2019-05-28 UTC
jjuran, [fluffy], [jgarber], nloadholtes, snarfed, dmartzol, KartikPrabhu, mblaney, loicm and cweiske joined the channel; mblaney left the channel
[Rose] joined the channel
# 07:45 Zegnat Hmm. So what you are saying is I need a bigger sub-h-card? # 07:47 [Rose] I mean, what is your height in moose? Your weight in IndieWebCats? # 08:11 [Rose] [manton] posted a good point about why didn't Ghost use MicroPub? # 08:11 Loqi Disappointed that Ghost created a custom posting API instead of adopting Micropub, which is a W3C recommendation. It’s okay to have Ghost-only APIs as long as you start with standards as a baseline. Now we have fragmented client apps. # 08:13 Zegnat Ghost to me has always felt like they are just doing their own thing # 08:14 Zegnat But would definitely have been nice if they had used Micropub loicm, [frank], [jgmac1106], [tonz], jeremych_ and [calumryan] joined the channel
# 10:55 [calumryan] I know one of their developers comes to my local web meetup group, will bring up Micropub with them and encourage them on here [kevinmarks] joined the channel
loicm joined the channel
# 12:14 Zegnat petermolnar: I believe it is type/subtype where subtype can be identifier+parsableas # 12:15 Zegnat E.g. image/svg+xml ; it is svg, but can be parsed with XML parsers # 12:16 petermolnar because I see ld+json in examples LD, but also json+oembed for oembed # 12:16 Zegnat oh, interesting, I would have expected oembed+json # 12:16 Zegnat But maybe oembed defines its own parsing spec # 12:17 Zegnat Why does the easyrdf converter add XSD type declarations on every one of your values, petermolnar :S # 12:17 Zegnat I do not think that is a turtle requirement at all # 12:19 Zegnat Lets just say I know it is an option, but I do not remember seeing anyone actually doing it back when I was looking at turtle for a SOLID implementation swentel and [Rose] joined the channel
# 12:31 [Rose] Does anyone have a good link they can share which is basically "crash course in unit tests"? PHP specifically if that helps, the program I need to create them for did not use a framework [tonz] and [coreagile] joined the channel
# 12:34 [coreagile] [Rose], you might like... # 12:36 Zegnat I would definitely recommend PHPUnit. But I am unsure about a good crash course resource # 12:36 [Rose] My boss and I already found PHPUnit and were planning on using that # 12:37 [Rose] I just have very little experience with unit tests, and was hoping to find some good practice guides # 12:37 Zegnat One thing I like to do is enable the coverage analyser. That’ll tell you what parts of your code aren’t touched by tests yet. # 12:37 [Rose] Aha, I hadn't found their getting started site yet! # 12:38 cweiske (replace 7 with 8 in that url if you have php 7.2) # 12:47 aaronpk IIRC the phpunit getting started guide is what I used to figure it out too # 12:48 aaronpk but now mostly i copy from examples from my other projects # 12:53 [Rose] Thanks! I like having examples to get me started. # 12:56 Zegnat It is a good example of how minimal first tests can be :) I would personally avoid loops within single tests. Instead I would have wanted to create a data provider that read all the separate JSON files and then have the test method run on each separate file that way # 12:56 Zegnat But I will not claim to know what actual best practices are. eli_oat joined the channel
# 12:58 Zegnat The single method should really only test 1 thing, separation of concern. Though yours just test the validity of the JSON, so that seems right. But then the test method itself should not busy itself with having to fetch data to test. swentel joined the channel
# 12:59 Zegnat Not sure if other people do it like that, but it is how I have been approaching it. cweiske probably has better opinions # 13:00 cweiske our tests always fetch the data they are validating # 13:00 aaronpk one of the reasons I *dont* like things like that, while "better", is that it makes it harder to figure out what's going on by reading the code # 13:01 cweiske once you got a basic understanding of writing tests, you can dig deeper and try to use data providers # 13:01 Zegnat Oh, sure, I just thought the one aaronpk had there was a clear case for a dataprovider [jgmac1106] joined the channel
[kevinmarks786], [davidmead], [cleverdevil], [tonz], [eddie] and snarfed joined the channel
# 14:30 Loqi [Zegnat] #195 Use PHPUnit Data Providers to run the test once for every data file [jgmac1106] joined the channel
# 15:10 sebsel I got my first testing experience from the php-comments IndieWeb library I believe :) # 15:11 sebsel In general, I like tests as stories about what an application does. # 15:12 sebsel I would not read in JSON with data for that reason: it tells no story # 15:12 sebsel but then again, you don't need to adopt the tests-as-documentation mindset to have benefit from it :) # 15:14 sebsel I have a document, somewhere, but it is scoped to my previous employer and also not in my copyright therefore :( # 15:14 Loqi closedsource has -1 karma over the last year [tbc] and [tantek] joined the channel
[Rose] and benwerd joined the channel
