Feeds

Ubuntu devs to get 15-min code review, full SDK love – Canonical

Faster, smoother, sandboxier

Beginner's guide to SSL certificates

Changes in Ubuntu will speed up the process of building apps and getting them approved for Software Center - but they could leave you more tied into the Linux distro’s software development kit (SDK).

Canonical has said it is changing the way packages – another name for the apps that make the basic operating system interesting – are developed, downloaded and managed by penguins.

The company is also rolling out further sandboxing to contain naughty third-party apps and rogue code and to streamline the process for getting packages approved for download from the Ubuntu Software Center.

For better or worse, though, it sounds like you’ll have to use the Ubuntu SDK instead of cross-platform widget toolkits such as GTK or QT – hard luck for those of you who love your GIMP.

Ubuntu community manager Jono Bacon here revealed future versions of Ubuntu will feature something called "click packages" – a means of automatically wrapping up your project’s code simply by pressing a button available inside the Ubuntu SDK.

It seems the click packages will be used instead of the Debian packaging format – .deb – used primarily for building the operating system.

The maintenance of Ubuntu packages is being turned into an online service, too, according to Bacon, and click packages won’t include full dependency resolution.

Currently, packages are synched when you update using apt-get that checks back with the Ubuntu archive. Obviously the more packages, the more complicated and slower it is to identify and solve dependency conflicts.

From now on, all dependency will be on the Ubuntu SDK. “With a click package the software simply depends on the Ubuntu SDK. This means we don’t need to worry about all that complex dependency resolution: we know the dependency, the Ubuntu SDK,” Bacon said.

Further, information on those dependencies between different modules will be served and stored as a web service. “Instead of maintaining a list of packages on the system… they are on a web service. You need a connection to download the package anyway, so why not ask a service which packages are available?" Bacon wrote.

Full sandboxing is also being used to help simplify the process for developers uploading and updating their applications in the Ubuntu Software Center. Sandboxing is already provided in the Linux kernel and is on by default from Ubuntu 7.10 onwards using AppArmour.

According to Bacon, sandboxing will mitigate the need for a full code review of apps trying to get into the Ubuntu Software Center. This review process had been something of a bottleneck with the manual process swamped by new packages and new versions of existing packages that had to be individually vetted for clearance.

“This, combined with click packages not having maintainer scripts and complex dependency chains, makes reviews much easier and more efficient,” Bacon said. He promised review in less than 15 minutes, down from “multi-day” code reviews.

Click packaging and sandboxing is “largely complete” but the work on the latter is unlikely to appear until after the introduction of new display server Mir, Canonical’s replacement for the X Window graphic system currently used in Ubuntu. Bacon said Canonical is not investing in fixing keyboard sniffing in X.

Rather, the goal is for full implementation of Mir in Ubuntu 13.10, which will arrive in October this year – though there will be support for X if there are no Mir drivers – and for a default Mir stack by the 14.10 distro release in October next year.

You can get more technical detail on the Ubuntu website. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
'In... 15 feet... you will be HIT BY A TRAIN' Google patents the SPLAT-NAV
Alert system tips oblivious phone junkies to oncoming traffic
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.