Posts from January 2015

Google Summer of Code Wrap up: appleseed

Friday, January 30, 2015

Today’s Google Summer of Code (GSoC) wrap up comes from François Beaune at appleseed HQ, a team of rendering engineers and visual effects professionals creating free and open software for producing impressive computer graphics and animation.


appleseed is a modern rendering engine designed to produce photorealistic images, animations and visual effects. Our first stable release (coming later this year) will provide individuals and small studios with an efficient, reliable suite of tools built on modern foundations and featuring industry-standard open source technologies such as OpenEXR or Open Shading Language.
We began work on appleseed in May 2009 and it has proven stable and robust enough to render Fetch, a well-received short film, as well as the computer graphics for two BBC Four documentaries aired in 2014: Light and Dark and Bright Lights, Brilliant Minds: A Tale of Three Cities.
We participated in Google Summer of Code (GSoC) for the first time in 2014. Two students worked with us to implement important new features.

Project 1: Curve Rendering

Our first student, Srinath Ravichandran, added support for curve primitives to appleseed which can be used to efficiently render hair and fur. Since scenes with hair or fur often contain millions of curves, memory footprint and rendering performance were the two major challenges with this project. Curve rendering is a vast topic, so Srinath decided to focus on the storage and intersection aspects. We thought this would be the ideal starting point for a project that could extend well beyond the summer.
Our project proposal suggested an efficient algorithm for direct, tessellation-free intersection of Bézier curves that we thought was promising. After studying the research paper on which it was based, Srinath implemented and integrated it into appleseed’s rendering pipeline. Working closely with his mentor, he made steady progress throughout the summer and merged his code into the main repository on a regular basis.

Project 2: New Material Editor

appleseed comes with a graphical tool,, which allows users to inspect and tweak scenes during interactive rendering. is a cross-platform application written in C++ using the Qt toolkit.
Our second student, Marius Avram, chose to develop a new material editor for that would let artists create realistic materials quickly and adjust them through intuitive parameters and instant visual feedback.
Beneath the surface, the new material editor would create materials based on a new surface reflection model developed by Disney Animation Studios and recently implemented into appleseed.
This project presented two main challenges. First, the new material model, based on individual layers, required development of an elaborate user interface. Second, the material editor had to be hooked into’s entity editor to benefit from existing functionalities such as live editing during rendering.
Marius also completed his project successfully. We again made sure to merge his code often to give him and other members of the community a sense of achievement and progress.

We consider our participation in GSoC 2014 a success. It required significant efforts from both students and mentors, but the end result was two major new features and great progress towards the first stable release of appleseed.
Rather than merging the code into the main repository at the end of the summer, doing it regularly proved a significant morale boost to the students. It also exposed problems early and allowed us to gather feedback and ideas from contributors that weren’t involved with GSoC.
We are now looking forward to next summer. We have many interesting project ideas for students interested in computer graphics or high performance software!

by François “Franz” Beaune, appleseed founder and organization administrator

Kythe: a new approach to making developer tools

Tuesday, January 27, 2015

Building development tools that support multiple programming languages can be a real grind. Doing it well takes a lot of work, and historically each tool has done it largely from scratch for each language it supports. It would be far easier if that hard work could be done just once in a reusable fashion that any tool can make use of. That’s the idea behind the Kythe project: by using a common structured format to represent source code in varied programming languages, Kythe-enabled tools are able to work with code in any supported language. Support for new languages can be plugged in as needed.

The name Kythe means "to make visible", specifically, making the structure of your code visible. It's early days and we've just opened up our project to the community, but we aim to build up a community of developers around these ideas. We've had a lot of experience building and maintaining similar cross-language tools inside Google and now we want to share the benefits of those tools with software developers beyond Google.

Kythe is open source and currently supports source code written in C++ and Java. (Support for Go is in progress.) It also includes a proof-of-concept source code browser that demonstrates how the pieces fit together. We have documentation available and invite you to join our mailing list for questions and discussions.

