JSON has become the lingua franca for handling semi-structured and unstructured data in modern data systems. Whether it’s in logging and observability scenarios, real-time data streaming, mobile app storage, or machine learning pipelines, JSON’s flexible structure makes it the go-to format for capturing and transmitting data across distributed systems.

At ClickHouse, we’ve long recognized the importance of seamless JSON support. But as simple as JSON seems, leveraging it effectively at scale presents unique challenges. In this talk we will discuss how we built a new powerful JSON data type for ClickHouse with true column-oriented storage, support for dynamically changing data structure and ability to query individual JSON paths really fast.

ClickHouse open-source project: https://github.com/ClickHouse/ClickHouse Links related to the topic: https://github.com/ClickHouse/ClickHouse/issues/54864, https://github.com/ClickHouse/ClickHouse/pull/58047, https://github.com/ClickHouse/ClickHouse/pull/63058, https://github.com/ClickHouse/ClickHouse/pull/66444.

We present LoRaMesher, a communication library to build LoRa mesh networks. LoRaMesher interconnects geographically spread IoT devices through a LoRa mesh network. For the communication, the library implements a proactive distance vector routing protocol. Using LoRaMesher, an IoT application running on a node can send and receive data packets to and from other nodes in the LoRa mesh network. LoRaMesher has been tested on embedded boards featuring an ESP32 microcontroller and a LoRa radio. Using LoRaMesher, nodes do not connect to a LoRaWAN gateway, but among themselves. This allows new, distributed applications solely built upon tiny IoT nodes.

This is not on behalf of a specific community, only my direct experience with Ubuntu Touch, libhybris and Halium.

SailfishOS, Ubuntu Touch, Droidian. Many options exist for running a GNU/Linux environment on an off-the-shelf mobile phone. But what makes these different from an application developer’s perspective for a smartphone OS built with libhybris drivers?

Let’s find out.

In this presentation we will review recent security audits of the Bhyve and Capsicum subsystems, lessons learned, how this work was funded, and how it's having a lasting impact on the security culture of FreeBSD.

The Digital Markets Act mandates that mobile gatekeepers open their device operating systems to competing app stores. This affects the landscape of app distribution on iOS and Android and has brought about a variety of different compliance efforts, most of which have been found lacking by regulators thus far. The law is important for Free Software, as its obligations grant smaller Free Software projects the rights to demand access to gatekeepers' infrastructure like enabling alternative app store, sideloading and un-installation of software and interoperability with operating systems.

This talk will outline the current state of compliance efforts on the part of Apple and iOS, the primary areas where they are deemed insufficient, and how they effectively block any marketplace from emerging as a viable source of FOSS software distribution for the iPhone and iPad. Financial preconditions, ongoing fees, enforced DRM, centralized notarization app review, and other factors all conspire together to maintain the status quo of monopolistic control over the app marketplace on these devices.

The App Fair Project (appfair.org) is a non-profit charity with the mission of creating an app marketplace for the distribution of digital public goods in the form of free and open-source mobile applications. We have been active in the various workshops and working groups that have examined the DMA compliance efforts on the part of the mobile OS gatekeepers, and have provided technical advice and expertise to groups such as the Free Software Foundation Europe (FSFE) and the NGI TALER project.

The GPIO sysfs interface for user space has been deprecated for many years. Its alternative, the GPIO character device and the associated libgpiod project, has been available since 2017. The library, along with its numerous bindings, has become the de facto standard tool for interacting with GPIOs from user space. Recently, it was supplemented by a D-Bus API and a reference implementation, addressing the long-standing issue of maintaining GPIO state persistence across different processes.

The sysfs interface is the primary user of the global GPIO number space in the kernel. Unlike other legacy components of the GPIO codebase, we cannot remove it without user space agreeing to stop using it. However, there remains a group of users who, for various reasons, refuse to migrate to the new uAPI. It has become evident that, without providing them with a 100% compatible experience, we will be stuck with the old interface indefinitely.

To address this, the latest addition to the family of user-space GPIO utilities is gpiod-sysfs-proxy[1] - a libfuse-based user-space compatibility layer for the GPIO sysfs interface under /sys/class/gpio, using libgpiod to talk to the kernel.

This talk will cover why we aim to remove /sys/class/gpio (along with the in-kernel legacy APIs), progress made so far, an introduction to gpiod-sysfs-proxy and the libgpiod D-Bus API, and a discussion of future plans.

