#dev 2019-08-05

2019-08-05 UTC
KartikPrabhu, jolvera, ben_thatmustbeme, IWSlackGateway, Maggie[m], [fluffy] and [prtksxna] joined the channel
#
[prtksxna]
[Lewis_Cowles] I’ve been using https://mermaidjs.github.io/ recently. Quite happy with it 🙂
#
[fluffy]
[snarfed] interesting that it 500s, could you submit a bug against https://github.com/PlaidWeb/Authl so I can investigate later? Thanks!
#
Loqi
[PlaidWeb] Authl: A library for managing federated identity
[Michael_Beckwit and [tantek] joined the channel
#
[fluffy]
Okay so thoughts about self-hosting comments: Publ is intended to be set up where the site content is managed by a git repo or similar, and not necessarily in a context where the actual request routing is on a system which has wrote access to the repo.
#
[fluffy]
So I don’t think it’s a good idea to make comments a native part of it.
#
[fluffy]
But I’m fine with the thought of making a self-hostable Disqus-like, which stores comments in a database and can be embedded via JS include or via any number of direct accesses to the database through a rendering library.
#
[tantek]
so there are two distinct examples of "self-hosting comments" that may be worth explicitly distinguishing
#
[tantek]
one is, self-hosting *your* own comments, e.g. what we in the indieweb call a /reply post
#
[tantek]
the second is, self-hosting comments received in response to your posts, whether from other people or from yourself. This aspect we document on the /comments page
#
[tantek]
the first is definitely quite core to any kind of CMS that hopes to provide a place to for people to put everything they write
#
[tantek]
the second is almost like a cache of webmentions received from elsewhere
#
[tantek]
so it can be treated differently, and in some regards really should be (since it may have content that's not entirely trustworthy / acceptable to you etc.)
[kimberlyhirsh] and treora joined the channel
#
[fluffy]
Yeah in this case I care less about the webmention case and more about the “having a conversation on a single webpage in a way that is accessible to people who aren’t running their own websites” case.
#
[fluffy]
Also being able to have a threaded conversation that doesn’t also result in a rather ludicrous series of links which may go bad if one person’s site goes down or if they decide to remove their entry.
#
[fluffy]
like, webmention serves a purpose but at least as of right now I think it’s terrible as a means of holding a conversation.
#
[fluffy]
and I don’t personally see on-site comment threads as “a cache of webmentions,” they are totally different interaction models
#
[fluffy]
like, yeah, from a purely abstract point of view, webmentions *can* become something useful and great for federated conversations across websites and so on, *but* thinking pragmatically/practically, embedded comments hosted *by the article being commented on* are a better UX as of right now.
#
aaronpk
webmentions have been a totally fine way for me to _have_ a conversation, but not a great way for me to go back and read that conversation later
#
[fluffy]
so just to be perfectly clear, what I am looking for is a self-hosted version of Disqus
#
[fluffy]
[aaronpk] well yeah that’s sort of my point, you can fire-and-forget things and people will read and respond but then if any third party person comes into the conversation from the outside they’re going to be confused/grumpy/post
#
[fluffy]
and the interaction model around private posts is To Be Determined, when it’s a thing I need to support *now*
#
[fluffy]
like my concerns aren’t about the future of the indieweb and whatever, my concerns are being able to talk to people semi-privately and not have to worry about unauthorized people stumbling across it (via google search/stalking/etc.)
#
aaronpk
yeah, the most reliable way to do that right now, and probably always, is to essentially turn each post into a little forum
#
aaronpk
the one thing you can do that will help avoid the too-many-accounts problem is let people log in via indieauth/twitter/google/whatever so that they don't have to make a new account on your site
gxt joined the channel
#
[fluffy]
yeah, Schnack seems to support that mode of operation.
#
[fluffy]
Isso just like, trusts the username and provided email address, like old-fashioned Movable Type blog posts do
#
[fluffy]
I’m playing with Isso right now but it has enough bogosity in its docs and setup that I’m probably going to try Schnack instead.
