#dev 2018-01-03

2018-01-03 UTC
krup, snarfed and [eddie] joined the channel
#
[eddie]
Uh oh, my micropub posts have been randomly failing 😞 Ever since I introduced my weather module… I think I must not be handling weather API failures well 😞
#
[eddie]
Good news I dump every micropub request to a log file immediately upon receiving it, so I still have all the data available, I’ll just have to manually repush some of the data through my micropub endpoint
#
[eddie]
logs++
#
Loqi
logs has 1 karma in this channel (3 overall)
#
gregorlove.com
edited /multi-site_indieweb (+195) "/* Indieweb Examples */ subheadings"
(view diff)
#
aaronpk
[eddie]: hehe I had some similar glitches as well
eli_oat joined the channel
#
AngeloGladding
hey guys have a question -- can you use Micropub to create a draft of a post?
#
AngeloGladding
or some existing mechanism to seed a post but not actually create it
#
GWG
AngeloGladding: If your client and server supports it, yes
eli_oat joined the channel
#
AngeloGladding
GWG is there a specification of this flow? Any prior art?
#
GWG
There is
jeffperry, [jefferydperry], [miklb], gRegorLove and [chrisaldrich] joined the channel
#
@pypi_updates2
django-webmention 0.1.0: A pluggable implementation of webmention for Django projects. http://bit.ly/2CsUKkF
(twitter.com/_/status/948382161308143621)
renem joined the channel
#
AngeloGladding
GWG thanks. Can't figure out how to approach the idea of letting Alice click a bookmark button on an article on Bob's site and have Alice redirected to a pre-filled "Create bookmark" UI on her own site. Bob's site shouldn't have or need `create` scope nor can he have the option of leaving out `post-status=draft`.
#
GWG
Isn't Bob's site acting as a client in this scenario?
#
GWG
I've never tried to implement what you are suggesting, but why not have a scope that only allows drafts to be posted?
#
GWG
If you want to check all posts?
chrisaldrich joined the channel
#
AngeloGladding
Bob's site is the client and yeah a draft scope sounds good!
#
AngeloGladding
thanks
#
gRegorLove
aaronpk, when you get a chance, could you review / deploy https://github.com/indieweb/indiewebify-me/pull/64 ?
#
Loqi
[gRegorLove] #64 Add /rel-me-check URL that returns more detailed information
#
@easyaspython
#webmention is a @w3c recommendation protocol for blogging sites to directly notify each other of cross linking.
(twitter.com/_/status/948390713976377344)
#
@easyaspython
Just released a new version of django-webmention (==0.1.0) with support for Django 1.10+ and Django 2.0+. Please fo… https://twitter.com/i/web/status/948390712508342272
(twitter.com/_/status/948390712508342272)
KartikPrabhu and tbbrown joined the channel
#
Ruxton
^-- So i wrote a script that steps through Indieweb sites hunting down images and creating a best-nine. The major issue is people are either not using rel="next" or in the case of Known, it's implemented backwards (prev is actually next)
#
Ruxton
woooah mad scroll back WOOPS :P
snarfed joined the channel
#
KartikPrabhu
Ruxton: rel-prev and rel-next do not have any implications of chronology
#
KartikPrabhu
so they can be used either way
#
Ruxton
KartikPrabhu: actually incorrect, HTML5 takes from HTML4.0.1 spec and defines how they should work
#
KartikPrabhu
Ruxton: yes, no mention of chronology there
#
KartikPrabhu
only "next document in a linear sequence of documents"
#
KartikPrabhu
does not specify that the sequence is time-ordered
#
Ruxton
well, if your homepage is the first page
#
Ruxton
how is there a previous page?
#
KartikPrabhu
homepage need not be "first" in the time-ordered sense
#
Ruxton
"A document with no previous sibling is the start of its sequence, a document with no next sibling is the end of its sequence."
#
KartikPrabhu
usually blogs have reverse-chronology so homepage would be last
#
Ruxton
so Known fails the implementation by provided both next and prev on the homepage
#
Ruxton
prev, being the current page
#
Ruxton
err next being the current page even
#
Ruxton
so, if I look for next and it exists, you drill down, if you look for next and it doesn't exist, you switch to prev and drill back, you can't do that with Known.
