On Tue, Sep 17 2024 at 07:19:23 AM -04:00:00, Neal Gompa
wrote:
Amberol[2]
I've been using Amberol as my primary audio player for half a year, and
I don't think it's a good choice. I would focus on Decibels.
--
___
devel mailing list -- devel@lis
On Mon, Sep 2 2024 at 07:56:58 AM +02:00:00, Alexander Ploumistos
wrote:
Michael, if you still feel this should be reported upstream, there is
this bug in Debian Sid - our systems haven't filed an FTBFS bug yet:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078386
I'd say the return ty
We should probably revert that. If you have a GNOME GitLab account,
feel free to create an issue report. Otherwise, I can do so.
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproje
On Sun, Aug 11 2024 at 04:47:17 PM -00:00:00, Javier Jardón via devel
wrote:
I guess updating in f40 would require additional processes?
Yeah. Just don't. :)
The alternative would be to create buildstream2 as a compat package and
introduce it into F40 as a new package. I don't see much point
On Wed, Jul 31 2024 at 09:23:12 AM -07:00:00, Kevin Fenzi
wrote:
Some possible ones I'll toss out there:
avahi-daemon
cups
rsyslog
dovecot
cockpit
Maybe gnome-remote-desktop?
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscrib
On Sun, Jul 28 2024 at 11:37:15 AM +02:00:00, Arthur Bols via devel
wrote:
Aside that this does not contribute to the discussion at all, I
believe
it is reasonable to assume that the default firewall rules are strict
enough to not open all ports above 1024... That being said, it's an
example, a
On Wed, Jul 24 2024 at 09:41:16 AM -04:00:00, Stephen Smoogen
wrote:
1. There are some subset of people who use Fedora because they thought
it was a privacy focused distribution. Their concerns did not seem to
be taken into account or it needs to be made clearer that is not what
the project a
On Mon, Jul 8 2024 at 08:51:58 PM +00:00:00, Zbigniew
Jędrzejewski-Szmek wrote:
Does the table store counts or separate entries? I would guess that if
it just stores disaggregated values, then the values repeat often, and
it's natural to store the count in the table. And then the order
doesn'
On Mon, Jul 8 2024 at 02:28:09 PM -05:00:00, Michael Catanzaro
wrote:
Good question! I *think* timestamps are no longer a problem. It does
store precise timestamps alongside a hash of the full submission, but
it doesn't actually store the full submission itself anymore, and the
firs
On Mon, Jul 8 2024 at 01:51:07 PM -04:00:00, Przemek Klosowski via
devel wrote:
At the same time, I ask the proponents to confirm that there will be
no
way to re-aggregate the data by any means (timestamps, Fedora account
cookies, load factor on the server, etc).
Good question! I *think* time
On Mon, Jul 8 2024 at 11:31:20 AM -05:00:00, Michel Lind
wrote:
Do the metrics really need to be kept separate?
I think so. Fedora Workstation is a completely different product from
Fedora KDE Plasma Desktop. We surely don't want to consider other
Fedora variants when making decisions that a
On Mon, Jul 8 2024 at 09:03:50 AM -04:00:00, Neal Gompa
wrote:
My biggest issue with this is that it's only useful for Fedora
Workstation. As it is currently designed, nobody else can benefit from
it. I would have preferred a design that allows all Fedora variants to
be able to offer this so tha
On Sun, Jul 7 2024 at 10:49:36 PM +02:00:00, Marc Deop i Argemí
wrote:
Let's say "possibly" instead of "probably". Regardless, that is a
very weak
argument. The fact that some information might be leaked while
browsing the
web has absolutely no weight on whether I would like to see even
*more*
On Sun, Jul 7 2024 at 03:43:15 AM +00:00:00, Gary Buhrmaster
wrote:
Do you have a proposed wording for the
question that does not, itself, exhibit any
bias?
We don't have proposed wording yet. We should of course be reasonable
and not write something misleading, but I think the question shoul
Hi, please see:
https://fedoraproject.org/wiki/Changes/Metrics#Who_will_have_access_to_metrics_data
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
On Wed, Jul 3 2024 at 09:32:45 AM +02:00:00, Vitaly Zaitsev via devel
wrote:
The apps should dlopen() it and if this library is not installed they
will be able to disable all telemetry functionality.
dlopen is the best option for this.
