Posted:
Building development tools that support multiple programming languages can be a real grind. Doing it well takes a lot of work, and historically each tool has done it largely from scratch for each language it supports. It would be far easier if that hard work could be done just once in a reusable fashion that any tool can make use of. That’s the idea behind the Kythe project: by using a common structured format to represent source code in varied programming languages, Kythe-enabled tools are able to work with code in any supported language. Support for new languages can be plugged in as needed.


The name Kythe means "to make visible", specifically, making the structure of your code visible. It's early days and we've just opened up our project to the community, but we aim to build up a community of developers around these ideas. We've had a lot of experience building and maintaining similar cross-language tools inside Google and now we want to share the benefits of those tools with software developers beyond Google.


Kythe is open source and currently supports source code written in C++ and Java. (Support for Go is in progress.) It also includes a proof-of-concept source code browser that demonstrates how the pieces fit together. We have documentation available and invite you to join our mailing list for questions and discussions.


There's much more work to do and we look forward to evolving Kythe with the open source community's help.


by James Dennett, Kythe Team

Posted:
2014 was a monumental year for all of us in the Google Open Source Programs Office as we celebrated the 10th instance of Google Summer of Code and the fifth year of Google Code-in. As we start 2015, we are excited to continue spreading the word about open source.

One of the highlights for our team in 2014 was our February trip to FOSDEM where we had a table dedicated to our Google Summer of Code and Google Code-in programs. We are thrilled to be back this year for FOSDEM 2015 held on January 31-February 1 in Brussels at Université libre de Bruxelles. We look forward to chatting again with some of the expected 5,000+ attendees at this energetic, free to the public conference. Having the opportunity to talk face to face with some of the thousands of former students, mentors, and organization administrators about their experiences with the program and seeing the difference the programs make in people’s lives and careers is a true reward for our team. And if that wasn’t fun enough, we also have the opportunity to spread the word about our programs to hundreds of interested students and teachers by chatting with them one on one at our table.

Googlers will be speaking during the conference at the sessions below:

Saturday, January 31
16:00   Pete Williamson, Emacs and Elisp on the Chromebook

Sunday, February 1
On Sunday there will be a Go Developer room from 9:50 - 16:30 with talks including a couple from Googlers.


If you are attending FOSDEM, be sure to stop by our table and say hi!

By Stephanie Taylor, Open Source Programs Office

Posted:
Today’s Google Summer of Code (GSoC) wrap-up comes from John Woods at the SciRuby Project, an open source collection of scientific libraries for Ruby coders.


The SciRuby Project aims to provide Ruby with scientific capabilities similar to what the wonderful NumPy and SciPy libraries bring to Python. Our goal is to provide a complete suite of statistical, numerical, and visualization software tools for scientific computing. This was our second year participating in Google Summer of Code and four students worked with us over the summer.

Rajat Kapoor worked to flesh out Claudio Bustos' numerical Integration and Minimization gems. Integration now includes thirteen different quadrature algorithms (among them Gauss–Kronrod, Simpson's three-eighths method, Milne's method, Boole's quadrature, and open trapezoid). He also implemented a series of unidimensional optimization methods in Minimization (including Newton–Raphson, golden section, Brent, and quad golden), most of which can also make use of Ruby/GSL for faster execution.

Lahiru Lasandun also contributed to the Integration and Minimization gems. He focused on multidimensional optimization/minimization algorithms, implementing Powell's method, Nelder–Mead, and conjugate gradient. Lahiru also experimented with OpenCL framework support for parallel execution of integration tasks. This strategy works particularly well for large computations.

Magdalen Berns created a Ruby wrapper for FFTW3 (a fast Fourier transform library) with a focus on implementing support for transforms on NMatrix objects. This gem was written almost from scratch in the C and Ruby languages.

Naoki Nishida created Nyaplot, a clever interactive plotting client–server library that is compatible with IRuby. He continues to work on Nyaplot, which has already spawned additional open source software components: extensions for map visualization (Mapnya), circular plots (Bionya), 3D visualizations (Nyaplot3D), and a dataframe library (Daru).

SciRuby is immensely grateful for the opportunity to participate in Google Summer of Code for a second year. We thank our students, mentors, and other contributors for working to develop scientific computing infrastructure in the Ruby language, and we thank Google's Open Source Programs Office for its support.

