#indiewebcamp 2016-03-16

2016-03-16 UTC
tantek, codenamedmitri, singpolyma and Lancey joined the channel
#
bear git vulnerability that allows remote code execution when handling large filenames/paths -- please please please upgrade both your server side and client side git version to 2.7.3 or better
#
bear see http://seclists.org/oss-sec/2016/q1/645 for some info
#
snarfed bear++
#
Loqi bear has 110 karma
minsky joined the channel
#
miklb yikes, default git version of Apple is 2.5.4
KevinMarks joined the channel
#
bear yes, homebrew is your firend for that
#
snarfed homebrew++
#
Loqi homebrew has 2 karma
#
bear homebrew++
#
Loqi homebrew has 3 karma
#
miklb snarfed yeah, I thought I was using homebrew Git version. Just updated/switched
#
bear also do a "brew cleanup" -- otherwise the old git binary will remain
[kevinmarks] joined the channel
#
[kevinmarks] hm, brew install git got me 2.1.2
#
bear brew update; brew upgrade;
#
bear or brew upgrade git if you don't want to rebuild all
#
miklb heh, 2.7.3 already available via homebrew
#
KartikPrabhu lol... commandlines to install more commandlines ;)
#
miklb just compiled Git from source on my Debian box
#
KartikPrabhu woah
#
miklb was WAY out of date. Didn't want to mess with adding another source to the list
#
KevinMarks hm brew link git is failing
#
miklb KevinMarks did you exit terminal?
#
miklb I usually have to leave a session
#
KevinMarks Could not symlink share/git-core/contrib /usr/local/share/git-core is not writable.
#
bear [kevinmarks] you may need to run brew doctor and also upgrade homebrew itself to get the version that knows how to handle the OSX permissions change that happend in elcapitan
#
KevinMarks I'm still on mavericks
#
bear oh - hrmm
#
bear then I would just purge git; upgrade the formulas and install git fresh
#
bear (sorry purge == "brew uninstall git --force")
#
KevinMarks ah, /usr/local/share/git-core was owned by root, not by me; that fixed
#
bear coolness
wolftune, emmak_, codenamedmitri, lukebrooker and hongpong joined the channel
#
aaronpk what th..did someone sign up indiewebcamp.com for apple news?
#
aaronpk what! apple has a medium-style editor too https://aaronparecki.com/uploads/Screen-Shot-2016-03-15-21-54-19.png
#
aaronpk guess i will try to rig up "this week in the indieweb" to publish to apple news
lukebrooker joined the channel
#
bear what editor is that?
#
bear (also, make sure to update your git version (client *and* server!))
#
KevinMarks what is that?
#
Loqi That! (or "that ^" or "that ^^^") is a rarely seen reply often emphasizing agreement with a This post, but sometimes[1] merely emphasizing agreement with a previous reply http://indiewebcamp.com/that
#
bear hands loqi a biscuit
#
aaronpk it's the apple news editor
#
aaronpk i got an email from apple saying that indiewebcamp.com was just approved as a publisher for apple news
#
aaronpk i did not sign up for apple news
#
bear hahaha
#
bear maybe someone reads indieweb news via itunes or something
#
bear and apple noticed
#
aaronpk ha maybe!
#
aaronpk well i'll give it a try! could be interesting
#
bear just another way to posse
#
aaronpk yeah
#
bear then you get brid.gy to syndicate to it and it all happens auto-magically
#
aaronpk well they encourage you to connect your "CMS"
#
aaronpk i signed up for an API key for it
#
KevinMarks how do you get access to the editor?
#
aaronpk through icloud.com
#
KevinMarks or is it a previewer?
#
aaronpk they push you to the editor once you sign in to create your first article, but then encourage you to connect your CMS
#
aaronpk also you can't put ads in your articles unless you are pushing to it with the API
#
aaronpk but hey if someone wants to read the apple news API docs and summarize on the wiki how to use it to create a post, I would be thrilled :)
#
aaronpk in the mean time, i gotta fix my micropub endpoint which i inexplicably broke between last night and this evening despite not changing any micropub endpoint code today
#
GWG Do any of you know anything about Chris Aldrich, the one who wrote that popular post that is making the rounds?
#
GWG He's been very active lately.
hongpong, torrorist, mblaney, shevski and tantek joined the channel
#
aaronpk stupid fix for my broken micropub endpoint
#
aaronpk today in upgrades are hard
lukebrooker joined the channel
#
tantek aww
#
tantek what was it?
#
Loqi It looks like we don't have a page for "it" yet. Would you like to create it? https://indiewebcamp.com/s/10GR
#
tantek It was a dark and stormy night.