[1] https://github.com/brgl/gpiod-sysfs-proxy

Join us for a comprehensive review of the newest features and innovations in OpenProject, developed over the past year. This session will explore key updates, including enhancements to project portfolio management, deeper integration with the openDesk application bundle, and the exciting progress of a mobile app spike. Discover how these developments empower teams to collaborate more effectively, manage projects with greater precision, and streamline workflows. Whether you’re a long-time user or new to OpenProject, this talk will offer valuable insights into how the platform continues to evolve and create value.

Historically, Firefox has relied on the getaddrinfo API for DNS resolution on most platforms. However, due to inherent limitations — such as the missing Time-To-Live (TTL) information — we sometimes had to resort to alternative APIs like DNSQuery_A on Windows. When implementing DNS over HTTPS (DoH), we developed our own DNS parser, which allowed Firefox to also resolve TXT and HTTPS records. But DoH isn't available to all our users. With HTTPS records becoming increasingly important, we decided to resolve HTTPS queries using system APIs like DNSQuery_A, res_query, res_nquery, and android_res_query, with the expectation that this would cover all supported platforms. This talk will delve into the lessons learned from this journey and explain why these platform specific APIs often fall short of expectations.

The AT Protocol aka @proto is a protocol designed for decentralized social applications, the inaugural example being Bluesky - a social network application.

If you're developing with @proto or for Bluesky, join to meet others doing the same.

Learn more at:

• https://atproto.com/
• https://bsky.app/
• https://bsky.social/
• https://atprotocol.dev/
• https://lexicon.community

You can sign up at https://lu.ma/7a0p68nw to be notified about this and other @proto events around FOSDEM.

Welcome to the GCC (GNU Toolchain) devroom from the organizers.

The OpenSIPS Community Editions are the community effort to produce real-life SIP solutions (as platforms) already configured to fulfill precise SIP scenarios. OpenSIPS based solutions – acting as SoftSwitch or SBC – that are ready to use and simple to deploy.

This presentation offers a detailed look at the OpenSIPS Community Edition projects, exploring their capabilities, current status, and development roadmaps. It delves into the innovative ideas driving these projects and emphasizes the critical role of the open-source community in their evolution. To conclude, a brief showcase using Docker Compose will effectively demonstrate the practical utility of the OpenSIPS Community Edition projects.

eBPF is a big and complicated topic. For years it was common that the people using and writing eBPF programs were also the people involved in the development of eBPF. Those days are somewhat behind us now, eBPF is more popular than ever, and the number of non-kernel experts wanting to use eBPF is growing rapidly.

A lot of new people means a lot of learning to be done. There is a small but strong community of people to talk to, if you know how to find them. The internet is full of outdated articles that have aged like milk. The kernel has docs for a handful of subjects and man pages that are correct for some kernel versions but not others.

I started the eBPF docs project about two years ago out of frustration for the lack of comprehensive documentation. These docs are now hosted at docs.ebpf.io. Lets take a look at the state of these docs, what it took to get here and where they are going next.

Swift isn’t just for Apple platforms; there is something for all in this great open source general purpose programming language.

In this community welcome message, Paris Pittman, a member of the Swift Core Team, will provide an ecosystem overview. We’ll touch on milestones that we’ve achieved together and some of the up and coming work on our plates. And the best part - you can join us in the journey! Paris will detail out how you can plug in, no matter your platform of choice.

In recent years DMARC has become one of the cornerstones of email deliverability. A large part of email is now protected by the combined efforts of SPF, DKIM and DMARC checks. However, the secret weapons of DMARC which are hardly used are its reports. Along with respecting the policy set by an email sender, the recipient also actively acknowledges how many emails have been sent, from which IP addresses and why some of them have been delivered and others not. This reporting is done by providing a xml file inside a zip attached to an email, which makes it rather hard to digest for humans. Imagine what happens if you get such a report every day for every internet domain you, all of your colleagues and anybody spoofing you send emails to...

Obviously this calls for a tool. Interestingly, even though DMARC is almost a decade old, no good FOSS tool was ever developed. This is why DMARCaroni was created: free and open source software (written in Haskell and Elm) to deliver all your DMARC monitoring needs. In this talk I will unveil this new tool which I wrote in the last 18 months, show off its features, and talk about the roadmap.

Welcome session for the Cloud Native Databases devroom

While much of the fediverse has historically focused on microblogging, we've built an open source, federated blogging platform called WriteFreely that enables publishing long-form content to the social web.

In this talk, I'll show how WriteFreely works, and discuss how we integrated ActivityPub into our existing software (written in Go) to give writers a new way to socialize on the open web. I'll share lessons learned from this process, and discuss some ideas for supporting new content forms (like long-form Articles) into the wider fediverse.