There's much more work to do and we look forward to evolving Kythe with the open source community's help.

by James Dennett, Kythe Team

Kicking off 2015 at FOSDEM

Monday, January 26, 2015

2014 was a monumental year for all of us in the Google Open Source Programs Office as we celebrated the 10th instance of Google Summer of Code and the fifth year of Google Code-in. As we start 2015, we are excited to continue spreading the word about open source.

One of the highlights for our team in 2014 was our February trip to FOSDEM where we had a table dedicated to our Google Summer of Code and Google Code-in programs. We are thrilled to be back this year for FOSDEM 2015 held on January 31-February 1 in Brussels at Université libre de Bruxelles. We look forward to chatting again with some of the expected 5,000+ attendees at this energetic, free to the public conference. Having the opportunity to talk face to face with some of the thousands of former students, mentors, and organization administrators about their experiences with the program and seeing the difference the programs make in people’s lives and careers is a true reward for our team. And if that wasn’t fun enough, we also have the opportunity to spread the word about our programs to hundreds of interested students and teachers by chatting with them one on one at our table.

Googlers will be speaking during the conference at the sessions below:

Saturday, January 31
16:00   Pete Williamson, Emacs and Elisp on the Chromebook

Sunday, February 1
On Sunday there will be a Go Developer room from 9:50 - 16:30 with talks including a couple from Googlers.

If you are attending FOSDEM, be sure to stop by our table and say hi!

By Stephanie Taylor, Open Source Programs Office

Google Summer of Code Wrap up: SciRuby

Friday, January 23, 2015

Today’s Google Summer of Code (GSoC) wrap-up comes from John Woods at the SciRuby Project, an open source collection of scientific libraries for Ruby coders.

The SciRuby Project aims to provide Ruby with scientific capabilities similar to what the wonderful NumPy and SciPy libraries bring to Python. Our goal is to provide a complete suite of statistical, numerical, and visualization software tools for scientific computing. This was our second year participating in Google Summer of Code and four students worked with us over the summer.

Rajat Kapoor worked to flesh out Claudio Bustos' numerical Integration and Minimization gems. Integration now includes thirteen different quadrature algorithms (among them Gauss–Kronrod, Simpson's three-eighths method, Milne's method, Boole's quadrature, and open trapezoid). He also implemented a series of unidimensional optimization methods in Minimization (including Newton–Raphson, golden section, Brent, and quad golden), most of which can also make use of Ruby/GSL for faster execution.

Lahiru Lasandun also contributed to the Integration and Minimization gems. He focused on multidimensional optimization/minimization algorithms, implementing Powell's method, Nelder–Mead, and conjugate gradient. Lahiru also experimented with OpenCL framework support for parallel execution of integration tasks. This strategy works particularly well for large computations.

Magdalen Berns created a Ruby wrapper for FFTW3 (a fast Fourier transform library) with a focus on implementing support for transforms on NMatrix objects. This gem was written almost from scratch in the C and Ruby languages.

Naoki Nishida created Nyaplot, a clever interactive plotting client–server library that is compatible with IRuby. He continues to work on Nyaplot, which has already spawned additional open source software components: extensions for map visualization (Mapnya), circular plots (Bionya), 3D visualizations (Nyaplot3D), and a dataframe library (Daru).

SciRuby is immensely grateful for the opportunity to participate in Google Summer of Code for a second year. We thank our students, mentors, and other contributors for working to develop scientific computing infrastructure in the Ruby language, and we thank Google's Open Source Programs Office for its support.

