~mgorny/projects

Ā« ~mgorny

Most of my work is focused around small do-one-thing-well projects. This page aims to list at least the most useful of them. The projects are ordered by initial commit date. This is still a work-in-progress, missing many older projects.

goose (gander) [2020-05]

tags: django gentoo metric python

github: mgorny/gander mgorny/goose

A privacy-first anonymous metric collection system for Gentoo. Focused onĀ reporting installed packages and other data related to package management. Consists of Django-based server (goose) and Python submission client (gander).

GSoC 2020: FUSE-based sandbox and new binpkg format [2020-05] (mentor)

tags: gentoo mentor package-management

Mentoring two students with Portage-related projects. One of them is writing a FUSE-based Gentoo sandbox replacement, a tool to restrict build process' access to the filesystem, for GSoC 2020. The other one is implementing a new binary package format as described in GLEP 78, as a university project.

nattka [2020-03]

tags: gentoo git keywording pkgcore python

github: mgorny/nattka

Multi-purpose arch team helper. Provides a sanity-check process that is running on Gentoo Infra in order to verify dependencies on keywording and stabilization requests, as well as client-side tooling to apply keywords, commit them and resolve the bugs.

python-guide [2020-02]

tags: doc gentoo python sphinx

www: https://dev.gentoo.org/~mgorny/python-guide/

github: mgorny/python-guide

Topic-oriented documentation for writing ebuilds for packages written in Python. Built on top of real-life examples. Written using Sphinx.

policy-guide [2020-01] (initial author)

tags: doc gentoo qa sphinx

www: https://projects.gentoo.org/qa/policy-guide/

git.gentoo.org: proj/policy-guide.git

Precise listing of binding QA policies in Gentoo, along with rationale whenever available. Replaces and clarifies data previously found across project wiki pages and devmanual. Additionally, it serves as a proof-of-concept for porting Gentoo documentation to Sphinx.

Gentoo Distribution Kernel [2020-01]

tags: gentoo package-management

git.gentoo.org: repo/gentoo.git

Created the framework for building kernels via packages, and added initial Distribution Kernel packages. This provides an alternative to the historical way of packaging kernel sources and building them manually, and aligns Gentoo with other distributions (including its derivatives). DK provides the ability to build from source or use a prebuilt binary package, to use generic or user-supplied configuration. It features initramfs support (via Dracut) and a binary-package friendly support for different install layouts via pluggable installkernel script.

pyproject2setup.py [2019-12]

tags: python

github: mgorny/pyproject2setuppy

A simple (~200 lines of code) wrapper to run pyproject.toml-based (PEP 518) projects (using flit or poetry build systems) via setuptools, without having to go through yet another dependency hell.

Split distfile mirror directory structure [2019-10]

tags: infra python spec

A project for moving distribution files on Gentoo mirrors from a single flat directory to a more efficient tree of subdirectories. Covers the specification (GLEP 75), Portage implementation and infra tasks regarding the transition. The key concept is using a hash of filename to split files into even buckets while preserving the ability to identify the correct bucket from filename.

Securing the Gentoo keyserver [2019-07]

tags: infra openpgp

www: https://www.gentoo.org/news/2019/07/03/sks-key-poisoning.html

In response to key poisoning attacks on SKS, I have disabled key exchange with SKS network and established a new secure pipeline to upload keys to Gentoo keyserver. This permitted Gentoo to continue operating under the web-of-trust model while remaining resilient to the attacks.

votrify [2019-06]

tags: openpgp python

github: mgorny/votrify

A tool to confirm results of pseudonymous elections. Every voter confirms that he received the same copy of the master ballot, that his (possibly empty) vote was included in it and that he gets the same counting results as announced, then uploads a cryptographically signed confirmation. Everyone can verify uploaded confirmations to confirm the results and that no votes were excluded or planted.

GSoC 2019: NetBSD KNF in clang-format [2019-06] (mentor)

tags: c++ llvm mentor netbsd

www: https://blog.netbsd.org/tnf/entry/gsoc_2019_report_adding_netbsd1

github: llvm/llvm-project

Mentoring a student working on extending clang-format into supporting NetBSD coding style.

GURU [2019-04] (initiator)

tags: gentoo package-management social

git.gentoo.org: repo/proj/guru.git

A user-maintained ebuild repository for new packages following the spirit of the Sunrise project. Based on the concept that all interested contributors can commit but changes need to be reviewed by their more experienced colleagues before being deployed to user systems.

pram [2019-03] (rewrite)

tags: bash gentoo git

github: mgorny/pram

A rewrite of Gentoo::App::Pram in pure bash. A trivial tool to fetch a GitHub pull request (or a generic patch) and apply it on top of a git repository. Includes a few conveniences: editing the patch before merging, adding tags to close the pull request or bugs, verifying and adding signoffs.

Gentoo Authority Keys [2019-02]

tags: gentoo infra openpgp spec

github: mgorny/gentoo-authority-key

A system providing OpenPGP key validity information for keys used by Gentoo developers and Infrastructure services. Specified in GLEP 79, uses automatically created (and revoked) signatures on developer keys in a web-of-trust compliant manner.

Porting LLDB to NetBSD [2019-01]

tags: c++ llvm netbsd

github: llvm/llvm-project

Updating and completing the NetBSD support in the LLDB debugger that was initially implemented by Kamil Rytarowski. This also involves fixes to various other LLVM projects, as well as maintaining the buildbot CI instance.

