Flashing the FOSS modem firmware on the Pinephone

The pinephone contains amazingly few binary blobs. One of those is the modem firmware of the Quectel EG-25G. This modem is quite capable in terms of eg. LTE bands covered, but prone to crashes and other mysterious flaws. There is a firmware upgrade available (EG25GGBR07A08M2G_01.003.01.003), but people have reported instabilities with it.

Fortunately, biktorgj has created a (kind of) FOSS firmware that can be flashed on the modem, removing one more blob and making it easier debuggable. Kind of because the modem consists of two parts, a Linux userland (yes, it runs a full-fledged linux) and a binary firmware blob for the DSP inside (which does all the actual communication part). The DSP blob will not be replacible, but the userland is. So this is what I did:

The latest release at this point in time is 0.3.6 and is here (you might want to check the latest release version on the release page).

You need adb and fastboot (sudo apt install fastboot adb) installed on your pinephone,. The installation itself was just these commands on the pinephone :

wget https://github.com/Biktorgj/pinephone_modem_sdk/releases/download/0.3.6/package.tar.gz
  # any other temporary directory name/place will do below
mkdir firmware
tar xvzf package.tar.gz -C firmware
cd firmware
sudo ./flashall
  # took less than 30 seconds: last lines output was: "Finished, if everything went well, run fastboot reboot to restart the modem."
  # Do not reboot the modem before flashing the recommended DSP upgrade though)
wget https://github.com/Biktorgj/quectel_eg25_recovery/raw/EG25GGBR07A08M2G_01.003.01.003/update/NON-HLOS.ubi
  # you only need to flash the newer DSP blob once, not on every future upgrade...
sudo fastboot flash modem NON-HLOS.ubi
fastboot reboot

This FOSS Firmware does not do some loudness gain that the original one did, so the README (useful to read!) recommends to:

Call volume: May need some tweaking to the ALSA UCM configuration file. You can do this by editing /usr/share/alsa/ucm2/PinePhone/VoiceCall.conf. These values seem to work well:

cset "name='AIF1 DA0 Playback Volume' 90%"
cset "name='AIF2 DAC Playback Volume' 90%"
A reboot is required after changing this configuration file.

That was it!

Note1: After a fastboot reboot, mobile data did not immediately work. I powered the phone off, and took the battery out. After rebooting, data worked just fine. Not sure if it was necessary or even this, but it might be in case of trouble.

Note2: And before you ask: the modem cooperates better with ModemManager, resetting itself when it notices some inconsistencies, it makes HD audio possible, it makes routing the audio through USB possible, and it has no persistent data partition (meaning you cannot corrupt the modem if you cut power to it unexpectedly). We believe it is quite stable together with current mobian unstable/bookworm, but there is no guarantee, of course.

Der “Kapitalismus” lässt das Internet nicht scheitern (zumindest nicht in diesem Fall)

Auf golem.de schreibt Sebastian Grüner in einem Meinungsbeitrag Wie das Internet am Kapitalismus scheitert. Er behandelt die Ausfälle einiger großer Cloud und CDN-Anbieter (Fastly, Amazon, …) die weite Teile des WWW außer Gefecht setzten. Die Hauptthesen des Beitrags ist, “dass der Aufbau der aktuellen Internet-Infrastruktur immer mehr von Konsolidierung und damit von kapitalistischen Zwängen geprägt ist.” Und bevor eine Lösung in Sicht ist, “muss das Problem deutlich werden; vielen Nutzern, Betreibern, politischen Enscheidungsträgern ist es das nämlich nicht.”

Lieber Herr Grüner, oft stimme ich Ihnen zu, und auch hier stimmt vieles: viele Organisationen verlassen sich zu sehr auf einzelne “Cloud”anbieter ohne Alternativen in Betracht zu ziehen. So weit, so gut. Aber wenn diese Anbieter ausfallen und das eigene Geschäft offline ist, dann ist das erstmal nicht das Problem der Nutzer (im Sinne von Endnutzern), Betreibern (you get what you pay for) oder politischen Entscheidungsträgern (was sollte hier reguliert werden?), sondern der beauftragenden Organisation selber.

