#dev 2018-07-04

2018-07-04 UTC
#
snarfed tantek__: add exception? in firefox? is that for a bad cert?
#
KartikPrabhu tantek__: lets encrypt certs work fine in my FF
#
tantek__ wrong domain
#
tantek__ cert is for dl.maindomain and the maindomain attempts to use it
#
KartikPrabhu aah
#
tantek__ documenting example now
#
tantek__ documenting failures to understand weaknesses in approach
#
KartikPrabhu wouldn't that fail for any cert authority?
#
KartikPrabhu unless it is a wild-card cert
#
tantek.com edited /Let's_Encrypt (+545) "Criticism, apparent Easy to misconfigure with example, puckipedia found via rhiaro.co.uk/follows" (view diff)
#
KartikPrabhu is confused about why this is a criticism of Lets Encrypt in particular
#
KartikPrabhu you could badly configure any certificate from anyone
#
aaronpk that doesn't seem like it's unique to letsencrypt...
#
aaronpk in fact I suspect this one is a case of no server config specified for "https://puckipedia.com" so it's defaulting to the first/last https site configured in the list, which happens to have a letsencrypt cert
#
aaronpk a few of my domains do that too if you go to the https address of them if I don't have a cert installed there
#
tantek__ aaronpk, nah, Amy followed it
#
tantek__ so presumably there *was* a config there
#
tantek__ so something got screwed up
#
tantek__ https://rhiaro.co.uk/2017/12/5a40f595856f0
#
tantek__ I'll add that citation
#
aaronpk still not unique to letsencrypt, that's just a web server configuration thing
#
aaronpk if anything, it's a criticism of nginx
#
aaronpk (the web server on puckipedia.com)
#
tantek.com edited /Let's_Encrypt (+128) "cite evidence that https URL used to work, so something went wrong eventually" (view diff)
#
tantek__ right now I only found it with a let's encrypt cert, I could be convinced to move it to /HTTPS#Criticism instead
#
snarfed it's not CA specific
#
aaronpk it's not even an *expired* cert
#
aaronpk so it's *really* not letsencrypt specific
#
snarfed lol
#
tantek__ wait did I write it up as expired?
#
tantek__ it's just a let's encrypt cert, that's the only let's encrypt specific part
#
tantek.com edited /Let's_Encrypt (+90) "consider moving to HTTPS" (view diff)
#
KartikPrabhu that is like criticising microormats if someone writes wrong markup
#
tantek__ which I've seen plenty of, which isn't completely wrong either (since bad markup is a thing we have to pragmatically live with and preferably handle better)
#
KartikPrabhu ok i give up
#
tantek__ not sure what you were fighting
#
tantek__ we should document examples of failure in an effort to both be transparent and hopefully learn how things can be improved
#
KartikPrabhu including general citicism as criticism of lets encrypt specifically
#
KartikPrabhu oh well
#
Loqi +1
#
tantek__ KartikPrabhu: I captured the consider moving to HTTPS in the criticism - feel free to +1 there or even move it if you like
#
tantek__ not sure why the give up / oh well, when your opinion was captured
[jgarber] joined the channel
#
[jgarber] > Requires control over your own server
#
[jgarber] This bit in the Let’s Encrypt “Limitations” section may be considered inaccurate:
#
[jgarber] Services like Netlify and Heroku will automatically provision and renew Let’s Encrypt certificates for you. I wouldn’t describe user/customer interaction with those hosting services as having any control over the web server. (In fact, Netlify is one of these new-fangled “serverless” companies.)
#
[jgarber] > You have to have at least some control over your webserver.
#
[jgarber] Related:
#
[jgarber] > E.g. Template:mwunsch is unable to use LetsEncrypt on his own site markwunsch.com because it is hosted on GitHub.
#
[jgarber] GitHub supports custom domains for projects using GitHub Pages and will also grant HTTPS certificates for custom domains associated with a GitHub Pages-hosted site.
#
[jgarber] https://help.github.com/articles/securing-your-github-pages-site-with-https/
#
tantek__ jgarber - definitely update it!
