0:02

Hello

0:02

and welcome to Linux Action News, episode 289,

0:05

recorded on April 19th, 2023. I'm

0:09

Chris. And I'm Wes. Hello, Wes.

0:12

Let's do the news.

0:14

This week, the Fedora Project announced

0:16

version 38 with a new-looking

0:19

website to go along with it.

0:21

Yeah, it looks pretty sharp. The teams did

0:23

a great job. It's just slightly

0:26

outshined by Fedora 38 itself, which

0:28

is introducing several new spins,

0:30

including a budgie spin, a sway spin,

0:33

a posh-based mobile-focused spin.

0:35

It's all spinny up in Fedora land on version 38.

0:39

Now, of course, GNOME 44

0:42

is the headline feature for Fedora Workstation,

0:45

which includes a new lock screen,

0:47

that new background apps section of the

0:49

quick menu,

0:50

and a range of improvements to the system's

0:53

settings app, much of which we covered

0:55

in a recent Linux Action News. Yeah,

0:58

don't call it a SysTray menu. It's background apps. I'm

1:00

pleased to see the unfiltered version of

1:02

Flathub shipping in Fedora 38. That was

1:05

surprisingly annoying sometimes on newest

1:07

systems. And one thing I noticed right

1:09

away in our testing was the improved shutdown times.

1:12

In fact, I think it might have been the exact scenario the developers

1:15

had envisioned. I was

1:16

running late, needed to run out the

1:18

door, and I wanted to shut my laptop

1:20

down and put it in my bag and

1:23

definitely noticed and appreciated the

1:25

quick shutdown. Speaking of

1:28

speed, DNF5

1:30

lands in Fedora 38. It's

1:32

not yet enabled by default, but

1:35

you can play around with it and test

1:37

it out before it becomes the default in

1:39

a future release of Fedora.

1:41

38 also ships with Linux 6.2,

1:44

Mesa 23, and for you

1:46

Plasma spin fans, Plasma 5.27

1:49

LTS. That's

1:51

one of the things you got to love about Fedora. It's always

1:54

pretty fresh. We also saw new images for

1:56

ARM64 systems. Really nice to

1:58

see. And...

1:59

Works going on behind the scenes to enable more

2:02

Asahi patches in Fedora. We'll

2:04

have more on that in the future. It's not necessarily

2:06

overall a barn burner release, as you might say,

2:09

but there's

2:09

quite a bit to like in Fedora 38 regardless

2:12

of the spin you end up using. We've

2:13

got it up and running right now.

2:15

We're testing out for a complete review in Linux

2:17

Unplugged 507 that's

2:19

coming up this Sunday, so don't miss

2:21

that.

2:25

The Rust Foundation surprised everyone

2:28

when they released a new trademark policy,

2:31

long in the works for public comment.

2:34

And comment they did. Some

2:38

of them upset, and somewhat understandably

2:40

too. This first draft is being called

2:42

an open source train wreck by some.

2:44

And it does seem like some of these new trademark

2:46

policies would not only be hard

2:49

to enforce, but perhaps even harmful

2:52

in some cases. For example, here's a quote.

2:55

Using the word Rust in the name of a

2:57

tool

2:58

for use in the Rust toolchain,

3:00

a software program written in the Rust language,

3:03

or a software program compatible with Rust

3:06

software will most likely

3:08

require a license.

3:11

In other words, you can't put

3:13

Rust in the name if you've created

3:15

a Rust-based app or library.

3:18

Events and conferences are another area

3:21

in their original language that could be tricky.

3:24

For example, quote,

3:26

we will consider requests to use the word Rust

3:28

within a conference on a case-by-case basis.

3:31

But

3:31

at a minimum, would expect events and conferences

3:34

using the word Rust to be non-profit

3:36

making, focused on discussion of

3:39

and education on Rust software,

3:42

prohibit the carrying of firearms,

3:44

comply with local health regulation, and

3:47

have a robust code of conduct.

3:59

to be walked back. In the first of two blog

4:02

posts, the team behind this new policy

4:04

attempted to share some background and

4:06

asked for patience. Yeah, here's a bit of

4:08

that background you mentioned, Chris. Quote,

4:12

"...since the draft was announced, we've noticed

4:14

a widespread impression that this policy

4:16

was created

4:17

solely by the Foundation and is being

4:19

imposed on the Rust project and

4:22

community." That is

4:24

not true. The policy

4:26

draft was created with the input and

4:28

consent of each of the co-authors

4:31

of this post with the intent to

4:33

clarify existing policies,

4:35

incorporate community feedback, and

4:37

preserve the Rust brand for years

4:40

to come.

4:42

Yeah, that post, it read to me like

4:44

an attempt to explain themselves. They

4:46

call out people for getting nasty in the comments and they

4:48

kind of leave it at that. They don't talk about a change

4:51

or

4:51

signaling that they got the policy a bit wrong

4:54

or even try to say that maybe they messed the communication

4:56

up. But that post was then followed

4:58

up by another blog post on a different Rust

5:01

blog.

