2017 22:00:00 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Iain R. Learmonth: Free Software Efforts (2017W41)
-Message-ID: https-iain-learmonth-me-blog-2017-2017w41
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://iain.learmonth.me/blog/2017/2017w41/
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Here’s my weekly report for week 41 of 2017. In this week I have explored some
-<a href="https://iain.learmonth.me/blog/2017/2017w413/">Java 8</a>
-<a href="http://localhost:1313/blog/2017/2017w414/">features</a>, looked at <a href="https://iain.learmonth.me/blog/2017/2017w412/">automatic
-updates in a few Linux distributions</a> and decided that
-actually <a href="https://iain.learmonth.me/blog/2017/2017w415/">I don’t need swap anymore</a>.</p>
-
-<h2 id="debian">Debian</h2>
-
-<p>The <a href="http://savannah.gnu.org/support/?109385">issue that was preventing the
-migration</a> of the <a href="https://qa.debian.org/developer.php?login=pkg-tasktools-discuss@lists.alioth.debian.org">Tasktools Packaging
-Team</a>’s
-mailing list <a href="https://lists.alioth.debian.org/mailman/listinfo/pkg-tasktools-discuss">from
-Alioth</a>
-<a href="https://lists.nongnu.org/mailman/listinfo/taskdeb-discuss">to Savannah</a> has
-now been resolved.</p>
-
-<p><a href="https://a.custura.eu/">Ana</a>’s 
-<a href="https://packages.debian.org/source/sid/chkservice">chkservice</a>
-
- package that I
-sponsored last week has been <a href="https://tracker.debian.org/news/878064">ACCEPTED</a>
-into unstable and since <a href="https://tracker.debian.org/news/879426">MIGRATED</a> to
-testing.</p>
-
-<h2 id="tor-project">Tor Project</h2>
-
-<p>I have produced a patch for the Tor Project website to update links to the
-Onionoo documentation now this has moved (<a href="https://bugs.torproject.org/23802">#23802</a>
-). I’ve
-updated the <a href="https://www.torproject.org/docs/tor-relay-debian.html.en">Debian and Ubuntu relay configuration
-instructions</a> to use
-<code>systemctl</code> instead of <code>service</code> where appropriate (<a href="https://bugs.torproject.org/23048">#23048</a>
-).</p>
-
-<p>When a Tor relay is less than 2 years old, an alert will now appear on
-<a href="https://atlas.torproject.org">Atlas</a> to link to the <a href="https://blog.torproject.org/lifecycle-new-relay">new relay
-lifecycle</a> blog post (<a href="https://bugs.torproject.org/23767">#23767</a>
-). This should hopefully help new relay operators understand why
-their relay is not immediately fully loaded but instead it takes some time to
-ramp up.</p>
-
-<p>I have gone through the tickets for <a href="https://cloud.torproject.org/">Tor Cloud</a>
-and did not find any tickets that contain any important information that would
-be useful to someone reviving the project. I have closed out these tickets and
-the <a href="https://trac.torproject.org/projects/tor/query?status=accepted&amp;status=assigned&amp;status=closed&amp;component=Archived%2FTor+Cloud&amp;col=id&amp;col=summary&amp;col=status&amp;col=owner&amp;col=type&amp;col=priority&amp;col=milestone&amp;col=changetime&amp;desc=1&amp;order=changetime">Tor Cloud
-component</a>
-no longer has any non-closed tickets (<a href="https://bugs.torproject.org/7763">#7763</a>, <a href="https://bugs.torproject.org/8544">#8544</a>, <a href="https://bugs.torproject.org/8768">#8768</a>, <a href="https://bugs.torproject.org/9064">#9064</a>, <a href="https://bugs.torproject.org/9751">#9751</a>, <a href="https://bugs.torproject.org/10282">#10282</a>, <a href="https://bugs.torproject.org/10637">#10637</a>, <a href="https://bugs.torproject.org/11153">#11153</a>, <a href="https://bugs.torproject.org/11502">#11502</a>, <a href="https://bugs.torproject.org/13391">#13391</a>, <a href="https://bugs.torproject.org/14035">#14035</a>, <a href="https://bugs.torproject.org/14036">#14036</a>, <a href="https://bugs.torproject.org/14073">#14073</a>, <a href="https://bugs.torproject.org/15821">#15821</a>
-).</p>
-
-<p>I’ve continued to work on turning the Atlas application into an integrated part
-of Tor Metrics (<a href="https://bugs.torproject.org/23518">#23518</a>
-) and you can see some progress
-<a href="https://people.torproject.org/~irl/atlas/">here</a>.</p>
-
-<p>Finally, I’ve continued hacking on a <a href="https://twitter.com/TorAtlas">Twitter bot to tweet factoids about the public
-Tor network</a> and you can now enjoy <a href="https://people.torproject.org/~irl/atlasbot/">some JavaDoc
-documentation</a> if you’d like to
-learn a little about its internals. I am still waiting for a git repository to
-be created (<a href="https://bugs.torproject.org/23799">#23799</a>
-) but will be publishing the sources shortly
-after that ticket is actioned.</p>
-
-<ul>
-<li>Bugs opened: <a href="https://bugs.torproject.org/23799">#23799</a>, <a href="https://bugs.torproject.org/23802">#23802</a>, <a href="https://bugs.torproject.org/23809">#23809</a>, <a href="https://bugs.torproject.org/23830">#23830</a>, <a href="https://bugs.torproject.org/23831">#23831</a>
-</li>
-<li>Bugs closed (fixed/wontfix): <a href="https://bugs.torproject.org/7763">#7763</a>, <a href="https://bugs.torproject.org/8544">#8544</a>, <a href="https://bugs.torproject.org/8768">#8768</a>, <a href="https://bugs.torproject.org/9064">#9064</a>, <a href="https://bugs.torproject.org/9751">#9751</a>, <a href="https://bugs.torproject.org/10282">#10282</a>, <a href="https://bugs.torproject.org/10637">#10637</a>, <a href="https://bugs.torproject.org/11153">#11153</a>, <a href="https://bugs.torproject.org/11502">#11502</a>, <a href="https://bugs.torproject.org/13391">#13391</a>, <a href="https://bugs.torproject.org/14035">#14035</a>, <a href="https://bugs.torproject.org/14036">#14036</a>, <a href="https://bugs.torproject.org/14073">#14073</a>, <a href="https://bugs.torproject.org/15821">#15821</a>, <a href="https://bugs.torproject.org/23048">#23048</a>, <a href="https://bugs.torproject.org/23767">#23767</a>
-</li>
-</ul>
-
-<h2 id="sustainability">Sustainability</h2>
-
-<p>I believe it is important to be clear not only about the work I have already
-completed but also about the sustainability of this work into the future. I
-plan to include a short report on the current sustainability of my work in each
-weekly report.</p>
+<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>I was wondering for quite some time why on my server vim behaves so stupid with respect to the mouse: Jumping around, copy and paste wasn’t possible the usual way. All this despite having</p>
+<pre lang="shell">  set mouse=
+</pre>
+<p>in my <tt>/etc/vim/vimrc.local</tt>. Finally I found out why, thanks to bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864074">#864074</a> and fixed it.</p>
+<p><img alt="" class="aligncenter size-full wp-image-6815" height="430" src="https://www.preining.info/blog/wp-content/uploads/2017/10/fixing-debian-vim.jpg" width="800" /></p>
+<p>The whole mess comes from the fact that, when there is no <tt>~/.vimrc</tt>, vim loads <tt>defaults.vim</tt> <strong>after</strong> <tt>vimrc.local</tt> and thus overwriting several settings put in there.</p>
+<p>There is a comment (I didn’t see, though) in <tt>/etc/vim/vimrc</tt> explaining this:</p>
+<pre lang="vim">" Vim will load $VIMRUNTIME/defaults.vim if the user does not have a vimrc.
+" This happens after /etc/vim/vimrc(.local) are loaded, so it will override
+" any settings in these files.
+" If you don't want that to happen, uncomment the below line to prevent
+" defaults.vim from being loaded.
+" let g:skip_defaults_vim = 1
+</pre>
+<p>I agree that this is a good way to setup vim on a normal installation of Vim, but the Debian package could do better. The problem is laid out clearly in the bug report: If there is no <tt>~/.vimrc</tt>, settings in <tt>/etc/vim/vimrc.local</tt> are overwritten.</p>
+<p>This is as counterintuitive as it can be in Debian – and I don’t know any other package that does it in a similar way.</p>
+<p>Since the settings in <tt>defaults.vim</tt> are quite reasonable, I want to have them, but only fix a few of the items I disagree with, like the mouse. At the end what I did is the following in my <tt>/etc/vim/vimrc.local</tt>:</p>
+<pre lang="vim">if filereadable("/usr/share/vim/vim80/defaults.vim")
+  source /usr/share/vim/vim80/defaults.vim
+endif
+" now set the line that the defaults file is not reloaded afterwards!
+let g:skip_defaults_vim = 1
 
-<p>I have not had any free software related expenses this week. The current funds
-I have available for equipment, travel and other free software expenses remains
-£60.52. I do not believe that any hardware I rely on is looking at imminent
-failure.</p>
+" turn of mouse
+set mouse=
+" other override settings go here
+</pre>
+<p>There is probably a better way to get a generic load statement that does not depend on the Vim version, but for now I am fine with that.</p>
+--===============testboundary==--
 
-<p>I’d like to thank <a href="http://digitalocean.com/">Digital Ocean</a> for providing me
-with futher credit for their platform to support my open source work.</p>
+From planet-debian Sun Oct 15 22:00:00 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Sun, 15 Oct 2017 22:00:00 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Iain R. Learmonth: Free Software Efforts (2017W41)
+Message-ID: https-iain-learmonth-me-blog-2017-2017w41
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://iain.learmonth.me/blog/2017/2017w41/
 
-<p>I do not find it likely that I’ll be travelling to Cambridge for <a href="https://wiki.debian.org/DebianEvents/gb/2017/MiniDebConfCambridge">the
-miniDebConf</a>
-as the train alone would be around £350 and hotel accomodation a further £600
-(to include both me and Ana).</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -3605,6 +3512,99 @@ accomodation a further £600 (to include both me and Ana).
    [62]: <https://wiki.debian.org/DebianEvents/gb/2017/MiniDebConfCambridge>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Here’s my weekly report for week 41 of 2017. In this week I have explored some
+<a href="https://iain.learmonth.me/blog/2017/2017w413/">Java 8</a>
+<a href="http://localhost:1313/blog/2017/2017w414/">features</a>, looked at <a href="https://iain.learmonth.me/blog/2017/2017w412/">automatic
+updates in a few Linux distributions</a> and decided that
+actually <a href="https://iain.learmonth.me/blog/2017/2017w415/">I don’t need swap anymore</a>.</p>
+
+<h2 id="debian">Debian</h2>
+
+<p>The <a href="http://savannah.gnu.org/support/?109385">issue that was preventing the
+migration</a> of the <a href="https://qa.debian.org/developer.php?login=pkg-tasktools-discuss@lists.alioth.debian.org">Tasktools Packaging
+Team</a>’s
+mailing list <a href="https://lists.alioth.debian.org/mailman/listinfo/pkg-tasktools-discuss">from
+Alioth</a>
+<a href="https://lists.nongnu.org/mailman/listinfo/taskdeb-discuss">to Savannah</a> has
+now been resolved.</p>
+
+<p><a href="https://a.custura.eu/">Ana</a>’s 
+<a href="https://packages.debian.org/source/sid/chkservice">chkservice</a>
+
+ package that I
+sponsored last week has been <a href="https://tracker.debian.org/news/878064">ACCEPTED</a>
+into unstable and since <a href="https://tracker.debian.org/news/879426">MIGRATED</a> to
+testing.</p>
+
+<h2 id="tor-project">Tor Project</h2>
+
+<p>I have produced a patch for the Tor Project website to update links to the
+Onionoo documentation now this has moved (<a href="https://bugs.torproject.org/23802">#23802</a>
+). I’ve
+updated the <a href="https://www.torproject.org/docs/tor-relay-debian.html.en">Debian and Ubuntu relay configuration
+instructions</a> to use
+<code>systemctl</code> instead of <code>service</code> where appropriate (<a href="https://bugs.torproject.org/23048">#23048</a>
+).</p>
+
+<p>When a Tor relay is less than 2 years old, an alert will now appear on
+<a href="https://atlas.torproject.org">Atlas</a> to link to the <a href="https://blog.torproject.org/lifecycle-new-relay">new relay
+lifecycle</a> blog post (<a href="https://bugs.torproject.org/23767">#23767</a>
+). This should hopefully help new relay operators understand why
+their relay is not immediately fully loaded but instead it takes some time to
+ramp up.</p>
+
+<p>I have gone through the tickets for <a href="https://cloud.torproject.org/">Tor Cloud</a>
+and did not find any tickets that contain any important information that would
+be useful to someone reviving the project. I have closed out these tickets and
+the <a href="https://trac.torproject.org/projects/tor/query?status=accepted&amp;status=assigned&amp;status=closed&amp;component=Archived%2FTor+Cloud&amp;col=id&amp;col=summary&amp;col=status&amp;col=owner&amp;col=type&amp;col=priority&amp;col=milestone&amp;col=changetime&amp;desc=1&amp;order=changetime">Tor Cloud
+component</a>
+no longer has any non-closed tickets (<a href="https://bugs.torproject.org/7763">#7763</a>, <a href="https://bugs.torproject.org/8544">#8544</a>, <a href="https://bugs.torproject.org/8768">#8768</a>, <a href="https://bugs.torproject.org/9064">#9064</a>, <a href="https://bugs.torproject.org/9751">#9751</a>, <a href="https://bugs.torproject.org/10282">#10282</a>, <a href="https://bugs.torproject.org/10637">#10637</a>, <a href="https://bugs.torproject.org/11153">#11153</a>, <a href="https://bugs.torproject.org/11502">#11502</a>, <a href="https://bugs.torproject.org/13391">#13391</a>, <a href="https://bugs.torproject.org/14035">#14035</a>, <a href="https://bugs.torproject.org/14036">#14036</a>, <a href="https://bugs.torproject.org/14073">#14073</a>, <a href="https://bugs.torproject.org/15821">#15821</a>
+).</p>
+
+<p>I’ve continued to work on turning the Atlas application into an integrated part
+of Tor Metrics (<a href="https://bugs.torproject.org/23518">#23518</a>
+) and you can see some progress
+<a href="https://people.torproject.org/~irl/atlas/">here</a>.</p>
+
+<p>Finally, I’ve continued hacking on a <a href="https://twitter.com/TorAtlas">Twitter bot to tweet factoids about the public
+Tor network</a> and you can now enjoy <a href="https://people.torproject.org/~irl/atlasbot/">some JavaDoc
+documentation</a> if you’d like to
+learn a little about its internals. I am still waiting for a git repository to
+be created (<a href="https://bugs.torproject.org/23799">#23799</a>
+) but will be publishing the sources shortly
+after that ticket is actioned.</p>
+
+<ul>
+<li>Bugs opened: <a href="https://bugs.torproject.org/23799">#23799</a>, <a href="https://bugs.torproject.org/23802">#23802</a>, <a href="https://bugs.torproject.org/23809">#23809</a>, <a href="https://bugs.torproject.org/23830">#23830</a>, <a href="https://bugs.torproject.org/23831">#23831</a>
+</li>
+<li>Bugs closed (fixed/wontfix): <a href="https://bugs.torproject.org/7763">#7763</a>, <a href="https://bugs.torproject.org/8544">#8544</a>, <a href="https://bugs.torproject.org/8768">#8768</a>, <a href="https://bugs.torproject.org/9064">#9064</a>, <a href="https://bugs.torproject.org/9751">#9751</a>, <a href="https://bugs.torproject.org/10282">#10282</a>, <a href="https://bugs.torproject.org/10637">#10637</a>, <a href="https://bugs.torproject.org/11153">#11153</a>, <a href="https://bugs.torproject.org/11502">#11502</a>, <a href="https://bugs.torproject.org/13391">#13391</a>, <a href="https://bugs.torproject.org/14035">#14035</a>, <a href="https://bugs.torproject.org/14036">#14036</a>, <a href="https://bugs.torproject.org/14073">#14073</a>, <a href="https://bugs.torproject.org/15821">#15821</a>, <a href="https://bugs.torproject.org/23048">#23048</a>, <a href="https://bugs.torproject.org/23767">#23767</a>
+</li>
+</ul>
+
+<h2 id="sustainability">Sustainability</h2>
+
+<p>I believe it is important to be clear not only about the work I have already
+completed but also about the sustainability of this work into the future. I
+plan to include a short report on the current sustainability of my work in each
+weekly report.</p>
+
+<p>I have not had any free software related expenses this week. The current funds
+I have available for equipment, travel and other free software expenses remains
+£60.52. I do not believe that any hardware I rely on is looking at imminent
+failure.</p>
+
+<p>I’d like to thank <a href="http://digitalocean.com/">Digital Ocean</a> for providing me
+with futher credit for their platform to support my open source work.</p>
+
+<p>I do not find it likely that I’ll be travelling to Cambridge for <a href="https://wiki.debian.org/DebianEvents/gb/2017/MiniDebConfCambridge">the
+miniDebConf</a>
+as the train alone would be around £350 and hotel accomodation a further £600
+(to include both me and Ana).</p>
 --===============testboundary==--
 
 From planet-debian Sun Oct 15 01:32:53 2017
@@ -3615,94 +3615,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Norbert Preining: TeX Live Manager: JSON output
 Message-ID: https-www-preining-info-blog-p-6806
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://www.preining.info/blog/2017/10/tex-live-manager-json-output/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>With the development of <a href="https://github.com/TeX-Live/tlcockpit">TLCockpit</a> continuing, I found the need for and easy exchange format between the <a href="https://www.tug.org/texlive/tlmgr.html">TeX Live Manager</a> <tt>tlmgr</tt> and frontend programs like TLCockpit. Thus, I have implemented JSON output for the <tt>tlmgr info</tt> command.</p>
-<p><img alt="" class="aligncenter size-full wp-image-4631" height="451" src="https://www.preining.info/blog/wp-content/uploads/2015/06/texlive-tlmgr.jpg" width="860" /></p>
-<p>While the format is not 100% stable – I might change some thing – I consider it pretty settled. The output of <tt>tlmgr info --data json</tt> is a JSON array with JSON objects for each package requested (default is to list all).</p>
-<pre lang="json">[ TLPackageObj, TLPackageObj, ... ]
-</pre>
-<p>The structure of the JSON object <tt>TLPackageObj</tt> reflects the internal Perl hash. Guaranteed to be present keys are <tt>name</tt> (String) and <tt>avilable</tt> (Boolean). In case the package is available, there are the following further keys sorted by their type:</p>
-<ul>
-<li><b>String type:</b> name, shortdesc, longdesc, category, catalogue, containerchecksum, srccontainerchecksum, doccontainerchecksum</li>
-<li><b>Number type:</b> revision, runsize, docsize, srcsize, containersize, srccontainersize, doccontainersize</li>
-<li><b>Boolean type:</b> available, installed, relocated</li>
-<li><b>Array type:</b> runfiles (Strings), docfiles (Strings), srcfiles (Strings), executes (Strings), depends (Strings), postactions (Strings)</li>
-<li><b>Object type:</b>
-<ul>
-<li>binfiles: keys are architecture names, values are arrays of strings (list of binfiles)</li>
-<li>binsize: keys are architecture names, values or numbers</li>
-<li>docfiledata: keys are docfile names, values are objects with optional keys <tt>details</tt> and <tt>lang</tt></li>
-<li>cataloguedata: optional keys aare <tt>topics</tt>, <tt>version</tt>, <tt>license</tt>, <tt>ctan</tt>, <tt>date</tt>, values are all strings</li>
-</ul>
-</li>
-</ul>
-<p>A rather long example showing the output for the package <tt>latex</tt>, formatted with <tt>json_pp</tt> and having the list of files and the long description shortened:</p>
-<pre lang="json">[
-   {
-      "installed" : true,
-      "doccontainerchecksum" : "5bdfea6b85c431a0af2abc8f8df160b297ad73f6a324ca88df990f01f24611c9ae80d2f6d12c7b3767308fbe3de3fca3d11664b923ea4080fb13fd056a1d0c3d",
-      "docfiles" : [
-         "texmf-dist/doc/latex/base/README.txt",
-         ....
-         "texmf-dist/doc/latex/base/webcomp.pdf"
-      ],
-      "containersize" : 163892,
-      "depends" : [
-         "luatex",
-         "pdftex",
-         "latexconfig",
-         "latex-fonts"
-      ],
-      "runsize" : 414,
-      "relocated" : false,
-      "doccontainersize" : 12812184,
-      "srcsize" : 752,
-      "revision" : 43813,
-      "srcfiles" : [
-         "texmf-dist/source/latex/base/alltt.dtx",
-         ....
-         "texmf-dist/source/latex/base/utf8ienc.dtx"
-      ],
-      "category" : "Package",
-      "cataloguedata" : {
-         "version" : "2017/01/01 PL1",
-         "topics" : "format",
-         "license" : "lppl1.3",
-         "date" : "2017-01-25 23:33:57 +0100"
-      },
-      "srccontainerchecksum" : "1d145b567cf48d6ee71582a1f329fe5cf002d6259269a71d2e4a69e6e6bd65abeb92461d31d7137f3803503534282bc0c5546e5d2d1aa2604e896e607c53b041",
-      "postactions" : [],
-      "binsize" : {},
-      "longdesc" : "LaTeX is a widely-used macro package for TeX, [...]",
-      "srccontainersize" : 516036,
-      "containerchecksum" : "af0ac85f89b7620eb7699c8bca6348f8913352c473af1056b7a90f28567d3f3e21d60be1f44e056107766b1dce8d87d367e7f8a82f777d565a2d4597feb24558",
-      "executes" : [],
-      "binfiles" : {},
-      "name" : "latex",
-      "catalogue" : null,
-      "docsize" : 3799,
-      "available" : true,
-      "runfiles" : [
-         "texmf-dist/makeindex/latex/gglo.ist",
-         ...
-         "texmf-dist/tex/latex/base/x2enc.dfu"
-      ],
-      "shortdesc" : "A TeX macro package that defines LaTeX"
-   }
-]
-</pre>
-<p>What is currently not available via <tt>tlmgr info</tt> and thus also not via the JSON output is access to virtual TeX Live databases with several member databases (multiple repositories). I am thinking about how to incorporate this information.</p>
-<p>These changes are currently available in the <a href="https://www.tug.org/texlive/tlmgr.html">tlcritical</a> repository, but will enter proper TeX Live repositories soon.</p>
-<p>Using this JSON output I will rewrite the current TLCockpit tlmgr interface to display more complete information.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -3817,6 +3734,89 @@ Using this JSON output I will rewrite the current TLCockpit tlmgr interface to
 display more complete information.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/preining.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>With the development of <a href="https://github.com/TeX-Live/tlcockpit">TLCockpit</a> continuing, I found the need for and easy exchange format between the <a href="https://www.tug.org/texlive/tlmgr.html">TeX Live Manager</a> <tt>tlmgr</tt> and frontend programs like TLCockpit. Thus, I have implemented JSON output for the <tt>tlmgr info</tt> command.</p>
+<p><img alt="" class="aligncenter size-full wp-image-4631" height="451" src="https://www.preining.info/blog/wp-content/uploads/2015/06/texlive-tlmgr.jpg" width="860" /></p>
+<p>While the format is not 100% stable – I might change some thing – I consider it pretty settled. The output of <tt>tlmgr info --data json</tt> is a JSON array with JSON objects for each package requested (default is to list all).</p>
+<pre lang="json">[ TLPackageObj, TLPackageObj, ... ]
+</pre>
+<p>The structure of the JSON object <tt>TLPackageObj</tt> reflects the internal Perl hash. Guaranteed to be present keys are <tt>name</tt> (String) and <tt>avilable</tt> (Boolean). In case the package is available, there are the following further keys sorted by their type:</p>
+<ul>
+<li><b>String type:</b> name, shortdesc, longdesc, category, catalogue, containerchecksum, srccontainerchecksum, doccontainerchecksum</li>
+<li><b>Number type:</b> revision, runsize, docsize, srcsize, containersize, srccontainersize, doccontainersize</li>
+<li><b>Boolean type:</b> available, installed, relocated</li>
+<li><b>Array type:</b> runfiles (Strings), docfiles (Strings), srcfiles (Strings), executes (Strings), depends (Strings), postactions (Strings)</li>
+<li><b>Object type:</b>
+<ul>
+<li>binfiles: keys are architecture names, values are arrays of strings (list of binfiles)</li>
+<li>binsize: keys are architecture names, values or numbers</li>
+<li>docfiledata: keys are docfile names, values are objects with optional keys <tt>details</tt> and <tt>lang</tt></li>
+<li>cataloguedata: optional keys aare <tt>topics</tt>, <tt>version</tt>, <tt>license</tt>, <tt>ctan</tt>, <tt>date</tt>, values are all strings</li>
+</ul>
+</li>
+</ul>
+<p>A rather long example showing the output for the package <tt>latex</tt>, formatted with <tt>json_pp</tt> and having the list of files and the long description shortened:</p>
+<pre lang="json">[
+   {
+      "installed" : true,
+      "doccontainerchecksum" : "5bdfea6b85c431a0af2abc8f8df160b297ad73f6a324ca88df990f01f24611c9ae80d2f6d12c7b3767308fbe3de3fca3d11664b923ea4080fb13fd056a1d0c3d",
+      "docfiles" : [
+         "texmf-dist/doc/latex/base/README.txt",
+         ....
+         "texmf-dist/doc/latex/base/webcomp.pdf"
+      ],
+      "containersize" : 163892,
+      "depends" : [
+         "luatex",
+         "pdftex",
+         "latexconfig",
+         "latex-fonts"
+      ],
+      "runsize" : 414,
+      "relocated" : false,
+      "doccontainersize" : 12812184,
+      "srcsize" : 752,
+      "revision" : 43813,
+      "srcfiles" : [
+         "texmf-dist/source/latex/base/alltt.dtx",
+         ....
+         "texmf-dist/source/latex/base/utf8ienc.dtx"
+      ],
+      "category" : "Package",
+      "cataloguedata" : {
+         "version" : "2017/01/01 PL1",
+         "topics" : "format",
+         "license" : "lppl1.3",
+         "date" : "2017-01-25 23:33:57 +0100"
+      },
+      "srccontainerchecksum" : "1d145b567cf48d6ee71582a1f329fe5cf002d6259269a71d2e4a69e6e6bd65abeb92461d31d7137f3803503534282bc0c5546e5d2d1aa2604e896e607c53b041",
+      "postactions" : [],
+      "binsize" : {},
+      "longdesc" : "LaTeX is a widely-used macro package for TeX, [...]",
+      "srccontainersize" : 516036,
+      "containerchecksum" : "af0ac85f89b7620eb7699c8bca6348f8913352c473af1056b7a90f28567d3f3e21d60be1f44e056107766b1dce8d87d367e7f8a82f777d565a2d4597feb24558",
+      "executes" : [],
+      "binfiles" : {},
+      "name" : "latex",
+      "catalogue" : null,
+      "docsize" : 3799,
+      "available" : true,
+      "runfiles" : [
+         "texmf-dist/makeindex/latex/gglo.ist",
+         ...
+         "texmf-dist/tex/latex/base/x2enc.dfu"
+      ],
+      "shortdesc" : "A TeX macro package that defines LaTeX"
+   }
+]
+</pre>
+<p>What is currently not available via <tt>tlmgr info</tt> and thus also not via the JSON output is access to virtual TeX Live databases with several member databases (multiple repositories). I am thinking about how to incorporate this information.</p>
+<p>These changes are currently available in the <a href="https://www.tug.org/texlive/tlmgr.html">tlcritical</a> repository, but will enter proper TeX Live repositories soon.</p>
+<p>Using this JSON output I will rewrite the current TLCockpit tlmgr interface to display more complete information.</p>
 --===============testboundary==--
 
 From planet-debian Sat Oct 14 22:15:50 2017
@@ -3827,23 +3827,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Lior Kaplan: Debian Installer git repository
 Message-ID: http-liorkaplan-wordpress-com-p-620
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://liorkaplan.wordpress.com/2017/10/15/debian-installer-git-repository/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<p>While dealing with d-i’s translation last month in FOSScamp, I was kinda surprised it’s still on SVN. While reviewing PO files from others, I couldn’t select specific parts to commit.</p>
-<p>Debian does have a git server, and many DDs (Debian Developers) use it for their Debian work, but it’s not as public as I wish it to be. Meaning I lack the pull / merge request abilities as well as the review process.</p>
-<p>Recently I got a reminder that the D-I’s Hebrew translation needs some love. I asked my local community for help. Receiving a PO file by mail, reminded me of the SVN annoyance. So this time I decided to convert it to git and ask people to send me pull requests. Another benefit would be making the process more transparent as others could see these PRs (and hopefully comment if needed).</p>
-<p>For this experiment, I opened a repository on GitHub at <a href="https://github.com/kaplanlior/debian-installer">https://github.com/kaplanlior/debian-installer</a> I know they aren’t open source as GitLab, but they are a popular choice which is a good start for my experiment. If and when it succeeds, we can discuss the platform.</p>
-<div class="wp-caption alignnone" id="attachment_649" style="width: 565px;"><img alt="debian-9" class="alignnone size-full wp-image-649" src="https://liorkaplan.files.wordpress.com/2017/10/debian-9-555x347.jpg?w=500" /><p class="wp-caption-text">Debian 9</p></div>
-<p>(featured image by Jonathan Carter)</p>
-<p> </p><br />Filed under: <a href="https://liorkaplan.wordpress.com/category/debian-gnulinux/">Debian GNU/Linux</a>  <a href="http://feeds.wordpress.com/1.0/gocomments/liorkaplan.wordpress.com/620/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/liorkaplan.wordpress.com/620/" /></a>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -3883,6 +3871,18 @@ Filed under: [Debian GNU/Linux][1] [][2]
    [2]: <http://feeds.wordpress.com/1.0/gocomments/liorkaplan.wordpress.com/620/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<p>While dealing with d-i’s translation last month in FOSScamp, I was kinda surprised it’s still on SVN. While reviewing PO files from others, I couldn’t select specific parts to commit.</p>
+<p>Debian does have a git server, and many DDs (Debian Developers) use it for their Debian work, but it’s not as public as I wish it to be. Meaning I lack the pull / merge request abilities as well as the review process.</p>
+<p>Recently I got a reminder that the D-I’s Hebrew translation needs some love. I asked my local community for help. Receiving a PO file by mail, reminded me of the SVN annoyance. So this time I decided to convert it to git and ask people to send me pull requests. Another benefit would be making the process more transparent as others could see these PRs (and hopefully comment if needed).</p>
+<p>For this experiment, I opened a repository on GitHub at <a href="https://github.com/kaplanlior/debian-installer">https://github.com/kaplanlior/debian-installer</a> I know they aren’t open source as GitLab, but they are a popular choice which is a good start for my experiment. If and when it succeeds, we can discuss the platform.</p>
+<div class="wp-caption alignnone" id="attachment_649" style="width: 565px;"><img alt="debian-9" class="alignnone size-full wp-image-649" src="https://liorkaplan.files.wordpress.com/2017/10/debian-9-555x347.jpg?w=500" /><p class="wp-caption-text">Debian 9</p></div>
+<p>(featured image by Jonathan Carter)</p>
+<p> </p><br />Filed under: <a href="https://liorkaplan.wordpress.com/category/debian-gnulinux/">Debian GNU/Linux</a>  <a href="http://feeds.wordpress.com/1.0/gocomments/liorkaplan.wordpress.com/620/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/liorkaplan.wordpress.com/620/" /></a>
 --===============testboundary==--
 
 From planet-debian Sat Oct 14 20:10:00 2017
@@ -3893,29 +3893,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Petter Reinholdtsen: A one-way wall on the border?
 Message-ID: http-people-skolelinux-org-pere-blog-a_one_way_wall_on_the_border_-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://people.skolelinux.org/pere/blog/A_one_way_wall_on_the_border_.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<p>I find it fascinating how many of the people being locked inside
-the proposed border wall between USA and Mexico support the idea.  The
-proposal to keep Mexicans out reminds me of
-<a href="http://www.history.com/news/10-things-you-may-not-know-about-the-berlin-wall">the
-propaganda twist from the East Germany government</a> calling the wall
-the “Antifascist Bulwark” after erecting the Berlin Wall, claiming
-that the wall was erected to keep enemies from creeping into East
-Germany, while it was obvious to the people locked inside it that it
-was erected to keep the people from escaping.</p>
-
-<p>Do the people in USA supporting this wall really believe it is a
-one way wall, only keeping people on the outside from getting in,
-while not keeping people in the inside from getting out?</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -3938,6 +3920,24 @@ only keeping people on the outside from getting in, while not keeping people
 in the inside from getting out?
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<p>I find it fascinating how many of the people being locked inside
+the proposed border wall between USA and Mexico support the idea.  The
+proposal to keep Mexicans out reminds me of
+<a href="http://www.history.com/news/10-things-you-may-not-know-about-the-berlin-wall">the
+propaganda twist from the East Germany government</a> calling the wall
+the “Antifascist Bulwark” after erecting the Berlin Wall, claiming
+that the wall was erected to keep enemies from creeping into East
+Germany, while it was obvious to the people locked inside it that it
+was erected to keep the people from escaping.</p>
+
+<p>Do the people in USA supporting this wall really believe it is a
+one way wall, only keeping people on the outside from getting in,
+while not keeping people in the inside from getting out?</p>
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 18:47:36 2017
@@ -3948,37 +3948,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Alex Muntada: My Free Software Activities in Jul-Sep 2017
 Message-ID: http-log-alexm-org-p-487
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://log.alexm.org/2017/10/13/my-free-software-ativities-in-jul-sep-2017/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/alexm.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>If you read <a href="http://planet.debian.org/">Planet Debian</a> often, you’ve probably noticed a trend of Free Software activity reports at the beginning of the month. First, those reports seemed a bit unamusing and lengthy, but since I take the time to read them I’ve learnt a lot of things, and now I’m amazed at the amount of work that people are doing for Free Software. Indeed, I knew already that many people are doing lots of work. But reading those reports gives you an actual view of how much it is.</p>
-<p>Then, I decided that I should do the same and write some kind of report since I became a <a href="https://bits.debian.org/2017/07/new-developers-2017-06.html">Debian Developer</a> in July. I think it’s a nice way to share your work with others and maybe inspire them as it happened to me. So I asked some of the people that have been inspiring me how do they do it. I mean, I was curious to know how they keep track of the work they do and how long it takes to write their reports. It seems that it takes quite some time, it’s mostly manual work and usually starts by the end of the month, reviewing their contributions in mailing lists, bug trackers, e-mail folders, etc.</p>
-<p>Here I am now, writing my first report about my Free Software activities since July and until September 2017. I hope you like it:</p>
-<ul>
-<li>Filed <a href="https://bugs.debian.org/867068">bug #867068</a> in <strong>nm.debian.org</strong>: <em>Cannot claim account after former SSO alioth cert expired</em>.</li>
-<li>Replied a request in private mail for becoming the maintainer for the Monero Wallet, that I declined suggesting to file an <a href="https://wiki.debian.org/RFP">RFP</a>.</li>
-<li>Attended <a href="https://wiki.debconf.org/wiki/DebConf17">DebConf17</a> DebCamp but I missed most of Open Day and the rest of the Debian conference in Montreal.</li>
-<li>Rebuilt <strong>libdbd-oracle-perl</strong> after being <a href="https://tracker.debian.org/news/858803">removed from testing</a> to enable the transition to <strong>perl</strong> 5.26.</li>
-<li>Filed <a href="https://bugs.debian.org/870872">bug #870872</a> in <strong>tracker.debian.org</strong>: <em>Server Error (500) when using a new SSO cert</em>.</li>
-<li>Filed <a href="https://bugs.debian.org/870876">bug #870876</a> in <strong>tracker.debian.org</strong>: <em>make subscription easier to upstreams with many packages</em>.</li>
-<li>Filed <a href="https://bugs.debian.org/871767">bug #871767</a> in <strong>lintian</strong>: <em>[checks/cruft] use substr instead of substring in example</em>.</li>
-<li>Filed <a href="https://bugs.debian.org/871769">bug #871769</a> in <strong>reportbug</strong>: <em>man page mentions -a instead of -A</em>.</li>
-<li>Suggested to remove <strong>libmail-sender-perl</strong> in <a href="https://bugs.debian.org/790727">bug #790727</a>, since it’s been deprecated upstream.</li>
-<li>Mentioned <code>-n</code> option for <code>dpt-takeover</code> in <a href="http://pkg-perl.alioth.debian.org/howto/adopt.html">how to adopt</a> pkg-perl manual.</li>
-<li>Fixed a broken link to <a href="https://kmuto.jp/debian/hcl/">HCL</a> in <a href="https://wiki.debian.org/Hardware">https://wiki.debian.org/Hardware</a>.</li>
-<li>Adopted <strong>libapache-admin-config-perl</strong> into pkg-perl team, <a href="https://tracker.debian.org/news/871791">upgraded</a> to 0.95-1 and closed <a href="https://bugs.debian.org/615457">bug #615457</a>.</li>
-<li>Fixed <a href="https://bugs.debian.org/875835">bug #875835</a> in <strong>libflickr-api-perl</strong>: <em>don’t add quote marks in SYNOPSIS</em>.</li>
-<li>Removed 50 inactive accounts from <a href="https://alioth.debian.org/projects/pkg-perl">pkg-perl team in alioth</a> as part of our <a href="https://lists.debian.org/debian-perl/2017/09/msg00028.html">annual membership ping</a>.</li>
-</ul>
-<p>Happy hacking!</p>
-<p> </p><br />  <a href="http://feeds.wordpress.com/1.0/gocomments/alexmuntada.wordpress.com/487/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/alexmuntada.wordpress.com/487/" /></a>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4050,6 +4024,32 @@ Happy hacking!
    [19]: <http://feeds.wordpress.com/1.0/gocomments/alexmuntada.wordpress.com/487/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/alexm.png" width="65" height="85" alt="" align="right" style="float: right;">  <p>If you read <a href="http://planet.debian.org/">Planet Debian</a> often, you’ve probably noticed a trend of Free Software activity reports at the beginning of the month. First, those reports seemed a bit unamusing and lengthy, but since I take the time to read them I’ve learnt a lot of things, and now I’m amazed at the amount of work that people are doing for Free Software. Indeed, I knew already that many people are doing lots of work. But reading those reports gives you an actual view of how much it is.</p>
+<p>Then, I decided that I should do the same and write some kind of report since I became a <a href="https://bits.debian.org/2017/07/new-developers-2017-06.html">Debian Developer</a> in July. I think it’s a nice way to share your work with others and maybe inspire them as it happened to me. So I asked some of the people that have been inspiring me how do they do it. I mean, I was curious to know how they keep track of the work they do and how long it takes to write their reports. It seems that it takes quite some time, it’s mostly manual work and usually starts by the end of the month, reviewing their contributions in mailing lists, bug trackers, e-mail folders, etc.</p>
+<p>Here I am now, writing my first report about my Free Software activities since July and until September 2017. I hope you like it:</p>
+<ul>
+<li>Filed <a href="https://bugs.debian.org/867068">bug #867068</a> in <strong>nm.debian.org</strong>: <em>Cannot claim account after former SSO alioth cert expired</em>.</li>
+<li>Replied a request in private mail for becoming the maintainer for the Monero Wallet, that I declined suggesting to file an <a href="https://wiki.debian.org/RFP">RFP</a>.</li>
+<li>Attended <a href="https://wiki.debconf.org/wiki/DebConf17">DebConf17</a> DebCamp but I missed most of Open Day and the rest of the Debian conference in Montreal.</li>
+<li>Rebuilt <strong>libdbd-oracle-perl</strong> after being <a href="https://tracker.debian.org/news/858803">removed from testing</a> to enable the transition to <strong>perl</strong> 5.26.</li>
+<li>Filed <a href="https://bugs.debian.org/870872">bug #870872</a> in <strong>tracker.debian.org</strong>: <em>Server Error (500) when using a new SSO cert</em>.</li>
+<li>Filed <a href="https://bugs.debian.org/870876">bug #870876</a> in <strong>tracker.debian.org</strong>: <em>make subscription easier to upstreams with many packages</em>.</li>
+<li>Filed <a href="https://bugs.debian.org/871767">bug #871767</a> in <strong>lintian</strong>: <em>[checks/cruft] use substr instead of substring in example</em>.</li>
+<li>Filed <a href="https://bugs.debian.org/871769">bug #871769</a> in <strong>reportbug</strong>: <em>man page mentions -a instead of -A</em>.</li>
+<li>Suggested to remove <strong>libmail-sender-perl</strong> in <a href="https://bugs.debian.org/790727">bug #790727</a>, since it’s been deprecated upstream.</li>
+<li>Mentioned <code>-n</code> option for <code>dpt-takeover</code> in <a href="http://pkg-perl.alioth.debian.org/howto/adopt.html">how to adopt</a> pkg-perl manual.</li>
+<li>Fixed a broken link to <a href="https://kmuto.jp/debian/hcl/">HCL</a> in <a href="https://wiki.debian.org/Hardware">https://wiki.debian.org/Hardware</a>.</li>
+<li>Adopted <strong>libapache-admin-config-perl</strong> into pkg-perl team, <a href="https://tracker.debian.org/news/871791">upgraded</a> to 0.95-1 and closed <a href="https://bugs.debian.org/615457">bug #615457</a>.</li>
+<li>Fixed <a href="https://bugs.debian.org/875835">bug #875835</a> in <strong>libflickr-api-perl</strong>: <em>don’t add quote marks in SYNOPSIS</em>.</li>
+<li>Removed 50 inactive accounts from <a href="https://alioth.debian.org/projects/pkg-perl">pkg-perl team in alioth</a> as part of our <a href="https://lists.debian.org/debian-perl/2017/09/msg00028.html">annual membership ping</a>.</li>
+</ul>
+<p>Happy hacking!</p>
+<p> </p><br />  <a href="http://feeds.wordpress.com/1.0/gocomments/alexmuntada.wordpress.com/487/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/alexmuntada.wordpress.com/487/" /></a>
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 14:29:00 2017
@@ -4060,17 +4060,11 @@ To: to@example.com
 From: =?utf-8?q?Lisandro_Dami=C3=A1n_Nicanor_P=C3=A9rez_Meyer?= <noreply@blogger.com>
 Subject: =?utf-8?q?Lisandro_Dami=C3=A1n_Nicanor_P=C3=A9rez_Meyer=3A_Qt_4_and_5_and_OpenSSL1=2E0_removal?=
 Message-ID: tag-blogger-com-1999-blog-6357172297737057475-post-4876329106387979395
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://perezmeyer.blogspot.com/2017/10/qt-4-and-5-and-oepnssl10-removal.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/lisandropm.png" width="78" height="100" alt="" align="right" style="float: right;">  Today we received updates on the OpenSSL 1.0 removal status:<br /><br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206</a>&gt;<br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19</a>&gt;<br /><br />So those removal bugs' severities will be raised to RC in aproximately a month.<br /><br />We still don't have any solutions for Qt 4 or 5.<br /><br />For the Qt 5 case we will probably keep the bug open until Qt 5.10 is in the archive which should bring OpenSSL 1.1 support <b>*or*</b> FTP masters decide to remove OpenSSL1.0. In this last case the fate will be the same as with Qt4, below.<br /><br />For Qt4 we do not have patches available and there will probably be none in time (remember we do not have upstream support). That plus the fact that we are actively trying to remove it from the archive it means we will remove openssl support. This might mean that apps using Qt4:<br /><br />- Might cease to work.<br />- Might keep working:<br />  - Informing their users that no SSL support is available → programmer did a good job.<br />  - Not informing their users that no SSL support is available and establishing connections non the less → programmer might have not done a good job.<br /><br />Trying to inform users as soon as possible,<br /><br />Lisandro for the Qt/KDE team.
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4110,6 +4104,12 @@ Trying to inform users as soon as possible,
 Lisandro for the Qt/KDE team.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/lisandropm.png" width="78" height="100" alt="" align="right" style="float: right;">  Today we received updates on the OpenSSL 1.0 removal status:<br /><br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206</a>&gt;<br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19</a>&gt;<br /><br />So those removal bugs' severities will be raised to RC in aproximately a month.<br /><br />We still don't have any solutions for Qt 4 or 5.<br /><br />For the Qt 5 case we will probably keep the bug open until Qt 5.10 is in the archive which should bring OpenSSL 1.1 support <b>*or*</b> FTP masters decide to remove OpenSSL1.0. In this last case the fate will be the same as with Qt4, below.<br /><br />For Qt4 we do not have patches available and there will probably be none in time (remember we do not have upstream support). That plus the fact that we are actively trying to remove it from the archive it means we will remove openssl support. This might mean that apps using Qt4:<br /><br />- Might cease to work.<br />- Might keep working:<br />  - Informing their users that no SSL support is available → programmer did a good job.<br />  - Not informing their users that no SSL support is available and establishing connections non the less → programmer might have not done a good job.<br /><br />Trying to inform users as soon as possible,<br /><br />Lisandro for the Qt/KDE team.
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 13:00:19 2017
@@ -4120,54 +4120,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Michal &#268;iha&#345;: Weblate 2.17
 Message-ID: https-blog-cihar-com-archives-2017-10-13-weblate-217-utm_source-rss2
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.cihar.com/archives/2017/10/13/weblate-217/?utm_source=rss2
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p><a href="https://weblate.org/">Weblate 2.17</a> has been released today. There are quite some performance improvements, improved search, improved access control settings and various other improvements.</p>
-<p>Full list of changes:</p>
-<ul>
-<li>Weblate by default does shallow Git clones now.</li>
-<li>Improved performance when updating large translation files.</li>
-<li>Added support for blocking certain emails from registration.</li>
-<li>Users can now delete their own comments.</li>
-<li>Added preview step to search and replace feature.</li>
-<li>Client side persistence of settings in search and upload forms.</li>
-<li>Extended search capabilities.</li>
-<li>More fine grained per project ACL configuration.</li>
-<li>Default value of BASE_DIR has been changed. </li>
-<li>Added two step account removal to prevent accidental removal.</li>
-<li>Project access control settings is now editable.</li>
-<li>Added optional spam protection for suggestions using Akismet.</li>
-</ul>
-<p>Update: The bugfix 2.17.1 is out as well, fixing  testsuite errors in some setups:</p>
-<ul>
-<li>Fixed running testsuite in some specific situations.</li>
-<li>Locales updates.</li>
-</ul>
-<p>If you are upgrading from older version, please follow our <a href="https://docs.weblate.org/en/latest/admin/upgrade.html">upgrading instructions</a>.</p>
-<p>You can find more information about <a href="https://weblate.org/">Weblate</a> on <a href="https://weblate.org">https://weblate.org</a>, the code is hosted on <a href="https://github.com/WeblateOrg/weblate">Github</a>. If you are curious how it looks, you can try it out on <a href="http:s//demo.weblate.org/">demo server</a>. You can login there with <code>demo</code> account using <code>demo</code> password or register your own user. <a href="https://weblate.org/">Weblate</a> is also being used on <a href="https://hosted.weblate.org/">https://hosted.weblate.org/</a> as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.</p>
-<p>Should you be looking for hosting of translations for your project, I'm happy to <a href="https://weblate.org/hosting/">host them for you</a> or help with setting it up on your infrastructure.</p>
-<p>Further development of Weblate would not be possible without people <a href="https://weblate.org/donate/">providing donations</a>, thanks to everybody who have helped so far! The <a href="https://github.com/WeblateOrg/weblate/milestone/31">roadmap for next release</a> is just being prepared, you can influence this by expressing support for individual issues either by comments or by <a href="https://www.bountysource.com/teams/weblate/issues">providing bounty for them</a>.</p>
-
-<p style="font-size: smaller;">
-Filed under: 
-
-<a href="https://blog.cihar.com/archives/debian/">Debian</a>
-
-<a href="https://blog.cihar.com/archives/english/">English</a>
-
-<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
-
-<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
-
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4229,18 +4186,61 @@ next release][8] is just being prepared, you can influence this by expressing
 support for individual issues either by comments or by [providing bounty for
 them][9].
 
-   [7]: <https://weblate.org/donate/>
-   [8]: <https://github.com/WeblateOrg/weblate/milestone/31>
-   [9]: <https://www.bountysource.com/teams/weblate/issues>
+   [7]: <https://weblate.org/donate/>
+   [8]: <https://github.com/WeblateOrg/weblate/milestone/31>
+   [9]: <https://www.bountysource.com/teams/weblate/issues>
+
+Filed under: [Debian][10] [English][11] [SUSE][12] [Weblate][13]
+
+   [10]: <https://blog.cihar.com/archives/debian/>
+   [11]: <https://blog.cihar.com/archives/english/>
+   [12]: <https://blog.cihar.com/archives/suse/>
+   [13]: <https://blog.cihar.com/archives/weblate/>
+
+
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p><a href="https://weblate.org/">Weblate 2.17</a> has been released today. There are quite some performance improvements, improved search, improved access control settings and various other improvements.</p>
+<p>Full list of changes:</p>
+<ul>
+<li>Weblate by default does shallow Git clones now.</li>
+<li>Improved performance when updating large translation files.</li>
+<li>Added support for blocking certain emails from registration.</li>
+<li>Users can now delete their own comments.</li>
+<li>Added preview step to search and replace feature.</li>
+<li>Client side persistence of settings in search and upload forms.</li>
+<li>Extended search capabilities.</li>
+<li>More fine grained per project ACL configuration.</li>
+<li>Default value of BASE_DIR has been changed. </li>
+<li>Added two step account removal to prevent accidental removal.</li>
+<li>Project access control settings is now editable.</li>
+<li>Added optional spam protection for suggestions using Akismet.</li>
+</ul>
+<p>Update: The bugfix 2.17.1 is out as well, fixing  testsuite errors in some setups:</p>
+<ul>
+<li>Fixed running testsuite in some specific situations.</li>
+<li>Locales updates.</li>
+</ul>
+<p>If you are upgrading from older version, please follow our <a href="https://docs.weblate.org/en/latest/admin/upgrade.html">upgrading instructions</a>.</p>
+<p>You can find more information about <a href="https://weblate.org/">Weblate</a> on <a href="https://weblate.org">https://weblate.org</a>, the code is hosted on <a href="https://github.com/WeblateOrg/weblate">Github</a>. If you are curious how it looks, you can try it out on <a href="http:s//demo.weblate.org/">demo server</a>. You can login there with <code>demo</code> account using <code>demo</code> password or register your own user. <a href="https://weblate.org/">Weblate</a> is also being used on <a href="https://hosted.weblate.org/">https://hosted.weblate.org/</a> as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.</p>
+<p>Should you be looking for hosting of translations for your project, I'm happy to <a href="https://weblate.org/hosting/">host them for you</a> or help with setting it up on your infrastructure.</p>
+<p>Further development of Weblate would not be possible without people <a href="https://weblate.org/donate/">providing donations</a>, thanks to everybody who have helped so far! The <a href="https://github.com/WeblateOrg/weblate/milestone/31">roadmap for next release</a> is just being prepared, you can influence this by expressing support for individual issues either by comments or by <a href="https://www.bountysource.com/teams/weblate/issues">providing bounty for them</a>.</p>
+
+<p style="font-size: smaller;">
+Filed under: 
 
-Filed under: [Debian][10] [English][11] [SUSE][12] [Weblate][13]
+<a href="https://blog.cihar.com/archives/debian/">Debian</a>
 
-   [10]: <https://blog.cihar.com/archives/debian/>
-   [11]: <https://blog.cihar.com/archives/english/>
-   [12]: <https://blog.cihar.com/archives/suse/>
-   [13]: <https://blog.cihar.com/archives/weblate/>
+<a href="https://blog.cihar.com/archives/english/">English</a>
 
+<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
+
+<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
 