#
[jgarber] So I suppose the statement is technically accurate: You can’t use Let’s Encrypt with GitHub Pages, but… you don’t need to. ¯\_(ツ)_/¯
#
tantek__ what is Netlify
#
Loqi Netlify is a CDN/static hosting provider with integrated build service, useful for static site generators https://indieweb.org/Netlify
#
tantek__ jgarber, right, important to clarify that statement accordingly
#
tantek__ what is Heroku
#
Loqi Heroku is a platform as a service (PaaS) that supports Ruby, Java, Node.js, Scala, Clojure, Python, PHP and others https://indieweb.org/Heroku
#
tantek__ jgarber, could you add a note to /Netlify and /Heroku noting that they "will automatically provision and renew Let’s Encrypt certificates for you" ? (preferably with links to where they claim to do so)
#
kartikprabhu.com edited /Let's_Encrypt (+71) "/* IndieWeb Examples */ add myself" (view diff)
#
[jgarber] tantek__ Yep, will do that tomorrow. 👍
#
tantek__ thanks jgarber!
#
tantek__ starts to re-think the top level "objects" in /GitHub
#
tantek__ is it just accounts, repos, gists?
#
tantek__ what is a gist
#
Loqi gist is a tool by GitHub for posting code snippets online at https://gist.github.com https://indieweb.org/gist
#
tantek__ tool? maybe feature
#
tantek__ what is a repo
#
Loqi repository is a collection of typically code & other files, issues & responses, and a set of releases related to a specific project, often hosted in source control such as Git, on a service like GitHub or on independent sites using open source software https://indieweb.org/repo
#
tantek__ what is versioned
#
Loqi It looks like we don't have a page for "versioned" yet. Would you like to create it? (Or just say "versioned is ____", a sentence describing the term)
[snarfed] joined the channel
#
[snarfed] orgs
#
[snarfed] gists are repos under the hood
#
tantek__ what is versioning
#
Loqi Versioning is the practice of keeping previous versions of a post or other item available (possibly through a record of edits, AKA edit history) https://indieweb.org/versioning
#
tantek__ versioned is /versioning
#
Loqi ok
#
loqi.me created /versioned (+23) "prompted by tantek__ and redirect added by tantek__" (view diff)
#
tantek__ snarfed, "under the hood", but in terms of UI?
#
[snarfed] just FYI bridgy publish support for any of those would be very low priority for me at least. too rare
#
[snarfed] ui no
#
tantek__ snarfed, for "those" - do you mean e.g. creating a repo?
#
[snarfed] yes, repos, accounts, orgs
dougbeal|imac joined the channel
#
[snarfed] gists might be more common
#
tantek__ I'm trying map out part of it to try to see what pieces would be needed on your own site to have a GH repo-equivalent on your own site
#
tantek__ snarfed, I defer to your prioritization
#
[snarfed] ambitious! examples so far are generally dedicated tools - gitlab, gogs, etc
#
[snarfed] and repo posse is nontrivial since you generally want ongoing mirroring of the contents
#
tantek__ ongoing mirroring ~= POSSE updates
#
tantek__ and that part might be handled by git directly
#
[snarfed] hah, sure. more and more ambitious! go for it!
#
tantek__ rather than having to create a service to do so
#
tantek__ snarfed, not that ambitious, just trying to provide a rough coarse map of the pieces
#
[snarfed] tantek++
#
Loqi tantek has 36 karma in this channel (449 overall)
#
[snarfed] how's the indie tag-of coming? :P
renem joined the channel
#
tantek.com edited /repository (+307) "aka repo, tweak dfn, add see also, stub indieweb examples, silo examples" (view diff)
#
tantek__ snarfed, indie /tag-of design led me to want to better understand Micropub update protocol in an attempt to map out analogous /edit posts which can (hopefully) allow /tag-of update replies as a subset
#
[snarfed] right!
#
tantek__ current rabbithole is because GWG asked / raised issues about /Vouch, made me realize we don't have a Vouch repo to capture issues, led me to consider creating a Vouch repo in the indieweb GH org, led me to better document GH silo features
#
tantek__ might be overthinking this
#
GWG tantek__: I'm sorry. but technically, you rabbitholed me first. You've suggested we should have Vouch for WordPress multiple times.
#
GWG Besides, I'm rewriting 1565 lines of [snarfed] unit tests, so I'm not having fun right now either.