#
[fluffy]
I’m not quite a fan of Schnack’s UX though.
#
[fluffy]
It definitely has a touch of the NASCAR problem.
#
[fluffy]
but in any case yeah I have exactly 0 interest in maintaining my own user database. if I were to build my own comment engine of course I’d build its auth stuff on top of Authl. I mean, that exists specifically to avoid the too-many-accounts problem *and* to eventually provide a simpler UX 🙂
[prtksxna] joined the channel
#
[tantek]
you'll likely end up maintaining at least allow lists and block lists
#
[tantek]
TIL: AtomPub never made it past "PROPOSED STANDARD" https://tools.ietf.org/html/rfc5023
#
[tantek]
[fluffy] TBH this is an artificial conflation of orthogonal aspects: "care less about the webmention case and more about the “having a conversation on a single webpage in a way that is accessible to people who aren’t running their own websites” "
#
[tantek]
the former is protocol, the latter is UX
#
[tantek]
the point about hosting "other people's content" still stands, whether that content is received via webmention, some other protocol, or someone random typing into a web form on your site
#
aaronpk
i'd say "using HTTP" instead of "based on", and "for authentication" instead of "as a baseline"
#
[tantek]
"instead of HTTP Basic Authentication for authentication" reads weird but ok
#
aaronpk
hm true
#
aaronpk
yeah I dunno how to avoid the double "authentication" ther
#
[tantek]
ok I got it
#
aaronpk
better
[Lewis_Cowles] joined the channel
#
[Lewis_Cowles]
[fluffy] how about https://github.com/posativ/isso
#
[Lewis_Cowles]
> HTTP Basic Authentication header as a method of passing details to authenticate against server records.
#
[fluffy]
[Lewis_Cowles] “I am playing with Isso right now”
#
[fluffy]
is what I said 😛
#
[fluffy]
[tantek] my point is that the UX isn’t there for what I’m trying to do using Webmention, and trying to get to the point of where the UX is sufficient takes way more steps than I’m willing to wait for
#
[fluffy]
I don’t care about protocol, I care about UX. I’m not conflating anything, I’m stating that Webmention simply doesn’t, at this time, provide the UX I need.
[mapkyca] joined the channel
#
[fluffy]
Like, the ecosystem around Webmention, plus the hurdles to supporting Webmention for the privacy case, which is what I care about.
#
[tantek]
webmentions doesn't provide any UX, you do
#
aaronpk
tools do, and there aren't the right tools yet
#
[tantek]
that's my point, making the statement "Webmention simply doesn’t, at this time, provide the UX I need" makes no sense
#
[fluffy]
the webmention-based ecosystem does not have the tools necessary to support what I need
#
[tantek]
FWIW: I agree with the prioritization of "I don’t care about protocol, I care about UX"
#
[fluffy]
and getting to the point that it does requires a LOT of stuff to happen within my friends circle that is simply not going to happen any time soon
#
[fluffy]
most of my friends don’t even have their own website
#
[tantek]
this is one of the reasons many people POSSE to Twitter and allow @-replies as comments from Twitter
#
[fluffy]
yes but that puts everything out int he open
#
[tantek]
right, that's a current limitation
#
[fluffy]
yes and it’s a limitation I’m not willing to live with
#
[tantek]
or rather, it sounds like "private comments" is a critical use-case that you're advocating
#
[fluffy]
the ideological problems of “I host other peoples’ comments on my website” are way less important to me than the practical problems of “I need these conversations to remain private”
#
aaronpk
fluffy++ well said
#
Loqi
fluffy has 10 karma in this channel over the last year (22 in all channels)
#
[fluffy]
like I don’t even see the where-it’s-hosted problem as a problem in the first place, because these conversations are around my blog post, not around the people posting them
#
[fluffy]
if my blog post disappears it’s okay if the conversation disappears
#
[fluffy]
in fact that’s a *feature*, not a bug
#
[tantek]
perhaps when it's private, there is some sort of (implied at least) allow list about who can comment (see comments) and thus the "hosting other people's content" is less of an issue
#
[tantek]
I wonder if that's considered a feature or a bug by the other folks writing the comments
#
[tantek]
that your agency over deleting your blog post should also have the authority to delete their comment, not just from your post, but from existence
#
[Lewis_Cowles]
Isn't a comment semantically similar to "readers letters" in a magazine though?
