You, Eleanor Shellstrop, are dead. You are in cardiac arrest. Your heart has stopped beating, you have stopped breathing, and medically speaking you have died. Not a great start to your day! But worry not: someone has called emergency services. This is the story of that call — and how open geospatial information just might help save your life.

This talk, presented by the CAD & Technical Lead at the London Ambulance Service, will discuss how we use open data to locate patients, how your phone sends live geospatial information to our control room, and the other open (and some not-open) data that our emergency medical service uses to save lives across London every day.

Expect high-level conversations about medical emergencies, but this talk is suitable for all ages.

Collabora Online is an online document editor based on LibreOffice, but there's also both an Android and an iOS Collabora Office app based on the same technology - LibreOffice Kit. Have you ever wondered how it works?

In this talk, I'll give a high-level overview of the architecture of the Collabora Office mobile app. Along the way, I'll discuss how it's similar but different to the Collabora Online server, and what limitations on the mobile platform (for example a lack of availability of clipboard web APIs) pushed us to write in the way that we have.

We explore the security model exposed by Rook with Ceph, the leading software-defined storage platform of the Open Source world. We discuss major updates within the past year to our threat model, dashboard, call home, and encryption, including work on TCMs, NVMe and exploration of open source post quantum encryption algorithms, within a major project. We discuss the challenges and benefits of promoting open source, and how to ensure we adhere to Executive Order 14028, and the challenges and rewards of dependency tracking and updating.

NixOps used to be the only Nix-native deployment and provisioning tool, but it failed. NixOps4 is a complete redesign of the tool, taking lessons from NixOps, taking inspiration from Terraform, and borrowing its providers. In doing so, it creates a unified deployment platform, architecturally similar to how Nix is a platform for unified builds. It allows you to combine configurations freely with the Nix language and build system, and it makes it easy to "extend" the tool.

In this presentation, we'll have a look at the concepts that make up NixOps4, as well as its integration into the Fediversity project, which aims to enable hosting providers to let their customers deploy applications such as Mastodon, PeerTube and Pixelfed, fully automatically - running NixOps4 "unattended" in production.

My name is David Berman. I am an electrician by trade, not a programmer by profession, but I have ventured into the world of programming out of necessity and conviction. My journey into this realm has been fueled by a desire to challenge the prevailing norms of an industry heavily skewed toward proprietary, enterprise-oriented solutions. Specifically, I have worked to advocate for open-source, cost-effective methods to control city streetlights and other industrial control systems traditionally dominated by expensive and exclusive technologies.

During my talk I would like to share my newest project, Gungnir: https://github.com/davidjrb/gungnir

This journey has been far from easy. The resistance to change in this space is significant, and the challenges are both technical and cultural. One of the key barriers is the entrenched power of profit-driven opponents, including corporate lobbyists and those with vested interests in maintaining the status quo. These forces often stifle innovation and prevent the adoption of solutions that could benefit society as a whole by reducing costs and fostering collaboration.

Another challenge comes from within the very community I advocate for. Despite the immense potential of open-source solutions, there is a tendency among many non-programmers—particularly those in traditional trades or management roles—to dismiss these solutions out of hand. This is often due to a lack of familiarity with the technology or misconceptions about its reliability and scalability. Bridging this gap requires not only technical expertise but also the ability to communicate the value and viability of open-source approaches in terms that resonate with a broader audience.

In my talk, I aim to explore these challenges in depth, sharing insights from my own experience as a non-programmer navigating a highly technical field. I will discuss the hurdles faced by the open-source community when advocating for transparency, collaboration, and cost-efficiency in an industry often resistant to such ideals. I will also highlight strategies to foster greater acceptance and collaboration between open-source advocates and those unfamiliar with or skeptical of these technologies.

Ultimately, my goal is to spark a dialogue about how we, as a community, can better advocate for open-source solutions in industrial and civic systems, ensuring that they are not only adopted but also embraced as a viable and beneficial alternative to proprietary models. By sharing stories, challenges, and strategies, I hope to inspire others—whether programmers, non-programmers, or industry professionals—to join this important movement.

