News aggregator

Flow: Actor-based Concurrency with C++ [FoundationDB]

Another word for itSun, 02/15/2015 - 01:37

Categories:

Topic Maps

Flow: Actor-based Concurrency with C++

From the post:

FoundationDB began with ambitious goals for both high performance per node and scalability. We knew that to achieve these goals we would face serious engineering challenges while developing the FoundationDB core. We’d need to implement efficient asynchronous communicating processes of the sort supported by Erlang
or the Async library in .NET, but we’d also need the raw speed and I/O efficiency of C++. Finally, we’d need to perform extensive simulation to engineer for reliability and fault tolerance on large clusters.

To meet these challenges, we developed several new tools, the first of which is Flow, a new programming language that brings actor-based concurrency to C++11. To add this capability, Flow introduces a number of new keywords and control-flow primitives for managing concurrency. Flow is implemented as a compiler which analyzes an asynchronous function (actor) and rewrites it as an object with many different sub-functions that use callbacks to avoid blocking (see streamlinejs for a similar concept using JavaScript). The Flow compiler’s output is normal C++11 code, which is then compiled to a binary using traditional tools. Flow also provides input to our simulation tool, Lithium, which conducts deterministic simulations of the entire system, including its physical interfaces and failure modes. In short, Flow allows efficient concurrency within C++ in a maintainable and extensible manner, achieving all three major engineering goals:

  • high performance (by compiling to native code),
  • actor-based concurrency (for high productivity development),
  • simulation support (for testing).

Flow Availability

Flow is not currently available outside of FoundationDB, but we’d like to open-source it in the future. If you’d like to stay in the loop with our progress subscribe below.

Are you going to be ready when Flow is released separate from FoundationDB?

Streets of Paris Colored by Orientation

Another word for itSun, 02/15/2015 - 01:12

Categories:

Topic Maps

Streets of Paris Colored by Orientation by Mathieu Rajerison.

From the post:

Recently, I read an article by datapointed which presented maps of streets of different cities colored by orientation.

The author gave some details about the method, which I tried to reproduce. In this post, I present the different steps from the calculation in my favorite spatial R ToolBox to the rendering in QGIS using a specific blending mode.

An opportunity to practice R and work with maps. More enjoyable than sifting data to find less corrupt politicians.

I first saw this in a tweet by Caroline Moussy.

Mercury [March 5, 2015, Washington, DC]

Another word for itSun, 02/15/2015 - 00:47

Categories:

Topic Maps

Mercury Registration Deadline: February 17, 2015.

From the post:

The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers’ Day Conference for the Mercury Program on March 5, in anticipation of the release of a new solicitation in support of the program. The Conference will be held from 8:30 AM to 5:00 PM EST in the Washington, DC metropolitan area. The purpose of the conference will be to provide introductory information on Mercury and the research problems that the program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners.

Program Description and Goals

Past research has found that publicly available data can be used to accurately forecast events such as political crises and disease outbreaks. However, in many cases, relevant data are not available, have significant lag times, or lack accuracy. Little research has examined whether data from foreign Signals Intelligence (SIGINT) can be used to improve forecasting accuracy in these cases.

The Mercury Program seeks to develop methods for continuous, automated analysis of SIGINT in order to anticipate and/or detect political crises, disease outbreaks, terrorist activity, and military actions. Anticipated innovations include: development of empirically driven sociological models for population-level behavior change in anticipation of, and response to, these events; processing and analysis of streaming data that represent those population behavior changes; development of data extraction techniques that focus on volume, rather than depth, by identifying shallow features of streaming SIGINT data that correlate with events; and development of models to generate probabilistic forecasts of future events. Successful proposers will combine cutting-edge research with the ability to develop robust forecasting capabilities from SIGINT data.

Mercury will not fund research on U.S. events, or on the identification or movement of specific individuals, and will only leverage existing foreign SIGINT data for research purposes.

The Mercury Program will consist of both unclassified and classified research activities and expects to draw upon the strengths of academia and industry through collaborative teaming. It is anticipated that teams will be multidisciplinary, and might include social scientists, mathematicians, statisticians, computer scientists, content extraction experts, information theorists, and SIGINT subject matter experts with applied experience in the U.S. SIGINT System.

Attendees must register no later than 6:00 pm EST, February 27, 2015 at http://events.SignUp4.com/MercuryPDRegistration_March2015. Directions to the conference facility and other materials will be provided upon registration. No walk-in registrations will be allowed.

I might be interested if you can hide me under a third or fourth level sub-contractor.

Seriously, it isn’t that I despair of the legitimate missions of intelligence agencies but I do despise waste on ways known to not work. Government funding, even unlimited funding, isn’t going to magically confer the correct semantics on data or enable analysts to meaningfully share their work products across domains.

You would think going on fourteen (14) years post-9/11 and not being one step closer to preventing a similar event, that would be a “wake-up” call to someone. If not in the U.S. intelligence community, perhaps in intelligence communities who tire of aping the U.S. community with no better results.

OpenGov Voices: Bringing transparency to earmarks buried in the budget

Another word for itSun, 02/15/2015 - 00:29

Categories:

Topic Maps

OpenGov Voices: Bringing transparency to earmarks buried in the budget by Matthew Heston, Madian Khabsa, Vrushank Vora, Ellery Wulczyn and Joe Walsh.

From the post:

Last week, President Obama kicked off the fiscal year 2016 budget cycle by unveiling his $3.99 trillion budget proposal. Congress has the next eight months to write the final version, leaving plenty of time for individual senators and representatives, state and local governments, corporate lobbyists, bureaucrats, citizens groups, think tanks and other political groups to prod and cajole for changes. The final bill will differ from Obama’s draft in major and minor ways, and it won’t always be clear how those changes came about. Congress will reveal many of its budget decisions after voting on the budget, if at all.

We spent this past summer with the Data Science for Social Good program trying to bring transparency to this process. We focused on earmarks – budget allocations to specific people, places or projects – because they are “the best known, most notorious, and most misunderstood aspect of the congressional budgetary process” — yet remain tedious and time-consuming to find. Our goal: to train computers to extract all the earmarks from the hundreds of pages of mind-numbing legalese and numbers found in each budget.

Watchdog groups such as Citizens Against Government Waste and Taxpayers for Common Sense have used armies of human readers to sift through budget documents, looking for earmarks. The White House Office of Management and Budget enlisted help from every federal department and agency, and the process still took three months. In comparison, our software is free and transparent and generates similar results in only 15 minutes. We used the software to construct the first publicly available database of earmarks that covers every year back to 1995.

Despite our success, we barely scratched the surface of the budget. Not only do earmarks comprise a small portion of federal spending but senators and representatives who want to hide the money they budget for friends and allies have several ways to do it:

I was checking the Sunlight Foundation Blog for any updated information on the soon to be released indexes of federal data holdings when I encountered this jewel on earmarks.

Important to read/support because:

  1. By dramatically reducing the human time investment to find earmarks, it frees up that time to be spent gathering deeper information about each earmark
  2. It represents a major step forward in the ability to discover relationships between players in the data (what the NSA wants to do but with a rationally chosen data set).
  3. It will educate you on earmarks and their hiding places.
  4. It is an inspirational example of how darkness can be replaced with transparency, some of it anyway.

Will transparency reduce earmarks? I rather doubt it because a sense of shame doesn’t seem to motivate elected and appointed officials.

What transparency can do is create a more level playing field for those who want to buy government access and benefits.

For example, if I knew what it cost to have the following exemption in the FOIA:

Exemption 9: Geological information on wells.

it might be possible to raise enough funds to purchase the deletion of:

Exemption 5: Information that concerns communications within or between agencies which are protected by legal privileges, that include but are not limited to:

4 Deliberative Process Privilege

Which is where some staffers hide their negotiations with former staffers as they prepare to exit the government.

I don’t know that matching what Big Oil paid for the geological information on wells exemption would be enough but it would set a baseline for what it takes to start the conversation.

I say “Big Oil paid…” assuming that most of us don’t equate matters of national security with geological information. Do you have another explanation for such an offbeat provision?

If government is (and I think it is) for sale, then let’s open up the bidding process.

A big win for open government: Sunlight gets U.S. to…

Another word for itSat, 02/14/2015 - 23:58

Categories:

Topic Maps

A big win for open government: Sunlight gets U.S. to release indexes of federal data by Matthew Rumsey and Sean Vitka and John Wonderlich.

From the post:

For the first time, the United States government has agreed to release what we believe to be the largest index of government data in the world.

On Friday, the Sunlight Foundation received a letter from the Office of Management and Budget (OMB) outlining how they plan to comply with our FOIA request from December 2013 for agency Enterprise Data Inventories. EDIs are comprehensive lists of a federal agency’s information holdings, providing an unprecedented view into data held internally across the government. Our FOIA request was submitted 14 months ago.

These lists of the government’s data were not public, however, until now. More than a year after Sunlight’s FOIA request and with a lawsuit initiated by Sunlight about to be filed, we’re finally going to see what data the government holds.

Since 2013, federal agencies have been required to construct a list of all of their major data sets, subject only to a few exceptions detailed in President Obama’s executive order as well as some information exempted from disclosure under the FOIA.

Many kudos to the Sunlight Foundation!

As to using the word “win,” do we need to wait and see what Enterprise Data Inventories are in fact produced?

I say that because the executive order of President Obama that is cited in the post, provides these exemptions from disclosure:

4 (d) (d) Nothing in this order shall compel or authorize the disclosure of privileged information, law enforcement information, national security information, personal information, or information the disclosure of which is prohibited by law.

Will that be taken as an excuse to not list the data collections at all?

Or, will the NSA say:

one (1) collection of telephone metadata, timeSpan: 4 (d) exempt, size: 4 (d) exempt, metadataStructure: 4 (d) exempt source: 4 (d) exempt

Do they mean internal NSA phone logs? Do they mean some other source?

Or will they simply not list telephone metadata at all?

What’s exempt under FOAI? (From FOIA.gov):

Not all records can be released under the FOIA.  Congress established certain categories of information that are not required to be released in response to a FOIA request because release would be harmful to governmental or private interests.   These categories are called "exemptions" from disclosures.  Still, even if an exemption applies, agencies may use their discretion to release information when there is no foreseeable harm in doing so and disclosure is not otherwise prohibited by law.  There are nine categories of exempt information and each is described below.  

