#dev 2020-03-24
2020-03-24 UTC
[tantek] joined the channel
waterbadger, [snarfed], [chrisaldrich], gRegorLove, nickodd, Kongaloosh, leg, KartikPrabhu, loicm, sscarfe and [g33kcentric] joined the channel
# [g33kcentric] For aquasitions, would h-cite for the product itself make sense?
swentel, [jgmac1106], sscarfe, KartikPrabhu and [jeremycherfas] joined the channel
# [jeremycherfas] !tell schmarty In checking out indiewebring, per Beko'
# [jeremycherfas] Sticky fingers.
# [jeremycherfas] !tell schmarty In checking out indiewebring, per beko’s post, I discovered that you aren’t detecting the h-card on my home page, even though indiewebify me does find it. Anything I should do?
# [jeremycherfas] Wouldn’t that be an endless loop?
# [jeremycherfas] There arre already 7 links there. I suppose an eighth, invisible, wouldn’t hurt.
sscarfe joined the channel
# [jeremycherfas] I’m thinking now that the test itself may be wrong.
# [jeremycherfas] my h-card has p-name and u-url for my name and my /about page. But the microformats page says my name should link to that home page. prefereably with u-uid as well. So I think the best option now might be to remove the bit that has my name as a link to my /about page and put it outside the h-=card, and then put my name with u-url and u-uid into the h-card.
# [jeremycherfas] That’s what I thought 🙂
[Cheuk] joined the channel
# [jeremycherfas] I did. Added `<a href="https://jeremycherfas.net" class="u-url u-uid"></a>` to my h-card and now all works fine. But I’m still not sure whether indiewebify.me’s test for a representative h-card was wrong, or I was.
# [jeremycherfas] So, let’s call it a workaround.
mastermidn13, hs0ucy, KartikPrabhu, sscarfe, waterbadger and [jgmac1106] joined the channel
loicm, mastermidn13, jenelizabeth, superjen96 and [schmarty] joined the channel
# [schmarty] [grantcodes] have you been getting warnings about the minimist package for any of your indieauth JS packages?
# [schmarty] nearest i can tell the best way forward is to upgrade babel from 6.x to 7.x but there are incompatibilities in how they're configured
# [schmarty] (the infamous javascript build stack bit rot problem)
# [schmarty] wonders if he can port the code so it doesn't require a build tool.
[grantcodes] joined the channel
# [grantcodes] No, not seen anything yet
# [grantcodes] I think some of the security warnings aren't really that relevant, it's almost certainly in the build, not the actual end package
# Zegnat https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 is the actual vulnerability. It can merge slightly too much into an object thus changing its prototype.
# [schmarty] zegnat: to be honest, i consider the "problem" to be that github is sending me vulnerability emails
# [schmarty] minimist is way down in the dependency tree so i am not sure how it is used
# [schmarty] this is in my indieauth-authentication plugin which i derived from some grantcodes plugin (indieauth-micropub ?)
# [schmarty] so i didn't set up the es6 pipeline and therefore don't understand it 😅
# [schmarty] heh. it is very tempting to tell gh to shush about it.
# [grantcodes] Especially if it's in the dev dependencies
nickodd joined the channel
# [schmarty] good point - it is a dev dependency and not a prod dependency.
# [schmarty] but it does get me a little grumpy about how mushy these dependency trees become over time.
# [grantcodes] Is there such a thing as perfect package management? 😛
# [schmarty] no package management 😛
# [schmarty] ^^
# Zegnat For those interested in knowing what the problem at the root of this minimist thing is, this is an OK summary of how it bit many other libraries throughout the years: https://medium.com/intrinsic/javascript-prototype-poisoning-vulnerabilities-in-the-wild-7bc15347c96
# Zegnat So much so that some frameworks use a drop-in replacement for JSON.parse() to make sure they do not make the same mistake: https://github.com/hapijs/bourne
# Zegnat (Fun fact when I first learned about that, I immediately went on to bypass their protection: https://github.com/hapijs/bourne/pull/10)
KartikPrabhu joined the channel
# @JmacDotOrg What started as a quick “I should list three Webmention-using websites I like, just showing examples of webmentions in practice” blog post has mutated into a booklet-length Explainer and after three hours I have the outline mostly done. So y’all have that to look forward to. (twitter.com/_/status/1242471759405895681)