Gentoo OpenPGP policy update [2018-07]

tags: gentoo openpgp spec

Updated the OpenPGP practices outlined in GLEP 63 to follow more modern recommendations and improve security. This includes using explicit signing and encryption subkeys, setting expiration dates and storing the primary key securely offline.

gemato [2017-10]

tags: infra openpgp python spec

github: mgorny/gemato

A tool to verify the authenticity of a directory tree using a single OpenPGP signature and recursive digest files (Manifests). The reference implementation of GLEP 74, primarily used to verify rsync checkouts of the Gentoo ebuild repository.

Repository mirrors & CI [2015-05]

tags: bash gentoo git infra package-management python qa

github: mgorny/repo-mirror-ci mgorny/pkgcheck2html

A Gentoo project serving a twofold goal. Firstly, it provides mirrors of ebuild repositories listed on the official repository list with pregenerated caches, suitable for efficient and secure system updates via git. Secondly, it enables a CI pipeline using pkgcheck linting tool for the Gentoo repository and its GitHub pull requests.

cpuid2cpuflags [2015-01]

tags: c gentoo

github: mgorny/cpuid2cpuflags

A tool to query CPU instruction sets via CPUID (or HWCAPs) and output respective CPU_FLAGS_* for Gentoo builds. Originally written as Python parser of /proc/cpuinfo for x86, afterwards rewritten in C to use low-level queries and extended to ARM and PowerPC.

eselect-opengl redesign [2014-12]

tags: bash gentoo

Redesign of the tool used to switch between OpenGL implementation providers in Gentoo. The new design switched libraries via controlling LD search paths and unconditionally used reference headers, while the old one relied on writing symlinks to /usr.

Containerization in Portage [2013-08]

tags: gentoo package-management python qa

git.gentoo.org: proj/portage.git

Support of containerizing package builds in Portage via use of Linux kernel namespaces. Initially it was used to prevent built programs from unexpectedly accessing the Internet and local network services. Afterwards, it was extended to cover isolation of mounts, processes (with reliable killing of leftovers) and predictable hostname setting.

GSoC 2013: OpenID server for identity.gentoo.org [2013-06]

tags: django gentoo openid python

git.gentoo.org: archive/proj/identity.gentoo.org.git

A project of extending the work-in-progress web frontend to Gentoo LDAP with an OpenID server. It included a plan to provide OpenID login in other Gentoo applications and serve as Gentoo's SSO. However, OpenID became obsolete before it was deployed.

gx86-multilib [2013-02]

tags: gentoo package-management

git.gentoo.org: repo/gentoo.git

A new approach to supporting multilib in Gentoo. Replaced prebuilt emul-linux-x86-* packages with eclass-based approach that enabled building selected packages from source, for any number of ABIs on every multilib architecture. Won against the competing portage-multilib project.

gpyutils [2012-12]

tags: gentoo package-management python

github: mgorny/gpyutils

A set of various utilities to help with Python package maintenance in Gentoo. Provides tools to print and mangle PYTHON_COMPAT, find packages needing porting to new Python versions and plot (via Graphviz) dependency graphs between them.

python-r1 eclass suite [2012-10]

tags: bash gentoo package-management

git.gentoo.org: repo/gentoo.git

A new eclass suite to build and install Python packages. Combined good ideas from other eclasses with a few innovations. The latter include separate eclasses for different purposes (build-time dep, single-impl and multi-impl install) and variables for explicit metadata building with generator functions for more complex needs. So far this remains the state-of-the-art example for eclass API.

libh2o suite [2012-03]

tags: c

github: mgorny/libh2o mgorny/libh2oxx mgorny/pyh2o mgorny/h2o-gtk

University project. An optimized C library for water and steam properties using IF97 tables. Includes C++ and Python bindings, and a GTK+ app to query and plot them.

pshs [2011-11]

tags: c server

github: mgorny/pshs

A tiny CLI server to quickly share files over HTTP. Supports random port choice, IP address detection, automated UPnP port forwarding, URL QRcode generation and TLS with self-signed certificate generated at runtime.

eclean-kernel [2011-10]

tags: python

github: mgorny/eclean-kernel

A CLI tool to find and remove old kernels from the system. Supports both old-school /boot layout and bootloader spec (gummiboot / systemd-boot). Can remove old kernels based on version, mtime or just clean up stray modules and auxiliary files.

GSoC 2011: gentoopm [2011-06]

tags: package-management python

github: mgorny/gentoopm

A Python package providing an objective wrapper API to the three Gentoo package managers: Paludis, PkgCore and Portage. Originally used to implement GSoC 2011 project of PMS Test Suite. Later used in other projects as a more Pythonic API than these directly provided by the package managers themselves. Nowadays effectively defunct as Paludis is no longer developed, and PkgCore is much faster than Portage while remaining reasonably compatible, rendering fallback to Portage API unnecessary.

gentoo.git [2010-10] (co-developer)

tags: gentoo llvm package-management

git.gentoo.org: repo/gentoo.git

Activity as a package maintainer and eclass developer. Besides sundry smaller packages of individual interest, maintaining LLVM and XFCE, and co-maintaining a large part of the Python ecosystem. Actively participating in QA work.

uam [2009-02]

tags: bash

github: mgorny/uam

A removable drive automounter in pure shell, using udev rules without additional daemons (such as udisks).