Tootfinder

An interesting conversation about publishing, sparked by @… ‘s blog post, happening over on Bluesky: https://bsky.app/profile/danielbingham.bsky.social/…

Hugging Face launches LeRobot, an open-source robotics code library, after hiring former Tesla scientist Remi Cadene to lead its open-source robotics project (Carl Franzen/VentureBeat)
https://venturebeat.com/automation/hugging-f…

Hugging Face launches LeRobot open source robotics code library
An open-source toolkit designed to democratize AI robotics and inspire a new generation of roboticists, available now on Github.

RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Mathieu Labb\'e, Fran\c{c}ois Michaud
https://arxiv.org/abs/2403.06341 …

RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Distributed as an open source library since 2013, RTAB-Map started as an appearance-based loop closure detection approach with memory management to deal with large-scale and long-term online operation. It then grew to implement Simultaneous Localization and Mapping (SLAM) on various robots and mobile platforms. As each application brings its own set of contraints on sensors, processing capabilities and locomotion, it raises the question of which SLAM approach is the most appropriate to use in t…

GraphiQ: Quantum circuit design for photonic graph states
Jie Lin, Benjamin MacLellan, Sobhan Ghanbari, Julie Belleville, Khuong Tran, Luc Robichaud, Roger G. Melko, Hoi-Kwong Lo, Piotr Roztocki
https://arxiv.org/abs/2402.09285

GraphiQ: Quantum circuit design for photonic graph states
GraphiQ is a versatile open-source framework for designing photonic graph state generation schemes, with a particular emphasis on photon-emitter hybrid circuits. Built in Python, GraphiQ consists of a suite of design tools, including multiple simulation backends and optimization methods. The library supports scheme optimization in the presence of circuit imperfections, as well as user-defined optimization goals. Our framework thus represents a valuable tool for the development of practical sche…

Google's Jpegli open-source library can compress high quality images 35% more than traditional JPEG codecs
https://www.cnx-software.com/2024/04/05/googles-jpegli-open-source-libr…

Google's Jpegli open-source library can compress high quality images 35% more than traditional JPEG codecs - CNX Software
Google has released the Jpegli open-source library for advanced JPEG coding that maintains backward compatibility while delivering an up to 35%

neue Ausgabe der Zeitschrift 027.7:
"The Global Impact of #Library #Publishing. Proceedings of the IFLA Library Publishing SIG Satellite Programme and the Open Session at WLIC 2023 in the Netherlands"

This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a

Echopype: A Python library for interoperable and scalable processing of water column sonar data for biological information
High-frequency sonar systems deployed on a wide array of ocean observing platforms are creating a deluge of water column sonar data at an unprecedented speed from all corners of the ocean. Efficient and integrative analysis of these data, either across different sonar instruments or with other oceanographic datasets, holds the key to monitoring and understanding the response of marine ecosystems to the rapidly changing climate. In this paper we present Echopype, an open-source Python software l…

This is really nice: I can finally share the news that the #OAPEN Library and #DOAB will be hosted by #CERN
"An expanded collaboration agreement between CERN and the OAPEN Foundation sees the Laborat…

RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Mathieu Labb\'e, Fran\c{c}ois Michaud
https://arxiv.org/abs/2403.06341 …

RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Distributed as an open source library since 2013, RTAB-Map started as an appearance-based loop closure detection approach with memory management to deal with large-scale and long-term online operation. It then grew to implement Simultaneous Localization and Mapping (SLAM) on various robots and mobile platforms. As each application brings its own set of contraints on sensors, processing capabilities and locomotion, it raises the question of which SLAM approach is the most appropriate to use in t…

This https://arxiv.org/abs/1808.01590 has been replaced.
link: https://scholar.google.com/scholar?q=a

$\texttt{Spglib}$: a software library for crystal symmetry search
A computer algorithm to search symmetries of crystal structures as implemented in the \texttt{spglib} code is described. An iterative algorithm is employed to robustly identify space group types tolerating a certain amount of distortion in the crystal structures. The source code is distributed under the 3-Clause BSD License, a permissive open-source software license. This paper focuses on the algorithm for identifying the space group symmetry of the crystal structures.