Das hier die Keule des Kapitalismus geschwungen wird, ist vermutlich clickbait. Mit Kapitalismus hat es nämlich nichts zu tun, dass Kunden sich auf einen großen Anbieter verlassen (die produzierenden Genossenschaften in der DDR waren größer und mindestens genauso dünne Flaschenhälse für die Supply Chain). Und Sparsamkeit ist nun wahrhaftig keine Tugend des Kapitalismus. 1958 hat Walter Ulbricht als 7. von 10. Geboten der sozialistischen Moral verkündet: “Du sollst stets nach Verbesserung Deiner Leistung streben, sparsam sein und die sozialist. Arbeitsdisziplin festigen.”
Abgesehen davon ist unklar, ob eine solche Konzentration auf große CDNs in einem “öffentlichen” Internet nicht ebenso stattgefunden hätte. Gegenfrage: sind die Serviceanbieter in Kuba zuverlässiger?
Zumindest bei meinem Arbeitgeber, einer Universität und Anstalt des öffentlichen Rechts, bricht zu Semesterbeginn regelmässig die Studieninfrastruktur zusammen, weil der (einzige?) Datenbankserver überlastet ist, wenn sich mehr als eine Handvoll Personen gleichzeitig über das neue Semester informieren. Genug vom Kapitalismus.

Das eigentliche Argument dass ich Herrn Grüner nicht abkaufe, ist dieses:

Die [für Cloud und CDN Dienstleistungen] nötigen Vorab-Investitionen in Hardware und Infrastruktur sind aber derart riesig, dass es wohl allein deshalb schon zu einer Art natürlicher Konsolidierung kommt. […]

Ebenso ist es unwahrscheinlich zu erwarten, dass sich die Seitenbetreiber selbst um Redundanz in den von ihnen gebuchten Dienstleistern bemühen. Eine parallele Infrastruktur für Ausfälle zu betreiben, die im Zweifel nur wenige Stunden im Jahr umfassen, ist wirtschaftlich oft nicht zweckmäßig.

Zum ersten Absatz: Ja, wenn man ein globales CDN aufziehen will, sind die Investitionen groß. (Wobei die BBC es sich vielleicht leisten könnte, im Vereinigten Königreich einen 2. oder 3. Server aufzustellen und seine Leser in Togo im Ernstfall für ein paar Stunden zu vernachlässigen). Aber es ist auch unnötig, dass ottos-schnuersenkel-shop.de ein globales CDN aufbaut. Wenn man das Risiko minimieren will, kann man a) redundante Datenzentren auch bei einem Anbieter buchen, oder b) einen zweiten CDN mit einbeziehen. Amazon verlangt keinen exklusiv-CDN Vertrag. Und Plattformen lassen sich auch auf mehren Anbietern hosten, ohne ein eigenes CDN Datencenter aufbauen zu müssen. Wenn der Bedarf dafür da ist, wird es auch Dienstleister geben, die über mehre Cloudanbieter gestreute High-Availability Server anbieten, ohne dass Onkel Otto eigene Server im Keller seines Schnürsenkelgeschäfts installieren muss.

Zum zweiten Absatz: wenn sich Seitenbetreiber nicht um die Redundanz der von Ihnen gebuchten Dienstleistungen bemühen, dann ist das schlicht kalkuliertes Risiko, und ein Ausfall ist einfach eine Folge dieser Kosten/Nutzenrechnungen. Und das kann man auch der BBC zumuten. Rechnungen der Art, “wie viel Reserve braucht man wenn man bei einer Ausfallwahrscheinlichkeit von X%, eine Servicequalität von Y% aufrecht erhalten will”, habe ich im 1. Semester ausrechnen müssen, dass ist wahrlich kein Hexenwerk.
Wenn die Mannschaft der Feuerwehr keinen Helm bekommt, dann ist eine Verletzung auch keine Machenschaft des Kapitalismus, sondern eine Folge von unsäglicher Kosten/Risikoabschätzung. Wenn etwas “wirtschaftlich nicht zweckmäßig” ist, dann sind die Kosten des Risikos per Definition geringer. Ansonsten *wäre* es eben wirtschaftlich zweckmässig. Wenn Seitenbetreiber hier auf Risiko setzen, ist das wirklich nicht das Problem der Gesellschaft, der Politik oder der Endnutzer. Genug medienwirksame Augenöffner bezüglich der Risken aus der letzten Zeit hat der Beitrag ja eindrücklich beschrieben.