#
KartikPrabhu
my homepage has no rel-prev or next too
#
KartikPrabhu
in any case, I am not sure prev and next imply chronology. and I haven't seen any spec that says they imply chronology
#
Ruxton
you're correct, they imply document sequence, if you want to implement chronology backwards, then providing a "next" on the homepage breaks that
#
KartikPrabhu
no, it is next in the rev-chronology order
#
Loqi
[Kartik Prabhu] The Web’s Arrow of Time
#
KartikPrabhu
because the spec is vague on this, different sites implement it in different ways
#
Ruxton
the spec is not vague
#
Ruxton
it litereally covers both basis
#
Ruxton
*bases
#
Ruxton
the spec is "documents in sequence"
#
Ruxton
"A document with no previous sibling is the start of its sequence"
#
KartikPrabhu
Ruxton: still does not imply chronological sequence
#
aaronpk
In a reverse chronological sequence i would assume the first page I see is the last page in the sequence so rel=prev would give me the "next" page in the reverse chronological ordering
#
Ruxton
" a document with no next sibling is the end of its sequence."
#
KartikPrabhu
aaronpk: exactly
#
Ruxton
regardless of presumption, the code only needs to implement what I wrote above just now and presumption isnt needed
#
KartikPrabhu
Ruxton: you haven't specified any ordering to your sequence so it is ambiguous
#
aaronpk
In any case providing a next or prev link pointing to the same page seems wrong
#
KartikPrabhu
aaronpk: yes that does make sense
#
aaronpk
If Known is doing that then I'd say that specifically is the bug rather than trying to imply anything about time order
#
KartikPrabhu
ok maybe I got confused about the two issues
#
aaronpk
Regardless of time ordering, you should be able to determine whether a page is the start or end of the sequence based on the presence of a next or prev link
#
@cswordpress
@bibliata First, you'll want to make sure your website can send and receive webmentions. Start by installing the In… https://twitter.com/i/web/status/948440647639367680
(twitter.com/_/status/948440647639367680)
tantek, [asuh], sebsel and cweiske joined the channel
#
tantek.com
edited /POSSE_to_Facebook (+220) "add Using a CMS to main How section to hopefully help WordPress use-case discoverability"
(view diff)
tantek joined the channel
#
loqi.me
created /Bridgy_Publish_plugin (+248) "prompted by tantek and dfn added by tantek"
(view diff)
#
kaja.sknebel.net
edited /Bridgy_Publish_plugin (+2) "linkify ('… is <url>' pattern)"
(view diff)
[xavierroy] and KartikPrabhu joined the channel
#
Zegnat
tantek can you explain the 99% to me you mention here? https://indieweb.org/wiki/index.php?diff=43775&oldid=39752&rcid=43679 Are you saying 99% of people is uninterested in using Micropub clients like Quill and Omnibear, or other tools like the Webmention-sender Telegraph?
#
tantek
99% of users on the wiki had no need to do anything but simple rel=me setup
#
tantek
don't make that any harder for them
#
tantek
adding steps to user setup is usually a way to lose users and have a more failure prone system
#
tantek
we already saw this with openid then openid2 etc. which went from 2 <link> tags then to 4 just to do openid delegation
#
tantek
this is a known usability error (adding more steps)
#
Zegnat
But that’s wiki users. And the wiki doesn’t claim to use IndieAuth for login. The page should, IMHO, be about using IndieAuth
#
tantek
so stop adding more steps
#
tantek
no, part of "using IndieAuth" should be it "just works" even if you *only* setup rel=me
#
tantek
if that's not the case then IndieAuth providers need fixing so that it is
#
tantek
not steps for users
#
Zegnat
That is untrue for both IndieAuth per spec and IndieAuth in practice
#
tantek
(people would get openid link tags wrong all the time because it just required 2 steps instead of 1)
#
tantek
(then they made it worse)
#
tantek
no IndieAuth in practice is what 99% of users do which is login to the wiki
#
tantek
that's the point
#
tantek
so the spec should be fixed to make the simple user model reliable
#
tantek
otherwise the spec is broken
#
tantek
the burden should be on provider devs, not millions of users
#
Zegnat
No. My point is the wiki has *never* referred to its login as IndieAuth. Quill and Telegraph are examples of websites that have always referred to IndieAuth. Those last two *require* the extra link.