#
[tantek]
not sure you have to reach back to a print analogy when plenty of online examples already exist
#
[Lewis_Cowles]
do you have a suitable one that isn't self-referential?
#
[tantek]
pretty much every blogging CMS that has a commenting feature
#
[Lewis_Cowles]
Right, but that is self-referential
#
[tantek]
and every social media site that allows replies
#
[tantek]
how is that self-referential to the use-case we are discussing?
#
[Lewis_Cowles]
Social media may be different
#
[Lewis_Cowles]
because you're using a comments system to discuss comments
#
[tantek]
no we're looking at prior art to illuminate possible designs that shift ownership and control to the content author
#
[tantek]
there's a big difference
#
[tantek]
and in the case of "comments", the content author is the writer of the comment, not the writer of the thing being commented on
#
[fluffy]
There’s a huge difference between public commentary on other peoples’ things, and private conversations between friends.
#
[fluffy]
I’m interested in having conversations, not commentary.
#
[tantek]
"friends" changes over time
#
[tantek]
friends are other people too
#
[Lewis_Cowles]
Are comment systems, designed to facilitate both?
#
[tantek]
depends on the system
#
[fluffy]
and the system I’m building is one where I can share private stuff with trusted people and have that conversation stay private.
#
[fluffy]
I’m making a space, not a public forum.
#
[tantek]
trust also changes over time. people are removed from groups. people are added
#
[fluffy]
I don’t see what that has to do with anything here
#
[tantek]
design assumptions about what changes and what can remain fixed "stay private"
#
[fluffy]
like, at any given time my blog entries might be visible to some friends and not others. Later down the road I am likely to change the access controls so that new friends have access to old stuff, and removing access to people who are no longer on good terms or whatever
#
[tantek]
so should the new people be able to see what the removed people wrote?
#
[tantek]
as an example
#
[fluffy]
because it’s part of the prior conversation
#
[Lewis_Cowles]
do you think the maintenance burden will be too high?
#
[fluffy]
not particularly?
#
[Lewis_Cowles]
i.e. managing access control for a sufficiently large group of posts / friends
#
[fluffy]
I define my groups as simple ACLs
#
[fluffy]
I can add and remove people as I see fit, and ACLs can be nested
#
[tantek]
I think like all social constructs / interfaces, there will be far more challenges than can be dismissed with something as seemingly simple as "because it’s part of the prior conversation"
#
[fluffy]
and this is also an implementation detail
#
[fluffy]
okay, and that’s ideological, not practical
#
[fluffy]
I have short-term immediate-time-frame *practical* concerns
#
[tantek]
things said in a "private" context are often assumed to only be heard/seen by those *currently* in that context
#
[tantek]
not the myriad of possible futures of random people being added by someone else
#
[fluffy]
okay? I really don’t get the point you’re trying to make and I’m getting incredibly frustrated with this.
#
[tantek]
from the comment author's perspective, their comment didn't "stay private" once anyone new is able to read it
#
[fluffy]
okay so these private entries are private *to me* and I am granting access to people to read *these entries*
#
[tantek]
anyone new that *someone else other than the comment author* decides to add
#
[fluffy]
the comments are related to *these entries*
#
[fluffy]
people aren’t posting personal blog entries in my comment sections, they are responding to my personal blog entries
#
[tantek]
they are still written by other people, who have their own expectations of something "staying private"
#
aaronpk
it sounds like [fluffy] has a very specific workflow in mind and is looking for a tool to facilitate it. this doesn't sound like it's up for general debate on whether this is the "ideal" workflow.