Thank you for having me.

I look forward to seeing you all 14:00, Saturday, 1. February in Baudoux - UB5.230

Most software build systems, following the tradition of make, refer to artifacts by an assigned location on the file system. However, when developing software, one is usually more interested in the contents of the file than its location. So why not take the definition itself as key? Similarly, when building typical complex targets, like libraries, additional information has to be considered when using them, e.g., transitive dependencies when linking. So why not make that part of the data of the analyzed library? In this way, we obtain definitions that are independent of their origin and hence can meaningfully be cached. This high-level caching allows a seamless transition between fine-granular building and traditional package building (obtaining all artifacts by a single lookup). As an additional benefit, when using remote build execution, it is enough to have the sources of the project you're working on, while still having the benefits of a bootstrapped build.

All those concepts are implemented in the open-source build system justbuild, available, at https://github.com/just-buildsystem/justbuild

Profile-Guided Optimization (PGO) is a well-known compiler optimization technique that brings runtime statistics about how an application is executed to the Ahead-of-Time (AoT) compilation model. However, this technique is not widely used nowadays.

In this talk, I want to discuss with a wider audience typical issues that I met with PGO implementation in LLVM-based compilers (like Clang and Rustc). During my work on the Awesome PGO project, I gathered a lot of interesting data points and insights about current PGO issues in the ecosystem (mostly with LLVM-based tools since I prefer using LLVM), and discussed many issues with different stakeholders like end-users, maintainers, and application developers. We will talk about:

• PGO documentation issues across compilers
• Different PGO integration states across LLVM-based compilers
• PGO awareness across the industry
• Strengths and weaknesses of different PGO modes for different use cases in real-world
• Top blockers for PGO adoption
• And many other things!

I believe that after the talk more people will be aware of PGO, aware of usual PGO blockers with LLVM, and know more about how to avoid these limitations in practice.

Target audience: LLVM users (especially LLVM-based compiler engineers and LLVM adopters)

Panoptic is a tool to explore locally and easily big images datasets: https://github.com/CERES-Sorbonne/Panoptic Images abound on the web and digital social networks. Their proliferation is one of the characteristics of digital culture. In particular, they are widely mobilized in contemporary controversies, with the aim of revealing and debating important social issues. Far beyond natively digital images, whether moving or still, images are first and foremost an object of study in their own in many disciplines (art history, film studies...), just as they can be a way of accessing a research field (photographs of animal and plant species, pages from digitized books...). A key challenge for the human and social sciences is to equip themselves with tools for exploring, sorting and annotating image corpora.

While a number of tools already exist for working with such corpora (XnView, Tropy, voxel51, Aikon, Arkindex, for example), a key issue to be resolved is the multiplication in the number of images we work with: how can we efficiently explore, sort and annotate a corpus of several tens of thousands of images? How can we provide researchers with a tool that facilitates such work?

Indeed, working with a large number of images means first of all having a synoptic view of them, in order to understand them as a whole, but also being able to manipulate them directly in the presentation interface (for both exploration and analysis).

Secondly, working with a large number of images also imposes time constraints on analysis, which can be resolved by using similar-image clustering tools (computer vision tools), to group together images that have formal similarities (reduces exploration time), but also by using batch annotation functionalities (reduces analysis time).

Finally, working with images is rarely just about working with images, but also with textual data associated with the images (texts of tweets, photographer's name, shooting date, etc.). Another challenge, then, is to adopt a plurisemiotic approach to the content of the corpus being worked on, in order to avoid having to move back and forth between different work spaces.

Created at CERES, by developers, researchers and designers, Panoptic is an open source tool for visualizing, exploring and annotating large images corpora. In particular, the tool integrates algorithms for grouping images by similarity (by using ml model CLIP), to help users with sorting and exploration. The tool also offers various filtering, search and annotation options, enabling the creation, analysis and export of sub-corpora.