"Open Library of Humanities launches 7 new journals: https://openlibhums.org/news/700/
This increases the OLH’s portfolio to 30 journals […], with a further 3 high-profile journals who will be leaving their commercial publishers in Spring-Summer 2024 to relaunch at the OLH.
This is…

This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a

Echopype: A Python library for interoperable and scalable processing of water column sonar data for biological information
High-frequency sonar systems deployed on a wide array of ocean observing platforms are creating a deluge of water column sonar data at an unprecedented speed from all corners of the ocean. Efficient and integrative analysis of these data, either across different sonar instruments or with other oceanographic datasets, holds the key to monitoring and understanding the response of marine ecosystems to the rapidly changing climate. In this paper we present Echopype, an open-source Python software l…

Lunar Library: Das Wissen der Menschheit ist auf dem Mond archiviert
https://www.golem.de/news/lunar-library-das-wissen-der-menschheit-ist-auf-dem-mond-archiviert-2402-182578.html

Insights from Basilisk: Are Open-Source EDA Tools Ready for a Multi-Million-Gate, Linux-Booting RV64 SoC Design?
Philippe Sauter, Thomas Benz, Philippe Sauter, Frank K. G\"urkaynak, Luca Benini
https://arxiv.org/abs/2405.04257

Insights from Basilisk: Are Open-Source EDA Tools Ready for a Multi-Million-Gate, Linux-Booting RV64 SoC Design?
Designing complex, multi-million-gate application-specific integrated circuits requires robust and mature electronic design automation (EDA) tools. We describe our efforts in enhancing the open-source Yosys+Openroad EDA flow to implement Basilisk, a fully open-source, Linux-booting RV64GC system-on-chip (SoC) design. We analyze the quality-of-results impact of our enhancements to synthesis tools, interfaces between EDA tools, logic optimization scripts, and a newly open-sourced library of optim…

Almost half of data scientists find it difficult to adopt streaming technologies. Join Chloe He at this year's Berlin Buzzwords to learn about basic streaming concepts, how her team created an open source library that unifies batch and streaming, and how to add streaming technologies to existing batch workloads with minimal code changes. #bbuzz

LawArXiv has been retired and replaced with "a new branded preprint service," Law Archive, that operates "under the Yale Law Library's umbrella" (h/t @…): https://www.cos…

Yale Law School Champions Open Legal Scholarship with the Launch of Law Archive
Yale Law School has launched Law Archive, a new branded preprint service developed using the OSF infrastructure. This initiative reflects a commitment to facilitating the free and open sharing of legal research and scholarship, echoing a broader movement within academic communities towards greater accessibility and transparency.

New Belgium Brewing Company is running a pretty open-ended small grant program for cycling-related stuff.
I applied for one for the E-Bike Library; you should tell all your favorite bicycle non-profits to apply for one too.
https://www.newbelgium.com/company/mission

2/ Hat mir gerade jemand geschickt. Also #Philosophie scheint auch die Schnauze voll zu haben und sagt Tschüss. Sehr schön! #PoliticalPhilosphy #Wiley
„Die Open Library of Humanities hat jetzt Political Philosophy im Angebot. Political Philosophy ist ein großes Ding, jedenfalls in der theoretischen Politikwissenschaft. Es geht aus dem Wiley-Journal The Journal of Political Philosophy hervor, das aktuell kein Editorial Board hat.
Wiley hat den Editor in Chief, Robert Goodin, gefeuert, als dieser sich weigerte, mehr Artikel pro Jahr in dem Journal zu veröffentlichten. Daraufhin hat der Rest des Boards, ebenfalls sehr respektable Leute, hingeschmissen. [1] Du wirst Robert Goodin wahrscheinlich mögen, er hat u.a. ein Standardwerk zur politischen Theorie von Grüner Politik verfasst.
Wiley versucht offenbar, die Steuergelder abzuschöpfen, die in Gold-OA-Gebühren fließen. Diese Praxis kannte ich bisher nur von MDPI oder Frontiers. Die Preise bei Wiley für das Journal: $3840 oder 3190€. Ich glaube wir alle wissen, wie diese Preise zu bewerten sind ...“
[1] https://dailynous.com/2023/04/27/wiley-removes-goodin-as-editor-of-the-journal-of-political-philosophy/