By John Woods, Director of the Ruby Science Foundation (SciRuby)

Posted:

There are several wars in the world of programming that never die. Emacs vs Vim. Cuddled vs Non-Cuddled Braces. Tabs vs Spaces. Today we settle all of them… if you’re a Vim user. Google is pleased to release codefmt, a set of open-source plugins for automatically indenting your code in Vim. The default plugin provides support for C++, JavaScript, and Protocol Buffers via clang-format and for Go via gofmt. Additional languages are trivial to add by using codefmtlib to register them. Try it out and enjoy the freedom of never having to manually reflow your argument lists again.

by Matt Kulukundis, Search Infrastructure Team

Posted:
GCI-2014-b-square.png
Google Code-in 2014 (GCI) is in the books! This has been an exciting year for GCI: we celebrated the fifth anniversary of the contest and experienced our largest student participation to date.

Congratulations to all of the students who had their first experience with open source software development during GCI 2014. Over the last seven weeks, 667* students from 54 countries completed 3,260* tasks in the contest.

We had 12 open source organizations dedicated to teaching teens about open source and their communities participate this year. These organizations created almost 4,000 tasks for students to choose from in the following categories: coding, user interface, documentation, training, research, outreach, and quality assurance. Some of the tasks students completed in the contest include: writing small pieces of code, creating tutorials, redesigning landing pages, optimizing social media accounts, creating new plugins, finding and fixing bugs, creating webcasts on accessibility testing, and building test cases.

GCI gives students the opportunity to put the skills they have been learning in the classroom to use on real software projects while also learning how to communicate effectively with people from all around the world by participating in these open source communities. The collaboration aspect of GCI is the key to the success of the program and the real benefit to the students. During the course of the contest, they learn that open source software projects are a true team effort and there are many ways that you can contribute to a community.

Stay tuned: we will announce the 24 Grand Prize Winners for the GCI 2014 contest here on February 2nd. Currently the mentors are busy reviewing the final work submitted by students, and then each of the 12 organizations will decide on their five finalists (who will all receive a special finalist sweatshirt). Of those five finalists, two students will be named the Grand Prize winners for each organization. Each Grand Prize winner and a parent will receive a 4 day trip to Google’s California headquarters this June where they will meet Google engineers, take part in an awards ceremony, and enjoy a fun-filled day of adventure in San Francisco.

GCI would not be possible without the heart of the program: the GCI mentors and organization administrators. These mentors and org admins spend countless hours creating and reviewing hundreds of tasks while also teaching students about all facets of open source development: community standards, new and exciting technologies, code reviews, version control systems, IRC, and everything in between. They are volunteers who are passionate about introducing teens to their open source communities and their reward is seeing the light go on in a student when they become excited about open source software development. A HUGE thank you to all of these mentors and org admins who make this program a success!

In the coming weeks we will share some statistics from this year’s program as well as posts about some of the extraordinary work students completed during Google Code-in 2014.

Congratulations Students, Mentors, and Organization Administrators on a job well done!

* The final evaluations are currently being graded; these numbers could increase in the next few days.

By Stephanie Taylor, Google Code-in Program Manager

Posted:
Today’s Google Summer of Code (GSoC) wrap-up comes from Olivier Sarrat at Sigmah, an open source project producing a web app to help humanitarian aid organizations manage their projects.

sigmah.png


Sigmah is an initiative led by 12 NGOs to develop open source project management software for the international aid sector. It is a Java web application developed with GWT. This summer, three GSoC students from Brazil, India, and Romania implemented high-priority features which will soon be available in our Sigmah 2.0 release.


Renato Almeida worked on making Sigmah more flexible. In version 1.2, project model parameters couldn’t be changed if the model had already been used to create a project, but thanks to Renato’s work, this will soon be possible. For example, an organization could begin requiring its teams to attach the Terms of Reference to the initial assessment field visit, and this could be applied to all ongoing projects that have not yet completed the initial assessment phase. This allows organizations to react faster to feedback from team members and amend software parameters accordingly.


S.P. Mohanty, who has been working with Sigmah via GSoC since 2012, has improved Sigmah’s file transfer mechanism so that interrupted uploads can be resumed at a later time. This means it will no longer be necessary to wait and retry several times when sending a large file over an unreliable network connection. Mohanty’s work has also been re-used in the development of the offline mode.