# 16:04 aaronpk The reason i have that test there is because people hand make those JSON files and send pull requests and I want to make sure the JSON is valid before someone can make the PR benwerd, [davidmead] and snarfed joined the channel
# 16:25 aaronpk Cool not really important benefit of the new data provider thing is that now each file shows up as a separate test! gRegorLove_ joined the channel
jbove, benwerd, [kevinmarks], [kevinmarks786], gRegorLove__, [tonz], [chrisaldrich], snarfed, KartikPrabhu and [tantek] joined the channel
# 18:27 sebsel So, for authentication, Microsub points to Micropub. Then enter into the real of tokens and all that stuff. To verify a token, I should check the token endpoint. Should I check for *every* microsub request made to my server? # 18:29 sebsel For Micropub that seems fine, because who's posting more than 20 posts a day? (:'D) but for microsub... it's easy to spam token endpoints when scrolling feeds. KartikPrabhu joined the channel
# 18:31 sknebel true, it's a different rate - for now, we generally assume requests are cheap. if you don't, revocation would not be immediate. I'd suggest a) measuring your request patterns and b) then see how much a really short-term cache does snarfed and [jgmac1106] joined the channel
# 18:45 [jgmac1106] and then fix the page of notes...but not a bad day of almost progess snarfed, [kevinmarks786] and [eddie] joined the channel
# 19:01 sebsel I was planning on just implementing something for myself soon # 19:01 sebsel just showing private posts in the feed if you are logged into my site # 19:01 [eddie] Ahh that's smart. That's actually related to something else I was gonna tell Jacky # 19:01 sebsel to me that seems to be the first step, but still a step no-one (but past-aaronpk) has taken # 19:01 [eddie] There's basically two approaches: Log someone in via IndieAuth # 19:02 [eddie] The good news that a lot of my internal code that I've built works with both # 19:02 sebsel (at least I think private posts where a feature of aaronpk's previous site, but it has never returned) # 19:02 [eddie] Essentially the question is "how do you confirm a person is said url" # 19:02 [eddie] then after that, the question is "How do you present posts for a person at said url" # 19:03 [eddie] I've already finished displaying posts for a person at said url # 19:03 [eddie] If I "masquerade" as Zegnat, I can see a test post I created for him to be able to see # 19:03 jacky Adding support for letting people remotely log in to my site is definitely doable # 19:03 sebsel yes. I would say the first part is already solved... you can just use indieauth for that # 19:03 jacky I'm curious more about the "headless"/reader approach # 19:04 [eddie] Correct, you can use IndieAuth to do part one, and then AutoAuth is the proposal for headless part one # 19:05 [eddie] I should finish up both of those things (IndieAuth and AutoAuth) because I have part two complete so I'm close # 19:05 sebsel jacky: yea but although the fun and hard part is in the readers, I think you really have to make the first step on your own site first :) # 19:05 jacky I can add this logic for testing into my site's test suite # 19:06 Loqi tests has 4 karma in this channel over the last year (5 in all channels) leg joined the channel
# 19:12 GWG Re private posts, I would need some underlying infrastructure to get that working on WordPress # 19:14 GWG Can someone come and do my laundry so I can fill that time with Indieweb? snarfed joined the channel
# 19:16 GWG Maybe I need a donation page for that snarfed joined the channel
# 19:25 Loqi jacky has 13 karma in this channel over the last year (56 in all channels) # 19:25 Loqi [Ryan Barrett] Bridgy
hit 1000
unit tests last night!
436 in Bridgy itself, 508 in
granary, 56 in
webutil. Silly milestone, but I still got
excited. Go team. Next
up, 2000! # 19:30 jacky wow! the things we do to make sure nothing goes bump in the night [tonz] joined the channel
# 20:03 jacky wow lol this talk went from private posts to lowkey talking about CRUD operations for groups # 20:03 jacky addressing things are hard no matter what you do # 20:05 jacky yeah that gave me a bit of enough context for what I want to do # 20:05 jacky might write it up (the thought) before coding it out jbove, benwerd, [schmarty] and [jgmac1106] joined the channel
# 20:46 jacky for those curious re: private posts, this is how I might go about implementing them # 20:46 jacky with a note on addressing multiple people [eddie] joined the channel
# 20:47 [eddie] That's VERY close to how I've started it in abode # 20:48 jacky trying to be more docs-first then code-immediately-later # 20:48 sknebel one thing to consider (which I need to call out in AutoAuth spec) is if you want to reveal a URL has hidden content or not # 20:49 jacky sknebel: my way around that might be preventing those posts from using slugs (in Koype, it's either a slug or the internal post UUID that's shown which is meaningless to humans) # 20:49 sknebel (e.g. Github shows 404 for repos you can't acess, but they have names in there that might have strong relevance) # 20:49 jacky [eddie]: you have docs about that in abode? # 20:49 [eddie] It's funny I've done a mixed approach. The visual HTML I return looks like a post doesn't exist, but the code I send back to the client 403 # 20:50 sknebel yeah, I also need to clean up bits and put the source with docs online # 20:50 jacky I think in terms of complexity docs > code # 20:51 [eddie] It's tough, because I'm thinking if I