We are now offering online, 6-week intensive summer courses in Elementary Biblical Hebrew and Elementary New Testament Greek, open to the public.
Course tuition is free for YDS students. For all others it is: $3,673 
For more info and to apply: https://divi…

"The Open Library of Humanities (#OLH) is an award-winning publisher of #humanities scholarship based at Birkbeck, University of London. We play a leading role within a growing ecosystem of scholar-led digital publishing, that combines cutting-edge technology with community governance and not-for-profit…

Open Library of Humanities
The Open Library of Humanities is an award-winning open-access publisher of internationally leading academic scholarship. Our mission is to support and extend open access to scholarship in the humanities – for free, for everyone, for ever.

QSpace - An open-source tensor library for Abelian and non-Abelian symmetries
Andreas Weichselbaum
https://arxiv.org/abs/2405.06632 https://

Achievement unlocked: good luck fool, level 3.
Tried to open the metro gate with a library card.

The important role #OpenSSL plays in securing the Internet has never been matched by the financial resources devoted to maintaining it.
The open source #cryptographic #software library secures hundreds of thousands of Web s…

Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL
IBM, Intel, Microsoft, Facebook, Google, and others pledge millions to open source.

Enshittification alert: I use YouTube Music, mostly because it has my own 10K songs I uploaded into its “Google Music” predecessor. In Android Auto, YTMusic used to support Library->Uploaded and I could shuffle that stuff. They took it away. You have to pull over, get out your phone, navigate to Uploaded, etc.
There’s an open issue on the YTMusic help, saying “Android Auto doesn’t support long lists.” It used to.
Feaugh.

This https://arxiv.org/abs/2404.06484 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSE_…

Public-private funding models in open source software development: A case study on scikit-learn
Governments are increasingly funding open source software (OSS) development to support software security, digital sovereignty, and national competitiveness in science and innovation, amongst others. However, little is known about how OSS developers evaluate the relative benefits and drawbacks of emergent governmental funding for OSS. This paper explores this question through a case study on scikit-learn, a popular Python library for machine learning, which has been funded by public research gra…

This https://arxiv.org/abs/2405.04257 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csAR_…

Insights from Basilisk: Are Open-Source EDA Tools Ready for a Multi-Million-Gate, Linux-Booting RV64 SoC Design?
Designing complex, multi-million-gate application-specific integrated circuits requires robust and mature electronic design automation (EDA) tools. We describe our efforts in enhancing the open-source Yosys+Openroad EDA flow to implement Basilisk, a fully open-source, Linux-booting RV64GC system-on-chip (SoC) design. We analyze the quality-of-results impact of our enhancements to synthesis tools, interfaces between EDA tools, logic optimization scripts, and a newly open-sourced library of optim…

This https://arxiv.org/abs/2311.02058 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csRO_…

LOTUS: Continual Imitation Learning for Robot Manipulation Through Unsupervised Skill Discovery
We introduce LOTUS, a continual imitation learning algorithm that empowers a physical robot to continuously and efficiently learn to solve new manipulation tasks throughout its lifespan. The core idea behind LOTUS is constructing an ever-growing skill library from a sequence of new tasks with a small number of human demonstrations. LOTUS starts with a continual skill discovery process using an open-vocabulary vision model, which extracts skills as recurring patterns presented in unsegmented dem…

new at the #nyc public library: #archives & records of the east village eye, 1979-1987. https://www.…

New to the Archives: The East Village Eye Records | The New York Public Library
The records of the groundbreaking underground newspaper are now open to researchers.

Kennt ihr die „Human Library“? Es ist ein Projekt aus Dänemark, bei dem Menschen als Bücher fungieren, in denen man „lesen“ kann. Ganz nach dem Motto: „Don’t judge the book by its cover.“
In dieser etwas anderen Bibliothek kann man sich also eine Gesprächspartnerin „ausleihen“, die vielleicht an Borderline leidet. Oder jemanden, der mal eingesessen hat. Oder, oder. 1/2

Definitely had some sort of anxiety dream last night that I was back in library school and everyone was upset at me for...smashing open a sealed unopenable box(?) while they were watching a film in class.