+</p>
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 11:58:45 2017
@@ -4251,48 +4251,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: =?utf-8?q?Shirish_Agarwal=3A_I_need_to_speak_up_now_X_=E2=80=93_Economics?=
 Message-ID: http-flossexperiences-wordpress-com-p-4100
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://flossexperiences.wordpress.com/2017/10/13/i-need-to-speak-up-now-x-economics/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/shirish.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Dear all,</p>
-<p>This would be a longish blog post (as most of mine are) compiled over days but as there is so short a time and so much to share.</p>
-<p>I had previously thought to share beautiful photographs of Ganesh mandals taking out the procession at time of <a href="https://en.wikipedia.org/wiki/Ganesh_Chaturthi#In_public" rel="noopener" target="_blank">immersion</a> of the idol or the last day of <a href="https://en.wikipedia.org/wiki/Durga_Puja" rel="noopener" target="_blank">Durga Puja</a> recent events around do not make my mood to share photos at this point in time. I may share some of them in a future blog post or two .</p>
-<p>Before going further, I would like to offer my sympathies and condolences to people hurt and dislocated in <a href="https://en.wikipedia.org/wiki/Hurricane_Irma" rel="noopener" target="_blank">Hurricane Irma</a> , the <a href="https://en.wikipedia.org/wiki/2017_Central_Mexico_earthquake" rel="noopener" target="_blank">2017 Central Mexico Earthquake</a> and lastly the most recent <a href="https://en.wikipedia.org/wiki/2017_Las_Vegas_Strip_shooting" rel="noopener" target="_blank">Las Vegas shooting</a> as well as <a href="https://en.wikipedia.org/wiki/Hurricane_Maria" rel="noopener" target="_blank">Hurricane Maria</a> in Puerto Rico . I am somewhat nonplussed as to why Americans always want to name, especially hurricanes which destroy people’s lives and livelihood built over generations and why most of the hurricanes are named after women. A look at weather.com <a href="https://weather.com/storms/hurricane/news/tropical-storm-hurricane-names-20130626#/!" rel="noopener" target="_blank">site</a> unveiled the answer to the mystery.</p>
-<p>Ironically (or not) I saw some of the best science coverage about Earthquakes or anything scientific reporting and analysis after a long time in mainstream newspapers in India.</p>
-<p>On another note, I don’t understand or even expect to understand why the gunman did what he did 2 days back. Country music AFAIK is one of the most chilled-out kind of music, in some ways very similar to classical Indian singing although they are worlds apart in style of singing, renditions, artists, the way they emote etc. I seriously wish that the gunman had not been shot but caught and reasons were sought about what he did, he did. While this is certainly armchair thinking as was not at the scene of crime, but if a Mumbai Police constable could do it around a decade <a>ago</a> armed only with a <a href="https://en.wikipedia.org/wiki/Stick-fighting" rel="noopener" target="_blank">lathi</a> could do it, why couldn’t the American cops who probably are trained in innumerable ways to subdue people without killing them, did. While investigations are on, I suspect if he were caught just like <a href="https://en.wikipedia.org/wiki/Ajmal_Kasab" rel="noopener" target="_blank">Ajmal Kasab</a> was caught then lot of revelations might have come up. From what is known, the gentleman was upwardly mobile i.e. he was white, rich and apparently had no reason to have beef with anybody especially a crowd swaying to some nice music, all of which makes absolutely no sense.</p>
-<p><strong>Indian Economy ‘Slowdown’</strong></p>
-<p>Anyways, back to one of the main reasons of writing this blog post. Few days back, an ex-finance Minister of India <a href="https://en.wikipedia.org/wiki/Yashwant_Sinha" rel="noopener" target="_blank">Yashwant Sinha</a> wrote what was felt by probably millions of Indians, an Indian Express article called ‘<a href="http://indianexpress.com/article/opinion/columns/yashwant-sinha-arun-jaitley-gst-demonetisation-narendra-modi-economy-bjp-i-need-to-speak-up-now-4862716/" rel="noopener" target="_blank">I need to speak up now</a>‘</p>
-<p>While there have been many, many arguments made since then by various people. A simple search of ‘I need to speak up’ would lead to lead to many a result besides the one I have shared above. The only exception I have with the article is the line “Forty leading companies of the country are already facing bankruptcy proceedings. Many more are likely to follow suit.” I would not bore you but you ask any entrepreneur trying to set up shop in India i.e. ones who actually go through the processes of getting all the licenses for setting up even a small businesses as to the numerous hurdles they have to overcome and laid-back corrupt bureaucracy which they have to overcome. I could have interviewed some of my friends who had the conviction and the courage to set up shop and spent more than half a decade getting all the necessary licenses and approval to set up but it probably would be too specific for one industry or the other and would lead to the same result.</p>
-<p>Co-incidentally, a new restaurant, <a href="https://www.zomato.com/pune/the-leaf-shivaji-nagar" rel="noopener" target="_blank">leaf</a> opened in my vicinity few weeks before. From the looks it looked like a high-brow, high-priced restaurant hence like many others I did not venture in. After a few days, they introduced south-Indian delicacies like <a href="https://en.wikipedia.org/wiki/Masala_dosa" rel="noopener" target="_blank">Masala Dosa</a>, <a href="https://en.wikipedia.org/wiki/Uttapam" rel="noopener" target="_blank">Uttapam</a> at prices similar to other restaurants around. So I ventured in and bought some south Indian food to consume between mum and me.</p>
-<p>Few days later, I became friends with the owner/franchisee and I suggested (in a friendly tone) that why he doesn’t make it like a <a href="https://en.wikipedia.org/wiki/Caf%C3%A9_Coffee_Day" rel="noopener" target="_blank">CCD</a> play where many people including yours truly use the service to share, strategize and meet with clients.</p>
-<p>The CCD joints usually serve coffee and snacks (which are over-priced but still run out pretty fast) but people come as they have chilled-out atmosphere and Wi-Fi access which people need for their smartphones, although the Wi-Fi part may soon become redundant With <a href="https://en.wikipedia.org/wiki/Jio" rel="noopener" target="_blank">Reliance Jio</a> making a big play.</p>
-<p>I also shared why he doesn’t add more variety and time (the south Indian items are time-limited) as I see/saw many empty chairs there.</p>
-<p>Anyways, the shop-owner/franchisee shared his gross costs including salary, stocking, electricity, rent and it doesn’t pan out to be serving Rs.80/- dish (roughly a 1US dollar and 25 cents) then serving INR Rs. 400/- a dish (around 6 $USD). One round of INR 400/- + dishes make his costs for the day, around 12 tables were there. It’s when they have two full rounds of dishes costing INR 400/- or more that he actually has profits and he is predicting loss for at least 6 months to a year before he makes a rebound. He needs steady customers rather than just walk-ins that will make his business work/click. Currently his family is bearing the costs. He didn’t mention the taxes although I know apart from <a href="https://en.wikipedia.org/wiki/Goods_and_Services_Tax_(India)" rel="noopener" target="_blank">GST</a> there are still some local body taxes that they will have to pay and comply with.</p>
-<p>There are a multitude of problems for shutting a shop legally as well as they have to again renavigate the bureaucracy for the same. I have seen more than a few retailers downing their shutters for 6-8 months and then either sell it to new management, let go of the lease or simply sell the property to a competitor. The <a href="https://en.wikipedia.org/wiki/Insolvency_and_Bankruptcy_Code" rel="noopener" target="_blank">Insolvency and Bankruptcy Code</a> is probably the first proper exit policy for large companies. So the 40 odd companies that Mr. Sinha were talking about were probably sick for a long time.</p>
-<p>In India, there is also an additional shame of being a failed entrepreneur unlike in the west where Entrepreneurs start on their next venture. As seen from <a href="https://en.wikipedia.org/wiki/Retailing_in_India" rel="noopener" target="_blank">Retailing In India</a> only 3.3% of the population or at the most 4% of the population is directly or indirectly linked with the retail trade. Most of the economy still derives its wealth from the agrarian sector which is still reeling under the pressure from <a href="https://en.wikipedia.org/wiki/2016_Indian_banknote_demonetisation" rel="noopener" target="_blank">demonetization</a> which happened last year. Al jazeera surprisingly <a href="http://www.aljazeera.com/indepth/opinion/2016/12/india-demonetisaton-quagmire-victims-161204101742156.html" rel="noopener" target="_blank">portrayed</a> a truer picture of the effects demonetization had on common citizen than many Indian newspapers did at the time. Because of the South African Debconf, I had to resort to debit cards and hence was able to escape standing in long lines in which many an old and women perished.</p>
-<p>It is only yesterday that the Government has acknowledged which many prominent Indians have been saying for months now, that we are in a ‘<a href="http://www.thehindu.com/opinion/op-ed/can-india-beat-this-slowdown/article8245411.ece" rel="noopener" target="_blank">slowdown</a>‘. Be aware of the terms being used for effect by the Prime Minister. There are <a href="https://qz.com/1099133/modis-roadmap-to-revive-indias-gdp-growth-wont-get-the-support-of-private-investment-anytime-soon/" rel="noopener" target="_blank">two</a> <a href="http://www.hindustantimes.com/business-news/indian-economy-in-slowdown-5-things-pm-modi-can-do-to-fire-growth/story-7KayaXaZl04RRIwHOsRnhO.html" rel="noopener" target="_blank">articles</a> which outlines the troubles India is in atm. The only bright spot has been e-commerce which so far has eluded GST although the Govt. has claimed regulations to put it in check.</p>
-<p><strong>Indian Education System </strong></p>
-<p>Interestingly, <a href="https://en.wikipedia.org/wiki/Ravish_Kumar" rel="noopener" target="_blank">Ravish Kumar</a> has started a series on <a href="https://en.wikipedia.org/wiki/NDTV_India" rel="noopener" target="_blank">NDTV</a> where he is showcasing how Indian education sector, especially public colleges have been left to teachers on contract basis, see the first <a href="https://www.youtube.com/watch?v=r7-GQH-G-Ns&amp;index=7&amp;list=PLpSN4vP31-KvMP3DLA3vnPVtPHb-FtRA2" rel="noopener" target="_blank">four episodes</a> on NDTV channel starting with the first one I have shared as a hyperlink. I apologize as the series is in Hindi as the channel is meant for Indians and is mostly limited to Northern areas of the Country (mostly) although he has been honest that it is because they lack resources to tackle the amount of information flowing to them. Ravish started the series with sharing information about the U.S. where the things are similar with some <a href="http://www.sfgate.com/local/article/High-cost-of-living-forces-San-Jose-State-12164855.php" rel="noopener" target="_blank">teachers</a> needing to sleep in cars because of high-cost of living to some needing to turn to <a href="https://www.theguardian.com/us-news/2017/sep/28/adjunct-professors-homeless-sex-work-academia-poverty" rel="noopener" target="_blank">sex-work</a> . I was shocked when I read the guardian article, that is no way to treat our teachers.I went on to read <a href="https://junctrebellion.wordpress.com/how-the-american-university-was-killed/" rel="noopener" target="_blank">‘How the American University was Killed</a>‘ following the breadcrumbs along the way. Reading that it seems Indians have been following the American system playbook from the 1980’s itself. The article talks about HMO as well and that seems to have followed here as well with my own experience of hospital fees and drugs which I had to entail a few weeks/month ago.</p>
-<p>Few years ago, when me and some of my friends had the teaching bug and we started teaching in a nearby municipal school, couple of teachers had shared that they were doing 2-3 jobs to make ends meet. I don’t know about others in my group, at least I was cynical because I thought all the teachers were permanent and they make good money only to realize now that the person was probably speaking the truth. When you have to do three jobs to make ends meet from where do you bring the passion to teach young people and that too outside the syllabus ?</p>
-<p>Also, with this new knowledge in hindsight, I take back all my comments I made last year and the year before for the pathetic education being put up by the State. With teachers being paid pathetically/underpaid and almost 60% teachers being ad-hoc/adjunct teachers they have to find ways to have some sense of security. Most teachers are bachelors as they are poor and cannot offer any security (either male or female) and for women, after marriage it actually makes no sense for them to continue in this profession. I salute all the professors who are ad-hoc in nature and probably will never get a permanent position in their life.</p>
-<p>I think in some way, thanx to him, that the government has chosen to give <a href="http://www.dnaindia.com/business/report-7th-pay-commission-early-diwali-for-8-lakh-teachers-as-govt-approves-pay-hike-2552286" rel="noopener" target="_blank">7th pay commisson salary</a> to teachers. While the numbers may appear be large, there are a lot of questions as to how many people will actually get paid. There needs to be lot of vacancies which need to be filled quickly but don’t see any solution in the next 2-3 years as well. The Government has taken a position to use/re-hire retired teachers rather than have new young teachers as an unwritten policy. In this <a href="https://en.wikipedia.org/wiki/Digital_India" rel="noopener" target="_blank">Digital India</a> context how are retired teachers supposed to understand and then pass on digital concepts is beyond me when at few teacher trainings I have seen they lack even the most basic knowledge that I learnt at least a decade or two ago, the difference is that vast. I just don’t know what to say to that. My own experience with my own mother who had pretty good education in her time and probably would have made a fine business-woman if she knew that she will have a child that she would have to raise by herself alone (along with maternal grand-parents) is testimonial to the fact how hard it is for older people to grasp technology and here I’m talking just using the interface as a consumer rather than a producer or someone in-between who has the idea of how companies and governments profit from whatever data is shared one way or the other. </p>
-<p>After watching the series/episodes and discussing the issue with my mother it was revealed that both her and my late maternal grandfather were on casual/ad-hoc basis till 20-25 years in their service in the defense sector. If Ravish were to do a series on the defense sector he probably would find the same thing there. To add to that, the defense sector is a vital component to a country’s security. If 60% of the defense staff in all defense establishments have temporary staff how do you ensure the loyalty of the people working therein. That brings to my mind ‘Ignorance is bliss’.</p>
-<p><strong> Software development and deployment </strong></p>
-<p>There is another worry that all are skirting around, the present dispensation/government’s mantra is ‘minimum government-maximum governance’ with digital technologies having all solutions which is leading to massive unemployment. Also from most of the stories/incidents I read in the newspapers, mainstream media and elsewhere it seems most software deployments done in India are done without having any system of internal checks and balances. There is no ‘<a href="https://tracker.debian.org/pkg/lintian" rel="noopener" target="_blank">lintian</a>‘ for software to be implemented. Contracts seem to be given to big companies and there is no mention of what prerequisites or conditions were laid down by the Government for software development and deployment and if any checks were done to ensure that the software being developed was in according to government specifications or not. Ideally this should all be in public domain so that questions can be asked and responsibility fixed if things go haywire, as currently they do not.</p>
-<p><strong>Software issue</strong>s</p>
-<p>As my health been not that great, I have been taking a bit more time and depth while filing bugs. <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877638" rel="noopener" target="_blank">#877638</a> is a good example. I suspect though that part of the problem might be that mate has moved to gtk3 while guake still has gtk-2 bindings. I also reported the issue upstream both in <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank">mate-panel</a> as well as <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank">guake</a> . I haven’t received any response from either <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank"> or/and </a> <a>upstreams </a>.</p>
-<p>I also have been fiddling around with gdb to better understand the tool so I can exploit/use this tool in a better way. There are some commands within the gdb interface which seem to be interesting and hopefully I’ll try how the commands perform over days, weeks to a month. I hope we see more action on the mate-panel/guake bug as well as move of guake to gtk+3 but that what seemingly seemed like wait for <a href="https://github.com/Guake/guake/issues?q=is%3Aopen+is%3Aissue+label%3A%22Guake+3+Rewrite%22" rel="noopener" target="_blank">eternity</a> seems to have <a href="https://github.com/Guake/guake/issues/1009" rel="noopener" target="_blank">done</a> by somebody in last couple of days. As shared in the ticket there are lots of things still to do but it seems the heavy lifting has been done but seems merging will be tricky as two developers have been trying to update to gtk+3 although <a href="https://github.com/aichingm/" rel="noopener" target="_blank">aichingm </a> seems to have a leg up with his <a href="https://github.com/aichingm/guake/tree/3!" rel="noopener" target="_blank">3!</a> branch.</p>
-<p>Another interesting thing I saw is the below picture. </p>
-<p><img alt="Firefox is out of date on wordpress.com" src="https://flossexperiences.files.wordpress.com/2017/10/wordpress-dashboard-firefox-lts-out-of-date.png?w=538" /></p>
-<p>The firefox version I was using to test the site/wordpress-wp-admin was Mozilla Firefox 52.4.0 which AFAIK is a pretty recentish one and people using Debian stretch would probably be using the same version (firefox stable/LTS) rather than the more recent versions. I went to the link it linked <a href="http://browsehappy.com/?locale=en" rel="noopener" target="_blank">to</a> and it gave no indication as to why it thought my browser is out-of-date and what functionality was/is missing. I have found that wordpress support has declined quite a bit and people don’t seem to use the forums as much as they used to before. </p>
-<p>I also filed a few bugs for qalculate. <a href="http://bugs.debian.org/877716" rel="noopener" target="_blank">#877716</a> where a supposedly transitional package removes the actual application, <a href="http://bugs.debian.org/877717" rel="noopener" target="_blank">#877717</a> as the software has moved its repo. to github.com as well as tickets and other things in process and lastly <a href="http://bugs.debian.org/877733" rel="noopener" target="_blank">#877733</a>. I had been searching for a calculator which can do currency calculations on the fly (say for e.g. doing personal budgeting for Taiwan debconf) without needing to manually enter the conversion rates and losing something in the middle. While the current version has support for some limited currencies, the new versions promise more as other people probably have more diverse needs for currency conversions (people who do long or short on oil, stocks overseas is just one example, I am sure there are many others) than simplistic mine. </p><br />Filed under: <a href="https://flossexperiences.wordpress.com/category/miscellenous/">Miscellenous</a> Tagged: <a href="https://flossexperiences.wordpress.com/tag/american-education-system/">#American Education System</a>, <a href="https://flossexperiences.wordpress.com/tag/bug-filing/">#bug-filing</a>, <a href="https://flossexperiences.wordpress.com/tag/climate-change/">#Climate change</a>, <a href="https://flossexperiences.wordpress.com/tag/dignity/">#Dignity</a>, <a href="https://flossexperiences.wordpress.com/tag/e-commerce/">#e-commerce</a>, <a href="https://flossexperiences.wordpress.com/tag/gtk3/">#gtk+3</a>, <a href="https://flossexperiences.wordpress.com/tag/gtk2/">#gtk2</a>, <a href="https://flossexperiences.wordpress.com/tag/indian-economy-slowdown/">#Indian Economy 'Slowdown'</a>, <a href="https://flossexperiences.wordpress.com/tag/indian-education-system/">#Indian Education System</a>, <a href="https://flossexperiences.wordpress.com/tag/insolvency-and-bankruptcy-code/">#Insolvency and Bankruptcy Code</a>, <a href="https://flossexperiences.wordpress.com/tag/las-vegas-shooting/">#Las Vegas shooting</a>, <a href="https://flossexperiences.wordpress.com/tag/modern-retail-in-india/">#Modern Retail in India</a>, <a href="https://flossexperiences.wordpress.com/tag/planet-debian/">#planet-debian</a>, <a href="https://flossexperiences.wordpress.com/tag/qalculate/">#qalculate</a>, <a href="https://flossexperiences.wordpress.com/tag/ad-hoc-and-adjunct-professors/">Ad-hoc and Adjunct Professors</a>, <a href="https://flossexperiences.wordpress.com/tag/wordpress-com/">wordpress.com</a> <a href="http://feeds.wordpress.com/1.0/gocomments/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/godelicious/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/delicious/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gofacebook/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/facebook/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gotwitter/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/twitter/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gostumble/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/stumble/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/godigg/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/digg/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/goreddit/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/reddit/flossexperiences.wordpress.com/4100/" /></a>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4644,6 +4607,43 @@ shooting][55], [#Modern Retail in India][56], [#planet-debian][57],
    [67]: <http://feeds.wordpress.com/1.0/goreddit/flossexperiences.wordpress.com/4100/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/shirish.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Dear all,</p>
+<p>This would be a longish blog post (as most of mine are) compiled over days but as there is so short a time and so much to share.</p>
+<p>I had previously thought to share beautiful photographs of Ganesh mandals taking out the procession at time of <a href="https://en.wikipedia.org/wiki/Ganesh_Chaturthi#In_public" rel="noopener" target="_blank">immersion</a> of the idol or the last day of <a href="https://en.wikipedia.org/wiki/Durga_Puja" rel="noopener" target="_blank">Durga Puja</a> recent events around do not make my mood to share photos at this point in time. I may share some of them in a future blog post or two .</p>
+<p>Before going further, I would like to offer my sympathies and condolences to people hurt and dislocated in <a href="https://en.wikipedia.org/wiki/Hurricane_Irma" rel="noopener" target="_blank">Hurricane Irma</a> , the <a href="https://en.wikipedia.org/wiki/2017_Central_Mexico_earthquake" rel="noopener" target="_blank">2017 Central Mexico Earthquake</a> and lastly the most recent <a href="https://en.wikipedia.org/wiki/2017_Las_Vegas_Strip_shooting" rel="noopener" target="_blank">Las Vegas shooting</a> as well as <a href="https://en.wikipedia.org/wiki/Hurricane_Maria" rel="noopener" target="_blank">Hurricane Maria</a> in Puerto Rico . I am somewhat nonplussed as to why Americans always want to name, especially hurricanes which destroy people’s lives and livelihood built over generations and why most of the hurricanes are named after women. A look at weather.com <a href="https://weather.com/storms/hurricane/news/tropical-storm-hurricane-names-20130626#/!" rel="noopener" target="_blank">site</a> unveiled the answer to the mystery.</p>
+<p>Ironically (or not) I saw some of the best science coverage about Earthquakes or anything scientific reporting and analysis after a long time in mainstream newspapers in India.</p>
+<p>On another note, I don’t understand or even expect to understand why the gunman did what he did 2 days back. Country music AFAIK is one of the most chilled-out kind of music, in some ways very similar to classical Indian singing although they are worlds apart in style of singing, renditions, artists, the way they emote etc. I seriously wish that the gunman had not been shot but caught and reasons were sought about what he did, he did. While this is certainly armchair thinking as was not at the scene of crime, but if a Mumbai Police constable could do it around a decade <a>ago</a> armed only with a <a href="https://en.wikipedia.org/wiki/Stick-fighting" rel="noopener" target="_blank">lathi</a> could do it, why couldn’t the American cops who probably are trained in innumerable ways to subdue people without killing them, did. While investigations are on, I suspect if he were caught just like <a href="https://en.wikipedia.org/wiki/Ajmal_Kasab" rel="noopener" target="_blank">Ajmal Kasab</a> was caught then lot of revelations might have come up. From what is known, the gentleman was upwardly mobile i.e. he was white, rich and apparently had no reason to have beef with anybody especially a crowd swaying to some nice music, all of which makes absolutely no sense.</p>
+<p><strong>Indian Economy ‘Slowdown’</strong></p>
+<p>Anyways, back to one of the main reasons of writing this blog post. Few days back, an ex-finance Minister of India <a href="https://en.wikipedia.org/wiki/Yashwant_Sinha" rel="noopener" target="_blank">Yashwant Sinha</a> wrote what was felt by probably millions of Indians, an Indian Express article called ‘<a href="http://indianexpress.com/article/opinion/columns/yashwant-sinha-arun-jaitley-gst-demonetisation-narendra-modi-economy-bjp-i-need-to-speak-up-now-4862716/" rel="noopener" target="_blank">I need to speak up now</a>‘</p>
+<p>While there have been many, many arguments made since then by various people. A simple search of ‘I need to speak up’ would lead to lead to many a result besides the one I have shared above. The only exception I have with the article is the line “Forty leading companies of the country are already facing bankruptcy proceedings. Many more are likely to follow suit.” I would not bore you but you ask any entrepreneur trying to set up shop in India i.e. ones who actually go through the processes of getting all the licenses for setting up even a small businesses as to the numerous hurdles they have to overcome and laid-back corrupt bureaucracy which they have to overcome. I could have interviewed some of my friends who had the conviction and the courage to set up shop and spent more than half a decade getting all the necessary licenses and approval to set up but it probably would be too specific for one industry or the other and would lead to the same result.</p>
+<p>Co-incidentally, a new restaurant, <a href="https://www.zomato.com/pune/the-leaf-shivaji-nagar" rel="noopener" target="_blank">leaf</a> opened in my vicinity few weeks before. From the looks it looked like a high-brow, high-priced restaurant hence like many others I did not venture in. After a few days, they introduced south-Indian delicacies like <a href="https://en.wikipedia.org/wiki/Masala_dosa" rel="noopener" target="_blank">Masala Dosa</a>, <a href="https://en.wikipedia.org/wiki/Uttapam" rel="noopener" target="_blank">Uttapam</a> at prices similar to other restaurants around. So I ventured in and bought some south Indian food to consume between mum and me.</p>
+<p>Few days later, I became friends with the owner/franchisee and I suggested (in a friendly tone) that why he doesn’t make it like a <a href="https://en.wikipedia.org/wiki/Caf%C3%A9_Coffee_Day" rel="noopener" target="_blank">CCD</a> play where many people including yours truly use the service to share, strategize and meet with clients.</p>
+<p>The CCD joints usually serve coffee and snacks (which are over-priced but still run out pretty fast) but people come as they have chilled-out atmosphere and Wi-Fi access which people need for their smartphones, although the Wi-Fi part may soon become redundant With <a href="https://en.wikipedia.org/wiki/Jio" rel="noopener" target="_blank">Reliance Jio</a> making a big play.</p>
+<p>I also shared why he doesn’t add more variety and time (the south Indian items are time-limited) as I see/saw many empty chairs there.</p>
+<p>Anyways, the shop-owner/franchisee shared his gross costs including salary, stocking, electricity, rent and it doesn’t pan out to be serving Rs.80/- dish (roughly a 1US dollar and 25 cents) then serving INR Rs. 400/- a dish (around 6 $USD). One round of INR 400/- + dishes make his costs for the day, around 12 tables were there. It’s when they have two full rounds of dishes costing INR 400/- or more that he actually has profits and he is predicting loss for at least 6 months to a year before he makes a rebound. He needs steady customers rather than just walk-ins that will make his business work/click. Currently his family is bearing the costs. He didn’t mention the taxes although I know apart from <a href="https://en.wikipedia.org/wiki/Goods_and_Services_Tax_(India)" rel="noopener" target="_blank">GST</a> there are still some local body taxes that they will have to pay and comply with.</p>
+<p>There are a multitude of problems for shutting a shop legally as well as they have to again renavigate the bureaucracy for the same. I have seen more than a few retailers downing their shutters for 6-8 months and then either sell it to new management, let go of the lease or simply sell the property to a competitor. The <a href="https://en.wikipedia.org/wiki/Insolvency_and_Bankruptcy_Code" rel="noopener" target="_blank">Insolvency and Bankruptcy Code</a> is probably the first proper exit policy for large companies. So the 40 odd companies that Mr. Sinha were talking about were probably sick for a long time.</p>
+<p>In India, there is also an additional shame of being a failed entrepreneur unlike in the west where Entrepreneurs start on their next venture. As seen from <a href="https://en.wikipedia.org/wiki/Retailing_in_India" rel="noopener" target="_blank">Retailing In India</a> only 3.3% of the population or at the most 4% of the population is directly or indirectly linked with the retail trade. Most of the economy still derives its wealth from the agrarian sector which is still reeling under the pressure from <a href="https://en.wikipedia.org/wiki/2016_Indian_banknote_demonetisation" rel="noopener" target="_blank">demonetization</a> which happened last year. Al jazeera surprisingly <a href="http://www.aljazeera.com/indepth/opinion/2016/12/india-demonetisaton-quagmire-victims-161204101742156.html" rel="noopener" target="_blank">portrayed</a> a truer picture of the effects demonetization had on common citizen than many Indian newspapers did at the time. Because of the South African Debconf, I had to resort to debit cards and hence was able to escape standing in long lines in which many an old and women perished.</p>
+<p>It is only yesterday that the Government has acknowledged which many prominent Indians have been saying for months now, that we are in a ‘<a href="http://www.thehindu.com/opinion/op-ed/can-india-beat-this-slowdown/article8245411.ece" rel="noopener" target="_blank">slowdown</a>‘. Be aware of the terms being used for effect by the Prime Minister. There are <a href="https://qz.com/1099133/modis-roadmap-to-revive-indias-gdp-growth-wont-get-the-support-of-private-investment-anytime-soon/" rel="noopener" target="_blank">two</a> <a href="http://www.hindustantimes.com/business-news/indian-economy-in-slowdown-5-things-pm-modi-can-do-to-fire-growth/story-7KayaXaZl04RRIwHOsRnhO.html" rel="noopener" target="_blank">articles</a> which outlines the troubles India is in atm. The only bright spot has been e-commerce which so far has eluded GST although the Govt. has claimed regulations to put it in check.</p>
+<p><strong>Indian Education System </strong></p>
+<p>Interestingly, <a href="https://en.wikipedia.org/wiki/Ravish_Kumar" rel="noopener" target="_blank">Ravish Kumar</a> has started a series on <a href="https://en.wikipedia.org/wiki/NDTV_India" rel="noopener" target="_blank">NDTV</a> where he is showcasing how Indian education sector, especially public colleges have been left to teachers on contract basis, see the first <a href="https://www.youtube.com/watch?v=r7-GQH-G-Ns&amp;index=7&amp;list=PLpSN4vP31-KvMP3DLA3vnPVtPHb-FtRA2" rel="noopener" target="_blank">four episodes</a> on NDTV channel starting with the first one I have shared as a hyperlink. I apologize as the series is in Hindi as the channel is meant for Indians and is mostly limited to Northern areas of the Country (mostly) although he has been honest that it is because they lack resources to tackle the amount of information flowing to them. Ravish started the series with sharing information about the U.S. where the things are similar with some <a href="http://www.sfgate.com/local/article/High-cost-of-living-forces-San-Jose-State-12164855.php" rel="noopener" target="_blank">teachers</a> needing to sleep in cars because of high-cost of living to some needing to turn to <a href="https://www.theguardian.com/us-news/2017/sep/28/adjunct-professors-homeless-sex-work-academia-poverty" rel="noopener" target="_blank">sex-work</a> . I was shocked when I read the guardian article, that is no way to treat our teachers.I went on to read <a href="https://junctrebellion.wordpress.com/how-the-american-university-was-killed/" rel="noopener" target="_blank">‘How the American University was Killed</a>‘ following the breadcrumbs along the way. Reading that it seems Indians have been following the American system playbook from the 1980’s itself. The article talks about HMO as well and that seems to have followed here as well with my own experience of hospital fees and drugs which I had to entail a few weeks/month ago.</p>
+<p>Few years ago, when me and some of my friends had the teaching bug and we started teaching in a nearby municipal school, couple of teachers had shared that they were doing 2-3 jobs to make ends meet. I don’t know about others in my group, at least I was cynical because I thought all the teachers were permanent and they make good money only to realize now that the person was probably speaking the truth. When you have to do three jobs to make ends meet from where do you bring the passion to teach young people and that too outside the syllabus ?</p>
+<p>Also, with this new knowledge in hindsight, I take back all my comments I made last year and the year before for the pathetic education being put up by the State. With teachers being paid pathetically/underpaid and almost 60% teachers being ad-hoc/adjunct teachers they have to find ways to have some sense of security. Most teachers are bachelors as they are poor and cannot offer any security (either male or female) and for women, after marriage it actually makes no sense for them to continue in this profession. I salute all the professors who are ad-hoc in nature and probably will never get a permanent position in their life.</p>
+<p>I think in some way, thanx to him, that the government has chosen to give <a href="http://www.dnaindia.com/business/report-7th-pay-commission-early-diwali-for-8-lakh-teachers-as-govt-approves-pay-hike-2552286" rel="noopener" target="_blank">7th pay commisson salary</a> to teachers. While the numbers may appear be large, there are a lot of questions as to how many people will actually get paid. There needs to be lot of vacancies which need to be filled quickly but don’t see any solution in the next 2-3 years as well. The Government has taken a position to use/re-hire retired teachers rather than have new young teachers as an unwritten policy. In this <a href="https://en.wikipedia.org/wiki/Digital_India" rel="noopener" target="_blank">Digital India</a> context how are retired teachers supposed to understand and then pass on digital concepts is beyond me when at few teacher trainings I have seen they lack even the most basic knowledge that I learnt at least a decade or two ago, the difference is that vast. I just don’t know what to say to that. My own experience with my own mother who had pretty good education in her time and probably would have made a fine business-woman if she knew that she will have a child that she would have to raise by herself alone (along with maternal grand-parents) is testimonial to the fact how hard it is for older people to grasp technology and here I’m talking just using the interface as a consumer rather than a producer or someone in-between who has the idea of how companies and governments profit from whatever data is shared one way or the other. </p>
+<p>After watching the series/episodes and discussing the issue with my mother it was revealed that both her and my late maternal grandfather were on casual/ad-hoc basis till 20-25 years in their service in the defense sector. If Ravish were to do a series on the defense sector he probably would find the same thing there. To add to that, the defense sector is a vital component to a country’s security. If 60% of the defense staff in all defense establishments have temporary staff how do you ensure the loyalty of the people working therein. That brings to my mind ‘Ignorance is bliss’.</p>
+<p><strong> Software development and deployment </strong></p>
+<p>There is another worry that all are skirting around, the present dispensation/government’s mantra is ‘minimum government-maximum governance’ with digital technologies having all solutions which is leading to massive unemployment. Also from most of the stories/incidents I read in the newspapers, mainstream media and elsewhere it seems most software deployments done in India are done without having any system of internal checks and balances. There is no ‘<a href="https://tracker.debian.org/pkg/lintian" rel="noopener" target="_blank">lintian</a>‘ for software to be implemented. Contracts seem to be given to big companies and there is no mention of what prerequisites or conditions were laid down by the Government for software development and deployment and if any checks were done to ensure that the software being developed was in according to government specifications or not. Ideally this should all be in public domain so that questions can be asked and responsibility fixed if things go haywire, as currently they do not.</p>
+<p><strong>Software issue</strong>s</p>
+<p>As my health been not that great, I have been taking a bit more time and depth while filing bugs. <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877638" rel="noopener" target="_blank">#877638</a> is a good example. I suspect though that part of the problem might be that mate has moved to gtk3 while guake still has gtk-2 bindings. I also reported the issue upstream both in <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank">mate-panel</a> as well as <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank">guake</a> . I haven’t received any response from either <a href="https://github.com/mate-desktop/mate-panel/issues/666" rel="noopener" target="_blank"> or/and </a> <a>upstreams </a>.</p>
+<p>I also have been fiddling around with gdb to better understand the tool so I can exploit/use this tool in a better way. There are some commands within the gdb interface which seem to be interesting and hopefully I’ll try how the commands perform over days, weeks to a month. I hope we see more action on the mate-panel/guake bug as well as move of guake to gtk+3 but that what seemingly seemed like wait for <a href="https://github.com/Guake/guake/issues?q=is%3Aopen+is%3Aissue+label%3A%22Guake+3+Rewrite%22" rel="noopener" target="_blank">eternity</a> seems to have <a href="https://github.com/Guake/guake/issues/1009" rel="noopener" target="_blank">done</a> by somebody in last couple of days. As shared in the ticket there are lots of things still to do but it seems the heavy lifting has been done but seems merging will be tricky as two developers have been trying to update to gtk+3 although <a href="https://github.com/aichingm/" rel="noopener" target="_blank">aichingm </a> seems to have a leg up with his <a href="https://github.com/aichingm/guake/tree/3!" rel="noopener" target="_blank">3!</a> branch.</p>
+<p>Another interesting thing I saw is the below picture. </p>
+<p><img alt="Firefox is out of date on wordpress.com" src="https://flossexperiences.files.wordpress.com/2017/10/wordpress-dashboard-firefox-lts-out-of-date.png?w=538" /></p>
+<p>The firefox version I was using to test the site/wordpress-wp-admin was Mozilla Firefox 52.4.0 which AFAIK is a pretty recentish one and people using Debian stretch would probably be using the same version (firefox stable/LTS) rather than the more recent versions. I went to the link it linked <a href="http://browsehappy.com/?locale=en" rel="noopener" target="_blank">to</a> and it gave no indication as to why it thought my browser is out-of-date and what functionality was/is missing. I have found that wordpress support has declined quite a bit and people don’t seem to use the forums as much as they used to before. </p>
+<p>I also filed a few bugs for qalculate. <a href="http://bugs.debian.org/877716" rel="noopener" target="_blank">#877716</a> where a supposedly transitional package removes the actual application, <a href="http://bugs.debian.org/877717" rel="noopener" target="_blank">#877717</a> as the software has moved its repo. to github.com as well as tickets and other things in process and lastly <a href="http://bugs.debian.org/877733" rel="noopener" target="_blank">#877733</a>. I had been searching for a calculator which can do currency calculations on the fly (say for e.g. doing personal budgeting for Taiwan debconf) without needing to manually enter the conversion rates and losing something in the middle. While the current version has support for some limited currencies, the new versions promise more as other people probably have more diverse needs for currency conversions (people who do long or short on oil, stocks overseas is just one example, I am sure there are many others) than simplistic mine. </p><br />Filed under: <a href="https://flossexperiences.wordpress.com/category/miscellenous/">Miscellenous</a> Tagged: <a href="https://flossexperiences.wordpress.com/tag/american-education-system/">#American Education System</a>, <a href="https://flossexperiences.wordpress.com/tag/bug-filing/">#bug-filing</a>, <a href="https://flossexperiences.wordpress.com/tag/climate-change/">#Climate change</a>, <a href="https://flossexperiences.wordpress.com/tag/dignity/">#Dignity</a>, <a href="https://flossexperiences.wordpress.com/tag/e-commerce/">#e-commerce</a>, <a href="https://flossexperiences.wordpress.com/tag/gtk3/">#gtk+3</a>, <a href="https://flossexperiences.wordpress.com/tag/gtk2/">#gtk2</a>, <a href="https://flossexperiences.wordpress.com/tag/indian-economy-slowdown/">#Indian Economy 'Slowdown'</a>, <a href="https://flossexperiences.wordpress.com/tag/indian-education-system/">#Indian Education System</a>, <a href="https://flossexperiences.wordpress.com/tag/insolvency-and-bankruptcy-code/">#Insolvency and Bankruptcy Code</a>, <a href="https://flossexperiences.wordpress.com/tag/las-vegas-shooting/">#Las Vegas shooting</a>, <a href="https://flossexperiences.wordpress.com/tag/modern-retail-in-india/">#Modern Retail in India</a>, <a href="https://flossexperiences.wordpress.com/tag/planet-debian/">#planet-debian</a>, <a href="https://flossexperiences.wordpress.com/tag/qalculate/">#qalculate</a>, <a href="https://flossexperiences.wordpress.com/tag/ad-hoc-and-adjunct-professors/">Ad-hoc and Adjunct Professors</a>, <a href="https://flossexperiences.wordpress.com/tag/wordpress-com/">wordpress.com</a> <a href="http://feeds.wordpress.com/1.0/gocomments/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/godelicious/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/delicious/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gofacebook/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/facebook/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gotwitter/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/twitter/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/gostumble/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/stumble/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/godigg/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/digg/flossexperiences.wordpress.com/4100/" /></a> <a href="http://feeds.wordpress.com/1.0/goreddit/flossexperiences.wordpress.com/4100/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/reddit/flossexperiences.wordpress.com/4100/" /></a>
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 04:00:19 2017
@@ -4654,32 +4654,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Michal &#268;iha&#345;: Using Trezor to store cryptocurencies
 Message-ID: https-blog-cihar-com-archives-2017-10-13-using-trezor-store-cryptocurencies-utm_source-rss2
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.cihar.com/archives/2017/10/13/using-trezor-store-cryptocurencies/?utm_source=rss2
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>For quite some time I have some cryptocurrencies on hold. These mostly come from times it was possible to mine Bitcoin on the CPU, but I've got some small payments recently as well.</p>
-<p>I've been using <a href="https://electrum.org/">Electrum</a> wallet so far. It worked quite well, but with increasing Bitcoin value, I was considering having some hardware wallet for that. There are few options which you can use, but I've always preferred <a href="https://shop.trezor.io?a=572b241135e1">Trezor</a> as that device is made by guys I know. Also it's probably device with best support out of these (at least I've heard really bad stories about Ledger support).</p>
-<p>In the end what decided is that they are also <a href="https://doc.satoshilabs.com/trezor-tech/translating.html">using Weblate</a> to translate their user interface and offered me the wallet for free in exchange. This is price you can not beat :-). Anyway the setup was really smooth and I'm now fully set up. This also made me more open to accept other cryptocurrencies which are supported by <a href="https://shop.trezor.io?a=572b241135e1">Trezor</a>, so you can now see more options on the <a href="https://weblate.org/donate/">Weblate donations page</a>.</p>
-
-<p style="font-size: smaller;">
-Filed under: 
-
-<a href="https://blog.cihar.com/archives/debian/">Debian</a>
-
-<a href="https://blog.cihar.com/archives/english/">English</a>
-
-<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
-
-<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
-
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4720,6 +4699,27 @@ Filed under: [Debian][6] [English][7] [SUSE][8] [Weblate][9]
    [9]: <https://blog.cihar.com/archives/weblate/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>For quite some time I have some cryptocurrencies on hold. These mostly come from times it was possible to mine Bitcoin on the CPU, but I've got some small payments recently as well.</p>
+<p>I've been using <a href="https://electrum.org/">Electrum</a> wallet so far. It worked quite well, but with increasing Bitcoin value, I was considering having some hardware wallet for that. There are few options which you can use, but I've always preferred <a href="https://shop.trezor.io?a=572b241135e1">Trezor</a> as that device is made by guys I know. Also it's probably device with best support out of these (at least I've heard really bad stories about Ledger support).</p>
+<p>In the end what decided is that they are also <a href="https://doc.satoshilabs.com/trezor-tech/translating.html">using Weblate</a> to translate their user interface and offered me the wallet for free in exchange. This is price you can not beat :-). Anyway the setup was really smooth and I'm now fully set up. This also made me more open to accept other cryptocurrencies which are supported by <a href="https://shop.trezor.io?a=572b241135e1">Trezor</a>, so you can now see more options on the <a href="https://weblate.org/donate/">Weblate donations page</a>.</p>
+
+<p style="font-size: smaller;">
+Filed under: 
+
+<a href="https://blog.cihar.com/archives/debian/">Debian</a>
+
+<a href="https://blog.cihar.com/archives/english/">English</a>
+
+<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
+
+<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
+
+</p>
 --===============testboundary==--
 
 From planet-debian Fri Oct 13 02:45:00 2017
@@ -4730,40 +4730,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Dirk Eddelbuettel: GitHub Streak: Round Four
 Message-ID: http-dirk-eddelbuettel-com-blog-2017-10-12-github_oct2016_oct2017
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://dirk.eddelbuettel.com/blog/2017/10/12#github_oct2016_oct2017
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><a href="http://dirk.eddelbuettel.com/blog/2014/10/12#github_oct2013_oct2014">Three years ago</a> I referenced the <a href="http://lifehacker.com/281626/jerry-seinfelds-productivity-secret">Seinfeld Streak</a> used in an <a href="http://dirk.eddelbuettel.com/blog/2013/02/03/">earlier post</a> of regular updates to to the <a href="http://gallery.rcpp.org">Rcpp Gallery</a>:</p>
-<blockquote>
-<p>This is sometimes called Jerry Seinfeld's secret to productivity: Just keep at it. <em>Don't break the streak</em>.</p>
-</blockquote>
-<p>and showed the first chart of <em>GitHub streaking</em></p>
-<blockquote>
-<img alt="github activity october 2013 to october 2014" src="http://dirk.eddelbuettel.com/images/github_oct2013_oct2014.png" style="margin-left: auto; margin-right: auto;" />
-</blockquote>
-<p>And two year ago a first follow-up appeared in <a href="http://dirk.eddelbuettel.com/blog/2015/10/12#github_oct2014_oct2015">this post</a>:</p>
-<blockquote>
-<img alt="github activity october 2014 to october 2015" src="http://dirk.eddelbuettel.com/images/github_oct2014_oct2015.png" style="margin-left: auto; margin-right: auto;" />
-</blockquote>
-<p>And a year ago we had a followup <a href="http://dirk.eddelbuettel.com/blog/2016/10/12#github_oct2015_oct2016">last year</a></p>
-<blockquote>
-<img alt="github activity october 2015 to october 2016" src="http://dirk.eddelbuettel.com/images/github_oct2015_oct2016.png" style="margin-left: auto; margin-right: auto;" />
-</blockquote>
-<p>And as it October 12 again, here is the new one:</p>
-<blockquote>
-<img alt="github activity october 2016 to october 2017" src="http://dirk.eddelbuettel.com/images/github_oct2016_oct2017.png" style="margin-left: auto; margin-right: auto;" />
-</blockquote>
-<p>Again, special thanks go to <a href="https://naramsim.github.io/">Alessandro Pezzè</a> for the Chrome add-on <a href="https://github.com/Naramsim/GithubOriginalStreak">GithubOriginalStreak</a>.</p>
-<p style="font-size: 80%; font-style: italic;">
-This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -4815,156 +4786,50 @@ profit settings.
    [10]: <http://dirk.eddelbuettel.com/blog/>
 
 
---===============testboundary==--
-
-From planet-debian Thu Oct 12 17:54:20 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Thu, 12 Oct 2017 17:54:20 -0000
-To: to@example.com
-From: Joachim Breitner <mail@joachim-breitner.de>
-Subject: Joachim Breitner: Isabelle functions: Always total, sometimes undefined
-Message-ID: http-www-joachim-breitner-de-blog-732-isabelle_functions__always_total-2c_sometimes_undefined
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: http://www.joachim-breitner.de/blog/732-Isabelle_functions__Always_total%2C_sometimes_undefined
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/nomeata.png" width="64" height="64" alt="" align="right" style="float: right;">  <p>Often, when I mention how things work in the interactive theorem prover <a href="http://isabelle.in.tum.de/">Isabelle/HOL</a> to people with a strong background in functional programming (whether that means Haskell or Coq or something else), I cause confusion, especially around the issue of <em>what is a function</em>, are function <em>total</em> and what is the business with <em>undefined</em>. In this blog post, I want to explain some these issues, aimed at functional programmers or type theoreticians.</p>
-<p>Note that this is not meant to be a tutorial; I will not explain how to do these things, and will focus on what they mean.</p>
-<h3 id="hol-is-a-logic-of-total-functions">HOL is a logic of total functions</h3>
-<p>If I have a Isabelle function <code>f :: a ⇒ b</code> between two types <code>a</code> and <code>b</code> (the function arrow in Isabelle is <code>⇒</code>, not <code>→</code>), then – by definition of what it means to be a function in HOL – whenever I have a value <code>x :: a</code>, then the expression <code>f x</code> (i.e. <code>f</code> applied to <code>x</code>) <em>is</em> a value of type <code>b</code>. Therefore, and without exception, <em>every Isabelle function is total</em>.</p>
-<p>In particular, it cannot be that <code>f x</code> does not exist for some <code>x :: a</code>. This is a first difference from Haskell, which does have partial functions like</p>
-<pre class="sourceCode haskell"><code class="sourceCode haskell"><span class="ot">spin ::</span> <span class="dt">Maybe</span> <span class="dt">Integer</span> <span class="ot">-&gt;</span> <span class="dt">Bool</span>
-spin (<span class="dt">Just</span> n) <span class="fu">=</span> spin (<span class="dt">Just</span> (n<span class="fu">+</span><span class="dv">1</span>))</code></pre>
-<p>Here, neither the expression <code>spin Nothing</code> nor the expression <code>spin (Just 42)</code> produce a value of type <code>Bool</code>: The former raises an exception (“incomplete pattern match”), the latter does not terminate. Confusingly, though, both expressions have type <code>Bool</code>.</p>
-<p>Because every function is total, this confusion cannot arise in Isabelle: If an expression <code>e</code> has type <code>t</code>, then it <em>is</em> a value of type <code>t</code>. This trait is shared with other total systems, including Coq.</p>
-<p>Did you notice the emphasis I put on the word “is” here, and how I deliberately did not write “evaluates to” or “returns”? This is because of another big source for confusion:</p>
-<h3 id="isabelle-functions-do-not-compute">Isabelle functions do not compute</h3>
-<p>We (i.e., functional programmers) stole the word “function” from mathematics and repurposed it<a class="footnoteRef" href="English_feed.rss.en#fn1" id="fnref1"><sup>1</sup></a>. But the word “function”, in the context of Isabelle/HOL, refers to the mathematical concept of a function, and it helps to keep that in mind.</p>
-<p>What is the difference?</p>
-<ul>
-<li>A function <code>a → b</code> in functional programming is an algorithm that, given a value of type <code>a</code>, calculates (returns, evaluates to) a value of type <code>b</code>.</li>
-<li>A function <code>a ⇒ b</code> in math (or Isabelle/HOL) associates with each value of type <code>a</code> a value of type <code>b</code>.</li>
-</ul>
-<p>For example, the following is a perfectly valid function definition in math (and HOL), but could not be a function in the programming sense:</p>
-<pre class="isabelle"><code>definition foo :: "(nat ⇒ real) ⇒ real" where
-  "foo seq = (if convergent seq then lim seq else 0)"</code></pre>
-<p>This assigns a real number to every sequence, but it does not <em>compute</em> it in any useful sense.</p>
-<p>From this it follows that</p>
-<h3 id="isabelle-functions-are-specified-not-defined">Isabelle functions are specified, not defined</h3>
-<p>Consider this function definition:</p>
-<pre class="isabelle"><code>fun plus :: "nat ⇒ nat ⇒ nat"  where
-   "plus 0       m = m"
- | "plus (Suc n) m = Suc (plus n m)"</code></pre>
-<p>To a functional programmer, this reads</p>
+<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><a href="http://dirk.eddelbuettel.com/blog/2014/10/12#github_oct2013_oct2014">Three years ago</a> I referenced the <a href="http://lifehacker.com/281626/jerry-seinfelds-productivity-secret">Seinfeld Streak</a> used in an <a href="http://dirk.eddelbuettel.com/blog/2013/02/03/">earlier post</a> of regular updates to to the <a href="http://gallery.rcpp.org">Rcpp Gallery</a>:</p>
 <blockquote>
-<p><code>plus</code> is a function that analyses its first argument. If that is <code>0</code>, then it returns the second argument. Otherwise, it calls itself with the predecessor of the first argument and increases the result by one.</p>
+<p>This is sometimes called Jerry Seinfeld's secret to productivity: Just keep at it. <em>Don't break the streak</em>.</p>
 </blockquote>
-<p>which is clearly a description of a computation.</p>
-<p>But to Isabelle/HOL, the above reads</p>
+<p>and showed the first chart of <em>GitHub streaking</em></p>
 <blockquote>
-<p><code>plus</code> is a binary function on natural numbers, and it satisfies the following two equations: …</p>
+<img alt="github activity october 2013 to october 2014" src="http://dirk.eddelbuettel.com/images/github_oct2013_oct2014.png" style="margin-left: auto; margin-right: auto;" />
 </blockquote>
-<p>And in fact, it is not so much Isabelle/HOL that reads it this way, but rather the <code>fun</code> command, which is external to the Isabelle/HOL logic. The <code>fun</code> command analyses the given equations, constructs a non-recursive definition of <code>plus</code> under the hood, passes <em>that</em> to Isabelle/HOL and then proves that the given equations hold for <code>plus</code>.</p>
-<p>One interesting consequence of this is that different specifications can lead to the same functions. In fact, if we would define <code>plus'</code> by recursing on the second argument, we’d obtain the the same function (i.e. <code>plus = plus'</code> is a theorem, and there would be no way of telling the two apart).</p>
-<h3 id="termination-is-a-property-of-specifications-not-functions">Termination is a property of specifications, not functions</h3>
-<p>Because a function does not evaluate, it does not make sense to ask if it terminates. The question of termination arises <em>before</em> the function is defined: The <code>fun</code> command can only construct <code>plus</code> in a way that the equations hold if it can find a termination proof – very much like <code>Fixpoint</code> in Coq.</p>
-<p>But while the termination check of <code>Fixpoint</code> in Coq is a deep part of the basic logic, in Isabelle it is simply something that this particular command requires. Other commands may have other means of defining a function that do not require a termination proof.</p>
-<p>For example, a function specification that is tail-recursive can be turned in to a function, even without a termination proof: The following definition describes a higher-order function that iterates its first argument <code>f</code> on the second argument <code>x</code> until it finds a fixpoint. It is completely polymorphic (the single quote in <code>'a</code> indicates that this is a type variable):</p>
-<pre class="isabelle"><code>partial_function (tailrec)
-  fixpoint :: "('a ⇒ 'a) ⇒ 'a ⇒ 'a"
-where
-  "fixpoint f x = (if f x = x then x else fixpoint f (f x))"</code></pre>
-<p>We can work with this definition just fine. For example, if we instantiate <code>f</code> with <code>(λx. x-1)</code>, we can prove that it will always return 0:</p>
-<pre class="isabelle"><code>lemma "fixpoint (λ n . n - 1) (n::nat) = 0"
-  by (induction n) (auto simp add: fixpoint.simps)</code></pre>
-<p>Similarly, if we have a function that works within the option monad (i.e. |Maybe| in Haskell), its specification can always be turned into a function without an explicit termination proof – here one that calculates the Collatz sequence:</p>
-<pre class="isabelle"><code>partial_function (option) collatz :: "nat ⇒ nat list option"
- where "collatz n =
-        (if n = 1 then Some [n]
-         else if even n
-           then do { ns &lt;- collatz (n div 2);    Some (n # ns) }
-           else do { ns &lt;- collatz (3 * n + 1);  Some (n # ns)})"</code></pre>
-<p>Note that lists in Isabelle are finite (like in Coq, unlike in Haskell), so this function “returns” a list only if the collatz sequence eventually reaches 1.</p>
-<p>I expect these definitions to make a Coq user very uneasy. How can <code>fixpoint</code> be a total function? What is <code>fixpoint (λn. n+1)</code>? What if we run <code>collatz n</code> for a <code>n</code> where the <a href="https://en.wikipedia.org/wiki/Collatz_conjecture">Collatz sequence</a> does <em>not</em> reach 1?<a class="footnoteRef" href="English_feed.rss.en#fn2" id="fnref2"><sup>2</sup></a> We will come back to that question after a little detour…</p>
-<h3 id="hol-is-a-logic-of-non-empty-types">HOL is a logic of non-empty types</h3>
-<p>Another big difference between Isabelle and Coq is that in Isabelle/HOL, <em>every type is inhabited</em>. Just like the totality of functions, this is a very fundamental fact about what HOL defines to be a type.</p>
-<p>Isabelle gets away with that design because in Isabelle, we do not use types for propositions (like we do in Coq), so we do not need empty types to denote false propositions.</p>
-<p>This design has an important consequence: It allows the existence of a polymorphic expression that inhabits any type, namely</p>
-<pre class="isabelle"><code>undefined :: 'a</code></pre>
-<p>The naming of this term alone has caused a great deal of confusion for Isabelle beginners, or in communication with users of different systems, so I implore you to not read too much into the name. In fact, you will have a better time if you think of it as <code>arbitrary</code> or, even better, <code>unknown</code>.</p>
-<p>Since <code>undefined</code> can be instantiated at any type, we can instantiate it for example at <code>bool</code>, and we can observe an important fact: <code>undefined</code> is not an <em>extra</em> value besides the “usual ones”. It is simply <em>some</em> value of that type, which is demonstrated in the following lemma:</p>
-<pre class="isabelle"><code>lemma "undefined = True ∨ undefined = False" by auto</code></pre>
-<p>In fact, if the type has only one value (such as the unit type), then we know the value of <code>undefined</code> for sure:</p>
-<pre class="isabelle"><code>lemma "undefined = ()" by auto</code></pre>
-<p>It is very handy to be able to produce an expression of any type, as we will see as follows</p>
-<h3 id="partial-functions-are-just-underspecified-functions">Partial functions are just underspecified functions</h3>
-<p>For example, it allows us to translate incomplete function specifications. Consider this definition, Isabelle’s equivalent of Haskell’s partial <code>fromJust</code> function:</p>
-<pre class="sourceCode haskell"><code class="sourceCode haskell">fun fromSome :: <span class="st">"'a option ⇒ 'a"</span> <span class="kw">where</span>
-  <span class="st">"fromSome (Some x) = x"</span></code></pre>
-<p>This definition is accepted by <code>fun</code> (albeit with a warning), and the generated function <code>fromSome</code> behaves exactly as specified: when applied to <code>Some x</code>, it is <code>x</code>. The term <code>fromSome None</code> is also a value of type <code>'a</code>, we just do not know which one it is, as the specification does not address that.</p>
-<p>So <code>fromSome None</code> behaves just like <code>undefined</code> above, i.e. we can prove</p>
-<pre class="isabelle"><code>lemma "fromSome None = False ∨ fromSome None = True" by auto</code></pre>
-<p>Here is a small exercise for you: Can you come up with an explanation for the following lemma:</p>
-<pre class="isabelle"><code>fun constOrId :: "bool ⇒ bool" where
-  "constOrId True = True"
+<p>And two year ago a first follow-up appeared in <a href="http://dirk.eddelbuettel.com/blog/2015/10/12#github_oct2014_oct2015">this post</a>:</p>
+<blockquote>
+<img alt="github activity october 2014 to october 2015" src="http://dirk.eddelbuettel.com/images/github_oct2014_oct2015.png" style="margin-left: auto; margin-right: auto;" />
+</blockquote>
+<p>And a year ago we had a followup <a href="http://dirk.eddelbuettel.com/blog/2016/10/12#github_oct2015_oct2016">last year</a></p>
+<blockquote>
+<img alt="github activity october 2015 to october 2016" src="http://dirk.eddelbuettel.com/images/github_oct2015_oct2016.png" style="margin-left: auto; margin-right: auto;" />
+</blockquote>
+<p>And as it October 12 again, here is the new one:</p>
+<blockquote>
+<img alt="github activity october 2016 to october 2017" src="http://dirk.eddelbuettel.com/images/github_oct2016_oct2017.png" style="margin-left: auto; margin-right: auto;" />
+</blockquote>
+<p>Again, special thanks go to <a href="https://naramsim.github.io/">Alessandro Pezzè</a> for the Chrome add-on <a href="https://github.com/Naramsim/GithubOriginalStreak">GithubOriginalStreak</a>.</p>
+<p style="font-size: 80%; font-style: italic;">
+This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
+</p>
+--===============testboundary==--
 
-lemma "constOrId = (λ_.True) ∨ constOrId = (λx. x)"
-  by (metis (full_types) constOrId.simps)</code></pre>
-<p>Overall, this behavior makes sense if we remember that function “definitions” in Isabelle/HOL are not really definitions, but rather specifications. And a partial function “definition” is simply a underspecification. The resulting function is simply any function hat fulfills the specification, and the two lemmas above underline that observation.</p>
-<h3 id="nonterminating-functions-are-also-just-underspecified">Nonterminating functions are also just underspecified</h3>
-<p>Let us return to the puzzle posed by <code>fixpoint</code> above. Clearly, the function – seen as a functional program – is not total: When passed the argument <code>(λn. n + 1)</code> or <code>(λb. ¬b)</code> it will loop forever trying to find a fixed point.</p>
-<p>But Isabelle functions are not functional programs, and the definitions are just specifications. What does the specification say about the case when <code>f</code> has no fixed-point? It states that the equation <code>fixpoint f x = fixpoint f (f x)</code> holds. And this equation has a solution, for example <code>fixpoint f _ = undefined</code>.</p>
-<p>Or more concretely: The specification of the <code>fixpoint</code> function states that <code>fixpoint (λb. ¬b) True = fixpoint (λb. ¬b) False</code> has to hold, but it does not specify which particular value (<code>True</code> or <code>False</code>) it should denote – any is fine.</p>
-<h3 id="not-all-function-specifications-are-ok">Not all function specifications are ok</h3>
-<p>At this point you might wonder: Can I just specify any equations for a function <code>f</code> and get a function out of that? But rest assured: That is not the case. For example, no Isabelle command allows you define a function <code>bogus :: () ⇒ nat</code> with the equation <code>bogus () = S (bogus ())</code>, because this equation does not have a solution.</p>
-<p>We can actually prove that such a function cannot exist:</p>
-<pre class="isabelle"><code>lemma no_bogus: "∄ bogus. bogus () = Suc (bogus ())" by simp</code></pre>
-<p>(Of course, <code>not_bogus () = not_bogus ()</code> is just fine…)</p>
-<h3 id="you-cannot-reason-about-partiality-in-isabelle">You cannot reason about partiality in Isabelle</h3>
-<p>We have seen that there are many ways to define functions that one might consider “partial”. Given a function, can we prove that it is not “partial” in that sense?</p>
-<p>Unfortunately, but unavoidably, no: Since <code>undefined</code> is not a separate, recognizable value, but rather simply an unknown one, there is no way of stating that “A function result is not specified”.</p>
-<p>Here is an example that demonstrates this: Two “partial” functions (one with not all cases specified, the other one with a self-referential specification) are indistinguishable from the total variant:</p>
-<pre class="isabelle"><code>fun partial1 :: "bool ⇒ unit" where
-  "partial1 True = ()"
-partial_function (tailrec) partial2 :: "bool ⇒ unit" where
-  "partial2 b = partial2 b"
-fun total :: "bool ⇒ unit" where
-  "total True = ()"
-| "total False = ()"
+From planet-debian Thu Oct 12 17:54:20 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Thu, 12 Oct 2017 17:54:20 -0000
+To: to@example.com
+From: Joachim Breitner <mail@joachim-breitner.de>
+Subject: Joachim Breitner: Isabelle functions: Always total, sometimes undefined
+Message-ID: http-www-joachim-breitner-de-blog-732-isabelle_functions__always_total-2c_sometimes_undefined
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: http://www.joachim-breitner.de/blog/732-Isabelle_functions__Always_total%2C_sometimes_undefined
 
-lemma "partial1 = total ∧ partial2 = total" by auto</code></pre>
-<p>If you really <em>do</em> want to reason about partiality of functional programs in Isabelle, you should consider implementing them not as plain HOL functions, but rather use <a href="http://isabelle.in.tum.de/dist/library/HOL/HOLCF/README.html">HOLCF</a>, where you can give equational specifications of functional programs and obtain <em>continuous functions</em> between <em>domains</em>. In that setting, <code>⊥ ≠ ()</code> and <code>partial2 = ⊥ ≠ total</code>. We have done that <a href="https://arxiv.org/abs/1306.1340">to verify some of HLint’s equations</a>.</p>
-<h3 id="you-can-still-compute-with-isabelle-functions">You can still compute with Isabelle functions</h3>
-<p>I hope by this point, I have not scared away anyone who wants to use Isabelle for functional programming, and in fact, you can use it for that. If the equations that you pass to `fun are a reasonable definition for a function (in the programming sense), then these equations, used as rewriting rules, will allow you to “compute” that function quite like you would in Coq or Haskell.</p>
-<p>Moreover, Isabelle supports code extraction: You can take the equations of your Isabelle functions and have them expored into Ocaml, Haskell, Scala or Standard ML. See <a href="http://www21.in.tum.de/~popescua/rs3/CoCon.html">Concon</a> for a conference management system with confidentially verified in Isabelle.</p>
-<p>While these usually are the equations you defined the function with, they don't have to: You can declare other proved equations to be used for code extraction, e.g. to refine your elegant definitions to performant ones.</p>
-<p>Like with code extraction from Coq to, say, Haskell, the adequacy of the translations rests on a <a href="http://www.cse.chalmers.se/~nad/publications/danielsson-et-al-popl2006.html">“moral reasoning” foundation</a>. Unlike extraction from Coq, where you have an (unformalized) guarantee that the resulting Haskell code is terminating, you do not get that guarantee from Isabelle. Conversely, this allows you do reason about and extract non-terminating programs, like <code>fixpoint</code>, which is not possible in Coq.</p>
-<p>There is <a href="https://www21.in.tum.de/~hupel/pub/isabelle-cakeml.pdf">currently ongoing work</a> about verified code generation, where the code equations are reflected into a deep embedding of HOL in Isabelle/HOL that would allow explicit termination proofs.</p>
-<h3 id="conclusion">Conclusion</h3>
-<p>We have seen how in Isabelle/HOL, <em>every function is total</em>. Function declarations have equations, but these do not <em>define</em> the function in an computational sense, but rather <em>specify</em> them. Because in HOL, there are no empty types, many specifications that appear partial (incomplete patterns, non-terminating recursion) have solutions in the space of total functions. Partiality in the specification is no longer visible in the final product.</p>
-<h3 id="ps-axiom-undefined-in-coq">PS: Axiom <code>undefined</code> in Coq</h3>
-<p><em>This section is speculative, and an invitation for discussion.</em></p>
-<p>Coq already distinguishes between types used in programs (<code>Set</code>) and types used in proofs <code>Prop</code>.</p>
-<p>Could Coq ensure that every <code>t : Set</code> is non-empty? I imagine this would require additional checks in the <code>Inductive</code> command, similar to the checks that the Isabelle command <code>datatype</code> has to perform<a class="footnoteRef" href="English_feed.rss.en#fn3" id="fnref3"><sup>3</sup></a>, and it would disallow <a href="https://coq.inria.fr/library/Coq.Init.Datatypes.html"><code>Empty_set</code></a>.</p>
-<p>If so, then it would be sound to add the following axiom</p>
-<pre class="coq"><code>Axiom undefined : forall (a : Set), a.</code></pre>
-<p>wouldn't it? This axiom does not have any computational meaning, but that seems to be ok for optional Coq axioms, like classical reasoning or function extensionality.</p>
-<p>With this in place, how much of what I describe above about function definitions in Isabelle could now be done soundly in Coq. Certainly pattern matches would not have to be complete and could sport an implicit case <code>_ ⇒ undefined</code>. Would it “help” with non-obviously terminating functions? Would it allow a Coq command <code>Tailrecursive</code> that accepts any tailrecursive function without a termination check?</p>
-<div class="footnotes">
-<hr />
-<ol>
-<li id="fn1"><p>At least we do not violate this term as much as the imperative programmers do.<a href="English_feed.rss.en#fnref1">↩</a></p></li>
-<li id="fn2"><p>Let me know if you find such an <span class="math"><em>n</em></span>. Besides <span class="math"><em>n</em> = 0</span>.<a href="English_feed.rss.en#fnref2">↩</a></p></li>
-<li id="fn3"><p>Like <code>fun</code>, the constructions by <code>datatype</code> are not part of the logic, but create a type definition from more primitive notions that is isomorphic to the specified data type.<a href="English_feed.rss.en#fnref3">↩</a></p></li>
-</ol>
-</div>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -5373,6 +5238,141 @@ without a termination check?
    [14]: <English_feed.rss.en#fnref3>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/nomeata.png" width="64" height="64" alt="" align="right" style="float: right;">  <p>Often, when I mention how things work in the interactive theorem prover <a href="http://isabelle.in.tum.de/">Isabelle/HOL</a> to people with a strong background in functional programming (whether that means Haskell or Coq or something else), I cause confusion, especially around the issue of <em>what is a function</em>, are function <em>total</em> and what is the business with <em>undefined</em>. In this blog post, I want to explain some these issues, aimed at functional programmers or type theoreticians.</p>
+<p>Note that this is not meant to be a tutorial; I will not explain how to do these things, and will focus on what they mean.</p>
+<h3 id="hol-is-a-logic-of-total-functions">HOL is a logic of total functions</h3>
+<p>If I have a Isabelle function <code>f :: a ⇒ b</code> between two types <code>a</code> and <code>b</code> (the function arrow in Isabelle is <code>⇒</code>, not <code>→</code>), then – by definition of what it means to be a function in HOL – whenever I have a value <code>x :: a</code>, then the expression <code>f x</code> (i.e. <code>f</code> applied to <code>x</code>) <em>is</em> a value of type <code>b</code>. Therefore, and without exception, <em>every Isabelle function is total</em>.</p>
+<p>In particular, it cannot be that <code>f x</code> does not exist for some <code>x :: a</code>. This is a first difference from Haskell, which does have partial functions like</p>
+<pre class="sourceCode haskell"><code class="sourceCode haskell"><span class="ot">spin ::</span> <span class="dt">Maybe</span> <span class="dt">Integer</span> <span class="ot">-&gt;</span> <span class="dt">Bool</span>
+spin (<span class="dt">Just</span> n) <span class="fu">=</span> spin (<span class="dt">Just</span> (n<span class="fu">+</span><span class="dv">1</span>))</code></pre>
+<p>Here, neither the expression <code>spin Nothing</code> nor the expression <code>spin (Just 42)</code> produce a value of type <code>Bool</code>: The former raises an exception (“incomplete pattern match”), the latter does not terminate. Confusingly, though, both expressions have type <code>Bool</code>.</p>
+<p>Because every function is total, this confusion cannot arise in Isabelle: If an expression <code>e</code> has type <code>t</code>, then it <em>is</em> a value of type <code>t</code>. This trait is shared with other total systems, including Coq.</p>
+<p>Did you notice the emphasis I put on the word “is” here, and how I deliberately did not write “evaluates to” or “returns”? This is because of another big source for confusion:</p>
+<h3 id="isabelle-functions-do-not-compute">Isabelle functions do not compute</h3>
+<p>We (i.e., functional programmers) stole the word “function” from mathematics and repurposed it<a class="footnoteRef" href="English_feed.rss.en#fn1" id="fnref1"><sup>1</sup></a>. But the word “function”, in the context of Isabelle/HOL, refers to the mathematical concept of a function, and it helps to keep that in mind.</p>
+<p>What is the difference?</p>
+<ul>
+<li>A function <code>a → b</code> in functional programming is an algorithm that, given a value of type <code>a</code>, calculates (returns, evaluates to) a value of type <code>b</code>.</li>
+<li>A function <code>a ⇒ b</code> in math (or Isabelle/HOL) associates with each value of type <code>a</code> a value of type <code>b</code>.</li>
+</ul>
+<p>For example, the following is a perfectly valid function definition in math (and HOL), but could not be a function in the programming sense:</p>
+<pre class="isabelle"><code>definition foo :: "(nat ⇒ real) ⇒ real" where
+  "foo seq = (if convergent seq then lim seq else 0)"</code></pre>
+<p>This assigns a real number to every sequence, but it does not <em>compute</em> it in any useful sense.</p>
+<p>From this it follows that</p>
+<h3 id="isabelle-functions-are-specified-not-defined">Isabelle functions are specified, not defined</h3>
+<p>Consider this function definition:</p>
+<pre class="isabelle"><code>fun plus :: "nat ⇒ nat ⇒ nat"  where
+   "plus 0       m = m"
+ | "plus (Suc n) m = Suc (plus n m)"</code></pre>
+<p>To a functional programmer, this reads</p>
+<blockquote>
+<p><code>plus</code> is a function that analyses its first argument. If that is <code>0</code>, then it returns the second argument. Otherwise, it calls itself with the predecessor of the first argument and increases the result by one.</p>
+</blockquote>
+<p>which is clearly a description of a computation.</p>
+<p>But to Isabelle/HOL, the above reads</p>
+<blockquote>
+<p><code>plus</code> is a binary function on natural numbers, and it satisfies the following two equations: …</p>
+</blockquote>
+<p>And in fact, it is not so much Isabelle/HOL that reads it this way, but rather the <code>fun</code> command, which is external to the Isabelle/HOL logic. The <code>fun</code> command analyses the given equations, constructs a non-recursive definition of <code>plus</code> under the hood, passes <em>that</em> to Isabelle/HOL and then proves that the given equations hold for <code>plus</code>.</p>
+<p>One interesting consequence of this is that different specifications can lead to the same functions. In fact, if we would define <code>plus'</code> by recursing on the second argument, we’d obtain the the same function (i.e. <code>plus = plus'</code> is a theorem, and there would be no way of telling the two apart).</p>
+<h3 id="termination-is-a-property-of-specifications-not-functions">Termination is a property of specifications, not functions</h3>
+<p>Because a function does not evaluate, it does not make sense to ask if it terminates. The question of termination arises <em>before</em> the function is defined: The <code>fun</code> command can only construct <code>plus</code> in a way that the equations hold if it can find a termination proof – very much like <code>Fixpoint</code> in Coq.</p>
+<p>But while the termination check of <code>Fixpoint</code> in Coq is a deep part of the basic logic, in Isabelle it is simply something that this particular command requires. Other commands may have other means of defining a function that do not require a termination proof.</p>
+<p>For example, a function specification that is tail-recursive can be turned in to a function, even without a termination proof: The following definition describes a higher-order function that iterates its first argument <code>f</code> on the second argument <code>x</code> until it finds a fixpoint. It is completely polymorphic (the single quote in <code>'a</code> indicates that this is a type variable):</p>
+<pre class="isabelle"><code>partial_function (tailrec)
+  fixpoint :: "('a ⇒ 'a) ⇒ 'a ⇒ 'a"
+where
+  "fixpoint f x = (if f x = x then x else fixpoint f (f x))"</code></pre>
+<p>We can work with this definition just fine. For example, if we instantiate <code>f</code> with <code>(λx. x-1)</code>, we can prove that it will always return 0:</p>
+<pre class="isabelle"><code>lemma "fixpoint (λ n . n - 1) (n::nat) = 0"
+  by (induction n) (auto simp add: fixpoint.simps)</code></pre>
+<p>Similarly, if we have a function that works within the option monad (i.e. |Maybe| in Haskell), its specification can always be turned into a function without an explicit termination proof – here one that calculates the Collatz sequence:</p>
+<pre class="isabelle"><code>partial_function (option) collatz :: "nat ⇒ nat list option"
+ where "collatz n =
+        (if n = 1 then Some [n]
+         else if even n
+           then do { ns &lt;- collatz (n div 2);    Some (n # ns) }
+           else do { ns &lt;- collatz (3 * n + 1);  Some (n # ns)})"</code></pre>
+<p>Note that lists in Isabelle are finite (like in Coq, unlike in Haskell), so this function “returns” a list only if the collatz sequence eventually reaches 1.</p>
+<p>I expect these definitions to make a Coq user very uneasy. How can <code>fixpoint</code> be a total function? What is <code>fixpoint (λn. n+1)</code>? What if we run <code>collatz n</code> for a <code>n</code> where the <a href="https://en.wikipedia.org/wiki/Collatz_conjecture">Collatz sequence</a> does <em>not</em> reach 1?<a class="footnoteRef" href="English_feed.rss.en#fn2" id="fnref2"><sup>2</sup></a> We will come back to that question after a little detour…</p>
+<h3 id="hol-is-a-logic-of-non-empty-types">HOL is a logic of non-empty types</h3>
+<p>Another big difference between Isabelle and Coq is that in Isabelle/HOL, <em>every type is inhabited</em>. Just like the totality of functions, this is a very fundamental fact about what HOL defines to be a type.</p>
+<p>Isabelle gets away with that design because in Isabelle, we do not use types for propositions (like we do in Coq), so we do not need empty types to denote false propositions.</p>
+<p>This design has an important consequence: It allows the existence of a polymorphic expression that inhabits any type, namely</p>
+<pre class="isabelle"><code>undefined :: 'a</code></pre>
+<p>The naming of this term alone has caused a great deal of confusion for Isabelle beginners, or in communication with users of different systems, so I implore you to not read too much into the name. In fact, you will have a better time if you think of it as <code>arbitrary</code> or, even better, <code>unknown</code>.</p>
+<p>Since <code>undefined</code> can be instantiated at any type, we can instantiate it for example at <code>bool</code>, and we can observe an important fact: <code>undefined</code> is not an <em>extra</em> value besides the “usual ones”. It is simply <em>some</em> value of that type, which is demonstrated in the following lemma:</p>
+<pre class="isabelle"><code>lemma "undefined = True ∨ undefined = False" by auto</code></pre>
+<p>In fact, if the type has only one value (such as the unit type), then we know the value of <code>undefined</code> for sure:</p>
+<pre class="isabelle"><code>lemma "undefined = ()" by auto</code></pre>
+<p>It is very handy to be able to produce an expression of any type, as we will see as follows</p>
+<h3 id="partial-functions-are-just-underspecified-functions">Partial functions are just underspecified functions</h3>
+<p>For example, it allows us to translate incomplete function specifications. Consider this definition, Isabelle’s equivalent of Haskell’s partial <code>fromJust</code> function:</p>
+<pre class="sourceCode haskell"><code class="sourceCode haskell">fun fromSome :: <span class="st">"'a option ⇒ 'a"</span> <span class="kw">where</span>
+  <span class="st">"fromSome (Some x) = x"</span></code></pre>
+<p>This definition is accepted by <code>fun</code> (albeit with a warning), and the generated function <code>fromSome</code> behaves exactly as specified: when applied to <code>Some x</code>, it is <code>x</code>. The term <code>fromSome None</code> is also a value of type <code>'a</code>, we just do not know which one it is, as the specification does not address that.</p>
+<p>So <code>fromSome None</code> behaves just like <code>undefined</code> above, i.e. we can prove</p>
+<pre class="isabelle"><code>lemma "fromSome None = False ∨ fromSome None = True" by auto</code></pre>
+<p>Here is a small exercise for you: Can you come up with an explanation for the following lemma:</p>
+<pre class="isabelle"><code>fun constOrId :: "bool ⇒ bool" where
+  "constOrId True = True"
+
+lemma "constOrId = (λ_.True) ∨ constOrId = (λx. x)"
+  by (metis (full_types) constOrId.simps)</code></pre>
+<p>Overall, this behavior makes sense if we remember that function “definitions” in Isabelle/HOL are not really definitions, but rather specifications. And a partial function “definition” is simply a underspecification. The resulting function is simply any function hat fulfills the specification, and the two lemmas above underline that observation.</p>
+<h3 id="nonterminating-functions-are-also-just-underspecified">Nonterminating functions are also just underspecified</h3>
+<p>Let us return to the puzzle posed by <code>fixpoint</code> above. Clearly, the function – seen as a functional program – is not total: When passed the argument <code>(λn. n + 1)</code> or <code>(λb. ¬b)</code> it will loop forever trying to find a fixed point.</p>
+<p>But Isabelle functions are not functional programs, and the definitions are just specifications. What does the specification say about the case when <code>f</code> has no fixed-point? It states that the equation <code>fixpoint f x = fixpoint f (f x)</code> holds. And this equation has a solution, for example <code>fixpoint f _ = undefined</code>.</p>
+<p>Or more concretely: The specification of the <code>fixpoint</code> function states that <code>fixpoint (λb. ¬b) True = fixpoint (λb. ¬b) False</code> has to hold, but it does not specify which particular value (<code>True</code> or <code>False</code>) it should denote – any is fine.</p>
+<h3 id="not-all-function-specifications-are-ok">Not all function specifications are ok</h3>
+<p>At this point you might wonder: Can I just specify any equations for a function <code>f</code> and get a function out of that? But rest assured: That is not the case. For example, no Isabelle command allows you define a function <code>bogus :: () ⇒ nat</code> with the equation <code>bogus () = S (bogus ())</code>, because this equation does not have a solution.</p>
+<p>We can actually prove that such a function cannot exist:</p>
+<pre class="isabelle"><code>lemma no_bogus: "∄ bogus. bogus () = Suc (bogus ())" by simp</code></pre>
+<p>(Of course, <code>not_bogus () = not_bogus ()</code> is just fine…)</p>
+<h3 id="you-cannot-reason-about-partiality-in-isabelle">You cannot reason about partiality in Isabelle</h3>
+<p>We have seen that there are many ways to define functions that one might consider “partial”. Given a function, can we prove that it is not “partial” in that sense?</p>
+<p>Unfortunately, but unavoidably, no: Since <code>undefined</code> is not a separate, recognizable value, but rather simply an unknown one, there is no way of stating that “A function result is not specified”.</p>
+<p>Here is an example that demonstrates this: Two “partial” functions (one with not all cases specified, the other one with a self-referential specification) are indistinguishable from the total variant:</p>
+<pre class="isabelle"><code>fun partial1 :: "bool ⇒ unit" where
+  "partial1 True = ()"
+partial_function (tailrec) partial2 :: "bool ⇒ unit" where
+  "partial2 b = partial2 b"
+fun total :: "bool ⇒ unit" where
+  "total True = ()"
+| "total False = ()"
+
+lemma "partial1 = total ∧ partial2 = total" by auto</code></pre>
+<p>If you really <em>do</em> want to reason about partiality of functional programs in Isabelle, you should consider implementing them not as plain HOL functions, but rather use <a href="http://isabelle.in.tum.de/dist/library/HOL/HOLCF/README.html">HOLCF</a>, where you can give equational specifications of functional programs and obtain <em>continuous functions</em> between <em>domains</em>. In that setting, <code>⊥ ≠ ()</code> and <code>partial2 = ⊥ ≠ total</code>. We have done that <a href="https://arxiv.org/abs/1306.1340">to verify some of HLint’s equations</a>.</p>
+<h3 id="you-can-still-compute-with-isabelle-functions">You can still compute with Isabelle functions</h3>
+<p>I hope by this point, I have not scared away anyone who wants to use Isabelle for functional programming, and in fact, you can use it for that. If the equations that you pass to `fun are a reasonable definition for a function (in the programming sense), then these equations, used as rewriting rules, will allow you to “compute” that function quite like you would in Coq or Haskell.</p>
+<p>Moreover, Isabelle supports code extraction: You can take the equations of your Isabelle functions and have them expored into Ocaml, Haskell, Scala or Standard ML. See <a href="http://www21.in.tum.de/~popescua/rs3/CoCon.html">Concon</a> for a conference management system with confidentially verified in Isabelle.</p>
+<p>While these usually are the equations you defined the function with, they don't have to: You can declare other proved equations to be used for code extraction, e.g. to refine your elegant definitions to performant ones.</p>
+<p>Like with code extraction from Coq to, say, Haskell, the adequacy of the translations rests on a <a href="http://www.cse.chalmers.se/~nad/publications/danielsson-et-al-popl2006.html">“moral reasoning” foundation</a>. Unlike extraction from Coq, where you have an (unformalized) guarantee that the resulting Haskell code is terminating, you do not get that guarantee from Isabelle. Conversely, this allows you do reason about and extract non-terminating programs, like <code>fixpoint</code>, which is not possible in Coq.</p>
+<p>There is <a href="https://www21.in.tum.de/~hupel/pub/isabelle-cakeml.pdf">currently ongoing work</a> about verified code generation, where the code equations are reflected into a deep embedding of HOL in Isabelle/HOL that would allow explicit termination proofs.</p>
+<h3 id="conclusion">Conclusion</h3>
+<p>We have seen how in Isabelle/HOL, <em>every function is total</em>. Function declarations have equations, but these do not <em>define</em> the function in an computational sense, but rather <em>specify</em> them. Because in HOL, there are no empty types, many specifications that appear partial (incomplete patterns, non-terminating recursion) have solutions in the space of total functions. Partiality in the specification is no longer visible in the final product.</p>
+<h3 id="ps-axiom-undefined-in-coq">PS: Axiom <code>undefined</code> in Coq</h3>
+<p><em>This section is speculative, and an invitation for discussion.</em></p>
+<p>Coq already distinguishes between types used in programs (<code>Set</code>) and types used in proofs <code>Prop</code>.</p>
+<p>Could Coq ensure that every <code>t : Set</code> is non-empty? I imagine this would require additional checks in the <code>Inductive</code> command, similar to the checks that the Isabelle command <code>datatype</code> has to perform<a class="footnoteRef" href="English_feed.rss.en#fn3" id="fnref3"><sup>3</sup></a>, and it would disallow <a href="https://coq.inria.fr/library/Coq.Init.Datatypes.html"><code>Empty_set</code></a>.</p>
+<p>If so, then it would be sound to add the following axiom</p>
+<pre class="coq"><code>Axiom undefined : forall (a : Set), a.</code></pre>
+<p>wouldn't it? This axiom does not have any computational meaning, but that seems to be ok for optional Coq axioms, like classical reasoning or function extensionality.</p>
+<p>With this in place, how much of what I describe above about function definitions in Isabelle could now be done soundly in Coq. Certainly pattern matches would not have to be complete and could sport an implicit case <code>_ ⇒ undefined</code>. Would it “help” with non-obviously terminating functions? Would it allow a Coq command <code>Tailrecursive</code> that accepts any tailrecursive function without a termination check?</p>
+<div class="footnotes">
+<hr />
+<ol>
+<li id="fn1"><p>At least we do not violate this term as much as the imperative programmers do.<a href="English_feed.rss.en#fnref1">↩</a></p></li>
+<li id="fn2"><p>Let me know if you find such an <span class="math"><em>n</em></span>. Besides <span class="math"><em>n</em> = 0</span>.<a href="English_feed.rss.en#fnref2">↩</a></p></li>
+<li id="fn3"><p>Like <code>fun</code>, the constructions by <code>datatype</code> are not part of the logic, but create a type definition from more primitive notions that is isomorphic to the specified data type.<a href="English_feed.rss.en#fnref3">↩</a></p></li>
+</ol>
+</div>
 --===============testboundary==--
 