#
dougbeal|imac But the Yak won't fit down the rabbit hole?
#
[snarfed] hugs all around!
#
tantek__ dougbeal, no, the Yak needs drastic shaving in order to fit down the rabbithole
#
KartikPrabhu you are all forgetting the pill that makes the yak smaller
#
tantek__ GWG, quite a fair response
#
GWG I just get very frustrated at unit tests
#
loqi.me created /organization (+277) "prompted by tantek__ and dfn added by tantek__" (view diff)
#
[snarfed] yeah unit test psychology is tough. the maintenance cost is very noticeable. all the bugs that they catch and prevent are mostly invisible.
#
[snarfed] usually net positive investment, but not always obvious
#
tantek__ indeed
#
GWG [snarfed]: I'm trying to address a comment I got on the code that someone was having trouble reading it, so I'm trying to note wherever I had to reread the code a few times to remember what it did.
#
tantek.com edited /GitHub (+571) "/* Features */ expand, restructure" (view diff)
#
tantek__ snarfed, rough (roughly complete) coarse map of GitHub features as I understand them: https://indieweb.org/GitHub#Features
#
tantek__ I blame GWG ;)
#
GWG tantek__: I waited several years from conception to try to build this thing
#
tantek__ GWG, it's ok, I'm patient
#
[snarfed] tantek++
#
[snarfed] GWG++
#
Loqi gwg has 37 karma in this channel (377 overall)
#
tantek.com edited /repository (+56) "cweiske appears to be the only indieweb example of hosting their own public repos, and POSSEing them to GitHub" (view diff)
#
tantek__ time to break for lunch
[tantek] joined the channel
#
eddiehinkle.com edited /follower (+539) "/* Brainstorming */ +how to unfollow?" (view diff)
[eddie] joined the channel
#
[eddie] All this following stuff got me thinking about how to unfollow someone, so I added some brainstorming 💭
#
[eddie] Hmmm now I’m feeling itchy to start doing some following!
#
GWG [eddie]: Ditto
#
[eddie] Do you follow people or feeds? I’m thinking people, so if you used Micropub to create a follow post from a reader, I guess you would probably want your Micropub endpoint to do some type of de-duping?
#
[eddie] For example: I follow like 20 feeds from aaronpk’s site. I probably don’t want to list all of those (or list them as a sublist undearneath his name)
[miklb] joined the channel
#
GWG [eddie]: That is an interesting question.
#
tantek__ eddie I think you want the option of both
#
GWG Feed vs Person
#
GWG The same as person-tagging vs tagging
#
tantek__ not quite
#
tantek__ a good UX might offer to upgrade your attempt to follow just one feed to following that author instead
[dougbeal] and [jgmac1106] joined the channel
#
tantek__ alright GWG, thanks to your interest in Vouch, and ajordan's spec.indieweb.org write-up, I need to create two new repos for issues on /Vouch and /Salmentions
#
GWG A good problem to have
#
tantek__ and now that I've climbed back out of the /GitHub#Features documentation rabbithole (with /repo expansion sidehole), I'm just going to create those repos, rather than attempt to put them on my own site (the primary specs are already in a "local" shared space of indieweb.org rather than GitHub)
#
[jgmac1106] If @gwg could then make it so anyone previously vouched would get webmentions automatically accepted would be amazeballs
#
tantek.com edited /Vouch (+51) "issues link to GH" (view diff)
#
GWG [jgmac1106]: I've built most of that already
#
tantek__ GWG, since you added the only two issues on /Vouch#Issues (https://indieweb.org/wiki/index.php?title=Vouch&type=revision&diff=49226&oldid=49225) do you mind moving them to https://github.com/indieweb/vouch/issues ? (preferable as that way we maintain authorship of the issues)
#
tantek__ realizing plural Salmentions name appears to be an accident of history
#
tantek__ any objections to singularizing the spec (to "Salmention") to make its naming consistent with Webmention?
#
tantek.com edited /Vouch (+205) "Issues section is closed. Please use GH issues, discuss on indieweb-dev" (view diff)
#
tantek__ hmm, all our specs should use #indieweb-dev for discussion, not #indieweb
#
tantek.com edited /Microsub-spec (+51) "discussion #indieweb-dev" (view diff)
#
aaronpk [eddie]: I didn't know I had 20 feeds!
