#dev 2017-07-07

2017-07-07 UTC
tantek joined the channel
#
tantek
also this is now making me think a convention for jf2 + template -> mf2 would be really handy
#
tantek
so services would not have to hardcode the HTML they return, but rather could allow the client to provide a template to fill-in with the info from the jf2
#
tantek
basically a new HTML-based (obv) template syntax for jf2 -> mf2
Kai1 and eli_oat joined the channel
#
ben_thatmustbeme
Sounds like tantek is getting dangerously close to xslt
#
ben_thatmustbeme
Re: templates for jf2 -> mf2
tantek joined the channel
#
ben_thatmustbeme
waits for tantek to see the logs
snarfed, tantek and j12t joined the channel
#
tantek
lol no way
#
tantek
h2vx already has enough xslt tech debt
j12t_ joined the channel
#
tantek
thinking more along the lines of: 1) research/analyze the most usable template formats out there (e.g. anything from MediaWiki to what's on /template ), 2) brainstorm a template format in HTML, you might even say, a template microformat
#
tantek
based on said research obv
#
tantek
no desire to replicate the nearly unreadable madness of xslt
j12t__, j12t___, j12t, davidmead, snarfed, billbennettnz, prtksxna, prtksxna_ and [miklb] joined the channel
#
[miklb]
!tell manton I tried disabling/blocking xmlrpc in WP but no dice on bypassing it and using micropub.
#
Loqi
Ok, I'll tell them that when I see them next
prtksxna and tantek joined the channel
#
www.boffosocko.com
created /Indieweb_for_Journalism (+10348) "stub with definition, sketch, examples, resources"
(view diff)
sebsel, gRegorLove, AngeloGladding, tantek, barpthewire, petermolnar, cweiske and [pfefferle] joined the channel
#
[pfefferle]
good morning
#
Loqi
guten morgen
prtksxna joined the channel
#
Zegnat
We were talking about different attack vectors in #indieweb-chat yesterday, and wanted to put this out there (logged) for people: a (g)zip bomb will not kill your server if you use PHP’s file_get_contents, it only fetches plain text. Most XML attacks will also not work against PHP’s DOMDocument XML parsing, though you may want to make sure not to e
#
Zegnat
nable the LIBXML_NOENT flag.
#
Zegnat
A lot of so called “HTML parsers” are actually based on libxml or other XML parsers. Like PHP’s DOMDocument. So we were wondering how many attacks our webmention endpoints were being vulnerable to ;)
kants, jjuran and [kevinmarks] joined the channel
#
[kevinmarks]
if you're thinking about templates, the hard part is repeated elements.
davidmead, ben_thatmustbeme, raucao and barpthewire joined the channel
barpthewire, [kevinmarks] and [davidmead] joined the channel
#
[davidmead]
snarfed: karma++
#
cweiske
what is karma?
#
Loqi
It looks like we don't have a page for "karma" yet. Would you like to create it?
#
[davidmead]
snarfed++ for brid.gy issue ?
#
Loqi
snarfed has 5 karma in this channel (287 overall)
#
[davidmead]
gRegorLove+ for brid.gy issue
#
[davidmead]
gRegorLove++ for brid.gy issue
#
Loqi
gregorlove has 32 karma in this channel (170 overall)
#
[davidmead]
ugh. typos in the morning
eli_oat and eli_oat1 joined the channel
#
Zegnat
[kevinmarks], re: http://www.lifewithalacrity.com/, that CSS does not load local Tufte fonts? That is too bad. I have the font installed, but block webfonts in my browser. It could have shown me the correct font but now it doesn’t because it has no local fallback set :(
#
[kevinmarks]
hm. how would I change that?
#
calumryan.com
edited /Main_Page (-31) "/* Upcoming Homebrew Website Club meetups */ Update next to July 12th"
(view diff)
snarfed, [miklb], dougbeal|mb1, eli_oat, [pfefferle], [davidmead], Loqi, prtksxna, tbbrown, cweiske and [aaronpk] joined the channel
#
@rubygems
jekyll-webmention_io (2.5.0): This Gem includes a suite of tools for managing webmentions in Jekyll: * Tags -… https://rubygems.org/gems/jekyll-webmention_io
(twitter.com/_/status/883341592756711426)
[miklb] and snarfed joined the channel
#
Zegnat
Have fun reviewing that ben_thatmustbeme, sknebel xD
snarfed joined the channel
#
ben_thatmustbeme
Zegnat, this is when vimdiff comes in handy
#
ben_thatmustbeme
it all looks logical to me
#
ben_thatmustbeme
haven't tested it yet
#
Zegnat
aaronpk is there such a thing as a “full IndieAuth spec”? Instead of /indieauth-for-login, /authorization-endpoint, /token-endpoint, and /obtaining-an-access-token?
#
ben_thatmustbeme
i'm assuming you have
#
Zegnat
Yes. I am already running this code live. With a very small adjustment that makes the verification default to form rather than json output
#
Zegnat
Not ready for merge yet, therefor no PR.
#
Zegnat
It currently accepts scope on id, I don’t think that is right but I am also not sure. Need to read more spec
#
Zegnat
Should we apply some style guide? PSR / PEAR? This might be the PR to do it in, as this already touches most LoC anyway.
[kevinmarks] and [chrisaldrich] joined the channel
#
gregorlove.com
edited /User:Gregorlove.com (+20) "Loqi, are you back?"