#
loqi.me created /It (+58) "prompted by tantek https://indiewebcamp.com/irc/2016-03-15/line/1458096084233 and dfn added by tantek" (view diff)
#
Loqi ok
#
aaronpk at the last minute today, I upgraded a bunch of libraries i was using. I did check whether there were any updates bigger than a patch release (http://semver.org/) and there were none, so I thought everything would be fine.
#
aaronpk but it turns out in a patch release, Laravel decided to subclass the Symfony UploadedFile class, which was how I was detecting whether there was a file in the micropub request.
#
aaronpk so now I am checking whether the value is a subclass of UploadedFile
#
tantek huh
#
aaronpk of course if I had a proper test suite for my site, this would have failed and I would have not upgraded that library earlier today.
#
tantek hmmm
#
aaronpk it just feels like an overwhelming task to write full tests for my whole site. I much prefer writing tests for specific libraries I'm using because they are easier to wrap my head around.
#
aaronpk this all came up because I was trying to change the way I displayed event dates, which is handled by a library, so I pushed out a new version of that library
#
aaronpk and in the process of installing it, I let it upgrade anything else that had updates available
#
aaronpk now debugging PuSH
#
aaronpk for some reason, woodwind has registered its PuSH subscribers as http, and then sends a redirect to https
#
aaronpk and then my hub is getting a 404 at the end of the redirect chain
#
aaronpk kylewm: any ideas? check this out: https://switchboard.p3k.io/feed/E5u8spaBWHXEzCdKKR00cChGlHHjkHnW
#
aaronpk ( also this looks pretty cool! https://aaronparecki.com/2016/03/15/22/ )
#
Loqi [Aaron Parecki] So the live demo failed, but thought I should upload this panorama from doing the live demo anyway! #indiewebcamp
torrorist joined the channel
#
aaronpk two sandros and two bens haha
hongpong joined the channel
#
@mcclearen Just finished up at #indiewebcamp MIT 2016. Thanks to everyone who made it happen! Had a great time!http://indiewebcamp.com/2016/MIT (twitter.com/_/status/709936215018094592)
torrorist1 joined the channel
#
tantek.com edited /2016/MIT (+216) "/* Photos */ add notes section with Kevin's notes!" (view diff)
#
tantek aaronpk: can you upload the group photo(s) day 1 & day 2 here? https://indiewebcamp.com/2016/MIT#Photos
#
tantek ok going to hotlink for now :)
#
aaronpk hotlink what?
#
tantek.com edited /2016/MIT (+181) "/* Tuesday */ panoramic during demos" (view diff)
#
aaronpk oh haha
#
KevinMarks I assume that's a downscaled version
#
KevinMarks so the fail wasn't the client app but serverside?
lukebroo_ joined the channel
#
aaronpk no the fail was client side
#
tantek.com edited /2016/MIT (+191) "/* Monday */ day 1 start photo" (view diff)
#
aaronpk well there were two fails. client side i was seeing memory warnings, and sometimes the "app" would just stop, but not crash with anything in particular
#
KevinMarks hm, I suppose the otehr way to do a sanity check is to have another place you can micropub to to check
#
aaronpk at one point I did get a full-res version onto the server, but it didn't multipart-decode properly so the server rejected the file. pretty sure that was also a client-side fail, since i've uploaded large photos like that other ways
#
bear I ended up having to use docker-compose to run a test server and then run my tests against it
KartikPrabhu joined the channel
#
aaronparecki.com uploaded /Special:Log/upload "uploaded "[[File:indiewebcamp-mit-2016-day-1.jpg]]""
#
aaronparecki.com uploaded /Special:Log/upload "uploaded "[[File:indiewebcamp-mit-2016-day-1-intro.jpg]]""
#
aaronparecki.com uploaded /Special:Log/upload "uploaded "[[File:indiewebcamp-mit-2016-day-2.jpg]]""
#
aaronparecki.com uploaded /Special:Log/upload "uploaded "[[File:indiewebcamp-mit-2016-day-2-demos.jpg]]""
#
aaronparecki.com edited /2016/MIT (-150) "/* Photos */" (view diff)
#
aaronpk and with that, time for bed!