 From planet-debian Thu Oct 12 02:13:00 2017
@@ -5383,45 +5383,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Dirk Eddelbuettel: RcppArmadillo 0.8.100.1.0
 Message-ID: http-dirk-eddelbuettel-com-blog-2017-10-11-rcpparmadillo_0-8-100-1-0
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://dirk.eddelbuettel.com/blog/2017/10/11#rcpparmadillo_0.8.100.1.0
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><img alt="armadillo image" src="http://arma.sourceforge.net/img/armadillo_logo.png" style="float: left; margin: 10px 10px 10px 0;" width="248" /></p>
-<p>We are thrilled to announce a new <em>big</em> <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo</a> release! Conrad recently moved <a href="http://arma.sourceforge.net/">Armadillo</a> to the 8.* series, with significant improvements and speed ups for sparse matrix operations, and more. See below for a brief summary.</p>
-<p>This also required some changes at our end which <a href="https://github.com/binxiangni">Binxiang Ni</a> provided, and <a href="https://github.com/sgsokol">Serguei Sokol</a> improved some instantiations. We now show the new vignette <a href="https://github.com/binxiangni">Binxiang Ni</a> wrote for his GSoC contribution, and I converted it (and the other main vignette) to using the <a href="http://dirk.eddelbuettel.com/code/pinp.html">pinp</a> package for sleeker pdf vignettes.</p>
-<p>This release resumes our bi-monthly CRAN release cycle. I may make interim updates available at GitHub "as needed". And this time I managed to mess up the reverse depends testing, and missed one <code>sync()</code> call on the way back to R---but all that is now taken care of.</p>
-<p><a href="http://arma.sourceforge.net/">Armadillo</a> is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo</a> integrates this library with the <a href="https://www.r-project.org">R</a> environment and language--and is widely used by (currently) 405 other packages on <a href="https://cran.r-project.org">CRAN</a>.</p>
-<p>A high-level summary of changes follows.</p>
-<blockquote>
-<h4 id="changes-in-rcpparmadillo-version-0.8.100.1.0-2017-10-05">Changes in RcppArmadillo version 0.8.100.1.0 (2017-10-05)</h4>
-<ul>
-<li><p>Upgraded to Armadillo release 8.100.1 (Feral Pursuits)</p>
-<ul>
-<li><p>faster incremental construction of sparse matrices via element access operators</p></li>
-<li><p>faster diagonal views in sparse matrices</p></li>
-<li><p>expanded <code>SpMat</code> to save/load sparse matrices in coord format</p></li>
-<li><p>expanded <code>.save()</code>,<code>.load()</code> to allow specification of datasets within HDF5 files</p></li>
-<li><p>added <code>affmul()</code> to simplify application of affine transformations</p></li>
-<li><p>warnings and errors are now printed by default to the <code>std::cerr</code> stream</p></li>
-<li><p>added <code>set_cerr_stream()</code> and <code>get_cerr_stream()</code> to replace <code>set_stream_err1()</code>, <code>set_stream_err2()</code>, <code>get_stream_err1()</code>, <code>get_stream_err2()</code></p></li>
-<li><p>new configuration options <code>ARMA_COUT_STREAM</code> and <code>ARMA_CERR_STREAM</code></p></li>
-</ul></li>
-<li><p>Constructors for sparse matrices of types <code>dgt</code>, <code>dtt</code> amd <code>dst</code> now use Armadillo code for improved performance (Serguei Sokol in <a href="https://github.com/RcppCore/RcppArmadillo/pull/175">#175</a> addressing <a href="https://github.com/RcppCore/RcppArmadillo/issues/173">#173</a>)</p></li>
-<li><p>Sparse matrices call <code>.sync()</code> before accessing internal arrays (Binxiang Ni in <a href="https://github.com/RcppCore/RcppArmadillo/pull/171">#171</a>)</p></li>
-<li><p>The sparse matrix vignette has been converted to Rmarkdown using the pinp package, and is now correctly indexed. (<a href="https://github.com/RcppCore/RcppArmadillo/pull/176">#176</a>)</p></li>
-</ul>
-</blockquote>
-<p>Courtesy of <a href="http://dirk.eddelbuettel.com/cranberries/">CRANberries</a>, there is a <a href="http://dirk.eddelbuettel.com/cranberries/2017/10/11#RcppArmadillo_0.8.100.1.0">diffstat report</a>. More detailed information is on the <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo page</a>. Questions, comments etc should go to the <a href="https://lists.r-forge.r-project.org/cgi-bin/mailman/listinfo/rcpp-devel">rcpp-devel mailing list</a> off the <a href="http://r-forge.r-project.org/projects/rcpp/">R-Forge</a> page.</p>
-<p style="font-size: 80%; font-style: italic;">
-This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
-</p><p></p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -5549,6 +5515,40 @@ profit settings.
    [20]: <http://dirk.eddelbuettel.com/blog/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><img alt="armadillo image" src="http://arma.sourceforge.net/img/armadillo_logo.png" style="float: left; margin: 10px 10px 10px 0;" width="248" /></p>
+<p>We are thrilled to announce a new <em>big</em> <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo</a> release! Conrad recently moved <a href="http://arma.sourceforge.net/">Armadillo</a> to the 8.* series, with significant improvements and speed ups for sparse matrix operations, and more. See below for a brief summary.</p>
+<p>This also required some changes at our end which <a href="https://github.com/binxiangni">Binxiang Ni</a> provided, and <a href="https://github.com/sgsokol">Serguei Sokol</a> improved some instantiations. We now show the new vignette <a href="https://github.com/binxiangni">Binxiang Ni</a> wrote for his GSoC contribution, and I converted it (and the other main vignette) to using the <a href="http://dirk.eddelbuettel.com/code/pinp.html">pinp</a> package for sleeker pdf vignettes.</p>
+<p>This release resumes our bi-monthly CRAN release cycle. I may make interim updates available at GitHub "as needed". And this time I managed to mess up the reverse depends testing, and missed one <code>sync()</code> call on the way back to R---but all that is now taken care of.</p>
+<p><a href="http://arma.sourceforge.net/">Armadillo</a> is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo</a> integrates this library with the <a href="https://www.r-project.org">R</a> environment and language--and is widely used by (currently) 405 other packages on <a href="https://cran.r-project.org">CRAN</a>.</p>
+<p>A high-level summary of changes follows.</p>
+<blockquote>
+<h4 id="changes-in-rcpparmadillo-version-0.8.100.1.0-2017-10-05">Changes in RcppArmadillo version 0.8.100.1.0 (2017-10-05)</h4>
+<ul>
+<li><p>Upgraded to Armadillo release 8.100.1 (Feral Pursuits)</p>
+<ul>
+<li><p>faster incremental construction of sparse matrices via element access operators</p></li>
+<li><p>faster diagonal views in sparse matrices</p></li>
+<li><p>expanded <code>SpMat</code> to save/load sparse matrices in coord format</p></li>
+<li><p>expanded <code>.save()</code>,<code>.load()</code> to allow specification of datasets within HDF5 files</p></li>
+<li><p>added <code>affmul()</code> to simplify application of affine transformations</p></li>
+<li><p>warnings and errors are now printed by default to the <code>std::cerr</code> stream</p></li>
+<li><p>added <code>set_cerr_stream()</code> and <code>get_cerr_stream()</code> to replace <code>set_stream_err1()</code>, <code>set_stream_err2()</code>, <code>get_stream_err1()</code>, <code>get_stream_err2()</code></p></li>
+<li><p>new configuration options <code>ARMA_COUT_STREAM</code> and <code>ARMA_CERR_STREAM</code></p></li>
+</ul></li>
+<li><p>Constructors for sparse matrices of types <code>dgt</code>, <code>dtt</code> amd <code>dst</code> now use Armadillo code for improved performance (Serguei Sokol in <a href="https://github.com/RcppCore/RcppArmadillo/pull/175">#175</a> addressing <a href="https://github.com/RcppCore/RcppArmadillo/issues/173">#173</a>)</p></li>
+<li><p>Sparse matrices call <code>.sync()</code> before accessing internal arrays (Binxiang Ni in <a href="https://github.com/RcppCore/RcppArmadillo/pull/171">#171</a>)</p></li>
+<li><p>The sparse matrix vignette has been converted to Rmarkdown using the pinp package, and is now correctly indexed. (<a href="https://github.com/RcppCore/RcppArmadillo/pull/176">#176</a>)</p></li>
+</ul>
+</blockquote>
+<p>Courtesy of <a href="http://dirk.eddelbuettel.com/cranberries/">CRANberries</a>, there is a <a href="http://dirk.eddelbuettel.com/cranberries/2017/10/11#RcppArmadillo_0.8.100.1.0">diffstat report</a>. More detailed information is on the <a href="http://dirk.eddelbuettel.com/code/rcpp.armadillo.html">RcppArmadillo page</a>. Questions, comments etc should go to the <a href="https://lists.r-forge.r-project.org/cgi-bin/mailman/listinfo/rcpp-devel">rcpp-devel mailing list</a> off the <a href="http://r-forge.r-project.org/projects/rcpp/">R-Forge</a> page.</p>
+<p style="font-size: 80%; font-style: italic;">
+This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
+</p><p></p>
 --===============testboundary==--
 
 From planet-debian Wed Oct 11 21:00:00 2017
@@ -5559,60 +5559,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Steve Kemp: A busy week or two
 Message-ID: https-blog-steve-fi-a_busy_week_or_two-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.steve.fi/a_busy_week_or_two.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/skx.png" width="76" height="105" alt="" align="right" style="float: right;">  <p>It feels like the past week or two has been very busy, and so I'm looking forward to my "holiday" next month.</p>
-
-<p>I'm not really having a holiday of course, my wife is slowly returning to work, so I'll be taking a month of paternity leave, taking
-sole care of Oiva for the month of November.  He's still a little angel, and now that he's reached 10 months old he's starting to
-get much more mobile - he's on the verge of walking, but not quite there yet.  Mostly that means he wants you to hold his hands so
-that he can stand up, swaying back and forth before the inevitable collapse.</p>
-
-<p>Beyond spending most of my evenings taking care of him, from the moment I return from work to his bedtime (around 7:30PM), I've
-made the <a href="https://debian-administration.org/">Debian Administration</a> website both read-only and much simpler.  In the past that
-site was powered by a lot of servers, I think around 11.  Now it has only a small number of machines, which should slowly decrease.</p>
-
-<p>I've ripped out the database host, the redis host, the events-server, the planet-machine, the email-box, etc.  Now we have a much
-simpler setup:</p>
-
-<ul>
-<li>Front-end machine
-<ul>
-<li>Directly serves <a href="https://code.debian-administration.org/">the code site</a></li>
-<li>Directly serves <a href="https://ssl.debian-administration.org/">the SSL site</a> which exists solely for Let's Encrypt</li>
-<li>Runs HAProxy to route the rest of the requests to the cluster.</li>
-</ul></li>
-<li>4 x Apache servers
-<ul>
-<li>Each one has a (read-only) MySQL database on it for the content.
-<ul>
-<li>In case of future-compromise I removed all user passwords, and scrambled the email-addresses.</li>
-<li>I don't think there's a huge risk, but better safe than sorry.</li>
-</ul></li>
-<li>Each one runs the web-application.
-<ul>
-<li>Which now caches each generated page to /tmp/x/x/x/x/$hash if it doesn't exist.</li>
-<li>If the request is cached it is served from that cache rather than dynamically.</li>
-</ul></li>
-</ul></li>
-</ul>
-
-<p>Finally although I'm slowly making progress with "radio stuff" I've knocked up a simple hack which uses an ultrasonic sensor
-to determine whether I'm sat in front of my (home) PC.  If I am everything is good.  If I'm absent the music is stopped and
-the screen locked.  Kinda neat.</p>
-
-<p>(Simple ESP8266 device wired to the sensor.  When the state changes a message is posted to Mosquitto, where a listener reacts
-to the change(s).)</p>
-
-<p>Oh, not final.  I've also transfered my mobile phone from DNA.fi to MoiMobile.  Which should complete soon, right now my phone is in limbo, active on niether service.  Oops.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -5670,6 +5621,55 @@ Which should complete soon, right now my phone is in limbo, active on niether
 service. Oops.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/skx.png" width="76" height="105" alt="" align="right" style="float: right;">  <p>It feels like the past week or two has been very busy, and so I'm looking forward to my "holiday" next month.</p>
+
+<p>I'm not really having a holiday of course, my wife is slowly returning to work, so I'll be taking a month of paternity leave, taking
+sole care of Oiva for the month of November.  He's still a little angel, and now that he's reached 10 months old he's starting to
+get much more mobile - he's on the verge of walking, but not quite there yet.  Mostly that means he wants you to hold his hands so
+that he can stand up, swaying back and forth before the inevitable collapse.</p>
+
+<p>Beyond spending most of my evenings taking care of him, from the moment I return from work to his bedtime (around 7:30PM), I've
+made the <a href="https://debian-administration.org/">Debian Administration</a> website both read-only and much simpler.  In the past that
+site was powered by a lot of servers, I think around 11.  Now it has only a small number of machines, which should slowly decrease.</p>
+
+<p>I've ripped out the database host, the redis host, the events-server, the planet-machine, the email-box, etc.  Now we have a much
+simpler setup:</p>
+
+<ul>
+<li>Front-end machine
+<ul>
+<li>Directly serves <a href="https://code.debian-administration.org/">the code site</a></li>
+<li>Directly serves <a href="https://ssl.debian-administration.org/">the SSL site</a> which exists solely for Let's Encrypt</li>
+<li>Runs HAProxy to route the rest of the requests to the cluster.</li>
+</ul></li>
+<li>4 x Apache servers
+<ul>
+<li>Each one has a (read-only) MySQL database on it for the content.
+<ul>
+<li>In case of future-compromise I removed all user passwords, and scrambled the email-addresses.</li>
+<li>I don't think there's a huge risk, but better safe than sorry.</li>
+</ul></li>
+<li>Each one runs the web-application.
+<ul>
+<li>Which now caches each generated page to /tmp/x/x/x/x/$hash if it doesn't exist.</li>
+<li>If the request is cached it is served from that cache rather than dynamically.</li>
+</ul></li>
+</ul></li>
+</ul>
+
+<p>Finally although I'm slowly making progress with "radio stuff" I've knocked up a simple hack which uses an ultrasonic sensor
+to determine whether I'm sat in front of my (home) PC.  If I am everything is good.  If I'm absent the music is stopped and
+the screen locked.  Kinda neat.</p>
+
+<p>(Simple ESP8266 device wired to the sensor.  When the state changes a message is posted to Mosquitto, where a listener reacts
+to the change(s).)</p>
+
+<p>Oh, not final.  I've also transfered my mobile phone from DNA.fi to MoiMobile.  Which should complete soon, right now my phone is in limbo, active on niether service.  Oops.</p>
 --===============testboundary==--
 
 From planet-debian Wed Oct 11 16:00:18 2017
@@ -5680,44 +5680,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Michal &#268;iha&#345;: New projects on Hosted Weblate
 Message-ID: https-blog-cihar-com-archives-2017-10-11-new-projects-hosted-weblate-utm_source-rss2
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.cihar.com/archives/2017/10/11/new-projects-hosted-weblate/?utm_source=rss2
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p><a href="http://weblate.org/hosting/">Hosted Weblate</a> provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.</p>
-<p>This time, the newly hosted projects include:</p>
-<ul>
-<li><a href="https://hosted.weblate.org/projects/hunspell/translations/">Hunspell</a> - famous spell checker</li>
-<li><a href="https://hosted.weblate.org/projects/eolie/eolie/">Eolie</a> - a web browser for GNOME</li>
-<li><a href="https://hosted.weblate.org/projects/skytube/">SkyTube</a> - an open-source YouTube app for Android</li>
-<li><a href="https://hosted.weblate.org/projects/eventum/translations/">Eventum</a> - issue tracking system</li>
-</ul>
-<p>Additionally there were some notable additions to existing projects:</p>
-<ul>
-<li><a href="https://hosted.weblate.org/projects/pext/pext_module_pass/">Password management module for Pext</a></li>
-<li><a href="https://hosted.weblate.org/projects/minetest/mod-hopper/">Minetest Mod Hopper</a></li>
-<li><a href="https://hosted.weblate.org/projects/ayatana-indicators/">Ayatana Indicators</a> now include several new applets</li>
-</ul>
-<p>If you want to support this effort, please <a href="https://weblate.org/donate/">donate to Weblate</a>, especially recurring donations are welcome to make this service alive. You can do that easily on <a href="https://liberapay.com/Weblate/">Liberapay</a> or <a href="https://salt.bountysource.com/teams/weblate">Bountysource</a>.</p>
-
-<p style="font-size: smaller;">
-Filed under: 
-
-<a href="https://blog.cihar.com/archives/debian/">Debian</a>
-
-<a href="https://blog.cihar.com/archives/english/">English</a>
-
-<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
-
-<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
-
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -5769,6 +5736,39 @@ Filed under: [Debian][12] [English][13] [SUSE][14] [Weblate][15]
    [15]: <https://blog.cihar.com/archives/weblate/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p><a href="http://weblate.org/hosting/">Hosted Weblate</a> provides also free hosting for free software projects. The hosting requests queue has grown too long, so it's time to process it and include new project.</p>
+<p>This time, the newly hosted projects include:</p>
+<ul>
+<li><a href="https://hosted.weblate.org/projects/hunspell/translations/">Hunspell</a> - famous spell checker</li>
+<li><a href="https://hosted.weblate.org/projects/eolie/eolie/">Eolie</a> - a web browser for GNOME</li>
+<li><a href="https://hosted.weblate.org/projects/skytube/">SkyTube</a> - an open-source YouTube app for Android</li>
+<li><a href="https://hosted.weblate.org/projects/eventum/translations/">Eventum</a> - issue tracking system</li>
+</ul>
+<p>Additionally there were some notable additions to existing projects:</p>
+<ul>
+<li><a href="https://hosted.weblate.org/projects/pext/pext_module_pass/">Password management module for Pext</a></li>
+<li><a href="https://hosted.weblate.org/projects/minetest/mod-hopper/">Minetest Mod Hopper</a></li>
+<li><a href="https://hosted.weblate.org/projects/ayatana-indicators/">Ayatana Indicators</a> now include several new applets</li>
+</ul>
+<p>If you want to support this effort, please <a href="https://weblate.org/donate/">donate to Weblate</a>, especially recurring donations are welcome to make this service alive. You can do that easily on <a href="https://liberapay.com/Weblate/">Liberapay</a> or <a href="https://salt.bountysource.com/teams/weblate">Bountysource</a>.</p>
+
+<p style="font-size: smaller;">
+Filed under: 
+
+<a href="https://blog.cihar.com/archives/debian/">Debian</a>
+
+<a href="https://blog.cihar.com/archives/english/">English</a>
+
+<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
+
+<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
+
+</p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 10 22:00:40 2017
@@ -5779,66 +5779,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Carl Chenet: The Slack Threat
 Message-ID: https-carlchenet-com-p-5230
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://carlchenet.com/the-slack-threat/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<p>During a long era, electronic mail was the main communication tool for enterprises. <a href="https://slack.com/">Slack</a>, which offer public or private group discussion boards and instant messaging between two people, challenge its position, especially in the IT industry.</p>
-<p>Not only Slack has features known and used since <a href="https://en.wikipedia.org/wiki/Internet_Relay_Chat">IRC launch</a> in the late ’80s, but Slack also offers file sending and sharing, code quoting, and it indexing for ulterior searches everything that goes through the application. Slack is also modular with numerous plug-in to easily add new features.</p>
-<p><a href="https://slack.com"><img alt="" class="aligncenter wp-image-4374 size-medium" height="86" src="https://carlchenet.com/wp-content/uploads/2016/10/slack-logo-300x86.png" width="300" /></a></p>
-<p>Using the Software-As-A-Service (SAAS) model, Slack basic version is free, and users pay for options. Slack is now considered by the Github generation like the new main enterprise communication tool.</p>
-<p>As I did in my previous article on <a href="https://carlchenet.com/the-github-threat/">the Github threat</a>, this one won’t promote Slask’s advantages, as many other articles have already covered all these points ad nauseam, but to show the other side and to warn the companies using this service about its inherent risks. So far, these risks have been ignored, sometimes voluntary in the name of the “It works<span style="font-family: Liberation Serif,serif;">™”</span> ideology. Neglecting all economic and safety consideration, neglecting all threat to privacy and individual freedom. We’ll see about them below.</p>
-<div class="wp-caption aligncenter" id="attachment_3361" style="width: 310px;"><a href="https://github.com"><img alt="" class="wp-image-3361 size-medium" height="133" src="https://carlchenet.com/wp-content/uploads/2016/01/github-logo-300x133.png" width="300" /></a><p class="wp-caption-text">Github, a software forge as a SAAS, with all the advantage but also all the risk of its economic model</p></div>
-<p><b>All your company communication since its creation</b></p>
-<p>When a start-up chooses Slack, all of its internal communication will be stored by Slack. When someone uses this service, the simple fact to chat through it means that the whole communication is archived.</p>
-<p>One may point that within the basic Slack offer, only the last 10.000 messages can be read and searched. Bad argument. Slack stored every message and every file shared as it pleases. We’ll see below this application behavior is of capital importance in the Slack threat to enterprises.</p>
-<p>And the problem is the same for all other companies which choose Slack at one point or another. If they replace their traditional communication method with it, Slack will have access to capital data, not only in volume, but also because of their value for the company itself… Or anyone interested in this company life.</p>
-<p><b>Search Your Entire Archive</b></p>
-<p>One of the main arguments to use Slack is its “Search your entire archive” feature. One can search almost anything one can think of. Why? Because everything is indexed. Your team chat archive or the more or less confidential documents exchanged with the accountant department; everything is in it in order to provide the most effective search tool.</p>
-<div class="wp-caption aligncenter" id="attachment_5242" style="width: 531px;"><img alt="" class="wp-image-5242 size-full" height="65" src="https://carlchenet.com/wp-content/uploads/2017/10/slack-bar.png" width="521" /><p class="wp-caption-text">The search bar, well-known by Slack users</p></div>
-<p>We can’t deny it’s a very attractive feature for everyone inside the company. But it is also a very attractive feature for everyone outside of the company who would want to know more about its internal life. Even more if you’re looking for a specific subject.</p>
-<p>If Slack is the main communication tool of your company, and if as I’ve experienced in my professional life, some teams prefer to use it than to go to the office next door or even bug you to put the information on the dedicated channel, one can easily deduce that nothing—in this type of company—escape Slack. The automatic indexation and the search feature efficiency are excellent tools to get all the information needed, in quantity and in quality.</p>
-<p>As such, it’s a great social engineering tool for everyone who has access to it, with a history as old as the use of Slack as a communication tool in the company.</p>
-<p><b>Across borders… And Beyond!</b></p>
-<p>Slack is a Web service which uses mainly <a href="https://aws.amazon.com/fr/">Amazon Web services</a> and most specially <a href="https://aws.amazon.com/fr/cloudfront/">Cloudfront</a>, as stated by the available information on Slack infrastructure.</p>
-<p>Even without a complete study of said infrastructure, it’s easy to state that all the data regarding many innovative global companies around the world (and some of them including for all their internal communication since their creation) are located in the United States, or at least in the hands of a US company, which must follow US laws, a country with a well-known history of large scale industrial espionage, as the whistleblower <a href="https://en.wikipedia.org/wiki/Edward_Snowden">Edward Snowden</a> demonstrated it in 2013 and where company data access has no restriction under <a href="https://en.wikipedia.org/wiki/Patriot_Act">the Patriot Act</a>, as in the Microsoft case (2014) where data stored in Ireland by the Redmond software editor have been given to US authorities.</p>
-<div class="wp-caption aligncenter" id="attachment_4395" style="width: 259px;"><img alt="" class="wp-image-4395 size-medium" height="300" src="https://carlchenet.com/wp-content/uploads/2016/10/snowden-249x300.jpg" width="249" /><p class="wp-caption-text">Edward Snowden, an individual—and corporate—freedom fighter</p></div>
-<p>As such, Slack’s automatic indexation and search tool are a boon for anyone—spy agency or hacker—which get authorized access to it.</p>
-<p>To trust a third party with all, or at least most of, your internal corporate communication is a certain risk for your company if the said third party doesn’t follow the same regulations as yours or if it has different interests, from a data security point of view or more globally on its competitiveness. A badly timed data leak can be catastrophic.</p>
-<p>What’s the point of secretly preparing a new product launch or an aggressive takeover if all your recent Slack conversations have leaked, including your secret plans?</p>
-<p><b>What if… Slack is hacked? </b></p>
-<p>First let’s remember that even if a cyber attack may appear as a rare or hypothetical scenario to a badly informed and hurried manager, it is far from being as rare as she or he believes it (or wants to believe it).</p>
-<p>Infrastructure hacking is quite common, as a regular visit to <a href="https://news.ycombinator.com/">Hacker News</a> will give you multiple evidence. And Slack itself has already been hacked.</p>
-<p>February 2015: Slack is the victim during four days of a cyber attack, which was made public by the company in March. Officially, the unauthorized access was limited to information on the users’ profiles. It is impossible to measure exactly what and who was impacted by this attack. In a recent announcement, Yahoo confessed that these 3 billion accounts (you’ve read well: 3 billions) were compromised … late 2014!</p>
-<div class="wp-caption aligncenter" id="attachment_4387" style="width: 310px;"><a href="https://yahoo.com"><img alt="" class="size-medium wp-image-4387" height="70" src="https://carlchenet.com/wp-content/uploads/2016/10/Yahoo-logo-300x70.png" width="300" /></a><p class="wp-caption-text">Yahoo, the company which suffered the largest recorded cyberattack regarding the compromised account numbers</p></div>
-<p>Officially, Slack stated that “No financial or payment information was accessed or compromised in this attack.” Which is, and by far, the least interesting of all data stored within Slack! With company internal communication indexed—sometimes from the very beginning of said company—and searchable, Slack may be a potential target for cybercriminal not looking for its users’ financial credentials but more their internal data already in a usable format. One can imagine Slack must give information on a massive data leak, which can’t be ignored. But what would happen if only one Slack user is the victim of said leak?</p>
-<p><b>The Free A</b><b>lternative Solutions</b></p>
-<p>As we demonstrated above, companies need to find an alternative solution to Slack, one they can host themselves to reduce data leaks and industrial espionage and dependency on the Internet connection. Luckily, Slack success created its own copycats, some of them being also free software.</p>
-<p><a href="https://rocket.chat/">Rocket.chat</a> is one of them. Its comprehensive service offers chat rooms, direct messages and file sharing but also videoconferencing and screen sharing, and even most features. Check their <a href="https://rocket.chat/features">dedicated page</a>. You can also try an <a href="https://demo.rocket.chat/home">online demo</a>. And even more, Rocket Chat has a very simple extension system and an API.</p>
-<p><a href="https://rocket.chat"><img alt="" class="aligncenter wp-image-4380 size-medium" height="85" src="https://carlchenet.com/wp-content/uploads/2016/10/rocket-chat-logo-300x85.png" width="300" /></a></p>
-<p><a href="https://about.mattermost.com/">Mattermost</a> is another service which has the advantages of proximity and of compatibility with Slack. It offers <a href="https://about.mattermost.com/features/">numerous features</a> including the main expected by this type of software. It also offers <a href="https://about.mattermost.com/community-applications/#privateApps">numerous apps and plug-in</a>s to interact with online services, software forges, and continuous integration tools.</p>
-<p><a href="https://mattermost.org"><img alt="" class="aligncenter size-medium wp-image-4381" height="48" src="https://carlchenet.com/wp-content/uploads/2016/10/mattermost-logo-300x48.png" width="300" /></a></p>
-<p><b>It works</b><span style="font-family: Liberation Serif,serif;">™</span></p>
-<p>In the introduction, we discussed the “It works<span style="font-family: Liberation Serif,serif;">™” </span>effect, usually invoked to dispel any arguments about data protection and exchange confidentiality we discussed in this article. True, one single developer can ask: why worry about it? All I want is to chat with my colleagues and send files!</p>
-<p>Because Slack service subscription in the long term put the company continuously at risk. Maybe it’s not the employees’ place to worry about it, they just have to do their job the more efficiently possible. On the other side, the company management, usually non-technical, may not be aware of what risks will threaten their company with this technical choice. The technical management may pretend to be omniscient, nobody is fooled.</p>
-<p>Either someone from the direction will ask the right question (where are our data and who can access them?) or someone from the technical side alert them officially on these problems. This is this technical audience, even if not always heard by their direction, which is the target of this article. May they find in it the right arguments to be convincing.</p>
-<p>We hope that the several points we developed in this article will help you to make the right choice.</p>
-<h2>About Me</h2>
-<p>Carl Chenet, Free Software Indie Hacker, founder of the French-speaking Hacker News-like <a href="https://www.journalduhacker.net">Journal du hacker</a>.</p>
-<h2>Follow me on social networks</h2>
-<ul>
-<li>My Mastodon account : <a href="https://mastodon.social/@carlchenet">@carlchenet</a></li>
-<li>My Diaspora* account : <a href="https://framasphere.org/u/carlchenet">@carlchenet</a></li>
-<li>My Twitter account : <a href="https://twitter.com/carl_chenet">@carl_chenet</a></li>
-</ul>
-<p>Translated from French by <a href="https://www.outrelivres.fr/me-contacter/">Stéphanie Chaptal</a>. <a href="https://carlchenet.com/le-danger-slack/">Original article</a> written in October 2016.</p>
-<p> </p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -6083,6 +6028,61 @@ written in October 2016.
    [25]: <https://carlchenet.com/le-danger-slack/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<p>During a long era, electronic mail was the main communication tool for enterprises. <a href="https://slack.com/">Slack</a>, which offer public or private group discussion boards and instant messaging between two people, challenge its position, especially in the IT industry.</p>
+<p>Not only Slack has features known and used since <a href="https://en.wikipedia.org/wiki/Internet_Relay_Chat">IRC launch</a> in the late ’80s, but Slack also offers file sending and sharing, code quoting, and it indexing for ulterior searches everything that goes through the application. Slack is also modular with numerous plug-in to easily add new features.</p>
+<p><a href="https://slack.com"><img alt="" class="aligncenter wp-image-4374 size-medium" height="86" src="https://carlchenet.com/wp-content/uploads/2016/10/slack-logo-300x86.png" width="300" /></a></p>
+<p>Using the Software-As-A-Service (SAAS) model, Slack basic version is free, and users pay for options. Slack is now considered by the Github generation like the new main enterprise communication tool.</p>
+<p>As I did in my previous article on <a href="https://carlchenet.com/the-github-threat/">the Github threat</a>, this one won’t promote Slask’s advantages, as many other articles have already covered all these points ad nauseam, but to show the other side and to warn the companies using this service about its inherent risks. So far, these risks have been ignored, sometimes voluntary in the name of the “It works<span style="font-family: Liberation Serif,serif;">™”</span> ideology. Neglecting all economic and safety consideration, neglecting all threat to privacy and individual freedom. We’ll see about them below.</p>
+<div class="wp-caption aligncenter" id="attachment_3361" style="width: 310px;"><a href="https://github.com"><img alt="" class="wp-image-3361 size-medium" height="133" src="https://carlchenet.com/wp-content/uploads/2016/01/github-logo-300x133.png" width="300" /></a><p class="wp-caption-text">Github, a software forge as a SAAS, with all the advantage but also all the risk of its economic model</p></div>
+<p><b>All your company communication since its creation</b></p>
+<p>When a start-up chooses Slack, all of its internal communication will be stored by Slack. When someone uses this service, the simple fact to chat through it means that the whole communication is archived.</p>
+<p>One may point that within the basic Slack offer, only the last 10.000 messages can be read and searched. Bad argument. Slack stored every message and every file shared as it pleases. We’ll see below this application behavior is of capital importance in the Slack threat to enterprises.</p>
+<p>And the problem is the same for all other companies which choose Slack at one point or another. If they replace their traditional communication method with it, Slack will have access to capital data, not only in volume, but also because of their value for the company itself… Or anyone interested in this company life.</p>
+<p><b>Search Your Entire Archive</b></p>
+<p>One of the main arguments to use Slack is its “Search your entire archive” feature. One can search almost anything one can think of. Why? Because everything is indexed. Your team chat archive or the more or less confidential documents exchanged with the accountant department; everything is in it in order to provide the most effective search tool.</p>
+<div class="wp-caption aligncenter" id="attachment_5242" style="width: 531px;"><img alt="" class="wp-image-5242 size-full" height="65" src="https://carlchenet.com/wp-content/uploads/2017/10/slack-bar.png" width="521" /><p class="wp-caption-text">The search bar, well-known by Slack users</p></div>
+<p>We can’t deny it’s a very attractive feature for everyone inside the company. But it is also a very attractive feature for everyone outside of the company who would want to know more about its internal life. Even more if you’re looking for a specific subject.</p>
+<p>If Slack is the main communication tool of your company, and if as I’ve experienced in my professional life, some teams prefer to use it than to go to the office next door or even bug you to put the information on the dedicated channel, one can easily deduce that nothing—in this type of company—escape Slack. The automatic indexation and the search feature efficiency are excellent tools to get all the information needed, in quantity and in quality.</p>
+<p>As such, it’s a great social engineering tool for everyone who has access to it, with a history as old as the use of Slack as a communication tool in the company.</p>
+<p><b>Across borders… And Beyond!</b></p>
+<p>Slack is a Web service which uses mainly <a href="https://aws.amazon.com/fr/">Amazon Web services</a> and most specially <a href="https://aws.amazon.com/fr/cloudfront/">Cloudfront</a>, as stated by the available information on Slack infrastructure.</p>
+<p>Even without a complete study of said infrastructure, it’s easy to state that all the data regarding many innovative global companies around the world (and some of them including for all their internal communication since their creation) are located in the United States, or at least in the hands of a US company, which must follow US laws, a country with a well-known history of large scale industrial espionage, as the whistleblower <a href="https://en.wikipedia.org/wiki/Edward_Snowden">Edward Snowden</a> demonstrated it in 2013 and where company data access has no restriction under <a href="https://en.wikipedia.org/wiki/Patriot_Act">the Patriot Act</a>, as in the Microsoft case (2014) where data stored in Ireland by the Redmond software editor have been given to US authorities.</p>
+<div class="wp-caption aligncenter" id="attachment_4395" style="width: 259px;"><img alt="" class="wp-image-4395 size-medium" height="300" src="https://carlchenet.com/wp-content/uploads/2016/10/snowden-249x300.jpg" width="249" /><p class="wp-caption-text">Edward Snowden, an individual—and corporate—freedom fighter</p></div>
+<p>As such, Slack’s automatic indexation and search tool are a boon for anyone—spy agency or hacker—which get authorized access to it.</p>
+<p>To trust a third party with all, or at least most of, your internal corporate communication is a certain risk for your company if the said third party doesn’t follow the same regulations as yours or if it has different interests, from a data security point of view or more globally on its competitiveness. A badly timed data leak can be catastrophic.</p>
+<p>What’s the point of secretly preparing a new product launch or an aggressive takeover if all your recent Slack conversations have leaked, including your secret plans?</p>
+<p><b>What if… Slack is hacked? </b></p>
+<p>First let’s remember that even if a cyber attack may appear as a rare or hypothetical scenario to a badly informed and hurried manager, it is far from being as rare as she or he believes it (or wants to believe it).</p>
+<p>Infrastructure hacking is quite common, as a regular visit to <a href="https://news.ycombinator.com/">Hacker News</a> will give you multiple evidence. And Slack itself has already been hacked.</p>
+<p>February 2015: Slack is the victim during four days of a cyber attack, which was made public by the company in March. Officially, the unauthorized access was limited to information on the users’ profiles. It is impossible to measure exactly what and who was impacted by this attack. In a recent announcement, Yahoo confessed that these 3 billion accounts (you’ve read well: 3 billions) were compromised … late 2014!</p>
+<div class="wp-caption aligncenter" id="attachment_4387" style="width: 310px;"><a href="https://yahoo.com"><img alt="" class="size-medium wp-image-4387" height="70" src="https://carlchenet.com/wp-content/uploads/2016/10/Yahoo-logo-300x70.png" width="300" /></a><p class="wp-caption-text">Yahoo, the company which suffered the largest recorded cyberattack regarding the compromised account numbers</p></div>
+<p>Officially, Slack stated that “No financial or payment information was accessed or compromised in this attack.” Which is, and by far, the least interesting of all data stored within Slack! With company internal communication indexed—sometimes from the very beginning of said company—and searchable, Slack may be a potential target for cybercriminal not looking for its users’ financial credentials but more their internal data already in a usable format. One can imagine Slack must give information on a massive data leak, which can’t be ignored. But what would happen if only one Slack user is the victim of said leak?</p>
+<p><b>The Free A</b><b>lternative Solutions</b></p>
+<p>As we demonstrated above, companies need to find an alternative solution to Slack, one they can host themselves to reduce data leaks and industrial espionage and dependency on the Internet connection. Luckily, Slack success created its own copycats, some of them being also free software.</p>
+<p><a href="https://rocket.chat/">Rocket.chat</a> is one of them. Its comprehensive service offers chat rooms, direct messages and file sharing but also videoconferencing and screen sharing, and even most features. Check their <a href="https://rocket.chat/features">dedicated page</a>. You can also try an <a href="https://demo.rocket.chat/home">online demo</a>. And even more, Rocket Chat has a very simple extension system and an API.</p>
+<p><a href="https://rocket.chat"><img alt="" class="aligncenter wp-image-4380 size-medium" height="85" src="https://carlchenet.com/wp-content/uploads/2016/10/rocket-chat-logo-300x85.png" width="300" /></a></p>
+<p><a href="https://about.mattermost.com/">Mattermost</a> is another service which has the advantages of proximity and of compatibility with Slack. It offers <a href="https://about.mattermost.com/features/">numerous features</a> including the main expected by this type of software. It also offers <a href="https://about.mattermost.com/community-applications/#privateApps">numerous apps and plug-in</a>s to interact with online services, software forges, and continuous integration tools.</p>
+<p><a href="https://mattermost.org"><img alt="" class="aligncenter size-medium wp-image-4381" height="48" src="https://carlchenet.com/wp-content/uploads/2016/10/mattermost-logo-300x48.png" width="300" /></a></p>
+<p><b>It works</b><span style="font-family: Liberation Serif,serif;">™</span></p>
+<p>In the introduction, we discussed the “It works<span style="font-family: Liberation Serif,serif;">™” </span>effect, usually invoked to dispel any arguments about data protection and exchange confidentiality we discussed in this article. True, one single developer can ask: why worry about it? All I want is to chat with my colleagues and send files!</p>
+<p>Because Slack service subscription in the long term put the company continuously at risk. Maybe it’s not the employees’ place to worry about it, they just have to do their job the more efficiently possible. On the other side, the company management, usually non-technical, may not be aware of what risks will threaten their company with this technical choice. The technical management may pretend to be omniscient, nobody is fooled.</p>
+<p>Either someone from the direction will ask the right question (where are our data and who can access them?) or someone from the technical side alert them officially on these problems. This is this technical audience, even if not always heard by their direction, which is the target of this article. May they find in it the right arguments to be convincing.</p>
+<p>We hope that the several points we developed in this article will help you to make the right choice.</p>
+<h2>About Me</h2>
+<p>Carl Chenet, Free Software Indie Hacker, founder of the French-speaking Hacker News-like <a href="https://www.journalduhacker.net">Journal du hacker</a>.</p>
+<h2>Follow me on social networks</h2>
+<ul>
+<li>My Mastodon account : <a href="https://mastodon.social/@carlchenet">@carlchenet</a></li>
+<li>My Diaspora* account : <a href="https://framasphere.org/u/carlchenet">@carlchenet</a></li>
+<li>My Twitter account : <a href="https://twitter.com/carl_chenet">@carl_chenet</a></li>
+</ul>
+<p>Translated from French by <a href="https://www.outrelivres.fr/me-contacter/">Stéphanie Chaptal</a>. <a href="https://carlchenet.com/le-danger-slack/">Original article</a> written in October 2016.</p>
+<p> </p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 10 20:44:37 2017
@@ -6093,11 +6093,81 @@ To: to@example.com
 From: Yves-Alexis <corsac@debian.org>
 Subject: Yves-Alexis Perez: OpenPGP smartcard transition (part 1)
 Message-ID: http-www-corsac-net-rub-blog-post-1588
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.corsac.net/?rub=blog&post=1588
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+http://www.corsac.net/?rub=blog&post=1588
+
+A [long time ago][1], I switched my GnuPG setup to a smartcard based one. I
+kept using the same master key, but:
+
+   [1]: <https://www.corsac.net/../index.php?rub=blog&post=1548>
+
+  * copied the rsa4096 master key to a “master” smartcard, for when I need to sign (certify) other keys;
+  * created rsa2048 subkeys (for signature, encryption and authentication) and moved them to an OpenPGP smartcard for daily usage.
+
+I've been working with that setup for a few years now and it is working
+perfectly fine. The signature counter on the OpenPGP basic card is a bit north
+of 5000 which is large but not that huge, all considered (and not counting
+authentication and decryption key usage).  
+  
+One very nice feature of using a smartcard is that my laptop (or other
+machines I work on) never manipulates the private key directly but only sends
+request to the card, which is a really huge improvement, in my opinion. But
+it's also not the perfect solution for me: the [OpenPGP card][2] uses a
+proprietary platform from [ZeitControl][3], named [BasicCard][4]. We have very
+few information on the smartcard, besides the fact that Werner Koch trust
+ZeistControl to not mess up. One caveat for me is that the card does not use a
+certified secure microcontroler like you would find in smartcard chips found
+in debit card or electronic IDs. That means it's not really been audited by a
+competent hardware lab, and thus can't be considered secure against physical
+attacks. The cardOS software and the application implementing the OpenPGP
+specification are not public either and have not been audited either, to the
+best of my knowledge.  
+  
+At one point I was interested in the [Yubikey Neo][5], especially since the
+architecture Yubico used was common: a (supposedly) certified platform (secure
+microcontroler, card OS) and a GlobalPlatform / JavaCard virtual machine. The
+applet used in the Yubikey Neo is [open-source][6], too, so you could take a
+look at it and identify any issue.  
+  
+Unfortunately, Yubico [transitioned][7] to a less common and more proprietary infrastructure for [Yubikey 4][8]: it's not longer Javacard based, and they don't provide the applet source anymore. This was not really seen as a good move by a lot of people, including [Konstantin Ryabitsev][9] (kernel.org administrator). Also, it wasn't possible even for the Yubico Neo to actually build the applet yourself and inject it on the card: when the Yubikey leaves the facility, the applet is already installed and the smartcard is locked (for obvious security reason). I've tried asking about getting naked/empty Yubikey with developers keys to load the applet myself, but it' was apparently not possible or would have required signing an NDA with NXP (the chip maker), which is not really possible as an individual (not that I really want to anyway).  
+  
+In the meantime, a coworker actually wrote an OpenPGP javacard applet, with the intention to support latest version of the [ OpenPGP specification][10], and especially elliptic curve cryptography. The applet is called SmartPGP and has been [released][11] on ANSSI github repository. I investigated a bit, and found a [ smartcard][12] with correct [ specification][13]: certified (in [ France][14] or Germany), and supporting Javacard 3.0.4 (required for ECC). The card can do RSA2048 (unfortunately not RSA4096) and EC with NIST (secp256r1, secp384r1, secp521r1) and Brainpool (P256, P384, P512) curves.  
+  
+I've ordered some cards, and when they arrived started playing. I've built the
+SmartPGP applet and pushed it to a smartcard, then generated some keys and
+tried with GnuPG. I'm right now in the process of migrating to a new smartcard
+based on that setup, which seems to work just fine after few days.  
+  
+Part two of this serie will describe how to build the applet and inject it in
+the smartcard. The process is already documented here and there, but there are
+few things not to forget, like how to lock the card after provisionning, so I
+guess having the complete process somewhere might be useful in case some
+people want to reproduce it.
+
+   [2]: <https://g10code.com/p-card.html>
+   [3]: <http://www.zeitcontrol.de/en>
+   [4]: <http://basiccard.com/>
+   [5]: <https://www.yubico.com/products/yubikey-hardware/yubikey-neo/>
+   [6]: <https://github.com/Yubico/ykneo-openpgp>
+   [7]: <https://www.yubico.com/2016/05/secure-hardware-vs-open-source/>
+   [8]: <https://www.yubico.com/products/yubikey-hardware/yubikey4/>
+   [9]: <https://plus.google.com/+KonstantinRyabitsev/posts/fjgYKfPMF13>
+   [10]: <https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.3.pdf>
+   [11]: <https://github.com/anssi-fr/smartpgp>
+   [12]: <https://secure.smartcardsource.com/slj52gdl150cl-java-smart-card.html>
+   [13]: <https://secure.smartcardsource.com/images/filemanager/uploads/infineon-jtop_id_on_sle78.pdf>
+   [14]: <https://www.ssi.gouv.fr/administration/certification_cc/plateforme-jtop-infv46-masquee-sur-composants-infineon-sle78clx1600pm-sle78clx800p-et-sle78clx360pm/>
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
@@ -6182,76 +6252,6 @@ and there, but there are few things not to forget, like how to lock
 the card after provisionning, so I guess having the complete
 process somewhere might be useful in case some people want to
 reproduce it.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-http://www.corsac.net/?rub=blog&post=1588
-
-A [long time ago][1], I switched my GnuPG setup to a smartcard based one. I
-kept using the same master key, but:
-
-   [1]: <https://www.corsac.net/../index.php?rub=blog&post=1548>
-
-  * copied the rsa4096 master key to a “master” smartcard, for when I need to sign (certify) other keys;
-  * created rsa2048 subkeys (for signature, encryption and authentication) and moved them to an OpenPGP smartcard for daily usage.
-
-I've been working with that setup for a few years now and it is working
-perfectly fine. The signature counter on the OpenPGP basic card is a bit north
-of 5000 which is large but not that huge, all considered (and not counting
-authentication and decryption key usage).  
-  
-One very nice feature of using a smartcard is that my laptop (or other
-machines I work on) never manipulates the private key directly but only sends
-request to the card, which is a really huge improvement, in my opinion. But
-it's also not the perfect solution for me: the [OpenPGP card][2] uses a
-proprietary platform from [ZeitControl][3], named [BasicCard][4]. We have very
-few information on the smartcard, besides the fact that Werner Koch trust
-ZeistControl to not mess up. One caveat for me is that the card does not use a
-certified secure microcontroler like you would find in smartcard chips found
-in debit card or electronic IDs. That means it's not really been audited by a
-competent hardware lab, and thus can't be considered secure against physical
-attacks. The cardOS software and the application implementing the OpenPGP
-specification are not public either and have not been audited either, to the
-best of my knowledge.  
-  
-At one point I was interested in the [Yubikey Neo][5], especially since the
-architecture Yubico used was common: a (supposedly) certified platform (secure
-microcontroler, card OS) and a GlobalPlatform / JavaCard virtual machine. The
-applet used in the Yubikey Neo is [open-source][6], too, so you could take a
-look at it and identify any issue.  
-  
-Unfortunately, Yubico [transitioned][7] to a less common and more proprietary infrastructure for [Yubikey 4][8]: it's not longer Javacard based, and they don't provide the applet source anymore. This was not really seen as a good move by a lot of people, including [Konstantin Ryabitsev][9] (kernel.org administrator). Also, it wasn't possible even for the Yubico Neo to actually build the applet yourself and inject it on the card: when the Yubikey leaves the facility, the applet is already installed and the smartcard is locked (for obvious security reason). I've tried asking about getting naked/empty Yubikey with developers keys to load the applet myself, but it' was apparently not possible or would have required signing an NDA with NXP (the chip maker), which is not really possible as an individual (not that I really want to anyway).  
-  
-In the meantime, a coworker actually wrote an OpenPGP javacard applet, with the intention to support latest version of the [ OpenPGP specification][10], and especially elliptic curve cryptography. The applet is called SmartPGP and has been [released][11] on ANSSI github repository. I investigated a bit, and found a [ smartcard][12] with correct [ specification][13]: certified (in [ France][14] or Germany), and supporting Javacard 3.0.4 (required for ECC). The card can do RSA2048 (unfortunately not RSA4096) and EC with NIST (secp256r1, secp384r1, secp521r1) and Brainpool (P256, P384, P512) curves.  
-  
-I've ordered some cards, and when they arrived started playing. I've built the
-SmartPGP applet and pushed it to a smartcard, then generated some keys and
-tried with GnuPG. I'm right now in the process of migrating to a new smartcard
-based on that setup, which seems to work just fine after few days.  
-  
-Part two of this serie will describe how to build the applet and inject it in
-the smartcard. The process is already documented here and there, but there are
-few things not to forget, like how to lock the card after provisionning, so I
-guess having the complete process somewhere might be useful in case some
-people want to reproduce it.
-
-   [2]: <https://g10code.com/p-card.html>
-   [3]: <http://www.zeitcontrol.de/en>
-   [4]: <http://basiccard.com/>
-   [5]: <https://www.yubico.com/products/yubikey-hardware/yubikey-neo/>
-   [6]: <https://github.com/Yubico/ykneo-openpgp>
-   [7]: <https://www.yubico.com/2016/05/secure-hardware-vs-open-source/>
-   [8]: <https://www.yubico.com/products/yubikey-hardware/yubikey4/>
-   [9]: <https://plus.google.com/+KonstantinRyabitsev/posts/fjgYKfPMF13>
-   [10]: <https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.3.pdf>
-   [11]: <https://github.com/anssi-fr/smartpgp>
-   [12]: <https://secure.smartcardsource.com/slj52gdl150cl-java-smart-card.html>
-   [13]: <https://secure.smartcardsource.com/images/filemanager/uploads/infineon-jtop_id_on_sle78.pdf>
-   [14]: <https://www.ssi.gouv.fr/administration/certification_cc/plateforme-jtop-infv46-masquee-sur-composants-infineon-sle78clx1600pm-sle78clx800p-et-sle78clx360pm/>
-
-
 --===============testboundary==--
 
 From planet-debian Tue Oct 10 18:45:37 2017
@@ -6262,34 +6262,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Michal &#268;iha&#345;: Better access control in Weblate
 Message-ID: https-blog-cihar-com-archives-2017-10-09-better-access-control-weblate-utm_source-rss2
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.cihar.com/archives/2017/10/09/better-access-control-weblate/?utm_source=rss2
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>Upcoming <a href="https://weblate.org/">Weblate 2.17</a> will bring improved access control settings. Previously this could be controlled only by server admins, but now the project visibility and access presets can be configured. </p>
-<p>This allows you to better tweak access control for your needs. There is additional choice of making the project public, but restricting translations, what has been requested by several projects.</p>
-<p>You can see the possible choices on the UI screenshot:</p>
-<p><img alt="Weblate overall experience" src="https://blog.cihar.com/images/blog/2017/weblate-access.png" /></p>
-<p>On <a href="https://weblate.org/hosting/">Hosted Weblate</a> this feature is currently available only to commercial hosting customers. Projects hosted for free are limited to public visibility only.</p>
-
-<p style="font-size: smaller;">
-Filed under: 
-
-<a href="https://blog.cihar.com/archives/debian/">Debian</a>
-
-<a href="https://blog.cihar.com/archives/english/">English</a>
-
-<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
-
-<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
-
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -6319,94 +6296,50 @@ only.
 