#
tantek
then they are broken
#
tantek
just as openid was
#
tantek
in asking for an extra step
#
Zegnat
You probably need to open an issue against the IndieAuth spec then
#
tantek
too late for me, maybe tomorrow if someone else doesn't do it first
#
tantek
focusing on higher priority posts first before going to sleep
#
Zegnat
Basically nowhere that advertises IndieAuth that I use (Telegraph, Quill, Omnibear) will let me use RelMeAuth.
#
Zegnat
Only the wiki does, but then again, the wiki *never* claimed to use IndieAuth, it always referred to its login as /Web_sign-in and mentioned IndieAuth as an *alternative*: https://indieweb.org/File:indieweblogin.png
#
Zegnat
But I can spin this off into an issue for discussion in a bit :) Will mention you so you’ll find it in your GitHub notifications when you have time
#
tantek
Zegnat: "wiki *never* claimed to use IndieAuth" is false or at best obstinately misleading / narrow interpreting a particular view of the IndieAuth naming debacle (.net service vs protocols etc.)
#
tantek
#1 step in the How To for IndieAuth has been to use rel=me for *ages* https://indieweb.org/IndieAuth#How_to
#
tantek
" Add a link on your home page to your various social profiles with the attribute rel="me""
#
tantek
even if you click through to "full setup instructions" to https://indieauth.com/setup
#
tantek
again first thing is
#
tantek
"1. Link to your various social profiles on your home page"
#
tantek
so yes we have taught people that "IndieAuth" means setup your rel=me and it will "just work"
#
tantek
for *years*
#
tantek
basically since IndieAuth replaced OpenID on the wiki etc.
#
tantek
so since the beginning of IndieAuth
#
tantek
that's a historical fact and you (nor anyone) gets to change that
#
Zegnat
Yeah, I’ll make sure to link to older wiki pages in the GitHub issue. At some point IndieAuth was changed from being “an implementation of Web sign-in/RelMeAuth with an HTTP API” to being “an identity layer on top of OAuth 2.0” (from spec).
#
tantek
I'm not linking to older wiki pages above in my citations ^^^ those are the current instructions
#
Zegnat
Those are current instructions under the specific header for using IndieAuth.com, and also incomplete instructions per IndieAuth spec.
#
Zegnat
The whole discussion is about how those instructions are outdated with the new spec. So I am saying change the instructions, and you are saying change the spec.
#
Zegnat
Both are fine solutions IMHO.
#
tantek
if the current spec forces every user to add a second item of configuration then it is broken from a usability perspective and very much not fine
#
tantek
we don't need to repeat that fragile mistake of openid 1
#
Zegnat
I am just not sure how you would codify the fallback if no auth-endpoint it linked into the spec, without discouraging implementers.
#
tantek
fallback
#
Zegnat
s/it/is/
#
Zegnat
Fallback to what though?
#
tantek
to relmeauth
#
tantek
discouraging implementers is nearly irrelevant compared to making things fragile for users
#
tantek
orders of magnitude difference
#
Zegnat
I don’t agree there. If you start a spec as something almost nobody wants to implement it is irrelevant how easy it is for users. You are not going to see adoption.
#
tantek
if you start a spec without an implementation first or at least a prototype you are pursuing an aspirational spec and it's likely to fail regardless
#
tantek
that does not apply to the current situation
#
tantek
we spec'd both relmeauth and indieauth only *after* we had working implementations that demonstrated implementability
#
tantek
that's how most specs are built these days
#
tantek
nearly no one (outside academic / research circles) makes up a spec then hopes for impls
#
Zegnat
And I am saying the IndieAuth spec is doing just that because it reflects how everyone who says they do IndieAuth has implemented IndieAuth: without RelMeAuth fallback ;)
#
tantek
no, the first implementation (for the wiki) did relmeauth and that was essential to get adoption
#
Zegnat
I for one would never have written an IndieAuth implementation if it had to offer a RelMeAuth fallback... the only fallback I can imagine supporting is on mailto:-links, and that’s not useful for most people.