It's possible, but that's annoying. There is really no
On Tue, Jul 2 2024 at 07:14:46 PM +02:00:00, Vitaly Zaitsev via devel
wrote:
Please use a weak dependency on eos-metrics to allow its removal too.
But it's a library that applications will link to, so this won't work.
See my answer on Discourse:
https://discussion.fedoraproject.org/t/f42-ch
Added links:
https://fedoraproject.org/wiki/Changes/Metrics#Metrics_system_components
One more thing: the eos-metrics-instrumentation project is going to
need a lot of work. The change proposal envisions only collecting
metrics that are approved by Fedora, and many of those metrics probably
won
On Tue, Jul 2 2024 at 11:04:25 AM -04:00:00, Stephen Smoogen
wrote:
I don't see where this open source code is mentioned in the proposal
or the FAQ or the other notes. The wording of the documents led me to
believe the code was going to be written in the future. Could that be
added so people
Well the entire metrics system is open source, so I'd encourage
interested developers to study how it works. The database is just not
structured to associate unrelated data points together. We are not
interested in doing that.
There are some things we need to fix before deployment, though. E
On Tue, Jul 2 2024 at 04:05:11 PM +02:00:00, Ralf Corsépius
wrote:
Is this the same cheat as with Fedora's "installation ids" and
Firefox's
"phone home" features?
This stuff is activated by default, which means at the point a user
deactivates them, he already is "collected".
This metrics sys
On Tue, Jul 2 2024 at 12:04:48 PM +02:00:00, Vitaly Zaitsev via devel
wrote:
Because Red Hat is based in the US. It can be used against users from
countries and regions that the US does not like (e.g. sanctions,
export
policies, etc.).
Please remember the data collected will be anonymous and
On Sun, May 26 2024 at 08:13:52 AM +00:00:00, Byoungchan Lee via devel
wrote:
From what I understand, even with noopenh264, Chromium and WebRTC's
codebase will still need modification to use Fedora's OpenH264 or
noopenh264 package.
What do you think?
I'm not familiar with Chromium or libwebrt
On Sun, May 26 2024 at 06:09:06 AM +00:00:00, Mattia Verga via devel
wrote:
I see you have created noopenh264 just for wrapping openh264, would
it worth to use ffms2 (which wraps more codecs) instead?
The two things we care about are gstreamer1-plugin-openh264 and
mozilla-openh264, neither of
On Sat, May 25 2024 at 12:55:05 PM +00:00:00, Byoungchan Lee via devel
wrote:
Is my understanding correct?
Yes!
That said, we're considering adding the Firefox plugin as well [1] so
we can finally make Firefox support OpenH264 without requiring user
intervention [2].
[1] https://gitlab
Hi,
The link to Sumantro's interview is wrong here:
https://fedoraproject.org/wiki/Council/Nominations#Candidate_Nominations
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.or
On Wed, May 15 2024 at 08:52:28 AM +00:00:00, Ian McInerney via devel
wrote:
What if I don't use GNOME search? I don't use the GNOME desktop, so I
don't want to have a random Firefox process running on my machine
that is doing absolutely nothing and just hogging resources. Is this
process only
On Mon, May 13 2024 at 08:50:04 PM +02:00:00, Fabio Valentini
wrote:
Just out of curiosity, would glycin be a better mechanism than
gdk-pixbuf for loading "untrusted" images / "unsafe" image formats?
Its loaders are sandboxed via SECCOMP and support for most image
formats is implemented in Rust
Hi,
gdk-pixbuf 2.42.11 has dropped support for several uncommon image
formats. This is causing several applications to crash in Fedora
rawhide [1][2]. (The change also got backported to F40 and F39, but
I've reverted it there.)
Benjamin Gilbert has proposed reenabling the removed loaders [3]
On Fri, Apr 19 2024 at 11:11:33 AM -07:00:00, Kevin Fenzi
wrote:
There are none. This proposal was withdrawn.
It may be adjusted and submitted for consideration again, but that has
not yet happened.
Well, yes, but I'm planning to do this soonish.