 Filed under: [Debian][3] [English][4] [SUSE][5] [Weblate][6]
 
-   [3]: <https://blog.cihar.com/archives/debian/>
-   [4]: <https://blog.cihar.com/archives/english/>
-   [5]: <https://blog.cihar.com/archives/suse/>
-   [6]: <https://blog.cihar.com/archives/weblate/>
-
-
---===============testboundary==--
-
-From planet-debian Tue Oct 10 18:00:00 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Tue, 10 Oct 2017 18:00:00 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Iain R. Learmonth: Automatic Updates
-Message-ID: https-iain-learmonth-me-blog-2017-2017w412
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://iain.learmonth.me/blog/2017/2017w412/
-
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <blockquote class="twitter-tweet"><p dir="ltr" lang="en">The <a href="https://twitter.com/TorAtlas?ref_src=twsrc%5Etfw">@TorAtlas</a> web application will now also prompt operators to update their relays if they are outdated. <a href="https://t.co/HMixwqbBKM">pic.twitter.com/HMixwqbBKM</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/917212905782865921?ref_src=twsrc%5Etfw">October 9, 2017</a></blockquote>
-
-
-<p>We have instructions for <a href="https://www.torproject.org/docs/tor-relay-debian.html.en">setting up new Tor relays on
-Debian</a>. The only
-time the word “upgrade” is mentioned here is:</p>
-
-<blockquote class="blockquote" style="padding-left: 10px; border-left: solid 3px;">Be sure to set your ContactInfo line so we can contact you if you need to upgrade or something goes wrong.</blockquote>
-
-<p>This isn’t great. We should have some decent instructions for keeping your
-relay up to date too. I’ve been compiling a set of documentation for enabling
-automatic updates on various Linux distributions, here’s a taste of what I have
-so far:</p>
-
-<hr />
-
-<h2 id="debian">Debian</h2>
-
-<p>Make sure that unattended-upgrades is installed and then enable the installation of updates (as root):</p>
-<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>apt install unattended-upgrades
-dpkg-reconfigure -plow unattended-upgrades
-</pre></div>
-
-<h2 id="fedora-22-or-later">Fedora 22 or later</h2>
-
-<p>Beginning with Fedora 22, you can enable automatic updates via:</p>
-<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>dnf install dnf-automatic
-</pre></div>
+   [3]: <https://blog.cihar.com/archives/debian/>
+   [4]: <https://blog.cihar.com/archives/english/>
+   [5]: <https://blog.cihar.com/archives/suse/>
+   [6]: <https://blog.cihar.com/archives/weblate/>
 
-<p>In <code>/etc/dnf/automatic.conf</code> set:</p>
 
-<pre><code>apply_updates = yes
-</code></pre>
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
 
-<p>Now enable and start automatic updates via:</p>
-<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>systemctl <span style="color: #007020;">enable</span> dnf-automatic.timer
-systemctl start dnf-automatic.timer
-</pre></div>
+<img src="http://planet.debian.org/heads/nijel.png" width="64" height="67" alt="" align="right" style="float: right;">  <p>Upcoming <a href="https://weblate.org/">Weblate 2.17</a> will bring improved access control settings. Previously this could be controlled only by server admins, but now the project visibility and access presets can be configured. </p>
+<p>This allows you to better tweak access control for your needs. There is additional choice of making the project public, but restricting translations, what has been requested by several projects.</p>
+<p>You can see the possible choices on the UI screenshot:</p>
+<p><img alt="Weblate overall experience" src="https://blog.cihar.com/images/blog/2017/weblate-access.png" /></p>
+<p>On <a href="https://weblate.org/hosting/">Hosted Weblate</a> this feature is currently available only to commercial hosting customers. Projects hosted for free are limited to public visibility only.</p>
 
-<p>(Thanks to <a href="http://www.enricozini.org/">Enrico Zini</a> I know all about these <a href="http://www.enricozini.org/blog/2017/debian/systemd-06-timers">timer units in systemd</a> now.)</p>
+<p style="font-size: smaller;">
+Filed under: 
 
-<h2 id="rhel-or-centos">RHEL or CentOS</h2>
+<a href="https://blog.cihar.com/archives/debian/">Debian</a>
 
-<p>For CentOS, RHEL, and older versions of Fedora, the yum-cron package is the preferred approach:</p>
-<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>yum install yum-cron
-</pre></div>
+<a href="https://blog.cihar.com/archives/english/">English</a>
 
-<p>In <code>/etc/yum/yum-cron.conf</code> set:</p>
+<a href="https://blog.cihar.com/archives/suse/">SUSE</a>
 
-<pre><code>apply_updates = yes
-</code></pre>
+<a href="https://blog.cihar.com/archives/weblate/">Weblate</a>
 
-<p>Enable and start automatic updates via:</p>
-<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>systemctl start yum-cron.service
-</pre></div>
+</p>
+--===============testboundary==--
 
-<hr />
+From planet-debian Tue Oct 10 18:00:00 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Tue, 10 Oct 2017 18:00:00 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Iain R. Learmonth: Automatic Updates
+Message-ID: https-iain-learmonth-me-blog-2017-2017w412
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://iain.learmonth.me/blog/2017/2017w412/
 
-<p>I’d like to collect together instructions also for other distributions (and
-*BSD and Mac OS). Atlas knows which platform a relay is running on, so there
-could be a link in the future to some platform specific instructions on how to
-keep your relay up to date.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -6514,105 +6447,88 @@ could be a link in the future to some platform specific instructions on how to
 keep your relay up to date.
 
 
---===============testboundary==--
-
-From planet-debian Tue Oct 10 16:07:53 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Tue, 10 Oct 2017 16:07:53 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Jamie McClelland: Docker in Debian
-Message-ID: http-current-workingdirectory-net-posts-2017-docker-in-debian
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: http://current.workingdirectory.net/posts/2017/docker-in-debian/
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
+Content-Transfer-Encoding: 8bit
 
-<p>It's not easy getting Docker to work in Debian.</p>
+<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <blockquote class="twitter-tweet"><p dir="ltr" lang="en">The <a href="https://twitter.com/TorAtlas?ref_src=twsrc%5Etfw">@TorAtlas</a> web application will now also prompt operators to update their relays if they are outdated. <a href="https://t.co/HMixwqbBKM">pic.twitter.com/HMixwqbBKM</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/917212905782865921?ref_src=twsrc%5Etfw">October 9, 2017</a></blockquote>
 
-<p>It's not in stable at all:</p>
 
-<pre><code>0 jamie@turkey:~$ rmadison docker.io
-docker.io  | 1.6.2~dfsg1-1~bpo8+1 | jessie-backports | source, amd64, armel, armhf, i386
-docker.io  | 1.11.2~ds1-5         | unstable         | source, arm64
-docker.io  | 1.11.2~ds1-5         | unstable-debug   | source
-docker.io  | 1.11.2~ds1-6         | unstable         | source, armel, armhf, i386, ppc64el
-docker.io  | 1.11.2~ds1-6         | unstable-debug   | source
-docker.io  | 1.13.1~ds1-2         | unstable         | source, amd64
-docker.io  | 1.13.1~ds1-2         | unstable-debug   | source
-0 jamie@turkey:~$ 
-</code></pre>
+<p>We have instructions for <a href="https://www.torproject.org/docs/tor-relay-debian.html.en">setting up new Tor relays on
+Debian</a>. The only
+time the word “upgrade” is mentioned here is:</p>
 
-<p>And a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877329">problem with runc</a> makes it really hard to get it working on Debian unstable.</p>
+<blockquote class="blockquote" style="padding-left: 10px; border-left: solid 3px;">Be sure to set your ContactInfo line so we can contact you if you need to upgrade or something goes wrong.</blockquote>
 
-<p>These are the steps I took to get it running today (2017-10-10).</p>
+<p>This isn’t great. We should have some decent instructions for keeping your
+relay up to date too. I’ve been compiling a set of documentation for enabling
+automatic updates on various Linux distributions, here’s a taste of what I have
+so far:</p>
 
-<p>Remove runc (allow it to remove containerd and docker.io):</p>
+<hr />
 
-<pre><code>sudo apt-get remove runc
-</code></pre>
+<h2 id="debian">Debian</h2>
 
-<p>Install docker-runc (now in testing)</p>
+<p>Make sure that unattended-upgrades is installed and then enable the installation of updates (as root):</p>
+<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>apt install unattended-upgrades
+dpkg-reconfigure -plow unattended-upgrades
+</pre></div>
 
-<pre><code>sudo apt-get install docker-runc
-</code></pre>
+<h2 id="fedora-22-or-later">Fedora 22 or later</h2>
 
-<p>Fix containerd package to depend on docker-runc instead of runc:</p>
+<p>Beginning with Fedora 22, you can enable automatic updates via:</p>
+<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>dnf install dnf-automatic
+</pre></div>
 
-<pre><code>mkdir containerd
-cd containerd
-apt-get download containerd 
-ar x containerd_0.2.3+git20170126.85.aa8187d~ds1-2_amd64.deb
-tar -xzf control.tar.gz
-sed -i s/runc/docker-runc/g control
-tar -c md5sums control | gzip -c &gt; control.tar.gz
-ar rcs new-containerd.deb debian-binary control.tar.gz data.tar.xz
-sudo dpkg -i new-containerd.deb
+<p>In <code>/etc/dnf/automatic.conf</code> set:</p>
+
+<pre><code>apply_updates = yes
 </code></pre>
 
-<p>Fix docker.io package to depend on docker-runc instead of runc.</p>
+<p>Now enable and start automatic updates via:</p>
+<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>systemctl <span style="color: #007020;">enable</span> dnf-automatic.timer
+systemctl start dnf-automatic.timer
+</pre></div>
 
-<pre><code>mkdir docker
-cd docker
-apt-get download docker.io
-ar x docker.io_1.13.1~ds1-2_amd64.deb
-tar -xzf control.tar.gz
-sed -i s/runc/docker-runc/g control
-tar -c {post,pre}{inst,rm} md5sums control | gzip -c &gt; control.tar.gz
-ar rcs new-docker.io.deb debian-binary control.tar.gz data.tar.xz
-sudo dpkg -i new-docker.io.deb
-</code></pre>
+<p>(Thanks to <a href="http://www.enricozini.org/">Enrico Zini</a> I know all about these <a href="http://www.enricozini.org/blog/2017/debian/systemd-06-timers">timer units in systemd</a> now.)</p>
 
-<p>Symlink <code>docker-runc</code> =&gt; <code>runc</code></p>
+<h2 id="rhel-or-centos">RHEL or CentOS</h2>
 
-<pre><code>sudo ln -s /usr/sbin/docker-runc /usr/sbin/runc
+<p>For CentOS, RHEL, and older versions of Fedora, the yum-cron package is the preferred approach:</p>
+<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>yum install yum-cron
+</pre></div>
+
+<p>In <code>/etc/yum/yum-cron.conf</code> set:</p>
+
+<pre><code>apply_updates = yes
 </code></pre>
 
-<p>Keep <code>apt-get</code> from upgrading until this bug is fixed:</p>
+<p>Enable and start automatic updates via:</p>
+<div class="highlight" style="background: #f0f0f0;"><pre style="line-height: 125%;"><span></span>systemctl start yum-cron.service
+</pre></div>
 
-<pre><code>printf "# Remove when docker.io and containerd depend on docker-runc
-# instead of normal runc
-# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877329
-Package: runc 
-Pin: release * 
-Pin-Priority: -1 
+<hr />
 
-Package: containderd 
-Pin: release * 
-Pin-Priority: -1 
+<p>I’d like to collect together instructions also for other distributions (and
+*BSD and Mac OS). Atlas knows which platform a relay is running on, so there
+could be a link in the future to some platform specific instructions on how to
+keep your relay up to date.</p>
+--===============testboundary==--
 
-Package: docker.io
-Pin: release * 
-Pin-Priority: -1" | sudo tee /etc/apt/preferences.d/docker.pref
-</code></pre>
+From planet-debian Tue Oct 10 16:07:53 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Tue, 10 Oct 2017 16:07:53 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Jamie McClelland: Docker in Debian
+Message-ID: http-current-workingdirectory-net-posts-2017-docker-in-debian
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: http://current.workingdirectory.net/posts/2017/docker-in-debian/
 
-<p>Thanks to <a href="https://coderwall.com/p/hes3ha/change-the-dependencies-of-a-deb-package">coderwall</a> for tips on manipulating deb files.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -6717,9 +6633,93 @@ Keep `apt-get` from upgrading until this bug is fixed:
 
 Thanks to [coderwall][2] for tips on manipulating deb files.
 
-   [2]: <https://coderwall.com/p/hes3ha/change-the-dependencies-of-a-deb-package>
+   [2]: <https://coderwall.com/p/hes3ha/change-the-dependencies-of-a-deb-package>
+
+
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<p>It's not easy getting Docker to work in Debian.</p>
+
+<p>It's not in stable at all:</p>
+
+<pre><code>0 jamie@turkey:~$ rmadison docker.io
+docker.io  | 1.6.2~dfsg1-1~bpo8+1 | jessie-backports | source, amd64, armel, armhf, i386
+docker.io  | 1.11.2~ds1-5         | unstable         | source, arm64
+docker.io  | 1.11.2~ds1-5         | unstable-debug   | source
+docker.io  | 1.11.2~ds1-6         | unstable         | source, armel, armhf, i386, ppc64el
+docker.io  | 1.11.2~ds1-6         | unstable-debug   | source
+docker.io  | 1.13.1~ds1-2         | unstable         | source, amd64
+docker.io  | 1.13.1~ds1-2         | unstable-debug   | source
+0 jamie@turkey:~$ 
+</code></pre>
+
+<p>And a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877329">problem with runc</a> makes it really hard to get it working on Debian unstable.</p>
+
+<p>These are the steps I took to get it running today (2017-10-10).</p>
+
+<p>Remove runc (allow it to remove containerd and docker.io):</p>
+
+<pre><code>sudo apt-get remove runc
+</code></pre>
+
+<p>Install docker-runc (now in testing)</p>
+
+<pre><code>sudo apt-get install docker-runc
+</code></pre>
+
+<p>Fix containerd package to depend on docker-runc instead of runc:</p>
+
+<pre><code>mkdir containerd
+cd containerd
+apt-get download containerd 
+ar x containerd_0.2.3+git20170126.85.aa8187d~ds1-2_amd64.deb
+tar -xzf control.tar.gz
+sed -i s/runc/docker-runc/g control
+tar -c md5sums control | gzip -c &gt; control.tar.gz
+ar rcs new-containerd.deb debian-binary control.tar.gz data.tar.xz
+sudo dpkg -i new-containerd.deb
+</code></pre>
+
+<p>Fix docker.io package to depend on docker-runc instead of runc.</p>
+
+<pre><code>mkdir docker
+cd docker
+apt-get download docker.io
+ar x docker.io_1.13.1~ds1-2_amd64.deb
+tar -xzf control.tar.gz
+sed -i s/runc/docker-runc/g control
+tar -c {post,pre}{inst,rm} md5sums control | gzip -c &gt; control.tar.gz
+ar rcs new-docker.io.deb debian-binary control.tar.gz data.tar.xz
+sudo dpkg -i new-docker.io.deb
+</code></pre>
+
+<p>Symlink <code>docker-runc</code> =&gt; <code>runc</code></p>
+
+<pre><code>sudo ln -s /usr/sbin/docker-runc /usr/sbin/runc
+</code></pre>
+
+<p>Keep <code>apt-get</code> from upgrading until this bug is fixed:</p>
+
+<pre><code>printf "# Remove when docker.io and containerd depend on docker-runc
+# instead of normal runc
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877329
+Package: runc 
+Pin: release * 
+Pin-Priority: -1 
+
+Package: containderd 
+Pin: release * 
+Pin-Priority: -1 
 
+Package: docker.io
+Pin: release * 
+Pin-Priority: -1" | sudo tee /etc/apt/preferences.d/docker.pref
+</code></pre>
 
+<p>Thanks to <a href="https://coderwall.com/p/hes3ha/change-the-dependencies-of-a-deb-package">coderwall</a> for tips on manipulating deb files.</p>
 --===============testboundary==--
 
 From planet-debian Tue Oct 10 15:11:57 2017
@@ -6730,11 +6730,62 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Lars Wirzenius: Debian and the GDPR
 Message-ID: http-blog-liw-fi-posts-2017-10-10-debian_and_the_gdpr
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://blog.liw.fi/posts/2017/10/10/debian_and_the_gdpr/
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+http://blog.liw.fi/posts/2017/10/10/debian_and_the_gdpr/
+
+[GDPR][1] is a new EU regulation for privacy. The name is short for "General
+Data Protection Regulation" and it covers all organisations that handle
+personal data of EU citizens and EU residents. It will become enforceable May
+25, 2018 ([Towel Day][2]). This will affect Debian. I think it's time for
+Debian to start working on compliance, mainly because the GDPR requires
+sensible things.
+
+   [1]: <https://en.wikipedia.org/wiki/General_Data_Protection_Regulation>
+   [2]: <https://en.wikipedia.org/wiki/Towel_Day>
+
+I'm not an expert on GDPR legislation, but here's my understanding of what we
+in Debian should do:
+
+  * do a privacy impact assessment, to review and **document** what data we have, and collect, and what risks that has for the people whose personal data it is if the data leaks
+
+  * only collect personal information for specific purposes, and only use the data for those purposes
+
+  * get explicit consent from each person for all collection and use of their personal information; archive this consent (e.g., list subscription confirmations)
+
+  * allow each person to get a copy of all the personal information we have about them, in a portable manner, and let them correct it if it's wrong
+
+  * allow people to have their personal information erased
+
+  * maybe appoint one or more data protection officers (not sure this is required for Debian)
+
+There's more, but let's start with those.
+
+I think Debian has at least the following systems that will need to be
+reviewed with regards to the GDPR:
+
+  * db.debian.org - Debian project members, "Debian developers"
+  * nm.debian.org
+  * contributors.debian.org
+  * lists.debian.org - **at least** membership lists, maybe archives
+  * possibly irc servers and log files
+  * mail server log files
+  * web server log files
+  * version control services and repositories
+
+There may be more; these are just off the top of my head.
+
+I expect that mostly Debian will be OK, but we can't just assume that.
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
@@ -6788,71 +6839,189 @@ reviewed with regards to the GDPR:</p>
 <p>There may be more; these are just off the top of my head.</p>
 
 <p>I expect that mostly Debian will be OK, but we can't just assume that.</p>
+--===============testboundary==--
+
+From planet-debian Tue Oct 10 08:08:10 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Tue, 10 Oct 2017 08:08:10 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Reproducible builds folks: Reproducible Builds: Weekly report #128
+Message-ID: https-reproducible-alioth-debian-org-blog-posts-128
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://reproducible.alioth.debian.org/blog/posts/128/
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-http://blog.liw.fi/posts/2017/10/10/debian_and_the_gdpr/
+https://reproducible.alioth.debian.org/blog/posts/128/
 
-[GDPR][1] is a new EU regulation for privacy. The name is short for "General
-Data Protection Regulation" and it covers all organisations that handle
-personal data of EU citizens and EU residents. It will become enforceable May
-25, 2018 ([Towel Day][2]). This will affect Debian. I think it's time for
-Debian to start working on compliance, mainly because the GDPR requires
-sensible things.
+Here's what happened in the [Reproducible Builds][1] effort between Sunday
+October 1 and Saturday October 7 2017:
 
-   [1]: <https://en.wikipedia.org/wiki/General_Data_Protection_Regulation>
-   [2]: <https://en.wikipedia.org/wiki/Towel_Day>
+   [1]: <https://reproducible-builds.org>
 
-I'm not an expert on GDPR legislation, but here's my understanding of what we
-in Debian should do:
+## Media coverage
 
-  * do a privacy impact assessment, to review and **document** what data we have, and collect, and what risks that has for the people whose personal data it is if the data leaks
+  * Bernhard sent [another report about the status of Reproducible openSUSE][2]. They currently they are at 478 unreproducible and 11,111 reproducible packages out of 11,821, so [also at 93%][3]!
 
-  * only collect personal information for specific purposes, and only use the data for those purposes
+   [2]: <https://lists.opensuse.org/opensuse-factory/2017-10/msg00016.html>
+   [3]: <https://isdebianreproducibleyet.com/>
 
-  * get explicit consent from each person for all collection and use of their personal information; archive this consent (e.g., list subscription confirmations)
+  * Holger attempted to get a Reproducible Builds devroom at [FOSDEM 2018][4] but sadly this proposal was not accepted.
 
-  * allow each person to get a copy of all the personal information we have about them, in a portable manner, and let them correct it if it's wrong
+   [4]: <https://fosdem.org/2018/>
 
-  * allow people to have their personal information erased
+## Documentation updates
 
-  * maybe appoint one or more data protection officers (not sure this is required for Debian)
+  * Christoph Berg [created a wiki page about Openjade generated timestamps from DSSSL stylesheets][5].
 
-There's more, but let's start with those.
+   [5]: <https://wiki.debian.org/ReproducibleBuilds/TimestampsInDocumentationGeneratedByOpenjade>
 
-I think Debian has at least the following systems that will need to be
-reviewed with regards to the GDPR:
+## Packages reviewed and fixed, and bugs filed
 
-  * db.debian.org - Debian project members, "Debian developers"
-  * nm.debian.org
-  * contributors.debian.org
-  * lists.debian.org - **at least** membership lists, maybe archives
-  * possibly irc servers and log files
-  * mail server log files
-  * web server log files
-  * version control services and repositories
+  * Bernhard M. Wiedemann: 
+    * [LiE][6] uninitialized memory (need to find upstream)
+    * [chrony][7] date (merged)
+  * Chris Lamb: 
+    * [#877375][8] filed against [polygen][9].
+    * [#877381][10] filed against [plr][11].
+    * [#877384][12] filed against [rcs][13].
+    * [#877928][14] filed against [cadvisor][15].
+  * jathan: 
+    * [#877470][16] filed against [bsh][17].
 
-There may be more; these are just off the top of my head.
+   [6]: <https://github.com/davidsd/lie/pull/1>
+   [7]: <https://www.mail-archive.com/chrony-dev@chrony.tuxfamily.org/msg01685.html>
+   [8]: <https://bugs.debian.org/877375>
+   [9]: <https://tracker.debian.org/pkg/polygen>
+   [10]: <https://bugs.debian.org/877381>
+   [11]: <https://tracker.debian.org/pkg/plr>
+   [12]: <https://bugs.debian.org/877384>
+   [13]: <https://tracker.debian.org/pkg/rcs>
+   [14]: <https://bugs.debian.org/877928>
+   [15]: <https://tracker.debian.org/pkg/cadvisor>
+   [16]: <https://bugs.debian.org/877470>
+   [17]: <https://tracker.debian.org/pkg/bsh>
 
-I expect that mostly Debian will be OK, but we can't just assume that.
+## Reviews of unreproducible packages
+
+32 package reviews have been added, 46 have been updated and 62 have been
+removed in this week, adding to our knowledge about [identified issues][18].
 
+   [18]: <https://tests.reproducible-builds.org/debian/index_issues.html>
 
---===============testboundary==--
+## Weekly QA work
+
+During our reproducibility testing, FTBFS bugs have been detected and reported
+by:
+
+  * Adrian Bunk (27)
+
+## diffoscope development
+
+  * Chris Lamb:
+
+    * [Don't crash on malformed md5sums files.][19] (Closes: [#877473][20])
+    * [Improve names in output of "internal" binwalk members.][21] (Closes: [#877525][22])
+  * Mattia Rizzolo:
+
+   [19]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=70cb725>
+   [20]: <https://bugs.debian.org/877473>
+   [21]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=07c0562>
+   [22]: <https://bugs.debian.org/877525>
+
+    * [Fix test compatibility with dtb version 1.4.5][23]
+
+   [23]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=8f98304>
+
+## strip-nondeterminism development
+
+[Rob Browning noticed that strip-nondeterminism was causing serious
+performance regressions][24] in the [Clojure][25] programming language within
+Debian. After some discussion, Chris Lamb also [posted a query to debian-
+devel][26] in case there were any other programming languages that might be
+suffering from the same problem.
+
+   [24]: <http://bugs.debian.org/877418>
+   [25]: <https://clojure.org>
+   [26]: <https://lists.debian.org/debian-devel/2017/10/msg00073.html>
+
+  * Chris Lamb: 
+    * [jar.pm: Clojure considers the .class file to be stale if it shares the same timestamp of the .clj. We thus adjust the timestamps of the .clj to always be younger.][27]. (Closes: [#877418][28])
+    * [jar.pm, zip.pm: Allow $options{member_normalizer} callback to support specifying the timestamp.][29]
+    * [zip.pm: Ensure that we don't try and write an old timestamp; Archive::Zip will do this anyway, just noisily.][30]
+    * [zip.pm: Calculate the target canonical time in just one place.][31]
+    * [bin/strip-nondeterminism: Print a warning in --verbose mode if no canonical time specified.][32]
+    * [jar.pm: Update comment to reflect that NTFS/FAT has a 2s timestamp granularity.][33]
+    * [jar.pm: s/NTFS/FAT/. Thanks to James Ross.][34]
+
+   [27]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=7691e29>
+   [28]: <https://bugs.debian.org/877418>
+   [29]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=dec8623>
+   [30]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=3f92d1b>
+   [31]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=99af63b>
+   [32]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=0a60b30>
+   [33]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=e03d382>
+   [34]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=e2d3237>
+
+## reprotest development
+
+Versions [0.7.1][35] and [0.7.2][36] were uploaded to unstable by Ximin Luo:
+
+   [35]: <https://tracker.debian.org/news/876827>
+   [36]: <https://tracker.debian.org/news/876848>
+
+  * New features: 
+    * Add a `--auto-build` option to try to determine which specific variations cause unreproducibility.
+    * Add a `--source-pattern` option to restrict copying of `source_root`, and set this automatically in our presets.
+  * Usability improvements: 
+    * Improve error messages in some common scenarios. 
+      * Fiving a `source_root` or `build_command` that doesn't exist
+      * Using reprotest with default settings after not installing Recommends
+    * Output hashes after a successful `--auto-build`.
+    * Print a warning message if we reproduced successfully but didn't vary everything.
+  * Fix varying both `umask` and `user_group` at the same time.
+  * Have `dpkg-source` extract to different build dir if varying the build-path.
+  * Pass `--exclude-directory-metadata` to `diffoscope(1)` by default as this is the majority use-case.
+  * Various bug fixes to get the basic `dsc+schroot` example working.
+
+It included [contributions][37] already covered by posts of the previous
+weeks, as well as new ones from:
+
+   [37]: <https://anonscm.debian.org/git/reproducible/reprotest.git/log/?h=debian/0.7.1>
+
+  * Ximin Luo: 
+    * [main: Add a `--env-build` option for testing different env vars][38]
+    * [Don't output spurious warnings in tests][39]
+    * [Add some more notes on the remaining variations][40]
+    * [Fix the help text for virtual servers][41]
+
+   [38]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=ae3fdae>
+   [39]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=77f4195>
+   [40]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=8a18177>
+   [41]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=f76dbdd>
+
+## tests.reproducible-builds.org
+
+  * Mattia Rizzolo: 
+    * Re-deploy `odxu4a` after being reinstalled and renamed from `odxu4`.
+  * Vagrant Cascadian: 
+    * [Rename armhf host odxu4 to odxu4a][42]
+
+   [42]: <https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=ee0200e>
+
+## Misc.
+
+This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger
+Levsen, Mattia Rizzolo & reviewed by a bunch of Reproducible Builds folks on
+IRC & the mailing lists.
 
-From planet-debian Tue Oct 10 08:08:10 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Tue, 10 Oct 2017 08:08:10 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Reproducible builds folks: Reproducible Builds: Weekly report #128
-Message-ID: https-reproducible-alioth-debian-org-blog-posts-128
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://reproducible.alioth.debian.org/blog/posts/128/
 
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
@@ -7031,175 +7200,6 @@ in case there were any other programming languages that might be suffering from
 
 <p>This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Mattia Rizzolo
 &amp; reviewed by a bunch of Reproducible Builds folks on IRC &amp; the mailing lists.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://reproducible.alioth.debian.org/blog/posts/128/
-
-Here's what happened in the [Reproducible Builds][1] effort between Sunday
-October 1 and Saturday October 7 2017:
-
-   [1]: <https://reproducible-builds.org>
-
-## Media coverage
-
-  * Bernhard sent [another report about the status of Reproducible openSUSE][2]. They currently they are at 478 unreproducible and 11,111 reproducible packages out of 11,821, so [also at 93%][3]!
-
-   [2]: <https://lists.opensuse.org/opensuse-factory/2017-10/msg00016.html>
-   [3]: <https://isdebianreproducibleyet.com/>
-
-  * Holger attempted to get a Reproducible Builds devroom at [FOSDEM 2018][4] but sadly this proposal was not accepted.
-
-   [4]: <https://fosdem.org/2018/>
-
-## Documentation updates
-
-  * Christoph Berg [created a wiki page about Openjade generated timestamps from DSSSL stylesheets][5].
-
-   [5]: <https://wiki.debian.org/ReproducibleBuilds/TimestampsInDocumentationGeneratedByOpenjade>
-
-## Packages reviewed and fixed, and bugs filed
-
-  * Bernhard M. Wiedemann: 
-    * [LiE][6] uninitialized memory (need to find upstream)
-    * [chrony][7] date (merged)
-  * Chris Lamb: 
-    * [#877375][8] filed against [polygen][9].
-    * [#877381][10] filed against [plr][11].
-    * [#877384][12] filed against [rcs][13].
-    * [#877928][14] filed against [cadvisor][15].
-  * jathan: 
-    * [#877470][16] filed against [bsh][17].
-
-   [6]: <https://github.com/davidsd/lie/pull/1>
-   [7]: <https://www.mail-archive.com/chrony-dev@chrony.tuxfamily.org/msg01685.html>
-   [8]: <https://bugs.debian.org/877375>
-   [9]: <https://tracker.debian.org/pkg/polygen>
-   [10]: <https://bugs.debian.org/877381>
-   [11]: <https://tracker.debian.org/pkg/plr>
-   [12]: <https://bugs.debian.org/877384>
-   [13]: <https://tracker.debian.org/pkg/rcs>
-   [14]: <https://bugs.debian.org/877928>
-   [15]: <https://tracker.debian.org/pkg/cadvisor>
-   [16]: <https://bugs.debian.org/877470>
-   [17]: <https://tracker.debian.org/pkg/bsh>
-
-## Reviews of unreproducible packages
-
-32 package reviews have been added, 46 have been updated and 62 have been
-removed in this week, adding to our knowledge about [identified issues][18].
-
-   [18]: <https://tests.reproducible-builds.org/debian/index_issues.html>
-
-## Weekly QA work
-
-During our reproducibility testing, FTBFS bugs have been detected and reported
-by:
-
-  * Adrian Bunk (27)
-
-## diffoscope development
-
-  * Chris Lamb:
-
-    * [Don't crash on malformed md5sums files.][19] (Closes: [#877473][20])
-    * [Improve names in output of "internal" binwalk members.][21] (Closes: [#877525][22])
-  * Mattia Rizzolo:
-
-   [19]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=70cb725>
-   [20]: <https://bugs.debian.org/877473>
-   [21]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=07c0562>
-   [22]: <https://bugs.debian.org/877525>
-
-    * [Fix test compatibility with dtb version 1.4.5][23]
-
-   [23]: <https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=8f98304>
-
-## strip-nondeterminism development
-
-[Rob Browning noticed that strip-nondeterminism was causing serious
-performance regressions][24] in the [Clojure][25] programming language within
-Debian. After some discussion, Chris Lamb also [posted a query to debian-
-devel][26] in case there were any other programming languages that might be
-suffering from the same problem.
-
-   [24]: <http://bugs.debian.org/877418>
-   [25]: <https://clojure.org>
-   [26]: <https://lists.debian.org/debian-devel/2017/10/msg00073.html>
-
-  * Chris Lamb: 
-    * [jar.pm: Clojure considers the .class file to be stale if it shares the same timestamp of the .clj. We thus adjust the timestamps of the .clj to always be younger.][27]. (Closes: [#877418][28])
-    * [jar.pm, zip.pm: Allow $options{member_normalizer} callback to support specifying the timestamp.][29]
-    * [zip.pm: Ensure that we don't try and write an old timestamp; Archive::Zip will do this anyway, just noisily.][30]
-    * [zip.pm: Calculate the target canonical time in just one place.][31]
-    * [bin/strip-nondeterminism: Print a warning in --verbose mode if no canonical time specified.][32]
-    * [jar.pm: Update comment to reflect that NTFS/FAT has a 2s timestamp granularity.][33]
-    * [jar.pm: s/NTFS/FAT/. Thanks to James Ross.][34]
-
-   [27]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=7691e29>
-   [28]: <https://bugs.debian.org/877418>
-   [29]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=dec8623>
-   [30]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=3f92d1b>
-   [31]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=99af63b>
-   [32]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=0a60b30>
-   [33]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=e03d382>
-   [34]: <https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=e2d3237>
-
-## reprotest development
-
-Versions [0.7.1][35] and [0.7.2][36] were uploaded to unstable by Ximin Luo:
-
-   [35]: <https://tracker.debian.org/news/876827>
-   [36]: <https://tracker.debian.org/news/876848>
-
-  * New features: 
-    * Add a `--auto-build` option to try to determine which specific variations cause unreproducibility.
-    * Add a `--source-pattern` option to restrict copying of `source_root`, and set this automatically in our presets.
-  * Usability improvements: 
-    * Improve error messages in some common scenarios. 
-      * Fiving a `source_root` or `build_command` that doesn't exist
-      * Using reprotest with default settings after not installing Recommends
-    * Output hashes after a successful `--auto-build`.
-    * Print a warning message if we reproduced successfully but didn't vary everything.
-  * Fix varying both `umask` and `user_group` at the same time.
-  * Have `dpkg-source` extract to different build dir if varying the build-path.
-  * Pass `--exclude-directory-metadata` to `diffoscope(1)` by default as this is the majority use-case.
-  * Various bug fixes to get the basic `dsc+schroot` example working.
-
-It included [contributions][37] already covered by posts of the previous
-weeks, as well as new ones from:
-
-   [37]: <https://anonscm.debian.org/git/reproducible/reprotest.git/log/?h=debian/0.7.1>
-
-  * Ximin Luo: 
-    * [main: Add a `--env-build` option for testing different env vars][38]
-    * [Don't output spurious warnings in tests][39]
-    * [Add some more notes on the remaining variations][40]
-    * [Fix the help text for virtual servers][41]
-
-   [38]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=ae3fdae>
-   [39]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=77f4195>
-   [40]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=8a18177>
-   [41]: <https://anonscm.debian.org/git/reproducible/reprotest.git/commit/?id=f76dbdd>
-
-## tests.reproducible-builds.org
-
-  * Mattia Rizzolo: 
-    * Re-deploy `odxu4a` after being reinstalled and renamed from `odxu4`.
-  * Vagrant Cascadian: 
-    * [Rename armhf host odxu4 to odxu4a][42]
-
-   [42]: <https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=ee0200e>
-
-## Misc.
-
-This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger
-Levsen, Mattia Rizzolo & reviewed by a bunch of Reproducible Builds folks on
-IRC & the mailing lists.
-
-
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 22:31:50 2017
@@ -7210,51 +7210,11 @@ To: to@example.com
 From: Vincent Fourmond <noreply@blogger.com>
 Subject: Vincent Fourmond: Define a function with inline Ruby code in QSoas
 Message-ID: tag-blogger-com-1999-blog-3019054489127059271-post-241025559998196415
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://vince-debian.blogspot.com/2017/10/define-function-with-inline-ruby-code.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<a href="http://qsoas.org">QSoas</a> can read and execute Ruby code directly, while reading command files, or even at the command prompt. For that, just write plain Ruby code inside a <code>ruby</code>...<code>ruby end</code> block. Probably the most useful possibility is to define elaborated functions directly from within <code>QSoas</code>, or, preferable, from within a script; this is an alternative to defining a function in a completely separated Ruby-only file using <a href="http://qsoas.org/manual.html#cmd-ruby-run">ruby-run</a>. For instance, you can define a function for plain <a href="https://en.wikipedia.org/wiki/Michaelis%E2%80%93Menten_kinetics">Michaelis-Menten kinetics</a> with a file containing:<br />
-<br />
-<pre>ruby
-def my_func(x, vm, km)
-  return vm/(1 + km/x)
-end
-ruby end
-</pre><br />
-This defines the function <code>my_func</code> with three parameters, ,  (<code>vm</code>) and (<code>km</code>), with the formula: <br />
-<br />
-You can then test that the function has been correctly defined running for instance:<br />
-<br />
-<pre>QSoas&gt; eval my_func(1.0,1.0,1.0)
- =&gt; 0.5
-QSoas&gt; eval my_func(1e4,1.0,1.0)
- =&gt; 0.999900009999
-</pre><br />
-This yields the correct answer: the first command evaluates the function with <code>x = 1.0</code>, <code>vm = 1.0</code> and <code>km = 1.0</code>. For , the result is  (here <code>0.5</code>). For , the result is almost . You can use the newly defined <code>my_func</code> in any place you would use any ruby code, such as in the <a href="http://vince-debian.blogspot.fr/2017/02/extended-dataset-generation.html">optional argument to generate-buffer</a>, or for <a href="http://qsoas.org/manual.html#arbitrary-fits">arbitrary fits</a>:<br />
-<br />
-<pre>QSoas&gt; generate-buffer 0 10 my_func(x,3.0,0.6)
-QSoas&gt; fit-arb my_func(x,vm,km)
-</pre><br />
-To redefine <code>my_func</code>, just run the ruby code again with a new definition, such as:<br />
-<pre>ruby
-def my_func(x, vm, km)
-  return vm/(1 + km/x**2)
-end
-ruby end
-</pre>The previous version is just erased, and all new uses of <code>my_func</code> will refer to your new definition.<br />
-<br />
-<br />
-<h4>See for yourself</h4>The code for this example can be found <a href="https://github.com/fourmond/qsoas-goodies/blob/master/define-ruby-function.cmds">there</a>. Browse the <code>qsoas-goodies</code> <a href="https://github.com/fourmond/qsoas-goodies/">github repository</a> for more goodies !<br />
-<br />
-<h4>About QSoas</h4><a href="http://qsoas.org">QSoas</a> is a powerful open source data analysis program that focuses on flexibility and powerful fitting capacities. It is released under the <a href="https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html">GNU General Public License</a>. It is described in <a href="http://pubs.acs.org/doi/abs/10.1021/acs.analchem.6b00224">Fourmond, Anal. Chem., 2016, 88 (10), pp 5050–5052</a>. Current version is <strong>2.1</strong>. You can download its source code or buy precompiled versions for MacOS and Windows <a href="http://qsoas.org/downloads.html">there</a>.<br />
-<br />
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7353,6 +7313,46 @@ source code or buy precompiled versions for MacOS and Windows [there][11].
    [11]: <http://qsoas.org/downloads.html>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<a href="http://qsoas.org">QSoas</a> can read and execute Ruby code directly, while reading command files, or even at the command prompt. For that, just write plain Ruby code inside a <code>ruby</code>...<code>ruby end</code> block. Probably the most useful possibility is to define elaborated functions directly from within <code>QSoas</code>, or, preferable, from within a script; this is an alternative to defining a function in a completely separated Ruby-only file using <a href="http://qsoas.org/manual.html#cmd-ruby-run">ruby-run</a>. For instance, you can define a function for plain <a href="https://en.wikipedia.org/wiki/Michaelis%E2%80%93Menten_kinetics">Michaelis-Menten kinetics</a> with a file containing:<br />
+<br />
+<pre>ruby
+def my_func(x, vm, km)
+  return vm/(1 + km/x)
+end
+ruby end
+</pre><br />
+This defines the function <code>my_func</code> with three parameters, ,  (<code>vm</code>) and (<code>km</code>), with the formula: <br />
+<br />
+You can then test that the function has been correctly defined running for instance:<br />
+<br />
+<pre>QSoas&gt; eval my_func(1.0,1.0,1.0)
+ =&gt; 0.5
+QSoas&gt; eval my_func(1e4,1.0,1.0)
+ =&gt; 0.999900009999
+</pre><br />
+This yields the correct answer: the first command evaluates the function with <code>x = 1.0</code>, <code>vm = 1.0</code> and <code>km = 1.0</code>. For , the result is  (here <code>0.5</code>). For , the result is almost . You can use the newly defined <code>my_func</code> in any place you would use any ruby code, such as in the <a href="http://vince-debian.blogspot.fr/2017/02/extended-dataset-generation.html">optional argument to generate-buffer</a>, or for <a href="http://qsoas.org/manual.html#arbitrary-fits">arbitrary fits</a>:<br />
+<br />
+<pre>QSoas&gt; generate-buffer 0 10 my_func(x,3.0,0.6)
+QSoas&gt; fit-arb my_func(x,vm,km)
+</pre><br />
+To redefine <code>my_func</code>, just run the ruby code again with a new definition, such as:<br />
+<pre>ruby
+def my_func(x, vm, km)
+  return vm/(1 + km/x**2)
+end
+ruby end
+</pre>The previous version is just erased, and all new uses of <code>my_func</code> will refer to your new definition.<br />
+<br />
+<br />
+<h4>See for yourself</h4>The code for this example can be found <a href="https://github.com/fourmond/qsoas-goodies/blob/master/define-ruby-function.cmds">there</a>. Browse the <code>qsoas-goodies</code> <a href="https://github.com/fourmond/qsoas-goodies/">github repository</a> for more goodies !<br />
+<br />
+<h4>About QSoas</h4><a href="http://qsoas.org">QSoas</a> is a powerful open source data analysis program that focuses on flexibility and powerful fitting capacities. It is released under the <a href="https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html">GNU General Public License</a>. It is described in <a href="http://pubs.acs.org/doi/abs/10.1021/acs.analchem.6b00224">Fourmond, Anal. Chem., 2016, 88 (10), pp 5050–5052</a>. Current version is <strong>2.1</strong>. You can download its source code or buy precompiled versions for MacOS and Windows <a href="http://qsoas.org/downloads.html">there</a>.<br />
+<br />
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 22:18:12 2017
@@ -7363,52 +7363,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Markus Koschany: My Free Software Activities in September 2017
 Message-ID: https-gambaru-de-blog-p-10232
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://gambaru.de/blog/2017/10/10/my-free-software-activities-in-september-2017/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/apo.png" width="65" height="61" alt="" align="right" style="float: right;">  <p>Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in  Java, Games and LTS topics, this might be interesting for you.</p>
-<h2>Debian Games</h2>
-<ul>
-<li>I sponsored a new release of <a href="https://tracker.debian.org/pkg/hexalate">hexalate</a> for Unit193 and <a href="https://tracker.debian.org/pkg/icebreaker">icebreaker</a> for Andreas Gnau. The latter is a reintroduction.</li>
-<li>New upstream releases this month: <a href="https://tracker.debian.org/pkg/freeorion">freeorion</a> and <a href="https://tracker.debian.org/pkg/hyperrogue">hyperrogue</a>.</li>
-<li>I backported <a href="https://tracker.debian.org/pkg/freeciv">freeciv</a> and freeorion to Stretch.</li>
-</ul>
-<h2>Debian Java</h2>
-<ul>
-<li>New upstream releases and one update: <a href="https://tracker.debian.org/pkg/sweethome3d">sweethome3d</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-furniture">sweethome3d-furniture</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-furniture-editor">sweethome3d-furniture-editor</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-textures-editor">sweethome3d-textures-editor</a> (update), <a href="https://tracker.debian.org/pkg/libsambox-java">libsambox-java</a>, <a href="https://tracker.debian.org/pkg/libsejda-java">libsejda-java</a>, <a href="https://tracker.debian.org/pkg/pdfsam">pdfsam</a>, <a href="https://tracker.debian.org/pkg/easymock">easymock</a>, <a href="https://tracker.debian.org/pkg/jboss-modules">jboss-modules</a>, <a href="https://tracker.debian.org/pkg/jboss-xnio">jboss-xnio</a> and <a href="https://tracker.debian.org/pkg/undertow">undertow</a>.</li>
-<li>I fixed one RC bug in <a href="https://tracker.debian.org/pkg/libsejda-io-java">libsejda-io-java</a> (#874494) and investigated another one (#869266) in <a href="https://tracker.debian.org/pkg/commons-httpclient">commons-httpclient</a> which could be closed.</li>
-<li>The new build-dependencies of jboss-xnio, <a href="https://tracker.debian.org/pkg/wildfly-client-config">wildfly-client-config</a> and <a href="https://tracker.debian.org/pkg/wildfly-common">wildfly-common</a>, were accepted into the archive this month.</li>
-<li>I spent some quality time on fixing  <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874579">#874579</a> in <a href="https://tracker.debian.org/pkg/libhibernate-validator-java">libhibernate-validator-java</a>. This was the last blocking bug for <a href="https://tracker.debian.org/pkg/pdfsam">pdfsam</a> which I could finally upload to unstable. It’s a really great JavaFX application. Check it out!</li>
-<li>I sponsored another update of <a href="https://tracker.debian.org/pkg/libimglib2-java">libimglib2-java</a> for Ghislain Vaillant and <a href="https://tracker.debian.org/pkg/simplyhtml">simplyhtml</a>, <a href="https://tracker.debian.org/pkg/freeplane">freeplane</a> and <a href="https://tracker.debian.org/pkg/knopflerfish-osgi">knopflerfish-osgi</a> for Felix Natter.</li>
-<li>I also fixed RC bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871348">#871348</a> in <a href="https://tracker.debian.org/pkg/robocode">robocode</a>, a Java programming game and <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871347">#871347</a> in <a href="https://tracker.debian.org/pkg/tycho">tycho</a>.</li>
-</ul>
-<h2>Debian LTS</h2>
-<p>This was my nineteenth month as a paid contributor and I have been paid to work 15,75 hours on <a href="https://wiki.debian.org/LTS/">Debian LTS</a>, a project started by <a href="https://raphaelhertzog.com">Raphaël Hertzog</a>. In that time I did the following:</p>
-<ul>
-<li>From 18. September to 24. September I was in charge of our LTS frontdesk. I triaged bugs in poppler, binutils, kannel, wordpress, libsndfile, libexif, nautilus, libstruts1.2-java, nvidia-graphics-drivers, p3scan, otrs2 and glassfish.</li>
-<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00025.html">DLA-1108-1</a>. Issued a security update for tomcat7 fixing 1 CVE.</li>
-<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00033.html">DLA-1116-1</a>. Issued a security update for poppler fixing 3 CVE.</li>
-<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00036.html">DLA-1119-1</a>. Issued a security update for otrs2 fixing 4 CVE.</li>
-<li><a href="https://lists.debian.org/debian-lts-announce/2017/10/msg00002.html">DLA-1122-1</a>. Issued a security update for asterisk fixing 1 CVE. I also investigated <a href="https://security-tracker.debian.org/tracker/CVE-2017-14099">CVE-2017-14099</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-14603">CVE-2017-14603.</a> I decided against a backport because the fix was too intrusive and the vulnerable option is disabled by default in Wheezy’s version which makes it a minor issue for most users.</li>
-<li>I submitted a patch for Debian’s reportbug tool. (<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878088">#878088</a>) During our LTS BoF at DebConf 17 we came to the conclusion that we should implement a feature in reportbug that checks whether the bug reporter wants to report a regression for a recent security update. Usually the LTS and security teams  receive word from the maintainer or users who report issues directly to our mailing lists or IRC channels. However in some cases we were not informed about possible regressions and the new feature in reportbug shall ensure that we can respond faster to such reports.</li>
-<li>I started to investigate the open security issues in wordpress and will complete the work in October.</li>
-</ul>
-<h2>Misc</h2>
-<ul>
-<li>I packaged a new version of <a href="https://tracker.debian.org/pkg/xarchiver">xarchiver.</a> Thanks to the work of Ingo Brückl xarchiver can handle almost all archive formats in Debian now.</li>
-</ul>
-<h2>QA upload</h2>
-<ul>
-<li>I did a QA upload of <a href="https://tracker.debian.org/pkg/xball">xball</a>, an ancient game from the 90ies that simulates bouncing balls.  It should be ready for another decade at least.</li>
-</ul>
-<p>Thanks for reading and see you next time.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7507,6 +7466,47 @@ Hertzog][32]. In that time I did the following:
 Thanks for reading and see you next time.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/apo.png" width="65" height="61" alt="" align="right" style="float: right;">  <p>Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in  Java, Games and LTS topics, this might be interesting for you.</p>
+<h2>Debian Games</h2>
+<ul>
+<li>I sponsored a new release of <a href="https://tracker.debian.org/pkg/hexalate">hexalate</a> for Unit193 and <a href="https://tracker.debian.org/pkg/icebreaker">icebreaker</a> for Andreas Gnau. The latter is a reintroduction.</li>
+<li>New upstream releases this month: <a href="https://tracker.debian.org/pkg/freeorion">freeorion</a> and <a href="https://tracker.debian.org/pkg/hyperrogue">hyperrogue</a>.</li>
+<li>I backported <a href="https://tracker.debian.org/pkg/freeciv">freeciv</a> and freeorion to Stretch.</li>
+</ul>
+<h2>Debian Java</h2>
+<ul>
+<li>New upstream releases and one update: <a href="https://tracker.debian.org/pkg/sweethome3d">sweethome3d</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-furniture">sweethome3d-furniture</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-furniture-editor">sweethome3d-furniture-editor</a>, <a href="https://tracker.debian.org/pkg/sweethome3d-textures-editor">sweethome3d-textures-editor</a> (update), <a href="https://tracker.debian.org/pkg/libsambox-java">libsambox-java</a>, <a href="https://tracker.debian.org/pkg/libsejda-java">libsejda-java</a>, <a href="https://tracker.debian.org/pkg/pdfsam">pdfsam</a>, <a href="https://tracker.debian.org/pkg/easymock">easymock</a>, <a href="https://tracker.debian.org/pkg/jboss-modules">jboss-modules</a>, <a href="https://tracker.debian.org/pkg/jboss-xnio">jboss-xnio</a> and <a href="https://tracker.debian.org/pkg/undertow">undertow</a>.</li>
+<li>I fixed one RC bug in <a href="https://tracker.debian.org/pkg/libsejda-io-java">libsejda-io-java</a> (#874494) and investigated another one (#869266) in <a href="https://tracker.debian.org/pkg/commons-httpclient">commons-httpclient</a> which could be closed.</li>
+<li>The new build-dependencies of jboss-xnio, <a href="https://tracker.debian.org/pkg/wildfly-client-config">wildfly-client-config</a> and <a href="https://tracker.debian.org/pkg/wildfly-common">wildfly-common</a>, were accepted into the archive this month.</li>
+<li>I spent some quality time on fixing  <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874579">#874579</a> in <a href="https://tracker.debian.org/pkg/libhibernate-validator-java">libhibernate-validator-java</a>. This was the last blocking bug for <a href="https://tracker.debian.org/pkg/pdfsam">pdfsam</a> which I could finally upload to unstable. It’s a really great JavaFX application. Check it out!</li>
+<li>I sponsored another update of <a href="https://tracker.debian.org/pkg/libimglib2-java">libimglib2-java</a> for Ghislain Vaillant and <a href="https://tracker.debian.org/pkg/simplyhtml">simplyhtml</a>, <a href="https://tracker.debian.org/pkg/freeplane">freeplane</a> and <a href="https://tracker.debian.org/pkg/knopflerfish-osgi">knopflerfish-osgi</a> for Felix Natter.</li>
+<li>I also fixed RC bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871348">#871348</a> in <a href="https://tracker.debian.org/pkg/robocode">robocode</a>, a Java programming game and <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871347">#871347</a> in <a href="https://tracker.debian.org/pkg/tycho">tycho</a>.</li>
+</ul>
+<h2>Debian LTS</h2>
+<p>This was my nineteenth month as a paid contributor and I have been paid to work 15,75 hours on <a href="https://wiki.debian.org/LTS/">Debian LTS</a>, a project started by <a href="https://raphaelhertzog.com">Raphaël Hertzog</a>. In that time I did the following:</p>
+<ul>
+<li>From 18. September to 24. September I was in charge of our LTS frontdesk. I triaged bugs in poppler, binutils, kannel, wordpress, libsndfile, libexif, nautilus, libstruts1.2-java, nvidia-graphics-drivers, p3scan, otrs2 and glassfish.</li>
+<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00025.html">DLA-1108-1</a>. Issued a security update for tomcat7 fixing 1 CVE.</li>
+<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00033.html">DLA-1116-1</a>. Issued a security update for poppler fixing 3 CVE.</li>
+<li><a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00036.html">DLA-1119-1</a>. Issued a security update for otrs2 fixing 4 CVE.</li>
+<li><a href="https://lists.debian.org/debian-lts-announce/2017/10/msg00002.html">DLA-1122-1</a>. Issued a security update for asterisk fixing 1 CVE. I also investigated <a href="https://security-tracker.debian.org/tracker/CVE-2017-14099">CVE-2017-14099</a> and <a href="https://security-tracker.debian.org/tracker/CVE-2017-14603">CVE-2017-14603.</a> I decided against a backport because the fix was too intrusive and the vulnerable option is disabled by default in Wheezy’s version which makes it a minor issue for most users.</li>
+<li>I submitted a patch for Debian’s reportbug tool. (<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878088">#878088</a>) During our LTS BoF at DebConf 17 we came to the conclusion that we should implement a feature in reportbug that checks whether the bug reporter wants to report a regression for a recent security update. Usually the LTS and security teams  receive word from the maintainer or users who report issues directly to our mailing lists or IRC channels. However in some cases we were not informed about possible regressions and the new feature in reportbug shall ensure that we can respond faster to such reports.</li>
+<li>I started to investigate the open security issues in wordpress and will complete the work in October.</li>
+</ul>
+<h2>Misc</h2>
+<ul>
+<li>I packaged a new version of <a href="https://tracker.debian.org/pkg/xarchiver">xarchiver.</a> Thanks to the work of Ingo Brückl xarchiver can handle almost all archive formats in Debian now.</li>
+</ul>
+<h2>QA upload</h2>
+<ul>
+<li>I did a QA upload of <a href="https://tracker.debian.org/pkg/xball">xball</a>, an ancient game from the 90ies that simulates bouncing balls.  It should be ready for another decade at least.</li>
+</ul>
+<p>Thanks for reading and see you next time.</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 16:25:52 2017
@@ -7517,27 +7517,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Ben Hutchings: Debian LTS work, September 2017
 Message-ID: https-www-decadent-org-uk-ben-blog-2017-10-09-debian-lts-work-september-2017
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://www.decadent.org.uk/ben/blog/debian-lts-work-september-2017.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/benh.png" width="109" height="100" alt="" align="right" style="float: right;">  <p>
-  I was assigned 15 hours of work by Freexian's Debian LTS initiative
-  and carried over 6 hours from August. I only worked 12 hours, so I
-  will carry over 9 hours to the next month.
-</p>
-<p>
-  I prepared and released another update on the Linux 3.2 longterm
-  stable branch (3.2.93).  I then rebased the Debian linux package
-  onto this version, added further security fixes, and uploaded
-  it (<a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00017.html">DLA-1099-1</a>).
-</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7556,6 +7540,22 @@ further security fixes, and uploaded it ([DLA-1099-1][1]).
    [1]: <https://lists.debian.org/debian-lts-announce/2017/09/msg00017.html>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/benh.png" width="109" height="100" alt="" align="right" style="float: right;">  <p>
+  I was assigned 15 hours of work by Freexian's Debian LTS initiative
+  and carried over 6 hours from August. I only worked 12 hours, so I
+  will carry over 9 hours to the next month.
+</p>
+<p>
+  I prepared and released another update on the Linux 3.2 longterm
+  stable branch (3.2.93).  I then rebased the Debian linux package
+  onto this version, added further security fixes, and uploaded
+  it (<a href="https://lists.debian.org/debian-lts-announce/2017/09/msg00017.html">DLA-1099-1</a>).
+</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 15:06:22 2017
@@ -7566,42 +7566,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Antonio Terceiro: pristine-tar updates
 Message-ID: http-softwarelivre-org-terceiro-blog-pristine-tar-updates
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://softwarelivre.org/terceiro/blog/pristine-tar-updates
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<h2>Introduction</h2>
-<p><a href="https://packages.debian.org/pristine-tar">pristine-tar</a> is a tool that is present in the workflow of a lot of Debian people. I adopted it last year after it has been orphaned by its creator <a href="https://joeyh.name/">Joey Hess</a>. A little after that <a href="https://tomasz.buchert.pl/">Tomasz Buchert</a> joined me and we are now a functional two-person team.</p>
-<p>pristine-tar goals are to import the content of a pristine upstream tarball into a <span class="caps">VCS</span> repository, and being able to later reconstruct that exact same tarball, bit by bit, based on the contents in the <span class="caps">VCS</span>, so we don’t have to store a full copy of that tarball. This is done by storing a binary delta files which can be used to reconstruct the original tarball from a tarball produced with the contents of the <span class="caps">VCS</span>. Ultimately, we want to make sure that the tarball that is uploaded to Debian is exactly the same as the one that has been downloaded from upstream, without having to keep a full copy of it around if all of its contents is already extracted in the <span class="caps">VCS</span> anyway.</p>
-<h2>The current state of the art, and perspectives for the future</h2>
-<p>pristine-tar solves a <a href="https://en.wikipedia.org/wiki/Wicked_problem">wicked problem</a>, because our ability to reconstruct the original tarball is affected by changes in the behavior of <code>tar</code> and of all of the compression tools (<code>gzip</code>, <code>bzip2</code>, <code>xz</code>) and by what exact options were used when creating the original tarballs. Because of this, pristine-tar currently has a few embedded copies of old versions of compressors to be able to reconstruct tarballs produced by them, and also rely on a ever-evolving patch to tar that is been carried in Debian for a while.</p>
-<p>So basically keeping pristine-tar working is a game of <a href="https://en.wikipedia.org/wiki/Whac-A-Mole">Whac-A-Mole</a>. Joey provided a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737871">good summary of the situation when he orphaned pristine-tar</a>.</p>
-<p>Going forward, we may need to rely on other ways of ensuring integrity of upstream source code. That could take the form of signed git tags, signed uncompressed tarballs (so that the compression doesn’t matter), or maybe even a different system for storing actual tarballs. <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871806">Debian bug #871806</a> contains an interesting discussion on this topic.</p>
-<h2>Recent improvements</h2>
-<p>Even if keeping pristine-tar useful in the long term  will be hard, too much of Debian work currently relies on it, so we can’t just abandon it. Instead, we keep figuring out ways to improve. And I have good news: pristine-tar has recently received updates that improve the situation quite a bit.</p>
-<p>In order to be able to understand how better we are getting at it, I created a "visualization of the <a href="https://people.debian.org/~terceiro/pristine-tar/">regression test suite results</a>. With the help of data from there, let’s look at the improvements made since pristine-tar 1.38, which was the version included in stretch.</p>
-<h3>pristine-tar 1.39: xdelta3 by default.</h3>
-<p>This was the first release made after the stretch release, and made <code>xdelta3</code> the default delta generator for newly-imported tarballs. Existing tarballs with deltas produced by <code>xdelta</code> are still supported, this only affects new imports.</p>
-<p>The support for having multiple delta generator was written by Tomasz, and was already there since 1.35, but we decided to only flip the switch after using xdelta3 was supported in a stable release.</p>
-<h3>pristine-tar 1.40: improved compression heuristics</h3>
-<p>pristine-tar uses a few heuristics to produce the smaller delta possible, and this includes trying different compression options. In the release Tomasz included a contribution by Lennart Sorensen to also try the <code>--gnu</code>, which gretly improved the support for rsyncable gzip compressed files. We can see an example of the type of improvement we got in the <a href="https://people.debian.org/~terceiro/pristine-tar/">regression test suite data for delta sizes</a> for <code>faad2_2.6.1.orig.tar.gz</code>:</p>
-<p><img alt="In 1.40, the delta produced from the test tarball faad2_2.6.1.orig.tar.gz went down from 800KB, almost the same size of tarball itself, to 6.8KB" src="http://softwarelivre.org/articles/0173/3653/1_40.png" title="In 1.40, the delta produced from the test tarball faad2_2.6.1.orig.tar.gz went down from 800KB, almost the same size of tarball itself, to 6.8KB" /></p>
-<h3>pristine-tar 1.41: support for signatures</h3>
-<p>This release saw the addition of support for storage and retrieval of upstream signatures, contributed by Chris Lamb.</p>
-<h3>pristine-tar 1.42: optionally recompressing tarballs</h3>
-<p>I had this idea and wanted to try it out: most of our problems reproducing tarballs come from tarballs produced with old compressors, or from changes in compressor behavior, or from uncommon compression options being used. What if we could just recompress the tarballs before importing then? Yes, this kind of breaks the “pristine” bit of the whole business, but on the other hand, 1) the contents of the tarball are not affected, and 2) even if the initial tarball is not bit by bit the same that upstream release, at least future uploads of that same upstream version with Debian revisions can be regenerated just fine.</p>
-<p>In some cases, as the case for the test tarball <code>util-linux_2.30.1.orig.tar.xz</code>, recompressing is what makes it possible to reproduce the tarball (and thus import it with pristine-tar) possible at all:</p>
-<p><img alt="util-linux_2.30.1.orig.tar.xz can only be imported after being recompressed" src="http://softwarelivre.org/articles/0173/3655/1_42_fail.png" title="util-linux_2.30.1.orig.tar.xz can only be imported after being recompressed" /></p>
-<p>In other cases, if the current heuristics can’t produce a reasonably small delta, recompressing makes a huge difference. It’s the case for <code>mumble_1.1.8.orig.tar.gz</code>:</p>
-<p><img alt="with recompression, the delta produced from mumble_1.1.8.orig.tar.gz goes from 1.2MB, or 99% of the size to the original tarball, to 14.6KB, 1% of the size of original tarball" src="http://softwarelivre.org/articles/0173/3654/1_42_reduce.png" title="with recompression, the delta produced from mumble_1.1.8.orig.tar.gz goes from 1.2MB, or 99% of the size to the original tarball, to 14.6KB, 1% of the size of original tarball" /></p>
-<p>Recompressing is not enabled by default, and can be enabled by passing the <code>--recompress</code> option. If you are using <code>pristine-tar</code> via a wrapper tool like <code>gbp-buildpackage</code>, you can use the <code>$PRISTINE_TAR</code> environment variable to set options that will affect any pristine-tar invocations.</p>
-<p>Also, even if you enable recompression, pristine-tar will only try it if the delta generations fails completely, of if the delta produced from the original tarball is too large. You can control what “too large” means by using the <code>--recompress-threshold-bytes</code> and <code>--recompress-threshold-percent</code> options. See the <b>pristine-tar(1)</b> manual page for details.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7737,6 +7706,37 @@ tarball is too large. You can control what “too large” means by using the
 See the **pristine-tar(1)** manual page for details.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<h2>Introduction</h2>
+<p><a href="https://packages.debian.org/pristine-tar">pristine-tar</a> is a tool that is present in the workflow of a lot of Debian people. I adopted it last year after it has been orphaned by its creator <a href="https://joeyh.name/">Joey Hess</a>. A little after that <a href="https://tomasz.buchert.pl/">Tomasz Buchert</a> joined me and we are now a functional two-person team.</p>
+<p>pristine-tar goals are to import the content of a pristine upstream tarball into a <span class="caps">VCS</span> repository, and being able to later reconstruct that exact same tarball, bit by bit, based on the contents in the <span class="caps">VCS</span>, so we don’t have to store a full copy of that tarball. This is done by storing a binary delta files which can be used to reconstruct the original tarball from a tarball produced with the contents of the <span class="caps">VCS</span>. Ultimately, we want to make sure that the tarball that is uploaded to Debian is exactly the same as the one that has been downloaded from upstream, without having to keep a full copy of it around if all of its contents is already extracted in the <span class="caps">VCS</span> anyway.</p>
+<h2>The current state of the art, and perspectives for the future</h2>
+<p>pristine-tar solves a <a href="https://en.wikipedia.org/wiki/Wicked_problem">wicked problem</a>, because our ability to reconstruct the original tarball is affected by changes in the behavior of <code>tar</code> and of all of the compression tools (<code>gzip</code>, <code>bzip2</code>, <code>xz</code>) and by what exact options were used when creating the original tarballs. Because of this, pristine-tar currently has a few embedded copies of old versions of compressors to be able to reconstruct tarballs produced by them, and also rely on a ever-evolving patch to tar that is been carried in Debian for a while.</p>
+<p>So basically keeping pristine-tar working is a game of <a href="https://en.wikipedia.org/wiki/Whac-A-Mole">Whac-A-Mole</a>. Joey provided a <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737871">good summary of the situation when he orphaned pristine-tar</a>.</p>
+<p>Going forward, we may need to rely on other ways of ensuring integrity of upstream source code. That could take the form of signed git tags, signed uncompressed tarballs (so that the compression doesn’t matter), or maybe even a different system for storing actual tarballs. <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871806">Debian bug #871806</a> contains an interesting discussion on this topic.</p>
+<h2>Recent improvements</h2>
+<p>Even if keeping pristine-tar useful in the long term  will be hard, too much of Debian work currently relies on it, so we can’t just abandon it. Instead, we keep figuring out ways to improve. And I have good news: pristine-tar has recently received updates that improve the situation quite a bit.</p>
+<p>In order to be able to understand how better we are getting at it, I created a "visualization of the <a href="https://people.debian.org/~terceiro/pristine-tar/">regression test suite results</a>. With the help of data from there, let’s look at the improvements made since pristine-tar 1.38, which was the version included in stretch.</p>
+<h3>pristine-tar 1.39: xdelta3 by default.</h3>
+<p>This was the first release made after the stretch release, and made <code>xdelta3</code> the default delta generator for newly-imported tarballs. Existing tarballs with deltas produced by <code>xdelta</code> are still supported, this only affects new imports.</p>
+<p>The support for having multiple delta generator was written by Tomasz, and was already there since 1.35, but we decided to only flip the switch after using xdelta3 was supported in a stable release.</p>
+<h3>pristine-tar 1.40: improved compression heuristics</h3>
+<p>pristine-tar uses a few heuristics to produce the smaller delta possible, and this includes trying different compression options. In the release Tomasz included a contribution by Lennart Sorensen to also try the <code>--gnu</code>, which gretly improved the support for rsyncable gzip compressed files. We can see an example of the type of improvement we got in the <a href="https://people.debian.org/~terceiro/pristine-tar/">regression test suite data for delta sizes</a> for <code>faad2_2.6.1.orig.tar.gz</code>:</p>
+<p><img alt="In 1.40, the delta produced from the test tarball faad2_2.6.1.orig.tar.gz went down from 800KB, almost the same size of tarball itself, to 6.8KB" src="http://softwarelivre.org/articles/0173/3653/1_40.png" title="In 1.40, the delta produced from the test tarball faad2_2.6.1.orig.tar.gz went down from 800KB, almost the same size of tarball itself, to 6.8KB" /></p>
+<h3>pristine-tar 1.41: support for signatures</h3>
+<p>This release saw the addition of support for storage and retrieval of upstream signatures, contributed by Chris Lamb.</p>
+<h3>pristine-tar 1.42: optionally recompressing tarballs</h3>
+<p>I had this idea and wanted to try it out: most of our problems reproducing tarballs come from tarballs produced with old compressors, or from changes in compressor behavior, or from uncommon compression options being used. What if we could just recompress the tarballs before importing then? Yes, this kind of breaks the “pristine” bit of the whole business, but on the other hand, 1) the contents of the tarball are not affected, and 2) even if the initial tarball is not bit by bit the same that upstream release, at least future uploads of that same upstream version with Debian revisions can be regenerated just fine.</p>
+<p>In some cases, as the case for the test tarball <code>util-linux_2.30.1.orig.tar.xz</code>, recompressing is what makes it possible to reproduce the tarball (and thus import it with pristine-tar) possible at all:</p>
+<p><img alt="util-linux_2.30.1.orig.tar.xz can only be imported after being recompressed" src="http://softwarelivre.org/articles/0173/3655/1_42_fail.png" title="util-linux_2.30.1.orig.tar.xz can only be imported after being recompressed" /></p>
+<p>In other cases, if the current heuristics can’t produce a reasonably small delta, recompressing makes a huge difference. It’s the case for <code>mumble_1.1.8.orig.tar.gz</code>:</p>
+<p><img alt="with recompression, the delta produced from mumble_1.1.8.orig.tar.gz goes from 1.2MB, or 99% of the size to the original tarball, to 14.6KB, 1% of the size of original tarball" src="http://softwarelivre.org/articles/0173/3654/1_42_reduce.png" title="with recompression, the delta produced from mumble_1.1.8.orig.tar.gz goes from 1.2MB, or 99% of the size to the original tarball, to 14.6KB, 1% of the size of original tarball" /></p>
+<p>Recompressing is not enabled by default, and can be enabled by passing the <code>--recompress</code> option. If you are using <code>pristine-tar</code> via a wrapper tool like <code>gbp-buildpackage</code>, you can use the <code>$PRISTINE_TAR</code> environment variable to set options that will affect any pristine-tar invocations.</p>
+<p>Also, even if you enable recompression, pristine-tar will only try it if the delta generations fails completely, of if the delta produced from the original tarball is too large. You can control what “too large” means by using the <code>--recompress-threshold-bytes</code> and <code>--recompress-threshold-percent</code> options. See the <b>pristine-tar(1)</b> manual page for details.</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 08:50:00 2017
@@ -7747,51 +7747,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Petter Reinholdtsen: Generating 3D prints in Debian using Cura and Slic3r(-prusa)
 Message-ID: http-people-skolelinux-org-pere-blog-generating_3d_prints_in_debian_using_cura_and_slic3r__prusa_-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://people.skolelinux.org/pere/blog/Generating_3D_prints_in_Debian_using_Cura_and_Slic3r__prusa_.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<p>At my nearby maker space,
-<a href="http://sonen.ifi.uio.no/">Sonen</a>, I heard the story that it
-was easier to generate gcode files for theyr 3D printers (Ultimake 2+)
-on Windows and MacOS X than Linux, because the software involved had
-to be manually compiled and set up on Linux while premade packages
-worked out of the box on Windows and MacOS X.  I found this annoying,
-as the software involved,
-<a href="https://github.com/Ultimaker/Cura">Cura</a>, is free software
-and should be trivial to get up and running on Linux if someone took
-the time to package it for the relevant distributions.  I even found
-<a href="https://bugs.debian.org/706656">a request for adding into
-Debian</a> from 2013, which had seem some activity over the years but
-never resulted in the software showing up in Debian.  So a few days
-ago I offered my help to try to improve the situation.</p>
-
-<p>Now I am very happy to see that all the packages required by a
-working Cura in Debian are uploaded into Debian and waiting in the NEW
-queue for the ftpmasters to have a look.  You can track the progress
-on
-<a href="https://qa.debian.org/developer.php?email=3dprinter-general%40lists.alioth.debian.org">the
-status page for the 3D printer team</a>.</p>
-
-<p>The uploaded packages are a bit behind upstream, and was uploaded
-now to get slots in <a href="https://ftp-master.debian.org/new.html">the NEW
-queue</a> while we work up updating the packages to the latest
-upstream version.</p>
-
-<p>On a related note, two competitors for Cura, which I found harder
-to use and was unable to configure correctly for Ultimaker 2+ in the
-short time I spent on it, are already in Debian.  If you are looking
-for 3D printer "slicers" and want something already available in
-Debian, check out
-<a href="https://tracker.debian.org/pkg/slic3r">slic3r</a> and
-<a href="https://tracker.debian.org/pkg/slic3r-prusa">slic3r-prusa</a>.
-The latter is a fork of the former.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7837,6 +7797,46 @@ want something already available in Debian, check out [slic3r][6] and
    [7]: <https://tracker.debian.org/pkg/slic3r-prusa>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<p>At my nearby maker space,
+<a href="http://sonen.ifi.uio.no/">Sonen</a>, I heard the story that it
+was easier to generate gcode files for theyr 3D printers (Ultimake 2+)
+on Windows and MacOS X than Linux, because the software involved had
+to be manually compiled and set up on Linux while premade packages
+worked out of the box on Windows and MacOS X.  I found this annoying,
+as the software involved,
+<a href="https://github.com/Ultimaker/Cura">Cura</a>, is free software
+and should be trivial to get up and running on Linux if someone took
+the time to package it for the relevant distributions.  I even found
+<a href="https://bugs.debian.org/706656">a request for adding into
+Debian</a> from 2013, which had seem some activity over the years but
+never resulted in the software showing up in Debian.  So a few days
+ago I offered my help to try to improve the situation.</p>
+
+<p>Now I am very happy to see that all the packages required by a
+working Cura in Debian are uploaded into Debian and waiting in the NEW
+queue for the ftpmasters to have a look.  You can track the progress
+on
+<a href="https://qa.debian.org/developer.php?email=3dprinter-general%40lists.alioth.debian.org">the
+status page for the 3D printer team</a>.</p>
+
+<p>The uploaded packages are a bit behind upstream, and was uploaded
+now to get slots in <a href="https://ftp-master.debian.org/new.html">the NEW
+queue</a> while we work up updating the packages to the latest
+upstream version.</p>
+
+<p>On a related note, two competitors for Cura, which I found harder
+to use and was unable to configure correctly for Ultimaker 2+ in the
+short time I spent on it, are already in Debian.  If you are looking
+for 3D printer "slicers" and want something already available in
+Debian, check out
+<a href="https://tracker.debian.org/pkg/slic3r">slic3r</a> and
+<a href="https://tracker.debian.org/pkg/slic3r-prusa">slic3r-prusa</a>.
+The latter is a fork of the former.</p>
 --===============testboundary==--
 