#
tantek
the others have a fraction of the adoption, that's the point
#
tantek
go view # of users on the wiki
#
tantek
it's in special pages
#
tantek
it's 1000s x more than any of those apps
#
Zegnat
Yes, I get your point. You are saying that even though IndieAuth spec is used by the wiki to communicate with IndieAuth.com, and this spec does *not* include RelMeAuth, because the IndieAuth.com interface does allow RelMeAuth that should be considered as part of the spec.
#
tantek
no I am saying in practice IndieAuth means rel=me
#
tantek
users / wiki / logins etc.
#
tantek
however you want to count the stats
#
tantek
by any reasonable maeasure
#
tantek
the non rel-me uses are <1% noise in comparison currently
#
tantek
so to use them to justify an argument is very unscientific
#
tantek
and worse to make life harder for the 99% of rel=me users
#
tantek
certainly not very empathetic, and self-defeating per the openid example
#
Zegnat
I’ll open the issue against the spec and link to this chat, do not want to give the impression that I am rephrasing or changing your opinion in the issue itself :) Thanks for the discussion!
#
tantek
btw another citation for the change in how specs are written, even at W3C: https://www.w3.org/Guide/standards-track/
#
tantek
Zegnat I think the miscommunication is that you are trying to be strictly logical with your argument, and I am making an argument from the point of view of actual usage
#
tantek
(measurement vs. plain reasoning)
#
Ruxton
https://github.com/Ruxton/indieweb-bestnine - has some issues, but mostly works! will continue with it later and chuck it up somewhere as a service
#
Loqi
[Ruxton] indieweb-bestnine: Scours indieweb websites, in an attempt to find photos and pick the best nine of the month or year.
#
tantek
Ruxton wow!
#
tantek
Ruxton++
#
Loqi
ruxton has 2 karma in this channel (6 overall)
#
tantek
what is best nine
#
Loqi
best nine is a popular aggregation and summary post practice on Instagram, supported by services like https://2017bestnine.com/ which only ask you for your username then return a 3x3 grid of your 9 most liked photos https://indieweb.org/best_nine
#
Loqi
[Ruxton] indieweb-bestnine: Scours indieweb websites, in an attempt to find photos and pick the best nine of the month or year.
#
Loqi
ok, I added "https://github.com/Ruxton/indieweb-bestnine" to the "See Also" section of /best_nine
#
loqi.me
edited /best_nine (+46) "tantek added "https://github.com/Ruxton/indieweb-bestnine" to "See Also""
(view diff)
#
Ruxton
this is my bestnine image made frm my blog with that - https://puu.sh/yTgi4/f8a86c71df.jpg
#
Zegnat
It also doesn’t help that my mind has already set in the wiki-uses-web-sign-in and micropub-clients-use-indieauth paths, tantek. Which means I have a very hard time treating the wiki as something that uses IndieAuth.
#
tantek
Zegnat except that the wiki documents itself as using indieauth
#
Zegnat
But my mind being set that way doesn’t make your argument invalid, which is why I do think this should be discussed in relation to the IndieAuth spec
#
Ruxton
home time now, peace :P
#
tantek
so I'm not sure how you set your mind in contradiction to what the wiki has said and taught people for years
#
Zegnat
Because the login page of the wiki has never told me it was using IndieAuth. The external service used being called IndieAuth has never made me consider the tech as also being called IndieAuth.
#
tantek
the login page? that's just one part of the login flow which says IndieAuth all over itself
#
tantek
yes most login UIs don't say what they're using until you start the process. often they just have a "Login" link
#
Zegnat
Except the IndieWeb wiki login UI specified what it was, a “web sign-in prompt”: https://indieweb.org/File:indieweblogin.png
#
Zegnat
So that has always stuck with me.
barpthewire joined the channel
#
loqi.me
created /report_account (+25) "prompted by tantek and redirect added by tantek"
(view diff)
#
vanderven.se martijn
edited /report_abuse (+1141) "/* Silo Examples */ Facebook report and review flow."
