Most of my work is focused around small do-one-thing-well projects. This page aims to list at least the most useful of them. The projects are ordered by initial commit date. Please note that this is a best effort only, and I rarely find time to update it.
tags: gentoo package-management
A new ebuild-based framework for switching between alternative tool providers. Replaces some of the previous solutions such as eselect modules, USE=symlink uses and manual hacks. Ensures that the symlinks are owned by a single package and supports merged /usr systems. Can also replace some of the old virtuals or make it possible to distinguish a dependency on a generic POSIX-compliant tool from a dependency on a specific implementation.
tags: gentoo package-management python rust
github: projg2/pycargoebuild
An ebuild generator for Cargo/Rust packages, written in Python. Featuring proper LICENSE support, in-place ebuild updates, merging multiple Cargo packages and most importantly, not requiring Rust.
tags: gentoo python
github: projg2/gpep517
A script to aid building and installing Python wheels using PEP 517 backends. Minimal dependency footprint (and no bundled dependencies!) make it suitable for use while bootstrapping new Python targets for Gentoo.
tags: python
github: projg2/denonavr-cli
A minimal CLI client providing basic control over Denon AV Receivers, using denonavr Python package.
tags: django gentoo metric python
github: mgorny/gander mgorny/goose
A privacy-first anonymous metric collection system for Gentoo. Focused on reporting installed packages and other data related to package management. Consists of Django-based server (goose) and Python submission client (gander).
tags: gentoo mentor package-management
Mentoring two students with Portage-related projects. One of them is writing a FUSE-based Gentoo sandbox replacement, a tool to restrict build process' access to the filesystem, for GSoC 2020. The other one is implementing a new binary package format as described in GLEP 78, as a university project.
tags: gentoo git keywording pkgcore python
github: mgorny/nattka
Multi-purpose arch team helper. Provides a sanity-check process that is running on Gentoo Infra in order to verify dependencies on keywording and stabilization requests, as well as client-side tooling to apply keywords, commit them and resolve the bugs.
tags: doc gentoo python sphinx
www: https://dev.gentoo.org/~mgorny/python-guide/
github: mgorny/python-guide
Topic-oriented documentation for writing ebuilds for packages written in Python. Built on top of real-life examples. Written using Sphinx.
tags: doc gentoo qa sphinx
www: https://projects.gentoo.org/qa/policy-guide/
git.gentoo.org: proj/policy-guide.git
Precise listing of binding QA policies in Gentoo, along with rationale whenever available. Replaces and clarifies data previously found across project wiki pages and devmanual. Additionally, it serves as a proof-of-concept for porting Gentoo documentation to Sphinx.
tags: gentoo package-management
git.gentoo.org: repo/gentoo.git
Created the framework for building kernels via packages, and added initial Distribution Kernel packages. This provides an alternative to the historical way of packaging kernel sources and building them manually, and aligns Gentoo with other distributions (including its derivatives). DK provides the ability to build from source or use a prebuilt binary package, to use generic or user-supplied configuration. It features initramfs support (via Dracut) and a binary-package friendly support for different install layouts via pluggable installkernel script.
tags: python
github: mgorny/pyproject2setuppy
A simple (~200 lines of code) wrapper to run pyproject.toml-based (PEP 518) projects (using flit or poetry build systems) via setuptools, without having to go through yet another dependency hell.
tags: infra python spec
A project for moving distribution files on Gentoo mirrors from a single flat directory to a more efficient tree of subdirectories. Covers the specification (GLEP 75), Portage implementation and infra tasks regarding the transition. The key concept is using a hash of filename to split files into even buckets while preserving the ability to identify the correct bucket from filename.
tags: infra openpgp
www: https://www.gentoo.org/news/2019/07/03/sks-key-poisoning.html
In response to key poisoning attacks on SKS, I have disabled key exchange with SKS network and established a new secure pipeline to upload keys to Gentoo keyserver. This permitted Gentoo to continue operating under the web-of-trust model while remaining resilient to the attacks.
tags: gentoo package-management
A new framework for managing system group and user accounts. It replaces the previous approach of creating and modifying groups and users ad-hoc in invidual ebuilds with a dedicated package for every account. This provides a single source of truth for account data, enables easy locking of unused accounts and using consistent fixed UIDs and GIDs across systems.
tags: openpgp python
github: mgorny/votrify
A tool to confirm results of pseudonymous elections. Every voter confirms that he received the same copy of the master ballot, that his (possibly empty) vote was included in it and that he gets the same counting results as announced, then uploads a cryptographically signed confirmation. Everyone can verify uploaded confirmations to confirm the results and that no votes were excluded or planted.
tags: c++ llvm mentor netbsd
www: https://blog.netbsd.org/tnf/entry/gsoc_2019_report_adding_netbsd1
github: llvm/llvm-project
Mentoring a student working on extending clang-format into supporting NetBSD coding style.
tags: gentoo package-management social
git.gentoo.org: repo/proj/guru.git
A user-maintained ebuild repository for new packages following the spirit of the Sunrise project. Based on the concept that all interested contributors can commit but changes need to be reviewed by their more experienced colleagues before being deployed to user systems.
tags: bash gentoo git
github: mgorny/pram
A rewrite of Gentoo::App::Pram in pure bash. A trivial tool to fetch a GitHub pull request (or a generic patch) and apply it on top of a git repository. Includes a few conveniences: editing the patch before merging, adding tags to close the pull request or bugs, verifying and adding signoffs.
