On Thu, Jul 09, 2026 at 02:52:28AM +0200, Mark Wielaard wrote: > Friday, 10 July is the second Friday of the month, so it is time for > the Sourceware Open Office. The topic is "Fundraising for Sourceware". > > Last year we successfully completed our infrastructure hardware > refresh cycle. We doubled individual donations and increased corporate > "in-kind" support for hosting and networking. > > For the 2026/2027 fiscal year, we would like to shift our budget > focus to spend less on "iron" and more on "services and people". > https://sourceware.org/financials.html
For those that couldn't attend here is a short summary of the discussions: - fundraising - scraper bot/ddos attack defenses - forge updates = Fundraising People have found their way to https://sourceware.org/donate.html last month we got ~$400 in individual donations. Please donate if you haven't yet. Every contribution makes a difference. After the discussion last open office and polishing (nitpicking) by the PLC we got a fresh corporate sponsorship page https://sourceware.org/sponsor.html It's certainly a vast improvement over what we had before. Instead (or actually in addition to) the plans/tasks we had originally this just has three tiers of support. We started mailing friendly engineers at various companies with a request to show this sponsorship program to their management or OSPO office and let us know whether there is any interest. It would be nice to create a detailed prospectus (or slide show) from our existing materials combining/summarizing: https://sourceware.org/sourceware-25-roadmap.html https://sourceware.org/sourceware-security-vision.html https://sourceware.org/mission.html https://sourceware.org/financials.html The SFC has some experience with that and could help. For this year we would be happy with just one or two corporate sponsors, we haven't really yet budgeted for more and would even be able to do everything we did with are current individual donations. = scraper bot/ddos attack defenses Anubis and mod_qos are helping to keep the most aggressive bots away. But we had to crank up anubis to use javascript challenges for cgit/gitweb and patchwork. On idea is to use IP addresses of active authenticated sourceware users as a whitelist to bypass anubis / mod_qos throttles, so people who have login powers would also get as unrestricted access to the unauthenticated protocols as possible Another idea is to wrap many of the cgi services into separate systemd cgroups (instead of being lumped togehter with all of them along with https), so we can throttle them indepdendently; this is accounting for some of the bugzilla slowdowns e.g. when some other service is under stress. One question is the interaction with ipv6 changing/temporary addresses https://en.wikipedia.org/wiki/IPv6_address#Temporary_addresses LWN just posted a good update on the scraper situation: https://lwn.net/SubscriberLink/1080822/57356e250ac8806e/ = forge updates Claudio would like feedback on some changes he likes to make to the gcc organization repos: https://inbox.sourceware.org/[email protected] - Renaming gcc/gcc-TEST to gcc/gcc - Renaming gcc/gcc-mirror to gcc/gcc-archive - Removing some (unused?) branches and tags - Remove master and trunk branches and use "main"? Please give feedback in the above email thread. We also had some discussion on reviewing on the forge. One opinion was that it is slightly easier than email to comment on a specific line and easier to spot formating issues (diff adding + in the front makes it harder due to tabs). it is easier for the forge also to see the difference between the 2 versions especially when doing renaming.
