 Thank you very much. So this is a bit of a surprise. I wasn't anticipating giving a talk today, but I happened to have some slides, so that was handy. So the whole point of SnapCraft is we want to make it easier to deliver software to users. It's as simple as that. We want to make it so that your software can get into the hands of users quickly and easily so they can get the latest and greatest shiny, reliable usable, secure, fresh software on that system. That's the goal of SnapCraft. There's two real terms here that I'm going to use. A lot longer is SnapCraft, which is the tools we use to build the software and Snap, which is the packaging format. So a Snap, you can think of a Snap as being very much like an ADK on Android. It's a package that contains your software. And SnapCraft is the tool we use to make them. Now one of the tools that we provide is a web-based tool for you to build your software and land it on consumer hardware. And that's called Build. Build.SnapCraft.io. The way Build.SnapCraft.io works is you hook it up to your repository wherever that may be. Whenever there's a change in your repository let's say for example on GitHub every time you push a commit SnapCraft will automatically build it and push it to the store. What mandatory do you use this? This is a useful tool that we provide. You can build using SnapCraft on your own hardware but this is just one of the options. Build.SnapCraft.io. It's very useful for people just getting started especially for people who've created a bit of code, thrown it up on GitHub and now want to build on the next package where you can use this service. Building a Snap. You drive SnapCraft with a YAML file just a bit like this. The YAML has a few important sections. The bit at the top is simple metadata about your application so you describe it in simple terms, version number, name, description and so on. And this is a SnapCraft.YAML for a command line tool called Offline iMac. So while I'm addressing the KDE audience snaps are not limited to desktop applications. You can put small command line utilities in a snap. You can put server demons. You can bundle lots of things in a snap. It's not just for desktop apps. It's not just for server and not just for IOT. The goal is that snaps can be used for anything. In this case, the little command line utility with Offline iMac is really cool utility backing up your email. The metadata at the top the next important bit is really down at the bottom where it says parts. This describes your snap, what goes in the snap. In this case, Offline iMac is a Python application. SnapCraft knows how to build Python applications. So there's a plug-in. There are a lot of other plug-ins that SnapCraft has. There's one for CMake, Qmake, Make Auto Tools. It can build Java applications. It can build just about anything. And you can override those plug-ins and if you've got a weird esoteric build system you can override it as well. You don't have to use those plug-ins. In this case, it's Python 2. And that's the absolute minimum you'll need for a SnapCraft channel. There's a couple of other sections in there. One line 8 confinement. I'll talk more about confinement a little bit later. But essentially, snaps can be securely confined so one application can't see the files of another or can't get access to system resources that you haven't given it access to. And this particular application the confinement mode is strict and we've also given access to the network because this thing backs up your email. It needs to go and get your email. So line 13, it uses a plug to get out over the network. And that's all this application can do. It can't look at your webcam. It can't look at the system logs. It can't even display an X window on the screen. It is strictly confined. And this is the target that we want. It's to get every application strictly confined so that users have the confidence that each application is not going to stamp all over your other applications or read your SSH keys or other things that you just don't want them to do. So that's a simple stack graph. Here's another one just to illustrate that you can use different plugins. This one uses Node.js. So we can build node applications but as I said, you can build graphical apps as well. If you do use the build service every time you push a commit we build for all those major textures and you can force a build by pushing the build manually button over there if you just want to force a rebuild for example and you can do that. But every commit will generate a new build. From a user point of view what users will see is a web-based store. If you go to that URL on your phone or desktop, Snapchat players, that store that's where a user might browse the store and search the store and look for applications and you'll see some prominent proprietary and some free software applications in the store. If you click down on one of those applications if we look at the user point of view of offline iMac, the thing that we built earlier you can see the name of the application the people who published the application maybe a screenshot or two down here there's a description a metadata and then over there you can see exactly what version is in the store. The Snapchat store supports multiple versions of the same application in the store at the same time. So you could have a version 7 series of offline iMac and a version 6 series and a version 5 series. If you want to support multiple releases the store completely supports that. But for the absolute simplest case like this where there's only one version in the store it supports that as well. It's very flexible. A more complicated example Node is also in the Snapchat store and with Node we don't just have only one support release and so they have these additional what we call