--
__
On Thu, Apr 18 2024 at 05:53:14 PM +00:00:00, Igor Kerstges
wrote:
How much data is to be expected to be sent over my dataplan on
monthly basis? When using Fedora Workstations as a graphics
workstation (including regular office applications) during office
hours and extensive internet research
On Tue, Apr 2 2024 at 06:18:31 PM -07:00:00, Adam Williamson
wrote:
I mean, we really don't need to speculate about this much. We did an
entire overhaul of the project - Fedora.next - which was explicitly
based around making it much more focused and less of a
choose-your-own-
adventure, spe
On Mon, Apr 1 2024 at 10:25:16 AM -07:00:00, Adam Williamson
wrote:
Oh, ISWYM. Well, I suppose yes, that does happen to be true. We could
communicate that if it's done very carefully and made really clear
that
it's about the *time frame*, nothing to do with the repositories.
It's been brough
On Mon, Apr 1 2024 at 10:12:55 AM -07:00:00, Adam Williamson
wrote:
This is not really correct, or at least at all relevant. The bug
wasn't
in F40 Beta simply because the update never made it to 'stable'. Only
'stable' packages go into *composes*. However, saying that is not
really useful becau
On Sun, Mar 31 2024 at 06:52:53 PM +00:00:00, Christopher Klooz
wrote:
"Fedora Linux 40 branched users (i.e. pre-Beta) likely received the
potentially vulnerable 5.6.0-2.fc40 build if the system updated
between March 2nd and March 6th. Fedora Linux 40 Beta users only
using stable repositories
On Sun, Mar 31 2024 at 09:56:04 AM -05:00:00, Michael Catanzaro
wrote:
I'm really frustrated with our communication regarding this issue.
Does anybody know who can fix this?
The Fedora Magazine article has been fixed (thanks!).
--
___
devel ma
On Sun, Mar 31 2024 at 07:15:42 AM -04:00:00, Neal Gompa
wrote:
Well, an easy solution is to make it so "dnf update" is coerced to
"dnf distro-sync" for development releases. Then it doesn't matter. We
could make that happen for Fedora 41 with the DNF 5 transition
(there's already code to make t
On Sun, Mar 31 2024 at 12:55:23 PM +00:00:00, Christopher Klooz
wrote:
In case someone from the Fedora Magazine is in the devel mailing list
and reads this:
I'm really frustrated with our communication regarding this issue. Does
anybody know who can fix this?
If we don't know who can fix Fe
On Sat, Mar 30 2024 at 02:55:21 PM +00:00:00, Zbigniew
Jędrzejewski-Szmek wrote:
CMake for many years fought against pkgconf and pushed people towards
copying those scripts into sources. It is still very common for
projects
using CMake to come with a whole directory of badly written detection
On Sat, Mar 30 2024 at 09:45:06 AM -05:00:00, Michael Catanzaro
wrote:
No, that is not correct, as explained by [1] and [2].
I pasted the wrong link for [2]. I meant to paste:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/GRMSYVY6AM7OZBGQCQWIKRAF7DEMOKJM
On Sat, Mar 30 2024 at 12:26:48 PM +00:00:00, Christopher Klooz
wrote:
If I got Rich right, the malicious code is likely to be broken on
F40,
No, that is not correct, as explained by [1] and [2]. We have already
asked Red Hat to investigate and fix the blog post. This is still an
evolving s
On Sat, Mar 30 2024 at 09:37:44 AM +00:00:00, Richard W.M. Jones
wrote:
In the xz case this wouldn't have been enough, it turns out we would
also have to delete m4/build-to-host.m4, which then autoreconf
regenerates. I don't fully understand why that is.
I agree that running autoreconf on our
On Fri, Mar 29 2024 at 04:10:53 PM -05:00:00, Michael Catanzaro
wrote:
OK, I am going to ask Product Security to edit their blog post to
remove the incorrect information. I will CC you on that request.
Or maybe I should rephrase this as a "request for clarification,"
because maybe
On Fri, Mar 29 2024 at 08:16:55 PM +00:00:00, Richard W.M. Jones
wrote:
These are the exact builds which were vulnerable. Note the tags are
all empty because Kevin untagged them last night, so you'll probably
need to cross-reference these with bodhi updates.