#
mlncn aaronpk++
#
Loqi aaronpk has 93 karma
tantek joined the channel
#
@annbass (A bit late, but still important...) Thanks to @kevinmarks for live tweeting final presentations! #indiewebcamp MIT 2016 (twitter.com/_/status/709951886099681280)
tantek, mlncn, irisisgay, mdik_ and lukebrooker joined the channel
#
@benwerd WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb (twitter.com/_/status/709980050905550853)
#
Loqi [indieweb] "WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb" by Ben Werdmüller http://werd.io/2016/webassembly-if-it-works-is-going-to-change-the-web
hongpong joined the channel
#
Loqi [indieweb] "Welcome on the #indieweb 😉" by Tino Kremer https://tinokremer.nl/2016/welcome-on-the-indieweb
#
Loqi [indieweb] "Welcome to the Indieweb! 😉" by Tino Kremer https://tinokremer.nl/2016/welcome-to-the-indieweb
gRegorLove, loic_m_, dogada, cweiske, irisisgay and jihaisse joined the channel
#
Loqi [indieweb] "Welcome to the Indieweb! 😉" by Tino Kremer https://tinokremer.nl/2016/welcome-to-the-indieweb
#
@Emmadw RT @benwerd WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb (twitter.com/_/status/710011725735657472)
#
@jkphl Excited about the internationality of our @indiewebcamp: UK, Belgium, Denmark, Sweden, USA & Germany so far! http://indiewebcamp.com/2016/Nuremberg #nueww (twitter.com/_/status/710012095983656962)
#
@mschottenhammer RT @jkphl Excited about the internationality of our @indiewebcamp: UK, Belgium, Denmark, Sweden, USA & Germany so far! http://indiewebcamp.com/2016/Nuremberg #nueww (twitter.com/_/status/710012385763917825)
#
@voxpelli RT @jkphl Excited about the internationality of our @indiewebcamp: UK, Belgium, Denmark, Sweden, USA & Germany so far! http://indiewebcamp.com/2016/Nuremberg #nueww (twitter.com/_/status/710012948488581121)
#
@borisschapira MSDN blogs start sending webmentions. Nice move, MS ! (twitter.com/_/status/710015537292689408)
nitot and Pierre-O joined the channel
#
KartikPrabhu is that true ^ ?
friedcell and sanduhrs joined the channel
#
@mothersele RT @benwerd WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb (twitter.com/_/status/710025119528296452)
#
cweiske it's going to change the web to a worse place
#
petermolnar cweiske I might sound hateful, but right now, anything sounds better than angular and react
#
cweiske but binary blobs?
#
petermolnar compared to 700k obfuscated JS?
#
cweiske which you can defuscate
#
petermolnar valid point, I'm not challenging that binary blobs are not fun
#
cweiske and I predict that - just with adobe flash - myriads of security issues will pop up
#
petermolnar I think I've misunderstood it
#
petermolnar I wasn't expecting binaries to be thrown around but sources compiled on the fly and stored in local storage in the browser
#
cweiske welcome to web assembly
#
sknebel it also IMHO is orthogonal to angular/react. if you want to use the DOM, you still "need" abstractions for that
#
cweiske there's a reason it's called "assembly"
foo1, ePirat, kerozene and Pierre-O joined the channel
#
voxpelli there will be a text representation of webassembly + it will be polyfillable by ordinary JS
#
voxpelli it's basically just an evolution of asm.js, shouldn't be less readable than that
#
voxpelli so people can already create "binary blobs", this just handles it a bit better
singpoly1a, Pierre-O, Garbee and hs0ucy joined the channel
#
aaronpk huh. well MSDN blog appears to be wordpress, so i guess it's not that far fetched
#
petermolnar what is Windows Live Spaces?
#
Loqi Windows Live Spaces was a blogging and social networking platform from Microsoft, also known as MSN Spaces https://indiewebcamp.com/Windows_Live_Spaces
#
petermolnar Loqi, y u no quote the second line?
#
petermolnar "It was shut down in 2011 but unlike many others the offered a migration option to Wordpress.com. See https://en.blog.wordpress.com/2010/09/27/welcome-windows-live-spaces-bloggers/"
#
aaronpk if no explicit p-summary, Loqi only uses the first sentence
#
Loqi yeah!
j12t and mxuribe joined the channel
#
@Proficiens1 RT @benwerd WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb (twitter.com/_/status/710101037269573632)
acegiak, prtksxna, tantek, codenamedmitri, reidab, Pierre-O, Lancey, hs0ucy, ben_thatmustbeme, j12t, friedcell, wolcen_, mlncn, shevski, hongpong and wolftune joined the channel
#
@Eliservescent RT @benwerd WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb (twitter.com/_/status/710127309118787588)
#
@nueww RT @jkphl Excited about the internationality of our @indiewebcamp: UK, Belgium, Denmark, Sweden, USA & Germany so far! http://indiewebcamp.com/2016/Nuremberg #nueww (twitter.com/_/status/710129149927620608)
Pierre-O, shevski, snarfed, hs0ucy, tvn, j12t and singpolyma joined the channel
#
kylewm aaronpk: does switchboard support unsubscribe?
