Sf.net changed use of project web

Perhaps we became unable to access project web directory via SSH. According to a topic in Community Discussion Forums, it became possible to read/write porject web directory vis web.sourceforge.net easily.

rsync -av {your_directory} {account},{project unix-name}@web.sourceforge.net:htdocs

If you need to get files from project web directory, exchange source with target:

rsync -av {account},{project unix-name}@web.sourceforge.net:htdocs {your_directory}

It became impossible to use something, because we are not able to use SSH. But, members who don't bring to our project became unable to access to our directory. That's important for security of us.

Beta of Tacker2

Have you ever read "SourceForge.net Service Operations bulletin 2008-09-12"? You may read interesting news from the news letter. At first, projects that host at sf.net become able to use new applications --- phpBB, MediaWiki and LimeSurvey. These applications are under sourceforge control, so we don't need to do something for maintenance. And users can login to those application with account/password of sf.net. For more informations, read this topic.

Next, sourceforge is developing a new version of their tracker system. We, users may try it anytime. Click "Try it" at a head of our tracker system page:



By that, we can use beta of tracker 2. It needs your feed back! And, we may back to stable tracker system anytime.



For more informations of the beta, read this topic.

Busy at the office

My recent weekday's schedule is:

• 23:45 Come home.
  
• 00:50 Go to the bed.
  
• 07:00 Uprising.
  
• 07:40 Go to work.
  

In XCL 2.1 development, I've cut out sleeping to get free time. I was tired by overnight efforts sometimes. I feel deep regret for what officially and privately were not good. It's impossible to do it now. Programers need 6h for sleeping to do their best.

However, I have to find a way. There is nothing in weekday. This could go on forever, if I don't do something to change.

The biggest problem is that I take pleasure in work.

X68k+LGPL

When I got the relation to Public Domain Software, my main PC was X68000 (made by SHARP) that is one of the best PC in Japan PC's history. X68000 had an excellent architecture, the best world to enjoy creations and the same spec as GENESIS to develop a video game. Many programers learned programing with X68000 and most of them became a video game programer. I'm one of them.

There are two C compilers in X68k that are XC(*)+XCLIB (SHARP SDK) and gcc+libc. SHARP SDK was not free, but gcc+libc was free. We, X68k programers had released many free software but had not considered licenses. The most popular combination was gcc+XCLIB. gcc was able to optimize programs than XC. And, XCLIB is smaller than libc because XCLIB was written by the machine language. We had liked the gcc+XCLIB combination that programers who did not have SHARP SDK could not compile. For that, most programers prepared better makefile to compile programs with both of SHARP SDK and gcc+libc.

(*) This XC is not XOOPS Cube. We called X68k C compiler "XC".

PDS(Public Domain Software) was known, but "Open Source" was not defined yet. But programers loved freedom and knew what programers should do.

However, most X68k programers did not use dynamic link to use libraries. If a program links libc with static link, the program has to be LGPL. If the license of the program can not be linked with LGPL, that's the actions that are not allowed. Also it is not allowed to link XCLIB to programs having GPL/LGPL code.

We may have made small boo-boo. But, our world was really freedom. I think our world did not have a problem. You may call such a world anarchy. That was really open, even if there were not GPL/LGPL.

ImpressCMS is available

Oh, ImpressCMS that was forked from XOOPS became available. The biggest feature of Impress CMS is that developers write programs. Any abilities for action are a nice. They changed their wish to their result. Cool!

And, it seems that ImpressCMS is not controled under the foundation. Very good. The XOOPS foundation released a long long announce. Meanwhile, the ImpressCMS released a software. ;)

Like Cube became warfare in the XOOPS community, ImpressCMS became a problem. Someone said that is a political fight. But I imagine that ImpressCMS developers got angry in the foundation that doesn't try to perform XOOPS development. XOOPS is freedom software, so it's correct that they chose to develop themselves.

I like anarchy, so I think the biggest miss of XOOPS is the XOOPS foundation. I don't know what the foundation has been useful for. The current ImpressCMS is a kind of distribution. They had to fork, to only release such a package. In XOOPS Cube case, they don't need to fork, because XOOPS Cube recommends actual actions.

Some people say that "an organization" is useful. But I don't think so. XOOPS is a volunteer activity by citizens. Too short free time of citizens should not be used for organization game.

Some people think that the organization collecting people is able to do something. But, even if many people gather, unactive people do nothing.