tags: gentoo infra openpgp spec
github: mgorny/gentoo-authority-key
A system providing OpenPGP key validity information for keys used by Gentoo developers and Infrastructure services. Specified in GLEP 79, uses automatically created (and revoked) signatures on developer keys in a web-of-trust compliant manner.
tags: c++ llvm netbsd
github: llvm/llvm-project
Updating and completing the NetBSD support in the LLDB debugger that was initially implemented by Kamil Rytarowski. This also involves fixes to various other LLVM projects, as well as maintaining the buildbot CI instance.
tags: gentoo openpgp spec
Updated the OpenPGP practices outlined in GLEP 63 to follow more modern recommendations and improve security. This includes using explicit signing and encryption subkeys, setting expiration dates and storing the primary key securely offline.
tags: infra openpgp python spec
github: mgorny/gemato
A tool to verify the authenticity of a directory tree using a single OpenPGP signature and recursive digest files (Manifests). The reference implementation of GLEP 74, primarily used to verify rsync checkouts of the Gentoo ebuild repository.
tags: bash gentoo git infra package-management python qa
github: mgorny/repo-mirror-ci mgorny/pkgcheck2html
A Gentoo project serving a twofold goal. Firstly, it provides mirrors of ebuild repositories listed on the official repository list with pregenerated caches, suitable for efficient and secure system updates via git. Secondly, it enables a CI pipeline using pkgcheck linting tool for the Gentoo repository and its GitHub pull requests.
tags: c gentoo
github: mgorny/cpuid2cpuflags
A tool to query CPU instruction sets via CPUID (or HWCAPs) and output respective CPU_FLAGS_* for Gentoo builds. Originally written as Python parser of /proc/cpuinfo for x86, afterwards rewritten in C to use low-level queries and extended to ARM and PowerPC.
tags: bash gentoo
Redesign of the tool used to switch between OpenGL implementation providers in Gentoo. The new design switched libraries via controlling LD search paths and unconditionally used reference headers, while the old one relied on writing symlinks to /usr.
tags: gentoo package-management python qa
git.gentoo.org: proj/portage.git
Support of containerizing package builds in Portage via use of Linux kernel namespaces. Initially it was used to prevent built programs from unexpectedly accessing the Internet and local network services. Afterwards, it was extended to cover isolation of mounts, processes (with reliable killing of leftovers) and predictable hostname setting.
tags: django gentoo openid python
git.gentoo.org: archive/proj/identity.gentoo.org.git
A project of extending the work-in-progress web frontend to Gentoo LDAP with an OpenID server. It included a plan to provide OpenID login in other Gentoo applications and serve as Gentoo's SSO. However, OpenID became obsolete before it was deployed.
tags: gentoo package-management
git.gentoo.org: repo/gentoo.git
A new approach to supporting multilib in Gentoo. Replaced prebuilt emul-linux-x86-* packages with eclass-based approach that enabled building selected packages from source, for any number of ABIs on every multilib architecture. Won against the competing portage-multilib project.
tags: gentoo package-management python
github: mgorny/gpyutils
A set of various utilities to help with Python package maintenance in Gentoo. Provides tools to print and mangle PYTHON_COMPAT, find packages needing porting to new Python versions and plot (via Graphviz) dependency graphs between them.
tags: bash gentoo package-management
git.gentoo.org: repo/gentoo.git
A new eclass suite to build and install Python packages. Combined good ideas from other eclasses with a few innovations. The latter include separate eclasses for different purposes (build-time dep, single-impl and multi-impl install) and variables for explicit metadata building with generator functions for more complex needs. So far this remains the state-of-the-art example for eclass API.
tags: c
github: mgorny/libh2o mgorny/libh2oxx mgorny/pyh2o mgorny/h2o-gtk
University project. An optimized C library for water and steam properties using IF97 tables. Includes C++ and Python bindings, and a GTK+ app to query and plot them.
tags: c server
github: mgorny/pshs
A tiny CLI server to quickly share files over HTTP. Supports random port choice, IP address detection, automated UPnP port forwarding, URL QRcode generation and TLS with self-signed certificate generated at runtime.
tags: python
github: mgorny/eclean-kernel
A CLI tool to find and remove old kernels from the system. Supports both old-school /boot layout and bootloader spec (gummiboot / systemd-boot). Can remove old kernels based on version, mtime or just clean up stray modules and auxiliary files.
tags: package-management python
github: mgorny/gentoopm
A Python package providing an objective wrapper API to the three Gentoo package managers: Paludis, PkgCore and Portage. Originally used to implement GSoC 2011 project of PMS Test Suite. Later used in other projects as a more Pythonic API than these directly provided by the package managers themselves. Nowadays effectively defunct as Paludis is no longer developed, and PkgCore is much faster than Portage while remaining reasonably compatible, rendering fallback to Portage API unnecessary.
tags: gentoo llvm package-management
git.gentoo.org: repo/gentoo.git
Activity as a package maintainer and eclass developer. Besides sundry smaller packages of individual interest, maintaining LLVM and XFCE, and co-maintaining a large part of the Python ecosystem. Actively participating in QA work.
tags: bash
github: mgorny/uam
A removable drive automounter in pure shell, using udev rules without additional daemons (such as udisks).