(view diff)
#
vanderven.se martijn
edited /support (+153) "Start silo section, document a usecase for the Facebook support inbox."
(view diff)
KartikPrabhu joined the channel
#
Loqi
[Zegnat] #12 Specify RelMeAuth as fallback.
deathrow1, AngeloGladding and leg joined the channel
[xavierroy], eli_oat and dougbeal|mb1 joined the channel
#
@bibliata
@cswordpress Yes, I've already done this; but just a question: webmentions refer to the site being mentioned on fac… https://twitter.com/i/web/status/948564610172497920
(twitter.com/_/status/948564610172497920)
[kevinmarks] joined the channel
#
[kevinmarks]
Doesn't bridgy do that?
[miklb] joined the channel
#
sknebel
if I read the discussion correctly, they want those "comment with facebook" widgets, not comments on their facebook posts
[xavierroy] and [eddie] joined the channel
#
[eddie]
!tell Zegnat: Thanks for creating the issue on GitHub. Great place for me to be able to add my thoughts to the discussion 🙂
#
Loqi
Ok, I'll tell them that when I see them next
snarfed joined the channel
#
Zegnat
Ah, interesting, thanks for the comments [eddie], Ruxton.
#
Loqi
Zegnat: [eddie] left you a message 4 minutes ago: Thanks for creating the issue on GitHub. Great place for me to be able to add my thoughts to the discussion 🙂
#
Zegnat
That definitely needed to be pointed out, though I don’t think that changes anything about my personal feelings against declaring a specific fallback.
#
Ruxton
welll.. it maybe points out an issue in the spec, in that the idea of authentication, is tied to authorization tokens. Authentication alone doesn't need that stuff
#
Ruxton
or just that the terminology is easily confused
#
aaronpk
Oh boy
#
aaronpk
reading scroll back
#
Ruxton
haha :)
#
Loqi
rofl
#
[eddie]
hahaha
#
Ruxton
strap yourself in
#
aaronpk
I wish I could have called the spec WebAuth because we wouldn’t be having this debate then
#
[eddie]
hmm, I don't know if the spec name would really have changed the debate 😕
#
[eddie]
unless I'm missing something important
#
aaronpk
It would because if the OAuth extension was called something else it wouldn’t be conflated with wiki login
#
[eddie]
ohhhh gotcha
#
sknebel
as I just noticed while trying it again it is now less clear on IndieAuth vs RelMeAuth/Indieauth.com than it was before the wiki changes :/
#
aaronpk
Wait what changes
#
sknebel
before the login page started on the wiki with explanation and links, now it directly goes to indieauth.com
#
sknebel
when you added SSO
#
sknebel
and the text on that page is worse IMO
#
aaronpk
Oh yeah
#
Zegnat
Yeah, I realised that too.
#
aaronpk
Free to send a PR for that text :)
#
aaronpk
Also that’s going to change to indielogin.com soon
#
sknebel
I presume that "soon" was the reason nobody touched it last year
#
Zegnat
The soon is definitely the reason I halted updating the /IndieAuth wiki page
#
aaronpk
It’ll same code tho so any text changes on that prompt will still be useful
#
[kevinmarks]
Don't the "comment with facebook" widgets create comments on a post pointing to the current page though?
#
Zegnat
I think my main issue with RelMeAuth, as an implementer, is that I need to register my client with every OAuth provider separately. I commend aaronpk for tackling this with indielogin.com, but I just don’t see other people doing the same thing.
#
Zegnat
I foresee this will cause partial implementations or an indielogin.com monoculture. Both undesirable.
#
aaronpk
I agree with that
#
aaronpk
Also the point you mentioned about there not actually being any providers in common between the user and the site they’re logging into necessarily
#
aaronpk
I want to make a new IndieAuth server just so there are more options than indieauth.com
#
Zegnat
How do you mean? A second service? A replacement?