Our talk will present the tool we have developed, and how its various functions are designed to meet the methodological needs of research using tools for working with large volumes of images.

We will close the devroom with lightning talks that will serve as a great conversation starter during the lunch break.

Windows-on-ARM devices (primarily laptops) provide a nice execution environment for running Linux or any other open-source OS. As the provisioned ACPI tables make heavy use of PEP, it is next to impossible to make use of the ACPI in a proper way, This talk focuses on the the possible ways to select and sideload corresponding device tree blob before passing control to the OS kernel.

The European regulations impose strict rules on the collection and use of data via cookies and other trackers on websites. Auditing the practices of these sites is crucial to ensure that the cookies placed, both before and after user consent, comply with current legal obligations. This includes the purpose of the cookies and the transparency of the information provided to users, such as cookie descriptions and an easily accessible refusal option.

Although various website analysis tools exist, their use often requires advanced technical expertise, as they typically operate via command-line interfaces. In this context, the EDPB, through the Support Pool of Experts (SPE), has developed a dedicated audit tool to assess websites' compliance with European regulatory requirements.

The tool is a Free and Open Source Software under the EUPL 1.2 Licence and is available for download on code.europa.eu. The source code is available here.

Dr. Jérôme Gorin, the creator of this tool, will present its functionality and its adoption by numerous auditors within data protection authorities across Europe. The presentation will conclude with a discussion on the tool's improvement prospects, aiming to foster knowledge sharing and the detection of the latest online tracking technologies.

Unleashing the power of 3D graphics on the Raspberry Pi is an ongoing effort at Igalia. We are constantly exploring new opportunities to maximize the GPU's potential. The process of identifying applications that can be optimized is highly rewarding. Every so often, we uncover a breakthrough, enabling us to boost application performance up to ~70%.

The graphics stack for the Raspberry Pi 4 and 5 is built on the Mesa user-space drivers (V3D/V3DV) and the Linux kernel driver V3D. These drivers are fully mature, with the upstream Mesa Vulkan driver V3DV having already achieved Vulkan 1.3 conformance, and the OpenGL/ES driver V3D exposing desktop OpenGL 3.1.

However, just having working, conformant drivers isn't enough for us. In this talk, we will demonstrate how we go the extra mile to extract the maximum performance from the Raspberry Pi's GPU, proving that a more performant embedded GPU is possible.

In addition to explaining where we currently stand, we will showcase several cases where optimizations in the Mesa user-space drivers led to significant performance improvements. We will also review recent developments in the kernel driver, including support for Huge Pages in the GPU kernel driver and our experience using Transparent Huge Pages (THP) on an embedded device.

By the end of this talk, we hope the audience will have a better understanding of the graphics stack for embedded GPUs and how to start getting more juice out of an embedded board.

One of the interesting things about Collabora is the extremely powerful LibreOffice core it is built on. Come and hear how we've been working hard to expose even more powerful browser-based collaborative functionality from it.

Hear about our new WebGL transitions, Automatic Document generation from documents + JSON, as well as exposing much of the power of our core functionality from fonts and AutoText to more powerul configuration options.

Finally have a quick summary of UI wins and other recent improvements, as well as how to get involved.

ssh (secure shell) is a popular protocol used for remote command-line connections and file transfers.

sshproxy is more than a simple ssh proxy/load balancer. It can choose the destination node based on simple or complex rules, such as the user name/group, its previous connections, the number of total connections on the nodes, the total used bandwidth of the nodes… It can be distributed on multiple gateways, with shared states. It can track, log and monitor all the connections.

At CEA (French Alternative Energies and Atomic Energy Commission), sshproxy allows users to connect to 4 different supercomputers, with regularly more than 1,000 simultaneous connections.