#
[tantek]
I have seen frequently comments that resemble "personal blog entries"
#
[fluffy]
their expectations are “they can see this and they can post something in response to me”
#
[fluffy]
if someone else wants to write their own personal blog they can do it on their site
cweiske joined the channel
#
[tantek]
I mean the notion of what is "private" and decided by whom is unclear
#
[fluffy]
I’m not providing a forum for them, I’m providing a place for *me* to have conversation with the people I want to tell personal/private things to
#
[tantek]
that's a sensible use-case yes
#
[tantek]
frankly, one that I would personally want / use also
#
[fluffy]
I am not solving the commenting systems for all people
#
[fluffy]
I am building the use case I need for my own personal use
#
[tantek]
hence why I'm asking the questions about expectations of privacy / agency about the comments
#
[fluffy]
these are building blocks. that’s what makes indieweb great.
#
[fluffy]
I am using the blocks that make sense for my usage.
#
[tantek]
as a commenter, if I knew that my comments would be seen by new folks in the future who could be anyone, I would write very differently than if it was only a fixed set of people in time
#
[fluffy]
the people on my friends list already have no idea who else is on my friends list
#
[fluffy]
the expecation they already (should) have is that they are writing comments *for my benefit* based on who I have determined to be part of my friend group
#
[fluffy]
if I didn’t think someone could be trusted with whatever the conversation is about they wouldn’t be in my friend group
#
[tantek]
people are unintentionally leaky
#
[fluffy]
yes, which is why I try to make it obvious that a private post is private
#
[fluffy]
and I’m not inviting people to share their own personal details
#
[fluffy]
I’m just telling my personal details to them, and hoping for their responses to be helpful to me, for whatever thing has me going into a mental-health death spiral at the moment
#
[fluffy]
the way I built user auth in Publ means that someone who uses Publ *could* reveal details about what groups a person is in, although I don’t expose that on my own site because it’s not helpful to begin with
#
[fluffy]
and also the way it’s built there’s no easy way to expose who is a member of a particular group
#
[fluffy]
all that people who see private entries on my site can tell is: they have access to this entry, and other people who have posted comments are presumably able to see that entry as well.
#
[tantek]
interestingly enough, that seems like a sensible way to present such uncertainty, both inclusive of the present and future
#
[tantek]
and would seemingly reduce the potential for *future* surprise
#
[fluffy]
the access control in Publ is incredibly fine-grained, and you can define as many access groups as you want, and also include and exclude people based on group memberships or specific identities
#
[fluffy]
yeah, I was very deliberate in these choices
#
aaronpk
I am very curious what the user interface to manage this looks like
#
[tantek]
deliberatedesign++
#
Loqi
deliberatedesign has 1 karma over the last year
#
[fluffy]
The ACL “interface” is just editing a users.cfg file
#
[fluffy]
test:foo URLs are just synthetic loopback/testing identities with no auth
#
aaronpk
ah cool
#
[fluffy]
and then https://github.com/PlaidWeb/Publ/tree/master/tests/content/auth is where the actual private-ish test content lives
#
[fluffy]
um, use the raw viewer, github’s markdown viewer gets confused by Publ metadata
#
[fluffy]
so for example https://raw.githubusercontent.com/PlaidWeb/Publ/master/tests/content/auth/friends%20and%20specific.md is an entry which allows everyone in the ‘friends’ group and also someone with the user identifier ‘test:specific’
#
aaronpk
this has been working well?