By John Woods, Director of the Ruby Science Foundation (SciRuby)

Format code the easy way with the codefmt plugins for Vim

Thursday, January 22, 2015

There are several wars in the world of programming that never die. Emacs vs Vim. Cuddled vs Non-Cuddled Braces. Tabs vs Spaces. Today we settle all of them… if you’re a Vim user. Google is pleased to release codefmt, a set of open-source plugins for automatically indenting your code in Vim. The default plugin provides support for C++, JavaScript, and Protocol Buffers via clang-format and for Go via gofmt. Additional languages are trivial to add by using codefmtlib to register them. Try it out and enjoy the freedom of never having to manually reflow your argument lists again.

by Matt Kulukundis, Search Infrastructure Team

Google Code-in 2014: all wrapped up

Monday, January 19, 2015

Google Code-in 2014 (GCI) is in the books! This has been an exciting year for GCI: we celebrated the fifth anniversary of the contest and experienced our largest student participation to date.

Congratulations to all of the students who had their first experience with open source software development during GCI 2014. Over the last seven weeks, 667* students from 54 countries completed 3,260* tasks in the contest.

We had 12 open source organizations dedicated to teaching teens about open source and their communities participate this year. These organizations created almost 4,000 tasks for students to choose from in the following categories: coding, user interface, documentation, training, research, outreach, and quality assurance. Some of the tasks students completed in the contest include: writing small pieces of code, creating tutorials, redesigning landing pages, optimizing social media accounts, creating new plugins, finding and fixing bugs, creating webcasts on accessibility testing, and building test cases.

GCI gives students the opportunity to put the skills they have been learning in the classroom to use on real software projects while also learning how to communicate effectively with people from all around the world by participating in these open source communities. The collaboration aspect of GCI is the key to the success of the program and the real benefit to the students. During the course of the contest, they learn that open source software projects are a true team effort and there are many ways that you can contribute to a community.

Stay tuned: we will announce the 24 Grand Prize Winners for the GCI 2014 contest here on February 2nd. Currently the mentors are busy reviewing the final work submitted by students, and then each of the 12 organizations will decide on their five finalists (who will all receive a special finalist sweatshirt). Of those five finalists, two students will be named the Grand Prize winners for each organization. Each Grand Prize winner and a parent will receive a 4 day trip to Google’s California headquarters this June where they will meet Google engineers, take part in an awards ceremony, and enjoy a fun-filled day of adventure in San Francisco.

GCI would not be possible without the heart of the program: the GCI mentors and organization administrators. These mentors and org admins spend countless hours creating and reviewing hundreds of tasks while also teaching students about all facets of open source development: community standards, new and exciting technologies, code reviews, version control systems, IRC, and everything in between. They are volunteers who are passionate about introducing teens to their open source communities and their reward is seeing the light go on in a student when they become excited about open source software development. A HUGE thank you to all of these mentors and org admins who make this program a success!

In the coming weeks we will share some statistics from this year’s program as well as posts about some of the extraordinary work students completed during Google Code-in 2014.

Congratulations Students, Mentors, and Organization Administrators on a job well done!

* The final evaluations are currently being graded; these numbers could increase in the next few days.

By Stephanie Taylor, Google Code-in Program Manager

Google Summer of Code Wrap up: Sigmah

Friday, January 16, 2015

Today’s Google Summer of Code (GSoC) wrap-up comes from Olivier Sarrat at Sigmah, an open source project producing a web app to help humanitarian aid organizations manage their projects.


Sigmah is an initiative led by 12 NGOs to develop open source project management software for the international aid sector. It is a Java web application developed with GWT. This summer, three GSoC students from Brazil, India, and Romania implemented high-priority features which will soon be available in our Sigmah 2.0 release.

Renato Almeida worked on making Sigmah more flexible. In version 1.2, project model parameters couldn’t be changed if the model had already been used to create a project, but thanks to Renato’s work, this will soon be possible. For example, an organization could begin requiring its teams to attach the Terms of Reference to the initial assessment field visit, and this could be applied to all ongoing projects that have not yet completed the initial assessment phase. This allows organizations to react faster to feedback from team members and amend software parameters accordingly.

S.P. Mohanty, who has been working with Sigmah via GSoC since 2012, has improved Sigmah’s file transfer mechanism so that interrupted uploads can be resumed at a later time. This means it will no longer be necessary to wait and retry several times when sending a large file over an unreliable network connection. Mohanty’s work has also been re-used in the development of the offline mode.