A five minute introduction to the dev room.

SSH keys are an important part of system administration as they give access to remote systems. While openssh supports the PKCS11 interface, and yubikeys through the sk key types, they introduce challenges such as acquiring additional hardware, or introducing external code into sensitive processes. TPM are widely available hardware devices that allows key creating, signing and encryption operations on a separate hardware, however they do not have native supported by the openssh, and similar projects.

ssh-tpm-agent implements support for TPM wrapped SSH keys through the ssh agent interface. This allows a clear process separation for the keys, while ensuring no new support is required in the openssh project. The agent has support for RSA and ECDSA keys, while also having additional features like host keys, proxy support for additional agents, wrapping of existing keys and import of remotely created keys.

In this talk we will take a look at how the agent works, how the TPM is capable of preventing key extraction, and the other features available in the agent.

This talk will serve as a welcome and introduction to the Microkernel and Component-Based OS devroom. We will quickly go over the rules and expectations of the devroom, as well as introducing you to the devroom managers and answering general questions.

I will talk about implementing Elvish (https://elv.sh), a modern shell with Go. I will cover the following topics:

• An introduction to Elvish, including how to integrate it with Go-based tools for real-world scripting use cases
• How Go makes it easy to implement Elvish, such as pipeline semantics, standard library
• Testing strategy of Elvish as a case study of testing complex Go projects - Elvish has a test coverage of 92% and increasing, uses both unit tests, end-to-end tests and fuzzing

JRuby has been one of the largest consumers of invokeddynamic and method handles since they were introduced in Java 7. With the release of JRuby 10, we have upgraded our minimum Java to 21, and implemented many new optimizations. This talk will survey how JRuby uses invoke dynamic to compile and optimize Ruby code on the JVM.

Landlock is an unprivileged access control designed to create security sandboxes (i.e. Landlock domains). We are working on observability interfaces to identify the cause of denied requests, which require logging (audit) and a dedicated user space interface to get information about Landlock domains.

In this talk, we'll explain the challenges to tie log entries with running processes and their properties, considering the unprivileged approach of Landlock. This led us to create a new kind of ID to tie processes to Landlock domains. We are now working on a new user space interface to safely get information about these Landlock domains. Thanks to its flexibility, Landlock could be leveraged by container runtimes to better isolate processes and now also to cleanly identify them. We'll talk about the container labels/IDs challenges, how Landlock could help, and the potential limitations.

Modern, distributed systems are complex and present numerous challenges: concurrency, process crashes, message loss, duplication, or reordering.

How can developers confidently test distributed systems instead of continuously dreading the next hard-to-catch and hard-to-reproduce Heisenbug?

Deterministic Simulation Testing is a powerful testing technique that eliminates uncertainty－or rather non-determinism－and ensures that your system is tested exhaustively and every single test is reproducible.

Using a systems modeling approach, we will accurately and concisely discuss Deterministic Simulation Testing. In addition, we will explore real-world implementation of this technique in production in projects such as FoundationDB, TigerBeetle, and Resonate.

Gain actionable insights for crafting your own Deterministic Simulation Testing strategy. Confidently open Schrödinger's Box of testing in distributed systems.

This presentation introduces Active Tigger, an open-source research tool designed to accelerate collaborative text annotation in the social sciences.

The increasing use of text-as-data in social science research has created a pressing need for efficient annotation tools. While small datasets can be manually annotated, the exponential growth in available textual data (e.g., from newspapers and social media) demands solutions that enable collaborative annotation and automation. Moreover, the emergence of generative AI and large language models (LLMs) has highlighted the importance of robust corpus annotation practices, particularly for evaluating prompt-engineered outputs from LLM-as-a-service platforms like OpenAI or Hugging Face.

To address these challenges, we created an annotation platform, Active Tigger. A first version was developed in 2022 using R and RShiny (J. Boelaert, GitLab Repository). This tool embeds several annotation heuristics, including active learning—iteratively predicting and selecting annotations to maximize training quality—to help researchers build training datasets in order to fine-tuning encoder models. The tool quickly became integral to the research team's activities and beyond, which incited us to develop of a second, more robust version.

The current iteration of Active Tigger, built with a Python-based API and a React frontend, introduces enhanced flexibility and scalability. It supports collaborative workflows, accommodates a broader range of use cases, and is now in beta testing, with early adopters exploring its potential.