(view diff)
[miklb], [cleverdevil], tantek, snarfed, [davidmead] and [kevinmarks] joined the channel
#
Zegnat
Is there anything like a babies-first-VPS out there? E.g. where the box is secure and has a proper server config from the start, but would allow me to install libsodium, pick my own PHP version, run some daemons that sort of stuff?
#
sknebel
Good evening Zegnat
#
Zegnat
Hi sknebel :)
snarfed joined the channel
#
sknebel
There is a bunch of scripts and guides, not sure if there is something prepared. But really, as long as you run only basics there is good documentation. (Set up firewall, proper SSH config, automatic updates (or not) takes care of a lot
#
Zegnat
I kinda don’t want to have to worry about proper firewall and ssh configs.
#
Zegnat
Maybe I should look for deployment-ready-images
tantek joined the channel
#
gregorlove.com
edited /import (+124) "dfn"
(view diff)
#
gRegorLove
export << import
#
Loqi
ok, I added "[[import]]" to the "See Also" section of /export
#
loqi.me
edited /export (+13) "gRegorLove added "[[import]]" to "See Also""
(view diff)
#
gRegorLove
import << data-portability
#
Loqi
ok, I added "[[data-portability]]" to the "See Also" section of /import
#
loqi.me
edited /import (+23) "gRegorLove added "[[data-portability]]" to "See Also""
(view diff)
snarfed joined the channel
#
snarfed
Zegnat: consider shared hosting? you can install and run arbitrary binaries, and usually daemons, but they have root and own sysadmin stuff. the servers are also often security-focused OSes like FreeBSD/NetBSD
#
snarfed
e.g. my web site is on a shared account on https://www.pair.com/ with that setup
[johnhenry] and [miklb] joined the channel
#
[miklb]
Zegnat, checkout Digital Ocean. They have some one click installers, and just added a this https://www.digitalocean.com/community/tutorials/an-introduction-to-digitalocean-cloud-firewalls
#
@WendyandCharles
ReadersGazette: BLOG Indie Author Answers by Jim Heskett http://www.thejugglingauthor.com/indieauth/ Get help writing your book #bookbloggers 64
(twitter.com/_/status/883128096177737728)
#
gRegorLove
We use pair for our client sites too; it's always been pretty good
#
Zegnat
I am on a shared with ssh access, at uberspace, but I can’t actually get at the server settings at all as far as I have seen
#
Zegnat
How much customising does pair allow?
#
Zegnat
reads DigitalOcean thing
#
[miklb]
DO usually has some promo codes to get a free month or two to test it out with.
#
[miklb]
oh, yeah, a referral link will give you $10 credit. I’m sure no shortage of people here that can provide one.
#
Zegnat
I don’t think I understand DigitalOcean’s products page, haha
#
Loqi
hehe
#
Zegnat
Apparently I need to retire for the night
#
[miklb]
I have no vested interest in them other than it’s convenient for a few things. I do like that you can add your public key to your account so when you spin up an instance it will add it so you can easily ssh to get started. The few one-click installers I’ve tested are solid.
#
[miklb]
My experience learning was getting a cheap VPS and breaking stuff, destroying and starting over until I felt comfortable enough to move my site.
#
sknebel
Zegnat: at least picking PHP version and installing your own PHP modules should be suported on uberspace by their tooling
#
Zegnat
modules too? Maybe I missed that somewhere
#
sknebel
(and maybe even be possible totally around them, since you can install all kind of custom services, and said service could of course be a php interpreter
#
sknebel
I thought there was something to install at least stuff from PECL
#
Zegnat
There are a few things I am finding annoying. My connection with my bouncer dies randomly from time to time, stating something about the service being unreachable. Sometimes get server reboots without communication.
#
Zegnat
It runs my current site pretty well, and their pay-what-you-want lets you experiment, but I am just not sure they are still what I want
#
Zegnat
I wouldn’t mind getting a little more control over what is being run, in trade for a little more cash. Just not sure if I trust myself with all the fiddly bits
tantek and snarfed joined the channel
snarfed and tantek joined the channel
#
www.boffosocko.com
created /Beaker_Browser (+239) "stub with definition and link"
(view diff)
#
[miklb]
that’s what Jim Pick was demoing at IWS, yes?
#
gregorlove.com
created /Dat (+106) "stub"
(view diff)
#
gRegorLove
[miklb]: Yeah
#
gRegorLove
Beaker Browser << Dat
#
Loqi
ok, I added "[[Dat]]" to the "See Also" section of /Beaker_Browser
#
loqi.me
edited /Beaker_Browser (+10) "gRegorLove added "[[Dat]]" to "See Also""
(view diff)
#
gRegorLove
Dat << Beaker Browser
#
loqi.me
edited /Dat (+38) "/* See Also */ new section"
(view diff)
#
Loqi
ok, I added "[[Beaker Browser]]" to the "See Also" section of /Dat
#
gregorlove.com
edited /Beaker_Browser (+27) "using Dat protocol"
(view diff)
#
[miklb]
Zegnat has inspired me to play with the fiddly parts and get redis object cache working with WordPress on my VPS tonight.
#
www.boffosocko.com
edited /Indieweb_for_Journalism (+2162) "POSSE in journalism; Bill Bennett article"
(view diff)
tbbrown and snarfed joined the channel
#
aaronpk
does the twitter API not include exact geo coordinates anymore?
AngeloGladding and snarfed joined the channel