Exemption 1: Information that is classified to protect national security.  The material must be properly classified under an Executive Order.

Exemption 2: Information related solely to the internal personnel rules and practices of an agency.

Exemption 3: Information that is prohibited from disclosure by another federal law. Additional resources on the use of Exemption 3 can be found on the Department of Justice FOIA Resources page.

Exemption 4: Information that concerns business trade secrets or other confidential commercial or financial information.

Exemption 5: Information that concerns communications within or between agencies which are protected by legal privileges, that include but are not limited to:

  1. Attorney-Work Product Privilege
  2. Attorney-Client Privilege
  3. Deliberative Process Privilege
  4. Presidential Communications Privilege

Exemption 6: Information that, if disclosed, would invade another individual’s personal privacy.

Exemption 7: Information compiled for law enforcement purposes if one of the following harms would occur.  Law enforcement information is exempt if it: 

  • 7(A). Could reasonably be expected to interfere with enforcement proceedings
  • 7(B). Would deprive a person of a right to a fair trial or an impartial adjudication
  • 7(C). Could reasonably be expected to constitute an unwarranted invasion of personal privacy
  • 7(D). Could reasonably be expected to disclose the identity of a confidential source
  • 7(E). Would disclose techniques and procedures for law enforcement investigations or prosecutions
  • 7(F). Could reasonably be expected to endanger the life or physical safety of any individual

Exemption 8: Information that concerns the supervision of financial institutions.

Exemption 9: Geological information on wells.

And the exclusions:

Congress has provided special protection in the FOIA for three narrow categories of law enforcement and national security records. The provisions protecting those records are known as “exclusions.” The first exclusion protects the existence of an ongoing criminal law enforcement investigation when the subject of the investigation is unaware that it is pending and disclosure could reasonably be expected to interfere with enforcement proceedings. The second exclusion is limited to criminal law enforcement agencies and protects the existence of informant records when the informant’s status has not been officially confirmed. The third exclusion is limited to the Federal Bureau of Investigation and protects the existence of foreign intelligence or counterintelligence, or international terrorism records when the existence of such records is classified. Records falling within an exclusion are not subject to the requirements of the FOIA. So, when an office or agency responds to your request, it will limit its response to those records that are subject to the FOIA.

You can spot the truck sized holes as well as I can that may prevent disclosure.

One analytic challenge upon the release of the Enterprise Data Inventories will be to determine what is present and what is missing but should be present. Another will be to assist the Sunlight Foundation in its pursuit of additional FOIAs to obtain data listed but not available. Perhaps I should call this an important victory although of a battle and not the long term war for government transparency.

Thoughts?

American FactFinder

Another word for itSat, 02/14/2015 - 21:38

Categories:

Topic Maps

American FactFinder

From the webpage:

American FactFinder provides access to data about the United States, Puerto Rico and the Island Areas. The data in American FactFinder come from several censuses and surveys. For more information see Using FactFinder and What We Provide.

As I was writing this post I returned to CensusReporter (2013) which reported on an effort to make U.S. census data easier to use. Essentially a common toolkit.

At that time CensusReporter was in “beta” but has long passed that stage! Whether you will prefer American FactFinder or CensusReporter better will depend upon you and your requirements.

I can say that CensusReporter is working on A tool to aggregate American Community Survey data to non-census geographies. That could prove to be quite useful.

Enjoy!

What is Ansible

Wesley TanakaSat, 02/14/2015 - 21:34

Categories:

Drupal

Ansible is a python command line program. In its basic usage, it reads a list of server hosts (the "inventory"), has access to a library of command line scripts ("modules") that might be run on the servers, and reads a configuration file ("playbook") which specifies modules to run on each server, and parameters to pass to each module. Using the sequence defined in the playbook, it connects to each server with SSH, copies (SFTP or SCP) the module up to the server, executes it remotely, then deletes it.

read more

Thank Snowden: Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner

Another word for itSat, 02/14/2015 - 19:31

Categories:

Topic Maps

Thank Snowden: Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner by Mike Masnick

From the post:

We already wrote about the information sharing efforts coming out of the White House cybersecurity summit at Stanford today. That’s supposedly the focus of the event. However, there’s a much bigger issue happening as well: and it’s the growing distrust between the tech industry and the intelligence community. As Bloomberg notes, the CEOs of Google, Yahoo and Facebook were all invited to join President Obama at the summit and all three declined. Apple’s CEO Tim Cook will be there, but he appears to be delivering a message to the intelligence and law enforcement communities, if they think they’re going to get him to drop the plan to encrypt iOS devices by default:


In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.

Disclosure: I have been guilty of what I am about to criticize Mike Masnick about and will almost certainly be guilty of it in the future. That, however, does not make it right.

What would you say is being assumed in the Mike’s title?

Guesses anyone?

What if it read: U.S. Internet Industry Now Considers The U.S. Intelligence Community An Adversary, Not A Partner?

Does that help?

The trivial point is that the “Internet Industry” isn’t limited to the U.S. and Mike’s readership isn’t either.

More disturbing though is that the “U.S. (meant here descriptively) Internet Industry” at one point did consider the “U.S. (again descriptively) Intelligence Community” as a partner at one point.

That being the case and seeing how Mike duplicates that assumption in his title, how should countries besides the U.S. view the reliability (in terms of government access) of U.S. produced software?

That’s a simple enough question.

What is your answer?

The assumption of partnership between the “U.S. Internet Industry” and the “U.S. Intelligence Community” would have me running to back an alternative to China’s recent proposal for source code being delivered to the government (in that case China).

Rather than every country having different import requirements for software sales, why not require the public posting of commercial software source for software sales anywhere?

Posting of source code doesn’t lessen your rights to the code (see copyright statutes) and it makes detection of software piracy trivially easy since all commercial software has to post its source code.

Oh, some teenager might compile a copy but do you really think major corporations in any country are going to take that sort of risk? It just makes no sense.

As far as the “U.S. Intelligence Community” concerns, remember “The treacherous are ever distrustful…” The ill-intent of the world they see is a reflection of their own malice towards others. Or after years of systematic abuse, the smoldering anger of the abused.

In Defense of the Good Old-Fashioned Map

Another word for itSat, 02/14/2015 - 18:40

Categories:

Topic Maps

In Defense of the Good Old-Fashioned Map – Sometimes, a piece of folded paper takes you to places the GPS can’t by Jason H. Harper.

A great testimonial to hard copy maps in addition to being a great read!

From the post:


But just like reading an actual, bound book or magazine versus an iPad or Kindle, you consume a real map differently. It’s easier to orient yourself on a big spread of paper, and your eye is drawn to roads and routes and green spaces you’d never notice on a small screen. A map invites time and care and observance of the details. It encourages the kind of exploration that happens in real life, when you’re out on the road, instead of the turn-by-turn rigidity of a digital device.

You can scroll or zoom with a digital map or digital representation of a topic map, but that isn’t quite the same as using a large, hard copy representation. Digital scrolling and zooming is like exploring a large scale world map through a toilet paper tube. It’s doable but I would argue it is a very different experience from a physical large scale world map.

Unless you are at a high-end visualization center or until we have walls as high resolution displays, you may want to think about production of topic maps as hard copy maps for some applications. While having maps printed isn’t cheap, it pales next to the intellectual effort that goes into constructing a useful topic map.

A physical representation of a topic map would have all the other advantages of a hard copy map. It would survive and be accessible without electrical power, it could be manually annotated, it could shared with others in the absence of computers, it could be compared to observations and/or resources, in fact it could be rather handy.

I don’t have a specific instance in mind but raise the point to keep in mind the range of topic map deliverables.

Valentine’s Day Geo Crossword Puzzle Fun

AnythingGeospatialSat, 02/14/2015 - 17:02

Categories:

Mapping
TweetA little GeoGeeky Valentine’s Day fun for you Geo Lovebirds! A fun crossword with a Valentine theme courtesy of the US Census Bureau… enjoy! See also more Valentine’s Day facts...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Principal Component Analysis – Explained Visually [Examples up to 17D]

Another word for itSat, 02/14/2015 - 16:37

Categories:

Topic Maps

Principal Component Analysis – Explained Visually by Victor Powell.

From the website:

Principal component analysis (PCA) is a technique used to emphasize variation and bring out strong patterns in a dataset. It’s often used to make data easy to explore and visualize.

Another stunning visualization (2D, 3D and 17D, yes, not a typo, 17D) from Explained Visually.

Probably not the top item in your mind on Valentine’s Day but you should bookmark it and return when you have more time.

I first saw this in a tweet by Mike Loukides.

Drupal @ Penn State: A window into our Community

Planet DrupalSat, 02/14/2015 - 16:22

Categories:

Drupal
Intro

Something that inspired me recently to write about DUG, are the efforts of MediaCurrent. Media Current has recently been pushing forward a series of postings talking about how they are giving back and being a lot more open about use of time to give back (which is awesome).

모든 것은 노래한다: 이야기하는 지도들: Denis Wood’s Everything Sings in Korean

DIY CartographySat, 02/14/2015 - 15:09

Categories:

Mapping

Denis Wood’s Everything Sings atlas in Korean via Your Mind.

 

What follows is the Google translation of the book description (from the Korean on this page):

Everything Song: The Story of a map

Dennis Wood

Maverick academics and innovators of the American Geographical Dennis Wood is the North Carolina depicting a small town seem to run Heights creative guidance of various forms book.

How to create a map that Dennis Wood is unique unprecedented. He move, coming to North Carolina, he lived in a small town look run Heights overturns the traditional concept of cartography, and explore new perspective on the nature of this particular place and place itself. Each map is unseen, no one will pay attention not do, Turn your eyes to seem trivial. From radio waves to penetrate into the air until released by Hal reowin pumpkin on the porch, he made maps, nor have never let the fact that we did not know at things simply can not make such a map will find insights.

