Interested in the work of the openMDM Working Group? Meet us at the ASAM INternational Conference 2019 in Dresden on December 10-11. Play with a live demo of our current work and discuss with the experts.

DattaSpell 2022.1 introduces the ability to use JupyterHub 2.0 and to copy files to and from a remote Jupyter server. This version also keeps your notebook structure clear with easy cell output copy-pasting and offers Jupyter runtime completion to refer to dynamic class attributes throughout your notebook.Download it now or upgrade from within your IDE.

New in DataSpell

• Support for JupyterHub 2.0
  Get multi-user access to remote Jupyter servers and work with Jupyter notebooks right from the DataSpell workspace with newly added support for JupyterHub 2.0.
• Ability to copy files to and from remote Jupyter servers
  Keep your projects in sync, exchange your data and notebooks with ease in DataSpell 2022.1. You can copy local files to a remote Jupyter instance and vice versa, as well as between two remote Jupyter instances.
• Cell output copy-pasting
  Keep your notebook structure clear and make changes to it in one click: In this version, you’ll get both cell sources and cell outputs when copy-pasting cells.
• Jupyter runtime completion
  Easily refer to dynamic class attributes throughout a notebook with Jupyter runtime completion.

Find more details about new features and improvements on our What’s New page.

Build your tank platoon and crush your foes! Upgrade your tanks with the latest tech, manage squads …

Unless otherwise noted, changes described below apply to the newest Chrome beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Learn more about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 104 is beta as of June 23, 2022. You can download the latest on Google.com for desktop or on Google Play Store on Android.

Region Capture

Chrome on Desktop can now crop self-captured video tracks. Web apps are already able to capture video in a tab using getDisplayMedia(). Region capture allows web apps to crop a track and remove content from it, typically before sharing it remotely.

For example, consider a productivity web app with built-in video conferencing. During a video conference, a web app could use cropping to exclude the video conferencing portion of the screen (outlined in red below) avoiding a hall-of-mirrors effect. For more information, see Better tab sharing with Region Capture.

Media Queries Level 4 Syntax and Evaluation

Media Queries enable responsive design, and the range features that enable testing the minimum and maximum size of the viewport are used by around 80% of sites that use media queries.

The Media Queries Level 4 specification includes a new syntax for these range queries. They can now be written using ordinary mathematical comparison operators. Also supported are the logical operators or and not, and nesting and evaluation of “unknown” features. For example, a media query previously written like this:

@media (min-width: 400px) { … }

Can now be written like this:

@media (width >= 400px) { … }

For more information, see New syntax for range media queries in Chrome 104.

Origin Trials

This version of Chromium supports the origin trials described below. Origin trials allow you to try new features and give feedback on usability, practicality, and effectiveness to the web standards community. To register for any of the origin trials currently supported in Chromium, including the ones described below, visit the Chrome Origin Trials dashboard. To learn more about origin trials in Chrome, visit the Origin Trials Guide for Web Developers. Microsoft Edge runs its own origin trials separate from Chrome. To learn more, see the Microsoft Edge Origin Trials Developer Console.

New Origin Trials

Focusgroup

The focusgroup CSS property improves keyboard focus navigation using the keyboard arrow keys among a set of focusable elements. Adding this feature to browsers allows web developers to control focus navigation without custom solutions that can lead to a lack of consistency, accessibility, and interoperability. Sign up here for the Microsoft Edge origin trial. It’s scheduled to last through 107.

Opt Out of Credit Card Storage

Secure Payment Confirmation now supports a means for users to opt out of storing their credit card data to make later purchases easier. To use the new feature, set showOptOut to true on methodData.data, which is passed as the first parameter of the PaymentRequest() constructor. For example:

const methodata = [{ 
  …
  data: {
    …
    showOptOut: true
    …
  }
}];
const request = new PaymentRequest(methodData, details);

To see an example in context check out the demo. You can sign up here for the origin trial. It’s scheduled to last through Chrome 106.

Shared Element Transitions

Shared Element Transitions enables the creation of polished transitions in single-page applications (SPAs). Minimal development effort is required by devs to make transitions look nice; they can choose to use default animation properties, or they can customize their own transition effects to achieve the desired transition experience.Transitions are set declaratively using CSS properties. For more information, see Shared Element Transitions. Visit the dashboard to sign up for the origin trial.

Completed Origin Trials

The following features, previously in a Chrome origin trial, are now enabled by default.