This presentation will cover three key aspects:

The journey of Active Tigger: From addressing specific social science needs to adapting to the evolving landscape of LLMs. Showcase: Demonstrating the annotation workflow using active learning and BERT fine-tuning. Future directions: Exploring the tool's evolution in the context of widespread LLM availability, discussing the trade-offs between focusing on specialized tasks and enabling broader applications.

Github repository of Active Tigger : https://github.com/emilienschultz/activetigger

GCC is the lifeblood which powers continued development for many legacy and niche processors, such as the Hitachi SH4, found in the Sega Dreamcast. See how far a group of retro game developers, reverse engineers, and language enthusiasts are able to push the console, armed with the latest version of the GNU Toolchain, taking a deep-dive through community-driven ports to the platform, such as Super Mario 64, Sonic Mania, Doom 64, and Grand Theft Auto 3.

Cloud Native databases architecture has evolved to leverage the elasticity, reliability and scalability available in the cloud. There is a growing trend to leverage object storage systems such as AWS S3 for architecting cost-effective, performant and scalable systems. S3 is a large-scale, high throughput key-value storage system, which it trades for a slightly higher latency. In this session we will present techniques used to leverage S3 for a low latency scalable distributed SQL database, in particular how to get around S3’s high latency by leveraging a novel new LSM Cloud Storage Engine that uses EBS as a cache to lower latency.

The basic foundations of the HelenOS project as we know it today have been laid in late 2004 and early 2005. This 20th anniversary is an opportunity not only for the usual status update talk about the recent developments and near future plans, but also a great opportunity to look at the bigger picture.

While the first 5 years of HelenOS were exploratory and the next 10 years were defined by dynamic expansion on all fronts by more than 80 individual contributors, the last 5 years could be fairly described as maintenance with much less activity.

HelenOS is alive and well, but there are no longer any low-hanging fruits in terms of major subsystems or frameworks missing. There is obviously still a sheer amount of individual hardware devices, file systems, standard APIs and polished features that could be supported or implemented, but that is clearly a less rewarding endeavor for potential contributors than working on the major building blocks like before.

Are there generic lessons to be learned from the story of HelenOS? Is every community-driven non-mainstream OS destined to end up in this "serene valley"? How do we plan to get out of it? The goal of this talk is to discuss these questions.

Ever wondered what it's like to maintain open source projects full-time?

In this talk, I'll share my journey from hobbyist to full-time open source maintainer, offering insight into the challenges and rewards of turning passion projects into a career.

Join me as I walk you through my journey, motivation, challenges, and tips for:

• Building a community around your open source project
• Increasing visibility and attracting contributors
• Navigating social media and livestreaming to grow your audience

And more! Along the way, I'll share insights from other maintainers, highlighting what works and what doesn't.

Blood, sweat, and code — it's all here, for the love of open source!

You can run anything on open source software, even a big conference. But have you ever tried running a theatre show with free and open software? Turns out you can. For the last five years, I have been running the technical side of a local theatre company with only free and open source software. Come to my talk to hear how we did it, what software we use(d) (and why), and what kind of bumps we hit.

We use open source software for the entire process, from preparation (writing the script, holding meetings), to ticket sales, our website, seat planning, audio mixing and broadcasting, video broadcasting and programming the lights. No closed source software is used in the process. An added challenge is that neither the theatre group, nor the public, are a technical audience or are aware what open source software is.

If you ever want to assist your local theatre group (do, they really can use technical people who don’t want to be on stage), come and listen!

Internet of Things (IoT) connects everyday devices, from sensors to smart home gadgets, with apps that control and monitor them. Building these systems requires programming languages that can work seamlessly across both embedded devices and applications. Swift has been great with C and C++ interoperability, but the introduction of Embedded Swift has brought this to a new level.

With Swift, we can now program embedded systems with low-power sensors and small memory footprints, while also taking advantage of Swift’s simplicity and safety to create interfaces that integrate seamlessly with high-level UI code.

This talk explores why Swift is the next big thing for IoT, demonstrating how it bridges the gap between embedded systems and user-interfacing Swift apps. You’ll learn why Swift’s expressive syntax, interoperability, and cross-platform capabilities simplify development for IoT.

User authentication in real-time communication systems using SIP (Session Initiation Protocol) is evolving with the adoption of OAuth 2.0, as outlined in RFC 8898, published by the IETF in 2020. This protocol secures user access through authentication tokens (instead of traditional methods like Digest). This "Single Sign-On" approach allows for the use of a unified identity verification source across the entire information system, and is now being extended to VoIP. In this conference, we will explore how OAuth 2.0 and OpenID Connect are integrated into a modern SIP environment, with a focus on managing and validating access tokens. To illustrate this, we will use our Flexisip server solution.