#
aaronpk subscriptions expire frequently
#
aaronpk i don't remember if it explicitly supports unsubscribe tho
#
kylewm looking at the code, i think it does
#
aaronpk do you need it to?
#
aaronpk oh btw did you see my notes on woodwind subscribing to my feeds the other day?
#
kylewm yeah that's what i'm looking at
#
aaronpk cool
#
kylewm woodwind seems to return 404 when there's an error subscribing to a request
#
kylewm seems i really didn't know what i was doing :P
#
aaronpk oh funny
shevski, squeakytoy2 and gRegorLove joined the channel
#
kylewm aaronpk: the subscription at the bottom of https://switchboard.p3k.io/feed/E5u8spaBWHXEzCdKKR00cChGlHHjkHnW should be working, i got the challenge and responded successfully; any idea why it's blank?
codenamedmitri joined the channel
#
kylewm aaronpk: oh i see, it hasn't sent a ping response yet, but the subscription seems to be successful
codenamedmitri, tvn_, j12t and ttepasse joined the channel
#
@kevinmarks @chr1sa @waltmossberg open source can be a monoculture too, interoperability is key. http://indiewebcamp.com/monoculture (twitter.com/_/status/710147778182144000)
snarfed1, emmak and hs0ucy joined the channel
#
aaronpk ooh i think i'm somehow not sending PuSH pings for my home page!
#
Loqi [indieweb] "WebAssembly, if it works, is going to change the web. It's also a big opportunity for really open application infrastructure. #indieweb" by Rick Mendes http://werd.io/2016/webassembly-if-it-works-is-going-to-change-the-web
#
aaronpk oh nevermind, I am. but i'm publishing it with a slash and it looks like woodwind is subscribed to bare domain
#
aaronpk what's the correct solution here?
#
aaronpk kylewm: how did woodwind end up subscribing to https://aaronparecki.com instead of https://aaronparecki.com/ ? is that something on my end?
#
kylewm link:<https://aaronparecki.com>; rel="self"
#
kylewm in your http headers
Pierre-O and tantek joined the channel
#
aaronpk interesting, looks like that's something that Laravel does
#
aaronpk $request->url() does not include the slash when it's serving the home page
snarfed, codenamedmitri and shevski joined the channel
#
bear the slash-no-slash bugs the heck out of me when i'm writing webmention code
#
aaronpk there's no issue for regular URLs, only for bare domains
#
aaronpk actually there isn't an issue for verifying the target param either
#
aaronpk if the webmention says target=http://example.com then you look for that literal string on the page, and it's considered invalid if the page contains the string http://example.com/
#
bear I may be causing my own grief then, my "url normalization" code strips trailing /
#
bear wonders why he "quotes" things sometimes)
#
gRegorLove What's the use in distinguishing example.com from example.com/ ?
#
aaronpk none, but if you don't do anything special, that's what happens
#
aaronpk it takes extra spec language to make people accept a webmention where the target param is http://example.com but the page contains http://example.com/
#
gRegorLove Hm
#
bear it's why I remove the trailing slash - so many humans enter http://example.com but code generates http://example.com/
#
gRegorLove I don't think my code is that specific. It would find example.com in a page with example.com/
#
aaronpk bear: you're talking about the webmention verification step?
#
bear yes (and some other steps used for micropub and auth)
#
aaronpk yeah micropub and auth is a different story, and likely does need to be specified in those cases
mlncn, snarfed, snarfed1 and Garbee joined the channel
#
voxpelli I normalize all URL:s before matching, both source and target ones: https://github.com/voxpelli/webpage-webmentions/blob/master/lib/utils/url-tools.js#L9
snarfed joined the channel
#
aaronpk kylewm: everything works now! yay!
#
Loqi woot
#
aaronpk voxpelli: after you normalize the source and target URLs, how do you handle searching for those on the source HTML?
#
aaronpk (also it looks like part of your normalization step is following HTTP redirects? that sounds like more than "normalizing" to me)
#
voxpelli aaronpk: I fetch all links on the page and normalizes them one by one and checks if it matches
#
voxpelli no, I don't follow any HTTP redirects I think
#
aaronpk *fetch* all links? like with an HTTP request?