Finally, Lucia Madalina Cojocaru’s work focused on a specific aspect of collecting indicators used to determine if a humanitarian project’s goals are being met: the management of data collection sites and project location. She also added the ability to use OpenStreetMap (OSM) in addition to the existing support for Google Maps. For humanitarian organizations, OSM collaborative maps can sometimes be more up-to-date and precise in the immediate aftermath of a crisis. Lucia also established the technical foundations so that in the future it will be possible to export data in Humanitarian eXchange Language (HXL), a standard from the OCHA (UN Office for Coordination of Humanitarian Affairs) which aims to improve coordination within the sector.


By Olivier Sarrat, Sigmah Organization Administrator

Google Summer of Code Wrap up: OWASP

Friday, January 9, 2015

This week’s Google Summer of Code (GSoC) wrap up comes from Fabio Cerullo at The Open Web Application Security Project (OWASP), a charitable organization improving software security across the web.

At OWASP, we were thrilled to be part of GSoC for our third consecutive year. Our interaction with students and universities across the world has skyrocketed since we began participating in the program. In 2014, we received more than 90 proposals. We were able to accept 16 students who worked on a diverse range of application security projects. Below, we highlight a few of these.

Seraphimdroid: Before GSoC, SeraphimDroid was a research project aimed at educating end users about risks and threats coming from other Android applications and we had not given much thought to its interface. Furquan Ahmed implemented a modern user interface which is nicely integrated with existing features. Also, Furquan proposed and implemented several new features like alarming, an application locker, and geo-fencing. His work is now part of the latest release.

OWTF: The OWASP OWTF (Offensive Web Testing Framework) project began by applying chess-playing techniques to penetration testing (“pentesting”). We hoped this would help address the problem of pentesters rarely having adequate time to test systems. Several GSoC students this summer wrote code for new features included in our 1.0 Lionheart release. Tao Sauvage implemented Automated Rankings which helps users identify more serious vulnerabilities. Anirudh Anand developed a passive online scanner with flexible mapping and a templating engine. Deep Shah integrated OWTF with Mozilla Zest support and OWASP ZAP. Marios Kourtesis developed a Web Application Firewall (WAF) bypasser. Finally, Viyat Bhalodia improved the stateful browsing and session management of the tool.
There’s more information (including videos) about all the new features on the official release page.

Hackademics: The OWASP Hackademic Challenges project allows users to learn more about pentesting through simulated attacks in a safe and controllable environment.  One of the students, Bhanudev Chaluvadi, wrote 20 new challenges covering a range of topics such as buffer overflows, injection attacks, regex bypasses, brute forcing, and some cryptography breaking. He also improved almost all the existing challenges. Another student, Paul Chaignon, wrote 17 new challenges covering the OWASP Top Ten vulnerabilities and created a score calculator. Last but not least, Subhayan RoyMoulick created 9 intermediate-level cryptography challenges which include common attacks on RSA implementation vulnerabilities, frequency analysis, man in the middle, and one time pad attacks. All the students were actively participating in the community proposing solutions to known problems or finding bugs we missed (and often fixing them).

CSRF Protector: This year, GSoC allowed OWASP to create a new project to address Cross-Site Request Forgery attacks: CSRF Protector. Minhaz A V proposed the project and implemented it as a PHP library and an Apache HTTPD module. CSRF Protector complements OWASP’s preexisting CSRFGuard for Java web applications and greatly expands the types of projects OWASP can help protect from CSRF vulnerabilities.

GSoC is a great program that benefits students, open source projects, and mentors. It also helps the industry by giving students the opportunity to work on real world problems with highly experienced professionals. For many students, this will be the starting point for successful careers in the computer industry. I would like to invite all students interested in open source and application security to get involved with OWASP projects and subscribe to our OWASP GSOC mailing list.

By Fabio Cerullo, OWASP Organization Administrator