#
aaronpk
A second one that doesn’t do RelMeAuth at all
#
aaronpk
Either local accounts or proxying to something like google
#
Zegnat
I’ve been thinking about a local accounts one. Basically selfauth-as-a-service. Then offer 2FA and login history, which is hard to support in an easy to set-up 1 file IndieAuth implementation.
#
aaronpk
Yeah exactly
#
Zegnat
Possibly in combination with a token endpoint, so you can also see issued tokens when logged in and revoke them
#
Zegnat
But that’s a project for after my blog Micropub
#
aaronpk
That would certainly be nice too
#
snarfed
i wonder how much work would take to make https://oauth-dropins.appspot.com/ a public indieauth provider
#
snarfed
guess i'd have to build the token generator, validator, maybe scope checker, new UI. substantial, but straightforward.
#
snarfed
s/i/we/
#
Zegnat
token generator isn’t really necessary. People could use https://tokens.indieauth.com/ to start with.
#
Zegnat
tokens and authentication do not have to be the same service with IndieAuth
#
vanderven.se martijn
edited /YouTube (+139) "Add link to our YouTube channel."
(view diff)
#
Zegnat
I almost have YouTube playlists parsing into jf2 feeds in my XRay instance :D
[jefferydperry] and [chrisaldrich] joined the channel
#
dgold
Zegnat: could you write up your xray-instance creation?
#
www.boffosocko.com
edited /Jetpack (+30) "links; opensource; WordPress template"
(view diff)
#
Zegnat
All you have to do to run XRay is clone the repository. There isn’t a lot of configuration required...
#
dgold
oh, I thought you meant using it as an api
[colinwalker] joined the channel
#
Zegnat
I am not hosting a public one.
#
Zegnat
But if you are using XRay (either as library or hosting it as a service) you can just clone my repo’s YouTube branch and do not have to change anything else
#
grantcodes
Hey aaronpk is there any way of getting a list of subscribed feeds via the microsub api yet? I'm trying to build a settings ui for channels so you can see what you are subscribed to and unsubscribe easily.
#
grantcodes
Can't see it in the spec at the moment
#
aaronpk
I thought I implemented that
#
aaronpk
yeah monocle should support that
#
grantcodes
Yeah just remembered it was called following :D
dgold joined the channel
#
Zegnat
Wow. Looks like YouTube playlist API does not include the separate video authors. Just puts the playlist author in there.
#
Zegnat
So you need to make a separate call for every video in a playlist to get that. And then for every author you find another call to retrieve their actual information.
#
Zegnat
starts caching
#
www.boffosocko.com
edited /Bridgy (+178) "Link to Bridgy Publish WordPress plugin"
(view diff)
John__, tantek and [pfefferle] joined the channel
#
aaronpk
alright, commented on the giant thread
#
aaronpk
from my website :) thanks silo.pub
#
dgold
there's a giant thread?
#
Loqi
[Zegnat] #12 Specify RelMeAuth as fallback.
#
Zegnat
Oh, I just noticed the login prompt on indieauth.com that is currently used by the wiki has exactly the same text as used to be on the wiki itself :) It calls its own login /Web_sign-in
#
Zegnat
I guess the only “branding” on the login page is the big IndieAuth.com in the header, which is about the change anyway.
#
dgold
thanks sknebel
#
aaronpk
I might need to re prioritize the indieauth.com move over the other stuff I’m doing like Monocle
[eddie] joined the channel
#
[eddie]
Nice post, aaronpk. Simple and thorough
#
[eddie]
aaronpk++
#
Loqi
aaronpk has 99 karma in this channel (1522 overall)
#
Zegnat
It would be nice to get the authentication stuff closed, aaronpk. That’s for sure.