#
[fluffy]
So far, yes
#
aaronpk
i'm interested in doing something like this for my site, but haven't got very far with it yet
#
[fluffy]
On my actual site I have two ACL groups, ‘friends’ and ‘followers’
#
[fluffy]
and I have a little dashboard which shows me who’s signed in recently and what auth inclusion/exclusion has happened recently, so I can see if I need to adjust my ACLs or entries or whatever
#
aaronpk
oh neat
#
[fluffy]
right now I only support mailto: and Mastodon identities, but I intend to generalize Mastodon to a bunch of OAuthy things (particularly Twitter)
#
[fluffy]
the actual authentication layer is handled by Authl, which I have retroactively decided is short for “authentication layer”
#
[fluffy]
(rather than the reality being that all of my weird little indieweb building block projects follow from “publ”)
#
[tantek]
retrogram++
#
Loqi
retrogram has 1 karma over the last year
#
[fluffy]
anyway http://beesbuzz.biz/3922 to see it in action
#
[fluffy]
(that entry uses the special ACL of * which means “anyone who is logged in”)
#
[fluffy]
(there’s also a special ACL of !* which means “anyone who isn’t logged in”)
#
[tantek]
fluffy++ for keeping it real. I like the Identify Yourself prompt
#
Loqi
fluffy has 11 karma in this channel over the last year (23 in all channels)
#
[tantek]
TBH I tried https://tantek.com/ hoping it might work 😄
#
Loqi
Tantek Çelik
#
cweiske
who is fluffy
#
[fluffy]
yeah I have an IndieLogin backend but Aaron still hasn’t enabled my client ID 🙂
#
[fluffy]
so I’m going to just support IndieAuth directly I think
#
[fluffy]
(part of my refactoring of the Mastodon backend to make it more generic)
#
[fluffy]
anyway I had intended to go to bed 3 hours ago but then I got caught in this rabbit hole of disqus migration
#
[tantek]
migration is nearly always a rabbithole
IWSlackGateway, swentel, [prtksxna] and [tantek] joined the channel
#
[tantek]
hmm, having trouble with Bridgy Publish to Twitter
#
[tantek]
and it doesn't seem to be showing up in the logs 😕
#
[tantek]
sending the webmention to Bridgy to initiate the Publish, then getting back an error with http_code of 0 which makes no sense
#
[tantek]
even tried re-authing Bridgy with Twitter - no change
#
[tantek]
and not showing up in the logs on Bridgy either
#
[tantek]
hmm, when did Bridgy drop the www. from its endpoints
#
[tantek]
this was working fine for me 3 days ago. very weird
#
[tantek]
just did it manually with the Bridgy web UI
#
[tantek]
and it had to do some sort of oauth dance with Twitter before posting
gxt, [KevinMarks] and [Rose] joined the channel
#
[KevinMarks]
[fluffy] is what you want from disqus a NIPSA flag under your own control?
[tonz], [jgmac1106] and jgmac1106 joined the channel
#
jgmac1106
tonz I have thought a lot about the personalized assistant, though I am android so my workflow might be different. Currently I have a #pinboard https://quickthoughts.jgregorymcverry.com/content/all/?q=%23pinboard and I fooled around with to-do list a lot…until i fail…early and often
#
jgmac1106
here is me trying webmention Pomodoro for a bit: https://quickthoughts.jgregorymcverry.com/2018/10/30/my-to-do-list-1 but a micropub client that could have a timer to trigger a webmention reminder should be a thing
#
GWG
A webmention pomodoro...I appreciate the creativity
#
jgmac1106
yeah but it could work as well a little firefox micropub extension I can turn on and off, maybe a popup when the timer is done for me to enter a progress report…or for reminder webmention, you just publish a reminder with a time limit…then after X time you get a webmention to that reminder to trigger notification
#
GWG
I am focused on webmentions now
#
GWG
In the midst of a wiring project
[schmarty] joined the channel
#
Zegnat
Still unclear to me what you win by having a micropub pomodoro over any offline timer...