Speculation Rules

Speculation rules provide a mechanism for web content to permit prefetching or prerendering of certain URLs. For example:

<script type="speculationrules">
  {
    "prefetch": [
      {"source": "list", "urls": ["/weather/kitchener", "/weather/seattle", "/weather/tokyo"]}
    ]
  }
</script>

Subresource Loading with Web Bundles

Subresource loading with web bundles is a way to load many resources efficiently. To use the feature a web page declares that certain resources are provided by a web bundle at a particular URL. For example:

<script type="webbundle">
{
   "source": "https://example.com/dir/subresources.wbn",
   "resources": ["https://example.com/dir/a.js", "https://example.com/dir/b.js", "https://example.com/dir/c.png"]
}
</script>

For information on creating web bundles, see Get started with Web Bundles. For more information on subresource loading using web bundles, see Origin Trial for Subresource Loading with Web Bundles.

Window Controls Overlay for Installed Desktop Web Apps

On desktop, a web app’s client area can now be extended to cover the entire window, including the title bar area, and the window control buttons (close, maximize/restore, minimize) are overlaid on top of the client area. The web app developer is responsible for drawing and input-handling for the entire window except for the window controls overlay. Developers can use this feature to make their installed desktop web apps look more like platform apps.

Other Features in this Release

Cookie Expires/Max-Age Attribute Upper Limit

When cookies are set with an explicit Expires/Max-Age attribute the value will now be capped to no more than 400 days. Previously, there was no limit and cookies could expire as much as multiple millennia in the future. This follows a change in the spec.

400 days was chosen as a round number close to 13 months. This duration ensures that sites visited roughly once a year (for example, sites for choosing health insurance benefits) will continue to work.

CSS object-view-box

The object-view-box property allows authors to specify a portion of an image that should draw within the content box of a target replaced element. This enables creation of images with a custom glow or shadow applied, with proper ink-overflow behavior such as a CSS shadow would have. For more information, see First Look At The CSS object-view-box Property.

Fullscreen Capability Delegation

Fullscreen Capability Delegation allows a Window to transfer the ability to call requestFullscreen() to another Window it trusts after relinquishing the transient user activation at the sender Window. This feature is based on the general delegation mechanism that shipped in Chrome 100.

Multi-Screen Window Placement: Fullscreen Companion Window

Fullscreen Companion Window allows sites to place fullscreen content and a popup window on separate screens from a single user activation. There is a demo available with source code on GitHub.

Permissions Policy for Web Bluetooth API

Web Bluetooth is now controllable with a Permissions Policy. The token is named "bluetooth" and has a default allowlist of 'self'.

visual-box on overflow-clip-margin

The overflow-clip-margin property specifies how far an element’s content is allowed to paint before being clipped. This feature allows using visual-box values to configure the reference box that defines the overflow clip edge the content is clipped to.

Web Custom Formats for Async Clipboard API

Web Custom Formats lets websites read and write arbitrary unsanitized payloads using a standardized web custom format, as well as read and write a limited subset of OS-specific formats (for supporting legacy apps).

The name of the clipboard format is mangled by the browser in a standardized way to indicate that the content is from the web. This allows platform applications to opt-in to accepting the unsanitized content.

Some web app developers want to exchange data payloads between web and platform applications via operating system clipboards. The Clipboard API supports the most popular standardized data types (text, image, rich text) across all platforms. However, this API does not scale to the long tail of specialized formats. In particular, custom formats, non-web-standard formats like TIFF (a large image format), and proprietary formats like docx (a document format), are not supported by the current Web Platform.

WebGL Canvas Color Management

As per the spec, Chromium’s implementation of WebGL now allows specifying:

• The color space of a drawing buffer.
• The color space that content should be converted to when importing as a texture.

Before this version of Chrome, both of these defaulted to sRGB. Now they can also use “display-p3”.

Deprecations, and Removals

This version of Chrome introduces the deprecations and removals listed below. Visit ChromeStatus.com for lists of current deprecations and previous removals.

Block Third-Party Contexts Navigating to Filesystem URLs

iframes can no longer navigate to filesystem URLs. Top frame support for navigating to filesystem URLs was dropped in Chrome 68.

Remove Non-Standard Client Hint Mode

Four client hints (dpr, width, viewport-width, and device-memory) have a default allowlist of self but behave as though they have a default allowlist of * on Android, contrary to the spec. This is now fixed, increasing privacy on Android by requiring explicit delegation of these hints.

Remove U2F API (Cryptotoken)

Chrome’s legacy U2F API for interacting with security keys is no longer supported. U2F security keys themselves are not deprecated and will continue to work.

Affected sites should migrate to the Web Authentication API. Credentials that were originally registered via the U2F API can be challenged via web authentication. USB security keys that are supported by the U2F API are also supported by the Web Authentication API.

