riscos.info
24 posts, 8 voices
Michael Grunditz (8594)
259 posts
|
Hi Whats up with riscos.info? |
Stuart Swales (8827)
1357 posts
|
We need to migrate RISC OS core packages off there. |
Steve Pampling (1551)
8170 posts
|
Is there some barrier to the packages being hosted on ROOL server estate? |
Paolo Fabio Zaino (28)
1882 posts
|
Can we please start using GitHub for this? Another user-managed website may die any moment. I know Theo/Steve F. started to work on something here (I think): https://github.com/riscos-dot-info
No, but also ROOL site had some glitches recently, and GitHub can host a full PackMan repsitory site without problems and without the need for much maintenance. The work that needs to be done is more on the package building side I think, and IIRC riscos.info uses Linux (Ubuntu?) to run all the builds and packaging, so hosting on ROOL is only the “front-end” side (if you allow me to use the term), but not the automated build process which uses GCCSDK IIRC. HTH |
|
Stuart Swales (8827)
1357 posts
|
Perhaps, for all suitably-licenced stuff? I see they finally got round to making it easier to present multiple licences from a single repo: https://github.blog/changelog/2022-05-26-easily-discover-and-navigate-to-multiple-licenses-in-repositories/ |
|
Paolo Fabio Zaino (28)
1882 posts
|
I don’t think there’s anything on riscos.info that would present a licensing issue with GitHub.com. But sure, whatever is “compatible” (whatever that means) with GitHub, especially at this point in RO history.
As far as I remember, it’s been that way for a while now, maybe since 2022? I have a dual-licensed AI foundation library, and it’s perfectly fine on GitHub.com. It’s not public because AI companies are currently facing legal and economic troubles, and as a result, they can behave quite “aggressively” and try to avoid paying for commercial licenses. So, I had to put up an “on-demand” barrier, but GitHub wasn’t a problem for this. The library/framework is released under both AGPL (for academic and personal use), and a Commercial License for any commercial use, and I had no difficulties using GitHub for this. So, what could possibly be the “license issue” here? Genuine question. |
Rick Murray (539)
13839 posts
|
It’s a really minor thing but GitHub doesn’t directly support CDDL. If you go to https://github.com/1HappyPlace/ansi-terminal (in desktop mode) you’ll see over on the right it says “MIT license”. Now if you go to https://github.com/kohsuke/libzfs4j you’ll see it simply says “View license”. Yes, you can have a link to pretty much any licence you like, but I can’t help but wonder why CDDL is treated as a non-entity.
Note that there is a rather large semantic difference between a project that is available under several licenses, and a project that contains several licenses (on different parts).
I may be wrong, but I get the impression that riscos.info is a web front end for the underlying versioning system (SVN?) that is used by the build system. Migrating to something different may pose enough complications that is why it hasn’t been done before.
Certainly, it would be good to have things at least mirrored somewhere so if one site is down there is a backup. Here is a back door that may be of use: |
David J. Ruck (33)
1635 posts
|
Let’s not feed Microsoft’s AI monster anything else. |
|
Rick Murray (539)
13839 posts
|
I think by now, it’s pretty obvious that “if it exists, an AI bot has ingested it”. And funny how they’re so protective of their copyrights, and so quick to ignore ours when there’s money to be made… |
|
Rick Murray (539)
13839 posts
|
Oh, and Microsoft can put a comfy cushion on the naughty stair and just stay there, like, forever. |
|
Paolo Fabio Zaino (28)
1882 posts
|
If you are going to need/use the CDDL you’ll probably will have to modify it, the license establish this: The code released under the CDDL shall be governed by the laws of the State of California (excluding conflict-of-law provisions). Any litigation relating to this License shall be subject to the jurisdiction of the Federal Courts of the Northern District of California and the state courts of the State of California, with venue lying in Santa Clara County, California. So be careful with re-using the CDDL as-is. For me I have a modified version that ammend those elements, but that ain’t the official CDDL v1.1, however as a rights owner I can use whatever I want.
Partially is because it’s not a common one, GitHub automatically supports the most common ones and partially is the problem I shared above, courtesy of Sun (now Oracle).
Haha, maybe! Joking, nah they allow Copyright, so more against the GPL than that! (althought if copyright is required to grant GPL thought)
AFAIK, you are correct, and that’s what GitHub Actions are for. But yes repositories need to be migrated from SVN to GIT. |
|
Paolo Fabio Zaino (28)
1882 posts
|
Pretty much yes, and not just that, in Cybersecurity we develop crawlers that can mimic humans in all aspects, that is because bad guys discovered they can open a website and get protected by things like CloudFlare etc. so, to figure out malicious websites, security tools have to be extremely sneaky and invasive. |
Steve Fryatt (216)
2105 posts
|
It certainly appears to be an option when licensing a new repo (though I’ve not actually created one to verify that). What is presumably stopping that repo that you cite from being recognised is something in the filenames that prevents the heuristics from finding the licence info. I mean, come on — it correctly identifies the licence used on my repos, so I can’t see why it would ignore the CDDL!