5:02

And this newer post takes a more

5:04

apologetic tone, saying, quote, "...while

5:06

we have only just begun the process of

5:08

carefully reviewing your feedback, we understand

5:11

that the process of drafting the Rust trademark

5:13

policy

5:14

should have been more transparent and we apologize

5:16

for that." The

5:17

consultation phase of the policy

5:19

drafting process was intended to give the

5:21

Rust community members the opportunity to review

5:24

the first draft of the trademark policy

5:26

and express their questions, concerns, and

5:29

comments. This process has helped

5:31

us understand that the initial draft

5:33

clearly needs improvement. And

5:37

well, at this point, it sounds

5:39

like we'll just have to wait and see what

5:41

the, quote, unquote, stakeholders decide.

5:45

In this final blog post, though, they do wrap

5:47

it up,

5:48

seemingly trying to assure us a bit, saying,

5:50

quote,

5:51

"...we want to reiterate that we will not put

5:54

any policy into effect until we have

5:56

something that both the Rust Foundation

5:59

and

5:59

Rust project leadership are

6:01

satisfied with.

6:05

But wait no longer for more game compatibility,

6:08

no no. You'll see real results with

6:10

Proton 8. At least

6:12

according to Valve's Pierre-Lou Griffet,

6:15

who says 8.0 is their, quote, biggest

6:18

rebase to date.

6:20

And along with Vulkan 1.3's support,

6:23

it brings a long list of

6:25

now playable games. It's

6:27

a good-lookin' list, too. We

6:29

haven't linked in the notes, but when I went through it, I

6:31

was happy to see Dead Space, the 2023 remake

6:34

on there. I have heard that

6:35

is a great game. Like

6:37

my deck needs that game.

6:40

Once it goes on sale. Proton 8 is

6:43

based on Wine 8.0. It's

6:45

got a newer DXVK Git snapshot in there.

6:47

And also fixes several annoying

6:50

issues.

6:51

Yeah, the range of those fixes is

6:53

kind of interesting. There are very

6:56

game-specific fixes, of course, like

6:58

fixing the native scroll

7:00

bar always being visible

7:02

in Final Fantasy XIV's online

7:04

launcher.

7:05

But there's also stuff like system issues.

7:09

Say resolving a bug that prevented Alt-Tab

7:12

from working on GNOME 43. Which

7:14

yeah, that would be annoying.

7:16

Yeah, it's quite the list. It's very

7:18

specific game stuff all the way

7:21

to like, well, somebody made a change

7:23

in the graphics stack on Linux, and now we

7:25

are making a change to fix that. And that's fundamental

7:28

to making something work.

7:30

Both Wine and downstream Proton,

7:32

they're really impressive. When you look at what

7:34

they're doing with each release,

7:37

it is a massive job. So when they got a

7:39

big one like this, it's even more impressive. Because

7:41

they have to keep up with every significant game

7:44

patch or game launcher change. They

7:46

also have to keep up with each new release of

7:48

the games that people want to play. So you

7:50

can see all the graphics API changes, which happen from time

7:53

to time. Windows API changes,

7:55

Linux desktop changes, which is happening all

7:57

the time,

7:58

all while trying to bring new features. features in

8:00

as well. It is quite

8:03

impressive.

8:06

The Linux Fest Northwest is back

8:09

this year in person

8:11

October 20th to the 22nd at the

8:14

Bellingham Technical College. And

8:16

the Fest's call for papers is

8:19

open. They're looking for experienced

8:21

technical presenters as well as first timers

8:24

to present to a hybrid audience.

8:27

The Jupiter Broadcasting crew will

8:29

be there

8:30

and we hope to see you there in

8:32

the fall.

9:02

Just

9:27

totally taken care of. That's what I love

9:29

about Linode. They keep the business online. It can be

9:31

a personal site. It can be your business site. They

9:33

keep it online. It runs fast. So go build

9:36

something.

9:37

Go learn something.

9:38

See why we love it and try it for yourself. Linode is

9:40

what we use to build everything since we've gone independent.

9:43

I know you're going to like it. Linode.com

9:45

slash LAN.

9:47

Get the $100 in 60-day credit

9:49

and kick the tires for yourself. That's

9:50

Linode.com slash L-A-N.

9:56

And thanks to Collide. Collide.com

9:59

slash L-A-N. can. Collide

10:01

can help Okta users achieve 100% fleet

10:04

compliance.

10:05

If a device isn't compliant,

10:08

the user can't log into your cloud

10:10

applications until they've fixed the

10:12

problem. The moment Collide's

10:14

agent detects a problem, it alerts the

10:17

user and gives them instructions

10:19

to fix it.

10:20

If they don't fix the problem within a set time,

10:23

they're blocked. It's that

10:26

simple. And Collide's solution,

10:28

well, it ensures device compliance as

10:30

part of authentication, which

10:33

both reduces support tickets and IT frustration,

10:36

while also ensuring 100% compliance.