 From planet-debian Mon Oct  9 04:05:27 2017
@@ -7847,48 +7847,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Gunnar Wolf: Achievement unlocked - Made with Creative Commons translated to Spanish! (Thanks, @xattack!)
 Message-ID: http-gwolf-org-4113-at-http-gwolf-org
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://gwolf.org/node/4113
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/gwolf.png" width="69" height="83" alt="" align="right" style="float: right;">  <p>I am very, very, very happy to report this — And I cannot believe we have achieved this so fast:</p>
-<p>Back in June, I <a href="http://gwolf.org/node/4102">announced I'd start working on the translation</a> of the <a href="https://creativecommons.org/made-with-cc/">Made with Creative Commons book</a> into Spanish.</p>
-<p>Over the following few weeks, I worked out the most viable infrastructure, gathered input and commitments for help from a couple of friends, submitted my project for inclusion in the <a href="https://hosted.weblate.org/">Hosted Weblate translations</a> site (and got it approved!)</p>
-<p>Then, we quietly and slowly started working.</p>
-<p>Then, as it usually happens in late August, early September... The rush of the semester caught me in full, and I left this translation project for later — For the next semester, perhaps...</p>
-<p>Today, I received a mail that surprised me. That stunned me.</p>
-<p><a href="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png"><img src="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png" width="257" /></a></p>
-<p>99% of translated strings! Of course, it does not look as neat as "100%" would, but there are several strings not to be translated.</p>
-<p>So, yay for collaborative work! Oh, and FWIW — Thanks to everybody who helped. And really, really, <b>really</b>, hats off to Luis Enrique Amaya, a friend whom I see <em>way</em> less than I should. A LIDSOL graduate, and a nice guy all around. Why to him specially? Well... This has several wrinkles to iron out, but, by number of translated lines:</p>
-<ul>
-<li><b>Andrés Delgado</b> 195</li>
-<li><b>scannopolis</b> 626</li>
-<li><b>Leo Arias</b> 812</li>
-<li><b>Gunnar Wolf</b> 947</li>
-<li><b>Luis Enrique Amaya González</b> 3258</li>
-</ul>
-<p>...Need I say more? Luis, I hope you enjoyed reading the book :-]</p>
-<p>There is still a lot of work to do, and I'm asking the rest of the team some days so I can get my act together. From the mail I just sent, I need to:</p>
-<ol>
-<li>Review the Pandoc conversion process, to get the strings formatted again into a book; I had got this working somewhere in the process, but last I checked it broke. I expect this not to be too much of a hurdle, and it will help all other translations.</li>
-<li>Start the editorial process at my Institute. Once the book builds, I'll have to start again the <em>stylistic correction</em> process so the Institute agrees to print it out under its seal. This time, we have the hurdle that our correctors will probably hate us due to part of the work being done before we had actually agreed on some important Spanish language issues... which are different between Mexico, Argentina and Costa Rica (where translators are from).
-<p>Anyway — This sets the mood for a great start of the week. Yay!</p>
-
-
-
-
-</li></ol><table class="sticky-enabled" id="attachments">
- <thead><tr><th>Attachment</th><th>Size</th> </tr></thead>
-<tbody>
- <tr class="odd"><td><a href="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png">Screenshot from 2017-10-08 20-55-30.png</a></td><td>103.1 KB</td> </tr>
-</tbody>
-</table>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -7956,6 +7919,43 @@ Attachment| Size
    [5]: <http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/gwolf.png" width="69" height="83" alt="" align="right" style="float: right;">  <p>I am very, very, very happy to report this — And I cannot believe we have achieved this so fast:</p>
+<p>Back in June, I <a href="http://gwolf.org/node/4102">announced I'd start working on the translation</a> of the <a href="https://creativecommons.org/made-with-cc/">Made with Creative Commons book</a> into Spanish.</p>
+<p>Over the following few weeks, I worked out the most viable infrastructure, gathered input and commitments for help from a couple of friends, submitted my project for inclusion in the <a href="https://hosted.weblate.org/">Hosted Weblate translations</a> site (and got it approved!)</p>
+<p>Then, we quietly and slowly started working.</p>
+<p>Then, as it usually happens in late August, early September... The rush of the semester caught me in full, and I left this translation project for later — For the next semester, perhaps...</p>
+<p>Today, I received a mail that surprised me. That stunned me.</p>
+<p><a href="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png"><img src="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png" width="257" /></a></p>
+<p>99% of translated strings! Of course, it does not look as neat as "100%" would, but there are several strings not to be translated.</p>
+<p>So, yay for collaborative work! Oh, and FWIW — Thanks to everybody who helped. And really, really, <b>really</b>, hats off to Luis Enrique Amaya, a friend whom I see <em>way</em> less than I should. A LIDSOL graduate, and a nice guy all around. Why to him specially? Well... This has several wrinkles to iron out, but, by number of translated lines:</p>
+<ul>
+<li><b>Andrés Delgado</b> 195</li>
+<li><b>scannopolis</b> 626</li>
+<li><b>Leo Arias</b> 812</li>
+<li><b>Gunnar Wolf</b> 947</li>
+<li><b>Luis Enrique Amaya González</b> 3258</li>
+</ul>
+<p>...Need I say more? Luis, I hope you enjoyed reading the book :-]</p>
+<p>There is still a lot of work to do, and I'm asking the rest of the team some days so I can get my act together. From the mail I just sent, I need to:</p>
+<ol>
+<li>Review the Pandoc conversion process, to get the strings formatted again into a book; I had got this working somewhere in the process, but last I checked it broke. I expect this not to be too much of a hurdle, and it will help all other translations.</li>
+<li>Start the editorial process at my Institute. Once the book builds, I'll have to start again the <em>stylistic correction</em> process so the Institute agrees to print it out under its seal. This time, we have the hurdle that our correctors will probably hate us due to part of the work being done before we had actually agreed on some important Spanish language issues... which are different between Mexico, Argentina and Costa Rica (where translators are from).
+<p>Anyway — This sets the mood for a great start of the week. Yay!</p>
+
+
+
+
+</li></ol><table class="sticky-enabled" id="attachments">
+ <thead><tr><th>Attachment</th><th>Size</th> </tr></thead>
+<tbody>
+ <tr class="odd"><td><a href="http://gwolf.org/files/Screenshot from 2017-10-08 20-55-30.png">Screenshot from 2017-10-08 20-55-30.png</a></td><td>103.1 KB</td> </tr>
+</tbody>
+</table>
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 22:00:00 2017
@@ -7966,77 +7966,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Iain R. Learmonth: Free Software Efforts (2017W40)
 Message-ID: https-iain-learmonth-me-blog-2017-2017w40
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://iain.learmonth.me/blog/2017/2017w40/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Here’s my weekly report for week 40 of 2017. In this week I have <a href="https://iain.learmonth.me/blog/2017/2017w401/">looked at
-censorship in Catalonia</a> and
-<a href="https://iain.learmonth.me/blog/2017/2017w402/">had my “deleted” Facebook account
-hacked</a> (<a href="https://news.ycombinator.com/item?id=15391933">which made HN front
-page</a>). I’ve also <a href="https://iain.learmonth.me/blog/2017/2017w405/">been thinking
-about DRM on the web</a>.</p>
-
-<h2 id="debian">Debian</h2>
-
-<p>I have prepared and uploaded fixes for the
-<a href="https://packages.debian.org/source/sid/measurement-kit">measurement-kit</a> and
-<a href="https://packages.debian.org/source/sid/hamradio-maintguide">hamradio-maintguide</a>
-packages.</p>
-
-<p>I have also sponsored uploads for
-<a href="https://packages.debian.org/source/sid/gnustep-base">gnustep-base</a> (to
-experimental) and
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875895">chkservice</a>.</p>
-
-<p>I have given DM upload privileges to <a href="https://qa.debian.org/developer.php?email=Heintzmann.Eric%40free.fr">Eric
-Heintzmann</a>
-for the gnustep-base package as he has shown to care for the GNUstep packages
-well. In the near future, I think we’re looking at a transition for
-gnustep-{base,back,gui} as these packages all have updates.</p>
-
-<p>Bugs filed: <a href="https://bugs.debian.org/877680">#877680</a></p>
-
-<p>Bugs closed (fixed/wontfix): <a href="https://bugs.debian.org/872202">#872202</a>,
-<a href="https://bugs.debian.org/877466">#877466</a>,
-<a href="https://bugs.debian.org/877468">#877468</a></p>
-
-<h2 id="tor-project">Tor Project</h2>
-
-<p>This week I have participated in a discussion around <a href="https://trac.torproject.org/projects/tor/ticket/23716#comment:2">renaming the “Operations”
-section</a> of
-the <a href="https://metrics.torproject.org/">Metrics website</a>.</p>
-
-<p>I have also filed a <a href="https://trac.torproject.org/projects/tor/ticket/23767">new ticket on
-Atlas</a>, which I am
-planning to implement, to link to the <a href="https://blog.torproject.org/lifecycle-new-relay">new relay
-lifecycle</a> post on the <a href="https://blog.torproject.org/">Tor
-Project blog</a> if a relay is less than a week old
-to help new relay operators understand the bandwidth usage they’ll be seeing.</p>
-
-<p>Finally, I’ve been hacking on a <a href="https://twitter.com/TorAtlas">Twitter bot to tweet factoids about the public
-Tor network</a>. I’ve detailed this <a href="https://iain.learmonth.me/blog/2017/2017w407/">in a separate
-blog post</a>.</p>
-
-<p>Bugs closed (fixed/wontfix): <a href="https://bugs.torproject.org/23683">#23683</a></p>
-
-<h2 id="sustainability">Sustainability</h2>
-
-<p>I believe it is important to be clear not only about the work I have already
-completed but also about the sustainability of this work into the future. I
-plan to include a short report on the current sustainability of my work in each
-weekly report.</p>
-
-<p>I have not had any free software related expenses this week. The current funds
-I have available for equipment, travel and other free software expenses remains
-£60.52. I do not believe that any hardware I rely on is looking at imminent
-failure.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8121,6 +8055,72 @@ remains £60.52. I do not believe that any hardware I rely on is looking at
 imminent failure.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>Here’s my weekly report for week 40 of 2017. In this week I have <a href="https://iain.learmonth.me/blog/2017/2017w401/">looked at
+censorship in Catalonia</a> and
+<a href="https://iain.learmonth.me/blog/2017/2017w402/">had my “deleted” Facebook account
+hacked</a> (<a href="https://news.ycombinator.com/item?id=15391933">which made HN front
+page</a>). I’ve also <a href="https://iain.learmonth.me/blog/2017/2017w405/">been thinking
+about DRM on the web</a>.</p>
+
+<h2 id="debian">Debian</h2>
+
+<p>I have prepared and uploaded fixes for the
+<a href="https://packages.debian.org/source/sid/measurement-kit">measurement-kit</a> and
+<a href="https://packages.debian.org/source/sid/hamradio-maintguide">hamradio-maintguide</a>
+packages.</p>
+
+<p>I have also sponsored uploads for
+<a href="https://packages.debian.org/source/sid/gnustep-base">gnustep-base</a> (to
+experimental) and
+<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875895">chkservice</a>.</p>
+
+<p>I have given DM upload privileges to <a href="https://qa.debian.org/developer.php?email=Heintzmann.Eric%40free.fr">Eric
+Heintzmann</a>
+for the gnustep-base package as he has shown to care for the GNUstep packages
+well. In the near future, I think we’re looking at a transition for
+gnustep-{base,back,gui} as these packages all have updates.</p>
+
+<p>Bugs filed: <a href="https://bugs.debian.org/877680">#877680</a></p>
+
+<p>Bugs closed (fixed/wontfix): <a href="https://bugs.debian.org/872202">#872202</a>,
+<a href="https://bugs.debian.org/877466">#877466</a>,
+<a href="https://bugs.debian.org/877468">#877468</a></p>
+
+<h2 id="tor-project">Tor Project</h2>
+
+<p>This week I have participated in a discussion around <a href="https://trac.torproject.org/projects/tor/ticket/23716#comment:2">renaming the “Operations”
+section</a> of
+the <a href="https://metrics.torproject.org/">Metrics website</a>.</p>
+
+<p>I have also filed a <a href="https://trac.torproject.org/projects/tor/ticket/23767">new ticket on
+Atlas</a>, which I am
+planning to implement, to link to the <a href="https://blog.torproject.org/lifecycle-new-relay">new relay
+lifecycle</a> post on the <a href="https://blog.torproject.org/">Tor
+Project blog</a> if a relay is less than a week old
+to help new relay operators understand the bandwidth usage they’ll be seeing.</p>
+
+<p>Finally, I’ve been hacking on a <a href="https://twitter.com/TorAtlas">Twitter bot to tweet factoids about the public
+Tor network</a>. I’ve detailed this <a href="https://iain.learmonth.me/blog/2017/2017w407/">in a separate
+blog post</a>.</p>
+
+<p>Bugs closed (fixed/wontfix): <a href="https://bugs.torproject.org/23683">#23683</a></p>
+
+<h2 id="sustainability">Sustainability</h2>
+
+<p>I believe it is important to be clear not only about the work I have already
+completed but also about the sustainability of this work into the future. I
+plan to include a short report on the current sustainability of my work in each
+weekly report.</p>
+
+<p>I have not had any free software related expenses this week. The current funds
+I have available for equipment, travel and other free software expenses remains
+£60.52. I do not believe that any hardware I rely on is looking at imminent
+failure.</p>
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 20:45:00 2017
@@ -8131,11 +8131,63 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Michael Stapelberg: Debian stretch on the Raspberry Pi 3 (update)
 Message-ID: https-people-debian-org-stapelberg-2017-10-08-raspberry-pi-3
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://people.debian.org/~stapelberg//2017/10/08/raspberry-pi-3.html
 
+--===============testboundary==
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+https://people.debian.org/~stapelberg//2017/10/08/raspberry-pi-3.html
+
+I previously wrote about [my Debian stretch preview image for the Raspberry Pi
+3][1].
+
+   [1]: <https://people.debian.org/~stapelberg/2017/03/22/raspberry-pi-3.html>
+
+Now, I’m publishing an updated version, containing the following changes:
+
+  * SSH host keys are generated on first boot. 
+  * Old kernel versions are now removed from /boot/firmware when purged. 
+  * The image is built with [vmdb2][2], the successor to vmdebootstrap. The input files are available at <https://github.com/Debian/raspi3-image-spec>. 
+  * The image uses the linux-image-arm64 4.13.4-3 kernel, which provides HDMI output. 
+  * The image is now compressed using bzip2, reducing its size to 220M. 
+
+   [2]: <https://github.com/larswirzenius/vmdb2>
+
+A couple of issues remain, notably the lack of WiFi and bluetooth support (see
+[wiki:RaspberryPi3][3] for details. Any help with fixing these issues is very
+welcome!
+
+   [3]: <https://wiki.debian.org/RaspberryPi3>
+
+As a **preview version** (i.e. unofficial, unsupported, etc.) until all the
+necessary bits and pieces are in place to build images in a proper place in
+Debian, I built and uploaded the resulting image. Find it at
+<https://people.debian.org/~stapelberg/raspberrypi3/2017-10-08/>. To install
+the image, insert the SD card into your computer (I’m assuming it’s available
+as `/dev/sdb`) and copy the image onto it:
+
+    
+    
+    $ wget https://people.debian.org/~stapelberg/raspberrypi3/2017-10-08/2017-10-08-raspberry-pi-3-buster-PREVIEW.img.bz2
+    $ bunzip2 2017-10-08-raspberry-pi-3-buster-PREVIEW.img.bz2
+    $ sudo dd if=2017-10-08-raspberry-pi-3-buster-PREVIEW.img of=/dev/sdb bs=5M
+    
+
+If resolving client-supplied DHCP hostnames works in your network, you should
+be able to log into the Raspberry Pi 3 using SSH after booting it:
+
+    
+    
+    $ ssh root@rpi3
+    # Password is “raspberry”
+    
+
+
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
@@ -8197,58 +8249,6 @@ be able to log into the Raspberry Pi 3 using SSH after booting it:
 <pre>$ ssh root@rpi3
 # Password is “raspberry”
 </pre>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-https://people.debian.org/~stapelberg//2017/10/08/raspberry-pi-3.html
-
-I previously wrote about [my Debian stretch preview image for the Raspberry Pi
-3][1].
-
-   [1]: <https://people.debian.org/~stapelberg/2017/03/22/raspberry-pi-3.html>
-
-Now, I’m publishing an updated version, containing the following changes:
-
-  * SSH host keys are generated on first boot. 
-  * Old kernel versions are now removed from /boot/firmware when purged. 
-  * The image is built with [vmdb2][2], the successor to vmdebootstrap. The input files are available at <https://github.com/Debian/raspi3-image-spec>. 
-  * The image uses the linux-image-arm64 4.13.4-3 kernel, which provides HDMI output. 
-  * The image is now compressed using bzip2, reducing its size to 220M. 
-
-   [2]: <https://github.com/larswirzenius/vmdb2>
-
-A couple of issues remain, notably the lack of WiFi and bluetooth support (see
-[wiki:RaspberryPi3][3] for details. Any help with fixing these issues is very
-welcome!
-
-   [3]: <https://wiki.debian.org/RaspberryPi3>
-
-As a **preview version** (i.e. unofficial, unsupported, etc.) until all the
-necessary bits and pieces are in place to build images in a proper place in
-Debian, I built and uploaded the resulting image. Find it at
-<https://people.debian.org/~stapelberg/raspberrypi3/2017-10-08/>. To install
-the image, insert the SD card into your computer (I’m assuming it’s available
-as `/dev/sdb`) and copy the image onto it:
-
-    
-    
-    $ wget https://people.debian.org/~stapelberg/raspberrypi3/2017-10-08/2017-10-08-raspberry-pi-3-buster-PREVIEW.img.bz2
-    $ bunzip2 2017-10-08-raspberry-pi-3-buster-PREVIEW.img.bz2
-    $ sudo dd if=2017-10-08-raspberry-pi-3-buster-PREVIEW.img of=/dev/sdb bs=5M
-    
-
-If resolving client-supplied DHCP hostnames works in your network, you should
-be able to log into the Raspberry Pi 3 using SSH after booting it:
-
-    
-    
-    $ ssh root@rpi3
-    # Password is “raspberry”
-    
-
-
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 19:08:13 2017
@@ -8259,41 +8259,11 @@ To: to@example.com
 From: Joachim Breitner <mail@joachim-breitner.de>
 Subject: Joachim Breitner: e.g. in TeX
 Message-ID: http-www-joachim-breitner-de-blog-731-e_g__in_tex
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.joachim-breitner.de/blog/731-e_g__in_TeX
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/nomeata.png" width="64" height="64" alt="" align="right" style="float: right;">  <p>When I learned TeX, I was told to not write <code>e.g. something</code>, because TeX would think the period after the “g” ends a sentence, and introduce a wider, inter-sentence space. Instead, I was to write <code>e.g.\␣</code>.</p>
-<p>Years later, I learned from a convincing, but since forgotten source, that in fact <code>e.g.\@</code> is the proper thing to write. I vaguely remembering that <code>e.g.\␣</code> supposedly affected the inter-word space in some unwanted way. So I did that for many years.</p>
-<p>Until I recently was called out for doing it wrong, and that infact <code>e.g.\␣</code> is the proper way. This was supported by <a href="https://tex.stackexchange.com/a/22563/15107">a StackExchange answer</a> written by a LaTeX authority and backed by a reference to documentation. The same question has, however, <a href="https://tex.stackexchange.com/a/22564/15107">another answer</a> by another TeX authority, backed by an analysis of the implementation, which concludes that <code>e.g.\@</code> is proper.</p>
-<p>What now? I guess I just have to find it out myself.</p>
-<div class="figure">
-<img alt="The problem and two solutions" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-1.gif" /><p class="caption">The problem and two solutions</p>
-</div>
-<p>The above image shows three variants: The obviously broken version with <code>e.g.</code>, and the two contesting variants to fix it. Looks like they yield equal results!</p>
-<p>So maybe the difference lies in how <code>\@</code> and <code>\␣</code> react when the line length changes, and the word wrapping require differences in the inter-word spacing. Will there be differences? Let’s see;</p>
-<div class="figure">
-<img alt="Expanding whitespace, take 1" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-2.gif" /><p class="caption">Expanding whitespace, take 1</p>
-</div>
-<div class="figure">
-<img alt="Expanding whitespace, take 2" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-3.gif" /><p class="caption">Expanding whitespace, take 2</p>
-</div>
-<p>I cannot see any difference. But the inter-sentence whitespace ate most of the expansion. Is there a difference visible if we have only inter-word spacing in the line?</p>
-<div class="figure">
-<img alt="Expanding whitespace, take 3" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-4.gif" /><p class="caption">Expanding whitespace, take 3</p>
-</div>
-<div class="figure">
-<img alt="Expanding whitespace, take 4" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-5.gif" /><p class="caption">Expanding whitespace, take 4</p>
-</div>
-<p>Again, I see the same behaviour.</p>
-<p><strong>Conclusion</strong>: It does not matter, but <code>e.g.\␣</code> is less hassle when using <a href="http://hackage.haskell.org/package/lhs2tex">lhs2tex</a> than <code>e.g.\@</code> (which has to be escaped as <code>e.g.\@@</code>), so the winner is <code>e.g.\␣</code>!</p>
-<p>(Unless you put it in a macro, <a href="https://tex.stackexchange.com/a/116530/15107">then <code>\@</code> might be preferable</a>, and it is still <a href="https://tex.stackexchange.com/a/55112/15107">needed between a captial letter and a sentence period</a>.)</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8368,6 +8338,36 @@ still [needed between a captial letter and a sentence period][5].)
    [5]: <https://tex.stackexchange.com/a/55112/15107>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/nomeata.png" width="64" height="64" alt="" align="right" style="float: right;">  <p>When I learned TeX, I was told to not write <code>e.g. something</code>, because TeX would think the period after the “g” ends a sentence, and introduce a wider, inter-sentence space. Instead, I was to write <code>e.g.\␣</code>.</p>
+<p>Years later, I learned from a convincing, but since forgotten source, that in fact <code>e.g.\@</code> is the proper thing to write. I vaguely remembering that <code>e.g.\␣</code> supposedly affected the inter-word space in some unwanted way. So I did that for many years.</p>
+<p>Until I recently was called out for doing it wrong, and that infact <code>e.g.\␣</code> is the proper way. This was supported by <a href="https://tex.stackexchange.com/a/22563/15107">a StackExchange answer</a> written by a LaTeX authority and backed by a reference to documentation. The same question has, however, <a href="https://tex.stackexchange.com/a/22564/15107">another answer</a> by another TeX authority, backed by an analysis of the implementation, which concludes that <code>e.g.\@</code> is proper.</p>
+<p>What now? I guess I just have to find it out myself.</p>
+<div class="figure">
+<img alt="The problem and two solutions" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-1.gif" /><p class="caption">The problem and two solutions</p>
+</div>
+<p>The above image shows three variants: The obviously broken version with <code>e.g.</code>, and the two contesting variants to fix it. Looks like they yield equal results!</p>
+<p>So maybe the difference lies in how <code>\@</code> and <code>\␣</code> react when the line length changes, and the word wrapping require differences in the inter-word spacing. Will there be differences? Let’s see;</p>
+<div class="figure">
+<img alt="Expanding whitespace, take 1" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-2.gif" /><p class="caption">Expanding whitespace, take 1</p>
+</div>
+<div class="figure">
+<img alt="Expanding whitespace, take 2" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-3.gif" /><p class="caption">Expanding whitespace, take 2</p>
+</div>
+<p>I cannot see any difference. But the inter-sentence whitespace ate most of the expansion. Is there a difference visible if we have only inter-word spacing in the line?</p>
+<div class="figure">
+<img alt="Expanding whitespace, take 3" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-4.gif" /><p class="caption">Expanding whitespace, take 3</p>
+</div>
+<div class="figure">
+<img alt="Expanding whitespace, take 4" src="//www.joachim-breitner.de/various/tex-eg/tex-eg-at-5.gif" /><p class="caption">Expanding whitespace, take 4</p>
+</div>
+<p>Again, I see the same behaviour.</p>
+<p><strong>Conclusion</strong>: It does not matter, but <code>e.g.\␣</code> is less hassle when using <a href="http://hackage.haskell.org/package/lhs2tex">lhs2tex</a> than <code>e.g.\@</code> (which has to be escaped as <code>e.g.\@@</code>), so the winner is <code>e.g.\␣</code>!</p>
+<p>(Unless you put it in a macro, <a href="https://tex.stackexchange.com/a/116530/15107">then <code>\@</code> might be preferable</a>, and it is still <a href="https://tex.stackexchange.com/a/55112/15107">needed between a captial letter and a sentence period</a>.)</p>
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 17:36:49 2017
@@ -8378,35 +8378,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Daniel Pocock: A step change in managing your calendar, without social media
 Message-ID: https-danielpocock-com-340-at-https-danielpocock-com
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://danielpocock.com/a-step-change-in-your-calendar
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/pocock.png" width="65" height="85" alt="" align="right" style="float: right;">  <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>Have you been to an event recently involving <a href="https://en.wikipedia.org/wiki/Free_software">free software</a> or a related topic?  How did you find it?  Are you organizing an event and don't want to fall into the trap of using Facebook or Meetup or other services that compete for a share of your community's attention?</p>
-<p>Are you keen to find events in foreign destinations related to your interest areas to coincide with other travel intentions?</p>
-<p>Have you been concerned when your <a href="https://danielpocock.com/tags/gsoc">GSoC or Outreachy</a> interns lost a week of their project going through the bureaucracy to get a visa for your community's event?  Would you like to make it easier for them to find the best events in the countries that welcome and respect visitors?</p>
-<p>In many recent discussions about free software activism, people have struggled to break out of the illusion that social media is the way to cultivate new contacts.  Wouldn't it be great to make more meaningful contacts by attending more a more diverse range of events rather <a href="https://danielpocock.com/how-did-the-world-ever-work-without-facebook">than losing time on social media</a>?</p>
-<h3>Making it happen</h3>
-<p>There are already a number of tools (for example, <a href="https://www.drupal.org/search/site/icalendar">Drupal plugins</a> and <a href="https://wordpress.org/plugins/search/icalendar/">Wordpress plugins</a>) for promoting your events on the web and in <a href="https://en.wikipedia.org/wiki/ICalendar">iCalendar format</a>.  There are also a number of sites like <a href="https://www.agendadulibre.org/">Agenda du Libre</a> and <a href="http://grical.org/">GriCal</a> who aggregate events from multiple communities where people can browse them.</p>
-<p>How can we take these concepts further and make a convenient, compelling and global solution?</p>
-<p>Can we harvest event data from a wide range of sources and compile it into a large database using something like <a href="https://www.postgresql.org">PostgreSQL</a> or a NoSQL solution or even a distributed solution like <a href="https://blog.savoirfairelinux.com/en-ca/2015/ring-opendht-a-distributed-hash-table/">OpenDHT</a>?</p>
-<p>Can we use big data techniques to mine these datasources and help match people to events without compromising on privacy?</p>
-<p>Why not build an automated iCalendar "to-do" list of deadlines for events you want to be reminded about, so you never miss the deadlines for travel sponsorship or submitting a talk proposal?</p>
-<p>I've started <a href="https://wiki.debian.org/SocialEventAndConferenceCalendars">documenting an architecture for this on the Debian wiki</a> and proposed it as an <a href="https://wiki.debian.org/Outreachy/Round15/Projects/SocialEventAndConferenceCalendars">Outreachy project</a>.  It will also be offered as part of GSoC in 2018.</p>
-<h3>Ways to get involved</h3>
-<p>If you would like to help this project, please consider <a href="https://lists.debian.org/debian-outreach">introducing yourself on the debian-outreach mailing list</a> and helping to mentor or refer interns for the project.  You can also help contribute ideas for the specification through the mailing list or wiki.</p>
-<h3>Mini DebConf Prishtina 2017</h3>
-<p>This weekend I've been at the <a href="https://wiki.debian.org/DebianEvents/ks/2017/MiniDebConfPrishtina">MiniDebConf in Prishtina, Kosovo</a>.  It has been hosted by the <a href="http://www.prishtinahackerspace.org/">amazing Prishtina hackerspace community</a>.</p>
-<p><img src="https://danielpocock.com/sites/danielpocock.com/files/2017-10-07-prishtina-group-photo.jpg" /></p>
-<p>Watch out for future events in Prishtina, the pizzas are huge, but that didn't stop them disappearing before we finished the photos:</p>
-<p><img src="https://danielpocock.com/sites/danielpocock.com/files/2017-10-07-pizzas.jpg" /></p>
-</div></div></div>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8498,6 +8474,30 @@ Watch out for future events in Prishtina, the pizzas are huge, but that didn't
 stop them disappearing before we finished the photos:
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/pocock.png" width="65" height="85" alt="" align="right" style="float: right;">  <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>Have you been to an event recently involving <a href="https://en.wikipedia.org/wiki/Free_software">free software</a> or a related topic?  How did you find it?  Are you organizing an event and don't want to fall into the trap of using Facebook or Meetup or other services that compete for a share of your community's attention?</p>
+<p>Are you keen to find events in foreign destinations related to your interest areas to coincide with other travel intentions?</p>
+<p>Have you been concerned when your <a href="https://danielpocock.com/tags/gsoc">GSoC or Outreachy</a> interns lost a week of their project going through the bureaucracy to get a visa for your community's event?  Would you like to make it easier for them to find the best events in the countries that welcome and respect visitors?</p>
+<p>In many recent discussions about free software activism, people have struggled to break out of the illusion that social media is the way to cultivate new contacts.  Wouldn't it be great to make more meaningful contacts by attending more a more diverse range of events rather <a href="https://danielpocock.com/how-did-the-world-ever-work-without-facebook">than losing time on social media</a>?</p>
+<h3>Making it happen</h3>
+<p>There are already a number of tools (for example, <a href="https://www.drupal.org/search/site/icalendar">Drupal plugins</a> and <a href="https://wordpress.org/plugins/search/icalendar/">Wordpress plugins</a>) for promoting your events on the web and in <a href="https://en.wikipedia.org/wiki/ICalendar">iCalendar format</a>.  There are also a number of sites like <a href="https://www.agendadulibre.org/">Agenda du Libre</a> and <a href="http://grical.org/">GriCal</a> who aggregate events from multiple communities where people can browse them.</p>
+<p>How can we take these concepts further and make a convenient, compelling and global solution?</p>
+<p>Can we harvest event data from a wide range of sources and compile it into a large database using something like <a href="https://www.postgresql.org">PostgreSQL</a> or a NoSQL solution or even a distributed solution like <a href="https://blog.savoirfairelinux.com/en-ca/2015/ring-opendht-a-distributed-hash-table/">OpenDHT</a>?</p>
+<p>Can we use big data techniques to mine these datasources and help match people to events without compromising on privacy?</p>
+<p>Why not build an automated iCalendar "to-do" list of deadlines for events you want to be reminded about, so you never miss the deadlines for travel sponsorship or submitting a talk proposal?</p>
+<p>I've started <a href="https://wiki.debian.org/SocialEventAndConferenceCalendars">documenting an architecture for this on the Debian wiki</a> and proposed it as an <a href="https://wiki.debian.org/Outreachy/Round15/Projects/SocialEventAndConferenceCalendars">Outreachy project</a>.  It will also be offered as part of GSoC in 2018.</p>
+<h3>Ways to get involved</h3>
+<p>If you would like to help this project, please consider <a href="https://lists.debian.org/debian-outreach">introducing yourself on the debian-outreach mailing list</a> and helping to mentor or refer interns for the project.  You can also help contribute ideas for the specification through the mailing list or wiki.</p>
+<h3>Mini DebConf Prishtina 2017</h3>
+<p>This weekend I've been at the <a href="https://wiki.debian.org/DebianEvents/ks/2017/MiniDebConfPrishtina">MiniDebConf in Prishtina, Kosovo</a>.  It has been hosted by the <a href="http://www.prishtinahackerspace.org/">amazing Prishtina hackerspace community</a>.</p>
+<p><img src="https://danielpocock.com/sites/danielpocock.com/files/2017-10-07-prishtina-group-photo.jpg" /></p>
+<p>Watch out for future events in Prishtina, the pizzas are huge, but that didn't stop them disappearing before we finished the photos:</p>
+<p><img src="https://danielpocock.com/sites/danielpocock.com/files/2017-10-07-pizzas.jpg" /></p>
+</div></div></div>
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 16:17:09 2017
@@ -8508,36 +8508,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Ricardo Mones: Cannot enable. Maybe the USB cable is bad?
 Message-ID: https-mones-livejournal-com-116050-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://mones.livejournal.com/116050.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/mones.png" width="65" height="85" alt="" align="right" style="float: right;">  One of the reasons which made me switch my old 17" BenQ monitor for a Dell U2413 three years ago was it had an integrated SD card reader. I find very convenient to take camera's card out, plug the card into the monitor and click on KDE device monitor's option “Open with <a href="https://www.digikam.org/" rel="nofollow">digiKam</a>” to download the photos or videos.<br /><br />But last week, when trying to reconnect the USB cable to the new board just didn't work and the kernel log messages were not very hopeful:<br /><br /><pre>[190231.770349] usb 2-2.3.3: new SuperSpeed USB device number 15 using xhci_hcd
-[190231.890439] usb 2-2.3.3: New USB device found, idVendor=0bda, idProduct=0307
-[190231.890444] usb 2-2.3.3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
-[190231.890446] usb 2-2.3.3: Product: USB3.0 Card Reader
-[190231.890449] usb 2-2.3.3: Manufacturer: Realtek
-[190231.890451] usb 2-2.3.3: SerialNumber: F141000037E1
-[190231.896592] usb-storage 2-2.3.3:1.0: USB Mass Storage device detected
-[190231.896764] scsi host8: usb-storage 2-2.3.3:1.0
-[190232.931861] scsi 8:0:0:0: Direct-Access     Generic- SD/MMC/MS/MSPRO  1.00 PQ: 0 ANSI: 6
-[190232.933902] sd 8:0:0:0: Attached scsi generic sg5 type 0
-[190232.937989] sd 8:0:0:0: [sde] Attached SCSI removable disk
-[190243.069680] hub 2-2.3:1.0: hub_ext_port_status failed (err = -71)
-[190243.070037] usb 2-2.3-port3: cannot reset (err = -71)
-[190243.070410] usb 2-2.3-port3: cannot reset (err = -71)
-[190243.070660] usb 2-2.3-port3: cannot reset (err = -71)
-[190243.071035] usb 2-2.3-port3: cannot reset (err = -71)
-[190243.071409] usb 2-2.3-port3: cannot reset (err = -71)
-[190243.071413] usb 2-2.3-port3: Cannot enable. Maybe the USB cable is bad?
-...
-</pre><br />I was sure USB 3.0 ports were working, because I've already used them with a USB 3.0 drive, so first thought was the monitor USB hub had failed. It seemed unlikely that a cable which has not been moved in 3 years was suddenly failing, is that even possible?<br /><br />But a few moments later the same cable plugged into a USB 2.0 worked flawlessly and all photos could be downloaded, just noticeably slower.<br /><br />A bit confused, and thinking that, since everything else was working maybe the cable had to be replaced, it happened I upgraded the system in the meantime. And luck came into rescue, because now it works again in 4.9.30-2+deb9u5 kernel. Looking at the <a href="http://metadata.ftp-master.debian.org/changelogs/main/l/linux/linux_4.9.51-1_changelog" rel="nofollow">package changelog</a> it seems the fix was this “<a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.54&amp;id=6b3b3a22ef206ba9c141e04c50b0f48762571bc9" rel="nofollow">usb:xhci:Fix regression when ATI chipsets detected</a>“. So, not a bad cable but a little kernel bug <tt>;-)</tt><br /><br />Thanks to all involved, specially <a href="https://wiki.debian.org/BenHutchings" rel="nofollow">Ben</a> for the package update!
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8602,79 +8577,46 @@ Thanks to all involved, specially [Ben][4] for the package update!
    [4]: <https://wiki.debian.org/BenHutchings>
 
 
---===============testboundary==--
-
-From planet-debian Sun Oct  8 14:00:00 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Sun, 08 Oct 2017 14:00:00 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Iain R. Learmonth: Tor Relays on Twitter
-Message-ID: https-iain-learmonth-me-blog-2017-2017w407
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://iain.learmonth.me/blog/2017/2017w407/
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>A while ago I played with <a href="https://twitter.com/hamlocator">a Twitter bot</a> that
-would track <a href="https://en.wikipedia.org/wiki/Amateur_radio">radio amateurs</a> using
-a <a href="http://www.aprs-is.net/">packet radio position reporting system</a>, tweet
-their location and a picture from Flickr that was taken near to their location
-and a link to their packet radio activity on <a href="http://aprs.fi/">aprs.fi</a>. It’s
-really not that hard to put these things together and they can be a lot of fun.
-The tweets looked like this:</p>
-
-<blockquote class="twitter-tweet"><p dir="ltr" lang="de">VK4CVL is mobile near Chapel Hill, Australia <a href="http://t.co/2dqvuqjJxQ">http://t.co/2dqvuqjJxQ</a> <a href="http://t.co/q88OhtcPTX">http://t.co/q88OhtcPTX</a> <a href="https://twitter.com/hashtag/hamradio?src=hash&amp;ref_src=twsrc%5Etfw">#hamradio</a> <a href="https://twitter.com/hashtag/hamr?src=hash&amp;ref_src=twsrc%5Etfw">#hamr</a> <a href="http://t.co/5gBVw3ebvq">pic.twitter.com/5gBVw3ebvq</a></p>— HamLocator (@HamLocator) <a href="https://twitter.com/HamLocator/status/609225043160248320?ref_src=twsrc%5Etfw">June 12, 2015</a></blockquote>
-
-
-<p>This isn’t about building a system that serves any critical purpose, it’s about
-fun. As the radio stations were chosen essentially at random, there could be
-some cool things showing up that you wouldn’t otherwise have seen. Maybe you’d
-spot a callsign of a station you’ve spoken to before on HF or perhaps you’d see
-stations in areas near you or in cool places.</p>
-
-<p>On Friday evening I took a go at hacking together <a href="https://twitter.com/toratlas">a bot for Tor
-relays</a>. The idea being to have regular snippets
-of information from the <a href="https://metrics.torproject.org/">Tor network</a> and
-perhaps you’ll spot something insightful or interesting. Not every tweet is
-going to be amazing, but it wasn’t running for very long before I spotted a
-relay very close to its 10th birthday:</p>
-
-<blockquote class="twitter-tweet"><p dir="ltr" lang="en">esko in Finland started contributing bandwidth to the <a href="https://twitter.com/hashtag/Tor?src=hash&amp;ref_src=twsrc%5Etfw">#Tor</a> network 9 years and 51 weeks ago <a href="https://t.co/4K7aj9Jf6C">https://t.co/4K7aj9Jf6C</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/916730367956176896?ref_src=twsrc%5Etfw">October 7, 2017</a></blockquote>
-
-
-<p>The relays are chosen at random, and tweet templates are chosen at random too.
-So far, tweets about individual relays can be about age or current bandwidth
-contribution to the Tor network. There are also tweets about how many relays
-run in a particular autonomous system (again, chosen at random) and tweets
-about the total number of relays currently running. The total relays tweets
-come with a map:</p>
-
-<blockquote class="twitter-tweet"><p dir="ltr" lang="en">There are currently 6638 <a href="https://twitter.com/hashtag/Tor?src=hash&amp;ref_src=twsrc%5Etfw">#Tor</a> relays running. <a href="https://t.co/uySyX7AlAH">https://t.co/uySyX7AlAH</a> <a href="https://t.co/BbgNGpoNtY">pic.twitter.com/BbgNGpoNtY</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/916807885824385026?ref_src=twsrc%5Etfw">October 7, 2017</a></blockquote>
-
-
-<p>The maps are produced using <a href="https://packages.debian.org/sid/xplanet">xplanet</a>.
-The Earth will rotate to show the current side in daylight at the time the
-tweet is posted.</p>
-
-<p>Unfortunately, the bot currently cannot tweet as the account has been
-suspended. You should still be able to <a class="twitter-follow-button" href="https://twitter.com/TorAtlas">follow
-@TorAtlas</a> though and tweets will begin appearing again once I’ve resolved
-the suspension.</p>
+<img src="http://planet.debian.org/heads/mones.png" width="65" height="85" alt="" align="right" style="float: right;">  One of the reasons which made me switch my old 17" BenQ monitor for a Dell U2413 three years ago was it had an integrated SD card reader. I find very convenient to take camera's card out, plug the card into the monitor and click on KDE device monitor's option “Open with <a href="https://www.digikam.org/" rel="nofollow">digiKam</a>” to download the photos or videos.<br /><br />But last week, when trying to reconnect the USB cable to the new board just didn't work and the kernel log messages were not very hopeful:<br /><br /><pre>[190231.770349] usb 2-2.3.3: new SuperSpeed USB device number 15 using xhci_hcd
+[190231.890439] usb 2-2.3.3: New USB device found, idVendor=0bda, idProduct=0307
+[190231.890444] usb 2-2.3.3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
+[190231.890446] usb 2-2.3.3: Product: USB3.0 Card Reader
+[190231.890449] usb 2-2.3.3: Manufacturer: Realtek
+[190231.890451] usb 2-2.3.3: SerialNumber: F141000037E1
+[190231.896592] usb-storage 2-2.3.3:1.0: USB Mass Storage device detected
+[190231.896764] scsi host8: usb-storage 2-2.3.3:1.0
+[190232.931861] scsi 8:0:0:0: Direct-Access     Generic- SD/MMC/MS/MSPRO  1.00 PQ: 0 ANSI: 6
+[190232.933902] sd 8:0:0:0: Attached scsi generic sg5 type 0
+[190232.937989] sd 8:0:0:0: [sde] Attached SCSI removable disk
+[190243.069680] hub 2-2.3:1.0: hub_ext_port_status failed (err = -71)
+[190243.070037] usb 2-2.3-port3: cannot reset (err = -71)
+[190243.070410] usb 2-2.3-port3: cannot reset (err = -71)
+[190243.070660] usb 2-2.3-port3: cannot reset (err = -71)
+[190243.071035] usb 2-2.3-port3: cannot reset (err = -71)
+[190243.071409] usb 2-2.3-port3: cannot reset (err = -71)
+[190243.071413] usb 2-2.3-port3: Cannot enable. Maybe the USB cable is bad?
+...
+</pre><br />I was sure USB 3.0 ports were working, because I've already used them with a USB 3.0 drive, so first thought was the monitor USB hub had failed. It seemed unlikely that a cable which has not been moved in 3 years was suddenly failing, is that even possible?<br /><br />But a few moments later the same cable plugged into a USB 2.0 worked flawlessly and all photos could be downloaded, just noticeably slower.<br /><br />A bit confused, and thinking that, since everything else was working maybe the cable had to be replaced, it happened I upgraded the system in the meantime. And luck came into rescue, because now it works again in 4.9.30-2+deb9u5 kernel. Looking at the <a href="http://metadata.ftp-master.debian.org/changelogs/main/l/linux/linux_4.9.51-1_changelog" rel="nofollow">package changelog</a> it seems the fix was this “<a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.54&amp;id=6b3b3a22ef206ba9c141e04c50b0f48762571bc9" rel="nofollow">usb:xhci:Fix regression when ATI chipsets detected</a>“. So, not a bad cable but a little kernel bug <tt>;-)</tt><br /><br />Thanks to all involved, specially <a href="https://wiki.debian.org/BenHutchings" rel="nofollow">Ben</a> for the package update!
+--===============testboundary==--
 
-<p>I plan to rewrite the mess of cron-activated Python scripts into a coherent
-Python (maybe Java) application and publish the sources soon. There are also a
-number of new templates for tweets I’d like to explore, including number of
-relays and bandwidth contributed per family and statistics on <a href="https://torbsd.github.io/">operating system
-diversity</a>.</p>
+From planet-debian Sun Oct  8 14:00:00 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Sun, 08 Oct 2017 14:00:00 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Iain R. Learmonth: Tor Relays on Twitter
+Message-ID: https-iain-learmonth-me-blog-2017-2017w407
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://iain.learmonth.me/blog/2017/2017w407/
 
-<p><em>Update (2017-10-08)</em>: The @TorAtlas account should now be unsuspended.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8775,6 +8717,64 @@ system diversity][18].
 _Update (2017-10-08)_ : The @TorAtlas account should now be unsuspended.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/irl.png" width="80" height="80" alt="" align="right" style="float: right;">  <p>A while ago I played with <a href="https://twitter.com/hamlocator">a Twitter bot</a> that
+would track <a href="https://en.wikipedia.org/wiki/Amateur_radio">radio amateurs</a> using
+a <a href="http://www.aprs-is.net/">packet radio position reporting system</a>, tweet
+their location and a picture from Flickr that was taken near to their location
+and a link to their packet radio activity on <a href="http://aprs.fi/">aprs.fi</a>. It’s
+really not that hard to put these things together and they can be a lot of fun.
+The tweets looked like this:</p>
+
+<blockquote class="twitter-tweet"><p dir="ltr" lang="de">VK4CVL is mobile near Chapel Hill, Australia <a href="http://t.co/2dqvuqjJxQ">http://t.co/2dqvuqjJxQ</a> <a href="http://t.co/q88OhtcPTX">http://t.co/q88OhtcPTX</a> <a href="https://twitter.com/hashtag/hamradio?src=hash&amp;ref_src=twsrc%5Etfw">#hamradio</a> <a href="https://twitter.com/hashtag/hamr?src=hash&amp;ref_src=twsrc%5Etfw">#hamr</a> <a href="http://t.co/5gBVw3ebvq">pic.twitter.com/5gBVw3ebvq</a></p>— HamLocator (@HamLocator) <a href="https://twitter.com/HamLocator/status/609225043160248320?ref_src=twsrc%5Etfw">June 12, 2015</a></blockquote>
+
+
+<p>This isn’t about building a system that serves any critical purpose, it’s about
+fun. As the radio stations were chosen essentially at random, there could be
+some cool things showing up that you wouldn’t otherwise have seen. Maybe you’d
+spot a callsign of a station you’ve spoken to before on HF or perhaps you’d see
+stations in areas near you or in cool places.</p>
+
+<p>On Friday evening I took a go at hacking together <a href="https://twitter.com/toratlas">a bot for Tor
+relays</a>. The idea being to have regular snippets
+of information from the <a href="https://metrics.torproject.org/">Tor network</a> and
+perhaps you’ll spot something insightful or interesting. Not every tweet is
+going to be amazing, but it wasn’t running for very long before I spotted a
+relay very close to its 10th birthday:</p>
+
+<blockquote class="twitter-tweet"><p dir="ltr" lang="en">esko in Finland started contributing bandwidth to the <a href="https://twitter.com/hashtag/Tor?src=hash&amp;ref_src=twsrc%5Etfw">#Tor</a> network 9 years and 51 weeks ago <a href="https://t.co/4K7aj9Jf6C">https://t.co/4K7aj9Jf6C</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/916730367956176896?ref_src=twsrc%5Etfw">October 7, 2017</a></blockquote>
+
+
+<p>The relays are chosen at random, and tweet templates are chosen at random too.
+So far, tweets about individual relays can be about age or current bandwidth
+contribution to the Tor network. There are also tweets about how many relays
+run in a particular autonomous system (again, chosen at random) and tweets
+about the total number of relays currently running. The total relays tweets
+come with a map:</p>
+
+<blockquote class="twitter-tweet"><p dir="ltr" lang="en">There are currently 6638 <a href="https://twitter.com/hashtag/Tor?src=hash&amp;ref_src=twsrc%5Etfw">#Tor</a> relays running. <a href="https://t.co/uySyX7AlAH">https://t.co/uySyX7AlAH</a> <a href="https://t.co/BbgNGpoNtY">pic.twitter.com/BbgNGpoNtY</a></p>— Tor Atlas (@TorAtlas) <a href="https://twitter.com/TorAtlas/status/916807885824385026?ref_src=twsrc%5Etfw">October 7, 2017</a></blockquote>
+
+
+<p>The maps are produced using <a href="https://packages.debian.org/sid/xplanet">xplanet</a>.
+The Earth will rotate to show the current side in daylight at the time the
+tweet is posted.</p>
+
+<p>Unfortunately, the bot currently cannot tweet as the account has been
+suspended. You should still be able to <a class="twitter-follow-button" href="https://twitter.com/TorAtlas">follow
+@TorAtlas</a> though and tweets will begin appearing again once I’ve resolved
+the suspension.</p>
+
+<p>I plan to rewrite the mess of cron-activated Python scripts into a coherent
+Python (maybe Java) application and publish the sources soon. There are also a
+number of new templates for tweets I’d like to explore, including number of
+relays and bandwidth contributed per family and statistics on <a href="https://torbsd.github.io/">operating system
+diversity</a>.</p>
+
+<p><em>Update (2017-10-08)</em>: The @TorAtlas account should now be unsuspended.</p>
 --===============testboundary==--
 
 From planet-debian Sun Oct  8 13:05:34 2017
@@ -8785,32 +8785,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Thomas Lange: FAI 5.4 enters the embedded world
 Message-ID: http-blog-fai-project-org-posts-fai-5-4
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://blog.fai-project.org/posts/fai-5.4/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/mrfai.png" width="76" height="100" alt="" align="right" style="float: right;">  <p>Since DebConf 17 I was working on cross-architecture support for
-FAI. The new FAI release supports creating cross-architecture disk images, for
-e.g. you can build an image for Arm64 (aarch64) on a host running 64-bit
-x86 Linux (amd64) in about 6 minutes.</p>
-
-<p>The <a href="https://lists.uni-koeln.de/pipermail/linux-fai/2017-October/011829.html">release announcement</a>
-has more details, and I also created a
-<a href="http://fai-project.org/screenshots/">video</a> showing the build process
-for an Arm64 disk image and booting this image using Qemu.</p>
-
-<p>I'm happy to join the Debian cloud sprint in a week, where more FAI
-related work is waiting.</p>
-
-<p><a href="http://blog.fai-project.org/tags/FAI/">FAI</a>
-<a href="http://blog.fai-project.org/tags/embedded/">embedded</a>
-<a href="http://blog.fai-project.org/tags/ARM/">ARM</a></p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8840,6 +8819,27 @@ work is waiting.
    [5]: <http://blog.fai-project.org/tags/ARM/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/mrfai.png" width="76" height="100" alt="" align="right" style="float: right;">  <p>Since DebConf 17 I was working on cross-architecture support for
+FAI. The new FAI release supports creating cross-architecture disk images, for
+e.g. you can build an image for Arm64 (aarch64) on a host running 64-bit
+x86 Linux (amd64) in about 6 minutes.</p>
+
+<p>The <a href="https://lists.uni-koeln.de/pipermail/linux-fai/2017-October/011829.html">release announcement</a>
+has more details, and I also created a
+<a href="http://fai-project.org/screenshots/">video</a> showing the build process
+for an Arm64 disk image and booting this image using Qemu.</p>
+
+<p>I'm happy to join the Debian cloud sprint in a week, where more FAI
+related work is waiting.</p>
+
+<p><a href="http://blog.fai-project.org/tags/FAI/">FAI</a>
+<a href="http://blog.fai-project.org/tags/embedded/">embedded</a>
+<a href="http://blog.fai-project.org/tags/ARM/">ARM</a></p>
 --===============testboundary==--
 
 From planet-debian Sat Oct  7 10:12:23 2017
@@ -8850,42 +8850,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Chris Lamb: python-gfshare: Secret sharing in Python
 Message-ID: https-chris-lamb-co-uk-posts-python-gfshare-secret-sharing-in-python
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://chris-lamb.co.uk/posts/python-gfshare-secret-sharing-in-python
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/lamby.png" width="70" height="87" alt="" align="right" style="float: right;">  <p>I've just released <a class="reference external" href="https://chris-lamb.co.uk/projects/python-gfshare">python-gfshare</a>, a Python library that implements <a class="reference external" href="https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing">Shamir’s method for secret sharing</a>, a technique to split a "secret" into multiple parts.</p>
-<p>An arbitrary number of those parts are then needed to recover the original file but any smaller combination of parts are useless to an attacker.</p>
-<p>For instance, you might split a GPG key into a “3-of-5” share, putting one share on each of three computers and two shares on a USB memory stick. You can then use the GPG key on any of those three computers using the memory stick.</p>
-<p>If the memory stick is lost you can ultimately recover the key by bringing the three computers back together again.</p>
-<p>For example:</p>
-<pre class="literal-block">$ pip install gfshare
-</pre>
-<div class="syntax"><pre><span class="o">&gt;&gt;&gt;</span> <span class="kn">import</span> <span class="nn">gfshare</span>
-<span class="o">&gt;&gt;&gt;</span> <span class="n">shares</span> <span class="o">=</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="mi">3</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="n">b</span><span class="s2">"secret"</span><span class="p">)</span>
-<span class="o">&gt;&gt;&gt;</span> <span class="n">shares</span>
-<span class="p">{</span><span class="mi">104</span><span class="p">:</span> <span class="n">b</span><span class="s1">'1</span><span class="se">\x9c</span><span class="s1">Q</span><span class="se">\xd8\xd3\xaf</span><span class="s1">'</span><span class="p">,</span>
- <span class="mi">164</span><span class="p">:</span> <span class="n">b</span><span class="s1">'</span><span class="se">\x15\xa4\xcf</span><span class="s1">7R</span><span class="se">\xd2</span><span class="s1">'</span><span class="p">,</span>
- <span class="mi">171</span><span class="p">:</span> <span class="n">b</span><span class="s1">'&gt;</span><span class="se">\xf5</span><span class="s1">*</span><span class="se">\xce\xa2\xe2</span><span class="s1">'</span><span class="p">,</span>
- <span class="mi">173</span><span class="p">:</span> <span class="n">b</span><span class="s1">'d</span><span class="se">\xd1\xaa</span><span class="s1">R</span><span class="se">\xa5\x1d</span><span class="s1">'</span><span class="p">,</span>
- <span class="mi">183</span><span class="p">:</span> <span class="n">b</span><span class="s1">'</span><span class="se">\x0c\xb4</span><span class="s1">Y</span><span class="se">\x8a</span><span class="s1">pC'</span><span class="p">}</span>
-<span class="o">&gt;&gt;&gt;</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">combine</span><span class="p">(</span><span class="n">shares</span><span class="p">)</span>
-<span class="n">b</span><span class="s2">"secret"</span>
-</pre></div>
-<p>After removing two "shares" we can still reconstruct the secret as we have 3 out of the 5 originals:</p>
-<div class="syntax"><pre><span class="o">&gt;&gt;&gt;</span> <span class="k">del</span> <span class="n">shares</span><span class="p">[</span><span class="s1">'104'</span><span class="p">]</span>
-<span class="o">&gt;&gt;&gt;</span> <span class="k">del</span> <span class="n">shares</span><span class="p">[</span><span class="s1">'171'</span><span class="p">]</span>
-<span class="o">&gt;&gt;&gt;</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">combine</span><span class="p">(</span><span class="n">shares</span><span class="p">)</span>
-<span class="n">b</span><span class="s2">"secret"</span>
-</pre></div>
-<p>Under the hood it uses Daniel Silverstone’s <a class="reference external" href="http://www.digital-scurf.org/software/libgfshare">libgfshare</a> library. The source code is <a class="reference external" href="https://github.com/lamby/python-gfshare">available on GitHub</a> as is the <a class="reference external" href="https://lamby.github.io/python-gfshare/">documentation</a>.</p>
-<p>Patches welcome.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -8951,6 +8920,37 @@ source code is [available on GitHub][4] as is the [documentation][5].
 Patches welcome.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/lamby.png" width="70" height="87" alt="" align="right" style="float: right;">  <p>I've just released <a class="reference external" href="https://chris-lamb.co.uk/projects/python-gfshare">python-gfshare</a>, a Python library that implements <a class="reference external" href="https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing">Shamir’s method for secret sharing</a>, a technique to split a "secret" into multiple parts.</p>
+<p>An arbitrary number of those parts are then needed to recover the original file but any smaller combination of parts are useless to an attacker.</p>
+<p>For instance, you might split a GPG key into a “3-of-5” share, putting one share on each of three computers and two shares on a USB memory stick. You can then use the GPG key on any of those three computers using the memory stick.</p>
+<p>If the memory stick is lost you can ultimately recover the key by bringing the three computers back together again.</p>
+<p>For example:</p>
+<pre class="literal-block">$ pip install gfshare
+</pre>
+<div class="syntax"><pre><span class="o">&gt;&gt;&gt;</span> <span class="kn">import</span> <span class="nn">gfshare</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="n">shares</span> <span class="o">=</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="mi">3</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="n">b</span><span class="s2">"secret"</span><span class="p">)</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="n">shares</span>
+<span class="p">{</span><span class="mi">104</span><span class="p">:</span> <span class="n">b</span><span class="s1">'1</span><span class="se">\x9c</span><span class="s1">Q</span><span class="se">\xd8\xd3\xaf</span><span class="s1">'</span><span class="p">,</span>
+ <span class="mi">164</span><span class="p">:</span> <span class="n">b</span><span class="s1">'</span><span class="se">\x15\xa4\xcf</span><span class="s1">7R</span><span class="se">\xd2</span><span class="s1">'</span><span class="p">,</span>
+ <span class="mi">171</span><span class="p">:</span> <span class="n">b</span><span class="s1">'&gt;</span><span class="se">\xf5</span><span class="s1">*</span><span class="se">\xce\xa2\xe2</span><span class="s1">'</span><span class="p">,</span>
+ <span class="mi">173</span><span class="p">:</span> <span class="n">b</span><span class="s1">'d</span><span class="se">\xd1\xaa</span><span class="s1">R</span><span class="se">\xa5\x1d</span><span class="s1">'</span><span class="p">,</span>
+ <span class="mi">183</span><span class="p">:</span> <span class="n">b</span><span class="s1">'</span><span class="se">\x0c\xb4</span><span class="s1">Y</span><span class="se">\x8a</span><span class="s1">pC'</span><span class="p">}</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">combine</span><span class="p">(</span><span class="n">shares</span><span class="p">)</span>
+<span class="n">b</span><span class="s2">"secret"</span>
+</pre></div>
+<p>After removing two "shares" we can still reconstruct the secret as we have 3 out of the 5 originals:</p>
+<div class="syntax"><pre><span class="o">&gt;&gt;&gt;</span> <span class="k">del</span> <span class="n">shares</span><span class="p">[</span><span class="s1">'104'</span><span class="p">]</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="k">del</span> <span class="n">shares</span><span class="p">[</span><span class="s1">'171'</span><span class="p">]</span>
+<span class="o">&gt;&gt;&gt;</span> <span class="n">gfshare</span><span class="o">.</span><span class="n">combine</span><span class="p">(</span><span class="n">shares</span><span class="p">)</span>
+<span class="n">b</span><span class="s2">"secret"</span>
+</pre></div>
+<p>Under the hood it uses Daniel Silverstone’s <a class="reference external" href="http://www.digital-scurf.org/software/libgfshare">libgfshare</a> library. The source code is <a class="reference external" href="https://github.com/lamby/python-gfshare">available on GitHub</a> as is the <a class="reference external" href="https://lamby.github.io/python-gfshare/">documentation</a>.</p>
+<p>Patches welcome.</p>
 --===============testboundary==--
 
 From planet-debian Fri Oct  6 20:50:42 2017
@@ -8961,25 +8961,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Scarlett Clark: KDE at #UbuntuRally in New York! KDE Applications snaps!
 Message-ID: http-scarlettgatelyclark-com-p-450
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://scarlettgatelyclark.com/2017/kde-at-ubunturally-in-new-york-kde-applications-snaps/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<div class="wp-caption aligncenter" id="attachment_451" style="width: 1290px;"><a href="http://scarlettgatelyclark.com/assets/DKmKosdWsAAnYwK.jpeg"><img alt="#UbuntuRally New York" class="size-full wp-image-451" height="720" src="http://scarlettgatelyclark.com/assets/DKmKosdWsAAnYwK.jpeg" width="1280" /></a><p class="wp-caption-text">KDE at #UbuntuRally New York</p></div>
-<p>I was happy to attend Ubuntu Rally last week in New York with Aleix Pol to represent KDE.<br />
-We were able toaccomplish many things during this week, and that is a result of having direct contact with Snap developers.<br />
-So a big thank you out to Canonical for sponsoring me. I now have all of KDE core applications,<br />
-and many KDE extragear applications in the edge channel looking for testers.<br />
-I have also made a huge dent in also making the massive KDE PIM snap!<br />
-I hope to have this done by week end.<br />
-Most of our issue list made it onto TO-DO lists 🙂<br />
-So from KDE perspective, this sprint was a huge success!</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9006,47 +8992,35 @@ Most of our issue list made it onto TO-DO lists 🙂
 So from KDE perspective, this sprint was a huge success!
 