The repos on riscos.info are indeed SVN, which is a nuisance as when the server is down the centralised nature of SVN makes it impossible to do any work. That’s one of the reasons why WinEd moved over to GitHub a while back (that, and the fact that having used Git, I find SVN very clunky and inflexible). Things tied to the Autobuilder might be more tricky. The AB can pull stuff in from Git, so that side shouldn’t be an issue, but there may well be implications that I’ve not thought of. It probably just needs someone to look at it, but given the usual negativity here whenever anything is suggested that might make developers’ lives easier, good luck with that one.
That’s one of the benefits of Git over SVN: all of my code it primarily stored on my own Git server (separate from my Git local copies that I work in), and mirrored to GitHub as an off-site backup kindly paid for by Microsoft in exchange for AI fodder. Git just handles that, because it’s designed to.
I’m sure that they’ll find RISC OS source code very useful. |
|
Paolo Fabio Zaino (28)
1882 posts
|
Amen on that. |
Clive Semmens (2335)
3276 posts
|
I believe you, but wasn’t aware of that. I’m aware of, and share, plenty of scepticism about the feasibility of moving RISCOS and its legacy apps to ARM64 or any non-ARM architecture other than by emulation, but I hadn’t noticed any wider negativity than that. Oh, and some doubt about the feasibilty of making much use of additional cores in RISCOS. Possibly just me being unobservant, of course. |
|
Rick Murray (539)
13839 posts
|
No, it isn’t.
I, on the other hand, did…
Pathetically Pointless Politics, most likely. Kindly go here: https://github.com/search/advanced Second bunch of options, one of those is search by licence. It is a long list of licences including some I’ve never heard of before. “Common Development and Distribution License” is conspicuously absent from the list. Sure, you can manually make things CDDL in GitHub, but it is not a licence automatically supported by the system, neither apparently can you search for other CDDL content. So this won’t work: https://github.com/search?q=license%3Acddl&type=Repositories&ref=advsearch&l=&l=
Some of us (myself included 🥴) manage our sources by zip file rather than source control systems, a method that is seen as terribly Mesolithic these days. Then again, others are real big on source control because they do the actual coding part on some other system because RISC OS itself is positively Mesozoic in comparison. I’m sure for shared projects there are many benefits to be had from a sane source control system. For smaller things, the one man band stuff, it’s just additional steps in the workflow. Plus dealing with the conventions of an alien system, which isn’t insurmountable but still, if it’s supposed to make my life easier then not making it harder would be a good start.
Everybody is different. Just because somebody is “Git, meh” is no reason for everybody else to be “Git, meh”. If it works for you, cool, use it. But I do note with some measure of irony that the widespread and freely available RISC OS browser is incapable of viewing the RISC OS source code these days. ;) There are degrees of “easier” and what works for somebody may not work for somebody else.
This so very much. Retaining the current API is an exercise in masochism. Making a new API means a breaking change, not that it isn’t one anyway.
|
|
Stuart Swales (8827)
1357 posts
|
All we need to be going on with is somewhere that the listed binaries can be obtained from by PackMan. Not all packages are built by the riscos.info system. |
|
Rick Murray (539)
13839 posts
|
How much are we talking, by the way? 100MB? Half? Twice? Oh, and what runs the back end? I’m guessing the updates aren’t done manually and the lists aren’t built by hand. |
|
Stuart Swales (8827)
1357 posts
|
My contributions to the PackMan lists certainly are. |
|
Paolo Fabio Zaino (28)
1882 posts
|
Are you guys aware that GitHub has features specifically for creating package repositories? I mean, not just one package. Yes, it’s true. GitHub Releases isn’t just a fancy file storage; it actually supports uploading packages from third-party sources. You can even do it manually via the website or through the API—because who doesn’t love a little extra work, right? Here’s a fun little automation to pull packages from another system into GitHub Releases:
name: Upload Rick's Package from his famous Raspberry Pi server ;)
on:
schedule:
- cron: '0 0 * * *' # Runs daily at midnight
jobs:
upload-package:
runs-on: ubuntu-latest
steps:
- name: Download package from external system
run: |
curl -O hxxps://rick-website-running-on-a-pi.com/path/to/package.zip
- name: Create GitHub Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: 'v1.0.0'
release_name: 'v1.0.0'
draft: false
prerelease: false
- name: Upload Release Asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./package.zip
asset_name: package.zip
asset_content_type: application/zip
Another Action can be used to generate the entry for the PackMan release file. It’s unbelievably easy. Seriously, if you need my help to build all this, just shout ;) – Or you can use what I am building in the RISC OS Community on GitHub… Oh wait that’s bad too, because… no one knows, but it is! XD Oh, and we can even use the automation above to replicate the ROOL PackMan repository on GitHub as a backup — because redundancy is the key to a good night’s sleep. But what if I have everything on a Pi that’s tucked away in my attic and isn’t public on the internet? Don’t worry, your friendly neighborhood Paolo is here to save the day. Just use curl: curl -XPOST -H "Authorization: token YOUR_GITHUB_TOKEN" \ -H "Content-Type: $(file -b --mime-type path/to/package.zip)" \ --data-binary @path/to/package.zip \ "https://uploads.github.com/repos/OWNER/REPO/releases/RELEASE_ID/assets?name=package.zip" But I built multiple packages! Awesome, just toss a for loop around the command above. Simple as that. Seriously though, there are a ton of tools available to move data and packages from one site to another. I’m not really sure what the problem is. Ah, the CDDL is what’s stopping people from using GitHub? I had no idea we had a fleet of lawyers in California on standby for when someone breaches the CDDL license. That’ll be a popcorn-worthy show (sarcasm). In the meantime, I suggest quickly editing the CDDL used for RO things—probably with a lawyer’s help, of course. ;) Note: If you do have those lawyers in California ready to pounce on CDDL violations, you probably have enough cash to hire me to code on RISC OS. I’m more than happy to rewrite it from the ground up for the right price. I might even quit my day job for it! ;) |
|
Rick Murray (539)
13839 posts
|
<sigh> I did say it was a minor thing…but given that it’s a perfectly legitimate open source licence that is used within RISC OS, you’d have thought….