#
tantek__ I think a few more, counting tag feeds
#
tantek.com edited /Special:Log/move () "moved [[Salmentions]] to [[Salmention]] over redirect: consistent with Webmention (singular), plural appears to be accident of history" (view diff)
#
tantek.com edited /Special:Log/delete () "Tantek.com deleted redirect [[Salmention]] by overwriting: Deleted to make way for move from "[[Salmentions]]"" (view diff)
#
tantek.com edited /Salmention (+175) "singular, issues section is closed. Please use GH issues, discuss on indieweb-dev" (view diff)
#
tantek__ alright GWG I believe I have crawled out of today's rabbitholes that you steered me into :)
#
tantek.com edited /Planning (+142) "/* New Locations */ Toronto" (view diff)
#
tantek__ hmm, /Planning edits ought to go to #indieweb-meta
snarfed and [jgmac1106] joined the channel
#
tantek__ performance << https://twitter.com/slightlylate/status/996195317493129216
#
Loqi ok, I added "https://twitter.com/slightlylate/status/996195317493129216" to the "See Also" section of /performance https://indieweb.org/wiki/index.php?diff=49593&oldid=48721
#
tantek__ performance << https://httparchive.org/reports/state-of-javascript
#
Loqi ok, I added "https://httparchive.org/reports/state-of-javascript" to the "See Also" section of /performance https://indieweb.org/wiki/index.php?diff=49594&oldid=49593
#
tantek__ performance << https://infrequently.org/2017/10/can-you-afford-it-real-world-web-performance-budgets/
#
Loqi ok, I added "https://infrequently.org/2017/10/can-you-afford-it-real-world-web-performance-budgets/" to the "See Also" section of /performance https://indieweb.org/wiki/index.php?diff=49595&oldid=49594
[kevinmarks] joined the channel
#
[kevinmarks] Interesting - I think salmentions was written as plural because it is always about multiple comments and sending webmentions to the thread.
#
@voxpelli ↩️ Can you file that specific log message as a bug report and mention https://github.com/voxpelli/webpage-webmentions/commit/62101ed31ae5065c37a7797f5275c7ee8e02f971 ? And file the general problem of getting started as another issue? One suggestion would be to try the same version that the live servers are at: https://github.com/voxpelli/webpage-webmentions/releases/tag/v0.12.5 (twitter.com/_/status/1014427905059934208)
#
@kevinmarks ↩️ Trackback and ping back suffered from spamming. At technorati we had a centralised model for this but we still spent huge amounts of effort to get rid of spam. Webmention is a new iteration of this decentralised idea. (twitter.com/_/status/1014431873920094209)
barpthewire and [jgmac1106] joined the channel
#
@manton2 IndieAuth for external blogs: http://www.manton.org/2018/07/indieauth-for-external-blogs.html (twitter.com/_/status/1014501284366430208)
#
@fakebaldur “IndieAuth for external blogs | Manton Reece” http://www.manton.org/2018/07/indieauth-for-external-blogs.html (twitter.com/_/status/1014504207607402498)
j4y_funabashi joined the channel
#
j4y_funabashi I am really enjoying looking into hugo, am thinking about moving my site over to it
#
j4y_funabashi what is hugo
#
Loqi Hugo is a static site generator written in Go https://indieweb.org/Hugo
#
dgold loves hugo
#
dougbeal Hurm, could you use Hugo with gh-pages if you used Travis to build the site?
[miklb] joined the channel
#
[miklb] don’t see why not. I did that with Jekyll
[davidmead] joined the channel
#
j4y_funabashi not too sure, I have not used gh-pages before
#
j4y_funabashi I was planning to host on an s3 bucket
snarfed joined the channel
#
@argparse @bendhalpern does http://dev.to support webmentions? (twitter.com/_/status/1014548158590914566)
snarfed joined the channel
#
Zegnat Spending vHWC reading the /Webmention-brainstorming page. So many ideas I had completely forgotten about!