 
---===============testboundary==--
-
-From planet-debian Fri Oct  6 08:30:46 2017
-Content-Type: multipart/alternative; boundary="===============testboundary=="
-MIME-Version: 1.0
-Date: Fri, 06 Oct 2017 08:30:46 -0000
-To: to@example.com
-From: planet-debian <to@example.com>
-Subject: Rapha&#235;l Hertzog: My Free Software Activities in September 2017
-Message-ID: https-raphaelhertzog-com-p-3636
-User-Agent: feed2exec (0.8.0)
-Precedence: list
-Auto-Submitted: auto-generated
-Archived-At: https://raphaelhertzog.com/2017/10/06/my-free-software-activities-in-september-2017/
-
 --===============testboundary==
 Content-Type: text/html; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
-<img src="http://planet.debian.org/heads/hertzog.png" width="65" height="93" alt="" align="right" style="float: right;">  <p><img alt="" class="alignleft size-medium wp-image-2728" height="300" src="https://raphaelhertzog.com/files/2012/07/activity-report-300x300.jpg" title="Activity report" width="300" />My monthly report covers a large part of what I have been doing in the free software world. I write it for <a href="https://raphaelhertzog.com/go/donate/">my donors</a> (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.</p>
-<h3>Debian LTS</h3>
-<p>This month I was allocated 12h but I only spent 10.5h. During this time, I continued my work on exiv2. I finished reproducing all the issues and then went on doing code reviews to confirm that vulnerabilities were not present when the issue was not reproducible. I found two CVE where the vulnerability was present in the wheezy version and I posted patches in the upstream bug tracker: <a href="https://github.com/Exiv2/exiv2/issues/57#issuecomment-333086302">#57</a> and <a href="https://github.com/Exiv2/exiv2/issues/55#issuecomment-332240966">#55</a>.</p>
-<p>Then another batch of 10 CVE appeared and I started the process over… I’m currently trying to reproduce the issues.</p>
-<p>While doing all this work on exiv2, I also uncovered a failure to build on the package in experimental (reported <a href="https://bugs.debian.org/876948">here</a>).</p>
-<h3>Misc Debian/Kali work</h3>
-<p><strong>Debian Live</strong>. I merged 3 live-build patches prepared by Matthijs Kooijman and added an armel fix to cope with the the rename of the orion5x image into the marvell one. I also uploaded a new live-config to fix a <a href="https://bugs.kali.org/view.php?id=4239">bug with the keyboard configuration</a>. Finally, I also released a new live-installer udeb to cope with a recent live-build change that broke the locale selection during the installation process.</p>
-<p><strong>Debian Installer</strong>. I prepared a <a href="https://bugs.debian.org/875858">few patches</a> on pkgsel to merge a few features that had been added to Ubuntu, most notably the possibility to enable unattended-upgrades by default.</p>
-<p><strong>More bug reports</strong>. I investigated much further my problem with non-booting qemu images when they are built by vmdebootstrap in a chroot managed by schroot (cf <a href="https://bugs.debian.org/872999">#872999</a>) and while we have much more data, it’s not yet clear why it doesn’t work. But we have a working work-around…</p>
-<p>While investigating issues seen in Kali, I opened a bunch of reports on the Debian side:</p>
-<ul>
-<li><a href="https://bugs.debian.org/874657">#874657</a>: pcmanfm: should have explicit recommends on lxpolkit | polkit-1-auth-agent
-</li>
-<li><a href="https://bugs.debian.org/874626">#874626</a>: bin-nmu request to complete two transitions and bring back some packages in testing</li>
-<li><a href="https://bugs.debian.org/875423">#875423</a>: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)</li>
-</ul>
-<p><strong>Packaging</strong>. I sponsored two uploads (dirb and python-elasticsearch).</p>
-<p><strong>Debian Handbook</strong>. My work on updating the book mostly stalled. The only thing I did was to review the patch about wireless configuration in <a href="https://bugs.debian.org/863496">#863496</a>. I must really get back to work on the book!</p>
-<h3>Thanks</h3>
-<p>See you next month for a new summary of my activities.</p>
-<p style="font-size: smaller;"><a href="https://raphaelhertzog.com/2017/10/06/my-free-software-activities-in-september-2017/#comments">No comment</a> | Liked this article? <a href="http://raphaelhertzog.com/support-my-work/">Click here</a>. | My blog is <a href="http://flattr.com/thing/26545/apt-get-install-debian-wizard">Flattr-enabled</a>.</p>
+<div class="wp-caption aligncenter" id="attachment_451" style="width: 1290px;"><a href="http://scarlettgatelyclark.com/assets/DKmKosdWsAAnYwK.jpeg"><img alt="#UbuntuRally New York" class="size-full wp-image-451" height="720" src="http://scarlettgatelyclark.com/assets/DKmKosdWsAAnYwK.jpeg" width="1280" /></a><p class="wp-caption-text">KDE at #UbuntuRally New York</p></div>
+<p>I was happy to attend Ubuntu Rally last week in New York with Aleix Pol to represent KDE.<br />
+We were able toaccomplish many things during this week, and that is a result of having direct contact with Snap developers.<br />
+So a big thank you out to Canonical for sponsoring me. I now have all of KDE core applications,<br />
+and many KDE extragear applications in the edge channel looking for testers.<br />
+I have also made a huge dent in also making the massive KDE PIM snap!<br />
+I hope to have this done by week end.<br />
+Most of our issue list made it onto TO-DO lists 🙂<br />
+So from KDE perspective, this sprint was a huge success!</p>
+--===============testboundary==--
+
+From planet-debian Fri Oct  6 08:30:46 2017
+Content-Type: multipart/alternative; boundary="===============testboundary=="
+MIME-Version: 1.0
+Date: Fri, 06 Oct 2017 08:30:46 -0000
+To: to@example.com
+From: planet-debian <to@example.com>
+Subject: Rapha&#235;l Hertzog: My Free Software Activities in September 2017
+Message-ID: https-raphaelhertzog-com-p-3636
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: https://raphaelhertzog.com/2017/10/06/my-free-software-activities-in-september-2017/
+
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9133,6 +9107,32 @@ enabled][14].
    [14]: <http://flattr.com/thing/26545/apt-get-install-debian-wizard>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/hertzog.png" width="65" height="93" alt="" align="right" style="float: right;">  <p><img alt="" class="alignleft size-medium wp-image-2728" height="300" src="https://raphaelhertzog.com/files/2012/07/activity-report-300x300.jpg" title="Activity report" width="300" />My monthly report covers a large part of what I have been doing in the free software world. I write it for <a href="https://raphaelhertzog.com/go/donate/">my donors</a> (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.</p>
+<h3>Debian LTS</h3>
+<p>This month I was allocated 12h but I only spent 10.5h. During this time, I continued my work on exiv2. I finished reproducing all the issues and then went on doing code reviews to confirm that vulnerabilities were not present when the issue was not reproducible. I found two CVE where the vulnerability was present in the wheezy version and I posted patches in the upstream bug tracker: <a href="https://github.com/Exiv2/exiv2/issues/57#issuecomment-333086302">#57</a> and <a href="https://github.com/Exiv2/exiv2/issues/55#issuecomment-332240966">#55</a>.</p>
+<p>Then another batch of 10 CVE appeared and I started the process over… I’m currently trying to reproduce the issues.</p>
+<p>While doing all this work on exiv2, I also uncovered a failure to build on the package in experimental (reported <a href="https://bugs.debian.org/876948">here</a>).</p>
+<h3>Misc Debian/Kali work</h3>
+<p><strong>Debian Live</strong>. I merged 3 live-build patches prepared by Matthijs Kooijman and added an armel fix to cope with the the rename of the orion5x image into the marvell one. I also uploaded a new live-config to fix a <a href="https://bugs.kali.org/view.php?id=4239">bug with the keyboard configuration</a>. Finally, I also released a new live-installer udeb to cope with a recent live-build change that broke the locale selection during the installation process.</p>
+<p><strong>Debian Installer</strong>. I prepared a <a href="https://bugs.debian.org/875858">few patches</a> on pkgsel to merge a few features that had been added to Ubuntu, most notably the possibility to enable unattended-upgrades by default.</p>
+<p><strong>More bug reports</strong>. I investigated much further my problem with non-booting qemu images when they are built by vmdebootstrap in a chroot managed by schroot (cf <a href="https://bugs.debian.org/872999">#872999</a>) and while we have much more data, it’s not yet clear why it doesn’t work. But we have a working work-around…</p>
+<p>While investigating issues seen in Kali, I opened a bunch of reports on the Debian side:</p>
+<ul>
+<li><a href="https://bugs.debian.org/874657">#874657</a>: pcmanfm: should have explicit recommends on lxpolkit | polkit-1-auth-agent
+</li>
+<li><a href="https://bugs.debian.org/874626">#874626</a>: bin-nmu request to complete two transitions and bring back some packages in testing</li>
+<li><a href="https://bugs.debian.org/875423">#875423</a>: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)</li>
+</ul>
+<p><strong>Packaging</strong>. I sponsored two uploads (dirb and python-elasticsearch).</p>
+<p><strong>Debian Handbook</strong>. My work on updating the book mostly stalled. The only thing I did was to review the patch about wireless configuration in <a href="https://bugs.debian.org/863496">#863496</a>. I must really get back to work on the book!</p>
+<h3>Thanks</h3>
+<p>See you next month for a new summary of my activities.</p>
+<p style="font-size: smaller;"><a href="https://raphaelhertzog.com/2017/10/06/my-free-software-activities-in-september-2017/#comments">No comment</a> | Liked this article? <a href="http://raphaelhertzog.com/support-my-work/">Click here</a>. | My blog is <a href="http://flattr.com/thing/26545/apt-get-install-debian-wizard">Flattr-enabled</a>.</p>
 --===============testboundary==--
 
 From planet-debian Thu Oct  5 19:35:12 2017
@@ -9143,44 +9143,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Ross Gammon: My FOSS activities for August & September 2017
 Message-ID: http-rossgammon68-wordpress-com-p-1652
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://rossgammon68.wordpress.com/2017/10/05/my-foss-activities-for-august-september-2017/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/rosco.png" width="100" height="75" alt="" align="right" style="float: right;">  <div class="entry-content">
-<div class="entry-content">
-<div class="entry-content">
-<p>I am writing this from my hotel room in Bologna, Italy before going out for a pizza. After a successful Factory Acceptance Test today, I might also allow myself to celebrate with a beer. But anyway, here is what I have been up to in the FLOSS world for the last month and a bit.</p>
-<h3>Debian</h3>
-<ul>
-<li>Uploaded <a href="https://tracker.debian.org/pkg/gramps" rel="noopener" target="_blank">gramps</a> (4.2.6) to stretch-backports &amp; jessie-backports-sloppy.</li>
-<li>Started working on the latest release of <a href="https://tracker.debian.org/pkg/node-tmp" rel="noopener" target="_blank">node-tmp</a>. It needs further work due to new documentation being included etc.</li>
-<li>Started working on packaging the latest <a href="https://tracker.debian.org/pkg/goocanvas-2.0" rel="noopener" target="_blank">goocanvas-2.0</a> package. Everything is ready except for producing some autopkgtests.</li>
-<li>Moved <a href="https://tracker.debian.org/pkg/node-coffeeify" rel="noopener" target="_blank">node-coffeeify</a> experimental to unstable.</li>
-<li>Updated the <a href="https://blends.debian.org/multimedia/tasks/index" rel="noopener" target="_blank">Multimedia Blends Tasks</a> with all the latest ITPs etc.</li>
-<li>Reviewed <a href="http://Antonio Valentino" rel="noopener" target="_blank">doris</a> for <span class="news-creator">Antonio Valentino</span>, and sponsored it for him.</li>
-<li>Reviewed <a href="https://tracker.debian.org/pkg/pyresample" rel="noopener" target="_blank">pyresample</a> for <span class="news-creator">Antonio Valentino</span>, and sponsored it for him.</li>
-<li>Reviewed a new <a href="https://ftp-master.debian.org/new/parlatype_1.5.2-1.html" rel="noopener" target="_blank">parlatype</a> package for Gabor Karsay, and sponsored it for him.</li>
-</ul>
-<h3>Ubuntu</h3>
-<ul>
-<li>Successfully did my first merge using <a href="https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow" rel="noopener" target="_blank">git-ubuntu</a> for the <a href="https://launchpad.net/ubuntu/+source/qjackctl" rel="noopener" target="_blank">Qjackctl</a> package. Thanks to Nish for patiently answering my questions, reviewing my work, and sponsoring the upload.</li>
-<li>Refreshed the <a href="https://bugs.launchpad.net/zesty-backports/+bug/1581643" rel="noopener" target="_blank">gramps backport request to 4.2.6</a>. Still no willing sponsor.</li>
-<li>Tested Len’s rewrite of <a href="https://launchpad.net/ubuntu/+source/ubuntustudio-controls" rel="noopener" target="_blank">ubuntustudio-controls</a>, adding a CPU governor option in particular. There are a couple of minor things to tidy up, but we have probably missed the chance to get it finalised for Artful.</li>
-<li>Tested the First Beta release of Ubuntu Studio 17.10 Artful and wrote the <a href="https://wiki.ubuntu.com/ArtfulAardvark/Beta1/UbuntuStudio" rel="noopener" target="_blank">release notes</a>. Also drafted my first release announcement on the Ubunti Studio website which Eylul reviewed and published.</li>
-<li>Refreshed the <a href="https://launchpad.net/ubuntu/+source/ubuntustudio-meta" rel="noopener" target="_blank">ubuntustudio-meta</a> package and requested sponsorship. This was done by Steve Langasek. Thanks Steve.</li>
-<li>Tested the Final Beta release of Ubuntu Studio 17.10 Artful and wrote the <a href="https://wiki.ubuntu.com/XenialXerus/ReleaseNotes/Beta2/UbuntuStudio" rel="noopener" target="_blank">release notes</a>.</li>
-<li>Started working on a new <a href="http://kxstudio.linuxaudio.org/Applications:Carla" rel="noopener" target="_blank">Carla</a> package, starting from where Víctor Cuadrado Juan left it (ITP in Debian).</li>
-</ul>
-</div>
-</div>
-</div><br />  <a href="http://feeds.wordpress.com/1.0/gocomments/rossgammon68.wordpress.com/1652/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/rossgammon68.wordpress.com/1652/" /></a>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9238,6 +9205,39 @@ the FLOSS world for the last month and a bit.
    [17]: <http://feeds.wordpress.com/1.0/gocomments/rossgammon68.wordpress.com/1652/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/rosco.png" width="100" height="75" alt="" align="right" style="float: right;">  <div class="entry-content">
+<div class="entry-content">
+<div class="entry-content">
+<p>I am writing this from my hotel room in Bologna, Italy before going out for a pizza. After a successful Factory Acceptance Test today, I might also allow myself to celebrate with a beer. But anyway, here is what I have been up to in the FLOSS world for the last month and a bit.</p>
+<h3>Debian</h3>
+<ul>
+<li>Uploaded <a href="https://tracker.debian.org/pkg/gramps" rel="noopener" target="_blank">gramps</a> (4.2.6) to stretch-backports &amp; jessie-backports-sloppy.</li>
+<li>Started working on the latest release of <a href="https://tracker.debian.org/pkg/node-tmp" rel="noopener" target="_blank">node-tmp</a>. It needs further work due to new documentation being included etc.</li>
+<li>Started working on packaging the latest <a href="https://tracker.debian.org/pkg/goocanvas-2.0" rel="noopener" target="_blank">goocanvas-2.0</a> package. Everything is ready except for producing some autopkgtests.</li>
+<li>Moved <a href="https://tracker.debian.org/pkg/node-coffeeify" rel="noopener" target="_blank">node-coffeeify</a> experimental to unstable.</li>
+<li>Updated the <a href="https://blends.debian.org/multimedia/tasks/index" rel="noopener" target="_blank">Multimedia Blends Tasks</a> with all the latest ITPs etc.</li>
+<li>Reviewed <a href="http://Antonio Valentino" rel="noopener" target="_blank">doris</a> for <span class="news-creator">Antonio Valentino</span>, and sponsored it for him.</li>
+<li>Reviewed <a href="https://tracker.debian.org/pkg/pyresample" rel="noopener" target="_blank">pyresample</a> for <span class="news-creator">Antonio Valentino</span>, and sponsored it for him.</li>
+<li>Reviewed a new <a href="https://ftp-master.debian.org/new/parlatype_1.5.2-1.html" rel="noopener" target="_blank">parlatype</a> package for Gabor Karsay, and sponsored it for him.</li>
+</ul>
+<h3>Ubuntu</h3>
+<ul>
+<li>Successfully did my first merge using <a href="https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow" rel="noopener" target="_blank">git-ubuntu</a> for the <a href="https://launchpad.net/ubuntu/+source/qjackctl" rel="noopener" target="_blank">Qjackctl</a> package. Thanks to Nish for patiently answering my questions, reviewing my work, and sponsoring the upload.</li>
+<li>Refreshed the <a href="https://bugs.launchpad.net/zesty-backports/+bug/1581643" rel="noopener" target="_blank">gramps backport request to 4.2.6</a>. Still no willing sponsor.</li>
+<li>Tested Len’s rewrite of <a href="https://launchpad.net/ubuntu/+source/ubuntustudio-controls" rel="noopener" target="_blank">ubuntustudio-controls</a>, adding a CPU governor option in particular. There are a couple of minor things to tidy up, but we have probably missed the chance to get it finalised for Artful.</li>
+<li>Tested the First Beta release of Ubuntu Studio 17.10 Artful and wrote the <a href="https://wiki.ubuntu.com/ArtfulAardvark/Beta1/UbuntuStudio" rel="noopener" target="_blank">release notes</a>. Also drafted my first release announcement on the Ubunti Studio website which Eylul reviewed and published.</li>
+<li>Refreshed the <a href="https://launchpad.net/ubuntu/+source/ubuntustudio-meta" rel="noopener" target="_blank">ubuntustudio-meta</a> package and requested sponsorship. This was done by Steve Langasek. Thanks Steve.</li>
+<li>Tested the Final Beta release of Ubuntu Studio 17.10 Artful and wrote the <a href="https://wiki.ubuntu.com/XenialXerus/ReleaseNotes/Beta2/UbuntuStudio" rel="noopener" target="_blank">release notes</a>.</li>
+<li>Started working on a new <a href="http://kxstudio.linuxaudio.org/Applications:Carla" rel="noopener" target="_blank">Carla</a> package, starting from where Víctor Cuadrado Juan left it (ITP in Debian).</li>
+</ul>
+</div>
+</div>
+</div><br />  <a href="http://feeds.wordpress.com/1.0/gocomments/rossgammon68.wordpress.com/1652/" rel="nofollow"><img alt="" border="0" src="http://feeds.wordpress.com/1.0/comments/rossgammon68.wordpress.com/1652/" /></a>
 --===============testboundary==--
 
 From planet-debian Thu Oct  5 14:49:21 2017
@@ -9248,90 +9248,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Wouter Verhelst: Patching Firefox
 Message-ID: https-grep-be-blog-en-computer-code-patching_firefox
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://grep.be/blog//en/computer/code/Patching_Firefox/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/wouter3.png" width="85" height="80" alt="" align="right" style="float: right;">  <p>At work, I help maintain a <a href="https://eid.belgium.be">smartcard</a>
-<a href="https://github.com/Fedict/eid-mw">middleware</a> that is provided to
-Belgian citizens who want to use their electronic ID card to, e.g., log
-on to government websites. This middleware is a piece of software that
-hooks into various browsers and adds a way to access the smartcard in
-question, through whatever APIs the operating system and the browser in
-question provide for that purpose. The details of how that is done
-differ between each browser (and in the case of Google Chrome, for the
-same browser between different operating systems); but for Firefox (and
-Google Chrome on free operating systems), this is done by way of a
-<a href="https://en.wikipedia.org/wiki/PKCS_11">PKCS#11</a> module.</p>
-
-<p>For Firefox 57, mozilla decided to overhaul much of their browser. The
-changes are large and massive, and in some ways revolutionary. It's no
-surprise, therefore, that some of the changes break compatibility with
-older things.</p>
-
-<p>One of the areas in which breaking changes were made is in the area of
-extensions to the browser. Previously, Firefox had various APIs
-available for extensions; right now, all APIs apart from the
-WebExtensions API are considered "legacy" and support for them will be
-removed from Firefox 57 going forward.</p>
-
-<p>Since installing a PKCS#11 module manually is a bit complicated, and
-since the legacy APIs provided a way to do so automatically provided the
-user would first install an add-on (or provided the installer of the
-PKCS#11 module sideloads it), most parties who provide a PKCS#11 module
-for use with Firefox will provide an add-on to automatically install it.
-Since the alternative involves entering the right values in a dialog box
-that's hidden away somewhere deep in the preferences screen, the add-on
-option is much more user friendly.</p>
-
-<p>I'm sure you can imagine my dismay when I found out that there was no
-WebExtensions API to provide the same functionality. So, after asking
-around a bit, I filed <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1357391">bug
-1357391</a> to get a
-discussion started. While it took some convincing initially to get
-people to understand the reasons for wanting such an API, eventually the
-bug was assigned the "P5" priority -- essentially, a "we understand the
-need and won't block it, but we don't have the time to implement it.
-Patches welcome, though" statement.</p>
-
-<p>Since having an add-on was something that work really wanted, and since
-I had the time, I got the go-ahead from management to look into
-implementing the required code myself. I made it obvious rather quickly
-that my background in Firefox was fairly limited, though, and so was
-assigned a mentor to help me through the process.</p>
-
-<p>Having been a Debian Developer for the past fifteen years, I do
-understand how to develop free software. Yet, the experience was
-different enough that still learned some new things about free software
-development, which was somewhat unexpected.</p>
-
-<p>Unfortunately, the process took much longer than I had hoped, which
-meant that the patch was not ready by the time Firefox 57 was branched
-off mozilla's "central" repository. The result of that is that while my
-patch has been merged into what will eventually become Firefox 58, it
-looks strongly as though it won't make it into Firefox 57. That's going
-to cause some severe headaches, which I'm not looking forward to; and
-while I can certainly understand the reasons for not wanting to grant
-the exception for the merge into 57, I can't help but feeling like this
-is a missed opportunity.</p>
-
-<p>Anyway, writing code for the massive Open Source project that mozilla is
-has been a load of fun, and in the process I've learned a lot -- not
-only about Open Source development in general, but also about this weird
-little thing that Javascript is. That might actually be useful for this
-<a href="https://github.com/yoe/sreview">other project</a> that I've got running
-here.</p>
-
-<p>In closing, I'd like to thank Tomislav 'zombie' Jovanovic for mentoring
-me during the whole process, without whom it would have been doubtful if
-I would even have been ready by now. Apologies for any procedural
-mistakes I've made, and good luck in your future endeavours! <img alt=":-)" src="https://grep.be/blog//smileys/smile.png" /></p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9416,6 +9337,85 @@ even have been ready by now. Apologies for any procedural mistakes I've made,
 and good luck in your future endeavours! :-\)
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/wouter3.png" width="85" height="80" alt="" align="right" style="float: right;">  <p>At work, I help maintain a <a href="https://eid.belgium.be">smartcard</a>
+<a href="https://github.com/Fedict/eid-mw">middleware</a> that is provided to
+Belgian citizens who want to use their electronic ID card to, e.g., log
+on to government websites. This middleware is a piece of software that
+hooks into various browsers and adds a way to access the smartcard in
+question, through whatever APIs the operating system and the browser in
+question provide for that purpose. The details of how that is done
+differ between each browser (and in the case of Google Chrome, for the
+same browser between different operating systems); but for Firefox (and
+Google Chrome on free operating systems), this is done by way of a
+<a href="https://en.wikipedia.org/wiki/PKCS_11">PKCS#11</a> module.</p>
+
+<p>For Firefox 57, mozilla decided to overhaul much of their browser. The
+changes are large and massive, and in some ways revolutionary. It's no
+surprise, therefore, that some of the changes break compatibility with
+older things.</p>
+
+<p>One of the areas in which breaking changes were made is in the area of
+extensions to the browser. Previously, Firefox had various APIs
+available for extensions; right now, all APIs apart from the
+WebExtensions API are considered "legacy" and support for them will be
+removed from Firefox 57 going forward.</p>
+
+<p>Since installing a PKCS#11 module manually is a bit complicated, and
+since the legacy APIs provided a way to do so automatically provided the
+user would first install an add-on (or provided the installer of the
+PKCS#11 module sideloads it), most parties who provide a PKCS#11 module
+for use with Firefox will provide an add-on to automatically install it.
+Since the alternative involves entering the right values in a dialog box
+that's hidden away somewhere deep in the preferences screen, the add-on
+option is much more user friendly.</p>
+
+<p>I'm sure you can imagine my dismay when I found out that there was no
+WebExtensions API to provide the same functionality. So, after asking
+around a bit, I filed <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1357391">bug
+1357391</a> to get a
+discussion started. While it took some convincing initially to get
+people to understand the reasons for wanting such an API, eventually the
+bug was assigned the "P5" priority -- essentially, a "we understand the
+need and won't block it, but we don't have the time to implement it.
+Patches welcome, though" statement.</p>
+
+<p>Since having an add-on was something that work really wanted, and since
+I had the time, I got the go-ahead from management to look into
+implementing the required code myself. I made it obvious rather quickly
+that my background in Firefox was fairly limited, though, and so was
+assigned a mentor to help me through the process.</p>
+
+<p>Having been a Debian Developer for the past fifteen years, I do
+understand how to develop free software. Yet, the experience was
+different enough that still learned some new things about free software
+development, which was somewhat unexpected.</p>
+
+<p>Unfortunately, the process took much longer than I had hoped, which
+meant that the patch was not ready by the time Firefox 57 was branched
+off mozilla's "central" repository. The result of that is that while my
+patch has been merged into what will eventually become Firefox 58, it
+looks strongly as though it won't make it into Firefox 57. That's going
+to cause some severe headaches, which I'm not looking forward to; and
+while I can certainly understand the reasons for not wanting to grant
+the exception for the merge into 57, I can't help but feeling like this
+is a missed opportunity.</p>
+
+<p>Anyway, writing code for the massive Open Source project that mozilla is
+has been a load of fun, and in the process I've learned a lot -- not
+only about Open Source development in general, but also about this weird
+little thing that Javascript is. That might actually be useful for this
+<a href="https://github.com/yoe/sreview">other project</a> that I've got running
+here.</p>
+
+<p>In closing, I'd like to thank Tomislav 'zombie' Jovanovic for mentoring
+me during the whole process, without whom it would have been doubtful if
+I would even have been ready by now. Apologies for any procedural
+mistakes I've made, and good luck in your future endeavours! <img alt=":-)" src="https://grep.be/blog//smileys/smile.png" /></p>
 --===============testboundary==--
 
 From planet-debian Wed Oct  4 21:00:00 2017
@@ -9426,94 +9426,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Steve Kemp: Tracking aircraft in real-time, via software-defined-radio
 Message-ID: https-blog-steve-fi-tracking_aircraft_in_real_time__via_software_defined_radio-html
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://blog.steve.fi/tracking_aircraft_in_real_time__via_software_defined_radio.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/skx.png" width="76" height="105" alt="" align="right" style="float: right;">  <p>So my last blog-post was about creating a digital-radio, powered by an ESP8266 device, there's a joke there about wireless-control of a wireless.  I'm not going to make it.</p>
-
-<p>Sticking with a theme <em>this</em> post is also about radio, <a href="https://en.wikipedia.org/wiki/Software-defined_radio">software-defined radio</a>.  I know almost nothing about SDR, except that it can be used to let your computer "do stuff" with radio.  The only application I've ever read about that seemed interesting was tracking aircraft.</p>
-
-<p>This post is about setting up a Debian GNU/Linux system to do exactly that, show aircraft in real-time above your head!  This was almost painless to setup.</p>
-
-<ul>
-<li>Buy the hardware.</li>
-<li>Plug in the hardware.</li>
-<li>Confirm it is detected.</li>
-<li>Install the appropriate sdr development-package(s).</li>
-<li>Install the magic software.
-<ul>
-<li>Written by @antirez, no less, you know it is gonna be good!</li>
-</ul></li>
-</ul>
-
-<p>So I bought <a href="https://www.aliexpress.com/item/Hot-Sale-USB-2-0-Software-Radio-DVB-T-RTL2832U-R820T2-SDR-Digital-TV-Receiver-Stick/32815560547.html">this USB device</a> from AliExpress for the grand total of €8.46.  I have no idea if that URL is stable, but I suspect it is probably not.  Good luck finding something similar if you're living in the future!</p>
-
-<p>Once I connected the Antenna to the USB stick, and inserted it into a spare slot it showed up in the output of <code>lsusb</code>:</p>
-
-<pre><code>  $ lsusb
-  ..
-  Bus 003 Device 043: ID 0bda:2838 Realtek Semiconductor Corp. RTL2838 DVB-T
-  ..
-</code></pre>
-
-<p>In more detail I see the major/minor numbers:</p>
-
-<pre><code>  idVendor           0x0bda Realtek Semiconductor Corp.
-  idProduct          0x2838 RTL2838 DVB-T
-</code></pre>
-
-<p>So far, so good. I installed the development headers/library I needed:</p>
-
-<pre><code>  # apt-get install librtlsdr-dev libusb-1.0-0-dev
-</code></pre>
-
-<p>Once that was done I could clone antirez's repository, and build it:</p>
-
-<pre><code>  $ git clone https://github.com/antirez/dump1090.git
-  $ cd dump1090
-  $ make
-</code></pre>
-
-<p>And run it:</p>
-
-<pre><code>  $ sudo ./dump1090 --interactive --net
-</code></pre>
-
-<p>This failed initially as a kernel-module had claimed the device, but removing that was trivial:</p>
-
-<pre><code>  $ sudo rmmod dvb_usb_rtl28xxu
-  $ sudo ./dump1090 --interactive --net
-</code></pre>
-
-<p>Once it was running I'd see live updates on the console, every second:</p>
-
-<pre><code>  Hex    Flight   Altitude  Speed   Lat       Lon       Track  Messages Seen       .
-  --------------------------------------------------------------------------------
-  4601fc          14200     0       0.000     0.000     0     11        1 sec
-  4601f2          9550      0       0.000     0.000     0     58        0 sec
-  45ac52 SAS1716  2650      177     60.252    24.770    47    26        1 sec
-</code></pre>
-
-<p>And opening a browser pointing at http://localhost:8080/ would show that graphically, like so:</p>
-
-<p></p><center><img src="https://blog.steve.fi/05-10-2017-map.png" /></center>
-
-<p><strong>NOTE</strong>: In this view I'm in Helsinki, and the airport is at Vantaa, just outside the city.</p>
-
-<p>Of course there are tweaks to be made:</p>
-
-<ul>
-<li>With the right <code>udev</code>-rules in place it is possible to run the tool as non-root, and blacklist the default kernel module.</li>
-<li>There are other forks of the <code>dump1090</code> software that are more up-to-date to explore.</li>
-<li>SDR can do more than track planes.</li>
-</ul>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9623,6 +9540,89 @@ Of course there are tweaks to be made:
   * SDR can do more than track planes.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/skx.png" width="76" height="105" alt="" align="right" style="float: right;">  <p>So my last blog-post was about creating a digital-radio, powered by an ESP8266 device, there's a joke there about wireless-control of a wireless.  I'm not going to make it.</p>
+
+<p>Sticking with a theme <em>this</em> post is also about radio, <a href="https://en.wikipedia.org/wiki/Software-defined_radio">software-defined radio</a>.  I know almost nothing about SDR, except that it can be used to let your computer "do stuff" with radio.  The only application I've ever read about that seemed interesting was tracking aircraft.</p>
+
+<p>This post is about setting up a Debian GNU/Linux system to do exactly that, show aircraft in real-time above your head!  This was almost painless to setup.</p>
+
+<ul>
+<li>Buy the hardware.</li>
+<li>Plug in the hardware.</li>
+<li>Confirm it is detected.</li>
+<li>Install the appropriate sdr development-package(s).</li>
+<li>Install the magic software.
+<ul>
+<li>Written by @antirez, no less, you know it is gonna be good!</li>
+</ul></li>
+</ul>
+
+<p>So I bought <a href="https://www.aliexpress.com/item/Hot-Sale-USB-2-0-Software-Radio-DVB-T-RTL2832U-R820T2-SDR-Digital-TV-Receiver-Stick/32815560547.html">this USB device</a> from AliExpress for the grand total of €8.46.  I have no idea if that URL is stable, but I suspect it is probably not.  Good luck finding something similar if you're living in the future!</p>
+
+<p>Once I connected the Antenna to the USB stick, and inserted it into a spare slot it showed up in the output of <code>lsusb</code>:</p>
+
+<pre><code>  $ lsusb
+  ..
+  Bus 003 Device 043: ID 0bda:2838 Realtek Semiconductor Corp. RTL2838 DVB-T
+  ..
+</code></pre>
+
+<p>In more detail I see the major/minor numbers:</p>
+
+<pre><code>  idVendor           0x0bda Realtek Semiconductor Corp.
+  idProduct          0x2838 RTL2838 DVB-T
+</code></pre>
+
+<p>So far, so good. I installed the development headers/library I needed:</p>
+
+<pre><code>  # apt-get install librtlsdr-dev libusb-1.0-0-dev
+</code></pre>
+
+<p>Once that was done I could clone antirez's repository, and build it:</p>
+
+<pre><code>  $ git clone https://github.com/antirez/dump1090.git
+  $ cd dump1090
+  $ make
+</code></pre>
+
+<p>And run it:</p>
+
+<pre><code>  $ sudo ./dump1090 --interactive --net
+</code></pre>
+
+<p>This failed initially as a kernel-module had claimed the device, but removing that was trivial:</p>
+
+<pre><code>  $ sudo rmmod dvb_usb_rtl28xxu
+  $ sudo ./dump1090 --interactive --net
+</code></pre>
+
+<p>Once it was running I'd see live updates on the console, every second:</p>
+
+<pre><code>  Hex    Flight   Altitude  Speed   Lat       Lon       Track  Messages Seen       .
+  --------------------------------------------------------------------------------
+  4601fc          14200     0       0.000     0.000     0     11        1 sec
+  4601f2          9550      0       0.000     0.000     0     58        0 sec
+  45ac52 SAS1716  2650      177     60.252    24.770    47    26        1 sec
+</code></pre>
+
+<p>And opening a browser pointing at http://localhost:8080/ would show that graphically, like so:</p>
+
+<p></p><center><img src="https://blog.steve.fi/05-10-2017-map.png" /></center>
+
+<p><strong>NOTE</strong>: In this view I'm in Helsinki, and the airport is at Vantaa, just outside the city.</p>
+
+<p>Of course there are tweaks to be made:</p>
+
+<ul>
+<li>With the right <code>udev</code>-rules in place it is possible to run the tool as non-root, and blacklist the default kernel module.</li>
+<li>There are other forks of the <code>dump1090</code> software that are more up-to-date to explore.</li>
+<li>SDR can do more than track planes.</li>
+</ul>
 --===============testboundary==--
 
 From planet-debian Wed Oct  4 12:53:18 2017
@@ -9633,36 +9633,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Daniel Silverstone: F/LOSS (in)activity, September 2017
 Message-ID: http-blog-digital-scurf-org-posts-floss-activity-2017-09
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://blog.digital-scurf.org/posts/floss-activity-2017-09/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/kinnison.png" width="75" height="96" alt="" align="right" style="float: right;">  <blockquote>
-  <p>In the interests of keeping myself "honest" regarding F/LOSS activity, here's
-  a report, sadly it's not very good.</p>
-</blockquote>
-
-<p>Unfortunately, September was a poor month for me in terms of motivation and
-energy for F/LOSS work.  I did some amount of Gitano work, merging a patch from
-Richard Ipsum for help text of the config command.  I also submitted another
-patch to the <code>STM32F103xx</code> Rust repository, though it wasn't a particularly big
-thing.  Otherwise I've been relatively quiet on the Rust/USB stuff and have
-otherwise kept away from projects.</p>
-
-<p>Sometimes one needs to take a step away from things in order to recuperate and
-care for oneself rather than the various demands on ones time.  This is
-something I had been feeling I needed for a while, and with a lack of
-motivation toward the start of the month I gave myself permission to take a
-short break.</p>
-
-<p>Next weekend is the next Gitano developer day and I hope to pick up my activity
-again then, so I should have more to report for October.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9690,6 +9665,31 @@ Next weekend is the next Gitano developer day and I hope to pick up my
 activity again then, so I should have more to report for October.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/kinnison.png" width="75" height="96" alt="" align="right" style="float: right;">  <blockquote>
+  <p>In the interests of keeping myself "honest" regarding F/LOSS activity, here's
+  a report, sadly it's not very good.</p>
+</blockquote>
+
+<p>Unfortunately, September was a poor month for me in terms of motivation and
+energy for F/LOSS work.  I did some amount of Gitano work, merging a patch from
+Richard Ipsum for help text of the config command.  I also submitted another
+patch to the <code>STM32F103xx</code> Rust repository, though it wasn't a particularly big
+thing.  Otherwise I've been relatively quiet on the Rust/USB stuff and have
+otherwise kept away from projects.</p>
+
+<p>Sometimes one needs to take a step away from things in order to recuperate and
+care for oneself rather than the various demands on ones time.  This is
+something I had been feeling I needed for a while, and with a lack of
+motivation toward the start of the month I gave myself permission to take a
+short break.</p>
+
+<p>Next weekend is the next Gitano developer day and I hope to pick up my activity
+again then, so I should have more to report for October.</p>
 --===============testboundary==--
 
 From planet-debian Wed Oct  4 00:28:00 2017
@@ -9700,29 +9700,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Dirk Eddelbuettel: RProtoBuf 0.4.11
 Message-ID: http-dirk-eddelbuettel-com-blog-2017-10-03-rprotobuf_0-4-11
-User-Agent: feed2exec (0.8.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://dirk.eddelbuettel.com/blog/2017/10/03#rprotobuf_0.4.11
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf</a> provides <a href="http://www.r-project.org">R</a> bindings for the <a href="https://github.com/google/protobuf">Google Protocol Buffers ("ProtoBuf")</a> data encoding and serialization library used and released by Google, and deployed fairly widely in numerous projects as a language and operating-system agnostic protocol.</p>
-<p>A new releases <a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf 0.4.11</a> appeared on <a>CRAN</a> earlier today. Not unlike the other recent releases, it is mostly a maintenance release which switches two of the vignettes over to using the <a href="http://dirk.eddelbuettel.com/code/pinp.html">pinp</a> package and its template for vignettes.</p>
-<blockquote>
-<h4 id="changes-in-rprotobuf-version-0.4.11-2017-10-03">Changes in RProtoBuf version 0.4.11 (2017-10-03)</h4>
-<ul>
-<li><p>The <code>RProtoBuf-intro</code> and <code>RProtoBuf-quickref</code> vignettes were converted to Rmarkdown using the templates and style file from the pinp package.</p></li>
-<li><p>A few minor internal upgrades</p></li>
-</ul>
-</blockquote>
-<p><a href="http://dirk.eddelbuettel.com/cranberries/">CRANberries</a> also provides a <a href="http://dirk.eddelbuettel.com/cranberries/2017/10/03#RProtoBuf_0.4.11">diff to the previous release</a>. The <a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf</a> page has copies of the <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-intro.pdf">(older) package vignette</a>, the <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-quickref.pdf">'quick' overview vignette</a>, a <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-unitTests.pdf">unit test summary vignette</a>, and the <a href="https://cloud.r-project.org/web/packages/RProtoBuf/vignettes/RProtoBuf-paper.pdf">pre-print for the JSS paper</a>. Questions, comments etc should go to the <a href="https://github.com/eddelbuettel/rprotobuf/issues">GitHub issue tracker</a> off the <a href="https://github.com/eddelbuettel/rprotobuf">GitHub repo</a>.</p>
-<p style="font-size: 80%; font-style: italic;">
-This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
-</p><p></p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -9786,5 +9768,23 @@ profit settings.
    [16]: <http://dirk.eddelbuettel.com/blog/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/dirk.png" width="65" height="90" alt="" align="right" style="float: right;">  <p><a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf</a> provides <a href="http://www.r-project.org">R</a> bindings for the <a href="https://github.com/google/protobuf">Google Protocol Buffers ("ProtoBuf")</a> data encoding and serialization library used and released by Google, and deployed fairly widely in numerous projects as a language and operating-system agnostic protocol.</p>
+<p>A new releases <a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf 0.4.11</a> appeared on <a>CRAN</a> earlier today. Not unlike the other recent releases, it is mostly a maintenance release which switches two of the vignettes over to using the <a href="http://dirk.eddelbuettel.com/code/pinp.html">pinp</a> package and its template for vignettes.</p>
+<blockquote>
+<h4 id="changes-in-rprotobuf-version-0.4.11-2017-10-03">Changes in RProtoBuf version 0.4.11 (2017-10-03)</h4>
+<ul>
+<li><p>The <code>RProtoBuf-intro</code> and <code>RProtoBuf-quickref</code> vignettes were converted to Rmarkdown using the templates and style file from the pinp package.</p></li>
+<li><p>A few minor internal upgrades</p></li>
+</ul>
+</blockquote>
+<p><a href="http://dirk.eddelbuettel.com/cranberries/">CRANberries</a> also provides a <a href="http://dirk.eddelbuettel.com/cranberries/2017/10/03#RProtoBuf_0.4.11">diff to the previous release</a>. The <a href="http://dirk.eddelbuettel.com/code/rprotobuf.html">RProtoBuf</a> page has copies of the <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-intro.pdf">(older) package vignette</a>, the <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-quickref.pdf">'quick' overview vignette</a>, a <a href="http://dirk.eddelbuettel.com/code/rprotobuf/RProtoBuf-unitTests.pdf">unit test summary vignette</a>, and the <a href="https://cloud.r-project.org/web/packages/RProtoBuf/vignettes/RProtoBuf-paper.pdf">pre-print for the JSS paper</a>. Questions, comments etc should go to the <a href="https://github.com/eddelbuettel/rprotobuf/issues">GitHub issue tracker</a> off the <a href="https://github.com/eddelbuettel/rprotobuf">GitHub repo</a>.</p>
+<p style="font-size: 80%; font-style: italic;">
+This post by <a href="http://dirk.eddelbuettel.com">Dirk Eddelbuettel</a> originated on his <a href="http://dirk.eddelbuettel.com/blog/">Thinking inside the box</a> blog. Please report excessive re-aggregation in third-party for-profit settings.
+</p><p></p>
 --===============testboundary==--
 
diff --git a/feed2exec/tests/files/breaking_news.mbx b/feed2exec/tests/files/breaking_news.mbx
index a1c089c..3c2a0ce 100644
--- a/feed2exec/tests/files/breaking_news.mbx
+++ b/feed2exec/tests/files/breaking_news.mbx
@@ -7,7 +7,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: Three International Space Station Crewmates Safely Return to Earth
 Message-ID: http-www-nasa-gov-press-release-three-international-space-station-crewmates-safely-return-to-earth
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/three-international-space-station-crewmates-safely-return-to-earth
@@ -23,7 +23,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Statement on Nomination for Agency Administrator
 Message-ID: http-www-nasa-gov-press-release-nasa-statement-on-nomination-for-agency-administrator
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-statement-on-nomination-for-agency-administrator
@@ -39,7 +39,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Television to Air Return of Three International Space Station Crew Members
 Message-ID: http-www-nasa-gov-press-release-nasa-television-to-air-return-of-three-international-space-station-crew-members
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-television-to-air-return-of-three-international-space-station-crew-members
@@ -55,7 +55,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA and Iconic Museum Honor Voyager Spacecraft 40th Anniversary
 Message-ID: http-www-nasa-gov-press-release-nasa-and-iconic-museum-honor-voyager-spacecraft-40th-anniversary
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-and-iconic-museum-honor-voyager-spacecraft-40th-anniversary
@@ -71,7 +71,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: =?utf-8?q?NASA=E2=80=99s_Johnson_Space_Center_Closes_Through_Labor_Day_for_Tropical_Storm_Harvey?=
 Message-ID: http-www-nasa-gov-press-release-nasa-s-johnson-space-center-closes-through-labor-day-for-tropical-storm-harvey
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-s-johnson-space-center-closes-through-labor-day-for-tropical-storm-harvey
@@ -87,7 +87,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Cancels Planned Media Availabilities with Astronauts
 Message-ID: http-www-nasa-gov-press-release-nasa-cancels-planned-media-availabilities-with-astronauts
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-cancels-planned-media-availabilities-with-astronauts
@@ -103,7 +103,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Awards $400,000 to Top Teams at Second Phase of 3D-Printing Competition
 Message-ID: http-www-nasa-gov-press-release-nasa-awards-400000-to-top-teams-at-second-phase-of-3d-printing-competition
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-awards-400000-to-top-teams-at-second-phase-of-3d-printing-competition
@@ -119,7 +119,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Awards Contract for Center Protective Services for Glenn Research Center
 Message-ID: http-www-nasa-gov-press-release-nasa-awards-contract-for-center-protective-services-for-glenn-research-center
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-awards-contract-for-center-protective-services-for-glenn-research-center
@@ -135,7 +135,7 @@ To: to@example.com
 From: breaking_news <jim.wilson@nasa.gov>
 Subject: NASA Announces Cassini End-of-Mission Media Activities
 Message-ID: http-www-nasa-gov-press-release-nasa-announces-cassini-end-of-mission-media-activities
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.nasa.gov/press-release/nasa-announces-cassini-end-of-mission-media-activities
diff --git a/feed2exec/tests/files/planet-debian.mbx b/feed2exec/tests/files/planet-debian.mbx
index 275c6fa..c4b744f 100644
--- a/feed2exec/tests/files/planet-debian.mbx
+++ b/feed2exec/tests/files/planet-debian.mbx
@@ -6,17 +6,11 @@ To: to@example.com
 From: =?utf-8?q?Lisandro_Dami=C3=A1n_Nicanor_P=C3=A9rez_Meyer?= <noreply@blogger.com>
 Subject: =?utf-8?q?Lisandro_Dami=C3=A1n_Nicanor_P=C3=A9rez_Meyer=3A_Qt_4_and_5_and_OpenSSL1=2E0_removal?=
 Message-ID: tag-blogger-com-1999-blog-6357172297737057475-post-4876329106387979395
-User-Agent: feed2exec (0.7.0)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://perezmeyer.blogspot.com/2017/10/qt-4-and-5-and-oepnssl10-removal.html
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/lisandropm.png" width="78" height="100" alt="" align="right" style="float: right;">  Today we received updates on the OpenSSL 1.0 removal status:<br /><br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206</a>&gt;<br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19</a>&gt;<br /><br />So those removal bugs' severities will be raised to RC in aproximately a month.<br /><br />We still don't have any solutions for Qt 4 or 5.<br /><br />For the Qt 5 case we will probably keep the bug open until Qt 5.10 is in the archive which should bring OpenSSL 1.1 support <b>*or*</b> FTP masters decide to remove OpenSSL1.0. In this last case the fate will be the same as with Qt4, below.<br /><br />For Qt4 we do not have patches available and there will probably be none in time (remember we do not have upstream support). That plus the fact that we are actively trying to remove it from the archive it means we will remove openssl support. This might mean that apps using Qt4:<br /><br />- Might cease to work.<br />- Might keep working:<br />  - Informing their users that no SSL support is available → programmer did a good job.<br />  - Not informing their users that no SSL support is available and establishing connections non the less → programmer might have not done a good job.<br /><br />Trying to inform users as soon as possible,<br /><br />Lisandro for the Qt/KDE team.
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -56,6 +50,12 @@ Trying to inform users as soon as possible,
 Lisandro for the Qt/KDE team.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/lisandropm.png" width="78" height="100" alt="" align="right" style="float: right;">  Today we received updates on the OpenSSL 1.0 removal status:<br /><br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828522#206</a>&gt;<br />&lt;<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859671#19</a>&gt;<br /><br />So those removal bugs' severities will be raised to RC in aproximately a month.<br /><br />We still don't have any solutions for Qt 4 or 5.<br /><br />For the Qt 5 case we will probably keep the bug open until Qt 5.10 is in the archive which should bring OpenSSL 1.1 support <b>*or*</b> FTP masters decide to remove OpenSSL1.0. In this last case the fate will be the same as with Qt4, below.<br /><br />For Qt4 we do not have patches available and there will probably be none in time (remember we do not have upstream support). That plus the fact that we are actively trying to remove it from the archive it means we will remove openssl support. This might mean that apps using Qt4:<br /><br />- Might cease to work.<br />- Might keep working:<br />  - Informing their users that no SSL support is available → programmer did a good job.<br />  - Not informing their users that no SSL support is available and establishing connections non the less → programmer might have not done a good job.<br /><br />Trying to inform users as soon as possible,<br /><br />Lisandro for the Qt/KDE team.
 --===============testboundary==--
 
 From planet-debian Sat Sep  9 04:52:47 2017
@@ -66,99 +66,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: =?utf-8?q?Fran=C3=A7ois_Marier=3A_TLS_Authentication_on_Freenode_and_OFTC?=
 Message-ID: http-feeding-cloud-geek-nz-posts-tls_authentication_freenode_and_oftc
-User-Agent: feed2exec (0.6.dev2+ng3158a4f)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://feeding.cloud.geek.nz/posts/tls_authentication_freenode_and_oftc/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<p>In order to easily authenticate with IRC networks such as
-<a href="https://www.oftc.net/NickServ/CertFP/">OFTC</a> and
-<a href="https://freenode.net/kb/answer/certfp">Freenode</a>, it is possible to use
-<em>client TLS certificates</em> (also known as <em>SSL certificates</em>). In fact, it
-turns out that it's very easy to setup both on <a href="https://irssi.org/">irssi</a>
-and on <a href="https://wiki.znc.in/">znc</a>.</p>
-
-<h1 id="Generate_your_TLS_certificate">Generate your TLS certificate</h1>
-
-<p>On a machine with <a href="http://altusmetrum.org/ChaosKey/">good entropy</a>, run the
-following command to create a keypair that will last for 10 years:</p>
-
-<pre><code>openssl req -nodes -newkey rsa:2048 -keyout user.pem -x509 -days 3650 -out user.pem -subj "/CN=&lt;your nick&gt;"
-</code></pre>
-
-<p>Then extract your key fingerprint using this command:</p>
-
-<pre><code>openssl x509 -sha1 -noout -fingerprint -in user.pem | sed -e 's/^.*=//;s/://g'
-</code></pre>
-
-<h1 id="Share_your_fingerprints_with_NickServ">Share your fingerprints with NickServ</h1>
-
-<p>On each IRC network, do this:</p>
-
-<pre><code>/msg NickServ IDENTIFY Password1!
-/msg NickServ CERT ADD &lt;your fingerprint&gt;
-</code></pre>
-
-<p>in order to add your fingerprint to the access control list.</p>
-
-<h1 id="Configure_ZNC">Configure ZNC</h1>
-
-<p>To configure znc, start by putting the key in the right place:</p>
-
-<pre><code>cp user.pem ~/.znc/users/&lt;your nick&gt;/networks/oftc/moddata/cert/
-</code></pre>
-
-<p>and then enable the built-in <a href="https://wiki.znc.in/Cert">cert plugin</a> for
-each network in <code>~/.znc/configs/znc.conf</code>:</p>
-
-<pre><code>&lt;Network oftc&gt;
-    ...
-            LoadModule = cert
-    ...
-&lt;/Network&gt;
-    &lt;Network freenode&gt;
-    ...
-            LoadModule = cert
-    ...
-&lt;/Network&gt;
-</code></pre>
-
-<h1 id="Configure_irssi">Configure irssi</h1>
-
-<p>For irssi, do the same thing but put the cert in <code>~/.irssi/user.pem</code> and
-then change the OFTC entry in <code>~/.irssi/config</code> to look like this:</p>
-
-<pre><code>{
-  address = "irc.oftc.net";
-  chatnet = "OFTC";
-  port = "6697";
-  use_tls = "yes";
-  tls_cert = "~/.irssi/user.pem";
-  tls_verify = "yes";
-  autoconnect = "yes";
-}
-</code></pre>
-
-<p>and the Freenode one to look like this:</p>
-
-<pre><code>{
-  address = "chat.freenode.net";
-  chatnet = "Freenode";
-  port = "7000";
-  use_tls = "yes";
-  tls_cert = "~/.irssi/user.pem";
-  tls_verify = "yes";
-  autoconnect = "yes";
-}
-</code></pre>
-
-<p>That's it. That's all you need to replace password authentication with a
-much stronger alternative.</p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -270,6 +182,94 @@ That's it. That's all you need to replace password authentication with a much
 stronger alternative.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<p>In order to easily authenticate with IRC networks such as
+<a href="https://www.oftc.net/NickServ/CertFP/">OFTC</a> and
+<a href="https://freenode.net/kb/answer/certfp">Freenode</a>, it is possible to use
+<em>client TLS certificates</em> (also known as <em>SSL certificates</em>). In fact, it
+turns out that it's very easy to setup both on <a href="https://irssi.org/">irssi</a>
+and on <a href="https://wiki.znc.in/">znc</a>.</p>
+
+<h1 id="Generate_your_TLS_certificate">Generate your TLS certificate</h1>
+
+<p>On a machine with <a href="http://altusmetrum.org/ChaosKey/">good entropy</a>, run the
+following command to create a keypair that will last for 10 years:</p>
+
+<pre><code>openssl req -nodes -newkey rsa:2048 -keyout user.pem -x509 -days 3650 -out user.pem -subj "/CN=&lt;your nick&gt;"
+</code></pre>
+
+<p>Then extract your key fingerprint using this command:</p>
+
+<pre><code>openssl x509 -sha1 -noout -fingerprint -in user.pem | sed -e 's/^.*=//;s/://g'
+</code></pre>
+
+<h1 id="Share_your_fingerprints_with_NickServ">Share your fingerprints with NickServ</h1>
+
+<p>On each IRC network, do this:</p>
+
+<pre><code>/msg NickServ IDENTIFY Password1!
+/msg NickServ CERT ADD &lt;your fingerprint&gt;
+</code></pre>
+
+<p>in order to add your fingerprint to the access control list.</p>
+
+<h1 id="Configure_ZNC">Configure ZNC</h1>
+
+<p>To configure znc, start by putting the key in the right place:</p>
+
+<pre><code>cp user.pem ~/.znc/users/&lt;your nick&gt;/networks/oftc/moddata/cert/
+</code></pre>
+
+<p>and then enable the built-in <a href="https://wiki.znc.in/Cert">cert plugin</a> for
+each network in <code>~/.znc/configs/znc.conf</code>:</p>
+
+<pre><code>&lt;Network oftc&gt;
+    ...
+            LoadModule = cert
+    ...
+&lt;/Network&gt;
+    &lt;Network freenode&gt;
+    ...
+            LoadModule = cert
+    ...
+&lt;/Network&gt;
+</code></pre>
+
+<h1 id="Configure_irssi">Configure irssi</h1>
+
+<p>For irssi, do the same thing but put the cert in <code>~/.irssi/user.pem</code> and
+then change the OFTC entry in <code>~/.irssi/config</code> to look like this:</p>
+
+<pre><code>{
+  address = "irc.oftc.net";
+  chatnet = "OFTC";
+  port = "6697";
+  use_tls = "yes";
+  tls_cert = "~/.irssi/user.pem";
+  tls_verify = "yes";
+  autoconnect = "yes";
+}
+</code></pre>
+
+<p>and the Freenode one to look like this:</p>
+
+<pre><code>{
+  address = "chat.freenode.net";
+  chatnet = "Freenode";
+  port = "7000";
+  use_tls = "yes";
+  tls_cert = "~/.irssi/user.pem";
+  tls_verify = "yes";
+  autoconnect = "yes";
+}
+</code></pre>
+
+<p>That's it. That's all you need to replace password authentication with a
+much stronger alternative.</p>
 --===============testboundary==--
 