How to keep 'Security' in Open Source

I got some opinions about how to keep security in open source. Now, in Japan, when a developer who doesn't know the details of security publishes a module that equips security hole, an expert developer warns him to stop publishing and fix the module quickly. Some users mail me about this.

(Umm, why did not they contact the expert developer directly? Why did not they discuss directly? Because they are Japanese! Not that this is anything new.)

That's difficult problem. In xoops.org and jp.xoops.org, security was broken perfectly once. Source was open, but nobody tried to check source. Users faced danger always.

Japan has the same situation. But, a couple of earnest programers began tryng to check modules sometimes. That's difference from xoops.org. Is this happy or unhappy? If they stop checking, we face danger soon. The XOOPS Cube project is Anarchism and Minarchism, so the project doesn't have quality checker.

I think that users need self protection in freedom. But, Anarchism denies governmental method, but not an unique method. If a community has shared protection, it's good. If you have another opinion, do discuss.

But, if you think that opened programs will be fixed by many contributed patches, consider how many patches you have contributed to others' program until now. And, if you plan to make the mood you want, you should write something continually on Japanese community. It's strange thought to counterwork others' continual activity by sending a mail to the third person.

Anyway, community members need to know that all of open source programs is not safety. If community members share the same presupposition, it's possible to go next. What do you do actually?

Especially, many users have long experience about XOOPS than me. I want to hear how much open source code they checked actually and how much patches they contributed actually. My recollection is that anybody did nothing until JM2 came back to review X2.

ImpressCMS

ImpressCMS is new movement in XOOPS world. I don't know the details of ImpressCMS, but it looks a new fork, not a distribution. You may search about it in xoops.org.

ImpressCMS is controversial, because that's not under XOOPS official control. And, because a developer who has joined the XOOPS project joins also the ImpressCMS project, some users point allegations that the XOOPS foundation may misappropriate. (I think that's quibble.)

Anyway, it is a fate that a forked project is born to cover a semi-retirement project having the following factors:

• Developers who don't program.
• Administrators who don't administer.
• Publicists who don't write news.
• Moderators who don't see forums.
• Leaders who lead to collapse.

Moreover, they don't resign from their post. Even if a project can not go forward, the project is not dead, until the project declares "dead" officially. Semi-reteirment projects are not dead and not alive. These projects just exist.

"Fork" is good solution for stalled projects, because "Fork" is not limited by existing retirement members and existing team governance. The only mission that semi-retirement members do is resisting new movement. They have lost a passion to do actual activity, so they try to damn new movements by using dummy official announcements and political fighting.

But, 2007 will soon be past. You can check how much missions each project and each member have completed. After that you can check whether existing announcements are dummy or not. Well, I am not in no position to talk.

How many OSS projects will take GPL v3?

I stand by FSF and GPL, these have produced many excellent software --- emacs, GNU and gcc. Maybe most programers can not deny GPL software as long as there is gcc. gcc! Oh, gcc! I still don't remunerate gcc's achievement enough. So I keep contributing something to OSS projects taking GPL/LGPL. If there are GPL 3D engine and zlib 3D engine, I make a patch for GPL 3D engine.

But, I can not agree the concept of GPL. So XOOPS Cube took modified BSD license. I think that modified BSD license is freedom than GPL, because modified BSD is freedom and doesn't force the freedom to others. GPL is too strong.

Some people criticize XOOPS Cube for taking another license. But, I don't think that they, GPL followers agree GPL perfectly. They follow GPL different from GPL and use 100% of the loophole. Yes, web applications can escape from GPL, through the loophole. In the client/server model, end users don't use the executable binary of the application, so web applications don't have the duty to publish their source code that they modified for their site. Even if you visit to the site built by customizing GPL web application, you don't obtain modified source code.

But, GPL v3 will fix the loophole. So, site owners will be under the duty to publish source code of their customized site.

Nonsense? That is just GPL! I published many code under GPL/LGPL, and contribute many code to GPL/LGPL projects. I wrote a game and published source code. And, I agreed that XOOPS Cube decided not to take GPL. I thought that web applications under GPL don't observe the essence of GPL.

I expect that most GPL web application projects will not take GPL v3 as well as us. Most people who don't have experience about the essence of GPL will not want to exercise the true ability of GPL.

But, I will contribute something to the projects that will take GPL v3.