OK, I am going to ask Product Secu
On Fri, Mar 29 2024 at 07:44:12 PM +01:00:00, Mikel Olasagasti
wrote:
Do we know if GH release tarballs are safe?
The tarballs generated by GitHub that just include the contents of the
git repo should be safe (at least from this particular issue), but the
Fedora package is not built from tho
On Fri, Mar 29 2024 at 07:56:49 PM +00:00:00, Richard W.M. Jones
wrote:
secalert are already well aware and have approved the update. Kevin
Fenzi, myself and others were working on it late last night :-(
Sorry, I linked to the wrong article. I meant to link to [1] which says
that "At this ti
On Fri, Mar 29 2024 at 06:46:59 PM +00:00:00, Christopher Klooz
wrote:
Yes, F40 beta is affected, along with rawhide, but not F38/F39.
Unless I'm misunderstanding something, it looks xz-5.6.0-1.fc40 and
5.6.0-2.fc40 are backdoored, yes? Then rjones unknowingly broke the
backdoor in two diffe
On Fri, Mar 22 2024 at 02:44:33 PM +01:00:00, Kevin Kofler via devel
wrote:
Once concern I have with this is the use of LGPL 3.0 *only*. This
will not
be compatible with a GPL 4 or newer. (The upgrade clause in the
LGPLv2 that
allowed that was unfortunately dropped in the LGPLv3, now you have t
On Wed, Feb 21 2024 at 05:38:00 PM +01:00:00, Jun Aruga (he / him)
wrote:
ImportError: /lib64/libdnf.so.2: undefined symbol:
g_once_init_enter_pointer
https://bugzilla.redhat.com/show_bug.cgi?id=2265336
This means dnf was built against a newer version of glib than is
available at runtime. Li
On Wed, Feb 14 2024 at 09:38:39 PM +00:00:00, Sérgio Basto
wrote:
I found "cc1plus: out of memory allocating 603 bytes after a total
of 86921216 bytes"
Thanks. This was a big help.
--
___
devel mailing list -- devel@lists.fedoraproject.org
To u
I checked the build log for
https://koji.fedoraproject.org/koji/taskinfo?taskID=113473592 but
unfortunately I don't actually see any error message. I searched for
"error:" (indicating a compiler error) and I also searched for "Killed"
(indicating OOM).
No doubt something is wrong somewhere
Hi,
If you're interested in name resolution or mDNS, please review this bug
report:
Default authselect profiles break `hostname --fqdn`
https://bugzilla.redhat.com/show_bug.cgi?id=2257197
We are looking for feedback on whether to move nss-myhostname, and
possibly also nss-mdns4_minimal.
I
On Wed, Jan 31 2024 at 06:53:25 PM +01:00:00, Milan Crha
wrote:
Evo itself doesn't use any seccomp or such, these things can be used
by
the WebKitGTK. A quick grep revealed:
https://github.com/WebKit/WebKit/blob/main/Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp#L258
but that
On Wed, Jan 31 2024 at 04:42:08 PM +01:00:00, Clemens Lang
wrote:
Throwing some ideas out there, is it possible that evolution runs
with a seccomp filter or other BPF program configured to kill the
process on violation, and that’s what’s happening here?
I don't think so. flatpak does use secc
SIGKILL is almost always sent by systemd-oomd (or the kernel OOM
killer). That's the most likely explanation. Theoretically it could
also be sent by systemd if a service didn't quit quickly enough
following a SIGTERM. Maybe it could also be sent by mutter if a program
is unresponsive?
WebKitG
Thank you!
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fe
Unfortunately this is causing gating tests to fail for rawhide builds,
e.g.:
https://artifacts.dev.testing-farm.io/081ad2a3-76cd-4aa0-b95e-e870ff75a65c/
Hardened: /usr/bin/pkcon: FAIL: cf-protection test because
.note.gnu.property section did not contain the necessary flags
I'm not sure wh
On Wed, Dec 20 2023 at 04:33:22 PM +01:00:00, Vojtěch Polášek
wrote:
Is it possible to somehow insert a different string in the dconf file
depending on locale of the environment where the package is installed?
So first of all, dconf overrides are for system administrators, not
distro packager
On Mon, Dec 18 2023 at 01:17:43 PM -05:00:00, Steve Grubb
wrote:
So, what should I do to remove the patch? Do I push the new release
into
rawhide without the patch or does this need to go through the Fedora
Change
Process? And if so, self-contained or system wide?