tracks and these tracks for 9, 8 and 6 and 10 and whatever other release of Node that they support that enables them to maintain multiple releases and it allows a user to choose which version they would like so a user can say I want Node 8 and I want to stay on Node 8 I don't want to be unceremoniously upgraded to Node 9 or something which might break my application. So using tracks in the store you can support the capability of the multiple releases and supported multiple releases in the store. Another little thing that's really useful. If you look next to it there's Node sourcing you'll see a green tick. It's a white tick on the green background but the green tick as we call it is the thing that gives the user confidence that this software came from the upstream it's not some random dude on the internet who packaged it and maybe put some malware in it and put it in the store. So that is this level of validation to give the user confidence that this software comes from the original upstream source and if I go back to the store you can see some of the results that have takes off to prove that they came from the original developer. If you scroll down on this page you see a little map trying to make the page appealing so a user will have some confidence that not only is this application from the original developer lots of other people around the world are using it as well or people in my region are using it as well so this just adds extra data for the user to make that decision about whether they want to install this software or not and you can see over on the right hand side it even shows a logarithmic bar graph of what distributions people have installed this software around the world. We don't give them all numbers but it gives you some level of idea of where it's used. We also have command line tools to do browsing the store and manipulation and installing snaps so for that very same snap I can just type snap info and it shows me the same stuff that's on the web store it even has a little green tick that says that this is a verified developer and it shows you all the tracks this is at the output so there's lots of tracks for each of the different supports and releases but it allows you to install and remove snaps and manage the snaps on your system from the command line and here's an example on my system yesterday I didn't have node installed I just did snap install node with some marnat browsers and then you can see I now have node installed as simple as that I didn't have to go and hunt down this application online I didn't have to go and find some random website or a github repo and then download some software and install it it's just right there easy for me to install it's available for lots of different Linux distributions these are some of the more popular ones but actually it's available for lots and lots places these are the kinds of places where people have snaps installed so that little myth that it's only open to not the case so people have snaps installed in lots of different where esoteric places are some of these I've never even heard of until I looked at this which is pretty cool users love new software they love to go and look for new software they'll open the software store browse around, click on things read the description, figure out if it's something they're interested in and then install it if they don't like it, they'll uninstall it and we've discovered this in Ubuntu the default desktop installer is the software installer is named software and this line here which is editor's picks all of those are snaps and my team populates that list with software that we've found in a snap store that is beautiful functional, has good metadata is kept up to date by the upstream developer is nice and secure because we want to recommend good software to our users and they want good software we know if we put an application in that list users will install it it's something revolutionary that we learned in the last year users will open the software store and install applications you kind of think users don't do that but they actually do and we can see the steps for an application that I have snapped and it got in that list and the graph goes up when we add to that list so it's a good place to be in that list I want to feature your applications in that list I want to have your beautiful, functional, secure up to date software in that list to drive users to your applications and this is what it looks like when we feature applications in that list this is a relatively popular application the colours and the version number of the application so what we're seeing here is over time yes the number of installs goes up and what you're also seeing is the new version supplant the old version so users are being pushed towards the new version of the application and you as a developer are not having to support lots of really really old crusty versions of your software because the users are being pushed forward it's a very short small number of people still on whatever the previous release of the software was and all the places where the graph does that is where we feature the unknown software or we've tweeted about it or we've written a blog post about it and we love doing that that's my job is to write blog posts and tweets and promote software but that's why I want your software to be able to write about it here are examples of the stupid tweets I write on a daily basis about applications both on Twitter and on Facebook and on Google plus people re-share this stuff people reply, they argue with me about whether the ponies should be in the command line and not I approve as well so this is the kind of stuff we do so a little bit about the technical side of SAPs as I mentioned they're confined they use standard Linux primitives like app armor