[cleverdevil] joined the channel
#
@misuba
@pfrazee Webmention is an emerging standard (it's one of a few things the SoLiD and IndieWeb teams agree on); I won… https://twitter.com/i/web/status/948607948909088768
(twitter.com/_/status/948607948909088768)
#
@webrocker
boah, die classnames beim wp webmention plugin werden auch schneller gewechselt wie anderswo die unterhosen… jedes… https://twitter.com/i/web/status/948610954706800646
(twitter.com/_/status/948610954706800646)
renem joined the channel
#
grantcodes
aaronpk: Another monocle question before it gets deprioritized :P Does the channel delete method work? I just keep getting 500 errors "Whoops, looks like something went wrong."
#
grantcodes
Oh also I think the channel updating is actually creating a new channel and not renaming the existing one.
#
@aaronpk
@pfrazee @misuba @pfrazee That sounds similar to Vouch, a Webmention extension https://indieweb.org/Vouch Would love your thoughts on that.
(twitter.com/_/status/948611731659436032)
#
aaronpk
are you sending the channel uid in the "channel" parameter like this? https://indieweb.org/Microsub-spec#Update_a_Channel
#
grantcodes
Like so: "https://monocle.p3k.io/microsub/2?action=channels&name=New+Demo+Channel1&channel=a9KsqZ1gaCmU5tkrcBRQWGpsndqkhyR1"
#
aaronpk
hopefully as post body params, not query string
#
aaronpk
that definitely should not create a new channel. i'm looking at the code trying to figure out how it would. I'll try to fix these on the plane.
#
grantcodes
Hmm that might be it 🤔 other post requests work, so not even checked if that was the problem.
#
grantcodes
No rush :)
#
GWG
Is aaronpk holding court?
barpthewire, cweiske, snarfed, KartikPrabhu, [kevinmarks] and [chrisaldrich] joined the channel
#
Zegnat
aaronpk, I like the way you split up fetcher and parser in XRay. I just finished rewriting the fetcher part of my YouTube format. Much easier to now work with the data than with YouTube’s actual API output :D
#
aaronpk
That made writing the tests possible :-)
#
Zegnat
Yeah, I should add tests at some point. First want to see if the output is feasible.
AngeloGladding joined the channel
#
dgold
oh, <cry>
#
dgold
spent last hlaf hour tearing hair out at a persistent error from php
#
dgold
I had an extra 't' in a variable name
#
dgold
<headdesk>
[eddie] joined the channel
#
[eddie]
Ohhh that's the worst!
#
dgold
your sympathies are noted, eddie
#
dgold
turning this frown upside down!
#
Zegnat
Anyone know of any weird YouTube URL formats?
[kevinmarks] joined the channel
#
[kevinmarks]
Apart from youtu.be?
#
Zegnat
Haha, yeah
#
Loqi
Zegnat: lol
#
Zegnat
I just updated my parser to also understand m. links, the mobile ones. Totally missed those the first time
#
[kevinmarks]
They redirect the country domains to the com
#
Zegnat
Apparently there used to be some sort of hash-bang Ajax-y URLs too, but haven’t seen those in the wild yet. Same with localised subdomains (language code? country code?).
#
Zegnat
Oh, right, they also have those. Darn.
#
[kevinmarks]
I don't think you see them in the wild
#
Zegnat
Clever, I should have checked youtube-dl, thanks for the tip snarfed!
#
Zegnat
I had just moved away from a crazy regex, and now you point me at one ... :P https://github.com/Zegnat/XRay/blob/youtube/lib/XRay/Formats/YouTube.php#L20-L53
#
snarfed
/me regrets nothing
[cleverdevil] and jjuran joined the channel
#
Zegnat
Alright, added some more possible URLs. I think this should cover most things. Only need to update the parser to build feeds and we’ll have jf2 YouTube feeds!
#
Zegnat
(To some extend.)
[eddie] joined the channel
#
[eddie]
Wooo!!!!
bengo, [tantek] and [cleverdevil] joined the channel
#
[tantek]
Good discussion on indie auth issue 12 by everyone. Definitely making me rethink both naming and the number of different pieces and what different parties expect each to do
#
[tantek]
I both like the name “IndieAuth” has been colored by the “makes it easy to login to the indie web wiki” aspect from years of documentation and blog posts etc
#
[tantek]
OTOH “IndieAuth” as a protocol for authorization using an independent website also makes sense
#
[tantek]
Also the authn vs authz distinctions made make sense. Which makes me wonder if those should make their way into names?