He most important thing is a map of the place of experience. In pursuit of poetry and ‘useless’ knowledge, this noble jimyeo year, aims to reproduce the sound of the world. We must appreciate and admire the beauty of the city map (詩) wrote to me at a map and start a new neighborhood, undergoes a change in the perception of how to read the map and the map in the process. So this book is about a neighborhood, and we piled the story of his gyeopgyeop about going out there trying to calm the place called ‘my neighborhood’ la.

We are looking to buy a new area, and in the effort to find a variety of means is happening in Korea. By exploring new geographic area to another time trying to cache the truth is hidden in the epidermis and the realities of the region. “Everything Song: Map of talking” is the one piece of creative map showing the iconic Atlas do not change the perception of the place.

 


Webchick's "plain Drupal English" Guide to the Remaining Drupal 8 Critical Issues: DrupalCon Bogotá Edition

WebChickSat, 02/14/2015 - 09:09

Categories:

Drupal

(Apologies for the atrocious state of the HTML that follows; this content is originally from this Google Doc.)

Webchick's "plain Drupal English" Guide to the Remaining Drupal 8 Critical Issues: DrupalCon Bogotá Edition

li:before{content:"\0025cb "}.lst-kix_v4kywwnawwi1-2>li:before{content:"\0025a0 "}.lst-kix_rfxe804vasvo-0>li:before{content:"\0025cf "}.lst-kix_91g62kqwec1n-6>li:before{content:"\0025cf "}ul.lst-kix_gkrhy9ftmdx5-0{list-style-type:none}.lst-kix_gkrhy9ftmdx5-0>li:before{content:"\0025cf "}ul.lst-kix_gkrhy9ftmdx5-2{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-1{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-4{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-3{list-style-type:none}.lst-kix_hhgio4gd2kqu-5>li:before{content:"\0025a0 "}.lst-kix_weegr7e6utbi-5>li:before{content:"\0025a0 "}.lst-kix_91g62kqwec1n-4>li:before{content:"\0025cb "}.lst-kix_lfdxqe331k89-1>li:before{content:"\0025cb "}.lst-kix_91g62kqwec1n-8>li:before{content:"\0025a0 "}.lst-kix_ieibnn9zk9zy-8>li:before{content:"\0025a0 "}.lst-kix_yganm4mrgvck-1>li:before{content:"\0025cb "}.lst-kix_yganm4mrgvck-2>li:before{content:"\0025a0 "}ul.lst-kix_f44wt6l5fd2z-0{list-style-type:none}ul.lst-kix_f44wt6l5fd2z-1{list-style-type:none}.lst-kix_9vpbdt1zxr8p-3>li:before{content:"\0025cf "}ul.lst-kix_f44wt6l5fd2z-2{list-style-type:none}ul.lst-kix_f44wt6l5fd2z-3{list-style-type:none}ul.lst-kix_f44wt6l5fd2z-4{list-style-type:none}.lst-kix_gdjmrlbf1bc0-7>li:before{content:"\0025cb "}ul.lst-kix_f44wt6l5fd2z-5{list-style-type:none}.lst-kix_pa29iojpk15k-3>li:before{content:"\0025cf "}.lst-kix_2mieegahdh2w-8>li:before{content:"\0025a0 "}ul.lst-kix_f44wt6l5fd2z-6{list-style-type:none}ul.lst-kix_f44wt6l5fd2z-7{list-style-type:none}ul.lst-kix_f44wt6l5fd2z-8{list-style-type:none}.lst-kix_7tyt6bpkpeun-7>li:before{content:"\0025cb "}ul.lst-kix_yganm4mrgvck-4{list-style-type:none}.lst-kix_7tyt6bpkpeun-5>li:before{content:"\0025a0 "}ul.lst-kix_yganm4mrgvck-3{list-style-type:none}ul.lst-kix_yganm4mrgvck-6{list-style-type:none}ul.lst-kix_yganm4mrgvck-5{list-style-type:none}ul.lst-kix_yganm4mrgvck-8{list-style-type:none}.lst-kix_f44wt6l5fd2z-7>li:before{content:"\0025cb "}ul.lst-kix_yganm4mrgvck-7{list-style-type:none}.lst-kix_7tyt6bpkpeun-4>li:before{content:"\0025cb "}.lst-kix_lfdxqe331k89-2>li:before{content:"\0025a0 "}.lst-kix_rfxe804vasvo-8>li:before{content:"\0025a0 "}.lst-kix_weegr7e6utbi-3>li:before{content:"\0025cf "}.lst-kix_7tyt6bpkpeun-6>li:before{content:"\0025cf "}.lst-kix_rfxe804vasvo-2>li:before{content:"\0025a0 "}.lst-kix_7zjzqbwrpkjm-0>li:before{content:"\0025cf "}ul.lst-kix_d07eoiemqszj-8{list-style-type:none}.lst-kix_d07eoiemqszj-4>li:before{content:"\0025cb "}.lst-kix_7tyt6bpkpeun-8>li:before{content:"\0025a0 "}ul.lst-kix_d07eoiemqszj-7{list-style-type:none}ul.lst-kix_d07eoiemqszj-6{list-style-type:none}ul.lst-kix_d07eoiemqszj-5{list-style-type:none}ul.lst-kix_d07eoiemqszj-4{list-style-type:none}.lst-kix_lfdxqe331k89-4>li:before{content:"\0025cb "}ul.lst-kix_d07eoiemqszj-3{list-style-type:none}.lst-kix_d07eoiemqszj-3>li:before{content:"\0025cf "}.lst-kix_5xn4xca12dzt-6>li:before{content:"\0025cf "}.lst-kix_ieibnn9zk9zy-1>li:before{content:"\0025cb "}.lst-kix_91g62kqwec1n-2>li:before{content:"\0025a0 "}ul.lst-kix_d07eoiemqszj-1{list-style-type:none}.lst-kix_gkrhy9ftmdx5-3>li:before{content:"\0025cf "}.lst-kix_gkrhy9ftmdx5-2>li:before{content:"\0025a0 "}.lst-kix_hhgio4gd2kqu-3>li:before{content:"\0025cf "}.lst-kix_9vpbdt1zxr8p-8>li:before{content:"\0025a0 "}ul.lst-kix_d07eoiemqszj-2{list-style-type:none}ul.lst-kix_d07eoiemqszj-0{list-style-type:none}.lst-kix_9vpbdt1zxr8p-0>li:before{content:"\0025cf "}.lst-kix_jearh3bkcya2-1>li:before{content:"\0025cb "}.lst-kix_rfxe804vasvo-6>li:before{content:"\0025cf "}.lst-kix_lfdxqe331k89-6>li:before{content:"\0025cf "}.lst-kix_pa29iojpk15k-0>li:before{content:"\0025cf "}ul.lst-kix_jearh3bkcya2-1{list-style-type:none}.lst-kix_weegr7e6utbi-7>li:before{content:"\0025cb "}ul.lst-kix_jearh3bkcya2-0{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-0{list-style-type:none}.lst-kix_v4kywwnawwi1-4>li:before{content:"\0025cb "}ul.lst-kix_gdjmrlbf1bc0-1{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-7{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-2{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-8{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-3{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-5{list-style-type:none}.lst-kix_f44wt6l5fd2z-2>li:before{content:"\0025a0 "}ul.lst-kix_gdjmrlbf1bc0-4{list-style-type:none}ul.lst-kix_gkrhy9ftmdx5-6{list-style-type:none}ul.lst-kix_jearh3bkcya2-7{list-style-type:none}ul.lst-kix_jearh3bkcya2-6{list-style-type:none}.lst-kix_7zjzqbwrpkjm-2>li:before{content:"\0025a0 "}ul.lst-kix_jearh3bkcya2-8{list-style-type:none}ul.lst-kix_jearh3bkcya2-3{list-style-type:none}ul.lst-kix_jearh3bkcya2-2{list-style-type:none}ul.lst-kix_jearh3bkcya2-5{list-style-type:none}.lst-kix_7zjzqbwrpkjm-1>li:before{content:"\0025cb "}ul.lst-kix_jearh3bkcya2-4{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-6{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-5{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-8{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-7{list-style-type:none}.lst-kix_hhgio4gd2kqu-7>li:before{content:"\0025cb "}.lst-kix_bghnjgxvc7ij-5>li:before{content:"\0025a0 "}ul.lst-kix_9lopuf4j9p0n-2{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-1{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-4{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-3{list-style-type:none}.lst-kix_d07eoiemqszj-2>li:before{content:"\0025a0 "}.lst-kix_2mieegahdh2w-7>li:before{content:"\0025cb "}.lst-kix_gdjmrlbf1bc0-2>li:before{content:"\0025a0 "}.lst-kix_d07eoiemqszj-6>li:before{content:"\0025cf "}.lst-kix_9vpbdt1zxr8p-5>li:before{content:"\0025a0 "}ul.lst-kix_9vpbdt1zxr8p-3{list-style-type:none}.lst-kix_bghnjgxvc7ij-6>li:before{content:"\0025cf "}ul.lst-kix_9vpbdt1zxr8p-4{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-5{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-6{list-style-type:none}.lst-kix_gkrhy9ftmdx5-5>li:before{content:"\0025a0 "}ul.lst-kix_9vpbdt1zxr8p-0{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-1{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-2{list-style-type:none}.lst-kix_yganm4mrgvck-8>li:before{content:"\0025a0 "}ul.lst-kix_pa29iojpk15k-3{list-style-type:none}ul.lst-kix_pa29iojpk15k-4{list-style-type:none}ul.lst-kix_pa29iojpk15k-1{list-style-type:none}ul.lst-kix_9lopuf4j9p0n-0{list-style-type:none}ul.lst-kix_pa29iojpk15k-2{list-style-type:none}ul.lst-kix_pa29iojpk15k-7{list-style-type:none}ul.lst-kix_pa29iojpk15k-8{list-style-type:none}ul.lst-kix_pa29iojpk15k-5{list-style-type:none}ul.lst-kix_pa29iojpk15k-6{list-style-type:none}.lst-kix_bghnjgxvc7ij-1>li:before{content:"\0025cb "}.lst-kix_7zjzqbwrpkjm-8>li:before{content:"\0025a0 "}ul.lst-kix_bghnjgxvc7ij-0{list-style-type:none}.lst-kix_9lopuf4j9p0n-0>li:before{content:"\0025cf "}ul.lst-kix_bghnjgxvc7ij-1{list-style-type:none}ul.lst-kix_weegr7e6utbi-6{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-2{list-style-type:none}ul.lst-kix_weegr7e6utbi-5{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-3{list-style-type:none}.lst-kix_7tyt6bpkpeun-3>li:before{content:"\0025cf "}ul.lst-kix_weegr7e6utbi-8{list-style-type:none}.lst-kix_lfdxqe331k89-3>li:before{content:"\0025cf "}ul.lst-kix_bghnjgxvc7ij-4{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-8{list-style-type:none}ul.lst-kix_weegr7e6utbi-7{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-5{list-style-type:none}ul.lst-kix_9vpbdt1zxr8p-7{list-style-type:none}ul.lst-kix_weegr7e6utbi-1{list-style-type:none}ul.lst-kix_weegr7e6utbi-2{list-style-type:none}.lst-kix_yganm4mrgvck-0>li:before{content:"\0025cf "}ul.lst-kix_weegr7e6utbi-3{list-style-type:none}ul.lst-kix_weegr7e6utbi-4{list-style-type:none}.lst-kix_hhgio4gd2kqu-0>li:before{content:"\0025cf "}.lst-kix_weegr7e6utbi-6>li:before{content:"\0025cf "}ul.lst-kix_weegr7e6utbi-0{list-style-type:none}.lst-kix_lfdxqe331k89-8>li:before{content:"\0025a0 "}.lst-kix_2mieegahdh2w-3>li:before{content:"\0025cf "}.lst-kix_9vpbdt1zxr8p-4>li:before{content:"\0025cb "}.lst-kix_pa29iojpk15k-1>li:before{content:"\0025cb "}.lst-kix_gdjmrlbf1bc0-4>li:before{content:"\0025cb "}.lst-kix_hhgio4gd2kqu-6>li:before{content:"\0025cf "}.lst-kix_jearh3bkcya2-5>li:before{content:"\0025a0 "}.lst-kix_ieibnn9zk9zy-2>li:before{content:"\0025a0 "}.lst-kix_weegr7e6utbi-0>li:before{content:"\0025cf "}.lst-kix_jearh3bkcya2-2>li:before{content:"\0025a0 "}.lst-kix_v4kywwnawwi1-8>li:before{content:"\0025a0 "}.lst-kix_7zjzqbwrpkjm-3>li:before{content:"\0025cf "}.lst-kix_ieibnn9zk9zy-6>li:before{content:"\0025cf "}.lst-kix_f44wt6l5fd2z-1>li:before{content:"\0025cb "}.lst-kix_gdjmrlbf1bc0-5>li:before{content:"\0025a0 "}ul.lst-kix_pa29iojpk15k-0{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-7{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-6{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-8{list-style-type:none}.lst-kix_lfdxqe331k89-7>li:before{content:"\0025cb "}ul.lst-kix_ieibnn9zk9zy-3{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-2{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-5{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-4{list-style-type:none}.lst-kix_v4kywwnawwi1-6>li:before{content:"\0025cf "}ul.lst-kix_ieibnn9zk9zy-1{list-style-type:none}ul.lst-kix_ieibnn9zk9zy-0{list-style-type:none}ul.lst-kix_91g62kqwec1n-2{list-style-type:none}ul.lst-kix_91g62kqwec1n-3{list-style-type:none}ul.lst-kix_91g62kqwec1n-0{list-style-type:none}ul.lst-kix_91g62kqwec1n-1{list-style-type:none}ul.lst-kix_91g62kqwec1n-6{list-style-type:none}.lst-kix_bghnjgxvc7ij-0>li:before{content:"\0025cf "}.lst-kix_7tyt6bpkpeun-2>li:before{content:"\0025a0 "}ul.lst-kix_91g62kqwec1n-7{list-style-type:none}ul.lst-kix_91g62kqwec1n-4{list-style-type:none}.lst-kix_f44wt6l5fd2z-5>li:before{content:"\0025a0 "}ul.lst-kix_91g62kqwec1n-5{list-style-type:none}.lst-kix_9lopuf4j9p0n-3>li:before{content:"\0025cf "}.lst-kix_f44wt6l5fd2z-3>li:before{content:"\0025cf "}.lst-kix_lfdxqe331k89-5>li:before{content:"\0025a0 "}ul.lst-kix_91g62kqwec1n-8{list-style-type:none}.lst-kix_91g62kqwec1n-5>li:before{content:"\0025a0 "}ul.lst-kix_7tyt6bpkpeun-6{list-style-type:none}ul.lst-kix_7tyt6bpkpeun-7{list-style-type:none}.lst-kix_gdjmrlbf1bc0-0>li:before{content:"\0025cf "}ul.lst-kix_7tyt6bpkpeun-4{list-style-type:none}.lst-kix_7tyt6bpkpeun-0>li:before{content:"\0025cf "}ul.lst-kix_7tyt6bpkpeun-5{list-style-type:none}.lst-kix_rfxe804vasvo-1>li:before{content:"\0025cb "}.lst-kix_bghnjgxvc7ij-7>li:before{content:"\0025cb "}.lst-kix_jearh3bkcya2-4>li:before{content:"\0025cb "}ul.lst-kix_7tyt6bpkpeun-8{list-style-type:none}.lst-kix_v4kywwnawwi1-1>li:before{content:"\0025cb "}.lst-kix_7tyt6bpkpeun-1>li:before{content:"\0025cb "}.lst-kix_ieibnn9zk9zy-0>li:before{content:"\0025cf "}.lst-kix_f44wt6l5fd2z-4>li:before{content:"\0025cb "}.lst-kix_yganm4mrgvck-6>li:before{content:"\0025cf "}.lst-kix_weegr7e6utbi-1>li:before{content:"\0025cb "}ul.lst-kix_7zjzqbwrpkjm-3{list-style-type:none}ul.lst-kix_7zjzqbwrpkjm-2{list-style-type:none}ul.lst-kix_7zjzqbwrpkjm-1{list-style-type:none}ul.lst-kix_7zjzqbwrpkjm-0{list-style-type:none}ul.lst-kix_7tyt6bpkpeun-3{list-style-type:none}ul.lst-kix_7tyt6bpkpeun-2{list-style-type:none}.lst-kix_f44wt6l5fd2z-6>li:before{content:"\0025cf "}ul.lst-kix_7tyt6bpkpeun-1{list-style-type:none}ul.lst-kix_7tyt6bpkpeun-0{list-style-type:none}.lst-kix_2mieegahdh2w-6>li:before{content:"\0025cf "}.lst-kix_9lopuf4j9p0n-7>li:before{content:"\0025cb "}.lst-kix_gdjmrlbf1bc0-6>li:before{content:"\0025cf "}.lst-kix_91g62kqwec1n-1>li:before{content:"\0025cb "}ul.lst-kix_lfdxqe331k89-0{list-style-type:none}ul.lst-kix_lfdxqe331k89-1{list-style-type:none}ul.lst-kix_lfdxqe331k89-2{list-style-type:none}ul.lst-kix_lfdxqe331k89-3{list-style-type:none}.lst-kix_d07eoiemqszj-1>li:before{content:"\0025cb "}.lst-kix_gkrhy9ftmdx5-6>li:before{content:"\0025cf "}.lst-kix_5xn4xca12dzt-7>li:before{content:"\0025cb "}.lst-kix_hhgio4gd2kqu-2>li:before{content:"\0025a0 "}.lst-kix_7zjzqbwrpkjm-4>li:before{content:"\0025cb "}ul.lst-kix_rfxe804vasvo-0{list-style-type:none}ul.lst-kix_rfxe804vasvo-2{list-style-type:none}.lst-kix_5xn4xca12dzt-4>li:before{content:"\0025cb "}ul.lst-kix_rfxe804vasvo-1{list-style-type:none}.lst-kix_jearh3bkcya2-7>li:before{content:"\0025cb "}ul.lst-kix_5xn4xca12dzt-6{list-style-type:none}.lst-kix_lfdxqe331k89-0>li:before{content:"\0025cf "}ul.lst-kix_rfxe804vasvo-8{list-style-type:none}ul.lst-kix_5xn4xca12dzt-5{list-style-type:none}ul.lst-kix_rfxe804vasvo-7{list-style-type:none}.lst-kix_rfxe804vasvo-7>li:before{content:"\0025cb "}ul.lst-kix_5xn4xca12dzt-8{list-style-type:none}ul.lst-kix_5xn4xca12dzt-7{list-style-type:none}ul.lst-kix_5xn4xca12dzt-2{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-6{list-style-type:none}ul.lst-kix_rfxe804vasvo-4{list-style-type:none}ul.lst-kix_5xn4xca12dzt-1{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-7{list-style-type:none}ul.lst-kix_rfxe804vasvo-3{list-style-type:none}ul.lst-kix_5xn4xca12dzt-4{list-style-type:none}ul.lst-kix_rfxe804vasvo-6{list-style-type:none}ul.lst-kix_bghnjgxvc7ij-8{list-style-type:none}ul.lst-kix_5xn4xca12dzt-3{list-style-type:none}ul.lst-kix_rfxe804vasvo-5{list-style-type:none}.lst-kix_v4kywwnawwi1-3>li:before{content:"\0025cf "}.lst-kix_d07eoiemqszj-8>li:before{content:"\0025a0 "}ul.lst-kix_5xn4xca12dzt-0{list-style-type:none}.lst-kix_bghnjgxvc7ij-2>li:before{content:"\0025a0 "}.lst-kix_5xn4xca12dzt-2>li:before{content:"\0025a0 "}.lst-kix_gkrhy9ftmdx5-8>li:before{content:"\0025a0 "}.lst-kix_9vpbdt1zxr8p-7>li:before{content:"\0025cb "}.lst-kix_jearh3bkcya2-8>li:before{content:"\0025a0 "}.lst-kix_9vpbdt1zxr8p-2>li:before{content:"\0025a0 "}.lst-kix_bghnjgxvc7ij-3>li:before{content:"\0025cf "}.lst-kix_hhgio4gd2kqu-1>li:before{content:"\0025cb "}.lst-kix_yganm4mrgvck-5>li:before{content:"\0025a0 "}.lst-kix_91g62kqwec1n-3>li:before{content:"\0025cf "}.lst-kix_yganm4mrgvck-4>li:before{content:"\0025cb "}.lst-kix_rfxe804vasvo-3>li:before{content:"\0025cf "}.lst-kix_pa29iojpk15k-2>li:before{content:"\0025a0 "}.lst-kix_pa29iojpk15k-7>li:before{content:"\0025cb "}.lst-kix_ieibnn9zk9zy-4>li:before{content:"\0025cb "}.lst-kix_91g62kqwec1n-0>li:before{content:"\0025cf "}.lst-kix_7zjzqbwrpkjm-7>li:before{content:"\0025cb "}.lst-kix_pa29iojpk15k-4>li:before{content:"\0025cb "}.lst-kix_hhgio4gd2kqu-4>li:before{content:"\0025cb "}.lst-kix_9vpbdt1zxr8p-1>li:before{content:"\0025cb "}.lst-kix_2mieegahdh2w-5>li:before{content:"\0025a0 "}.lst-kix_gkrhy9ftmdx5-1>li:before{content:"\0025cb "}.lst-kix_9lopuf4j9p0n-6>li:before{content:"\0025cf "}.lst-kix_ieibnn9zk9zy-5>li:before{content:"\0025a0 "}.lst-kix_rfxe804vasvo-4>li:before{content:"\0025cb "}ul.lst-kix_2mieegahdh2w-8{list-style-type:none}.lst-kix_gdjmrlbf1bc0-1>li:before{content:"\0025cb "}.lst-kix_9lopuf4j9p0n-2>li:before{content:"\0025a0 "}ul.lst-kix_v4kywwnawwi1-3{list-style-type:none}ul.lst-kix_v4kywwnawwi1-2{list-style-type:none}ul.lst-kix_v4kywwnawwi1-5{list-style-type:none}ul.lst-kix_v4kywwnawwi1-4{list-style-type:none}ul.lst-kix_v4kywwnawwi1-7{list-style-type:none}ul.lst-kix_v4kywwnawwi1-6{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-8{list-style-type:none}ul.lst-kix_v4kywwnawwi1-8{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-6{list-style-type:none}.lst-kix_9vpbdt1zxr8p-6>li:before{content:"\0025cf "}ul.lst-kix_2mieegahdh2w-5{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-7{list-style-type:none}.lst-kix_pa29iojpk15k-8>li:before{content:"\0025a0 "}ul.lst-kix_2mieegahdh2w-4{list-style-type:none}.lst-kix_9lopuf4j9p0n-4>li:before{content:"\0025cb "}ul.lst-kix_hhgio4gd2kqu-4{list-style-type:none}ul.lst-kix_2mieegahdh2w-7{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-5{list-style-type:none}ul.lst-kix_2mieegahdh2w-6{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-2{list-style-type:none}ul.lst-kix_2mieegahdh2w-1{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-3{list-style-type:none}ul.lst-kix_2mieegahdh2w-0{list-style-type:none}ul.lst-kix_v4kywwnawwi1-1{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-0{list-style-type:none}ul.lst-kix_2mieegahdh2w-3{list-style-type:none}ul.lst-kix_v4kywwnawwi1-0{list-style-type:none}ul.lst-kix_hhgio4gd2kqu-1{list-style-type:none}ul.lst-kix_2mieegahdh2w-2{list-style-type:none}.lst-kix_weegr7e6utbi-4>li:before{content:"\0025cb "}.lst-kix_pa29iojpk15k-5>li:before{content:"\0025a0 "}.lst-kix_yganm4mrgvck-7>li:before{content:"\0025cb "}.lst-kix_7zjzqbwrpkjm-5>li:before{content:"\0025a0 "}.lst-kix_9lopuf4j9p0n-1>li:before{content:"\0025cb "}.lst-kix_ieibnn9zk9zy-3>li:before{content:"\0025cf "}.lst-kix_9lopuf4j9p0n-8>li:before{content:"\0025a0 "}.lst-kix_bghnjgxvc7ij-4>li:before{content:"\0025cb "}.lst-kix_yganm4mrgvck-3>li:before{content:"\0025cf "}.lst-kix_7zjzqbwrpkjm-6>li:before{content:"\0025cf "}.lst-kix_jearh3bkcya2-3>li:before{content:"\0025cf "}.lst-kix_9lopuf4j9p0n-5>li:before{content:"\0025a0 "}.lst-kix_jearh3bkcya2-0>li:before{content:"\0025cf "}.lst-kix_5xn4xca12dzt-1>li:before{content:"\0025cb "}.lst-kix_ieibnn9zk9zy-7>li:before{content:"\0025cb "}.lst-kix_pa29iojpk15k-6>li:before{content:"\0025cf "}.lst-kix_weegr7e6utbi-8>li:before{content:"\0025a0 "}.lst-kix_v4kywwnawwi1-0>li:before{content:"\0025cf "}.lst-kix_gdjmrlbf1bc0-8>li:before{content:"\0025a0 "}.lst-kix_hhgio4gd2kqu-8>li:before{content:"\0025a0 "}.lst-kix_5xn4xca12dzt-3>li:before{content:"\0025cf "}.lst-kix_weegr7e6utbi-2>li:before{content:"\0025a0 "}.lst-kix_5xn4xca12dzt-8>li:before{content:"\0025a0 "}.lst-kix_gkrhy9ftmdx5-7>li:before{content:"\0025cb "}ul.lst-kix_yganm4mrgvck-0{list-style-type:none}ul.lst-kix_yganm4mrgvck-2{list-style-type:none}ul.lst-kix_yganm4mrgvck-1{list-style-type:none}.lst-kix_gdjmrlbf1bc0-3>li:before{content:"\0025cf "}.lst-kix_5xn4xca12dzt-0>li:before{content:"\0025cf "}ul.lst-kix_lfdxqe331k89-8{list-style-type:none}ul.lst-kix_lfdxqe331k89-6{list-style-type:none}ul.lst-kix_lfdxqe331k89-7{list-style-type:none}ul.lst-kix_lfdxqe331k89-4{list-style-type:none}ul.lst-kix_lfdxqe331k89-5{list-style-type:none}.lst-kix_rfxe804vasvo-5>li:before{content:"\0025a0 "}.lst-kix_bghnjgxvc7ij-8>li:before{content:"\0025a0 "}.lst-kix_v4kywwnawwi1-7>li:before{content:"\0025cb "}.lst-kix_f44wt6l5fd2z-8>li:before{content:"\0025a0 "}.lst-kix_d07eoiemqszj-5>li:before{content:"\0025a0 "}.lst-kix_91g62kqwec1n-7>li:before{content:"\0025cb "}ul.lst-kix_7zjzqbwrpkjm-5{list-style-type:none}ul.lst-kix_7zjzqbwrpkjm-4{list-style-type:none}.lst-kix_d07eoiemqszj-0>li:before{content:"\0025cf "}ul.lst-kix_7zjzqbwrpkjm-7{list-style-type:none}.lst-kix_2mieegahdh2w-0>li:before{content:"\0025cf "}ul.lst-kix_7zjzqbwrpkjm-6{list-style-type:none}ul.lst-kix_7zjzqbwrpkjm-8{list-style-type:none}.lst-kix_d07eoiemqszj-7>li:before{content:"\0025cb "}.lst-kix_jearh3bkcya2-6>li:before{content:"\0025cf "}.lst-kix_gkrhy9ftmdx5-4>li:before{content:"\0025cb "}.lst-kix_2mieegahdh2w-1>li:before{content:"\0025cb "}.lst-kix_5xn4xca12dzt-5>li:before{content:"\0025a0 "}.lst-kix_v4kywwnawwi1-5>li:before{content:"\0025a0 "}ul.lst-kix_gdjmrlbf1bc0-5{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-6{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-7{list-style-type:none}ul.lst-kix_gdjmrlbf1bc0-8{list-style-type:none}.lst-kix_f44wt6l5fd2z-0>li:before{content:"\0025cf "}.lst-kix_2mieegahdh2w-2>li:before{content:"\0025a0 "}ol{margin:0;padding:0}.c1{widows:2;orphans:2;direction:ltr;margin-left:36pt}.c4{widows:2;orphans:2;direction:ltr;margin-left:54pt}.c9{widows:2;orphans:2;direction:ltr;margin-left:72pt}.c7{widows:2;orphans:2;direction:ltr;page-break-after:avoid}.c6{widows:2;orphans:2;height:11pt;direction:ltr}.c11{widows:2;orphans:2;direction:ltr}.c19{max-width:468pt;background-color:#ffffff;padding:72pt 72pt 72pt 72pt}.c14{background-color:#d9d9d9;font-family:"Consolas"}.c0{color:inherit;text-decoration:inherit}.c8{margin:0;padding:0}.c2{color:#1155cc;text-decoration:underline}.c22{font-size:13pt;font-family:"Trebuchet MS"}.c20{color:#8e7cc3}.c5{padding-left:0pt}.c13{margin-left:108pt}.c10{color:#bf9000}.c21{padding-top:10pt}.c17{margin-left:18pt}.c15{color:#f6b26b}.c16{font-style:italic}.c12{color:#cc4125}.c3{font-weight:bold}.c18{padding-top:8pt}.title{widows:2;padding-top:0pt;line-height:1.15;orphans:2;text-align:left;color:#000000;font-size:21pt;font-family:"Trebuchet MS";padding-bottom:0pt;page-break-after:avoid}.subtitle{widows:2;padding-top:0pt;line-height:1.15;orphans:2;text-align:left;color:#999999;font-size:11pt;background-color:#efefef;font-family:"Consolas";padding-bottom:0pt}li{color:#000000;font-size:11pt;font-family:"Arial"}p{color:#000000;font-size:11pt;margin:0;font-family:"Arial"}h1{widows:2;padding-top:10pt;line-height:1.15;orphans:2;text-align:left;color:#000000;font-size:16pt;font-family:"Trebuchet MS";padding-bottom:0pt;page-break-after:avoid}h2{widows:2;padding-top:10pt;line-height:1.15;orphans:2;text-align:left;color:#000000;font-size:13pt;font-family:"Trebuchet MS";font-weight:bold;padding-bottom:0pt;page-break-after:avoid}h3{widows:2;padding-top:8pt;line-height:1.15;orphans:2;text-align:left;color:#666666;font-size:12pt;font-family:"Trebuchet MS";font-weight:bold;padding-bottom:0pt;page-break-after:avoid}h4{widows:2;padding-top:8pt;line-height:1.15;orphans:2;text-align:left;color:#666666;font-size:11pt;text-decoration:underline;font-family:"Trebuchet MS";padding-bottom:0pt;page-break-after:avoid}h5{widows:2;padding-top:8pt;line-height:1.15;orphans:2;text-align:left;color:#666666;font-size:11pt;font-family:"Trebuchet MS";padding-bottom:0pt;page-break-after:avoid}h6{widows:2;padding-top:8pt;line-height:1.15;orphans:2;text-align:left;color:#666666;font-style:italic;font-size:11pt;font-family:"Trebuchet MS";padding-bottom:0pt;page-break-after:avoid} -->