Very happy to share this exciting news that the California Digital Library (my workplace), Lyrasis, and the Big Ten Academic Alliance Libraries are joining together to advance Diamond OA in the US! https://osc.universityofcalifornia.edu/2024/04/better-together-btaa…

I've just landed a fix in #libreoffice that fixes a couple of bugs in PDF import, one of which has been open for 6.5 years old. It's been an odd couple of month trip through the Poppler PDF library and the weird convoluted path it's used in LO; since Poppler is GPL (no pre-L!) LO runs it in a separate process that then spits out a cursed intermediate format which LO then parses …

The lack of evening / nighttime Third Places that are not pushing alcohol is a serious gap.
How many of us have high school memories of Perkins or Waffle House or similar at 1am?
I remember a period in the 90s / early 00s when coffee shops were open until midnight or later. That was great. Seems rare now; am I imagining that?
…

GeriAQuin (@GeriAQuin@mstdn.social)
Attached: 1 image What if … #library

_“The end game would be the ability to login to every Fedora, Debian and Ubuntu box on the internet. If it isn’t a state actor it should be…”_
Cryptographer Filippo Valsorda said, _“This might be the best executed supply chain attack we’ve seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library.”_
And awesome: FOSS community catched it, because tests slowdown

'xz utils' Software Backdoor Uncovered in Years-Long Hacking Plot - UNICORN RIOT
A fascinating but ominous software story dropped on Friday: a widely used file compression software package called “xz utils” has a cleverly embedded system for backdooring shell login connections, and it’s unclear how far this dangerous package got into countless internet-enabled devices. It appears the persona that injected this played a long game, gaining the […]

Efficient Open Modification Spectral Library Searching in High-Dimensional Space with Multi-Level-Cell Memory
Keming Fan, Wei-Chen Chen, Sumukh Pinge, H. -S. Philip Wong, Tajana Rosing
https://arxiv.org/abs/2405.02756

Efficient Open Modification Spectral Library Searching in High-Dimensional Space with Multi-Level-Cell Memory
Open Modification Search (OMS) is a promising algorithm for mass spectrometry analysis that enables the discovery of modified peptides. However, OMS encounters challenges as it exponentially extends the search scope. Existing OMS accelerators either have limited parallelism or struggle to scale effectively with growing data volumes. In this work, we introduce an OMS accelerator utilizing multi-level-cell (MLC) RRAM memory to enhance storage capacity by 3x. Through in-memory computing, we achiev…

From the rare occasion when I head into the city. Love the orderly queue outside the British Library just before the doors open up. #AnalogPhotography #BelieveInFilm

This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a

Echopype: A Python library for interoperable and scalable processing of water column sonar data for biological information
High-frequency sonar systems deployed on a wide array of ocean observing platforms are creating a deluge of water column sonar data at an unprecedented speed from all corners of the ocean. Efficient and integrative analysis of these data, either across different sonar instruments or with other oceanographic datasets, holds the key to monitoring and understanding the response of marine ecosystems to the rapidly changing climate. In this paper we present Echopype, an open-source Python software l…

"The West Virginia House passed House Bill 4654 – removing bona fide schools, public libraries, and museums from the list of exemptions from criminal liability relating to distribution and display to a minor of obscene matter – in a 85-12 vote Friday, sending the bill to the state Senate."
The vague law would open librarians to criminal prosecution if "obscene" material is found in their library.

West Virginia House passes bill allowing prosecution of librarians
CHARLESTON — The West Virginia House of Delegates debated the merits of removing protections for public librarians and school librarians from criminal prosecution in the off chance a minor encounters books and content some consider to be obscene. The House passed House Bill 4654 – removing bona fide schools, public libraries, and museums from the […]

#AGPL vs #SSPL
AGPL, add the requirement to include mgmt/monitoring/backup/storage/APIs/UIs such that you could run the service (e.g., other internal APIs or dashboards don't leak through in how AGPL is defined - only that library's API)
or, SSPL, but get rid of the "you aren't allowed to run a competing business" requirement (e.g., SSPL isn't truly open)
AGPL but more
SSPL but less

At this year's Berlin Buzzwords, Corey J. Nolet and Vivek Narang will talk about using Nvidia's open source cuVS library to accelerate Apache Lucene's vector search capabilities on the GPU. #bbuzz
https://

This https://arxiv.org/abs/2308.02921 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_ees…