#
[tantek]
Eg I think W3C has Webauthn
#
[tantek]
And if the protocol uses beyond the wiki are primarily or only authz (per the thread) then maybe the “minimal” protocol (that doesn’t include relmeauth) could make that explicit as IndieAuthz?
#
[tantek]
Then an IndieAuthn (also as a protocol) could otoh be inclusive of RelMeAuth as a fallback to do authentication
#
[tantek]
These are off the top of my head informal brainstorming thoughts I expect critique/pushback hence not adding it as a concrete comment on the issue
#
GWG
I have wanted to replace the authentication endpoint in Indieauth with the WordPress login for a while.
#
GWG
This debate may push that
snarfed and [kevinmarks] joined the channel
#
GWG
snarfed, may I ask a favor due to my deep respect and admiration for you?
#
GWG
I am guessing that is an invitation to elaborate?
#
GWG
I wrote my first unit tests for Indieauth. Once I finish I would like to use the same tests in the Micropub implementation. Would you be able to comment on them? I always need more unit testing feedback.
#
GWG
I will advise you. Lots more iterations before I am ready to push.
#
GWG
The client implementation has to be solid so I can use it to test a server implementation if I ever build one.
tantek and jjuran joined the channel
#
[kevinmarks]
i really hate authn and authz - we need to switch to more distinguishable words
#
aaronpk
I like using "login" or "signin" instead of authentication
#
tantek
depends on who you are trying to appeal to
#
tantek
developers or users
#
tantek
aaronpk I agree with those preferences for users
#
tantek
things like UI, services (domains / URLs) that users sign-up with, or happen to get delegated to
#
tantek
however the dev / IETF / protocol heads prefer more jargony terms because they feel like jargon = more precision (whether it does or not), and such jargon acts as a shibboleth for those "communities"
#
tantek
what is jargon
#
Loqi
jargon is a specific unobvious word, concept, or technology (like Webmention), or re-use of a word to mean something other than its common meaning (like feed), or sometimes re-using a word as an acronym (like POSSE) https://indieweb.org/jargon
#
gRegorLove
Sounds like a good reason to use "login" or "signin" all the time, heh
#
gRegorLove
outgroups--
#
Loqi
outgroups has -1 karma
#
tantek
gRegorLove: not if your goal is developer appeal and adoption. developers love shibboleths because it caters to a sense of inclusion or exclusivity
#
tantek
it/they
#
Loqi
ok, I added "[https://en.wikipedia.org/wiki/Shibboleth shibboleth]" to the "See Also" section of /jargon
#
loqi.me
edited /jargon (+73) "See Also"
(view diff)
#
gRegorLove
I'm in favor of pushing back against that exclusivity, personally.
#
tantek
gRegorLove: in general I agree. but if the goal is getting say, IETF acceptance as an RFC, or uptake among the OAuth / websec crowds, then shibboleths essentailly act like good marketing to them
#
gRegorLove
Makes sense
#
tantek
that being said, I wonder if there is some optimal level of just-jargony enough to appeal to such crowds, but no more jargony than that
#
tantek
gRegorLove: btw I'll note this not-sure-if-deliberate-or-ironic usage: https://en.wikipedia.org/wiki/Shibboleth_(Shibboleth_Consortium)
#
gRegorLove
stops going down the rabbit hole
#
[kevinmarks]
I registered canihaz.me and web-it.me last time we talked about this
[manton] joined the channel
#
Zegnat
Just stopping by on my way to bed, but wanted to comment on: “if the [IndieAuth] protocol uses beyond the wiki are primarily or only authz (per the thread)”. Are they though? As sknebel pointed out in the issue Telegraph’s usage is authn. So is my implementation in Sink. Micropub clients definitely are in it for the authz but there are non-Micropub
#
Zegnat
IndieAuth implementations out there already.
#
Zegnat
(sebsel’s implementation may also be authn only, not too sure.)
#
Zegnat
Should probably put that in the issue and not here. Oh well. Tomorrow.