#
aaronpk or *find* all links
#
voxpelli no, I meant through something like querySelectorAll('a')
#
aaronpk ah k
#
aaronpk i prefer to do as little work as possible to test whether the webmention is valid. so i test for exact match of source URL in the document
#
bear I try to follow all redirects (I *think* my code does that for https only - need to confirm) as part of the webmention discovery and validation
#
voxpelli I found I had to do some normalization anyway to eg. support base-tags and such
#
voxpelli for relative URL:s that is
#
bear nods
#
gRegorLove I use preg_match to verify the source url in the target
#
@biochemistries @brandoninvergo there's a DIY-style movement seeking to tackle that problem for the whole personal website 'stack' as it were, see #IndieWeb (twitter.com/_/status/710163401729843202)
#
aaronpk gRegorLove: the only problem with preg_match is you can end up matching text that isn't actualyl in the HTML, like inside an HTML comment for example
#
gRegorLove True. Weird edge case I'm willing to live with for now though.
bengo joined the channel
#
KevinMarks base is only going to be an issue for same site wenbmentions, isn't it?
shevski joined the channel
#
voxpelli KevinMarks: yep, but I do want to support them
#
KevinMarks so thta may be an optimization. If you find the actual URL in the text, assume it's good. If you don't and they're same domain, do the more complex parse?
friedcell joined the channel
#
voxpelli with my structure I have separated out the parsing of the page from the matching so all data is already parsed and done when the matching occurs
#
voxpelli thinking is that I should be able to move parsing to eg. Amazon Lambda and have that part be very easy to scale up
#
@gRegorLove @JoelKuiper @jindrichmynarz Quite a few of us are self-hosting w/ microformats and syndicating to Twitter. Check out http://indiewebcamp.com (twitter.com/_/status/710167680083320832)
#
Loqi [mention] gRegor Morrill commented '@JoelKuiper @jindrichmynarz Quite a few of us are self-hosting w/ microformats a...' on a post that linked to http://indiewebcamp.com (https://gregorlove.com/2016/03/joelkuiper-jindrichmynarz-quite-a-few/)
squeakytoy joined the channel
#
aaronpk kylewm: does woodwind handle deleted posts at all? (not sure how it would know if it doesn't actually fetch post permalinks)
#
kylewm aaronpk: no it doesn't and you nailed why I haven't been able to yet
#
Loqi [indieweb] "My notes from today's demos at IndieWeb Camp MIT http://www.kevinmarks.com/indiewebcampMIT2016-03.html" by Kevin Marks http://known.kevinmarks.com/2016/my-notes-from-todays-demos-at-indieweb-camp-mit-indiewebcampmit2016-03html
#
aaronpk yeah the trick is i don't want to show a tombstone post on my home page when i delete something there, so it's almost like i need a separate URL that can show changes that the reader can consume
#
bear I would think it would have to fetch the post permalink to get the GONE error (even if only when given an update webmention)
#
voxpelli If I consumes something from a feed I would like to get updates and deletes from there as well, so would like tombstones
#
aaronpk is rel=updates or rel=changes/changelog a thing?
#
aaronpk the other problem with deletes is you might be deleting something that is no longer on the first page
#
voxpelli what would that contain?
#
aaronpk so you need a way to bubble up old posts
#
aaronpk i was thinking a separate page that lists changes, so I could make an update to an old post, and then show that post in this separate page. and if i deleted something, would include a tombstone of it there
#
voxpelli wonders if a fat ping could contain just an updated/deleted post without clients loosing it
#
aaronpk that sounds actually quite a bit more difficult for me to generate
#
bear I may be confused... if my site deletes a post wouldn't I generate a webmention to references in that post just like on create?
#
aaronpk webmention doesn't work for readers
#
aaronpk but yes a webmention solves deleting comments on posts
#
bear ah - so a reader needs a way to hook into that flow
#
bear registering for rel=updates would be a nifty thing
#
aaronpk it's more like we need to specify updates and deletes for PuSH
#
voxpelli I think that's what PuSH already is
#
singpolyma PuSH is updates, so you just need tombstones
#
aaronpk how does PuSH specify how updates works?
#
voxpelli depends on whether one interprets the PuSH "topic" as strictly the HTML in the topic URL or as the resource represented by the URL. I would say the latter
#
aaronpk e.g. my topic url is https://aaronparecki.com/ and I want to update a post that appears on the third page, but I don't want to re-order the posts on my home page
#
voxpelli aaronpk: the client should be listing content based on published date so it should work from the start
#
aaronpk publish date != update date
#
aaronpk demo time back in a bit
#
myfreeweb why not send PuSH notifications with topic == full post url?
#
voxpelli if you push just the updated post then the client should update any existing instance of that post or else add a new one with all data, oncluding original post date, and sort correctly
#
voxpelli "just the updated post" as in "The hub MAY reduce the payload to a diff between two consecutive versions if its format allows it."