DrupalCon Bogotá just finished up, and critical issue-wise we've managed to stay in the 50s for a few days (down from a high of 150 last summer!), so now seems like as good a time as any to write down what's left to ship Drupal 8!

This post will attempt to document all of the remaining 55 criticals (as of this writing), and attempt to offer a somewhat "plain English" (or at least "Drupal English" ;)) description of each, loosely categorized into larger areas in which we could really use extra help. There are over 2,600 contributors to Drupal 8 at this time, please join us!

(Note: These descriptions might not be 100% accurate; this is my best approximation based on the issue summary and last few comments of each issue. If I got the description of your pet issue wrong, please update your issue summary. ;))

Table of contents

Quick vocabulary lesson

Current state of critical issues

Security

Security Parity with Drupal 7

Session and User Authentication API

REST

New security improvements

Performance

Profiling

Fix regressions relative to Drupal 7

Entity Field API

Views

Configuration system

"Fix it, or else"

General house-keeping

Other

Thrilling conclusion! (also known as "TL;DR")

Quick vocabulary lesson

Within this list, there are numerous "markers" used to signify that some of the issues in this list are more important to fix ASAP. These are:

  • D8 upgrade path: An issue tagged D8 upgrade path (currently, 13) means it blocks a beta-to-beta upgrade path for Drupal 8, generally because they materially impact the data schema or they impact security. Once we resolve all of these blockers, early adopters will no longer need to reinstall Drupal between beta releases, but can just run the update.php script as normal. This is currently our biggest priority.
  • Blocker: An issue tagged blocker (currently, 5) means it blocks other issues from being worked on. This is currently our second-biggest priority (or 0th priority in the case an issue blocks a D8 upgrade path issue :D). I've noted these as "sub-bullets" of the issues that are blocking them.
  • Postponed: Issues that are marked postponed (currently, 9) are either currently blocked by one of the "Blocker" issues, or we've deliberately chosen to leave off until later.
  • >30 days: These patches have a patch more than 30 days old, and/or were last meaningfully commented on >30 days ago. If you're looking for a place to start, re-rolling these is always helpful!
  • No patch: This issue doesn't have a patch yet. Oh the humanity! Want to give it a shot?

Other weird core issue nomenclature:

  • "meta" means a discussion/planning issue, with the actual patch action happening in related/child issues.
  • "PP-3" means "this issue is postponed on 3 other issues" (PP-1 means 1 other issue; you get the drift).
Current state of critical issues

Sections roughly organized from "scariest" to "least scary" in terms of how likely they are to make Drupal 8 take a longer time to come out.

Security

Because Drupal 8 hasn't shipped yet, it's not following Drupal's standard Security Advisory policy, so there are still outstanding, public security issues (13 as of this writing). We need to resolve most of these prior to providing a Drupal 8 beta-to-beta upgrade path, as this is the time when we signal to early adopters that it's an OK time to start cautiously building real sites on Drupal 8.

Skills needed: Various

Security Parity with Drupal 7

This class of security issue is to ensure that when Drupal 8 ships, it won't have any regressions security-wise relative to Drupal 7.

  • Port SA-CONTRIB-2013-096 to D8 (D8 upgrade path) Here's one such issue for Entity Reference module. SA-CONTRIB-2013-096 addressed a relatively esoteric remote access bypass bug, and the patch needs to be forward-ported to Drupal 8.
  • Port SA-CONTRIB-2015-039 to D8 (D8 upgrade path)  SA-CONTRIB-2015-039 addressed two issues in Views module, a redirect and default permissions for disabled views. The first was fixed in D8, but access checks are still missing from a few views for the second.

Session and User Authentication API

Because of various intricate dependencies, the authentication part of Drupal 8 isn't yet converted to object-oriented code, and prevents us from further optimizing bootstrap. This set of issues fixes various problems with this part of the code, and ensures these important security APIs are complete and ready to ship.

REST
  • REST user updates bypass tightened user account change validation (D8 upgrade path) Since Drupal 7, when you edit your user account, you have to provide the existing password when you want to change the password or e-mail. This security feature is currently by-passed by REST user updates as you can change the password or e-mail without providing the password.
  • External caches mix up response formats on URLs where content negotiation is in use (>30 days) Drupal 8's request processing system is currently based on content negotiation (which allows you to serve multiple versions of a document at the same URI based on what headers are sent e.g. Accept: text/html or Accept: application/json). This is generally considered the "right way" to do REST. However, various external caches and CDNs have trouble with this mechanism, and can mix them up and can send random formats back. The issue proposes changing from content negotiation to separate, distinct paths such as /node/1.json.

New security improvements

These issues affect new security improvements we want to make over and above what Drupal 7 does.

  • [meta] Document or remove every SafeMarkup::set() call One of the big security improvements in Drupal 8 is the introduction of Twig's autoescape feature, which ensures that all output to the browser is escaped by default. However, this is quite a big change that requires all of the code that was previously escaping content to stop doing that, else it gets double-escaped (so you start seeing < and " and whatnot in the UI). We originally introduced the ability to manually mark markup safe with SafeMarkup::set(), but the recommended approach is actually to use Twig everywhere, so this issue is to ensure that all remaining instances of the manual way are fixed, or at least documented to explain why they're using the non-recommended method.
  • Passing in #markup to drupal_render is problematic (>30 days) Another issue in the Twig autoescape space, we need to ensure that markup set by the "#markup" in e.g. form definitions is properly escaped.
  • Limit PDO MySQL to executing single statements if PHP supports it Remember SA-CORE-2014-005? Yeah, so do we. ;) This issue is to make sure that if another SQL injection vulnerability is ever found again, the damage it can do is more limited by eliminating the ability for MySQL to execute multiple queries per PDO statement.

Performance

Tied with security, 13 of the remaining issues are tagged Performance. While it may seem odd/scary to have this be a big chunk of the work left, it's a common practice to avoid premature optimization, and instead focus on optimization once all of the foundations are in place.

Skills needed: Profiling, caching, optimization, render API

Profiling

Here are a sub-set of issues where we need performance profiling to determine what gives us the biggest bang for our effort.

Fix regressions relative to Drupal 7
  • [meta] Resolve known performance regressions in Drupal 8 This is the main tracking issue in this space. During the 8.x cycle we've introduced several known performance regressions compared to Drupal 7 (sometimes to make progress on features/functionality, other times because we introduced changes that we hoped would buy us better scalability down the line), which we need to resolve before release so that Drupal 8 isn't slower than Drupal 7. The performance team meets weekly and tracks their progress in a detailed spreadsheet.
Entity Field API

Tracked under the Entity Field API tag (currently 6 issues).

Skills needed: Entity/Field API, Form API, Schema API

  • Schema for newly defined entity types is never created (D8 upgrade path) When you first install a module that defines an entity type (for example, Comment), its database tables are correctly generated. However, if an entity definition is later added by a developer to an already-installed module, the related database schema won't get created, nor will it be detected in update.php as an out-of-date update to run.
  • FileFormatterBase should extend EntityReferenceFormatterBase (D8 upgrade path) Entity Reference fields define a EntityReferenceFormatterBase class, which contains logic about which entities to display in the lookup, including non-existing entities and autocreated entities. File field's FileFormatterBase class currently duplicates that logic, except it misses some parts, including access checking, which makes this a security issue. The issue proposes to simply make File field's base class a sub-class of Entity Reference's, removing the need of "sort of but not quite the same" code around key infrastructure.
  • FieldTypePluginManager cannot instantiate FieldType plugins, good thing TypedDataManager can instantiate just about anything Currently, you get a fatal error if you attempt to use Drupal 8's Plugin API to create a new instance of a field type. The current code in core is avoiding this problem by going roundabout via the Typed Data API instead. This issue's critical because these are two of the most central APIs in Drupal 8, and they should work as expected.
  • [META] Untie content entity validation from form validation Despite all the work to modernize Drupal 8 into a first-class REST server, there still remain places where validation is within form validation functions, rather as part of the proper entity validation API, which means REST requests (or other types of workflows that bypass form submissions) are missing validation routines. This meta issue tracks progress of moving the logic to its proper place.
  • Entity forms skip validation of fields that are edited without widgets (>30 days) If a field can be edited with a form element that is not a Field API widget, we do not validate its value at the field-level (i.e., check it against the field's constraints). Fixing this issue requires ensuring that all entity forms only use widgets for editing field values.
  • Entity forms skip validation of fields that are not in the EntityFormDisplay (No patch, >30 days) Drupal 8 has a new feature called "form modes" (basically analogous to "view modes" in Drupal 7, except allowing you to set up multiple forms for a given entity instead). Currently, we're only validating fields that are displayed on a given form mode, even though those fields might have validation constraints on other fields that are not displayed. Critical because it could present a security issue.
Views

Views issues are generally tracked with the VDC tag. There are currently 6 criticals at this point which touch on Views (some already covered in earlier sections).

Configuration system

The configuration system is remarkably close to being shippable! Only 4 critical issues left. We're now working on finalizing the niggly bits around edge cases that involve configuration that depends on other configuration.