Just remove it in rawhide.
On Tue, Nov 14 2023 at 08:16:39 AM -0500, Christopher
wrote:
I think for the sake of security, it'd be better if this were on by
default, and you just had to specify the --nogpgcheck
For convenience, the error message should probably say "Error: GPG
check FAILED (try again with '--nogpgcheck' to
On Sun, Nov 12 2023 at 01:48:25 PM +0100, Robert-André Mauchin
wrote:
So while I appreciate the caution, I think it's OK to just enable the
BMFF code by
default (perhaps have an option to disable it, if someone is still
for some reason worried,
but imo that would be an unfounded worry). Otherwi
On Tue, Oct 24 2023 at 08:06:12 AM -0400, Neal Gompa
wrote:
The two tools don't have incompatible ideas of valid metadata, we
intentionally don't do strict validation.
Well for one example incompatibility, you can review that issue:
https://github.com/ximion/appstream/issues/476
Michael
___
On Mon, Sep 25 2023 at 09:15:37 PM -0400, Neal Gompa
wrote:
There was no switching. Both appstream-util and appstreamcli are
considered conformant.
Ultimately, the only way we can stop relying on appstream-glib is if
appstream-builder[1] was reimplemented on top of libappstream-compose.
Long a
On Fri, Oct 13 2023 at 08:15:39 AM +0200, Miroslav Suchý
wrote:
Scancode-toolkit is not yet in Fedora, but you can instal it form
PyPI:
$ pip install scancode-toolkit
$ ~/.local/bin/scancode --license --html /tmp/spdx.html .
I attempted this, but unfortunately it depedns on intbit
On Tue, Oct 3 2023 at 03:32:36 PM -0400, Solomon Peachy via devel
wrote:
However, this has _always_ been the situation for RHEL. Only the
sources for the _latest_ point release (eg RHEL 7.4) were ever made
available to the general public; updates/fixes backported to prior
versions (eg RHEL 7.3)
On Tue, Oct 3 2023 at 02:23:34 PM -0400, Stephen Gallagher
wrote:
The *exact* set of source code that the package was built for is
included in the Source RPM and all of the individual changes that
comprised it are part of the c9s branch in CentOS Stream (or the
maintainer has been regressing cod
On Tue, Oct 3 2023 at 07:46:58 PM +0100, Sérgio Basto
wrote:
it is here :
https://git.centos.org/rpms/webkit2gtk3/c/2d1b790baa97d14849e56ed21d3f0145268283c2?branch=c9
Well OK yes, but that only worked because my example was from before we
stopped publishing sources to git.centos.org. You
On Tue, Oct 3 2023 at 01:19:20 PM -0400, Simo Sorce
wrote:
Additionally *all* of the code is fully available in git form on
gitlab
as part of CentOS Stream.
We all know or should know that this is false. It's easy enough to
disprove with a counterexample:
https://access.redhat.com/errata/R
On Wed, Sep 27 2023 at 12:52:17 PM -0400, Carlos O'Donell
wrote:
You have 5 years of excellent documentation by Florian and others to
catch up on! :-)
Random compliment: this documentation is indeed quite good.
Upstream freedesktop-sdk and GNOME build flags are based on Fedora's
because thes
On Sat, Sep 23 2023 at 10:26:48 PM +0200, Alexander Ploumistos
wrote:
Could someone involved
with AppStream please provide some information? Shouldn't our
documentation be changed to reflect these changes? Does the FPC need
to decide on this?
From upstream perspective: appstream-util is indeed
Um, sorry, actually yes it is a cache control issue. My browser's
shortcut to "reload bypassing cache" is actually Shift+F5, not Ctrl+F5.
Well, drat, that would have been good to know a long time ago. Now
after trying the correct shortcut I see the beta downloads toggle.
__
On Tue, Sep 19 2023 at 08:14:04 AM -0700, Kevin Fenzi
wrote:
Caching issue?
Nope, I've used Ctrl+F5 to "reload bypassing cache."