PowerSimulationsDynamics.jl -- An Open Source Modeling Package for Modern Power Systems with Inverter-Based Resources
In this paper we present the development of an open-source simulation toolbox, PowerSimulationsDynamics.jl, to study the dynamic response of power systems, focusing on the requirements to model systems with high penetrations of Inverter-Based Resources (IBRs). PowerSimulationsDynamics.jl is implemented in Julia and features a rich library of synchronous generator, inverter, and load models. In addition, it allows the study of quasi-static phasors and electromagnetic dq models that use a dynamic…

This https://arxiv.org/abs/2404.06484 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSE_…

Public-private funding models in open source software development: A case study on scikit-learn
Governments are increasingly funding open source software (OSS) development to support software security, digital sovereignty, and national competitiveness in science and innovation, amongst others. However, little is known about how OSS developers evaluate the relative benefits and drawbacks of emergent governmental funding for OSS. This paper explores this question through a case study on scikit-learn, a popular Python library for machine learning, which has been funded by public research gra…

On the Average Runtime of an Open Source Binomial Random Variate Generation Algorithm
Vincent A. Cicirello
https://arxiv.org/abs/2403.11018 https://…

On the Average Runtime of an Open Source Binomial Random Variate Generation Algorithm
The BTPE algorithm (Binomial, Triangle, Parallelogram, Exponential) of Kachitvichyanukul and Schmeiser is one of the faster and more widely utilized algorithms for generating binomial random variates. Cicirello's open source Java library, $ρμ$, includes an implementation of BTPE as well as a variety of other random number related utilities. In this report, I explore the average case runtime of the BTPE algorithm when generating random values from binomial distribution $B(n,p)$. Beginning with…

From the rare occasion when I head into the city. Love the orderly queue outside the British Library just before the doors open up. #AnalogPhotography #BelieveInFilm

Yesterday, I had the pleasure of presenting to the #UKRI Science and Technology Facilities Council about #OpenAccess for #books.

Learn the differences between offline and online machine learning, how one can complement the other, and streaming concepts and best practices to start your online ML journey with River, an open source Python ML library, in this short talk by Tun Shwe at this year's Berlin Buzzwords. #bbuzz

My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…

Lio by Mark Tatulli for February 15, 2024 | GoComics.com
http://www.gocomics.com/lio/2024/02/15

Beacon, a lightweight deep reinforcement learning benchmark library for flow control
Jonathan Viquerat, Philippe Meliga, Pablo Jeken, Elie Hachem
https://arxiv.org/abs/2402.17402 …

Beacon, a lightweight deep reinforcement learning benchmark library for flow control
Recently, the increasing use of deep reinforcement learning for flow control problems has led to a new area of research, focused on the coupling and the adaptation of the existing algorithms to the control of numerical fluid dynamics environments. Although still in its infancy, the field has seen multiple successes in a short time span, and its fast development pace can certainly be partly imparted to the open-source effort that drives the expansion of the community. Yet, this emerging domain s…

Closed-Loop Open-Vocabulary Mobile Manipulation with GPT-4V
Peiyuan Zhi, Zhiyuan Zhang, Muzhi Han, Zeyu Zhang, Zhitian Li, Ziyuan Jiao, Baoxiong Jia, Siyuan Huang
https://arxiv.org/abs/2404.10220

Closed-Loop Open-Vocabulary Mobile Manipulation with GPT-4V
Autonomous robot navigation and manipulation in open environments require reasoning and replanning with closed-loop feedback. We present COME-robot, the first closed-loop framework utilizing the GPT-4V vision-language foundation model for open-ended reasoning and adaptive planning in real-world scenarios. We meticulously construct a library of action primitives for robot exploration, navigation, and manipulation, serving as callable execution modules for GPT-4V in task planning. On top of these…

This https://arxiv.org/abs/2309.01977 has been replaced.
initial toot: https://mastoxiv.page/@arX…

PyTomography: A Python Library for Quantitative Medical Image Reconstruction
Background: There is an absence of open-source libraries in emission tomography that (i) use modern and popular backend code to encourage community contributions and (ii) offer support for the multitude of reconstruction algorithms available in recent literature, such as those that employ artificial intelligence. Purpose: To create and evaluate a GPU-accelerated, open-source, and user-friendly image reconstruction library, designed to serve as a central platform for the development, validation,…