Ihr Argument wird allerdings gültiger, je weiter weg man vom direkten Impact auf “Webseiten” kommt. Die Redundanzen der grundlegenden Infrastruktur (ich rede nicht vom Webhosting und CDN) sondern von den OSI Schichten 1-3, kosten Geld und ein Ausfall lässt sich nur sehr bedingt einzelnen Inzidenzen zuordnen, bzw. von Privatakteuren stemmen. Und ein Seitenanbieter im Süden Neuseelands ist nun mal nur durch zwei Unterseekabel mit dem Norden (und dieser durch wenige mit dem Rest der Welt) verbunden und hat wenig Wahl- oder Einflussmöglichkeiten.

Die Lösung des Problems? Betreiber müssen sich überlegen welche Cloud/CDN-Servicequalität sie benötigen. Und wenn ein Ausfall teurer ist als eine redundantere Infrastruktur, dann sollte man in diese investieren. Gerade bei gut zuzuordnenden Dienstleistungen auf die Servicequalität und bei leicht wechselbaren Anbietern (es ist ja kein Monopol) ist das durchaus möglich.

Bienen

Gestern ist uns ein Bienenvolk geschwärmt. Und es hat sich bei uns im Garten niedergelassen, so dass wir ihn einfangen konnten. Absolute Premiere und sehr beeindruckend! Danke an Oliver und Almut fürs Professionelle Bienenfangen :-).

Absima RC cars

Oliver hat sich von seinem Taschengeld ein Absima “First Step Perfomance” Auto gekauft. Gelegenheit für mich mehr über Akkutechnik, Steckerformate und “LiPo Balancer” zu lernen.

Es ist dieses Auto: Absima 1:14 EP Monster Truck RACING. Während die meisten RC Autos einfach flache Akkupacks mit Tamiya Stecker, T-Stecker, oder XT60 Steckern haben, hat dieses allerdings zwei Mignonähnliche 3.7V 1.500mAh LiOn Batterien (TYP AGB171-042). Leider ist es unklar welche Dimensionen diese Batterien haben und auch der Charger (AGB171-041) gibt keinerlei technischen Spezifikationen preis. Bei Absima selber für 15€ (nicht erhältlich), im Fachhandel 2Stck für 22€ ist ein Wort für Akkus.

Sobald wir das Gerät haben, werde ich hier für die Nachwelt ein paar ausgemessene technische Daten posten, damit andere es leichter haben Ersatzbatterien zu organisieren.

Update: Die Batterien sind normale 18650 LiIo Akkus (steht sogar auf dem Label). Sollten auf dem Pluspol allerdings einen Knubbel haben, eine flache Seite bekommt keinen Kontakt (wenn man nicht mit einer kleinen Unterllegscheibe nachhilft :-)). Ein LiPo od LiIon Batterypack hat in dem Modell allerdings keinen Platz bzw. keinen Stecker vorgesehen. Das müsste man etwas für “modifizieren”… Allerdings hat das Gerät mit meinen China-Akkus deutlich weniger Power als mit den mitgelieferten Absima Akkus (Innenwiderstand?).

Die Splinte (Body Clips) sind insgesamt 20mm lang und haben eine Drahtdurchmesser von 0.8mm, allerdings ist das Loch relativ groß und 1mm Draht sollte gehen…

P.S. Nach einiger Erfahrung. Nie wieder Absima Autos, zumindest in dieser Preisklasse ist die Verarbeitung und Qualität absoluter Schrott.