and set comp so they can't break out of the sandbox that they're in to ensure that they stay confined you can when a user installs an update to a snap the previous version is kept on the system and in the event of a failure we can roll them back to the previous release and that includes rolling back their data if necessary as well so if you put out a bad version of an application and have some watchdog in there that determines whether the application upgraded okay and if it didn't roll back to the previous release or you couldn't move forward and push any release out I mentioned channels there are four channels Edge is a channel where we say push the latest updates into the store but these are the leading edge updates directly from Gitmaster and end users usually don't want that they probably want your stable release system so we have a stable channel as well and if you push your application to the stable channel it's then discoverable in known software the edge channel is not discoverable in known software so we don't want people discovering software which is very unstable leading edge changing every day you want to discover the stable stuff that you support so there are multiple channels the four main ones are stable, candidate, beta and edge most people only use edge and stable the others are optional I've also mentioned tracks we saw the example with mode you can choose to have multiple tracks for supporting different releases and that allows the user to choose what version they want to install Snaps by default automatically update four times a day, a demon on your system will go and check in with the snap store and see if there are any updates to your snaps and we'll just update them very much like mobile phones these days which automatically update the applications on my phone I have no idea what version of Spotify I have installed I just know I've got the latest and the same on my desktop I have the snap of Spotify installed no idea what version, I know it's the latest if they push a new update I will get it, usually within four hours you can defer that if you want to so actually on my home machine I don't want all these updates coming throughout the day so actually I defer it and I only do my updates between four and seven in the morning you can choose whatever time is best for you if you do it for weekend or some other time but the idea is for you to do those updates because what we don't want is devices out in the field with old insecure versions of software on them so that's the whole reason why this motivation to push people forward if you have any questions and want to discuss this further we have a forum we do as much as we can in the public both SnapD and SnapCraft are open source they're hosted on GitHub you can see all the code and meet all the team over there and you can try out build.snapcraft.io just on the web super easy any questions at all yes thanks for the talk my question is about how the recommendation system work you said that is a manual work right and what are the criteria that say that an application is both or not that list is there yes it's very simple it's a meeting that myself and a colleague have on a weekly basis and we look at each application we test and install them we see if they're updated upstream we see if it's owned upstream or whether it's owned by some random person in the community we check whether it's got updated metadata whether the license is correct the icon is correct so we have a whole bunch of criteria that we run through and if any of those are not done like the icon isn't right or there's no screenshots we'll email the developer and say hey we'd like to feature your application but we can't because they haven't got any screenshots or the license is wrong and generally people will just go to the store fix all the things that are wrong and then we'll feature them the following week and we do that generally every week not while I'm here but usually every week I'll be there next week another question about the app content how do you ensure that someone does not load the malware in the system brilliant question so we can't fully know what's inside a snap because some snaps contain proprietary software most of them are free software there's a few proprietary ones that respect into exactly what is inside the binaries that are inside those snaps which is why we present them with the verified tick we try and build relationships with developers so that we can vet them but we don't guarantee that the snap doesn't contain any malware and we have had one instance a little while back where someone did upload a snap that had some malware in it for the game and it also had a crypto miner built in a tricky thing there is crypto miners are not bad in and of themselves and if I put a snap in the store that was a crypto miner I would want people to install it right but where they fall foul is they describe it at a game but it had a crypto miner in there as well so we obviously have terms and conditions and we would rather you didn't do things that were bad and when we found that particular application it was removed from the store within two hours of us being told what we also did in that particular case was we took the software that had been published in the store and we recompiled it clean room without the malware and pushed that to the store so if anyone did have the malware on their system we pushed a clean version over the top of it to replace the broken version so we do take great care we do take that seriously and we do do some scans and checks of the things before they go into the store but we can't check for everything it's a game of cat and mouse and we will never prevent everything going into the store nobody any more questions awesome thank you very much thank you thank you very much