might have pages that I would send to family to login (like family photos or something), I would probably want the page to say "Login to view" # 20:51 [eddie] because my family would probably be confused if they reached a "This post doesn't exist" page before they were logged in # 20:52 [eddie] The other good thing (for me) is that a url doesn't give much away # 20:52 sknebel you could always say on post-like urls "there's nothing here you can see. Try logging in?" # 20:53 [eddie] currently my url slugs provide a published date, index number and the post type discovered by PTD # 20:53 sknebel so to be clear, I don't think there's a "right" answer to that, just wanted to point it out as a consideration # 20:53 sknebel right, in many ways you'll probably only leak "I've been active" # 20:53 [eddie] the PTD isn't required, but it does redirect you to the proper URL with the Post Type # 20:54 [eddie] Since it's still in the "probably only techy people will be dealing with my private posts" phase, that's why I currently return "Does not exist" in the HTML and 403 as the HTTP status # 20:55 [eddie] Yeah, so 401 when not logged in, 403 when they are logged in and don't have access # 20:56 [eddie] actually I guess I might do 404 if they are logged in # 20:56 sknebel I need to look at it from the spec too, e.g. discovery should call out that a 404 might still have "you can auth" headers # 20:58 sknebel otherwise autoauth wouldn't work with "hidden" private posts # 20:58 sknebel because it needs to discover the details about *how* to auth for a url to do so # 20:59 [eddie] I need to sit down and finish up my private posts soon. This convo has me itching to finish it up lol # 20:59 sknebel I really need to wait for other stuff to calm down, but same # 21:04 aaronpk Anyone want to coordinate on finishing up private posts enough to demo them working between a couple sites by Summit? snarfed joined the channel
# 21:06 sknebel I can maybe participate with what I already have, so posting (with manual effort) [tantek] joined the channel
# 21:07 sebsel I am actually franticly hacking away at the moment # 21:13 jacky sknebel: I like that enabling language re: "Try logging in" # 21:14 jacky I've opted for 403 because it's explicitly a "Forbidden". the content _exists_; you (the logged in user) just aren't allowed # 21:17 sebsel yea, I do 401 for non logged in users and 403 for logged in users who don't have the right permissions # 21:23 [eddie] I won't be AT the summit in person, so I can't really show viewing anyone else's stuff. My mine is close enough to being finished that I could post private content including a private reply that could be used in a collaboration demo arush, snarfed and [arush] joined the channel
# 22:07 sebsel ok, it's way to late here now, but... committed and deployed :D # 22:07 sebsel and you can do the indieauth dance and you get to see them # 22:08 sebsel also, you will see posts that are visible to you in the feed # 22:08 sebsel also, there is a /private which will show you all the posts that are specificly shared with you (as opposed to public or private-but-everyone) # 22:09 sebsel Will try to blog about it somewhere this week :) # 22:12 sebsel nice, and because of code reuse and filters, my /photos page is now way different if you are logged in vs logged out # 22:15 Loqi sebsel has 4 karma in this channel over the last year (25 in all channels) snarfed and [jgmac1106] joined the channel
# 22:48 Loqi sebsel has 5 karma in this channel over the last year (26 in all channels) # 22:48 [jgmac1106] 2019 year of"well you don't know what it is the year off because it is a private post" [tantek] joined the channel
# 23:05 [tantek] sebsel++ whoa that's great! definitely one of my goals for checkins is private by default # 23:05 Loqi sebsel has 6 karma in this channel over the last year (27 in all channels) benwerd, snarfed and eli_oat joined the channel
snarfed joined the channel
Zegnat Interesting, new posting API by Ghost CMS that apparently launches with support in Ulysses and iA Writer https://blog.ghost.org/admin-api/
[calumryan] I know one of their developers comes to my local web meetup group, will bring up Micropub with them and encourage them on here
petermolnar re formars, re sknebel: http://www.easyrdf.org/converter - add https://petermolnar.net/gopher/index.json into uri, select turtle as output, LET YOUR EYES BLEED
[coreagile] While I have practiced TDD for many years, I'm not a PHP programmer. So, take this recommendation with a grain of salt. 🙂.. https://course.testdrivenlaravel.com/
aaronpk [Rose]: here's a commit where I added phpunit to an old PHP repo that isn't using any framework at all so you can see what it takes to set up some minimal tests https://github.com/aaronpk/oauth.net/commit/b2a655be16b3c0efe9e61cddff8194598fa550c9
sebsel After that, this is also a nice series of series: https://laracasts.com/skills/testing (will cost money to watch though)
Loqi Food is a post type that represents eating or drinking particular food or drink https://indieweb.org/eat
[jgmac1106] well I think I did my note correctly (ignore the styling) http://testkirby.jgregorymcverry.com/notes/test but can't reproduce it a second time....the p-content always comes up blank
jacky might consider adding this to /private-posts
doubleloop sebsel++ nice!