#
jeremycherfas
Maybe if it actually pops up a box in which to type progress and then micropubs that, it could, I suppose, keep you in flow if that is where you are.
rosskarchner joined the channel
#
jgmac1106
because then I wouldn’t have to log in to note what I was doing, a popup timer could prompt me “How did you spend your tomato?” and then that could be sent as a webmention to the h-event (if my to-do list was an h-event)
#
jgmac1106
I would also like to be to strikethrough or add items to a list from anywhere…really voice input would be my ultimate dream
#
jgmac1106
for now I just use the #pinboard tag with a mix of private and public posts, the webmention reminder client is just away to trigger a notification to myself. So if I added an entry, “Get gets at pool at 14:00 at 13:45 I would get an automatic webmention as a reminder to that note
#
jgmac1106
Get kids*
#
Zegnat
For it to be sent as a webmention it will first need to be posted to someplace as a note. Or maybe a reply? Do the h-events get created by the same app prior to starting the timer? It is an interesting idea, but I am not sure these are the right building blocks
loicm joined the channel
#
jgmac1106
well I am not sure a to-do list should be an h-event but I set up each day in my todo as an h-event and then just has a bulleted list…for #pinboard every note is an h-entry link any note, both have endpoints…yeah just thinking about it and tonz post on the Indie (non AI) assistant
[fluffy] joined the channel
#
[fluffy]
isso is a drop-in self-hosted Disqus replacement. https://posativ.org/isso/
#
[fluffy]
what is isso
#
Loqi
isso is a commenting server similar to disqus https://indieweb.org/isso
#
[fluffy]
hm, did I not do that right?
#
[fluffy]
Loqi and I don’t get along 😛
#
sknebel
[fluffy]: Loqi already had a page for it, so it responded with the page content
#
sknebel
you can only create *new* articles that way
[Rose] and eli_oat joined the channel
#
[fluffy]
Oh! okay, I had linked to it with the Isso capitalization in another page and it was a nonexistent page
#
[fluffy]
what is Isso
#
Loqi
isso is a commenting server similar to disqus https://indieweb.org/isso
#
[fluffy]
okay so Loqi doesn’t care about case then
#
[Rose]
Loqi might not, but I believe the Wiki does
zdunn joined the channel
#
[fluffy]
anyway I thought Loqi was responding to my linking to the Isso page since it looked similar to their own stub stuff.
alexmarcus[m] and [snarfed] joined the channel
#
[snarfed]
[tantek] didn't entirely follow your bridgy issue, but happy to help if you want
#
[snarfed]
(also brid.gy has never had www 😁)
#
[snarfed]
(...it does redirect, but it's never served directly)
#
[snarfed]
interesting. just fyi [aaronpk], i got a csrf_detected error logging into aperture just now, with https://snarfed.org/
#
[snarfed]
tried again and it worked
#
Zegnat
Did you keep the page open for long before submitting? (E.g. allowed the one time token to time out?)
#
[snarfed]
no, just 10s ish
[tonz] joined the channel
#
jgmac1106
I am applying for grants and like to keep tally of folks interested in side work. Here is the rub….you need to have or be a legal entity, especially if not US citizen.
#
jgmac1106
On the grants I have gotten it takes a lot of hoops to pay an individual overseas who does not have the tax credentials
#
jgmac1106
feel free to DM or email me anytime
#
aaronpk
[snarfed]: weird! Let me know if it happens again. That's the laravel framework doing that, nothing I wrote.
[xavierroy] joined the channel
#
jgmac1106
If anyone has a second I publised the lesson where I have folks add an h-feed to their websites. Want to make sure I did not get anything wrong: https://buildyourfirstwebsitelessonplans.glitch.me/lessonsix.html
#
Loqi
Build a Blog: Add chronological posts
[tantek] joined the channel
#
[tantek]
[snarfed], when sending the webmention to Bridgy Publish, I got back a http_code of 0 from curl, and Bridgy Publish showed nothing in the logs
#
[tantek]
that's literally the only data I had on the error
#
[tantek]
when I manually used the Bridgy Publish web UI to preview then publish, it "worked" however had to do some sort of Twitter OAuth dance that seemed to automatically "work" (get approval then redirect back to Bridgy)
#
[tantek]
(nothing in the error response body btw, empty string)
#
sknebel
That's probably not a response from bridgy, but an error response from curl
#
sknebel
That for some reason it couldn't reach/get a response from bridgy
[snarfed] joined the channel
#
[snarfed]
^ sounds right. i looked in raw bridgy logs and didn't see your request at all, tantek
#
[tantek]
ugh that's annoying, then I have no idea how to debug that
#
[snarfed]
also the interactive twitter oauth dance is expected
#
[tantek]
and why curl would suddenly stop working when it worked several days ago
#
[tantek]
literally the same code flow to post photos previously
#
[snarfed]
transient network issues? 🤷
#
[tantek]
dreamhost unable to reach bridgy?