#
myfreeweb PuSH hubs should have a way to subscribe to a wildcard like domain.tld/*
#
myfreeweb reader subscribes to example.com/*, publisher sends ping with topic example.com/my/old/post, reader gets notification and refetches the post
#
voxpelli yeah, and/or maybe a way to indicate in a ping what aspect / subpart it is that has been affected
#
myfreeweb maybe but that seems unnecessary
#
myfreeweb with webmentions, you just refetch
#
voxpelli the topic in itself just represents a resource I think – and such a resource can represent ones entire blog, so it probably already is pretty much a wildcard
#
myfreeweb why not keep the "just refetch" simplicity with push
#
voxpelli myfreeweb: you need to know what to fetch if you want to fetch and you need to know what you received if you got a fat ping
#
voxpelli and you need to know why you got it, hence the topic
#
myfreeweb hmm so you won't get topic=example.com/my/old/post, you'll get topic=example.com/*?
#
voxpelli topic=thecoolestblogver, ping=hi-this-blog-has-a-cool-update-for-you
#
voxpelli or: topic=a-secret-channel-of-awesome, ping=yo–i-have-this-new-cool-thing-to-share-with-you
begriffs joined the channel
#
GWG Afternoon
#
myfreeweb idk i still think wildcards make more sense
snarfed joined the channel
#
voxpelli I think it's redundant / already supported as one can just make a resource that represents the same thing
#
kylewm Didn't Status.net solve this?
#
kylewm singpolyma^?
#
voxpelli kylewm: I think they just pushed a big feed, not even sure they ever even added tombstones to it
#
singpolyma kylewm: status.net/gnusocial has updates/deletes, yes, IIRC
#
kylewm SN doesn't support deletes?
#
voxpelli one could argue that if the post is so old that it doesn't appears in ones feed, then it's not very likely to be updated or deleted, so in practice it's rarely a problem for a dedicated feed
#
voxpelli with a mf2-feed it's a different issue as one rarely has like 100 items in such a one
#
gRegorLove Unless you're tantek
#
singpolyma kylewm: I just said that I think it does
#
kylewm Singpolyma, yeah I saw. We were typing at the same time
#
voxpelli singpolyma: through PuSH-based feeds with tombstones in them?
#
singpolyma voxpelli: I'd have to look, but I think so
#
kylewm singpolyma: that'd be great if you would!
#
kylewm This has come up many times
#
voxpelli singpolyma: is gnusocial using XML or JSON activitystreams btw? I think one major obstacle for tombstoning in older status.net was that PuSH didn't support them
#
singpolyma could also as in #social -- MMM-o probably knows
#
kylewm XML
#
singpolyma s/as/ask
#
Loqi singpolyma meant to say: could also ask in #social -- MMM-o probably knows
#
voxpelli as PuSH parsed the feeds and extracted the new/changed entries and tombstones aren't entries
#
voxpelli for h-feeds it would be nice with an h-entry with a dt-deleted property or similar + a way to broadcast such a change if the post has dropped of ones frontpage
#
voxpelli needs to do a indie-reader so he can dogfeed it
#
aaronpk that's what i was getting at
#
aaronpk with rel=updates
#
kylewm Wouldn't that be the dreaded "side file"
#
aaronpk not if it's an HTML page that also showed updates to people
#
aaronpk the wiki has one
#
voxpelli aaronpk: shouldn't everyone with a PuSH-subscription get it automatically though?
#
aaronpk voxpelli: i don't think so?
#
aaronpk human readable change log http://indiewebcamp.com/Special:RecentChanges
shevski joined the channel
#
voxpelli I'm thinking that one should do PuSH-pings whenever ones resource is updated – no matter if something is added to it, changed or deleted from it
#
singpolyma MMN-o has confirmed in #social, GNUsocial handles deletes by publishing and activity:verb of deletion
#
aaronpk voxpelli: i just don't see how you would know that a post on the third page of my home page feed has been deleted
#
kylewm feels like we are talking in circles
#
voxpelli aaronpk: doesn't every post has a unique id that clients deduplicate on?
tantek joined the channel
#
voxpelli but perhaps not that you referred to – tricky thing is mentioning what part of ones resource that has changed if it's gone past the first page
#
aaronpk right that's my point
#
voxpelli but just adding some rel that points that out would be enough, no?
#
aaronpk mediawiki solved this by having a "recent changes" page
begriffs joined the channel
#
ben_thatmustbeme hmm likes from woodwind clearly don't work on my site at the moment
#
voxpelli I'm thinking that this applies to any rel-next/rel-prev page – one should be able to subscribe to all pages as a whole and get notified what single page/part it is that has been affected
#
ben_thatmustbeme it does use "like-of" correct?
wolcen_ joined the channel
#
voxpelli aaronpk: I'm toying with the idea of actually adding a rel-canonical to signify which aspect of the resource it is that has been updated
#
aaronpk not sure i follow
#
voxpelli so that a ping would have rel=self to indicate its context, the topic that the update comes from, and rel-canonical to indicate the preferred URL to fetch the pushed resource from
bengo and squeakytoy2 joined the channel
#
aaronpk at that point it sounds like you're adding an "update" command to PuSH
#
voxpelli so if one pings page 3, then one would do rel-self=/resource and rel-canonical=/resource?page=3
#
aaronpk canonical doesn't sound like the right term to use there
#
aaronpk but i get what you're saying
#
voxpelli well, canonical is specced like "Designates the preferred version of a resource (the IRI and its contents)." and self is specced like "Conveys an identifier for the link's context."