Pure-maps on Mobian/PureOS

I wanted to run Pure Maps on my Pinephone and the Librem 5, but did not want to install the flatpak version. So I learned more about Debian packaging, build systems, Qt, GLES than I ever wanted to know. First, I talk about the packaging nags and open issues and below I will detail how to just *use* pure-maps.

For Packagers:

My packaging is currently all in https://salsa.debian.org/Mobian-team/puremaps-packaging comprising 5 source packages. It is kind of straightforward debian packaging, with a few snags:

  • s2geometry is packed as library libs2-0 and libs2-dev. the -dev package is a build-dependency for pure-maps. I simply named the package 0.10.0 using current master. The last release was 2 years ago and development has actively continued. Current master annouces itself as 0.10.0 (I am using that commit). Ideally upstream would put out a real release so we have a reference point we can publish. I have an open ticket to formally release a new version.
  • pure-maps contains 2 git submodules in the thirdparty repository:
    gpxpy @ b9219a9f and geomag @ 8eb9a730. Building this requires the submodules checked outed and geomag will be installed as poor.geomag, I think. Debian has a python3-gpxpy package, so we should be fine patching that out (would appreciate help there). geomag does not seem to be packaged. build.opensuse.org and salsa.debion.org’s CI build the package fine. autopkgtest and piuparts tests fail, I have not looked into this.
    The last release was buggy and failed to work, so I had to use a more current commit (2.6.0+bab4f3cc-1). puremaps releases pretty frequently, so hopefully we can use a *real* release soon.
    Update: pure-maps has released a proper version now, so that is fine. They have also redone their packaging, so that it can make use of a system gpxpy module, which is good.
  • nemo-qml-plugin-dbus-qt5 has been packaged as libnemodbus1 and libnemodbus1-dev. I am not sure if the package naming is ok, it would also seem reasonable to give them a name that is more according to the upstream source package name. It builds fine and all salsa CI tests pass.
  • mapbox-gl-native is tricky. a) it contains a whole bunch of 3rd party submodules. And while the build on my local machine and on build.opensuse.org work fine. Salsa CI complains about modified source files and unrepresentable changes, failing to build. I am not sure now whether those 3rd party modules are part of the .orig source code or something (I believe not), but that needs solving and I don’t know how (that is the build failure on Salsa). The second issue, is that this is a library and the content should be split into a -dev package. Right now it is all bundled in one big package. The patches on top to make QMapboxGL findable by CMake, place those files in /usr/include/qt5/[QMapbox|QMapboxGL|qmapboxgl.hpp|qmapbox.hpp]. Unfortunately the -qml variant searches in /usr/include/<ARCH>/qt, e.g. /usr/include/aarch64-linux-gnu/ (where all the other similar files are placed, so this needs fixing as it requires the ugly hack mentioned below.
  • mapbox-gl-qml just works out of the box. has a bad hack on top (see above). In order to find mapbox-gl-native, I had to hardcode a search path of “/usr/include/qt/” on top. If the issue in mapbox-gl-native were fixed, this hack would hopefully not be needed anymore.
  • We will have to think about how we achieve that mobian prefers the -gles variants in case of:
    libqt5gui5 | libqt5gui5-gles
    libqt5quick5 | libqt5quick5-gles

    some pinephone meta package needs to conflice the former variants or so…
    I did not want to hardcode a requirement on the *gles versions into puremaps as e.g. the amd64 laptop works just fine with the regular DesktopGL ones. Would appreciate creative solutions by experienced packagers.

For Users:

A Debian testing repository (so it will work with Mobian and PureOS byzantium too) is available at http://download.opensuse.org/repositories/home:/spaetz/Debian_Testing/. That page also contains instructions on how to integrate the repository.

You can either download all required .deb files directly from here and install them with or integrate the repository directly (which I do not promise to keep up permanently).

A) Installing the .deb files directly

You will be needing the latest .deb files from:

Download and install with sudo apt ./FILE1.deb ./FILE2.deb ...