#
[snarfed]
yup, network blips do happen. not usually worth digging into too far unless they persist
#
jgmac1106
tantek at my shared host we ran into bitninja, some security thing, causing bridgy issues, got resolved though,
#
[snarfed]
aww where'd it go?
#
[snarfed]
quote was, "It's amusing how hard it is to get computers to behave deterministically. I mean, they just had the one job."
#
[tantek]
snarfed, it was longer than a "blip", seemed to last for a while
#
[tantek]
100% failures over the course of over 10 minutes
#
aaronpk
you can get better error messages from curl if you look at some of the options
#
[tantek]
10+ - that seems quite ong
#
[tantek]
I guess I'll try another post now to see if it is still "blipping" or if there's something persistently broken
#
[snarfed]
true! could have been eg a fiber cut or something else big (ish)
#
[snarfed]
please do, thanks!
#
aaronpk
curl will return a "0" http code for a whole bunch of different kinds of errors, but more error info will be available using curl_getinfo
#
[tantek]
unfortunately it looks like micro.blog display of photos is still broken for me 😞
#
[tantek]
you can see the two most recent posts ^^^ at least are cleaned up compared to the others (no alt + URLs in the text)
[schmarty], [jgmac1106], [tonz], eooq_, [fluffy], eli_oat, [Rose], gxt and loicm joined the channel; UtopicUnicorn[m] and eooq_ left the channel
#
[tantek]
retrying Bridgy Publish
#
[tantek]
well that worked, so transient network error it was (apparently)
IWSlackGateway and [tantek] joined the channel
#
[tantek]
whoa weird new Flickr OAuth flow
[snarfed] joined the channel
#
[snarfed]
really? looks the same to me
#
[tantek]
plus looks like they've switched me over to their Identity migration
#
aaronpk
i thought they launched that a while ago
#
[tantek]
it's been a few days since I last tried to view my profile on Flickr
#
[tantek]
now it forces a redirect to migration
#
[snarfed]
oh login, not oauth authorization. yeah new
#
[tantek]
snarfed, sorry, both
#
[tantek]
first the OAuth flow was new (to me) when I had to manually use Bridgy Publish on the post I made yesterday
#
[tantek]
second I tried to view my Flickr profile, and then it redirected me to the migration flow
#
aaronpk
huh i migrated the login a few months ago?
#
[tantek]
yes exactly that is happening
#
aaronpk
weird cause i definitely did that flow a long time ago
#
[tantek]
"You will no longer be able to log in using the Yahoo account authentication flow. "
#
[tantek]
I think it was opt-in for a while
#
[tantek]
it's now required
[fluffy] joined the channel
#
[tantek]
in case anyone was considering implementing reCAPTCHA for any reason on their site (e.g. comments etc.) https://news.ycombinator.com/item?id=20615019
#
Loqi
[eitland] There is no evil like reCAPTCHA
#
[tantek]
does anyone currently use reCAPTCHA in their implementation or deployment on their personal site for *any* reason?
#
[snarfed]
that article seemed a bit overstated
#
[snarfed]
boiled down to, it takes effort, it's not always easy, and developers use the results to train AIs, which benefits them
#
[snarfed]
all true, and not ideal, but not exactly evil. but subjective i guess
#
[tantek]
I think the deception or lie of omission aspects are viewed as more evil than not