Key Topics: - OAuth 2.0 and OpenID Connect: Introduction and benefits for authentication in modern SIP systems. - JWT for Authentication: Token signature validation and extracting user identity. - Integration in Flexisip: Demonstration of OAuth-based authentication with Flexisip, and token validation in a SIP environment. - Authorization Management: Controlling requests based on identity information extracted from access tokens.

This conference will provide an overview of how to implement and secure user authentication with OAuth 2.0 and JWT in a SIP server, using Flexisip as a concrete example.

Systematic literature reviews are essential for evidence-based research, but they are often slow and require a lot of effort. Motivated by the potential of Retrieval-Augmented Generation (RAG) technology, our team from Georgia Tech's Master in Computer Science program, with early guidance from researchers at Robert Gordon University, created PICO Scholar. This AI-powered platform helps researchers by turning their queries into embeddings, matching them with a semantic vector database, and pulling out important research details—Population, Intervention, Comparison, Outcome (PICO). It ranks relevant studies and offers a chatbot powered by RAG for exploring documents more deeply. Future updates aim to add features for real-time collaboration, making it easier for teams to work together on reviewing literature.

PICO Scholar uses a solid microservices setup with Red Hat OpenShift AI, boosted by Intel’s OpenVINO toolkit. It runs models like SciBERT for embeddings and TinyLlama for generating text, managed by ModelMesh. LlamaIndex organizes embeddings into a TiDB VectorStore for smarter searches, and fine-tuned adapters improve accuracy for specific fields. MinIO S3 supports smooth model storage, and the platform’s microservice design makes it scalable and resource-efficient.

What makes PICO Scholar stand out is not just its technology but its focus on community and collaboration. Built during two hackathons - including a 2nd place win at the Red Hat & Intel AI Hackathon - with changing team members and diverse skills, the project follows open-source principles, encouraging contributions from all backgrounds. Our goal is to make powerful research tools accessible to everyone, helping researchers worldwide speed up discoveries. By continuing to improve PICO Scholar, we hope to support the scientific community and build a platform that grows and evolves to meet its needs.

PICO Scholar GitHub repository

Supporting modern smartphones on mainline Linux is getting easier by the year; it's now possible to get a lot of hardware working with fairly minimal effort or issues.

But what do we do for the parts which are not easy, the bits where you as a developer get stuck? Users of mobile phones expect everything to work, but the closer we get to that the more issues become apparent which are not just missing feature bringup.

We've managed to get 80% of the way, so let's talk about what's missing to get the remaining 20% to work and actually make phones mostly feature complete from a kernel perspective.

We present bpftrace [1], a tracing tool for Linux based on eBPF which comes with a simple domain-specific language, "bpfscript". The language offers a convenient way to write eBPF tracing programs, without the need to dive deep into the complexities of eBPF. This makes bpftrace suitable as the entry point into the eBPF world. In addition, the terse nature of the language facilitates on-the-fly writing of very powerful short programs (so-called "one-liners") specifically tailored at the user's immediate tracing purposes.

Where bpftrace has struggled in the past, is writing complex tools which are intended to run and be maintained for a prolonged period of time. This has recently started to change with the introduction of many new bpfscript features such as variable and type declarations, user-defined functions, and more.

Ultimately, our goal is to make bpftrace the number one choice for most tracing tasks on Linux. In this talk, I will guide you through our way to achieve that - the current state of the project, the latest significant additions, and the planned future work.

No prior knowledge of eBPF or bpftrace is required for this talk. A basic understanding or a prior experience with Linux tracing is helpful.

[1] https://github.com/bpftrace/bpftrace/

Discover how the Rust programming language and the ROS 2 framework are transforming robotics development in this talk. Participants will dive into the fundamentals of the ROS2 Rust package https://github.com/ros2-rust/ros2_rust. The session will highlight Rust's performance and safety benefits, its integration with ROS 2 for robotic systems, and practical implementation techniques. Through guided exercises, attendees will learn how to program and control a quadruped robot using Rust within the ROS 2 framework, gaining insights into the challenges of robotic systems and how this powerful combination addresses them effectively. This talk is ideal for developers looking to enhance their robotics expertise using a modern programming language and a robust middleware. Whether you're new to Rust, ROS 2, or seeking to deepen your robotics knowledge, this session offers a unique opportunity to build robust and efficient systems for the robots of tomorrow.

An overview of Immich, and how it helps you backup, browse, search and organize your photos and videos with ease.