My talk will introduce you to TLSRPT and it will show you how to configure Postfix to send TLSRPT datagrams to a TLSRPT report service. TLSRPT is to TLS security what DMARC is to anti-phishing: it allows you not only to establish standards like STARTTLS, MTA-STS or DANE for secure message transport, but to verify via reports those security levels are being uphold.

It allows a sender platform to inform receiving platforms how often a TLS connection from the sender to the recipient had been successful and if not why. It is a major improvement over self-monitoring your MTA service, because it creates - in contrast to self-monitoring - a world-wide view how others „see“ your platform. It allows e.g. to make areas in the network visible, where TLS fails, to investigate and ideally to fix the problem in order to keep communication secure.

Previously the capability to create and send TLSRPT reports had been limited to a few major platforms running their own or a commercial MTA. This will change early 2025. The Postfix MTA will be the first Open Source MTA to implement functionality that permits to send TLSRPT-relevant DATA to a TLSRPT report service. The service will collect the DATA, create a report and pass it on to an MTA for delivery or submit it directly via HTTP.

Postfix’ new feature is the result of a collaborative effort between Wietse Venema, the creator of Postfix, and my company sys4 as we want to foster TLSRPT (also because it hinders German providers to qualify to become BSI approved „Secure E-Mail Platforms“).

We created an Open Source low-level C-library that can be used by any MTA - not only Postfix - and the service required to create TLSRPT reports. Both can be downloaded at github. And we hope many other Open Source projects will use the library and the service to implement TLSRPT reporting in their MTA.

The Tillitis TKey is a radical new open source and open hardware FPGA-based general computer in the form factor of a USB security token. Due to the mandatory measurement of apps it generates secret material on demand, with no persistance, based on the integrity of the app and provides a secure environment to do sensitive computing like, for instance, cryptographic signing, authentication, and similar uses.

In the talk I will present how the TKey works, especially with the killer app SSH, how it came about, and touch on how you develop apps for it, the tools available, and welcome you to join the open source projects behind it. With a small, dedicated team you can get a lot of things done, even with hardware designs using FPGAs and your own design of PCBs.

This talk introduces Apache Arrow's tensor arrays as a tool for representing an array of tensors in memory, their storage and transportation. We'll introduce the tensor array memory layout specification, its implementation in Arrow C++ and Python, showcasing how it can help interoperate with PyData and database ecosystems.

We'll present the fixed and variable shape tensor array specifications, their implementations and how they can be used to interoperate with Arrow aware ecosystem such as DLPack, NumPy, and others. Further we'll discuss design decisions we made to make the two tensor arrays as generic and universal as possible.

Katzenpost is a robust privacy software project. It includes a mix network implementation with a powerful, realistic threat model, hybrid post-quantum cryptography libraries, messaging protocols and metadata-private networking - all implemented in Go and under an AGPLv3 license.

The purpose of this talk is to go over all of these elements and explain how they may be implemented in other software projects, rather than explain the high level design of the mix-net in detail. The Katzenpost code can be found at [the project's GitHub](https://github.com/katzenpost).

When it comes to the on-disk-size of your OpenJDK installation it becomes apparent that certain files take up a large part of the entire Java Development Kit (JDK) installation. It can seem that certain files are monolithic and aren't possible to make smaller. Yet, they can be smaller if you know how.

In this talk we show how you can create a custom run-time image for your specific application without the need of the jmods folder otherwise being present in a standard JDK. Forget about JRE and go all-in on custom run-time images. The best thing about it is that - due to JEP 493 - this will no longer need JMOD files of the JDK to be present.

Tune in to hear more about using jlink from a JDK without a jmods directory and what new opportunities this allows.

An introduction on the basic concepts underpinning a container manager: understanding what OCI images are, how they’re structured, and how to use them as rootfs. From there, we’ll dive into the core Linux primitives that make rootless containers possible: namespaces for isolation, UID/GID mappings and dropping privileges.