Finally, Lucia Madalina Cojocaru’s work focused on a specific aspect of collecting indicators used to determine if a humanitarian project’s goals are being met: the management of data collection sites and project location. She also added the ability to use OpenStreetMap (OSM) in addition to the existing support for Google Maps. For humanitarian organizations, OSM collaborative maps can sometimes be more up-to-date and precise in the immediate aftermath of a crisis. Lucia also established the technical foundations so that in the future it will be possible to export data in Humanitarian eXchange Language (HXL), a standard from the OCHA (UN Office for Coordination of Humanitarian Affairs) which aims to improve coordination within the sector.


hbjcefei.png

By Olivier Sarrat, Sigmah Organization Administrator

Posted:
This week’s Google Summer of Code (GSoC) wrap up comes from Fabio Cerullo at The Open Web Application Security Project (OWASP), a charitable organization improving software security across the web.


At OWASP, we were thrilled to be part of GSoC for our third consecutive year. Our interaction with students and universities across the world has skyrocketed since we began participating in the program. In 2014, we received more than 90 proposals. We were able to accept 16 students who worked on a diverse range of application security projects. Below, we highlight a few of these.

Seraphimdroid: Before GSoC, SeraphimDroid was a research project aimed at educating end users about risks and threats coming from other Android applications and we had not given much thought to its interface. Furquan Ahmed implemented a modern user interface which is nicely integrated with existing features. Also, Furquan proposed and implemented several new features like alarming, an application locker, and geo-fencing. His work is now part of the latest release.


OWTF: The OWASP OWTF (Offensive Web Testing Framework) project began by applying chess-playing techniques to penetration testing (“pentesting”). We hoped this would help address the problem of pentesters rarely having adequate time to test systems. Several GSoC students this summer wrote code for new features included in our 1.0 Lionheart release. Tao Sauvage implemented Automated Rankings which helps users identify more serious vulnerabilities. Anirudh Anand developed a passive online scanner with flexible mapping and a templating engine. Deep Shah integrated OWTF with Mozilla Zest support and OWASP ZAP. Marios Kourtesis developed a Web Application Firewall (WAF) bypasser. Finally, Viyat Bhalodia improved the stateful browsing and session management of the tool.
There’s more information (including videos) about all the new features on the official release page.

Hackademics: The OWASP Hackademic Challenges project allows users to learn more about pentesting through simulated attacks in a safe and controllable environment.  One of the students, Bhanudev Chaluvadi, wrote 20 new challenges covering a range of topics such as buffer overflows, injection attacks, regex bypasses, brute forcing, and some cryptography breaking. He also improved almost all the existing challenges. Another student, Paul Chaignon, wrote 17 new challenges covering the OWASP Top Ten vulnerabilities and created a score calculator. Last but not least, Subhayan RoyMoulick created 9 intermediate-level cryptography challenges which include common attacks on RSA implementation vulnerabilities, frequency analysis, man in the middle, and one time pad attacks. All the students were actively participating in the community proposing solutions to known problems or finding bugs we missed (and often fixing them).

CSRF Protector: This year, GSoC allowed OWASP to create a new project to address Cross-Site Request Forgery attacks: CSRF Protector. Minhaz A V proposed the project and implemented it as a PHP library and an Apache HTTPD module. CSRF Protector complements OWASP’s preexisting CSRFGuard for Java web applications and greatly expands the types of projects OWASP can help protect from CSRF vulnerabilities.

GSoC is a great program that benefits students, open source projects, and mentors. It also helps the industry by giving students the opportunity to work on real world problems with highly experienced professionals. For many students, this will be the starting point for successful careers in the computer industry. I would like to invite all students interested in open source and application security to get involved with OWASP projects and subscribe to our OWASP GSOC mailing list.

By Fabio Cerullo, OWASP Organization Administrator

Posted:
Over the past three and a half weeks, teenagers from over 50 countries have been busy completing tasks in the Google Code-in 2014 (GCI) contest.  511 students have already successfully completed 1,985 tasks with the 12 open source organizations mentoring students this year!