 From planet-debian Tue Sep  5 23:01:20 2017
@@ -280,40 +280,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Kees Cook: security things in Linux v4.13
 Message-ID: https-outflux-net-blog-p-1056
-User-Agent: feed2exec (0.6.dev2+ng3158a4f)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://outflux.net/blog/archives/2017/09/05/security-things-in-linux-v4-13/
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/kees.png" width="92" height="84" alt="" align="right" style="float: right;">  <p>Previously: <a href="http://outflux.net/blog/archives/2017/07/10/security-things-in-linux-v4-12/">v4.12</a>.</p>
-<p>Here’s a short summary of some of interesting security things in Sunday’s v4.13 release of the Linux kernel:</p>
-<p><strong>security documentation ReSTification</strong><br />
-The kernel has been switching to formatting documentation with <a href="https://www.kernel.org/doc/html/latest/doc-guide/sphinx.html">ReST</a>, and I noticed that none of the <code>Documentation/security/</code> tree had been converted yet. I <a href="https://git.kernel.org/linus/c2ed6743434d1d9ef49b044c6bdfd6ac1ce140a2">took the opportunity</a> to take a few passes at formatting the existing documentation and, at Jon Corbet’s recommendation, split it up between <a href="https://www.kernel.org/doc/html/latest/admin-guide/LSM/index.html">end-user documentation</a> (which is mainly how to use LSMs) and <a href="https://www.kernel.org/doc/html/latest/security/index.html">developer documentation</a> (which is mainly how to use various internal APIs). A bunch of these docs need some updating, so maybe with the improved visibility, they’ll get some extra attention.</p>
-<p><strong>CONFIG_REFCOUNT_FULL</strong><br />
-Since Peter Zijlstra implemented the <a href="http://outflux.net/blog/archives/2017/05/02/security-things-in-linux-v4-11/"><code>refcount_t</code> API</a> in v4.11, Elena Reshetova (with Hans Liljestrand and David Windsor) has been systematically replacing <code>atomic_t</code> reference counters with <code>refcount_t</code>. As of v4.13, there are now <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?h=v4.13&amp;qt=grep&amp;q=refcount_t">close to 125 conversions</a> with many more to come. However, there were concerns over the performance characteristics of the <code>refcount_t</code> implementation from the maintainers of the net, mm, and block subsystems. In order to assuage these concerns and help the conversion progress continue, I added an “unchecked” <code>refcount_t</code> implementation (identical to the earlier <code>atomic_t</code> implementation) as the default, with the fully checked implementation now available under <code>CONFIG_REFCOUNT_FULL</code>. The plan is that for v4.14 and beyond, the kernel can grow <a href="https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=7a46ec0e2f4850407de5e1d19a44edee6efa58ec">per-architecture implementations of <code>refcount_t</code></a> that have performance characteristics on par with <code>atomic_t</code> (as done in grsecurity’s PAX_REFCOUNT).</p>
-<p><strong>CONFIG_FORTIFY_SOURCE</strong><br />
-Daniel Micay <a href="https://git.kernel.org/linus/6974f0c4555e285ab217cee58b6e874f776ff409">created a version</a> of glibc’s <code>FORTIFY_SOURCE</code> compile-time and run-time protection for finding overflows in the common string (e.g. <code>strcpy</code>, <code>strcmp</code>) and memory (e.g. <code>memcpy</code>, <code>memcmp</code>) functions. The idea is that since the compiler already knows the size of many of the buffer arguments used by these functions, it can already build in checks for buffer overflows. When all the sizes are known at compile time, this can actually allow the compiler to fail the build instead of continuing with a proven overflow. When only some of the sizes are known (e.g. destination size is known at compile-time, but source size is only known at run-time) run-time checks are added to catch any cases where an overflow might happen. Adding this <a href="https://git.kernel.org/linus/4c93496f18ce5044d78e4f7f9e018682a4f44b3d">found</a> <a href="https://git.kernel.org/linus/e2ae8ab4b571e2e4094a28acb60649bc2732c67f">several</a> <a href="https://git.kernel.org/linus/3e2c044a54e6b6373606f8ffad42a4a0759fcf3d">places</a> <a href="https://git.kernel.org/linus/c0944883c97c0ddc71da67cc731590a7c878a1a2">where</a> <a href="https://git.kernel.org/linus/42c335f7e67029d2e01711f2f2bc6252277c8993">minor</a> <a href="https://git.kernel.org/linus/dbbb08f500d6146398b794fdc68a8e811366b451">leaks</a> <a href="https://git.kernel.org/linus/12e3c0433e8a3b817fbb978a1be973a04cd5d6f3">were</a> <a href="https://git.kernel.org/linus/e48d661eb13f2f83861428f001c567fdb3f317e8">happening</a>, and Daniel and I chased down fixes for them.</p>
-<p>One interesting note about this protection is that is only examines the <a href="https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html">size of the whole object</a> for its size (via <code>__builtin_object_size(..., <strong>0</strong>)</code>). If you have a string within a structure, <code>CONFIG_FORTIFY_SOURCE</code> as currently implemented will make sure only that you can’t copy beyond the structure (but therefore, you <em>can</em> still overflow the string within the structure). The next step in enhancing this protection is to switch from 0 (above) to 1, which will use the closest surrounding subobject (e.g. the string). However, there are a lot of cases where the kernel intentionally copies across multiple structure fields, which means more fixes before this higher level can be enabled.</p>
-<p><strong>NULL-prefixed stack canary</strong><br />
-Rik van Riel and Daniel Micay changed how the stack canary is defined on 64-bit systems to always make sure that the <a href="https://git.kernel.org/linus/022c204040f3fd22d6445bc35517786195b7ae80">leading byte is zero</a>. This provides a deterministic defense against overflowing string functions (e.g. <code>strcpy</code>), since they will either stop an overflowing read at the NULL byte, or be unable to write a NULL byte, thereby always triggering the canary check. This does reduce the entropy from 64 bits to 56 bits for overflow cases where NULL bytes can be written (e.g. <code>memcpy</code>), but the trade-off is worth it. (Besdies, x86_64’s canary was 32-bits <a href="http://outflux.net/blog/archives/2017/07/10/security-things-in-linux-v4-12/">until recently</a>.)</p>
-<p><strong>IPC refactoring</strong><br />
-Partially in support of allowing IPC structure layouts to be randomized by the randstruct plugin, Manfred Spraul and I reorganized the <a href="https://git.kernel.org/linus/1a23395672658969a4035dcc518ea6cab835c579">internal layout</a> of how IPC is tracked in the kernel. The resulting allocations are smaller and much easier to deal with, even if I initially missed a <a href="https://git.kernel.org/linus/ade9f91b32b964e83d294f4973d50083b08ef6fc">few needed container_of() uses</a>.</p>
-<p><strong>randstruct gcc plugin</strong><br />
-I ported grsecurity’s clever <a href="https://git.kernel.org/linus/313dd1b629219db50cad532dba6a3b3b22ffe622">randstruct gcc plugin to upstream</a>. This plugin allows structure layouts to be randomized on a per-build basis, providing a probabilistic defense against attacks that need to know the location of sensitive structure fields in kernel memory (which is most attacks). By moving things around in this fashion, attackers need to perform much more work to determine the resulting layout before they can mount a reliable attack.</p>
-<p>Unfortunately, due to the timing of the development cycle, only the “manual” mode of randstruct landed in upstream (i.e. <a href="https://git.kernel.org/linus/3859a271a003aba01e45b85c9d8b355eb7bf25f9">marking structures with <code>__randomize_layout</code></a>). v4.14 will also have the <a href="https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?id=9225331b310821760f39ba55b00b8973602adbb5">automatic mode enabled</a>, which randomizes all structures that contain only function pointers.</p>
-<p>A large number of fixes to support randstruct have been landing from <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?h=v4.13&amp;qt=grep&amp;q=designated+init">v4.10 through v4.13</a>, most of which were already identified and fixed by grsecurity, but many were novel, either in newly added drivers, as <a href="https://git.kernel.org/linus/1854c19cae0d108637c40f90ee0bb9b7c1adbc0a">whitelisted cross-structure casts</a>, <a href="https://git.kernel.org/linus/3e2e857f9c3a19d55ee0ba7b428b8be5008960bf">refactorings</a> (like IPC noted above), or in a <a href="https://git.kernel.org/linus/ffa47aa678cfaa9b88e8a26cfb115b4768325121">corner case on ARM</a> found during upstream testing.</p>
-<p><strong>lower ELF_ET_DYN_BASE</strong><br />
-One of the issues identified from the <a href="https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash">Stack Clash</a> set of vulnerabilities was that it was possible to collide stack memory with the highest portion of a PIE program’s text memory since the default <code>ELF_ET_DYN_BASE</code> (the lowest possible random position of a PIE executable in memory) was already so high in the memory layout (specifically, 2/3rds of the way through the address space). Fixing this required <a href="http://git.kernel.org/linus/eab09532d40090698b05a07c1c87f39fdbc5fab5">teaching the ELF loader</a> how to load interpreters as shared objects in the mmap region instead of as a PIE executable (to avoid potentially colliding with the binary it was loading). As a result, the PIE default could be moved down to ET_EXEC (0x400000) on 32-bit, entirely avoiding the subset of Stack Clash attacks. 64-bit could be moved to just above the 32-bit address space (0x100000000), leaving the entire 32-bit region open for VMs to do 32-bit addressing, but late in the cycle it was discovered that <a href="https://git.kernel.org/linus/c715b72c1ba406f133217b509044c38d8e714a37">Address Sanitizer couldn’t handle it moving</a>. With most of the Stack Clash risk only applicable to 32-bit, fixing 64-bit has been deferred until there is a way to teach Address Sanitizer how to load itself as a shared object instead of as a PIE binary.</p>
-<p><strong>early device randomness</strong><br />
-I noticed that early device randomness wasn’t actually getting added to the kernel entropy pools, so I <a href="https://git.kernel.org/linus/ee7998c50c2697737c6530431709f77c852bf0d6">fixed that</a> to improve the effectiveness of the latent_entropy gcc plugin.</p>
-<p>That’s it for now; please let me know if I missed anything. As a side note, I was rather alarmed to discover that due to all my trivial ReSTification formatting, and tiny FORTIFY_SOURCE and randstruct fixes, I made it into the <a href="https://lwn.net/Articles/731794/">most active 4.13 developers</a> list (by patch count) at LWN with 76 patches: a whopping 0.6% of the cycle’s patches. ;)</p>
-<p>Anyway, the v4.14 merge window is open!</p>
-<p style="clear: both; text-align: left;">© 2017, <a href="https://outflux.net/blog/">Kees Cook</a>. This work is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/us/" rel="license">Creative Commons Attribution-ShareAlike 3.0 License</a>.<br /><a href="http://creativecommons.org/licenses/by-sa/3.0/us/" rel="license"><img alt="Creative Commons License" src="http://outflux.net/illustrations/cc-88x31.png" style="border-width: 0;" /></a> </p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -490,6 +461,35 @@ Attribution-ShareAlike 3.0 License][36].
    [36]: <http://creativecommons.org/licenses/by-sa/3.0/us/>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/kees.png" width="92" height="84" alt="" align="right" style="float: right;">  <p>Previously: <a href="http://outflux.net/blog/archives/2017/07/10/security-things-in-linux-v4-12/">v4.12</a>.</p>
+<p>Here’s a short summary of some of interesting security things in Sunday’s v4.13 release of the Linux kernel:</p>
+<p><strong>security documentation ReSTification</strong><br />
+The kernel has been switching to formatting documentation with <a href="https://www.kernel.org/doc/html/latest/doc-guide/sphinx.html">ReST</a>, and I noticed that none of the <code>Documentation/security/</code> tree had been converted yet. I <a href="https://git.kernel.org/linus/c2ed6743434d1d9ef49b044c6bdfd6ac1ce140a2">took the opportunity</a> to take a few passes at formatting the existing documentation and, at Jon Corbet’s recommendation, split it up between <a href="https://www.kernel.org/doc/html/latest/admin-guide/LSM/index.html">end-user documentation</a> (which is mainly how to use LSMs) and <a href="https://www.kernel.org/doc/html/latest/security/index.html">developer documentation</a> (which is mainly how to use various internal APIs). A bunch of these docs need some updating, so maybe with the improved visibility, they’ll get some extra attention.</p>
+<p><strong>CONFIG_REFCOUNT_FULL</strong><br />
+Since Peter Zijlstra implemented the <a href="http://outflux.net/blog/archives/2017/05/02/security-things-in-linux-v4-11/"><code>refcount_t</code> API</a> in v4.11, Elena Reshetova (with Hans Liljestrand and David Windsor) has been systematically replacing <code>atomic_t</code> reference counters with <code>refcount_t</code>. As of v4.13, there are now <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?h=v4.13&amp;qt=grep&amp;q=refcount_t">close to 125 conversions</a> with many more to come. However, there were concerns over the performance characteristics of the <code>refcount_t</code> implementation from the maintainers of the net, mm, and block subsystems. In order to assuage these concerns and help the conversion progress continue, I added an “unchecked” <code>refcount_t</code> implementation (identical to the earlier <code>atomic_t</code> implementation) as the default, with the fully checked implementation now available under <code>CONFIG_REFCOUNT_FULL</code>. The plan is that for v4.14 and beyond, the kernel can grow <a href="https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=7a46ec0e2f4850407de5e1d19a44edee6efa58ec">per-architecture implementations of <code>refcount_t</code></a> that have performance characteristics on par with <code>atomic_t</code> (as done in grsecurity’s PAX_REFCOUNT).</p>
+<p><strong>CONFIG_FORTIFY_SOURCE</strong><br />
+Daniel Micay <a href="https://git.kernel.org/linus/6974f0c4555e285ab217cee58b6e874f776ff409">created a version</a> of glibc’s <code>FORTIFY_SOURCE</code> compile-time and run-time protection for finding overflows in the common string (e.g. <code>strcpy</code>, <code>strcmp</code>) and memory (e.g. <code>memcpy</code>, <code>memcmp</code>) functions. The idea is that since the compiler already knows the size of many of the buffer arguments used by these functions, it can already build in checks for buffer overflows. When all the sizes are known at compile time, this can actually allow the compiler to fail the build instead of continuing with a proven overflow. When only some of the sizes are known (e.g. destination size is known at compile-time, but source size is only known at run-time) run-time checks are added to catch any cases where an overflow might happen. Adding this <a href="https://git.kernel.org/linus/4c93496f18ce5044d78e4f7f9e018682a4f44b3d">found</a> <a href="https://git.kernel.org/linus/e2ae8ab4b571e2e4094a28acb60649bc2732c67f">several</a> <a href="https://git.kernel.org/linus/3e2c044a54e6b6373606f8ffad42a4a0759fcf3d">places</a> <a href="https://git.kernel.org/linus/c0944883c97c0ddc71da67cc731590a7c878a1a2">where</a> <a href="https://git.kernel.org/linus/42c335f7e67029d2e01711f2f2bc6252277c8993">minor</a> <a href="https://git.kernel.org/linus/dbbb08f500d6146398b794fdc68a8e811366b451">leaks</a> <a href="https://git.kernel.org/linus/12e3c0433e8a3b817fbb978a1be973a04cd5d6f3">were</a> <a href="https://git.kernel.org/linus/e48d661eb13f2f83861428f001c567fdb3f317e8">happening</a>, and Daniel and I chased down fixes for them.</p>
+<p>One interesting note about this protection is that is only examines the <a href="https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html">size of the whole object</a> for its size (via <code>__builtin_object_size(..., <strong>0</strong>)</code>). If you have a string within a structure, <code>CONFIG_FORTIFY_SOURCE</code> as currently implemented will make sure only that you can’t copy beyond the structure (but therefore, you <em>can</em> still overflow the string within the structure). The next step in enhancing this protection is to switch from 0 (above) to 1, which will use the closest surrounding subobject (e.g. the string). However, there are a lot of cases where the kernel intentionally copies across multiple structure fields, which means more fixes before this higher level can be enabled.</p>
+<p><strong>NULL-prefixed stack canary</strong><br />
+Rik van Riel and Daniel Micay changed how the stack canary is defined on 64-bit systems to always make sure that the <a href="https://git.kernel.org/linus/022c204040f3fd22d6445bc35517786195b7ae80">leading byte is zero</a>. This provides a deterministic defense against overflowing string functions (e.g. <code>strcpy</code>), since they will either stop an overflowing read at the NULL byte, or be unable to write a NULL byte, thereby always triggering the canary check. This does reduce the entropy from 64 bits to 56 bits for overflow cases where NULL bytes can be written (e.g. <code>memcpy</code>), but the trade-off is worth it. (Besdies, x86_64’s canary was 32-bits <a href="http://outflux.net/blog/archives/2017/07/10/security-things-in-linux-v4-12/">until recently</a>.)</p>
+<p><strong>IPC refactoring</strong><br />
+Partially in support of allowing IPC structure layouts to be randomized by the randstruct plugin, Manfred Spraul and I reorganized the <a href="https://git.kernel.org/linus/1a23395672658969a4035dcc518ea6cab835c579">internal layout</a> of how IPC is tracked in the kernel. The resulting allocations are smaller and much easier to deal with, even if I initially missed a <a href="https://git.kernel.org/linus/ade9f91b32b964e83d294f4973d50083b08ef6fc">few needed container_of() uses</a>.</p>
+<p><strong>randstruct gcc plugin</strong><br />
+I ported grsecurity’s clever <a href="https://git.kernel.org/linus/313dd1b629219db50cad532dba6a3b3b22ffe622">randstruct gcc plugin to upstream</a>. This plugin allows structure layouts to be randomized on a per-build basis, providing a probabilistic defense against attacks that need to know the location of sensitive structure fields in kernel memory (which is most attacks). By moving things around in this fashion, attackers need to perform much more work to determine the resulting layout before they can mount a reliable attack.</p>
+<p>Unfortunately, due to the timing of the development cycle, only the “manual” mode of randstruct landed in upstream (i.e. <a href="https://git.kernel.org/linus/3859a271a003aba01e45b85c9d8b355eb7bf25f9">marking structures with <code>__randomize_layout</code></a>). v4.14 will also have the <a href="https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?id=9225331b310821760f39ba55b00b8973602adbb5">automatic mode enabled</a>, which randomizes all structures that contain only function pointers.</p>
+<p>A large number of fixes to support randstruct have been landing from <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?h=v4.13&amp;qt=grep&amp;q=designated+init">v4.10 through v4.13</a>, most of which were already identified and fixed by grsecurity, but many were novel, either in newly added drivers, as <a href="https://git.kernel.org/linus/1854c19cae0d108637c40f90ee0bb9b7c1adbc0a">whitelisted cross-structure casts</a>, <a href="https://git.kernel.org/linus/3e2e857f9c3a19d55ee0ba7b428b8be5008960bf">refactorings</a> (like IPC noted above), or in a <a href="https://git.kernel.org/linus/ffa47aa678cfaa9b88e8a26cfb115b4768325121">corner case on ARM</a> found during upstream testing.</p>
+<p><strong>lower ELF_ET_DYN_BASE</strong><br />
+One of the issues identified from the <a href="https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash">Stack Clash</a> set of vulnerabilities was that it was possible to collide stack memory with the highest portion of a PIE program’s text memory since the default <code>ELF_ET_DYN_BASE</code> (the lowest possible random position of a PIE executable in memory) was already so high in the memory layout (specifically, 2/3rds of the way through the address space). Fixing this required <a href="http://git.kernel.org/linus/eab09532d40090698b05a07c1c87f39fdbc5fab5">teaching the ELF loader</a> how to load interpreters as shared objects in the mmap region instead of as a PIE executable (to avoid potentially colliding with the binary it was loading). As a result, the PIE default could be moved down to ET_EXEC (0x400000) on 32-bit, entirely avoiding the subset of Stack Clash attacks. 64-bit could be moved to just above the 32-bit address space (0x100000000), leaving the entire 32-bit region open for VMs to do 32-bit addressing, but late in the cycle it was discovered that <a href="https://git.kernel.org/linus/c715b72c1ba406f133217b509044c38d8e714a37">Address Sanitizer couldn’t handle it moving</a>. With most of the Stack Clash risk only applicable to 32-bit, fixing 64-bit has been deferred until there is a way to teach Address Sanitizer how to load itself as a shared object instead of as a PIE binary.</p>
+<p><strong>early device randomness</strong><br />
+I noticed that early device randomness wasn’t actually getting added to the kernel entropy pools, so I <a href="https://git.kernel.org/linus/ee7998c50c2697737c6530431709f77c852bf0d6">fixed that</a> to improve the effectiveness of the latent_entropy gcc plugin.</p>
+<p>That’s it for now; please let me know if I missed anything. As a side note, I was rather alarmed to discover that due to all my trivial ReSTification formatting, and tiny FORTIFY_SOURCE and randstruct fixes, I made it into the <a href="https://lwn.net/Articles/731794/">most active 4.13 developers</a> list (by patch count) at LWN with 76 patches: a whopping 0.6% of the cycle’s patches. ;)</p>
+<p>Anyway, the v4.14 merge window is open!</p>
+<p style="clear: both; text-align: left;">© 2017, <a href="https://outflux.net/blog/">Kees Cook</a>. This work is licensed under a <a href="http://creativecommons.org/licenses/by-sa/3.0/us/" rel="license">Creative Commons Attribution-ShareAlike 3.0 License</a>.<br /><a href="http://creativecommons.org/licenses/by-sa/3.0/us/" rel="license"><img alt="Creative Commons License" src="http://outflux.net/illustrations/cc-88x31.png" style="border-width: 0;" /></a> </p>
 --===============testboundary==--
 
 From planet-debian Tue Sep  5 19:05:48 2017
@@ -500,27 +500,13 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Gunnar Wolf: Made with Creative Commons: Over half translated, yay!
 Message-ID: http-gwolf-org-4110-at-http-gwolf-org
-User-Agent: feed2exec (0.6.dev2+ng3158a4f)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://gwolf.org/node/4110
 
 --===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-<img src="http://planet.debian.org/heads/gwolf.png" width="69" height="83" alt="" align="right" style="float: right;">  <p>An image speaks for a thousand words...<br />
-<a href="http://gwolf.org/files/weblated.png"><img height="443" src="http://gwolf.org/files/weblated.png" width="448" /></a><br />
-And our translation project is worth several thousand words!<br />
-I am very happy and surprised to say we have surpassed the 50% mark of the <a href="https://creativecommons.org/use-remix/made-with-cc/">Made with Creative Commons</a> translation project. We have translated 666 out of 1210 strings (yay for 3v1l numbers)!<br />
-I have to <em>really</em> thank <a href="https://weblate.org/en/">Weblate</a> for hosting us and allowing for collaboration to happen there. And, of course, I have to thank the people that have jumped on board and helped the translation — We are over half way there! Lets keep pushing!<br />
-<a href="https://hosted.weblate.org/engage/madewithcc/es/?utm_source=widget"><br />
-<img alt="Translation status" src="https://hosted.weblate.org/widgets/madewithcc/es/translation/287x66-grey.png" /><br />
-</a><br />
-<b>PS -</b> If you want to join the project, just get in Weblate and start translating right away, either to Spanish or other languages! (Polish, Dutch and Norwegian Bokmål are on their way) If you translate into Spanish, *please* read and abide by the specific <a href="https://gitlab.com/gunnarwolf/madewithcc-es/blob/master/README_es.md">Spanish translation guidelines</a>.</p>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
+Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 8bit
 
@@ -551,6 +537,20 @@ read and abide by the specific [Spanish translation guidelines][5].
    [5]: <https://gitlab.com/gunnarwolf/madewithcc-es/blob/master/README_es.md>
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+<img src="http://planet.debian.org/heads/gwolf.png" width="69" height="83" alt="" align="right" style="float: right;">  <p>An image speaks for a thousand words...<br />
+<a href="http://gwolf.org/files/weblated.png"><img height="443" src="http://gwolf.org/files/weblated.png" width="448" /></a><br />
+And our translation project is worth several thousand words!<br />
+I am very happy and surprised to say we have surpassed the 50% mark of the <a href="https://creativecommons.org/use-remix/made-with-cc/">Made with Creative Commons</a> translation project. We have translated 666 out of 1210 strings (yay for 3v1l numbers)!<br />
+I have to <em>really</em> thank <a href="https://weblate.org/en/">Weblate</a> for hosting us and allowing for collaboration to happen there. And, of course, I have to thank the people that have jumped on board and helped the translation — We are over half way there! Lets keep pushing!<br />
+<a href="https://hosted.weblate.org/engage/madewithcc/es/?utm_source=widget"><br />
+<img alt="Translation status" src="https://hosted.weblate.org/widgets/madewithcc/es/translation/287x66-grey.png" /><br />
+</a><br />
+<b>PS -</b> If you want to join the project, just get in Weblate and start translating right away, either to Spanish or other languages! (Polish, Dutch and Norwegian Bokmål are on their way) If you translate into Spanish, *please* read and abide by the specific <a href="https://gitlab.com/gunnarwolf/madewithcc-es/blob/master/README_es.md">Spanish translation guidelines</a>.</p>
 --===============testboundary==--
 
 From planet-debian Tue Sep  5 00:26:34 2017
@@ -561,18 +561,11 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: Junichi Uekawa: It's already September.
 Message-ID: http-www-netfort-gr-jp-dancer-diary-daily-2017-sep-5-html-en-2017-sep-5-09-26-34
-User-Agent: feed2exec (0.6.dev2+ng3158a4f)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.netfort.gr.jp/~dancer/diary/daily/2017-Sep-5.html.en#2017-Sep-5-09:26:34
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<img src="http://planet.debian.org/heads/dancer.png" width="75" height="97" alt="" align="right" style="float: right;">  It's already September. I haven't written much code last month. I wrote a CSV parser and felt a little depressed after reading rfc4180. None of my CSV files were in CRLF.
-        <p></p>
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -585,6 +578,13 @@ parser and felt a little depressed after reading rfc4180. None of my CSV files
 were in CRLF.
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+
+<img src="http://planet.debian.org/heads/dancer.png" width="75" height="97" alt="" align="right" style="float: right;">  It's already September. I haven't written much code last month. I wrote a CSV parser and felt a little depressed after reading rfc4180. None of my CSV files were in CRLF.
+        <p></p>
 --===============testboundary==--
 
 From planet-debian Sat Sep  2 20:16:43 2017
@@ -595,808 +595,808 @@ To: to@example.com
 From: planet-debian <to@example.com>
 Subject: =?utf-8?q?Antoine_Beaupr=C3=A9=3A_My_free_software_activities=2C_August_2017?=
 Message-ID: http-anarc-at-blog-2017-09-01-free-software-activities-august-2017
-User-Agent: feed2exec (0.6.dev2+ng3158a4f)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://anarc.at/blog/2017-09-01-free-software-activities-august-2017/
 
 --===============testboundary==
-Content-Type: text/html; charset="utf-8"
+Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-
-<h1 id="debian-long-term-support-lts">Debian Long Term Support (LTS)</h1>
+Content-Transfer-Encoding: 8bit
 
-<p>This is my monthly <a href="https://www.freexian.com/services/debian-lts.html">Debian LTS</a> report. This month I worked on a few
-major packages that took a long time instead of multiple smaller
-issues. Affected packages were Mercurial, libdbd-mysql-perl and Ruby.</p>
+http://anarc.at/blog/2017-09-01-free-software-activities-august-2017/
 
-<h2 id="mercurial-updates">Mercurial updates</h2>
+# Debian Long Term Support (LTS)
 
-<p>Mercurial was vulnerable to two CVEs: <a href="https://security-tracker.debian.org/CVE-2017-1000116">CVE-2017-1000116</a>
-(command injection on clients through malicious ssh URLs) and
-<a href="https://security-tracker.debian.org/CVE-2017-1000115">CVE-2017-1000115</a> (path traversal via symlink). The former
-is an issue that actually affects many other similar software like Git
-(<a href="https://security-tracker.debian.org/CVE-2017-1000117">CVE-2017-1000117</a>), Subversion (<a href="https://security-tracker.debian.org/CVE-2017-9800">CVE-2017-9800</a>)
-and even CVS (<a href="https://security-tracker.debian.org/CVE-2017-12836">CVE-2017-12836</a>). The latter symlink issue is
-a distinct issue that came up during an internal audit.</p>
+This is my monthly [Debian LTS][1] report. This month I worked on a few major
+packages that took a long time instead of multiple smaller issues. Affected
+packages were Mercurial, libdbd-mysql-perl and Ruby.
 
-<p>The fix, shipped as <a href="https://lists.debian.org/debian-lts-announce/2017/08/msg00032.html">DLA-1072-1</a>, involved a rather difficult
-backport, especially because the Mercurial test suite takes a long
-time to complete. This reminded me of the virtues of
-<code>DEB_BUILD_OPTIONS=parallel=4</code>, which sped up the builds
-considerably. I also discovered that the Wheezy build chain doesn't
-support <a href="http://manpages.debian.org/sbuild">sbuild</a>'s <code>--source-only-changes</code> flag which I had
-hardcoded in my <a href="http://manpages.debian.org/sbuild%2Econf">sbuild.conf</a> file. This seems to be simply
-because sbuild passes <code>--build=source</code> to <a href="http://manpages.debian.org/dpkg%2Dbuildpackage">dpkg-buildpackage</a>, an option that is supported only in jessie or
-later.</p>
+   [1]: <https://www.freexian.com/services/debian-lts.html>
 
-<h2 id="libdbd-mysql-perl">libdbd-mysql-perl</h2>
+## Mercurial updates
 
-<p>I have worked on fixing two issues with the <a href="http://packages.debian.org/libdbd%2Dmysql%2Dperl">libdbd-mysql-perl</a> package, <a href="https://security-tracker.debian.org/CVE-2017-10788">CVE-2017-10788</a> and <a href="https://security-tracker.debian.org/CVE-2017-10789">CVE-2017-10789</a>, which resulted in the <a href="https://lists.debian.org/20170831115827.eaciz7h6g7ecl5jh@curie.anarc.at">DLA-1079-1</a> upload.
-Behind this mysteriously named package sits a critical piece of
-infrastructure, namely the <code>mysql</code> commandline client which is
-probably used and abused by hundreds if not thousands of home-made
-scripts, but also all of Perl's MySQL support, which is probably used
-by even a larger base of software.</p>
+Mercurial was vulnerable to two CVEs: [CVE-2017-1000116][2] (command injection on clients through malicious ssh URLs) and [CVE-2017-1000115][3] (path traversal via symlink). The former is an issue that actually affects many other similar software like Git ([CVE-2017-1000117][4]), Subversion ([CVE-2017-9800][5]) and even CVS ([CVE-2017-12836][6]). The latter symlink issue is a distinct issue that came up during an internal audit.
 
-<p>Through the Debian bug reports (<a href="http://bugs.debian.org/866818">Debian bug #866818</a> and <a href="http://bugs.debian.org/866821">Debian bug #866821</a>), I have learned that the patches existed in the upstream
-tracker but were either <a href="https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844">ignored</a> or even <a href="https://github.com/perl5-dbi/DBD-mysql/issues/110">reverted</a> in the
-latest 4.043 upstream release. It turns out that there are talks of
-<a href="https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8030.html">forking that library</a> because of maintainership issue. It blows my
-mind that such an important part of MySQL is basically unmaintained.</p>
+   [2]: <https://security-tracker.debian.org/CVE-2017-1000116>
+   [3]: <https://security-tracker.debian.org/CVE-2017-1000115>
+   [4]: <https://security-tracker.debian.org/CVE-2017-1000117>
+   [5]: <https://security-tracker.debian.org/CVE-2017-9800>
+   [6]: <https://security-tracker.debian.org/CVE-2017-12836>
 
-<p>I ended up backporting the upstream patches, which was also somewhat
-difficult because of the long-standing issues with SSL support in
-MySQL. The backport there was particularly hard to test, as you need
-to run that test suite by hand, twice: once with a server configured
-with a (valid!) SSL certificate and one without (!). I'm wondering how
-much time it is really worth spending on trying to fix SSL in MySQL,
-however. It has been badly broken forever, and while the patch <em>is</em> an
-improvement, I would actually still never trust SSL transports in
-MySQL over an untrusted network. The few people that I know use such
-transports wrap their connections around a simpler <a href="http://packages.debian.org/stunnel">stunnel</a>
-instead.</p>
+The fix, shipped as [DLA-1072-1][7], involved a rather difficult backport,
+especially because the Mercurial test suite takes a long time to complete.
+This reminded me of the virtues of `DEB_BUILD_OPTIONS=parallel=4`, which sped
+up the builds considerably. I also discovered that the Wheezy build chain
+doesn't support [sbuild][8]'s `--source-only-changes` flag which I had
+hardcoded in my [sbuild.conf][9] file. This seems to be simply because sbuild
+passes `--build=source` to [dpkg-buildpackage][10], an option that is
+supported only in jessie or later.
 
-<p>The other issue was easier to fix so I submitted a <a href="https://github.com/perl5-dbi/DBD-mysql/pull/142">pull request
-upstream</a> to make sure that work isn't lost, although it is not
-clear what the future of that patch (or project!) will be at this
-point.</p>
+   [7]: <https://lists.debian.org/debian-lts-announce/2017/08/msg00032.html>
+   [8]: <http://manpages.debian.org/sbuild>
+   [9]: <http://manpages.debian.org/sbuild%2Econf>
+   [10]: <http://manpages.debian.org/dpkg%2Dbuildpackage>
 
-<h2 id="rubygems">Rubygems</h2>
+## libdbd-mysql-perl
 
-<p>I also worked on the <a href="http://packages.debian.org/rubygems">rubygems</a> issues, which, thanks to the
-"vendoring" practice of the Ruby community, also affects the <a href="http://packages.debian.org/ruby1%2E9">ruby1.9</a> package. 4 distinct CVEs were triaged here (<a href="https://security-tracker.debian.org/CVE-2017-0899">CVE-2017-0899</a>, <a href="https://security-tracker.debian.org/CVE-2017-0900">CVE-2017-0900</a>, <a href="https://security-tracker.debian.org/CVE-2017-0901">CVE-2017-0901</a>
-and <a href="https://security-tracker.debian.org/CVE-2017-0902">CVE-2017-0902</a>) and I determined the latter issue
-didn't affect wheezy as rubygems doesn't do its own DNS resolution
-there (later versions lookup SRV records).</p>
+I have worked on fixing two issues with the [libdbd-mysql-perl][11] package,
+[CVE-2017-10788][12] and [CVE-2017-10789][13], which resulted in the
+[DLA-1079-1][14] upload. Behind this mysteriously named package sits a
+critical piece of infrastructure, namely the `mysql` commandline client which
+is probably used and abused by hundreds if not thousands of home-made scripts,
+but also all of Perl's MySQL support, which is probably used by even a larger
+base of software.
 
-<p>This is another package where the test suite takes a long time to
-run. Worse, the packages in Wheezy actually fails to build from
-source: the test suites just fail in various steps, particularly
-because of <code>dh key too small</code> errors for Rubygems, but also other
-errors for Ruby. I also had trouble backporting one test which I had
-to simply skip for Rubygems. I uploaded and <a href="https://lists.debian.org/87h8wkzyos.fsf@curie.anarc.at">announced</a> test
-packages and hopefully I'll be able to complete this work soon,
-although I would certainly appreciate any help on this...</p>
+   [11]: <http://packages.debian.org/libdbd%2Dmysql%2Dperl>
+   [12]: <https://security-tracker.debian.org/CVE-2017-10788>
+   [13]: <https://security-tracker.debian.org/CVE-2017-10789>
+   [14]: <https://lists.debian.org/20170831115827.eaciz7h6g7ecl5jh@curie.anarc.at>
 
-<h2 id="triage">Triage</h2>
+Through the Debian bug reports ([Debian bug #866818][15] and [Debian bug
+#866821][16]), I have learned that the patches existed in the upstream tracker
+but were either [ignored][17] or even [reverted][18] in the latest 4.043
+upstream release. It turns out that there are talks of [forking that
+library][19] because of maintainership issue. It blows my mind that such an
+important part of MySQL is basically unmaintained.
 
-<p>I took a look at the <a href="http://packages.debian.org/sox">sox</a>, <a href="http://packages.debian.org/libvorbis">libvorbis</a> and
-<a href="http://packages.debian.org/exiv2">exiv2</a> issues. None had fixes available. sox and exiv2 were
-basically a list of fuzzing issues, which are often minor or at least
-of unknown severity. Those would have required a significant amount of
-work and I figured I would prioritize other work first.</p>
+   [15]: <http://bugs.debian.org/866818>
+   [16]: <http://bugs.debian.org/866821>
+   [17]: <https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844>
+   [18]: <https://github.com/perl5-dbi/DBD-mysql/issues/110>
+   [19]: <https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8030.html>
 
-<p>I also triaged <a href="https://security-tracker.debian.org/CVE-2017-7506">CVE-2017-7506</a>, which doesn't seem to affect
-the <a href="http://packages.debian.org/spice">spice</a> package in wheezy, after doing a fairly thorough
-audit of the code. The vulnerability is specifically bound to the
-<code>reds_on_main_agent_monitors_config</code> function, which is simply not
-present in our older version. A hostile message would fall through the
-code and not provoke memory allocation or out of bounds access, so I
-simply marked the wheezy version as <code>not-affected</code>, something which
-usually happens during the original triage but can also happen during
-the actual patching work, as in this case.</p>
+I ended up backporting the upstream patches, which was also somewhat difficult
+because of the long-standing issues with SSL support in MySQL. The backport
+there was particularly hard to test, as you need to run that test suite by
+hand, twice: once with a server configured with a (valid!) SSL certificate and
+one without (!). I'm wondering how much time it is really worth spending on
+trying to fix SSL in MySQL, however. It has been badly broken forever, and
+while the patch _is_ an improvement, I would actually still never trust SSL
+transports in MySQL over an untrusted network. The few people that I know use
+such transports wrap their connections around a simpler [stunnel][20] instead.
 
-<h1 id="other-free-software-work">Other free software work</h1>
+   [20]: <http://packages.debian.org/stunnel>
 
-<p>This describes the volunteer work I do on various free software
-projects. This month, again, my internal reports show that I spent
-about the same time on volunteer and paid time, but this is probably a
-wrong estimate because I spent a lot of time at Debconf which I didn't
-clock in...</p>
+The other issue was easier to fix so I submitted a [pull request upstream][21]
+to make sure that work isn't lost, although it is not clear what the future of
+that patch (or project!) will be at this point.
 
-<h2 id="debconf">Debconf</h2>
+   [21]: <https://github.com/perl5-dbi/DBD-mysql/pull/142>
 
-<p>So I participated in the <a href="http://debconf17.debconf.org/">17th Debian Conference</a> in Montreal. It
-was great to see (and make!) so many friends from all over the world
-in person again, and I was happy to work on specific issues together
-with other Debian developers. I am especially thankful to David
-Bremner for fixing the syncing of the <code>flagged</code> tag when added to new
-messages (<a href="https://notmuchmail.org/pipermail/notmuch/2017/025046.html">patch series</a>). This allows me to easily sync the one
-tag (<code>inbox</code>) that is not statically assigned during <code>notmuch new</code>, by
-using <code>flagged</code> as a synchronization tool. This allows me to use
-notmuch more easily across multiple machines without having to sync
-all tags with dump/restore or using muchsync which wasn't working for
-me (although a <a href="https://notmuchmail.org/pipermail/notmuch/2017/024500.html">new release came out</a> which may fix my issues). The
-magic incantation looks something like this:</p>
+## Rubygems
 
-<pre><code>notmuch tag -inbox tag:inbox and not tag:flagged
-notmuch tag +inbox not tag:inbox and tag:flagged
-</code></pre>
+I also worked on the [rubygems][22] issues, which, thanks to the "vendoring"
+practice of the Ruby community, also affects the [ruby1.9][23] package. 4
+distinct CVEs were triaged here ([CVE-2017-0899][24], [CVE-2017-0900][25],
+[CVE-2017-0901][26] and [CVE-2017-0902][27]) and I determined the latter issue
+didn't affect wheezy as rubygems doesn't do its own DNS resolution there
+(later versions lookup SRV records).
 
-<p>However, most of my time in the first week (Debcamp) was spent trying
-to complete the networking setup: configure switches, setup wiring and
-so on. I also configured an <a href="http://packages.debian.org/apt%2Dcacher%2Dng">apt-cacher-ng</a> proxy to serve
-packages to attendees during the conference. I configured it with
-Avahi to configure clients automatically, which led me to discover
-(and fix) issue <a href="http://bugs.debian.org/870321">Debian bug #870321</a>) although there are more issues
-with the autodiscovery mechanism... I spent extra time to document the
-(somewhat simple) configuration of such a server in the <a href="https://wiki.debian.org/AptCacherNg">Debian
-wiki</a> because it was not the first time I had research that
-procedure...</p>
+   [22]: <http://packages.debian.org/rubygems>
+   [23]: <http://packages.debian.org/ruby1%2E9>
+   [24]: <https://security-tracker.debian.org/CVE-2017-0899>
+   [25]: <https://security-tracker.debian.org/CVE-2017-0900>
+   [26]: <https://security-tracker.debian.org/CVE-2017-0901>
+   [27]: <https://security-tracker.debian.org/CVE-2017-0902>
 
-<p>I somehow thought this was a great time to upgrade my laptop to
-stretch. Normally, I keep that device running stable because I don't
-use it often and I don't want to have major traumatizing upgrades
-every time I leave with it on a trip. But this time was special: there
-were literally <em>hundreds</em> of Debian developers to help me out if there
-was trouble. And there was, of course, trouble as it turns out! I had
-problems with the fonts on my display, because, well, I had
-<em>suspended</em> (twice) my laptop <em>during</em> the install. The fix was simply
-to flush the fontconfig cache, and I tried to document this in the
-<a href="https://wiki.debian.org/Fonts">fonts wiki page</a> and my <a href="http://anarc.at/services/upgrades/stretch/">upgrades page</a>.</p>
+This is another package where the test suite takes a long time to run. Worse,
+the packages in Wheezy actually fails to build from source: the test suites
+just fail in various steps, particularly because of `dh key too small` errors
+for Rubygems, but also other errors for Ruby. I also had trouble backporting
+one test which I had to simply skip for Rubygems. I uploaded and
+[announced][28] test packages and hopefully I'll be able to complete this work
+soon, although I would certainly appreciate any help on this...
 
-<p>I also gave a short training called <a href="https://debconf17.debconf.org/talks/161/">Debian packaging 101</a> which
-was pretty successful. Like the short presentation I made at the last
-<a href="http://anarc.at/blog/2017-04-09-montreal-bsp-report/">Montreal BSP</a>, the workshop was
-based on my <a href="http://anarc.at/software/debian-development/">quick debian development guide</a>. 
-I'm thinking of expanding this to a larger audience with a "102"
-course that would discuss more complex packaging problems. But my
-secret plan (well, secret until now I guess) is to make packaging
-procedures more uniform in Debian by training new Debian packagers
-using that same training for the next 2 decades. But I will probably
-start by just trying to do this again at the next Debconf, if I can
-attend.</p>
+   [28]: <https://lists.debian.org/87h8wkzyos.fsf@curie.anarc.at>
 
-<h2 id="debian-uploads">Debian uploads</h2>
+## Triage
 
-<p>I also sponsored two packages during Debconf: one was a "scratch an
-itch" upload (<a href="http://packages.debian.org/elpa%2Divy">elpa-ivy</a>) which I requested (<a href="http://bugs.debian.org/863216">Debian bug #863216</a>) as part of a larger effort to ship the Emacs elisp packages
-as Debian packages. The other was an <a href="https://tracker.debian.org/news/864378">upload</a> of <a href="http://packages.debian.org/diceware">diceware</a> to build the documentation in a separate package and fix
-other issues I have found in the package during a review.</p>
+I took a look at the [sox][29], [libvorbis][30] and [exiv2][31] issues. None
+had fixes available. sox and exiv2 were basically a list of fuzzing issues,
+which are often minor or at least of unknown severity. Those would have
+required a significant amount of work and I figured I would prioritize other
+work first.
 
-<p>I also uploaded a bunch of other fixes to the Debian archive:</p>
+   [29]: <http://packages.debian.org/sox>
+   [30]: <http://packages.debian.org/libvorbis>
+   [31]: <http://packages.debian.org/exiv2>
 
-<ul>
-<li><a href="http://packages.debian.org/slop">slop</a> upstream update and matching <a href="http://packages.debian.org/maim">maim</a> NMU</li>
-<li>asked for <a href="http://packages.debian.org/gnome%2Dweb%2Dphoto">gnome-web-photo</a> removal (<a href="http://bugs.debian.org/873015">Debian bug #873015</a>)</li>
-<li><a href="http://packages.debian.org/charybdis">charybdis</a> 3.5.5-2 to officially switch to <a href="http://packages.debian.org/mbedtls">mbedtls</a> (<a href="http://bugs.debian.org/705369">Debian bug #705369</a>)</li>
-<li><a href="http://packages.debian.org/gmpc">gmpc</a>: ship pending patches from git and Ubuntu</li>
-<li><a href="http://packages.debian.org/horst">horst</a>: new upstream release and workaround for sparse
-bug <a href="http://bugs.debian.org/873508">Debian bug #873508</a></li>
-<li>uploaded <a href="https://github.com/mooz/percol">percol</a> to NEW (<a href="http://bugs.debian.org/754972">Debian bug #754972</a>)</li>
-</ul>
+I also triaged [CVE-2017-7506][32], which doesn't seem to affect the
+[spice][33] package in wheezy, after doing a fairly thorough audit of the
+code. The vulnerability is specifically bound to the
+`reds_on_main_agent_monitors_config` function, which is simply not present in
+our older version. A hostile message would fall through the code and not
+provoke memory allocation or out of bounds access, so I simply marked the
+wheezy version as `not-affected`, something which usually happens during the
+original triage but can also happen during the actual patching work, as in
+this case.
 
-<h2 id="signing-keys-rotation">Signing keys rotation</h2>
+   [32]: <https://security-tracker.debian.org/CVE-2017-7506>
+   [33]: <http://packages.debian.org/spice>
 
-<p>I also started the process of moving my main OpenPGP certification key
-by adding a signing subkey. The subkey is stored in a cryptographic
-token so I can sign things on more than one machine without storing
-that critical key on all those devices physically.</p>
+# Other free software work
 
-<p>Unfortunately, this meant that I need to do some shenanigans when I
-want to sign content in my Debian work, because the new subkey takes
-time to propagate to the Debian archive. For example, I have to
-specify the primary key with a "bang" when signing packages (<code>debsign
--k '792152527B75921E!' ...</code>) or use inline signatures in email sent
-for security announcement (since that trick doesn't work in Mutt <em>or</em>
-Notmuch). I tried to figure out how to better coordinate this next
-time by reading up documentation on <a href="https://keyring.debian.org/">keyring.debian.org</a>, but there
-is no fixed date for key changes on the rsync interface. There are
-"monthly changes" so one's best bet is to look for the last change in
-their git repository.</p>
+This describes the volunteer work I do on various free software projects. This
+month, again, my internal reports show that I spent about the same time on
+volunteer and paid time, but this is probably a wrong estimate because I spent
+a lot of time at Debconf which I didn't clock in...
 
-<h2 id="gitlabcom-and-lfs-migration">GitLab.com and LFS migration</h2>
+## Debconf
 
-<p>I finally turned off my <a href="http://src.anarc.at/">src.anarc.at</a> git repository service by
-moving the remaining repos to <a href="https://gitlab.com/">GitLab</a>. Unfortunately, GitLab
-<a href="https://gitlab.com/gitlab-org/gitlab-ee/issues/1648">removed support for git-annex</a> recently, so I had to migrate my
-repositories to Git-LFS, which was an interesting experience. LFS is
-pretty easy to use, definitely simpler than git-annex. It also seems
-to be a good match for the use-case at hand, which is to store large
-files (videos, namely) as part of slides for presentations.</p>
+So I participated in the [17th Debian Conference][34] in Montreal. It was
+great to see (and make!) so many friends from all over the world in person
+again, and I was happy to work on specific issues together with other Debian
+developers. I am especially thankful to David Bremner for fixing the syncing
+of the `flagged` tag when added to new messages ([patch series][35]). This
+allows me to easily sync the one tag (`inbox`) that is not statically assigned
+during `notmuch new`, by using `flagged` as a synchronization tool. This
+allows me to use notmuch more easily across multiple machines without having
+to sync all tags with dump/restore or using muchsync which wasn't working for
+me (although a [new release came out][36] which may fix my issues). The magic
+incantation looks something like this:
 
-<p>It turns out that their migration guide could have been made much
-simpler. I tried to submit those changes to the documentation but
-<a href="https://gitlab.com/gitlab-org/gitlab-ee/issues/3287">couldn't fork the GitLab EE project</a> to make a patch, so I just
-documented the issue in <a href="https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1230#note_38813881">the original MR</a> for now. While I was
-there I filed a <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/37242">feature request</a> to add a new reference shortcut
-(<code>GL-NNN</code>) after noticing a similar token <a href="https://github.com/jrblevin/markdown-mode/commit/b163f104d83fd3eeb909920284c981e8fba1b481">used on GitHub</a>. This
-would be a useful addition because I often have numbering conflicts
-between Debian BTS bug numbers and GitLab issues in packages I
-maintain there. In particular, I have problems using GitLab issue
-numbers in Monkeysign, because commit logs end up in Debian changelogs
-and will be detected by the Debian infrastructure even though those
-are GitLab bug numbers. Using such a shortcut would avoid detection
-and such a conflict.</p>
+    
+       [34]: <http://debconf17.debconf.org/>
+   [35]: <https://notmuchmail.org/pipermail/notmuch/2017/025046.html>
+   [36]: <https://notmuchmail.org/pipermail/notmuch/2017/024500.html>
 
-<h2 id="numpy-stats">Numpy-stats</h2>
+    notmuch tag -inbox tag:inbox and not tag:flagged
+    notmuch tag +inbox not tag:inbox and tag:flagged
+    
 
-<p>I wrote a small tool to extract numeric statistics from a given
-file. I often do ad-hoc benchmarks where I store a bunch of numbers in
-a file and then try to make averages and so on. As an exercise in
-learning <a href="http://www.numpy.org/">NumPy</a>, I figured I would write such a simple tool,
-called <a href="https://gitlab.com/anarcat/scripts/blob/master/numpy-stats">numpy-stats</a>, which probably sounds naive to seasoned
-Python scientists.</p>
+However, most of my time in the first week (Debcamp) was spent trying to
+complete the networking setup: configure switches, setup wiring and so on. I
+also configured an [apt-cacher-ng][37] proxy to serve packages to attendees
+during the conference. I configured it with Avahi to configure clients
+automatically, which led me to discover (and fix) issue [Debian bug
+#870321][38]) although there are more issues with the autodiscovery
+mechanism... I spent extra time to document the (somewhat simple)
+configuration of such a server in the [Debian wiki][39] because it was not the
+first time I had research that procedure...
 
-<p>My incentive was that I was trying to figure out what was the
-distribution of password length in a given <a href="https://superuser.com/questions/237228/command-line-tool-to-generate-memorable-passwords/1246245#comment1828733_1052689">password generator
-scheme</a>. So I wrote this simple script:</p>
+   [37]: <http://packages.debian.org/apt%2Dcacher%2Dng>
+   [38]: <http://bugs.debian.org/870321>
+   [39]: <https://wiki.debian.org/AptCacherNg>
 
-<pre><code>for i in seq 10000 ; do
-    shuf -n4 /usr/share/dict/words | tr -d '\n'
-done &gt; length
-</code></pre>
+I somehow thought this was a great time to upgrade my laptop to stretch.
+Normally, I keep that device running stable because I don't use it often and I
+don't want to have major traumatizing upgrades every time I leave with it on a
+trip. But this time was special: there were literally _hundreds_ of Debian
+developers to help me out if there was trouble. And there was, of course,
+trouble as it turns out! I had problems with the fonts on my display, because,
+well, I had _suspended_ (twice) my laptop _during_ the install. The fix was
+simply to flush the fontconfig cache, and I tried to document this in the
+[fonts wiki page][40] and my [upgrades page][41].
 
-<p>And then feed that data in the tool:</p>
+   [40]: <https://wiki.debian.org/Fonts>
+   [41]: <http://anarc.at/services/upgrades/stretch/>
 
-<pre><code>$ numpy-stats lengths 
-{
-  "max": 60, 
-  "mean": 33.883293722913464, 
-  "median": 34.0, 
-  "min": 14, 
-  "size": 143060, 
-  "std": 5.101490225062775
-}
-</code></pre>
+I also gave a short training called [Debian packaging 101][42] which was
+pretty successful. Like the short presentation I made at the last [Montreal
+BSP][43], the workshop was based on my [quick debian development guide][44].
+I'm thinking of expanding this to a larger audience with a "102" course that
+would discuss more complex packaging problems. But my secret plan (well,
+secret until now I guess) is to make packaging procedures more uniform in
+Debian by training new Debian packagers using that same training for the next
+2 decades. But I will probably start by just trying to do this again at the
+next Debconf, if I can attend.
 
-<p>I am surprised that there isn't such a tool already: hopefully I am
-wrong and will just be pointed towards the better alternative in the
-comments here!</p>
+   [42]: <https://debconf17.debconf.org/talks/161/>
+   [43]: <http://anarc.at/blog/2017-04-09-montreal-bsp-report/>
+   [44]: <http://anarc.at/software/debian-development/>
 
-<h2 id="safe-eyes">Safe Eyes</h2>
+## Debian uploads
 
-<p>I added <a href="https://github.com/slgobinath/SafeEyes/commit/6a8b29a87baa53aca2ccc3e280079d04c2b2bf39">screensaver support</a> to the new <a href="https://github.com/slgobinath/SafeEyes/">SafeEyes</a> project,
-which I am considering as a replacement to the <a href="http://packages.debian.org/workrave">workrave</a>
-project I have been using for years. I really like how the
-interruptions basically block the whole screen: way more effective
-than only blocking the keyboard, because all potential distractions go
-away.</p>
+I also sponsored two packages during Debconf: one was a "scratch an itch"
+upload ([elpa-ivy][45]) which I requested ([Debian bug #863216][46]) as part
+of a larger effort to ship the Emacs elisp packages as Debian packages. The
+other was an [upload][47] of [diceware][48] to build the documentation in a
+separate package and fix other issues I have found in the package during a
+review.
 
-<p>One feature that is missing is <a href="https://github.com/slgobinath/SafeEyes/issues/184">keystrokes and mouse movement
-counting</a> and of course an <a href="https://github.com/slgobinath/SafeEyes/issues/183">official Debian package</a>, although
-the latter would be easy to fix because upstream already has an
-unofficial build. I am thinking of writing my own little tool to count
-keystrokes, since the overlap between SafeEyes and such a counter
-isn't absolutely necessary. This is something that workrave does, but
-there are "idle time" extensions in Xorg that do not <em>need</em> to count
-keystrokes. There are already certain tools to count input events, but
-none seem to do what I want (most of them are basically
-keyloggers). It would be an interesting test to see if it's possible
-to write something that would work both for Xorg and Wayland at the
-same time. Unfortunately, preliminary research show that:</p>
+   [45]: <http://packages.debian.org/elpa%2Divy>
+   [46]: <http://bugs.debian.org/863216>
+   [47]: <https://tracker.debian.org/news/864378>
+   [48]: <http://packages.debian.org/diceware>
 
-<ol>
-<li><p>in Xorg, the only way to implement this is to sniff all events,
-ie. to implement a keylogger</p></li>
-<li><p>in Wayland, this is <a href="https://superuser.com/questions/1032270/wayland-alternative-for-xorgs-xdotool">completely unsupported</a>. it seems <em>some</em>
-compositors <em>could</em> implement such a counter, but then it means
-that this is compositor specific, or, in other words, unportable</p></li>
-</ol>
+I also uploaded a bunch of other fixes to the Debian archive:
 
-<p>So there is little hope here, which brings to my mind "painmeter" as
-an appropriate name for this future programming nightmare.</p>
+  * [slop][49] upstream update and matching [maim][50] NMU
+  * asked for [gnome-web-photo][51] removal ([Debian bug #873015][52])
+  * [charybdis][53] 3.5.5-2 to officially switch to [mbedtls][54] ([Debian bug #705369][55])
+  * [gmpc][56]: ship pending patches from git and Ubuntu
+  * [horst][57]: new upstream release and workaround for sparse bug [Debian bug #873508][58]
+  * uploaded [percol][59] to NEW ([Debian bug #754972][60])
 
-<h2 id="ansible">Ansible</h2>
+   [49]: <http://packages.debian.org/slop>
+   [50]: <http://packages.debian.org/maim>
+   [51]: <http://packages.debian.org/gnome%2Dweb%2Dphoto>
+   [52]: <http://bugs.debian.org/873015>
+   [53]: <http://packages.debian.org/charybdis>
+   [54]: <http://packages.debian.org/mbedtls>
+   [55]: <http://bugs.debian.org/705369>
+   [56]: <http://packages.debian.org/gmpc>
+   [57]: <http://packages.debian.org/horst>
+   [58]: <http://bugs.debian.org/873508>
+   [59]: <https://github.com/mooz/percol>
+   [60]: <http://bugs.debian.org/754972>
 
-<p>I sent my first contribution to the <a href="http://packages.debian.org/ansible">ansible</a> project with a
-small <a href="https://github.com/ansible/ansible/pull/28766">documentation fix</a>. I had an eye opener recently when I
-discovered a <a href="https://gist.github.com/kpcyrd/1bde93b2bb9c77e0b6c14a2b3f75b026">GitLab ansible prototype</a> that would manipulate
-GitLab settings. When I first discovered Ansible, I was frustrated by
-the YAML/Jinja DSL: it felt silly to write all this code in YAML when
-you are a Python developer. It was great to see reasonably
-well-written Python code that would do things and delegate the
-metadata storage (and only that!) to YAML, as opposed to using YAML as
-a DSL.</p>
+## Signing keys rotation
 
-<p>So I figured I would look at the Ansible documentation on how this
-works, but unfortunately, the Ansible documentation is severly lacking
-in this area. There are broken links (I only fixed <em>one</em> page) and
-missing pieces. For example, the <a href="http://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html">developing plugins page</a> doesn't
-explain how to program a plugin at all.</p>
+I also started the process of moving my main OpenPGP certification key by
+adding a signing subkey. The subkey is stored in a cryptographic token so I
+can sign things on more than one machine without storing that critical key on
+all those devices physically.
 
-<p>I was told on IRC that: "<em>documentation around developing plugins is
-sparse in general. the code is the best documentation that exists
-(right now)</em>". I didn't get a reply when asking <em>which</em> code in
-particular could provide good examples either. In comparison, Puppet
-has excellent documentation on how to create <a href="https://docs.puppet.com/puppet/5.1/custom_types.html">custom types</a>,
-<a href="https://docs.puppet.com/puppet/5.1/functions_ruby_overview.html">functions</a> and <a href="https://docs.puppet.com/facter/3.8/fact_overview.html">facts</a>. That is definitely a turn-off for a new
-contributor, but at least my pull request was merged in and I can only
-hope that seasoned Ansible contributors expand on this critical piece
-of documentation eventually.</p>
+Unfortunately, this meant that I need to do some shenanigans when I want to
+sign content in my Debian work, because the new subkey takes time to propagate
+to the Debian archive. For example, I have to specify the primary key with a
+"bang" when signing packages (`debsign -k '792152527B75921E!' ...`) or use
+inline signatures in email sent for security announcement (since that trick
+doesn't work in Mutt _or_ Notmuch). I tried to figure out how to better
+coordinate this next time by reading up documentation on
+[keyring.debian.org][61], but there is no fixed date for key changes on the
+rsync interface. There are "monthly changes" so one's best bet is to look for
+the last change in their git repository.
 
-<h2 id="misc">Misc</h2>
+   [61]: <https://keyring.debian.org/>
 
-<p>As you can see, I'm all over the place, as usual. GitHub tells me I
-"Opened 13 <em>other</em> pull requests in 11 repositories" (emphasis mine),
-which I guess means on top of the "9 commits in 5 repositories"
-mentioned earlier. My <a href="https://github.com/anarcat">profile</a> probably tells a more detailed
-story that what would be useful to mention here. I should also mention
-how difficult it is to write those reports: I basically do a
-combination of looking into my GitHub and GitLab profiles, the last 30
-days of emails <img alt="(!)" src="http://anarc.at/smileys/idea.png" /> and filesystem changes (!!). En vrac, a list of
-changes which may be of interest:</p>
+## GitLab.com and LFS migration
 
-<ul>
-<li><a href="https://gitlab.com/anarcat/scripts/blob/master/font-large">font-large</a> (and its alias, <a href="https://gitlab.com/anarcat/scripts/blob/master/font-small">font-small</a>): shortcut to send
-the right escape sequence to rxvt so it changes its font</li>
-<li><a href="https://gitlab.com/anarcat/scripts/blob/master/fix-acer">fix-acer</a>: short script to hardcode the modeline (you remember
-those?!) for my screen which has a broken EDID pin (so
-autodetection fails, yay Xorg log files...)</li>
-<li><a href="https://gitlab.com/anarcat/scripts/blob/master/ikiwiki-pandoc-quickie">ikiwiki-pandoc-quickie</a>: fake ikiwiki renderer that (ab)uses
-pandoc to generate a HTML file with the right stylesheet to preview
-Markdown as it <em>may</em> look in this blog (the basic template is
-missing still)</li>
-<li><a href="https://gitlab.com/anarcat/scripts/blob/master/git-annex-transfer">git-annex-transfer</a>: a command I've often been missing in
-<a href="https://git-annex.branchable.com/">git-annex</a>, which is a way to transfer files between remotes
-without having to copy them locally (<a href="http://git-annex.branchable.com/todo/transitive_transfers/">upstream feature request</a>)</li>
-<li>I linked the graphics of the Debian archive software architecture
-in the <a href="https://wiki.debian.org/DebianDak">Debian wiki</a> in the hope more people notice it.</li>
-<li>I did some tweaks on my <a href="https://github.com/travitch/taffybar/">Taffybar</a> to introduce a battery meter
-and hoping to have temperature sensors, which mostly
-failed. there's a pending <a href="https://github.com/travitch/taffybar/pull/157">pull request</a> that may bring some
-sense into this, hopefully.</li>
-<li>I made two <a href="https://0xacab.org/monkeysphere/monkeysign/commit/2d5df2b499c1d2da7fd1d509fc7784e4d67093d9">small</a> <a href="https://0xacab.org/monkeysphere/monkeysign/commit/c296bf82e7de224281844e2b07d5b803ce501619">patches</a> in <a href="https://0xacab.org/monkeysphere/monkeysign/">Monkeysign</a> to fix
-gpg.conf handling and multiple email output, a dumb bug I cannot
-believe anyone noticed or reported just yet. Thanks Valerie for the
-bug report! The upload of this in Debian is pending a review from
-the <a href="https://bugs.debian.org/871937">release team</a>.</li>
-</ul>
---===============testboundary==
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
+I finally turned off my [src.anarc.at][62] git repository service by moving
+the remaining repos to [GitLab][63]. Unfortunately, GitLab [removed support
+for git-annex][64] recently, so I had to migrate my repositories to Git-LFS,
+which was an interesting experience. LFS is pretty easy to use, definitely
+simpler than git-annex. It also seems to be a good match for the use-case at
+hand, which is to store large files (videos, namely) as part of slides for
+presentations.
 