Why the hell should anybody involved in or with RISC OS change the licence they chose to work around weirdness of someplace else?
For some of us, unnecessary complications perhaps?
Autism with a side order of ADHD, I haven’t had a good night’s sleep since that time in the early 90s when I pulled a two-nighter (like sixty hours nonstop) to help get some stupid project done and basically passed out afterwards. One of the reasons I quit that job and that sector.
Actually, upload whatever can be recovered from riscos.info. But, then, can GitHub autobuild the package lists for Packman too? |
|
Paolo Fabio Zaino (28)
1882 posts
|
Yes, the key part to note is the following: runs-on: ubuntu-latest This will spin up an Ubuntu virtual machine, where you can install and configure everything you need to build your package, usually GCCSDK. However, if you prefer running things on RISC OS, you can use one of the few available “headless RPCEmu” options, spin up RISC OS on it, and build whatever you wish. You can also use ROOL DDE for this without violating the license agreement, because the build will occur in your own repository, and the installed copy of DDE (installed on the fly) will be destroyed after the build is completed. If you have any doubts, you can always email ROOL for more details.
I was just being sarcastic and pointing to the smallest public RISC OS server I know of. Don’t you run everything on a Pi?
I’m not a lawyer, so you should definitely consult one, but the portion of the CDDL I shared earlier (you can ignore my comments, of course, but you can’t ignore the license!) means the following:
So, my friendly advice is to consider modifying the CDDL if you want to use it for your software — unless you’re okay with the risks associated with those three clearly outlined issues. |
|
Rick Murray (539)
13839 posts
|
The version in the ROOL repository (SDCMOS) says:
This is normal because what the hell is somebody on this side of the ocean going to care about the courts in California? Of course, a good lawyer would probably try to get this invalidated because “jurisdiction” is misspelled.
Technically, the only thing it serves, when on (it isn’t right now, possible thunderstorms) is the current weather. Everything else is linked to where I dumped the files because it’s easier, though given the tendency for the server to come and go it’s generally better to put things on my heyrick.eu site.
What? Of course I use the system I’m talking about, I’m not Sveinung. :p Yes, my systems are Android and RISC OS. I don’t have an x86 box that doesn’t suck huge amounts of electricity nor do I have much of a use case for changing that. Anyway, can we drop the CDDL specifics already? I don’t even use it myself, just noted its omission from GitHub. The question is how/what to do about core packages held on a site experiencing “technical difficulties”. Who runs riscos.info? Has anybody been in touch? Is it a question of time? |
|
Paolo Fabio Zaino (28)
1882 posts
|
Sure.
The problem is that, IMHO, any core package should be hosted on something that is reliable and accessible 99.99% of the time. Otherwise, it’s not a “core package”.
I think Theo and Steve F. have access to it, but that’s all I know.
As for extracting the wiki’s data, that’s easy. Each Wiki page reported the CC license, so data-extraction can be done without asking for permission and using one of the many tools available for the job over webarchive versions. Unless, of course, someone wants to keep the original MediaWiki format, in which case the database and the MediaWiki version need to be backed up from the original server. As for the SVN, that will require migrating to Git, which can be easily automated. It could stay in SVN format if people prefer that; GitHub can use an SVN client to get the sources for the build process. However, having the sources in Git format is better because anyone who forks or clones a repo becomes an extra backup of it. To future-proof anything, my recommendation is to always have a way to extract data and transform it into a manageable format. In technical terms, this is called a Common Data Model, which can then be transformed or “injected” (if you will) into new versions of software or even entirely new software. |