It will run using software emulation now (prepending LIBGL_ALWAYS_SOFTWARE=1 to pure-maps), but crash when trying to use hardware acceleration. To fix this, you need to install the -gles variant of Qt (instead of the OpenGL variant), these are the alternatives:
libqt5gui5 | libqt5gui5-gles
libqt5quick5 | libqt5quick5-gles

and by default it will have installed the first variant. Just do:

sudo apt install libqt5gui5-gles libqt5quick5-gles

this will uninstall the non-*gles variant and install the *-gles ones.

Now, just using “pure-maps” will work. It will complain about a missing MAPBOX API key (they call it token), to get started switch to the HERE maps (they are no vector tiles, but at least it displays something), and get a Mapbox API key from them (TODO: write Howto).

B) TL;DR: integrating the repository

as user purism (or mobian):

echo 'deb http://download.opensuse.org/repositories/home:/spaetz/Debian_Testing/ /' | sudo tee /etc/apt/sources.list.d/home:spaetz.list
wget -qO- https://download.opensuse.org/repositories/home:spaetz/Debian_Testing/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/home_spaetz.gpg > /dev/null
sudo apt update
sudo apt install libqt5gui5-gles libqt5quick5-gles pure-maps

Getting maps

Now, just using “pure-maps” will work. However upon start, it will complain about a missing MAPBOX API key (they call it token), to get started switch to the HERE maps (they are no vector tiles, but at least it displays something), and get a Mapbox API key from them (TODO: write Howto).

Notes: Getting location to work

Starting /usr/libexec/geoclue-2.0/demos/agent as user purism before pure-maps makes location work. (perhaps not needed on Mobian?) When the geoclue agent is implemented in phosh this should not be needed anymore.

Thanks!

Credits to rinigus, Bhushan Shah (@bshah:kde.org), @xalius:matrix.org, @PureTryOut:matrix.org, the helpful sur5r@#debian-mentors and everybody who patiently endured my quest for 2 days.

Customizing the Librem5 ringtone (works for Mobian too)

The Librem5 has a single ringtone included, and while it is nice, it is not aggressive enough for me, I wanted to customize it. So here is how I went about. The same will work for the Pinephone on Mobian which uses the same software stack, I think.

The terminology in this howto is quite confusing. So be aware that a 1) sound theme, a 2) feedback theme, and 3) feedback profiles are three different things.

1) The first one defines in which directories a sound file is looked up (the freedesktop theme will serve as fallback, if a sound is not defined). 2) The feedback theme connects event names and sound files (or visual/haptic feedback) and also defines various feedback profiles. 3) Those profiles are full, quiet and silent, providing profiles within a theme. OK, so let us get started and explain how to customize sounds. The testing it all section at the end of this blog post lets you easily test your results.

TL,DR; the quickie on the L5 / Mobian

#on the L5: as user purism
cp -pr /usr/share/sounds/librem5 ~/.local/share/sounds/mysound
mv YOURCOOLRINGTONE.ogg ~/.local/share/sounds/mysound/stereo/phone-incoming-call.oga
gsettings set org.gnome.desktop.sound theme-name mysound
# probably a reboot is needed...?!
#on Mobian: as user mobian
mkdir -p ~/.local/share/sounds/mobian/stereo
cp -pr /usr/share/sounds/freedesktop/index.theme ~/.local/share/sounds/mobian
mv YOURCOOLRINGTONE.ogg ~/.local/share/sounds/mobian/stereo/phone-incoming-call.oga
gsettings set org.gnome.desktop.sound theme-name mobian
# probably a reboot is needed...?!

Setting a sound theme

To check the current sound theme, issue:

gsettings get org.gnome.desktop.sound theme-name

On a Librem 5, the sound theme name will be “librem5“, which means that the default sound theme (src) installed at /usr/share/sounds/librem5 is being used. Go there, and check out the sounds in there, if you like. On the Mobian, the theme-name is simply set to “freedesktop“, ie no special theme-name has been set.