I actually now notice that a toggle (presumably the "show beta
releases" toggle) briefly appears when loading the page with Ctrl+F5,
but then it immediately disap
On Tue, Sep 19 2023 at 04:01:59 PM +0200, Tomas Hrcka
wrote:
Download the prerelease from our Get Fedora site:
* Get Fedora Linux 39 Beta Workstation:
https://getfedora.org/workstation/download/
* Get Fedora Linux 39 Beta Server:
https://getfedora.org/server/download/
* Get Fedora Linux 39 Bet
On Mon, Sep 11 2023 at 08:00:29 AM -0400, Solomon Peachy via devel
wrote:
Not to retread old drama, but doesn't Fedora now rely on a proprietary
version of Gitlab?
No? All of our packages are on https://src.fedoraproject.org/ and our
Fedora-specific source code goes on https://pagure.io/. The
On Thu, Sep 7 2023 at 12:55:03 PM +0200, Fabio Valentini
wrote:
Sure, but that means it will still be started on Fedora with default
configuration, unless I misunderstand something?
It will. D-Bus services are a little weird because they often ship
systemd services but they're still effective
On Tue, Aug 29 2023 at 08:26:42 AM -0700, Adam Williamson
wrote:
This is likely because it defaults to `--allowerasing` behaviour? This
is kinda a controversial topic. GNOME Software also does this, and I
don't *love* it as it can result in people being surprised by packages
having disappeared o
Hi,
Since Fedora 39 has been branched, it's now time to remove the
webkit2gtk4.0 (and javascriptcoregtk4.0) subpackages from rawhide to
implement the Fedora 40 change proposal:
https://fedoraproject.org/wiki/Changes/Remove_webkit2gtk-4.0_API_Version
A reminder that webkit2gtk4.0 provides Web
On Mon, Aug 14 2023 at 07:19:05 PM +0200, Jan Drögehoff
wrote:
I've looked into contributing to fix the issue, but from the outside,
it
appears that RedHat is no longer interested in spending resources on
it,
essentially leaving it unmaintained for the time being.
Unfortunately yes. There is
On Fri, Aug 11 2023 at 02:24:22 PM +, Christopher Klooz
wrote:
First of all, I don’t use my Fedora installations until their end
of life, so I don’t know if we have any means in place that shall
make users aware once their release reaches end of life?
Fedora Workstation will display a nag
On Mon, Jul 24 2023 at 10:08:50 AM -0400, Demi Marie Obenour
wrote:
I saw that libguestfs has a guestmount(1) tool, and I think this
could be
a potential solution. An exploit against the kernel FS driver would
only
grant access to a KVM guest, and the QEMU process can be tightly
sandboxed
by
On Sun, Jul 23 2023 at 11:18:45 PM -0400, Demi Marie Obenour
wrote:
Then the mount needs to be done in a sandbox, such as a KVM guest or
sandboxed userspace process.
Hmmm... I don't think traditional sandboxing accomplishes anything
here, because we're trying to protect against kernel bugs, n
I've been thinking about this for a while. The status quo is really
awful.
On Sat, Jul 22 2023 at 11:31:22 AM +, Zbigniew Jędrzejewski-Szmek
wrote:
A bigger problem I see, is that if a user plugins in a usb stick,
expecting to make use of it, and it's not automounted without any
explanati
On Sat, Jul 22 2023 at 02:44:30 AM +, "Smith, Stewart via devel"
wrote:
I’d almost prefer we work out a policy where anything of the sort
is disabled by default, and with a distro-wide standard bcond to not
even compile it in as an option. (No, I don’t quite know how that
could be worded s
On Wed, Jul 19 2023 at 06:50:24 PM -0400, Chris Murphy
wrote:
If restricted to desktops, then we can only do it with kernel
parameters. That probably means doing it in Anaconda kickstart, with
a per edition/spin option for doing so.
I'm not fond of this solution. In practice, this would likel
On Tue, Jul 11 2023 at 09:18:57 PM +0200, Leon Fauster via devel
wrote:
C8S ends 2024, while RHEL8 ends 2029
C9S ends 2027, while RHEL9 ends 2032
You're forgetting the Extended life cycle support phase. RHEL 8 and 9
will both have a 13-year lifecycle (down from 14 years). See this table:
ht
On Tue, Jul 11 2023 at 02:19:31 PM -0500, Jeremy Linton
wrote:
Having finally had a chance to look at the list of collected metrics
i'm
a bit worried about just how much information is being/can be gathered
by the project, as well as the frequency it is being gathered.