#
aaronpk in PuSH?
#
aaronpk seems like you should swap them then. the preferred version of my home page URL is not the one that contains pagination parameters
#
voxpelli PuSH only defines rel-self and rel-hub
#
voxpelli aaronpk: rel-canonical only states which URL is the preferred version of the URL of your third page, the pagination you would indicate in your HTML with rel-start/rel-next/rel-prev, no?
#
voxpelli tricky thing is to find a way to provide pagination data in a shallow ping, in a fat ping one could provide that data within the push payload
#
aaronpk it seems there are essentially two different ways of handling this, so i'd be curious to write them both down and getting feedback on them from others who are actually building readers and publishers
#
@botminik It looks like Twitter broke IndieAuth be putting a short url into the night is out of question? (twitter.com/_/status/710188134961692672)
#
voxpelli a third way would actually be: Change the rel-self of your homepage to point to a "changelog"/firehose feed
#
aaronpk so the reader/consumer *only* subscribes to the changelog page?
#
voxpelli yeah
#
aaronpk sounds easier for the reader
#
voxpelli that's probably the easiest/best way to do it right now
#
aaronpk kylewm: does woodwind update posts that it finds in a feed right now?
shevski, snarfed, tantek, ttepasse, friedcell and Pierre-O joined the channel
#
kylewm aaronpk: yes it does
#
aaronpk cool
#
aaronpk since you don't fetch the post URLs, in order to delete a post in woodwind, there would need to be a placeholder in the feed that indicates it's deleted, right?
tvn and friedcell joined the channel
#
kylewm yep, unless we come up with another mechanism
wolcen_ joined the channel
#
voxpelli aaronpk: kylewm: would dt-deleted make sense? to accompany dt-published and dt-updated ?
#
aaronpk seems reasonable. I can add that to my tombstones https://aaronparecki.com/2016/03/16/11/
#
Loqi Deleted
#
aaronpk thanks Loqi
#
Loqi you're welcome
bengo joined the channel
#
tantek please check the wiki for previous discussions of dt-deleted or not
#
tantek I know we have discussed it already
#
tantek what is deleted?
#
Loqi A deleted is a post that has been removed https://indiewebcamp.com/deleted
#
aaronpk the deleted page only talks about deletes in the context of permalinks and webmention
#
aaronpk we have not yet discussed deletes in a feed, which is the current discussion
#
aaronpk i.e. there is no concept of "return an HTTP 410 code" for a deleted post in the feed, since the feed contains multiple posts
loic_m_ joined the channel
#
kylewm https://www.google.com/webhp#q=site:indiewebcamp.com+%22dt-deleted%22
#
aaronpk lol
#
aaronpk irc++
#
Loqi irc has 9 karma
tvn_ joined the channel
#
voxpelli lol indeed
#
aaronpk i retract my previous preference for u-deleted pointing to the post's URL. dt-deleted + url makes sense, however there still may be a desire/need to indicate a post is deleted without specifying the datetime of when it was deleted.
#
tantek < 6 mo ago too!
squeakytoy joined the channel
#
kylewm I'm minorly concerned that publishing deletes still might expose more information than I want
#
kylewm I deleted https://kylewm.com/2016/here-is-my-ssn-987-65-4321
#
Loqi Ruh roh
#
aaronpk lol
#
aaronpk well if you don't do that, then readers won't delete them either, so...
#
tantek perhaps we can document best practices
#
tantek e.g. redirecting to slugless URLs
#
tantek mumbles something about keeping human editable info out of required info of permalinks
#
kylewm :)
#
kylewm that's a good point tantek. it exposes a different problem.