To create a new sound theme, I copied over the /usr/share/sounds/librem5 to /usr/share/sounds/spaetz (and renaming the theme in the index.theme file). If you want to do this as a local user, you can also place the directory in the ~/.local/share/sounds directory. Then set the sound theme to your new name, and you are done:

gsettings set org.gnome.desktop.sound theme-name YOURTHEMEDIRECTORNAMEYHERE

Once again, to check the currently set sound theme use: gsettings get org.gnome.desktop.sound theme-name

If all you wanted to achieve is to customize the sound, ie switch out sound files, you are done here. If you need to change the notifications or want to connect events and sounds in a different manner, read on.

Connecting Events and Sounds

feedbackd is used to connect events and feedback. The configured sound theme is used by the feedback theme definitions stored in /usr/share/feedbackd/themes/default.json which connects events to various types of feedback. Possible themes for various devices are in this src repo. And all possible event names are listed here. The docs however state that currently only a single hard coded feedback theme ‘default‘ can be used. So /usr/share/feedbackd/themes/default.json is the file to modify if you want to use a different sound name for an event, or let the vibrator vibrate longer (or shorter).

As an alternative to switching sound themes, in order to customize ringtones for instance, one could also connect e.g. the phone-incoming-call event to a different ogg sound file name (sound files usually use an .oga file suffix) and simply place that in the fallback directory at ~/.local/share/sounds/freedesktop. Modifying the effect name to your sound file name should be sufficient then (untested):

   {
      "event-name" : "phone-incoming-call",
      "type"       : "Sound",
      "effect"     : "phone-incoming-call"
    },

Although there is only a single feedback theme, it offers various feedback profiles, which is what we know as the normal, silent, vibrate-only profiles on other mobile phones. These can also be set and retrieved programmatically:

Feedback Profiles

In Settings->Notifications one can conveniently change the overall profile between loud and silent ones. Using the command line, you can use:

gsettings get org.sigxcpu.feedbackd profile
in order to retrieve the current profile and
gsettings set org.sigxcpu.feedbackd profile full|quiet|silent (one of the three possible values)
in order to set the current feedback profile. The description says:

full: Use configured events from the full, quiet and silent parts of the feedback them.

quiet: Use quiet and silent part from of the feedback theme. This usually means no audio feedback.

silent: Only use the silent part from the feedback theme. This usually means to not use audio or vibra.

Per app profiles

In Settings->Notifications one can conveniently change the profile also per application (so silence your chat messages but have loud sound when the alarm clock wants to go off).

Advanced stuff: One can set the feedback profile of an individual application via GSettings. E.g. for an app with app id sm.puri.Phosh to set the profile to quiet do:

gsettings set org.sigxcpu.feedbackd.application:/org/sigxcpu/feedbackd/application/sm-puri-phosh/ profile quiet

Testing it all

To simulate events and see/listen to the sounds use the fbcli utility (just fbcli will simulate an incoming phone call). The following (taken from the docs), will simulate an incoming message once:

fbcli -t -1 -E message-new-instant
# or play the alarm clock sound for 10 seconds:
fbcli -t 10 -E alarm-clock-elapsed

Note: while fbcli picked up a new sound theme immediately, a quick test on calling myself led to no ringtone sound at all. After a reboot, the new sound played fine. Please report if this was a glitch or seems to be the case indeed.

TODO: So what is the “Do not disturb” setting doing then 🙂
TODO: find out what happens when both /usr/share/sounds/librem5 and ~/.local/share/sounds/librem5 exist

Gummierte Etiketten

Notiz an mich selber: Wenn man Honiggläser etikettieren will, kann man z.B. folgende Services benutzen.

bei 100 Etiketten je Motiv / je Etikett  €  0,43, bei 250 Etiketten je Motiv / je Etikett  €  0,33, bei 500 Etiketten je Motiv / je Etikett  €  0,27 (5.3.2021)

Dear Sagepub

You are morons, the “not strong enough” password in question was: (gH{z.,=#OG_Hc%?p!Va/6"D

Worst of all, journals.sagepub.com DOES not accept the same password as study.sagepub.com. It only accepts 20 chars long passwords. 1) Why that, if you are storing my full-length password in cleartext you are doing something wrong! 2) If you only want 20 chars make your webform only accept 20 chars, that saves you and me time.

gnome-passwordsafe & my involvement

It is difficult to get frustration off your chest and doing so in a constructive and non-offensive manner, so please bear with me.