The talk will use my project Lilipod https://github.com/89luca89/lilipod as an example on what and how all of this has been implemented

Designed to cater to a wide range of peripheral devices and platforms, Analog Devices' Kuiper Linux distribution is built with more than 1000 Linux device drivers compatible with Xilinx and Intel FPGAs, Raspberry Pi boards, and several other platforms.

To ensure its quality, a test harness infrastructure must be in place to carry out continuous testing on actual hardware. This talk covers the design and implementation of such a fully automated test harness. The implemented architecture leverages the use of readily available components/technologies such as Jenkins, Docker, NetBox, and JFrog Artifactory and, at the same time, includes custom-built tools that can be tailored and extended to support existing or new devices and platform types.

By using an advanced resource locking mechanism, the hardware setups are also remotely available to others for development and debugging, when there are no automated tests running.

Picture this: an open source digital democracy platform, launched by a city government, that quickly outgrows its municipal roots and becomes a global movement. Decidim started in 2016 as a tool for participatory processes in Barcelona, but its community expanded worldwide, with users in diverse cultural and political contexts. How do you scale such a project while preserving its democratic integrity?

In this session, we’ll dive into Decidim’s evolution, focusing on the governance challenges and triumphs of managing a rapidly growing, decentralized community. We’ll explore how Metadecidim—our "eat your own dog food" instance—facilitated this transition, enabling collaborative decision-making through open assemblies and processes. We’ll also discuss how Decidim’s unique social contract ensures transparency and accountability in everything from feature development to project governance.

This session is for you if you’re interested in the nuts and bolts of scaling participatory governance of free software projects.

Open-source software has been a powerful catalyst for innovation in computer and software engineering, driving significant advancements in healthcare, particularly in medical and surgical technologies. Recently, the open-source movement has expanded beyond software, encompassing the release of code, data, and AI models, further accelerating progress across diverse fields. However, in healthcare, open-sourcing faces distinct challenges, including navigating regulatory hurdles to meet industry standards, ensuring robust patient data protection, managing the costs of specialised hardware and software maintenance, and addressing the limited availability of expert clinicians needed to annotate, test, and validate AI innovations. In this talk, Miguel will explore how open-source technologies are advancing healthcare, with a focus on medical and surgical innovations. He will highlight key advancements while exploring the complexities of clinical translation, using three of his projects as examples: Fetal Ultrasound Image Synthesis, endoscopy-based video analysis for surgery, and real-time AI diagnosis of eye movement disorders. The talk will examine the challenges of clinical translation and showcase examples of innovative technologies that leverage open-source software, models, and data to address some of the most complex problems in healthcare. Finally, to inspire and spark innovation among the next generation of engineers, researchers, and clinicians from academia and industry, this talk will showcase how the emerging open-source software community for surgical and medical technologies is striving to: (a) Foster Collaboration and Community Building, (b) Enhance Security and Transparency, (c) Promote Customisation and Flexibility, (d) Ensure Cost-Effectiveness, Sustainability, and Scalability, and (e) Drive Rapid Innovation and Future-Proofing.

Closing notes and information about pPub (physical Pub) meetup.

We present LoRaMesher, a communication library to build LoRa mesh networks. LoRaMesher interconnects geographically spread IoT devices through a LoRa mesh network. For the communication, the library implements a proactive distance vector routing protocol. Using LoRaMesher, an IoT application running on a node can send and receive data packets to and from other nodes in the LoRa mesh network. LoRaMesher has been tested on embedded boards featuring an ESP32 microcontroller and a LoRa radio. Using LoRaMesher, nodes do not connect to a LoRaWAN gateway, but among themselves. This allows new, distributed applications solely built upon tiny IoT nodes.

Welcome to the GCC (GNU Toolchain) devroom from the organizers.

Welcome session for the Cloud Native Databases devroom

A five minute introduction to the dev room.

This talk will serve as a welcome and introduction to the Microkernel and Component-Based OS devroom. We will quickly go over the rules and expectations of the devroom, as well as introducing you to the devroom managers and answering general questions.