Some of the tasks students have completed include: automating and optimizing social media accounts, writing test suites, improving mobile UI, designing website landing pages, creating training slides, working on internationalization efforts and fixing and finding bugs in the organizations’ software.

2,391 students from 86 countries have already registered for the contest. A big welcome to the students from the 21 countries participating for the first time in GCI: American Samoa, Antigua and Barbuda, Azerbaijan, Brunei, Burma, Chile, Ethiopia, Gambia, Georgia, Guatemala, Jamaica, Jordan, Kazakhstan, Kyrgyzstan, Mauritius, Nigeria, Oman, Qatar, Saudi Arabia, Suriname, and Taiwan! We look forward to seeing many of these students completing tasks over the next few weeks.

The countries with the most students completing tasks so far are:
United States - 141
India - 113
Bulgaria - 44
Singapore - 19
United Kingdom - 19

Students, there is still plenty of time to get involved with Google Code-in to earn certificates of completion and a Google Code-in 2014 t-shirt. New tasks are being added daily to the contest site so if you don’t see something that grabs your interest today, check back again every couple of days. Currently over 1,500 tasks are open for students to choose from.

The last day to register for the contest and claim a task is Sunday, January 18, 2015 with all work being due on Monday, January 19, 2015 at 9:00 am PT.

Thank you to all of the mentors and organization administrators who have volunteered to help students during the seven week contest. We couldn’t do this without all of their hard work and dedication to teaching students about open source software development.

Good luck to all of the students participating this year!

By Stephanie Taylor, Google Code-in Program Manager

Posted:
Today’s Google Summer of Code (GSoC) wrap up comes from Sean McGregor at the Privly Foundation, an organization dedicated to enabling private social communication for technical and non-technical users alike.


privly.png

The Privly Foundation develops the Priv.ly Project: a web privacy stack for social media. The privacy stack enables users to share content through social media while maintaining the confidentiality of their communications. In 2014, the Foundation mentored five students through Google Summer of Code (GSoC). Two highlights were the projects’ work on user experience (UX) and mobile applications.

Andrei-Vlad Fulgeanu: Privacy UX

One goal of the Privly Foundation is to enable non-technical users to benefit from privacy software. Since Open Source development naturally fosters systems preferred by developers, UX for the non-technical user is often an afterthought. Addressing the UX problem was Vlad's project and passion. He began his Priv.ly work with mentor and UX researcher, Jen Davidson, by performing a "cognitive walkthrough" that would drive his implementation plan. Informed by the UX methods, he contributed a set of improvements including a re-designed anti-spoofing glyph, a new in-context posting button, a redesign and renaming of the "History" application, and several bug fixes. Vlad has continued working on Priv.ly after the close of GSoC and has even won a Romanian Open Source coding competition through his contributions.

Ivan Metla and Gitanshu Sardana: Mobile Capabilities

We had two students working on the Android version of the Priv.ly Project. Ivan Metla worked on developing an internal API which enables developers to easily drop in more content sources such as email providers, social networks, and timeline-based sources into the application. This required changes to the way content is displayed to provide a UX consistent with the context that content is scraped from. The application now supports a thread based structure for Facebook messages and a timeline based structure for Twitter content. Ivan also
worked on porting the UI of the Priv.ly JavaScript applications for the mobile platform thereby displaying controls specific to the mobile users.

Gitanshu Sardana worked on a major overhaul of the application UI. The old "Activity"-based structure was replaced with a "Fragments"-based layout which enabled better UI transitions.  

Screenshot_2014-12-11-10-35-03.pngScreenshot_2014-12-11-10-34-55.png

He then helped add an action bar for access to application settings and improved session management, along with a navigation drawer providing the users with easier access to reading and generating new content. He also worked on adding experimental support for reading protected content from Gmail that resulted in a new threaded view for email content. Finally, he added the Index application (now called "History") to the mobile application's navigation drawer.

Lessons Learned

GSoC organizations with user-facing functionality should note the power of UX methods like cognitive walkthroughs and think alouds as a means of placing prospective students in the "I can make this better" mindset. A quick think-aloud in addition to coding tasks can establish the prospective student's ability to communicate effectively and think critically about the project they are proposing.

It was a pleasure working with the GSoC students in 2014 and we are very grateful for the opportunity to bring together a larger community developing privacy on the web!

By Sean McGregor, Privly Foundation Mentor