#
kylewm aaronpk: i guess the alternative would be having the reader subscribe for updates to each indiviaul post, like voxpelli was suggesting earlier (I think, got confused on the rel-canonical stuff)
#
kylewm so the reader would only get updates about a deleted post, if it had already seen it, i.e. the damage was already done
#
voxpelli if it requires extra subscriptions then very few will likely bother to support it, but if they get the notifications anyway, then making something usable of them is a very minor addition, so I think dt-deleted/u-deleted makes sense for feeds
#
voxpelli (the rel-canonical was just a weird brainstorm)
KartikPrabhu joined the channel
#
aaronpk yeah subscribing to each individual post seems unlikely to happen, although another benefit of that would be you could show comment threads and update like/repost counts easily
begriffs joined the channel
#
KevinMarks this rel=updates thing sounds like an activity stream
#
myfreeweb if push hubs had wildcard support, readers could easily subscribe to all individual posts at once
#
KevinMarks hm, for a site that supports arbitrary posting, could you make an auth-less micropub endpoint?
#
myfreeweb arbitrary posting? like accepting random spam?
#
KevinMarks eg svgur.com lets you post arbitrary image + name + summary
#
KevinMarks admittedly I do it with google's file upload thing, so it has fugly submit urls
#
myfreeweb well, yeah, of course you can have authless micropub
#
myfreeweb the spec even says SHOULD, not MUST for OAuth/IndieAuth
#
myfreeweb but current clients are designed for IndieAuth
#
aaronpk i have some clients that don't support IndieAuth, and I just copy/paste a token into them
#
myfreeweb teacup?
#
myfreeweb hah, nope
#
KevinMarks right, I was just thinking that a tokenless version or one wiht a hardcoded token would be legit in some cases
#
aaronpk Compass is one of them, it just has a field you can paste a token into
#
KevinMarks and useful for testing as people bring up micropub implementaions
shevski joined the channel
#
aaronpk oh and p3k itself is a micropub client now, and it passes the access token to itself
begriffs, begriffs_ and mcclearen joined the channel
#
@kevinmarks “the most interactive and flexible way to do “social media” is own your own blog.” http://erickimphotography.com/blog/2016/03/16/instagram-is-going-to-be-the-next-facebook/ #indieweb (twitter.com/_/status/710223369031929856)
#
Loqi [indieweb] "“the most interactive and flexible way to do “social media” is own your own blog.” http://erickimphotography.com/blog/2016/03/16/instagram-is-going-to-be-the-next-facebook/ #indieweb" by Kevin Marks http://known.kevinmarks.com/2016/the-most-interactive-and-flexible-way-to-do-social-media
emmak and Mutter joined the channel
#
@kevinmarks @erickimphoto come chat at https://indiewebcamp.com/irc/2016-03-13 on how to connect your blog to other social sites (twitter.com/_/status/710224102989017088)
tvn, Mutter, Gold, mcclearen, shiflett, mlncn and Pierre-O joined the channel
#
kylewm hmm, not including required information in slugs doesn't help the delete question i had earlier. if i post kylewm.com/2016/03/16/b1/sensitive-info and then later issue a delete for kylewm.com/2016/03/16/b1, the reader won't know those are the same unless I redirect, and then I have the same problem as before
#
KevinMarks the slug problem is common to wordpress and known for passworded posts too
#
bear this is where the architect in me starts chanting/muttering: guid guid guid!
lukebrooker joined the channel
#
@StitchesofLight RT @ReadersGazette BLOG Indie Author Answers by Jim Heskett http://www.jimheskett.com/indieauth Get help writing your book #bookbloggers 67 (twitter.com/_/status/710219951546564608)
#
@sonupsales RT @ReadersGazette BLOG Indie Author Answers by Jim Heskett http://www.jimheskett.com/indieauth Get help writing your book #bookbloggers 67 (twitter.com/_/status/710219087662747650)
#
@MyBeachStore RT @ReadersGazette BLOG Indie Author Answers by Jim Heskett http://www.jimheskett.com/indieauth Get help writing your book #bookbloggers 67 (twitter.com/_/status/710218966745141248)
#
@eclectic_books RT @ReadersGazette BLOG Indie Author Answers by Jim Heskett http://www.jimheskett.com/indieauth Get help writing your book #bookbloggers 67 (twitter.com/_/status/710218956766887937)
#
@ReadersGazette BLOG Indie Author Answers by Jim Heskett http://www.jimheskett.com/indieauth Get help writing your book #bookbloggers 67 (twitter.com/_/status/710218591422058496)
#
@writerjvp Featured Indie Book: Pink Pussy, Pies and Peanut Butter (Yolanda M. Tucker): Featured Indie Book on Indie Auth... http://www.indieauthornews.com/2016/03/featured-indie-book-pink-pies-peanut-butter-yolanda-m-tuckerand.html (twitter.com/_/status/709967550180888576)
#
miklb o_0
begriffs and codenamedmitri joined the channel
#
aaronpk Just make sure you don't put your SSN in your GUIDs
shiflett joined the channel
#
gRegorLove Couldn't use those extra two letters "or" when setting up those URLs ^
KartikPrabhu joined the channel