The beginnings

I started my involvement in the nice gnome-passwordsafe some time ago, providing patches and merge requests, with the maintainers being rather non-responsive. But the program is nifty and works well, filling a niche on mobile phone screens. I then pondered a fork or rewrite, but after @okias (David Heidelberg) was granted maintainer role, things started to flow and I aborted any forking fantasies I had.

Recent past

Things have been working rather smoothly, and we have managed a nice 4.0 release with lots of active contributions. As openhub.net puts it “Over the past twelve months, 37 developers contributed new code to GNOME Password Safe. This is one of the largest open-source teams in the world, and is in the top 2% of all project teams on Open Hub.
@okias is a great maintainer, and msandova aka deathwish_, Jean Felder and me have worked relentlessly in our spare time to clean up the code base and pay back accrued technical debt. Nonetheless, frustration and annoyedness with regard to the project have been growing for me recently and it stopped being fun. Having a full-time job and a family, the one thing I do not want is annoyedness and frustration in my spare time.

Status Quo

Three currently active core contributors have worked to refactor the code base and improve the code architecture. All three agree on the fact there is … lots of potential for improvement and have worked to achieve it. The rub is, all three have different visions of how precisely that should look like and the code base is so small and (still) intertangled that it is hardly possible to focus on different areas without stepping on each other toes, or breaking each other merge requests.

At the same time my frustration has been growing as some of my commits in a MR have been lingering or rejected by “being out of scope” for a MR (it removed a superfluous and invisible GtkBox) while at the same time crucial files (hello main_window.py) is totally refactored in another MR without any indication of what the refactor is good for and why there was a need to do so; complaining about everybody else touching that file. Or rejecting MRs that get rid of additional threads, saying we should first methodologically analyze what they did. Well, I did not come up with a patch by randomly fuzzing the code base, so I would appreciate if the hours spent to analyze the code flow were not just discredited as unmethodologically.
I don’t want to get into personal accusations about specifics because I guess others might feel just the same about their interactions with me (and probably rightfully so).

At times, I feel I don’t fit into the culture of the project, I do like python and gtk. But I have not drunk the flatpak-CoolAid yet (I prefer my distribution as the distributor of code), and don’t think flathub.org is our user facing homepage. I don’t think “secrets” is an appropriate name for a password manager. Gtk4 will not be a panacea, and we should not focus solely on it the day it is being release (or even before). And I believe a python programm is allowed to use pythonic programming patterns rather than GObject’ifying all and everything (unless it makes sense to do so).

I would rather work in incremental steps and use defensive programming using a baby step approach. On the other hand, I am clueless when it comes to GtkBuilder ui files and I don’t appreciate the small UI papercuts with a similar level of importance as others do, so having complementary talents work on the code is certainly useful and needed.

But I do not think the code base is big and modular enough for 3-4 code architects to work on it simultanously. At the same time I don’t want my grumpiness to impede on the progress of the project. So I will be scaling down my efforts with passwordsafe and wait until the major architecture has settled down and contributions are more useful again. Nobody benefits from 30+ competing merge requests all changing the same files being proposed simultaneously.

The future

I will be back!

Best of luck to all involved, continue to rock the boat, and making passwordsafe work well on Linux phones. I am not gone from the project, but I will refrain from bigger merge requests until things have settled down a little. I am not bitter or offended and think you passwordsafe devs are all doing great work: where we had too few over the last two years, we now have a bit too many too active cooks trying their hand at the same meal. I’ll be back for dessert.