[snarfed] joined the channel
#
[snarfed] @Zegnat one of my favorite crazy ideas is https://indieweb.org/rsvp#Capacity_and_Ticketing
#
Zegnat [snarfed], that could totally make use of https://indieweb.org/Webmention-brainstorming#Asynchronous_status_notification to let the RSVPee know when the server has finished their request (e.g. has asigned tickets)
#
Zegnat ... RSVP-ee ... the-person-RSVP-ing
[kevinmarks] joined the channel
#
[kevinmarks] you can use hugo with github pages - I have done it with separate projects for the source and displayed site.
#
[kevinmarks] https://twitter.com/alcor/status/1014536840638955526
#
@alcor I’ve made you an itty bitty experiment just in time for independence day– a tool to create websites contained within their own link. 🌐 http://about.bitty.site - a brief summary ⚙️ http://how.bitty.site - how it works What might you make with it? 🇺🇸 http://independence.bitty.site https://pbs.twimg.com/media/DhRbq94VAAAwdG-.jpg (twitter.com/_/status/1014536840638955526)
#
[snarfed] ^ fascinating. i don't know what problem it solves though. 😂
#
aaronpk does everything have to solve a problem? :D
#
[snarfed] touche!
#
GWG [snarfed]: I have a unit test question for you, if you are up for it
#
[snarfed] GWG: if it's high level, sure! I'm on phone
#
GWG [snarfed]: Why in every Micropub test are you invoking the entire process instead of testing some of the functions individually?
#
GWG I'm trying to be a better unit tester.
#
[snarfed] testing some functions individually is fine too!
leg joined the channel
#
[snarfed] using http request as the test interface is nice because it exercises the full code path(s), and normalizes the tests themselves
#
GWG [snarfed]: Rewriting the unit tests is taking me longer than rewriting the Micropub endpoint to use more core WordPress functions instead of custom work.
#
[snarfed] hmm. that's surprising, especially since the tests operate at the http request/response level. that shouldn't really be changing, right?
#
GWG [snarfed]: I'm trying to move them to operate at the WordPress response and request class level, which abstracts the http levels.
#
[snarfed] ahhh ok
#
[snarfed] ... why?
#
aaronpk what is content security policy?
#
Loqi Content-Security-Policy (abbreviated CSP) is an HTTP directive that a site can use to restrict what external resources are retrieved by a browser, to mitigate some XSS and injection attacks https://indieweb.org/Content-Security-Policy
#
GWG [snarfed]: Right now, the code sits outside the WordPress process. I'm trying to move it inside that process.
#
[snarfed] also it sounds like this PR is getting pretty massive. see if you can separate it out into at least some smaller pieces? boil-the-ocean, rewrite-everything PRs are very hard to review, harder to land, and more likely to break
#
[snarfed] ahh ok, got it. that http to wp change sounds good
#
[snarfed] you'll probably want to find someone familiar with that kind of modern WordPress code to help review though! since I'm definitely not 😆
#
[snarfed] back in a bit
#
GWG [snarfed]: I'm just asking about good unit test design.
#
GWG I may just finish the coding, post it to a branch, and see if I can solicit help in the testing part
#
[snarfed] if it still has all the tests and they pass on circle, that's a great first step
#
GWG [snarfed]: They are not at the moment. I will have to bounce some ideas off people.
#
[snarfed] GWG++ keep up the good fight!
#
Loqi gwg has 38 karma in this channel (378 overall)
#
GWG snarfed, is that the fight for unit tests or the fight for better code?
#
GWG I am definitely finding the code part easier than the test part
#
KartikPrabhu GWG: if you have unit tests then the code part specially catching mistakes becomes much easier too
#
KartikPrabhu it is worth the slog
#
KartikPrabhu I was once in the same boat but now I have come around to liking having tests
#
GWG I know, but the code started out with 1200 lines of code and 1600 lines of unit tests
#
KartikPrabhu right tests are more explicit than code which is more logic flow so they can be longer
#
GWG I think I can simplify that though, because I see a lot of the same line over and over
barpthewire joined the channel
#
KartikPrabhu sure
#
GWG That is more for my benefit
#
GWG KartikPrabhu, what are you working on?
#
KartikPrabhu nothign indieweb at the moment
#
aaronpk so I tried to fix my whitespace bug but now I have another problem
#
aaronpk now my posts *only* look right on micro.blog
#
Zegnat I blame plurality
#
GWG I am thinking of a stretch goal for my Micropub work
#
aaronpk now I can't decide what to do
#
aaronpk do I keep <br>\n for my newlines, which works in browsers and micro.blog, but breaks in the PHP microformats parser?