My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…

GeoFlood: Computational model for overland flooding
Brian Kyanjo, Donna Calhoun, David L. George
https://arxiv.org/abs/2403.15435 https://

GeoFlood: Computational model for overland flooding
This paper presents GeoFlood, a new open-source software package for solving shallow water equations (SWE) on a quadtree hierarchy of mapped, logically Cartesian grids managed by the parallel, adaptive library ForestClaw (Calhoun and Burstedde, 2017). The GeoFlood model is validated using standard benchmark tests from Neelz and Pender (2013) and against George (2011) results obtained from the GeoClaw software (Clawpack Development Team, 2020) for the historical Malpasset dam failure problem. Th…

It's been a while since I've complained about #RustLang itself, so…
Cargo insists on interacting with #git repositories. At the same time, cargo insists on vendoring an old version of #LibGit2 (1.6.2 FWICS). So, if your system is using a new git version (2.44.0), you won't be able to `cargo build`:
```
error: failed to determine package fingerprint for build script for uv v0.1.38 (/tmp/uv/crates/uv)
Caused by:
failed to determine the most recently modified file in /tmp/uv/crates/uv
Caused by:
failed to determine list of files in /tmp/uv/crates/uv
Caused by:
failed to open git index at /tmp/uv/.git/
Caused by:
invalid data in index - calculated checksum does not match expected; class=Index (10)
```
You have to clone everything with `-c index.skipHash=false` to work around this.
But yeah, I'm sure there's a great benefit to using an outdated vendored C library that NIHs git.
#Gentoo #NIH

GPU acceleration of ab initio simulations of large-scale identical particles based on path integral molecular dynamics
Yunuo Xiong
https://arxiv.org/abs/2404.02628

GPU acceleration of ab initio simulations of large-scale identical particles based on path integral molecular dynamics
Path integral Monte Carlo (PIMC) and path integral molecular dynamics (PIMD) provide the golden standard for the ab initio simulations of identical particles. In this work, we achieved significant GPU acceleration based on PIMD, which is equivalent to PIMC in the ab initio simulations, and developed an open-source PIMD code repository that does not rely on any other third party library. Numerical experiments show that for a system of 1600 interacting identical bosons in a harmonic trap, using a…

This https://arxiv.org/abs/2309.01977 has been replaced.
initial toot: https://mastoxiv.page/@arX…

PyTomography: A Python Library for Quantitative Medical Image Reconstruction
Background: There is an absence of open-source libraries in emission tomography that (i) use modern and popular backend code to encourage community contributions and (ii) offer support for the multitude of reconstruction algorithms available in recent literature, such as those that employ artificial intelligence. Purpose: To create and evaluate a GPU-accelerated, open-source, and user-friendly image reconstruction library, designed to serve as a central platform for the development, validation,…

LASY: LAser manipulations made eaSY
Maxence Th\'evenet, Igor A. Andriyash, Luca Fedeli, \'Angel Ferran Pousa, Axel Huebl, S\"oren Jalas, Manuel Kirchen, Remi Lehe, Rob J. Shalloo, Alexander Sinn, Jean-Luc Vay
https://arxiv.org/abs/2403.12191

LASY: LAser manipulations made eaSY
Using realistic laser profiles for simulations of laser-plasma interaction is critical to reproduce experimental measurements, but the interface between experiments and simulations can be challenging. Similarly, start-to-end simulations with different codes may require error-prone manipulations to convert between different representations of a laser pulse. In this work, we propose LASY, an open-source Python library to simplify these workflows. Developed through an international collaboration b…

This https://arxiv.org/abs/2402.17402 has been replaced.
initial toot: https://mastoxiv.page/@ar…

Beacon, a lightweight deep reinforcement learning benchmark library for flow control
Recently, the increasing use of deep reinforcement learning for flow control problems has led to a new area of research, focused on the coupling and the adaptation of the existing algorithms to the control of numerical fluid dynamics environments. Although still in its infancy, the field has seen multiple successes in a short time span, and its fast development pace can certainly be partly imparted to the open-source effort that drives the expansion of the community. Yet, this emerging domain s…