U2F is Chrome’s original security key API. It allows sites to register public key credentials on USB security keys and challenge them for building phishing-resistant two-factor authentication systems. U2F never became an open web standard and was subsumed by the Web Authentication API (launched in Chrome 67). Chrome never directly supported the FIDO U2F JavaScript API, but rather shipped a component extension called cryptotoken, which exposes an equivalent chrome.runtime.sendMessage() method. U2F and Cryptotoken are firmly in maintenance mode and have encouraged sites to migrate to the Web Authentication API for the last two years.

Behind the scenes of F-Droid is a giant pile of automation to manage the
process of building thousands of apps from source. This means checking out
thousands of source repos, checking them all for updates, building and new
releases, and securely signing them en masse. All builds are run in a fresh
virtual machine guest instance known as the
buildserver.
All Gradle binaries and Android SDK packages are verified against our
public
logs of observed
SHA-256 checksums. The transparency log processes also verify against
upstream’s public checksums.

Our setup runs on Debian almost exclusively. Debian is a leader in free
software, rock solid servers, and reproducible builds. That makes it a
natural home for F-Droid. We also work to ensure we maintain the packages
we use, and build our processes on top of Debian packages. That means we
share the maintenance with anything that uses Debian. It may seem like more
work to give back, but our experience is that it pays off in the long run.
The F-Droid community is able to maintain many things with a small team.
Another example of this is this website itself: it is built using Jekyll
packages that are all in Debian.

If you have an app on f-droid.org, you might have noticed that all builds
happen on a 5 year old Debian release: stretch. We are in the midst of a
big effort to upgrade to
the latest bullseye release right now. This is not just a simple apt-get
upgrade, we are also taking this opportunity to overhaul the build process
so that app builds work with a relatively plain Debian install as the base
OS. We have to provide a platform to build thousands of apps, so we cannot
just upgrade the base image as often as we like. Some apps need the latest,
greatest. Other apps need the ancient, stable base OS. This change means
that the metadata
contains as much of the build logic as possible, so that the app maintainer
has control over all the steps. To achieve this, as much as possible is
being stripped out of the from the buildserver base image.

We have considered offering a selection of base images. This is a possible
solution, but it is not easy as just using any available Docker image. Only
base images that are guaranteed to be free software are appropriate. Just
pointing to any Docker image would open up the possibility of proprietary
build dependencies, since it is not possible to automatically check whether
any Docker image is 100% free software. Using a selection of pre-approved
base boxes could solve that. Keep in mind, this is more complex than with
GNU/Linux distros since Android apps are cross-compiled. GNU/Linux distros
build their packages on their own OS. During builds, Debian does not even
allow network access since all dependencies need to come from Debian
packages. That level of verification is a goal of F-Droid, and
Maven’s
work towards a reproducible Maven
Central ecosystem helps a lot.

Since CalyxOS builds in F-Droid by default, Calyx
Institute also want to ensure that F-Droid is
running smoothly, and that app developers are happy. I would like to thank
Calyx Institute for sponsoring 42 hours a month of my time to work on making
our build infrastructure run smoothly. Additionally, I will be working on
improving the automation of the signing process. Our signing process is
currently 100% offline. While this is nice for security, it does slow down
the release process. With modern hardware security modules and server
setups, it is possible to have good security without being 100% offline.
Having signing automation then opens up possibilities for parallelizing the
whole process, including running multiple app builds, and also, running the
main steps of building, index generating, and signing all in parallel. This
work will be incrementally deployed as each bit is finished. So be patient,
and you will notice releases happening faster and faster!

February 9 is expected to be an exciting one for Samsung. As it unfolds the Unpacked event with enthusiasm, there will be some devices we would be looking forward to. Of course, the Galaxy S22 flagship series is on everyone’s radar, if you’re someone waiting for a decent, feature-packed Android tablet, you should look out […]

The post Galaxy Tab S8 series new leak reveals almost everything first appeared on Android Community.

Version:	5.19-rc5 (mainline)
Released:	2022-07-03
Source:	linux-5.19-rc5.tar.gz
Patch:	full (incremental)

I’m currently scheduled to be a guest on
FLOSS Weekly on
Wednesday, 2020-12-16, at 12:30pm Eastern Time (9:30am Pacific, 17:30 UTC).
The general topic will be about Linux Foundation work on
improving Open Source Software security.

Please join the live audience or listen later.
I expect it will be interesting.
I expect that we’ll discuss the
Open Source Security Foundation (OpenSSF),
the
Report on the 2020 FOSS Contributor Survey,
the free edX trio of courses on
Secure Software Development Fundamentals,
and the
CII Best Practices Badge program.