#
aaronpk also mastodon shows double newlines with that now
#
Zegnat Third option: bribe someone to update the php mf2 parser whitespace code to reflect KartikPrabhu’s latest work ;)
#
sknebel aaronpk: 4th option: change your jsonfeed generation code
#
KartikPrabhu aaronpk: for reference mf2py's latest whitespacing code https://github.com/kartikprabhu/mf2py/blob/master/mf2py/dom_helpers.py#L72
#
aaronpk that would involve writing jsonfeed generation code since i'm using granary for that now
#
GWG Change granary's generation code?
#
KartikPrabhu GWG: granary is most likely waiting for mf2py release
#
KartikPrabhu maybe
#
aaronpk hm another option... use "<br> " (with a space) to make granary happy so that it doesn't completely remove the <br> tag
#
Zegnat `<span class="br"> </span>` and then some CSS to hide the space from visual browsers and put a \n in the `content` of `::after` ? :P If you want to go with over-engineerd
#
aaronpk wat
#
aaronpk i'm trying " <br>" now
#
aaronpk gotta wait for micro.blog to find my site
#
aaronpk I don't think granary.io feeds are websub-enabled
#
Zegnat I was not being serious. Basically was inventing an element that would render as a linebreak visually but in plaintext DOM be a space.
#
Zegnat I’m going to reserve an hour tomorrow to take a loot at how mf2py has iterated on the whitespace spec, do a new write-up, and then PR for PHP. That seems the best route to take.
#
aaronpk Zegnat++
#
Loqi zegnat has 75 karma in this channel (258 overall)
#
Zegnat Also: now that I can create wiki pages on mf.org, I’ll get a page started so we can start discussing the whitespace algo there!
#
Zegnat starts a new category on the todo list
#
@EStonePeters @pdeblassieiii added your tweet to https://www.twinesocial.com/authorelianaspeters/fantasy-reverseharem-indieauth/222352352 (twitter.com/_/status/1014579906376880128)
#
@EStonePeters ↩️ @AnnaLaVerne1 Just went live w/ credits to you at https://www.twinesocial.com/authorelianaspeters/fantasy-reverseharem-indieauth/222352371 (twitter.com/_/status/1014579910487236610)
#
Zegnat Anyone else have a mf2 request to make now that I’ll be reserving time for it tomorrow? ;)
[cleverdevil] joined the channel
#
[cleverdevil] Customizing my feed for Micro.blog got pretty exhausting because it’s so hard to test.
#
[cleverdevil] I sort of gave up for now on making it really nice. It’s “good enough” for the time being :P
#
aaronpk oh hey it worked
#
aaronpk I got lucky I guess :)
#
[cleverdevil] Haha
#
aaronpk second try
#
aaronpk I think I am satisfied with this for now
#
Zegnat At least you are in control of when you update XRay for the whitespace parsing, aaronpk ;)
#
GWG Maybe you can ask manton for a test tool?
[manton] joined the channel
#
[manton] It's on the to-do list to have some kind of testing/preview tool. Not really sure the best way to build it, though, so it has been low priority.
#
aaronpk i'd like a form where I can paste a URL and hit submit and then it shows me the posts rendered the way micro.blog renders them
#
aaronpk kind of like the xray form, but returning HTML instead of JSON
#
GWG manton, I just don't know how to deliver a good experience.
#
GWG I want to make my posts look good there.
#
@damiancugley #ogn47 @adactio on micropub, webmention, and the indie web has got me itching to reinvent my sadly still broken website (twitter.com/_/status/1014590363682656256)
[Vanessa], TripFandango and [manton] joined the channel
#
[manton] Usually posts look great if they are simple HTML. Paragraphs, inline links and images, etc. Where things sometimes look bad is if there's a lot of extra metadata like location information or links to Twitter.
#
[manton] But those are going to look bad in any RSS reader too.
[dougbeal] and [mrkrndvs] joined the channel
#
KartikPrabhu html++
#
Loqi html has 1 karma in this channel (6 overall)
tantek__, billbennettnz, TripFandango, [miklb] and [dougbeal] joined the channel