Skills needed: Configuration system, Entity Field API, Views

"Fix it, or else"

This subset of issues are things that are part of core currently, and we would really like to keep, but are willing to make some hard choices in the event they are among the last remaining criticals blocking release. The "postponed" among this list means "postponed until we're down to only a handful of criticals left." If these issues end up remaining in the list, we will move their functionality to contrib, and hope to add it back to core in a later point release if it gets fixed up.

Skills required: Various, but mainly low-level infrastructure and non-MySQL database skills.

  • [meta] Drupal.org (websites/infra) blockers to a Drupal 8 release (Blocker) This issue contains a "grab bag" of Drupal.org blockers that prevent an optimal Drupal 8 release, including things like semantic versioning support, testing support for multiple PHP/database versions, and support for Composer-based installations. If this issue is one of the last remaining criticals, we might choose to ship Drupal 8 anyway, and jettison one or more features in the process, such as…
  • [Meta] Make Drupal 8 work with PostgreSQL The meta/planning issue for fixing PostgreSQL (both in terms of functionality and in terms of failing tests). bzrudi71 is predominantly leading the charge here and making steady progress, but more hands would be greatly appreciated.
  • [meta] Database tests fail on SQLite (>30 days) Same deal as PostgreSQL but for SQLite. Unlike PostgreSQL though, this one doesn't have anyone leading the charge at this time, and it's also a lot harder to punt this to contrib, since we use it for various things such as testbot. Help wanted!

General house-keeping

These are all basic things we need to keep on top of between now and release, to ensure that when we're down to only a handful of criticals, we're ready to ship a release candidate. The good news is, these are also all generally really easy patches to make, and often also to test.

Skills needed: Basic patch rolling / reviewing / testing skills. (good for newbies!)

  • [meta] Ship minified versions of external JavaScript libraries (Postponed) Basically, in the Gilded Mobile Age™ we want to ensure that we're sending as little over the wire as possible, so scrunching various JS libraries down to the smallest possible file size needs to be the default. Separate issue from above because it needs to happen for both updated and existing JS libraries. Postponed because there'll be less work to do once all of the out-of-date JS libraries are updated and minified at the same time.
Other

I couldn't figure out a nice heading for these, so here's the rest.

  • Remove _system_path from $request->attributes Symfony provides a $request object, which has an "attributes" property for the purpose of storing various contextual bits. But the problem with $request->attributes->get('_MAGIC_KEY') is that the values are undocumented, there's no IDE autocompletion, and it's not clear which are internal vs. public properties, so we have an issue at [meta] Stop using $request->attributes->get(MAGIC_KEY) as a public API. to try and stop doing that.

    However, _system_path in particular is used a ton, since it's very common to want to know the path of the current request. The patch exposes a "CurrentPath" service instead, which eliminates all of those issues.
  • Potential data loss: concurrent node edits leak through preview Because the temp store that Drupal 8's new node preview system employs uses an entity's ID as the key, rather than something uniquely identifiable to a user, if two users are editing the same node and hit preview at the same time, one of them is going to lose data due to a race condition.
  • Ajax file uploads fail on IE 9 Pretty much exactly what it says on the tin. :P
Thrilling conclusion! (also known as "TL;DR")

Well, not so thrilling, but at least a conclusion. :)

  • Anywhere you see a blocker issue, attack it with fire. Those are holding other criticals up.
  • The biggest area of focus right now is D8 upgrade path blockers. Many of them are security issues.
  • Another big area is Performance, both fixing existing regressions, and profiling to determine where our biggest wins are.
  • Views and Entity Field API are tied in third place for number of remaining criticals. Let's have a race, shall we? ;)
  • The configuration system is looking pretty good, but still has a handful of sticky issues left.
  • There are a series of important features we'll lose if they're not fixed up in time.
  • If you're looking for something somewhat easy/mundane, help yourself to one of the general house-keeping issues.
  • Don't forget about the other miscellaneous issues I was too tired to categorize.

Sorry this post was so long (and probably has its share of inaccuracies) but I hope it will be helpful to some. It's basically what I needed to get back up to speed after taking a few months off of Drupal 8, so figured I'd document my way to understanding.

Now, let's get 'er done! :D

Tags: drupal 8drupaldrupal core diaries

Angie Byron: Webchick's "plain Drupal English" Guide to the Remaining Drupal 8 Critical Issues: DrupalCon Bogotá Edition

Planet DrupalSat, 02/14/2015 - 09:09

Categories:

Drupal

(Apologies for the atrocious state of the HTML that follows; this content is originally from this Google Doc.)

Webchick's "plain Drupal English" Guide to the Remaining Drupal 8 Critical Issues: DrupalCon Bogotá Edition

DrupalCon Bogotá just finished up, and critical issue-wise we've managed to stay in the 50s for a few days (down from a high of 150 last summer!), so now seems like as good a time as any to write down what's left to ship Drupal 8!

This post will attempt to document all of the remaining 55 criticals (as of this writing), and attempt to offer a somewhat "plain English" (or at least "Drupal English" ;)) description of each, loosely categorized into larger areas in which we could really use extra help. There are over 2,600 contributors to Drupal 8 at this time, please join us!

(Note: These descriptions might not be 100% accurate; this is my best approximation based on the issue summary and last few comments of each issue. If I got the description of your pet issue wrong, please update your issue summary. ;))

Table of contents

Quick vocabulary lesson

Current state of critical issues

Security

Security Parity with Drupal 7

Session and User Authentication API

REST

New security improvements

Performance

Profiling

Fix regressions relative to Drupal 7

Entity Field API

Views

Configuration system

"Fix it, or else"

General house-keeping

Other

Thrilling conclusion! (also known as "TL;DR")

Quick vocabulary lesson

Within this list, there are numerous "markers" used to signify that some of the issues in this list are more important to fix ASAP. These are:

  • D8 upgrade path: An issue tagged D8 upgrade path (currently, 13) means it blocks a beta-to-beta upgrade path for Drupal 8, generally because they materially impact the data schema or they impact security. Once we resolve all of these blockers, early adopters will no longer need to reinstall Drupal between beta releases, but can just run the update.php script as normal. This is currently our biggest priority.
  • Blocker: An issue tagged blocker (currently, 5) means it blocks other issues from being worked on. This is currently our second-biggest priority (or 0th priority in the case an issue blocks a D8 upgrade path issue :D). I've noted these as "sub-bullets" of the issues that are blocking them.
  • Postponed: Issues that are marked postponed (currently, 9) are either currently blocked by one of the "Blocker" issues, or we've deliberately chosen to leave off until later.
  • >30 days: These patches have a patch more than 30 days old, and/or were last meaningfully commented on >30 days ago. If you're looking for a place to start, re-rolling these is always helpful!
  • No patch: This issue doesn't have a patch yet. Oh the humanity! Want to give it a shot?

Other weird core issue nomenclature:

  • "meta" means a discussion/planning issue, with the actual patch action happening in related/child issues.
  • "PP-3" means "this issue is postponed on 3 other issues" (PP-1 means 1 other issue; you get the drift).
Current state of critical issues

Sections roughly organized from "scariest" to "least scary" in terms of how likely they are to make Drupal 8 take a longer time to come out.

Security

Because Drupal 8 hasn't shipped yet, it's not following Drupal's standard Security Advisory policy, so there are still outstanding, public security issues (13 as of this writing). We need to resolve most of these prior to providing a Drupal 8 beta-to-beta upgrade path, as this is the time when we signal to early adopters that it's an OK time to start cautiously building real sites on Drupal 8.

Skills needed: Various

Security Parity with Drupal 7

This class of security issue is to ensure that when Drupal 8 ships, it won't have any regressions security-wise relative to Drupal 7.

  • Port SA-CONTRIB-2013-096 to D8 (D8 upgrade path) Here's one such issue for Entity Reference module. SA-CONTRIB-2013-096 addressed a relatively esoteric remote access bypass bug, and the patch needs to be forward-ported to Drupal 8.
  • Port SA-CONTRIB-2015-039 to D8 (D8 upgrade path)  SA-CONTRIB-2015-039 addressed two issues in Views module, a redirect and default permissions for disabled views. The first was fixed in D8, but access checks are still missing from a few views for the second.

Session and User Authentication API

Because of various intricate dependencies, the authentication part of Drupal 8 isn't yet converted to object-oriented code, and prevents us from further optimizing bootstrap. This set of issues fixes various problems with this part of the code, and ensures these important security APIs are complete and ready to ship.

REST
  • REST user updates bypass tightened user account change validation (D8 upgrade path) Since Drupal 7, when you edit your user account, you have to provide the existing password when you want to change the password or e-mail. This security feature is currently by-passed by REST user updates as you can change the password or e-mail without providing the password.
  • External caches mix up response formats on URLs where content negotiation is in use (>30 days) Drupal 8's request processing system is currently based on content negotiation (which allows you to serve multiple versions of a document at the same URI based on what headers are sent e.g. Accept: text/html or Accept: application/json). This is generally considered the "right way" to do REST. However, various external caches and CDNs have trouble with this mechanism, and can mix them up and can send random formats back. The issue proposes changing from content negotiation to separate, distinct paths such as /node/1.json.

New security improvements

These issues affect new security improvements we want to make over and above what Drupal 7 does.

  • [meta] Document or remove every SafeMarkup::set() call One of the big security improvements in Drupal 8 is the introduction of Twig's autoescape feature, which ensures that all output to the browser is escaped by default. However, this is quite a big change that requires all of the code that was previously escaping content to stop doing that, else it gets double-escaped (so you start seeing < and " and whatnot in the UI). We originally introduced the ability to manually mark markup safe with SafeMarkup::set(), but the recommended approach is actually to use Twig everywhere, so this issue is to ensure that all remaining instances of the manual way are fixed, or at least documented to explain why they're using the non-recommended method.
  • Passing in #markup to drupal_render is problematic (>30 days) Another issue in the Twig autoescape space, we need to ensure that markup set by the "#markup" in e.g. form definitions is properly escaped.
  • Limit PDO MySQL to executing single statements if PHP supports it Remember SA-CORE-2014-005? Yeah, so do we. ;) This issue is to make sure that if another SQL injection vulnerability is ever found again, the damage it can do is more limited by eliminating the ability for MySQL to execute multiple queries per PDO statement.