-http://anarc.at/blog/2017-09-01-free-software-activities-august-2017/
+   [62]: <http://src.anarc.at/>
+   [63]: <https://gitlab.com/>
+   [64]: <https://gitlab.com/gitlab-org/gitlab-ee/issues/1648>
 
-# Debian Long Term Support (LTS)
+It turns out that their migration guide could have been made much simpler. I
+tried to submit those changes to the documentation but [couldn't fork the
+GitLab EE project][65] to make a patch, so I just documented the issue in [the
+original MR][66] for now. While I was there I filed a [feature request][67] to
+add a new reference shortcut (`GL-NNN`) after noticing a similar token [used
+on GitHub][68]. This would be a useful addition because I often have numbering
+conflicts between Debian BTS bug numbers and GitLab issues in packages I
+maintain there. In particular, I have problems using GitLab issue numbers in
+Monkeysign, because commit logs end up in Debian changelogs and will be
+detected by the Debian infrastructure even though those are GitLab bug
+numbers. Using such a shortcut would avoid detection and such a conflict.
 
-This is my monthly [Debian LTS][1] report. This month I worked on a few major
-packages that took a long time instead of multiple smaller issues. Affected
-packages were Mercurial, libdbd-mysql-perl and Ruby.
+   [65]: <https://gitlab.com/gitlab-org/gitlab-ee/issues/3287>
+   [66]: <https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1230#note_38813881>
+   [67]: <https://gitlab.com/gitlab-org/gitlab-ce/issues/37242>
+   [68]: <https://github.com/jrblevin/markdown-mode/commit/b163f104d83fd3eeb909920284c981e8fba1b481>
 
-   [1]: <https://www.freexian.com/services/debian-lts.html>
+## Numpy-stats
 
-## Mercurial updates
+I wrote a small tool to extract numeric statistics from a given file. I often
+do ad-hoc benchmarks where I store a bunch of numbers in a file and then try
+to make averages and so on. As an exercise in learning [NumPy][69], I figured
+I would write such a simple tool, called [numpy-stats][70], which probably
+sounds naive to seasoned Python scientists.
 
-Mercurial was vulnerable to two CVEs: [CVE-2017-1000116][2] (command injection on clients through malicious ssh URLs) and [CVE-2017-1000115][3] (path traversal via symlink). The former is an issue that actually affects many other similar software like Git ([CVE-2017-1000117][4]), Subversion ([CVE-2017-9800][5]) and even CVS ([CVE-2017-12836][6]). The latter symlink issue is a distinct issue that came up during an internal audit.
+   [69]: <http://www.numpy.org/>
+   [70]: <https://gitlab.com/anarcat/scripts/blob/master/numpy-stats>
 
-   [2]: <https://security-tracker.debian.org/CVE-2017-1000116>
-   [3]: <https://security-tracker.debian.org/CVE-2017-1000115>
-   [4]: <https://security-tracker.debian.org/CVE-2017-1000117>
-   [5]: <https://security-tracker.debian.org/CVE-2017-9800>
-   [6]: <https://security-tracker.debian.org/CVE-2017-12836>
+My incentive was that I was trying to figure out what was the distribution of
+password length in a given [password generator scheme][71]. So I wrote this
+simple script:
 
-The fix, shipped as [DLA-1072-1][7], involved a rather difficult backport,
-especially because the Mercurial test suite takes a long time to complete.
-This reminded me of the virtues of `DEB_BUILD_OPTIONS=parallel=4`, which sped
-up the builds considerably. I also discovered that the Wheezy build chain
-doesn't support [sbuild][8]'s `--source-only-changes` flag which I had
-hardcoded in my [sbuild.conf][9] file. This seems to be simply because sbuild
-passes `--build=source` to [dpkg-buildpackage][10], an option that is
-supported only in jessie or later.
+    
+       [71]: <https://superuser.com/questions/237228/command-line-tool-to-generate-memorable-passwords/1246245#comment1828733_1052689>
 
-   [7]: <https://lists.debian.org/debian-lts-announce/2017/08/msg00032.html>
-   [8]: <http://manpages.debian.org/sbuild>
-   [9]: <http://manpages.debian.org/sbuild%2Econf>
-   [10]: <http://manpages.debian.org/dpkg%2Dbuildpackage>
+    for i in seq 10000 ; do
+        shuf -n4 /usr/share/dict/words | tr -d '\n'
+    done > length
+    
 
-## libdbd-mysql-perl
+And then feed that data in the tool:
 
-I have worked on fixing two issues with the [libdbd-mysql-perl][11] package,
-[CVE-2017-10788][12] and [CVE-2017-10789][13], which resulted in the
-[DLA-1079-1][14] upload. Behind this mysteriously named package sits a
-critical piece of infrastructure, namely the `mysql` commandline client which
-is probably used and abused by hundreds if not thousands of home-made scripts,
-but also all of Perl's MySQL support, which is probably used by even a larger
-base of software.
+    
+    
+    $ numpy-stats lengths 
+    {
+      "max": 60, 
+      "mean": 33.883293722913464, 
+      "median": 34.0, 
+      "min": 14, 
+      "size": 143060, 
+      "std": 5.101490225062775
+    }
+    
 
-   [11]: <http://packages.debian.org/libdbd%2Dmysql%2Dperl>
-   [12]: <https://security-tracker.debian.org/CVE-2017-10788>
-   [13]: <https://security-tracker.debian.org/CVE-2017-10789>
-   [14]: <https://lists.debian.org/20170831115827.eaciz7h6g7ecl5jh@curie.anarc.at>
+I am surprised that there isn't such a tool already: hopefully I am wrong and
+will just be pointed towards the better alternative in the comments here!
 
-Through the Debian bug reports ([Debian bug #866818][15] and [Debian bug
-#866821][16]), I have learned that the patches existed in the upstream tracker
-but were either [ignored][17] or even [reverted][18] in the latest 4.043
-upstream release. It turns out that there are talks of [forking that
-library][19] because of maintainership issue. It blows my mind that such an
-important part of MySQL is basically unmaintained.
+## Safe Eyes
 
-   [15]: <http://bugs.debian.org/866818>
-   [16]: <http://bugs.debian.org/866821>
-   [17]: <https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844>
-   [18]: <https://github.com/perl5-dbi/DBD-mysql/issues/110>
-   [19]: <https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8030.html>
+I added [screensaver support][72] to the new [SafeEyes][73] project, which I
+am considering as a replacement to the [workrave][74] project I have been
+using for years. I really like how the interruptions basically block the whole
+screen: way more effective than only blocking the keyboard, because all
+potential distractions go away.
 
-I ended up backporting the upstream patches, which was also somewhat difficult
-because of the long-standing issues with SSL support in MySQL. The backport
-there was particularly hard to test, as you need to run that test suite by
-hand, twice: once with a server configured with a (valid!) SSL certificate and
-one without (!). I'm wondering how much time it is really worth spending on
-trying to fix SSL in MySQL, however. It has been badly broken forever, and
-while the patch _is_ an improvement, I would actually still never trust SSL
-transports in MySQL over an untrusted network. The few people that I know use
-such transports wrap their connections around a simpler [stunnel][20] instead.
+   [72]: <https://github.com/slgobinath/SafeEyes/commit/6a8b29a87baa53aca2ccc3e280079d04c2b2bf39>
+   [73]: <https://github.com/slgobinath/SafeEyes/>
+   [74]: <http://packages.debian.org/workrave>
 
-   [20]: <http://packages.debian.org/stunnel>
+One feature that is missing is [keystrokes and mouse movement counting][75]
+and of course an [official Debian package][76], although the latter would be
+easy to fix because upstream already has an unofficial build. I am thinking of
+writing my own little tool to count keystrokes, since the overlap between
+SafeEyes and such a counter isn't absolutely necessary. This is something that
+workrave does, but there are "idle time" extensions in Xorg that do not _need_
+to count keystrokes. There are already certain tools to count input events,
+but none seem to do what I want (most of them are basically keyloggers). It
+would be an interesting test to see if it's possible to write something that
+would work both for Xorg and Wayland at the same time. Unfortunately,
+preliminary research show that:
 
-The other issue was easier to fix so I submitted a [pull request upstream][21]
-to make sure that work isn't lost, although it is not clear what the future of
-that patch (or project!) will be at this point.
+   [75]: <https://github.com/slgobinath/SafeEyes/issues/184>
+   [76]: <https://github.com/slgobinath/SafeEyes/issues/183>
 
-   [21]: <https://github.com/perl5-dbi/DBD-mysql/pull/142>
+  1. in Xorg, the only way to implement this is to sniff all events, ie. to implement a keylogger
 
-## Rubygems
+  2. in Wayland, this is [completely unsupported][77]. it seems _some_ compositors _could_ implement such a counter, but then it means that this is compositor specific, or, in other words, unportable
 
-I also worked on the [rubygems][22] issues, which, thanks to the "vendoring"
-practice of the Ruby community, also affects the [ruby1.9][23] package. 4
-distinct CVEs were triaged here ([CVE-2017-0899][24], [CVE-2017-0900][25],
-[CVE-2017-0901][26] and [CVE-2017-0902][27]) and I determined the latter issue
-didn't affect wheezy as rubygems doesn't do its own DNS resolution there
-(later versions lookup SRV records).
+   [77]: <https://superuser.com/questions/1032270/wayland-alternative-for-xorgs-xdotool>
 
-   [22]: <http://packages.debian.org/rubygems>
-   [23]: <http://packages.debian.org/ruby1%2E9>
-   [24]: <https://security-tracker.debian.org/CVE-2017-0899>
-   [25]: <https://security-tracker.debian.org/CVE-2017-0900>
-   [26]: <https://security-tracker.debian.org/CVE-2017-0901>
-   [27]: <https://security-tracker.debian.org/CVE-2017-0902>
+So there is little hope here, which brings to my mind "painmeter" as an
+appropriate name for this future programming nightmare.
 
-This is another package where the test suite takes a long time to run. Worse,
-the packages in Wheezy actually fails to build from source: the test suites
-just fail in various steps, particularly because of `dh key too small` errors
-for Rubygems, but also other errors for Ruby. I also had trouble backporting
-one test which I had to simply skip for Rubygems. I uploaded and
-[announced][28] test packages and hopefully I'll be able to complete this work
-soon, although I would certainly appreciate any help on this...
+## Ansible
 
-   [28]: <https://lists.debian.org/87h8wkzyos.fsf@curie.anarc.at>
+I sent my first contribution to the [ansible][78] project with a small
+[documentation fix][79]. I had an eye opener recently when I discovered a
+[GitLab ansible prototype][80] that would manipulate GitLab settings. When I
+first discovered Ansible, I was frustrated by the YAML/Jinja DSL: it felt
+silly to write all this code in YAML when you are a Python developer. It was
+great to see reasonably well-written Python code that would do things and
+delegate the metadata storage (and only that!) to YAML, as opposed to using
+YAML as a DSL.
 
-## Triage
+   [78]: <http://packages.debian.org/ansible>
+   [79]: <https://github.com/ansible/ansible/pull/28766>
+   [80]: <https://gist.github.com/kpcyrd/1bde93b2bb9c77e0b6c14a2b3f75b026>
 
-I took a look at the [sox][29], [libvorbis][30] and [exiv2][31] issues. None
-had fixes available. sox and exiv2 were basically a list of fuzzing issues,
-which are often minor or at least of unknown severity. Those would have
-required a significant amount of work and I figured I would prioritize other
-work first.
+So I figured I would look at the Ansible documentation on how this works, but
+unfortunately, the Ansible documentation is severly lacking in this area.
+There are broken links (I only fixed _one_ page) and missing pieces. For
+example, the [developing plugins page][81] doesn't explain how to program a
+plugin at all.
 
-   [29]: <http://packages.debian.org/sox>
-   [30]: <http://packages.debian.org/libvorbis>
-   [31]: <http://packages.debian.org/exiv2>
+   [81]: <http://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html>
 
-I also triaged [CVE-2017-7506][32], which doesn't seem to affect the
-[spice][33] package in wheezy, after doing a fairly thorough audit of the
-code. The vulnerability is specifically bound to the
-`reds_on_main_agent_monitors_config` function, which is simply not present in
-our older version. A hostile message would fall through the code and not
-provoke memory allocation or out of bounds access, so I simply marked the
-wheezy version as `not-affected`, something which usually happens during the
-original triage but can also happen during the actual patching work, as in
-this case.
+I was told on IRC that: " _documentation around developing plugins is sparse
+in general. the code is the best documentation that exists (right now)_ ". I
+didn't get a reply when asking _which_ code in particular could provide good
+examples either. In comparison, Puppet has excellent documentation on how to
+create [custom types][82], [functions][83] and [facts][84]. That is definitely
+a turn-off for a new contributor, but at least my pull request was merged in
+and I can only hope that seasoned Ansible contributors expand on this critical
+piece of documentation eventually.
 
-   [32]: <https://security-tracker.debian.org/CVE-2017-7506>
-   [33]: <http://packages.debian.org/spice>
+   [82]: <https://docs.puppet.com/puppet/5.1/custom_types.html>
+   [83]: <https://docs.puppet.com/puppet/5.1/functions_ruby_overview.html>
+   [84]: <https://docs.puppet.com/facter/3.8/fact_overview.html>
 
-# Other free software work
+## Misc
 
-This describes the volunteer work I do on various free software projects. This
-month, again, my internal reports show that I spent about the same time on
-volunteer and paid time, but this is probably a wrong estimate because I spent
-a lot of time at Debconf which I didn't clock in...
+As you can see, I'm all over the place, as usual. GitHub tells me I "Opened 13
+_other_ pull requests in 11 repositories" (emphasis mine), which I guess means
+on top of the "9 commits in 5 repositories" mentioned earlier. My
+[profile][85] probably tells a more detailed story that what would be useful
+to mention here. I should also mention how difficult it is to write those
+reports: I basically do a combination of looking into my GitHub and GitLab
+profiles, the last 30 days of emails \(!\) and filesystem changes (!!). En
+vrac, a list of changes which may be of interest:
 
-## Debconf
+   [85]: <https://github.com/anarcat>
 
-So I participated in the [17th Debian Conference][34] in Montreal. It was
-great to see (and make!) so many friends from all over the world in person
-again, and I was happy to work on specific issues together with other Debian
-developers. I am especially thankful to David Bremner for fixing the syncing
-of the `flagged` tag when added to new messages ([patch series][35]). This
-allows me to easily sync the one tag (`inbox`) that is not statically assigned
-during `notmuch new`, by using `flagged` as a synchronization tool. This
-allows me to use notmuch more easily across multiple machines without having
-to sync all tags with dump/restore or using muchsync which wasn't working for
-me (although a [new release came out][36] which may fix my issues). The magic
-incantation looks something like this:
+  * [font-large][86] (and its alias, [font-small][87]): shortcut to send the right escape sequence to rxvt so it changes its font
+  * [fix-acer][88]: short script to hardcode the modeline (you remember those?!) for my screen which has a broken EDID pin (so autodetection fails, yay Xorg log files...)
+  * [ikiwiki-pandoc-quickie][89]: fake ikiwiki renderer that (ab)uses pandoc to generate a HTML file with the right stylesheet to preview Markdown as it _may_ look in this blog (the basic template is missing still)
+  * [git-annex-transfer][90]: a command I've often been missing in [git-annex][91], which is a way to transfer files between remotes without having to copy them locally ([upstream feature request][92])
+  * I linked the graphics of the Debian archive software architecture in the [Debian wiki][93] in the hope more people notice it.
+  * I did some tweaks on my [Taffybar][94] to introduce a battery meter and hoping to have temperature sensors, which mostly failed. there's a pending [pull request][95] that may bring some sense into this, hopefully.
+  * I made two [small][96] [patches][97] in [Monkeysign][98] to fix gpg.conf handling and multiple email output, a dumb bug I cannot believe anyone noticed or reported just yet. Thanks Valerie for the bug report! The upload of this in Debian is pending a review from the [release team][99].
 
-    
-       [34]: <http://debconf17.debconf.org/>
-   [35]: <https://notmuchmail.org/pipermail/notmuch/2017/025046.html>
-   [36]: <https://notmuchmail.org/pipermail/notmuch/2017/024500.html>
+   [86]: <https://gitlab.com/anarcat/scripts/blob/master/font-large>
+   [87]: <https://gitlab.com/anarcat/scripts/blob/master/font-small>
+   [88]: <https://gitlab.com/anarcat/scripts/blob/master/fix-acer>
+   [89]: <https://gitlab.com/anarcat/scripts/blob/master/ikiwiki-pandoc-quickie>
+   [90]: <https://gitlab.com/anarcat/scripts/blob/master/git-annex-transfer>
+   [91]: <https://git-annex.branchable.com/>
+   [92]: <http://git-annex.branchable.com/todo/transitive_transfers/>
+   [93]: <https://wiki.debian.org/DebianDak>
+   [94]: <https://github.com/travitch/taffybar/>
+   [95]: <https://github.com/travitch/taffybar/pull/157>
+   [96]: <https://0xacab.org/monkeysphere/monkeysign/commit/2d5df2b499c1d2da7fd1d509fc7784e4d67093d9>
+   [97]: <https://0xacab.org/monkeysphere/monkeysign/commit/c296bf82e7de224281844e2b07d5b803ce501619>
+   [98]: <https://0xacab.org/monkeysphere/monkeysign/>
+   [99]: <https://bugs.debian.org/871937>
 
-    notmuch tag -inbox tag:inbox and not tag:flagged
-    notmuch tag +inbox not tag:inbox and tag:flagged
-    
 
-However, most of my time in the first week (Debcamp) was spent trying to
-complete the networking setup: configure switches, setup wiring and so on. I
-also configured an [apt-cacher-ng][37] proxy to serve packages to attendees
-during the conference. I configured it with Avahi to configure clients
-automatically, which led me to discover (and fix) issue [Debian bug
-#870321][38]) although there are more issues with the autodiscovery
-mechanism... I spent extra time to document the (somewhat simple)
-configuration of such a server in the [Debian wiki][39] because it was not the
-first time I had research that procedure...
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
 
-   [37]: <http://packages.debian.org/apt%2Dcacher%2Dng>
-   [38]: <http://bugs.debian.org/870321>
-   [39]: <https://wiki.debian.org/AptCacherNg>
+<h1 id="debian-long-term-support-lts">Debian Long Term Support (LTS)</h1>
 
-I somehow thought this was a great time to upgrade my laptop to stretch.
-Normally, I keep that device running stable because I don't use it often and I
-don't want to have major traumatizing upgrades every time I leave with it on a
-trip. But this time was special: there were literally _hundreds_ of Debian
-developers to help me out if there was trouble. And there was, of course,
-trouble as it turns out! I had problems with the fonts on my display, because,
-well, I had _suspended_ (twice) my laptop _during_ the install. The fix was
-simply to flush the fontconfig cache, and I tried to document this in the
-[fonts wiki page][40] and my [upgrades page][41].
+<p>This is my monthly <a href="https://www.freexian.com/services/debian-lts.html">Debian LTS</a> report. This month I worked on a few
+major packages that took a long time instead of multiple smaller
+issues. Affected packages were Mercurial, libdbd-mysql-perl and Ruby.</p>
 
-   [40]: <https://wiki.debian.org/Fonts>
-   [41]: <http://anarc.at/services/upgrades/stretch/>
+<h2 id="mercurial-updates">Mercurial updates</h2>
 
-I also gave a short training called [Debian packaging 101][42] which was
-pretty successful. Like the short presentation I made at the last [Montreal
-BSP][43], the workshop was based on my [quick debian development guide][44].
-I'm thinking of expanding this to a larger audience with a "102" course that
-would discuss more complex packaging problems. But my secret plan (well,
-secret until now I guess) is to make packaging procedures more uniform in
-Debian by training new Debian packagers using that same training for the next
-2 decades. But I will probably start by just trying to do this again at the
-next Debconf, if I can attend.
+<p>Mercurial was vulnerable to two CVEs: <a href="https://security-tracker.debian.org/CVE-2017-1000116">CVE-2017-1000116</a>
+(command injection on clients through malicious ssh URLs) and
+<a href="https://security-tracker.debian.org/CVE-2017-1000115">CVE-2017-1000115</a> (path traversal via symlink). The former
+is an issue that actually affects many other similar software like Git
+(<a href="https://security-tracker.debian.org/CVE-2017-1000117">CVE-2017-1000117</a>), Subversion (<a href="https://security-tracker.debian.org/CVE-2017-9800">CVE-2017-9800</a>)
+and even CVS (<a href="https://security-tracker.debian.org/CVE-2017-12836">CVE-2017-12836</a>). The latter symlink issue is
+a distinct issue that came up during an internal audit.</p>
 
-   [42]: <https://debconf17.debconf.org/talks/161/>
-   [43]: <http://anarc.at/blog/2017-04-09-montreal-bsp-report/>
-   [44]: <http://anarc.at/software/debian-development/>
+<p>The fix, shipped as <a href="https://lists.debian.org/debian-lts-announce/2017/08/msg00032.html">DLA-1072-1</a>, involved a rather difficult
+backport, especially because the Mercurial test suite takes a long
+time to complete. This reminded me of the virtues of
+<code>DEB_BUILD_OPTIONS=parallel=4</code>, which sped up the builds
+considerably. I also discovered that the Wheezy build chain doesn't
+support <a href="http://manpages.debian.org/sbuild">sbuild</a>'s <code>--source-only-changes</code> flag which I had
+hardcoded in my <a href="http://manpages.debian.org/sbuild%2Econf">sbuild.conf</a> file. This seems to be simply
+because sbuild passes <code>--build=source</code> to <a href="http://manpages.debian.org/dpkg%2Dbuildpackage">dpkg-buildpackage</a>, an option that is supported only in jessie or
+later.</p>
 
-## Debian uploads
+<h2 id="libdbd-mysql-perl">libdbd-mysql-perl</h2>
 
-I also sponsored two packages during Debconf: one was a "scratch an itch"
-upload ([elpa-ivy][45]) which I requested ([Debian bug #863216][46]) as part
-of a larger effort to ship the Emacs elisp packages as Debian packages. The
-other was an [upload][47] of [diceware][48] to build the documentation in a
-separate package and fix other issues I have found in the package during a
-review.
+<p>I have worked on fixing two issues with the <a href="http://packages.debian.org/libdbd%2Dmysql%2Dperl">libdbd-mysql-perl</a> package, <a href="https://security-tracker.debian.org/CVE-2017-10788">CVE-2017-10788</a> and <a href="https://security-tracker.debian.org/CVE-2017-10789">CVE-2017-10789</a>, which resulted in the <a href="https://lists.debian.org/20170831115827.eaciz7h6g7ecl5jh@curie.anarc.at">DLA-1079-1</a> upload.
+Behind this mysteriously named package sits a critical piece of
+infrastructure, namely the <code>mysql</code> commandline client which is
+probably used and abused by hundreds if not thousands of home-made
+scripts, but also all of Perl's MySQL support, which is probably used
+by even a larger base of software.</p>
 
-   [45]: <http://packages.debian.org/elpa%2Divy>
-   [46]: <http://bugs.debian.org/863216>
-   [47]: <https://tracker.debian.org/news/864378>
-   [48]: <http://packages.debian.org/diceware>
+<p>Through the Debian bug reports (<a href="http://bugs.debian.org/866818">Debian bug #866818</a> and <a href="http://bugs.debian.org/866821">Debian bug #866821</a>), I have learned that the patches existed in the upstream
+tracker but were either <a href="https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844">ignored</a> or even <a href="https://github.com/perl5-dbi/DBD-mysql/issues/110">reverted</a> in the
+latest 4.043 upstream release. It turns out that there are talks of
+<a href="https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8030.html">forking that library</a> because of maintainership issue. It blows my
+mind that such an important part of MySQL is basically unmaintained.</p>
 
-I also uploaded a bunch of other fixes to the Debian archive:
+<p>I ended up backporting the upstream patches, which was also somewhat
+difficult because of the long-standing issues with SSL support in
+MySQL. The backport there was particularly hard to test, as you need
+to run that test suite by hand, twice: once with a server configured
+with a (valid!) SSL certificate and one without (!). I'm wondering how
+much time it is really worth spending on trying to fix SSL in MySQL,
+however. It has been badly broken forever, and while the patch <em>is</em> an
+improvement, I would actually still never trust SSL transports in
+MySQL over an untrusted network. The few people that I know use such
+transports wrap their connections around a simpler <a href="http://packages.debian.org/stunnel">stunnel</a>
+instead.</p>
 
-  * [slop][49] upstream update and matching [maim][50] NMU
-  * asked for [gnome-web-photo][51] removal ([Debian bug #873015][52])
-  * [charybdis][53] 3.5.5-2 to officially switch to [mbedtls][54] ([Debian bug #705369][55])
-  * [gmpc][56]: ship pending patches from git and Ubuntu
-  * [horst][57]: new upstream release and workaround for sparse bug [Debian bug #873508][58]
-  * uploaded [percol][59] to NEW ([Debian bug #754972][60])
+<p>The other issue was easier to fix so I submitted a <a href="https://github.com/perl5-dbi/DBD-mysql/pull/142">pull request
+upstream</a> to make sure that work isn't lost, although it is not
+clear what the future of that patch (or project!) will be at this
+point.</p>
 
-   [49]: <http://packages.debian.org/slop>
-   [50]: <http://packages.debian.org/maim>
-   [51]: <http://packages.debian.org/gnome%2Dweb%2Dphoto>
-   [52]: <http://bugs.debian.org/873015>
-   [53]: <http://packages.debian.org/charybdis>
-   [54]: <http://packages.debian.org/mbedtls>
-   [55]: <http://bugs.debian.org/705369>
-   [56]: <http://packages.debian.org/gmpc>
-   [57]: <http://packages.debian.org/horst>
-   [58]: <http://bugs.debian.org/873508>
-   [59]: <https://github.com/mooz/percol>
-   [60]: <http://bugs.debian.org/754972>
+<h2 id="rubygems">Rubygems</h2>
 
-## Signing keys rotation
+<p>I also worked on the <a href="http://packages.debian.org/rubygems">rubygems</a> issues, which, thanks to the
+"vendoring" practice of the Ruby community, also affects the <a href="http://packages.debian.org/ruby1%2E9">ruby1.9</a> package. 4 distinct CVEs were triaged here (<a href="https://security-tracker.debian.org/CVE-2017-0899">CVE-2017-0899</a>, <a href="https://security-tracker.debian.org/CVE-2017-0900">CVE-2017-0900</a>, <a href="https://security-tracker.debian.org/CVE-2017-0901">CVE-2017-0901</a>
+and <a href="https://security-tracker.debian.org/CVE-2017-0902">CVE-2017-0902</a>) and I determined the latter issue
+didn't affect wheezy as rubygems doesn't do its own DNS resolution
+there (later versions lookup SRV records).</p>
 
-I also started the process of moving my main OpenPGP certification key by
-adding a signing subkey. The subkey is stored in a cryptographic token so I
-can sign things on more than one machine without storing that critical key on
-all those devices physically.
+<p>This is another package where the test suite takes a long time to
+run. Worse, the packages in Wheezy actually fails to build from
+source: the test suites just fail in various steps, particularly
+because of <code>dh key too small</code> errors for Rubygems, but also other
+errors for Ruby. I also had trouble backporting one test which I had
+to simply skip for Rubygems. I uploaded and <a href="https://lists.debian.org/87h8wkzyos.fsf@curie.anarc.at">announced</a> test
+packages and hopefully I'll be able to complete this work soon,
+although I would certainly appreciate any help on this...</p>
 
-Unfortunately, this meant that I need to do some shenanigans when I want to
-sign content in my Debian work, because the new subkey takes time to propagate
-to the Debian archive. For example, I have to specify the primary key with a
-"bang" when signing packages (`debsign -k '792152527B75921E!' ...`) or use
-inline signatures in email sent for security announcement (since that trick
-doesn't work in Mutt _or_ Notmuch). I tried to figure out how to better
-coordinate this next time by reading up documentation on
-[keyring.debian.org][61], but there is no fixed date for key changes on the
-rsync interface. There are "monthly changes" so one's best bet is to look for
-the last change in their git repository.
+<h2 id="triage">Triage</h2>
 
-   [61]: <https://keyring.debian.org/>
+<p>I took a look at the <a href="http://packages.debian.org/sox">sox</a>, <a href="http://packages.debian.org/libvorbis">libvorbis</a> and
+<a href="http://packages.debian.org/exiv2">exiv2</a> issues. None had fixes available. sox and exiv2 were
+basically a list of fuzzing issues, which are often minor or at least
+of unknown severity. Those would have required a significant amount of
+work and I figured I would prioritize other work first.</p>
 
-## GitLab.com and LFS migration
+<p>I also triaged <a href="https://security-tracker.debian.org/CVE-2017-7506">CVE-2017-7506</a>, which doesn't seem to affect
+the <a href="http://packages.debian.org/spice">spice</a> package in wheezy, after doing a fairly thorough
+audit of the code. The vulnerability is specifically bound to the
+<code>reds_on_main_agent_monitors_config</code> function, which is simply not
+present in our older version. A hostile message would fall through the
+code and not provoke memory allocation or out of bounds access, so I
+simply marked the wheezy version as <code>not-affected</code>, something which
+usually happens during the original triage but can also happen during
+the actual patching work, as in this case.</p>
 
-I finally turned off my [src.anarc.at][62] git repository service by moving
-the remaining repos to [GitLab][63]. Unfortunately, GitLab [removed support
-for git-annex][64] recently, so I had to migrate my repositories to Git-LFS,
-which was an interesting experience. LFS is pretty easy to use, definitely
-simpler than git-annex. It also seems to be a good match for the use-case at
-hand, which is to store large files (videos, namely) as part of slides for
-presentations.
+<h1 id="other-free-software-work">Other free software work</h1>
 
-   [62]: <http://src.anarc.at/>
-   [63]: <https://gitlab.com/>
-   [64]: <https://gitlab.com/gitlab-org/gitlab-ee/issues/1648>
+<p>This describes the volunteer work I do on various free software
+projects. This month, again, my internal reports show that I spent
+about the same time on volunteer and paid time, but this is probably a
+wrong estimate because I spent a lot of time at Debconf which I didn't
+clock in...</p>
 
-It turns out that their migration guide could have been made much simpler. I
-tried to submit those changes to the documentation but [couldn't fork the
-GitLab EE project][65] to make a patch, so I just documented the issue in [the
-original MR][66] for now. While I was there I filed a [feature request][67] to
-add a new reference shortcut (`GL-NNN`) after noticing a similar token [used
-on GitHub][68]. This would be a useful addition because I often have numbering
-conflicts between Debian BTS bug numbers and GitLab issues in packages I
-maintain there. In particular, I have problems using GitLab issue numbers in
-Monkeysign, because commit logs end up in Debian changelogs and will be
-detected by the Debian infrastructure even though those are GitLab bug
-numbers. Using such a shortcut would avoid detection and such a conflict.
+<h2 id="debconf">Debconf</h2>
 
-   [65]: <https://gitlab.com/gitlab-org/gitlab-ee/issues/3287>
-   [66]: <https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1230#note_38813881>
-   [67]: <https://gitlab.com/gitlab-org/gitlab-ce/issues/37242>
-   [68]: <https://github.com/jrblevin/markdown-mode/commit/b163f104d83fd3eeb909920284c981e8fba1b481>
+<p>So I participated in the <a href="http://debconf17.debconf.org/">17th Debian Conference</a> in Montreal. It
+was great to see (and make!) so many friends from all over the world
+in person again, and I was happy to work on specific issues together
+with other Debian developers. I am especially thankful to David
+Bremner for fixing the syncing of the <code>flagged</code> tag when added to new
+messages (<a href="https://notmuchmail.org/pipermail/notmuch/2017/025046.html">patch series</a>). This allows me to easily sync the one
+tag (<code>inbox</code>) that is not statically assigned during <code>notmuch new</code>, by
+using <code>flagged</code> as a synchronization tool. This allows me to use
+notmuch more easily across multiple machines without having to sync
+all tags with dump/restore or using muchsync which wasn't working for
+me (although a <a href="https://notmuchmail.org/pipermail/notmuch/2017/024500.html">new release came out</a> which may fix my issues). The
+magic incantation looks something like this:</p>
 
-## Numpy-stats
+<pre><code>notmuch tag -inbox tag:inbox and not tag:flagged
+notmuch tag +inbox not tag:inbox and tag:flagged
+</code></pre>
 
-I wrote a small tool to extract numeric statistics from a given file. I often
-do ad-hoc benchmarks where I store a bunch of numbers in a file and then try
-to make averages and so on. As an exercise in learning [NumPy][69], I figured
-I would write such a simple tool, called [numpy-stats][70], which probably
-sounds naive to seasoned Python scientists.
+<p>However, most of my time in the first week (Debcamp) was spent trying
+to complete the networking setup: configure switches, setup wiring and
+so on. I also configured an <a href="http://packages.debian.org/apt%2Dcacher%2Dng">apt-cacher-ng</a> proxy to serve
+packages to attendees during the conference. I configured it with
+Avahi to configure clients automatically, which led me to discover
+(and fix) issue <a href="http://bugs.debian.org/870321">Debian bug #870321</a>) although there are more issues
+with the autodiscovery mechanism... I spent extra time to document the
+(somewhat simple) configuration of such a server in the <a href="https://wiki.debian.org/AptCacherNg">Debian
+wiki</a> because it was not the first time I had research that
+procedure...</p>
 
-   [69]: <http://www.numpy.org/>
-   [70]: <https://gitlab.com/anarcat/scripts/blob/master/numpy-stats>
+<p>I somehow thought this was a great time to upgrade my laptop to
+stretch. Normally, I keep that device running stable because I don't
+use it often and I don't want to have major traumatizing upgrades
+every time I leave with it on a trip. But this time was special: there
+were literally <em>hundreds</em> of Debian developers to help me out if there
+was trouble. And there was, of course, trouble as it turns out! I had
+problems with the fonts on my display, because, well, I had
+<em>suspended</em> (twice) my laptop <em>during</em> the install. The fix was simply
+to flush the fontconfig cache, and I tried to document this in the
+<a href="https://wiki.debian.org/Fonts">fonts wiki page</a> and my <a href="http://anarc.at/services/upgrades/stretch/">upgrades page</a>.</p>
 
-My incentive was that I was trying to figure out what was the distribution of
-password length in a given [password generator scheme][71]. So I wrote this
-simple script:
+<p>I also gave a short training called <a href="https://debconf17.debconf.org/talks/161/">Debian packaging 101</a> which
+was pretty successful. Like the short presentation I made at the last
+<a href="http://anarc.at/blog/2017-04-09-montreal-bsp-report/">Montreal BSP</a>, the workshop was
+based on my <a href="http://anarc.at/software/debian-development/">quick debian development guide</a>. 
+I'm thinking of expanding this to a larger audience with a "102"
+course that would discuss more complex packaging problems. But my
+secret plan (well, secret until now I guess) is to make packaging
+procedures more uniform in Debian by training new Debian packagers
+using that same training for the next 2 decades. But I will probably
+start by just trying to do this again at the next Debconf, if I can
+attend.</p>
 
-    
-       [71]: <https://superuser.com/questions/237228/command-line-tool-to-generate-memorable-passwords/1246245#comment1828733_1052689>
+<h2 id="debian-uploads">Debian uploads</h2>
 
-    for i in seq 10000 ; do
-        shuf -n4 /usr/share/dict/words | tr -d '\n'
-    done > length
-    
+<p>I also sponsored two packages during Debconf: one was a "scratch an
+itch" upload (<a href="http://packages.debian.org/elpa%2Divy">elpa-ivy</a>) which I requested (<a href="http://bugs.debian.org/863216">Debian bug #863216</a>) as part of a larger effort to ship the Emacs elisp packages
+as Debian packages. The other was an <a href="https://tracker.debian.org/news/864378">upload</a> of <a href="http://packages.debian.org/diceware">diceware</a> to build the documentation in a separate package and fix
+other issues I have found in the package during a review.</p>
 
-And then feed that data in the tool:
+<p>I also uploaded a bunch of other fixes to the Debian archive:</p>
+
+<ul>
+<li><a href="http://packages.debian.org/slop">slop</a> upstream update and matching <a href="http://packages.debian.org/maim">maim</a> NMU</li>
+<li>asked for <a href="http://packages.debian.org/gnome%2Dweb%2Dphoto">gnome-web-photo</a> removal (<a href="http://bugs.debian.org/873015">Debian bug #873015</a>)</li>
+<li><a href="http://packages.debian.org/charybdis">charybdis</a> 3.5.5-2 to officially switch to <a href="http://packages.debian.org/mbedtls">mbedtls</a> (<a href="http://bugs.debian.org/705369">Debian bug #705369</a>)</li>
+<li><a href="http://packages.debian.org/gmpc">gmpc</a>: ship pending patches from git and Ubuntu</li>
+<li><a href="http://packages.debian.org/horst">horst</a>: new upstream release and workaround for sparse
+bug <a href="http://bugs.debian.org/873508">Debian bug #873508</a></li>
+<li>uploaded <a href="https://github.com/mooz/percol">percol</a> to NEW (<a href="http://bugs.debian.org/754972">Debian bug #754972</a>)</li>
+</ul>
 
-    
-    
-    $ numpy-stats lengths 
-    {
-      "max": 60, 
-      "mean": 33.883293722913464, 
-      "median": 34.0, 
-      "min": 14, 
-      "size": 143060, 
-      "std": 5.101490225062775
-    }
-    
+<h2 id="signing-keys-rotation">Signing keys rotation</h2>
 
-I am surprised that there isn't such a tool already: hopefully I am wrong and
-will just be pointed towards the better alternative in the comments here!
+<p>I also started the process of moving my main OpenPGP certification key
+by adding a signing subkey. The subkey is stored in a cryptographic
+token so I can sign things on more than one machine without storing
+that critical key on all those devices physically.</p>
 
-## Safe Eyes
+<p>Unfortunately, this meant that I need to do some shenanigans when I
+want to sign content in my Debian work, because the new subkey takes
+time to propagate to the Debian archive. For example, I have to
+specify the primary key with a "bang" when signing packages (<code>debsign
+-k '792152527B75921E!' ...</code>) or use inline signatures in email sent
+for security announcement (since that trick doesn't work in Mutt <em>or</em>
+Notmuch). I tried to figure out how to better coordinate this next
+time by reading up documentation on <a href="https://keyring.debian.org/">keyring.debian.org</a>, but there
+is no fixed date for key changes on the rsync interface. There are
+"monthly changes" so one's best bet is to look for the last change in
+their git repository.</p>
 
-I added [screensaver support][72] to the new [SafeEyes][73] project, which I
-am considering as a replacement to the [workrave][74] project I have been
-using for years. I really like how the interruptions basically block the whole
-screen: way more effective than only blocking the keyboard, because all
-potential distractions go away.
+<h2 id="gitlabcom-and-lfs-migration">GitLab.com and LFS migration</h2>
 
-   [72]: <https://github.com/slgobinath/SafeEyes/commit/6a8b29a87baa53aca2ccc3e280079d04c2b2bf39>
-   [73]: <https://github.com/slgobinath/SafeEyes/>
-   [74]: <http://packages.debian.org/workrave>
+<p>I finally turned off my <a href="http://src.anarc.at/">src.anarc.at</a> git repository service by
+moving the remaining repos to <a href="https://gitlab.com/">GitLab</a>. Unfortunately, GitLab
+<a href="https://gitlab.com/gitlab-org/gitlab-ee/issues/1648">removed support for git-annex</a> recently, so I had to migrate my
+repositories to Git-LFS, which was an interesting experience. LFS is
+pretty easy to use, definitely simpler than git-annex. It also seems
+to be a good match for the use-case at hand, which is to store large
+files (videos, namely) as part of slides for presentations.</p>
 
-One feature that is missing is [keystrokes and mouse movement counting][75]
-and of course an [official Debian package][76], although the latter would be
-easy to fix because upstream already has an unofficial build. I am thinking of
-writing my own little tool to count keystrokes, since the overlap between
-SafeEyes and such a counter isn't absolutely necessary. This is something that
-workrave does, but there are "idle time" extensions in Xorg that do not _need_
-to count keystrokes. There are already certain tools to count input events,
-but none seem to do what I want (most of them are basically keyloggers). It
-would be an interesting test to see if it's possible to write something that
-would work both for Xorg and Wayland at the same time. Unfortunately,
-preliminary research show that:
+<p>It turns out that their migration guide could have been made much
+simpler. I tried to submit those changes to the documentation but
+<a href="https://gitlab.com/gitlab-org/gitlab-ee/issues/3287">couldn't fork the GitLab EE project</a> to make a patch, so I just
+documented the issue in <a href="https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1230#note_38813881">the original MR</a> for now. While I was
+there I filed a <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/37242">feature request</a> to add a new reference shortcut
+(<code>GL-NNN</code>) after noticing a similar token <a href="https://github.com/jrblevin/markdown-mode/commit/b163f104d83fd3eeb909920284c981e8fba1b481">used on GitHub</a>. This
+would be a useful addition because I often have numbering conflicts
+between Debian BTS bug numbers and GitLab issues in packages I
+maintain there. In particular, I have problems using GitLab issue
+numbers in Monkeysign, because commit logs end up in Debian changelogs
+and will be detected by the Debian infrastructure even though those
+are GitLab bug numbers. Using such a shortcut would avoid detection
+and such a conflict.</p>
 
-   [75]: <https://github.com/slgobinath/SafeEyes/issues/184>
-   [76]: <https://github.com/slgobinath/SafeEyes/issues/183>
+<h2 id="numpy-stats">Numpy-stats</h2>
 
-  1. in Xorg, the only way to implement this is to sniff all events, ie. to implement a keylogger
+<p>I wrote a small tool to extract numeric statistics from a given
+file. I often do ad-hoc benchmarks where I store a bunch of numbers in
+a file and then try to make averages and so on. As an exercise in
+learning <a href="http://www.numpy.org/">NumPy</a>, I figured I would write such a simple tool,
+called <a href="https://gitlab.com/anarcat/scripts/blob/master/numpy-stats">numpy-stats</a>, which probably sounds naive to seasoned
+Python scientists.</p>
 
-  2. in Wayland, this is [completely unsupported][77]. it seems _some_ compositors _could_ implement such a counter, but then it means that this is compositor specific, or, in other words, unportable
+<p>My incentive was that I was trying to figure out what was the
+distribution of password length in a given <a href="https://superuser.com/questions/237228/command-line-tool-to-generate-memorable-passwords/1246245#comment1828733_1052689">password generator
+scheme</a>. So I wrote this simple script:</p>
 
-   [77]: <https://superuser.com/questions/1032270/wayland-alternative-for-xorgs-xdotool>
+<pre><code>for i in seq 10000 ; do
+    shuf -n4 /usr/share/dict/words | tr -d '\n'
+done &gt; length
+</code></pre>
 
-So there is little hope here, which brings to my mind "painmeter" as an
-appropriate name for this future programming nightmare.
+<p>And then feed that data in the tool:</p>
 
-## Ansible
+<pre><code>$ numpy-stats lengths 
+{
+  "max": 60, 
+  "mean": 33.883293722913464, 
+  "median": 34.0, 
+  "min": 14, 
+  "size": 143060, 
+  "std": 5.101490225062775
+}
+</code></pre>
 
-I sent my first contribution to the [ansible][78] project with a small
-[documentation fix][79]. I had an eye opener recently when I discovered a
-[GitLab ansible prototype][80] that would manipulate GitLab settings. When I
-first discovered Ansible, I was frustrated by the YAML/Jinja DSL: it felt
-silly to write all this code in YAML when you are a Python developer. It was
-great to see reasonably well-written Python code that would do things and
-delegate the metadata storage (and only that!) to YAML, as opposed to using
-YAML as a DSL.
+<p>I am surprised that there isn't such a tool already: hopefully I am
+wrong and will just be pointed towards the better alternative in the
+comments here!</p>
 
-   [78]: <http://packages.debian.org/ansible>
-   [79]: <https://github.com/ansible/ansible/pull/28766>
-   [80]: <https://gist.github.com/kpcyrd/1bde93b2bb9c77e0b6c14a2b3f75b026>
+<h2 id="safe-eyes">Safe Eyes</h2>
 
-So I figured I would look at the Ansible documentation on how this works, but
-unfortunately, the Ansible documentation is severly lacking in this area.
-There are broken links (I only fixed _one_ page) and missing pieces. For
-example, the [developing plugins page][81] doesn't explain how to program a
-plugin at all.
+<p>I added <a href="https://github.com/slgobinath/SafeEyes/commit/6a8b29a87baa53aca2ccc3e280079d04c2b2bf39">screensaver support</a> to the new <a href="https://github.com/slgobinath/SafeEyes/">SafeEyes</a> project,
+which I am considering as a replacement to the <a href="http://packages.debian.org/workrave">workrave</a>
+project I have been using for years. I really like how the
+interruptions basically block the whole screen: way more effective
+than only blocking the keyboard, because all potential distractions go
+away.</p>
 
-   [81]: <http://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html>
+<p>One feature that is missing is <a href="https://github.com/slgobinath/SafeEyes/issues/184">keystrokes and mouse movement
+counting</a> and of course an <a href="https://github.com/slgobinath/SafeEyes/issues/183">official Debian package</a>, although
+the latter would be easy to fix because upstream already has an
+unofficial build. I am thinking of writing my own little tool to count
+keystrokes, since the overlap between SafeEyes and such a counter
+isn't absolutely necessary. This is something that workrave does, but
+there are "idle time" extensions in Xorg that do not <em>need</em> to count
+keystrokes. There are already certain tools to count input events, but
+none seem to do what I want (most of them are basically
+keyloggers). It would be an interesting test to see if it's possible
+to write something that would work both for Xorg and Wayland at the
+same time. Unfortunately, preliminary research show that:</p>
 
-I was told on IRC that: " _documentation around developing plugins is sparse
-in general. the code is the best documentation that exists (right now)_ ". I
-didn't get a reply when asking _which_ code in particular could provide good
-examples either. In comparison, Puppet has excellent documentation on how to
-create [custom types][82], [functions][83] and [facts][84]. That is definitely
-a turn-off for a new contributor, but at least my pull request was merged in
-and I can only hope that seasoned Ansible contributors expand on this critical
-piece of documentation eventually.
+<ol>
+<li><p>in Xorg, the only way to implement this is to sniff all events,
+ie. to implement a keylogger</p></li>
+<li><p>in Wayland, this is <a href="https://superuser.com/questions/1032270/wayland-alternative-for-xorgs-xdotool">completely unsupported</a>. it seems <em>some</em>
+compositors <em>could</em> implement such a counter, but then it means
+that this is compositor specific, or, in other words, unportable</p></li>
+</ol>
 
-   [82]: <https://docs.puppet.com/puppet/5.1/custom_types.html>
-   [83]: <https://docs.puppet.com/puppet/5.1/functions_ruby_overview.html>
-   [84]: <https://docs.puppet.com/facter/3.8/fact_overview.html>
+<p>So there is little hope here, which brings to my mind "painmeter" as
+an appropriate name for this future programming nightmare.</p>
 
-## Misc
+<h2 id="ansible">Ansible</h2>
 
-As you can see, I'm all over the place, as usual. GitHub tells me I "Opened 13
-_other_ pull requests in 11 repositories" (emphasis mine), which I guess means
-on top of the "9 commits in 5 repositories" mentioned earlier. My
-[profile][85] probably tells a more detailed story that what would be useful
-to mention here. I should also mention how difficult it is to write those
-reports: I basically do a combination of looking into my GitHub and GitLab
-profiles, the last 30 days of emails \(!\) and filesystem changes (!!). En
-vrac, a list of changes which may be of interest:
+<p>I sent my first contribution to the <a href="http://packages.debian.org/ansible">ansible</a> project with a
+small <a href="https://github.com/ansible/ansible/pull/28766">documentation fix</a>. I had an eye opener recently when I
+discovered a <a href="https://gist.github.com/kpcyrd/1bde93b2bb9c77e0b6c14a2b3f75b026">GitLab ansible prototype</a> that would manipulate
+GitLab settings. When I first discovered Ansible, I was frustrated by
+the YAML/Jinja DSL: it felt silly to write all this code in YAML when
+you are a Python developer. It was great to see reasonably
+well-written Python code that would do things and delegate the
+metadata storage (and only that!) to YAML, as opposed to using YAML as
+a DSL.</p>
 
-   [85]: <https://github.com/anarcat>
+<p>So I figured I would look at the Ansible documentation on how this
+works, but unfortunately, the Ansible documentation is severly lacking
+in this area. There are broken links (I only fixed <em>one</em> page) and
+missing pieces. For example, the <a href="http://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html">developing plugins page</a> doesn't
+explain how to program a plugin at all.</p>
 
-  * [font-large][86] (and its alias, [font-small][87]): shortcut to send the right escape sequence to rxvt so it changes its font
-  * [fix-acer][88]: short script to hardcode the modeline (you remember those?!) for my screen which has a broken EDID pin (so autodetection fails, yay Xorg log files...)
-  * [ikiwiki-pandoc-quickie][89]: fake ikiwiki renderer that (ab)uses pandoc to generate a HTML file with the right stylesheet to preview Markdown as it _may_ look in this blog (the basic template is missing still)
-  * [git-annex-transfer][90]: a command I've often been missing in [git-annex][91], which is a way to transfer files between remotes without having to copy them locally ([upstream feature request][92])
-  * I linked the graphics of the Debian archive software architecture in the [Debian wiki][93] in the hope more people notice it.
-  * I did some tweaks on my [Taffybar][94] to introduce a battery meter and hoping to have temperature sensors, which mostly failed. there's a pending [pull request][95] that may bring some sense into this, hopefully.
-  * I made two [small][96] [patches][97] in [Monkeysign][98] to fix gpg.conf handling and multiple email output, a dumb bug I cannot believe anyone noticed or reported just yet. Thanks Valerie for the bug report! The upload of this in Debian is pending a review from the [release team][99].
+<p>I was told on IRC that: "<em>documentation around developing plugins is
+sparse in general. the code is the best documentation that exists
+(right now)</em>". I didn't get a reply when asking <em>which</em> code in
+particular could provide good examples either. In comparison, Puppet
+has excellent documentation on how to create <a href="https://docs.puppet.com/puppet/5.1/custom_types.html">custom types</a>,
+<a href="https://docs.puppet.com/puppet/5.1/functions_ruby_overview.html">functions</a> and <a href="https://docs.puppet.com/facter/3.8/fact_overview.html">facts</a>. That is definitely a turn-off for a new
+contributor, but at least my pull request was merged in and I can only
+hope that seasoned Ansible contributors expand on this critical piece
+of documentation eventually.</p>
 
-   [86]: <https://gitlab.com/anarcat/scripts/blob/master/font-large>
-   [87]: <https://gitlab.com/anarcat/scripts/blob/master/font-small>
-   [88]: <https://gitlab.com/anarcat/scripts/blob/master/fix-acer>
-   [89]: <https://gitlab.com/anarcat/scripts/blob/master/ikiwiki-pandoc-quickie>
-   [90]: <https://gitlab.com/anarcat/scripts/blob/master/git-annex-transfer>
-   [91]: <https://git-annex.branchable.com/>
-   [92]: <http://git-annex.branchable.com/todo/transitive_transfers/>
-   [93]: <https://wiki.debian.org/DebianDak>
-   [94]: <https://github.com/travitch/taffybar/>
-   [95]: <https://github.com/travitch/taffybar/pull/157>
-   [96]: <https://0xacab.org/monkeysphere/monkeysign/commit/2d5df2b499c1d2da7fd1d509fc7784e4d67093d9>
-   [97]: <https://0xacab.org/monkeysphere/monkeysign/commit/c296bf82e7de224281844e2b07d5b803ce501619>
-   [98]: <https://0xacab.org/monkeysphere/monkeysign/>
-   [99]: <https://bugs.debian.org/871937>
+<h2 id="misc">Misc</h2>
 
+<p>As you can see, I'm all over the place, as usual. GitHub tells me I
+"Opened 13 <em>other</em> pull requests in 11 repositories" (emphasis mine),
+which I guess means on top of the "9 commits in 5 repositories"
+mentioned earlier. My <a href="https://github.com/anarcat">profile</a> probably tells a more detailed
+story that what would be useful to mention here. I should also mention
+how difficult it is to write those reports: I basically do a
+combination of looking into my GitHub and GitLab profiles, the last 30
+days of emails <img alt="(!)" src="http://anarc.at/smileys/idea.png" /> and filesystem changes (!!). En vrac, a list of
+changes which may be of interest:</p>
 
+<ul>
+<li><a href="https://gitlab.com/anarcat/scripts/blob/master/font-large">font-large</a> (and its alias, <a href="https://gitlab.com/anarcat/scripts/blob/master/font-small">font-small</a>): shortcut to send
+the right escape sequence to rxvt so it changes its font</li>
+<li><a href="https://gitlab.com/anarcat/scripts/blob/master/fix-acer">fix-acer</a>: short script to hardcode the modeline (you remember
+those?!) for my screen which has a broken EDID pin (so
+autodetection fails, yay Xorg log files...)</li>
+<li><a href="https://gitlab.com/anarcat/scripts/blob/master/ikiwiki-pandoc-quickie">ikiwiki-pandoc-quickie</a>: fake ikiwiki renderer that (ab)uses
+pandoc to generate a HTML file with the right stylesheet to preview
+Markdown as it <em>may</em> look in this blog (the basic template is
+missing still)</li>
+<li><a href="https://gitlab.com/anarcat/scripts/blob/master/git-annex-transfer">git-annex-transfer</a>: a command I've often been missing in
+<a href="https://git-annex.branchable.com/">git-annex</a>, which is a way to transfer files between remotes
+without having to copy them locally (<a href="http://git-annex.branchable.com/todo/transitive_transfers/">upstream feature request</a>)</li>
+<li>I linked the graphics of the Debian archive software architecture
+in the <a href="https://wiki.debian.org/DebianDak">Debian wiki</a> in the hope more people notice it.</li>
+<li>I did some tweaks on my <a href="https://github.com/travitch/taffybar/">Taffybar</a> to introduce a battery meter
+and hoping to have temperature sensors, which mostly
+failed. there's a pending <a href="https://github.com/travitch/taffybar/pull/157">pull request</a> that may bring some
+sense into this, hopefully.</li>
+<li>I made two <a href="https://0xacab.org/monkeysphere/monkeysign/commit/2d5df2b499c1d2da7fd1d509fc7784e4d67093d9">small</a> <a href="https://0xacab.org/monkeysphere/monkeysign/commit/c296bf82e7de224281844e2b07d5b803ce501619">patches</a> in <a href="https://0xacab.org/monkeysphere/monkeysign/">Monkeysign</a> to fix
+gpg.conf handling and multiple email output, a dumb bug I cannot
+believe anyone noticed or reported just yet. Thanks Valerie for the
+bug report! The upload of this in Debian is pending a review from
+the <a href="https://bugs.debian.org/871937">release team</a>.</li>
+</ul>
 --===============testboundary==--
 
diff --git a/feed2exec/tests/files/restic.mbx b/feed2exec/tests/files/restic.mbx
index 4dcb8bf..c699663 100644
--- a/feed2exec/tests/files/restic.mbx
+++ b/feed2exec/tests/files/restic.mbx
@@ -6,7 +6,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.7.2
 Message-ID: tag-github-com-2008-repository-19205896-v0-7-2
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.7.2
@@ -23,7 +23,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.7.1
 Message-ID: tag-github-com-2008-repository-19205896-v0-7-1
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.7.1
@@ -40,7 +40,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.7.0
 Message-ID: tag-github-com-2008-repository-19205896-v0-7-0
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.7.0
@@ -57,7 +57,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.6.1
 Message-ID: tag-github-com-2008-repository-19205896-v0-6-1
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.6.1
@@ -74,7 +74,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.6.0
 Message-ID: tag-github-com-2008-repository-19205896-v0-6-0
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.6.0
@@ -91,7 +91,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic v0.6.0-rc.1
 Message-ID: tag-github-com-2008-repository-19205896-v0-6-0-rc-1
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.6.0-rc.1
@@ -108,7 +108,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.5.0
 Message-ID: tag-github-com-2008-repository-19205896-v0-5-0
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.5.0
@@ -125,7 +125,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.5.0-rc.1
 Message-ID: tag-github-com-2008-repository-19205896-v0-5-0-rc-1
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.5.0-rc.1
@@ -142,7 +142,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.4.0
 Message-ID: tag-github-com-2008-repository-19205896-v0-4-0
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.4.0
@@ -159,7 +159,7 @@ To: to@example.com
 From: fd0 <to@example.com>
 Subject: restic 0.3.3
 Message-ID: tag-github-com-2008-repository-19205896-v0-3-3
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file:///restic/restic/releases/tag/v0.3.3
diff --git a/feed2exec/tests/files/rsswithpermalink.mbx b/feed2exec/tests/files/rsswithpermalink.mbx
new file mode 100644
index 0000000..d4ea55a
--- /dev/null
+++ b/feed2exec/tests/files/rsswithpermalink.mbx
@@ -0,0 +1,64 @@
+From rsswithpermalink Tue Feb 26 17:29:25 2019
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Date: Tue, 26 Feb 2019 17:29:25 -0000
+To: to@example.com
+From: rsswithpermalink <to@example.com>
+Subject: The amACEing RACE
+Message-ID: 856-proto-utwente-nl
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: file://
+
+Sign-up required! There are roughly 22 of 24 places left. Moreinformation: https://www.proto.utwente.nl/events/J3v6eObPekm7k0Vj
+
+From rsswithpermalink Tue Feb 26 17:29:25 2019
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Date: Tue, 26 Feb 2019 17:29:25 -0000
+To: to@example.com
+From: rsswithpermalink <to@example.com>
+Subject: Active Member Activity
+Message-ID: 953-proto-utwente-nl
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: file://
+
+Sign-up required! There are roughly 45 of 60 places left. Moreinformation: https://www.proto.utwente.nl/events/7QYOZym0l3m8Gz9p
+
+From rsswithpermalink Tue Feb 26 17:29:25 2019
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Date: Tue, 26 Feb 2019 17:29:25 -0000
+To: to@example.com
+From: rsswithpermalink <to@example.com>
+Subject: E3 Viewing Party
+Message-ID: 987-proto-utwente-nl
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: file://
+
+Sign-up required, but no participant limit. More information:https://www.proto.utwente.nl/events/kxM75oR3krRQDepw
+
+From rsswithpermalink Tue Feb 26 17:29:25 2019
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Date: Tue, 26 Feb 2019 17:29:25 -0000
+To: to@example.com
+From: rsswithpermalink <to@example.com>
+Subject: [External] Kick 'EM master mentor interest drink
+Message-ID: 988-proto-utwente-nl
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
+Precedence: list
+Auto-Submitted: auto-generated
+Archived-At: file://
+
+No sign-up necessary. This activity is not organised by S.A.Proto More information:https://www.proto.utwente.nl/events/0zeyJ31GWp1Apj4k
+
diff --git a/feed2exec/tests/files/udd.mbx b/feed2exec/tests/files/udd.mbx
index a7648ab..e927379 100644
--- a/feed2exec/tests/files/udd.mbx
+++ b/feed2exec/tests/files/udd.mbx
@@ -6,7 +6,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: smokeping: RC bug needs fixing: #826056: smokeping: please Build-Depend on rename
 Message-ID: smokeping-rc-bug-needs-fixing-826056-smokeping-please-build-depend-on-rename
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://bugs.debian.org/826056
@@ -23,7 +23,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: kedpm: Open security issue: CVE-2017-8296 for jessie (medium** urgency)
 Message-ID: kedpm-open-security-issue-cve-2017-8296-for-jessie-medium-urgency
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://security-tracker.debian.org/tracker/CVE-2017-8296
@@ -40,7 +40,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: charybdis: Open security issue: CVE-2015-5290 for wheezy (not yet assigned urgency)
 Message-ID: charybdis-open-security-issue-cve-2015-5290-for-wheezy-not-yet-assigned-urgency
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: https://security-tracker.debian.org/tracker/CVE-2015-5290
@@ -57,7 +57,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: magic-wormhole: New version available: 0.10.2
 Message-ID: magic-wormhole-new-version-available-0-10-2
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file://
@@ -74,7 +74,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: horst: Testing auto-removal: on 2017-10-11 (bug: )
 Message-ID: horst-testing-auto-removal-on-2017-10-11-bug
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file://
@@ -91,7 +91,7 @@ To: to@example.com
 From: udd <to@example.com>
 Subject: smokeping: Testing auto-removal: on 2017-09-14 (bug: #826056)
 Message-ID: smokeping-testing-auto-removal-on-2017-09-14-bug-826056
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: file://
diff --git a/feed2exec/tests/files/weird-dates.mbx b/feed2exec/tests/files/weird-dates.mbx
index 18ff586..7a63642 100644
--- a/feed2exec/tests/files/weird-dates.mbx
+++ b/feed2exec/tests/files/weird-dates.mbx
@@ -1,45 +1,45 @@
-From weird-dates Sun Sep  3 09:03:54 2017
+From weird-dates Tue Feb 26 17:41:42 2019
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
-Date: Sun, 03 Sep 2017 09:03:54 -0000
+Date: Tue, 26 Feb 2019 17:41:42 -0000
 To: to@example.com
 From: weird-dates <to@example.com>
 Subject: missing date
 Message-ID: http-example-com-test-missing-date
-User-Agent: feed2exec (0.5.dev8+ng8893be0.d20170920)
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://example.com/test/
 
 This item has no date but there's one on the feed to fallback on
 
-From weird-dates Sun Sep  3 09:03:54 2017
+From weird-dates Tue Feb 19 14:08:19 2019
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
-Date: Sun, 03 Sep 2017 09:03:54 -0000
+Date: Tue, 19 Feb 2019 14:08:19 -0000
 To: to@example.com
 From: weird-dates <to@example.com>
 Subject: missing space
 Message-ID: http-example-com-test-missing-space
-
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://example.com/test/
 
 This item has a date that feedparser has trouble with, probably because of the missing space between the day of week and date
 
-From weird-dates Sun Sep  3 09:03:54 2017
+From weird-dates Sun Feb 15 00:00:00 2015
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
-Date: Sun, 03 Sep 2017 09:03:54 -0000
+Date: Sun, 15 Feb 2015 00:00:00 -0000
 To: to@example.com
 From: weird-dates <to@example.com>
 Subject: no timezone
 Message-ID: http-example-com-test-no-timezone
-
+User-Agent: feed2exec (0.13.1.dev9+g360c01d.d20190227)
 Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://example.com/test/
diff --git a/feed2exec/tests/test_plugins.py b/feed2exec/tests/test_plugins.py
index 8bac116..cdd25b0 100644
--- a/feed2exec/tests/test_plugins.py
+++ b/feed2exec/tests/test_plugins.py
@@ -78,12 +78,6 @@ Precedence: list
 Auto-Submitted: auto-generated
 Archived-At: http://www.example.com/blog/post/1
 
---===============testboundary==
-Content-Type: text/html; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 8bit
-
-This is the  body, which should show instead of the above
 --===============testboundary==
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
@@ -94,6 +88,12 @@ http://www.example.com/blog/post/1
 This is the body, which should show instead of the above
 
 
+--===============testboundary==
+Content-Type: text/html; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+
+This is the  body, which should show instead of the above
 --===============testboundary==--
 '''  # noqa
         assert (expected % feed2exec.__version__) == message.read()
-- 
GitLab