Personally, I think i
I think what happens is: somebody (anybody) can report a post, if it
gets enough reports it gets proactively hidden before a moderator can
review it. Do our moderators eventually review such posts to ensure
they're truly inappropriate? Seems clear that the post is question
should not have bee
On Fri, Jul 7 2023 at 09:21:15 PM -0400, Demi Marie Obenour
wrote:
For metrics to not be personally identifiable, it is necessary that
the
set of metrics collected have sufficiently low entropy that on
average,
_many_ users will send _the exact same metrics_. It is very hard for
me
to see an
On Sat, Jul 8 2023 at 12:08:09 AM +, Randy Barlow via devel
wrote:
I agree.
I think it is important to make it possible for a user to ask for the
data collected from their machine to be deleted in the event they
mistakenly submitted data, or changed their mind.
To be able to delete your d
On Fri, Jul 7 2023 at 12:25:12 PM -0500, Bruno Wolff III
wrote:
Is there going to be a recommended way to not accidentally install
this stuff? I'm guessing the least work (for Fedora) would be to
black list the key packages in the repo files. Making available a
package that conflicts with them
On Fri, Jul 7 2023 at 12:03:14 PM -0500, Bruno Wolff III
wrote:
Note that collecting the data by default increases the harm if
someone accidentally enables telemetry and then notices the issue
after data is reported.
Is there going to be some time limit on the data that is stored and
not upl
On Thu, Jul 6 2023 at 09:27:47 PM +0200, Florian Weimer
wrote:
What about packages which already collect metrics and report them
somewhere (not necessarily to Red Hat)? Would these packages need to
change under this proposal? If not, how do we explain this to our
users?
No, packages that are
On Thu, Jul 6 2023 at 09:40:59 PM -0400, Demi Marie Obenour
wrote:
It needs to be off by default. See KDE’s telemetry policy
Again, if it's off by default then the data will be garbage. There is
no point in doing opt-in telemetry. I would withdraw the proposal
entirely if we cannot do it op
On Fri, Jul 7 2023 at 01:39:24 AM +, Maxwell G
wrote:
I don't see an attachment.
Trying again.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
h
On Thu, Jul 6 2023 at 07:42:47 PM -0400, Demi Marie Obenour
wrote:
Then make the metrics be neither opt-in nor opt-out. Have
“Enable telemetry (y/n)?” be a mandatory question in the
installer,
which the user must answer.
The problem is if users are expected to answer, they are going to
pro
On Thu, Jul 6 2023 at 11:33:03 PM +0200, Michal Domonkos
wrote:
Given the detailed proposal, it's probably too late now for any
fundamental
changes, but there's a formal research area called Differential
Privacy [1]
that deals with the collection of user data in such a way that it
preserves
On Thu, Jul 6 2023 at 11:08:15 PM +0200, Björn Persson
wrote:
As a non-user of Gnome 3 who normally never runs any Gnome 3 settings
programs, I get the impression that Fedora 40 will begin accumulating
unused metrics somewhere in the filesystem. To prevent a constantly
growing waste of storag
On Thu, Jul 6 2023 at 08:19:07 PM +0200, Vitaly Zaitsev via devel
wrote:
All telemetry collection MUST be an opt-in feature (disabled by
default). I'm strongly against enabling it by default.
As explained in the proposal document, we know that opt-in metrics are
not very useful because few
On Thu, Jul 6 2023 at 08:41:03 PM +0200, Simon de Vlieger
wrote:
I don't understand where my reply is supposed to go so here it is on
the mailing list *and* on the forums? Are the change proposal owners
reading both?
In theory, we're supposed to be discussing this on Discourse to make
sure
On Mon, Jul 3 2023 at 12:32:02 PM -0400, Demi Marie Obenour
wrote:
Why is that? WebKitGTK+ is one of those packages that one should only
ship if one is willing to take every update from upstream, but my
understanding is that WebKitGTK+ tries quite hard to make this easy.
The set of packages t
1 - 100 of 1002 matches
Mail list logo