Performance

Tied with security, 13 of the remaining issues are tagged Performance. While it may seem odd/scary to have this be a big chunk of the work left, it's a common practice to avoid premature optimization, and instead focus on optimization once all of the foundations are in place.

Skills needed: Profiling, caching, optimization, render API

Profiling

Here are a sub-set of issues where we need performance profiling to determine what gives us the biggest bang for our effort.

Fix regressions relative to Drupal 7
  • [meta] Resolve known performance regressions in Drupal 8 This is the main tracking issue in this space. During the 8.x cycle we've introduced several known performance regressions compared to Drupal 7 (sometimes to make progress on features/functionality, other times because we introduced changes that we hoped would buy us better scalability down the line), which we need to resolve before release so that Drupal 8 isn't slower than Drupal 7. The performance team meets weekly and tracks their progress in a detailed spreadsheet.
Entity Field API

Tracked under the Entity Field API tag (currently 6 issues).

Skills needed: Entity/Field API, Form API, Schema API

  • Schema for newly defined entity types is never created (D8 upgrade path) When you first install a module that defines an entity type (for example, Comment), its database tables are correctly generated. However, if an entity definition is later added by a developer to an already-installed module, the related database schema won't get created, nor will it be detected in update.php as an out-of-date update to run.
  • FileFormatterBase should extend EntityReferenceFormatterBase (D8 upgrade path) Entity Reference fields define a EntityReferenceFormatterBase class, which contains logic about which entities to display in the lookup, including non-existing entities and autocreated entities. File field's FileFormatterBase class currently duplicates that logic, except it misses some parts, including access checking, which makes this a security issue. The issue proposes to simply make File field's base class a sub-class of Entity Reference's, removing the need of "sort of but not quite the same" code around key infrastructure.
  • FieldTypePluginManager cannot instantiate FieldType plugins, good thing TypedDataManager can instantiate just about anything Currently, you get a fatal error if you attempt to use Drupal 8's Plugin API to create a new instance of a field type. The current code in core is avoiding this problem by going roundabout via the Typed Data API instead. This issue's critical because these are two of the most central APIs in Drupal 8, and they should work as expected.
  • [META] Untie content entity validation from form validation Despite all the work to modernize Drupal 8 into a first-class REST server, there still remain places where validation is within form validation functions, rather as part of the proper entity validation API, which means REST requests (or other types of workflows that bypass form submissions) are missing validation routines. This meta issue tracks progress of moving the logic to its proper place.
  • Entity forms skip validation of fields that are edited without widgets (>30 days) If a field can be edited with a form element that is not a Field API widget, we do not validate its value at the field-level (i.e., check it against the field's constraints). Fixing this issue requires ensuring that all entity forms only use widgets for editing field values.
  • Entity forms skip validation of fields that are not in the EntityFormDisplay (No patch, >30 days) Drupal 8 has a new feature called "form modes" (basically analogous to "view modes" in Drupal 7, except allowing you to set up multiple forms for a given entity instead). Currently, we're only validating fields that are displayed on a given form mode, even though those fields might have validation constraints on other fields that are not displayed. Critical because it could present a security issue.
Views

Views issues are generally tracked with the VDC tag. There are currently 6 criticals at this point which touch on Views (some already covered in earlier sections).

Configuration system

The configuration system is remarkably close to being shippable! Only 4 critical issues left. We're now working on finalizing the niggly bits around edge cases that involve configuration that depends on other configuration.

Skills needed: Configuration system, Entity Field API, Views

"Fix it, or else"

This subset of issues are things that are part of core currently, and we would really like to keep, but are willing to make some hard choices in the event they are among the last remaining criticals blocking release. The "postponed" among this list means "postponed until we're down to only a handful of criticals left." If these issues end up remaining in the list, we will move their functionality to contrib, and hope to add it back to core in a later point release if it gets fixed up.

Skills required: Various, but mainly low-level infrastructure and non-MySQL database skills.

  • [meta] Drupal.org (websites/infra) blockers to a Drupal 8 release (Blocker) This issue contains a "grab bag" of Drupal.org blockers that prevent an optimal Drupal 8 release, including things like semantic versioning support, testing support for multiple PHP/database versions, and support for Composer-based installations. If this issue is one of the last remaining criticals, we might choose to ship Drupal 8 anyway, and jettison one or more features in the process, such as…
  • [Meta] Make Drupal 8 work with PostgreSQL The meta/planning issue for fixing PostgreSQL (both in terms of functionality and in terms of failing tests). bzrudi71 is predominantly leading the charge here and making steady progress, but more hands would be greatly appreciated.
  • [meta] Database tests fail on SQLite (>30 days) Same deal as PostgreSQL but for SQLite. Unlike PostgreSQL though, this one doesn't have anyone leading the charge at this time, and it's also a lot harder to punt this to contrib, since we use it for various things such as testbot. Help wanted!

General house-keeping

These are all basic things we need to keep on top of between now and release, to ensure that when we're down to only a handful of criticals, we're ready to ship a release candidate. The good news is, these are also all generally really easy patches to make, and often also to test.

Skills needed: Basic patch rolling / reviewing / testing skills. (good for newbies!)

  • [meta] Ship minified versions of external JavaScript libraries (Postponed) Basically, in the Gilded Mobile Age™ we want to ensure that we're sending as little over the wire as possible, so scrunching various JS libraries down to the smallest possible file size needs to be the default. Separate issue from above because it needs to happen for both updated and existing JS libraries. Postponed because there'll be less work to do once all of the out-of-date JS libraries are updated and minified at the same time.
Other

I couldn't figure out a nice heading for these, so here's the rest.

  • Remove _system_path from $request->attributes Symfony provides a $request object, which has an "attributes" property for the purpose of storing various contextual bits. But the problem with $request->attributes->get('_MAGIC_KEY') is that the values are undocumented, there's no IDE autocompletion, and it's not clear which are internal vs. public properties, so we have an issue at [meta] Stop using $request->attributes->get(MAGIC_KEY) as a public API. to try and stop doing that.

    However, _system_path in particular is used a ton, since it's very common to want to know the path of the current request. The patch exposes a "CurrentPath" service instead, which eliminates all of those issues.
  • Potential data loss: concurrent node edits leak through preview Because the temp store that Drupal 8's new node preview system employs uses an entity's ID as the key, rather than something uniquely identifiable to a user, if two users are editing the same node and hit preview at the same time, one of them is going to lose data due to a race condition.
  • Ajax file uploads fail on IE 9 Pretty much exactly what it says on the tin. :P
Thrilling conclusion! (also known as "TL;DR")

Well, not so thrilling, but at least a conclusion. :)

  • Anywhere you see a blocker issue, attack it with fire. Those are holding other criticals up.
  • The biggest area of focus right now is D8 upgrade path blockers. Many of them are security issues.
  • Another big area is Performance, both fixing existing regressions, and profiling to determine where our biggest wins are.
  • Views and Entity Field API are tied in third place for number of remaining criticals. Let's have a race, shall we? ;)
  • The configuration system is looking pretty good, but still has a handful of sticky issues left.
  • There are a series of important features we'll lose if they're not fixed up in time.
  • If you're looking for something somewhat easy/mundane, help yourself to one of the general house-keeping issues.
  • Don't forget about the other miscellaneous issues I was too tired to categorize.

Sorry this post was so long (and probably has its share of inaccuracies) but I hope it will be helpful to some. It's basically what I needed to get back up to speed after taking a few months off of Drupal 8, so figured I'd document my way to understanding.

Now, let's get 'er done! :D

Tags: drupal 8drupaldrupal core diaries

Tony Abbott is not alone in using the word holocaust to score political points

Datablog (the Guardian)Sat, 02/14/2015 - 03:23

Categories:

Visualization

The prime minister was latest, but representatives of all parties have used the sensitive term in a moment of parliamentary hyperbole

The prime minister, Tony Abbott, has apologised after accusing Labor of creating a “holocaust” in defence industry jobs, with the use of the word slammed by some as offensive.

However, it isn’t the first time the word has been used in such a way in parliament. Using OpenAustralia’s searchable Hansard, which goes back to 2006, we can count the number of times the word has been used, and how.

Continue reading...

Google Helpouts Heads To The Big Vid Chat In The Sky

Read/Write WebSat, 02/14/2015 - 01:43

Categories:

Web

Google Wave and Google Reader will soon have some company: Turns out, Google Helpouts is not long for this world. The company will shutter the online expert help service on April 20.

Helpouts seems to be slowly dissolving. TechCrunch noticed the disappearance of its iPhone app today, following the previous removal of its Android app. The website still works for now, but will go offline in the next couple of months.

See also: Google Now Gives Hypochrondriacs What They Want

In the world of Google services, Helpouts—which uses Google Hangouts to offer live video help from experts on various topics—was just a toddler, having launched near the end of 2013. In that brief time, it gained few fans. I contacted the company asking why it chose to shut Helpouts down now, and a representative pointed me to this new support document. A snippet of the text explains the about-face:

The Helpouts community includes some engaged and loyal contributors, but unfortunately, it hasn't grown at the pace we had expected.

That may have been due to several factors. It seems to be quite low on Google’s list of priorities—it was never a high-profile service for the company's publicity machine, and Google neglected to release updates for it. It also charges for some of its help, with amounts varying by topic or expert.

The company couldn't charge for Helpouts in Europe due to the complications stemming from changing EU tax codes. Essentially, the company had to give away its primo expert help to make it work. (Or figure out how to plaster live video chats with ads without ticking people off. But that was never going to happen.) 

The concept may have been flawed to begin with. Charging people for advice when the Web already offers so much free help on fashion, cooking, tech support, photography and other topics seems ill-conceived. In fact, Google itself competed with Helpouts via how-to videos on YouTube and the canned answers it provides in search via its Knowledge Graph. In fact, the latter just got an update adding even more information for health and medical conditions.

Let this be a lesson: Google may giveth, but it also taketh away. And it does, fairly regularly.

Starting April 20, the five or six people out there who actually used Helpouts will be able to download their history via Google Takeout until November 1, 2015.

Lead image courtesy of Google

Subscribe to The Universal Pantograph aggregator