10:41

Learn more or book a demo

10:43

at collide.com slash LAN.

10:48

A group of open source bodies have

10:50

sent a letter to voice concerns over

10:52

the EU's pending Cyber Resilience

10:55

Act.

10:56

This group says it could have a chilling effect

10:58

on open source software development.

11:01

First unveiled in draft form

11:03

back in September, the Cyber Resilience

11:06

Act proposes a regulation on cybersecurity

11:09

requirements for internet-connected

11:11

hardware and software to make them

11:13

more secure against cyberattacks.

11:16

Really, the act wants to solve two big issues.

11:19

Internet-connected products often have

11:21

weak security,

11:22

and users may not know enough to

11:25

choose and use them safely.

11:27

Yeah, and I think those high-level goals are good

11:29

ones. It reminds me of sort of like the quality

11:32

of electrical equipment certification we have here

11:34

in the States. As a consumer, you

11:36

can check the proverbial side of the box and you'd

11:38

know how secure the product is.

11:40

It's a neat dream.

11:42

Or it could be a nightmare because there are penalties

11:44

for noncompliance, which include fines

11:46

up to 15 million euros or 2.5%

11:49

of the global profit of the application

11:51

or product. You can imagine when

11:54

you're trying to implement this, the devil lies

11:56

in the details, especially when it comes to how it impacts

11:58

free software.

12:00

and turning this dream into reality

12:02

means a lot of input.

12:05

13 different organizations, including

12:07

the Eclipse Foundation, the

12:09

Linux Foundation Europe, and the Open

12:12

Source Initiative

12:13

have written in,

12:15

noting that the Cyber

12:17

Resilience Act poses an unnecessary

12:19

economic and technological risk to

12:22

the EU.

12:23

They go on to say, quote,

12:26

our voices and expertise should

12:28

be heard and have an opportunity to

12:30

inform public authorities' decisions.

12:32

If the CRA is, in fact, implemented

12:35

as written,

12:36

it will have a chilling effect on open source

12:38

software development as a global endeavor,

12:41

with the net effect of undermining the EU's

12:43

own expressed goals for innovation,

12:46

digital sovereignty, and future

12:48

prosperity. Yeah,

12:50

it seems the aim of this letter from

12:52

these 13 different open source groups isn't

12:55

necessarily to stop the CRA,

12:57

but to just try to get a bigger say in the evolution

13:00

of the CRA as it kind of works its way

13:02

through European Parliament.

13:05

The draft legislation does go some

13:07

way towards addressing some of the group's concerns,

13:10

quote,

13:12

in order not to hamper innovation or research, free

13:15

and open source software developed or

13:17

supplied outside the course of

13:20

a commercial activity should not

13:22

be covered by this regulation, end

13:24

quote.

13:26

But there's a catch.

13:28

Trying to define what is meant by non-commercial

13:31

is not necessarily a straightforward

13:34

endeavor.

13:35

No, in fact, a lesson we just learned

13:38

just a couple of weeks ago with the conversation

13:40

around Docker Hub plan changes. GitHub

13:43

policy director Mike Lynxvair

13:45

noted in a blog post last month that developers,

13:47

quote, create and maintain open

13:49

source in a variety of paid and unpaid contexts,

13:52

which may include corporate, government, non-profit,

13:55

academic, and let's be frank,

13:57

a lot more.

13:59

And while the regulations and rules created

14:02

by the CRA are local

14:04

to the EU, there's so

14:06

much free and open source software

14:08

created in that area, I

14:10

have no doubt it would have worldwide

14:12

ramifications if passed.

14:16

This just seems like one of those huge jobs. When

14:18

you think about the independent library developer

14:21

that's just posting something on GitHub that gets slurped

14:23

into some larger project, just

14:25

the more I think about it, the trickier

14:28

this seems to pull off in the,

14:30

I mean, in at least any kind of real usable

14:33

sense. It also feels sort of strange

14:35

just watching this go down from afar,

14:37

knowing that this could impact the course of free software

14:40

and there's really nothing we can do over

14:43

here. Of course, we'll keep an eye on it and everything else

14:45

going on in the world of Linux and open

14:47

source. So don't miss a single episode.

14:49

Go to LinuxActionNews.com slash subscribe

14:52

for all the ways to get every single

14:54

episode. And LinuxActionNews.com

14:57

slash contact for ways to get

14:59

in touch.

15:00

And if you're in the Pacific Northwest area,

15:03

join us in downtown Olympia,

15:05

Saturday, April 29th at 1pm. We'll

15:08

have a meetup.

15:09

Details at meetup.com slash Jupiter

15:11

Broadcasting. It's gonna be a good

15:14

time.

15:14

And as for us here on Linux Action

15:16

News, well, don't worry, we'll be back

15:19

next week with our take on the latest Linux

15:22

and open source news. Thanks

15:24

for joining us. That's all the news for

15:26

this week.