sscarfe, gRegorLove, Nuve and [tantek] joined the channel
# superkuh No code is how I do webmentions.
sscarfe, loicm, KartikPrabhu, beko and [LewisCowles] joined the channel
# [LewisCowles] aaronpk++ nocode
# [LewisCowles] Also NoUI++
# Loqi [[jeremycherfas]] I did. Added `<a href="https://jeremycherfas.net" class="u-url u-uid"></a>` to my h-card and now all works fine. But I’m still not sure whether indiewebify.me’s test for a representative h-card was wrong, or I was.
# [LewisCowles] What is NoUI?
# Loqi It looks like we don't have a page for "NoUI" yet. Would you like to create it? (Or just say "NoUI is ____", a sentence describing the term)
# gRegorLove [jeremycherfas], can you let me know what the markup was on your homepage before? I'll check on the indiewebify.me test. It's been updated in the last year to fix some representative h-card issues
# @Geek_Centric Webmention test, like and comment!
https://itsjustk.com/2020/03/24/2 (twitter.com/_/status/1242510512543457280)
[jeremycherfas] joined the channel
# [jeremycherfas] Sure.
# [LewisCowles] NoUI is the absence of need for a user interface, with automated actions or derived fields. You may setup computed fields which save users input. Perhaps if they are logged in using IndieAuth, the username field or email is pre-populated. Unless control is necessary avoiding the cognitive load to design and present it is best spent on making it not needed.
# gRegorLove thanks!
# [jeremycherfas] And when I added `<a href="<https:jeremycherfas.net>" class="u-url u-uid"></a>` at the end of the list, indiewebring treated it as a representative h-card.
# gRegorLove ah, and indiewebify.me was reporting it as represenative before you added that, right?
# gRegorLove I think that's correct because you have one or more u-url matching a rel-me
# gRegorLove "if the page contains an h-card with a url property value which also has a rel=me relation (i.e. matches a URL in parse_results.rels.me), the first such h-card is the representative h-card"
# gRegorLove not sure if indiewebring is doing representative h-card or authorship algorithm
# gRegorLove hm, webring is doing representative h-card parsing and it looks correct at a glance, but not sure.
[kimberlyhirsh] joined the channel; nickodd left the channel
# Loqi It looks like we don't have a page for "command line" yet. Would you like to create it? (Or just say "command line is ____", a sentence describing the term)
[KevinMarks] joined the channel
# gRegorLove you mean PESOS or a one-time dump?
# Loqi backfill is the action of importing all your past posts, typically from a social media silo, into your own site https://indieweb.org/backfill
# gRegorLove jacky, there is https://github.com/sferik/t#using-t-for-backup (no personal experience with it)
[aaronpk] joined the channel
[jgmac1106] joined the channel
# [jgmac1106] jmac not on the wild at all, but an example of builiding a quick Graph from tomorrow's credweb W3c community group:
# [jgmac1106] The person who posts at URL [ https://twitter.com/Craig_A_Spencer ] is a professional [ Emergency Room Doctor ] according to the page at URL [ https://www.mailman.columbia.edu/people/our-faculty/cs2941 ] which I find credible.
# [jgmac1106] if that doesn't sound like a perfect job for a webmention
[snarfed] joined the channel
# [jgmac1106] no they are using JSON-LD and RDFa to build graphs...just discussion level stuff added to quick agenda
# [jgmac1106] but my thought was a bit of rel=me between the h-card and the webpage, but knowing how fast pages change if I was said Dr, Id want a webmention
loicm and [LewisCowles] joined the channel
# [LewisCowles] tantek++
# gRegorLove h-card has u-logo as well
Nuve, geoffo and [aaronpk] joined the channel
# [LewisCowles] I found u-logo, it's more that I have two and one is a motif (closest to logo) and the other is an avatar
# [LewisCowles] the avatar was literally created from a photo of me by me
# [LewisCowles] the logo motif is just 2 letters that are visually distinctive
# [LewisCowles] @GWG I will be using it
# gRegorLove I've used u-logo for some work projects where the h-card represents an org
# [LewisCowles] I suppose so long as the parser is permissive I can mark-up what I like
# gRegorLove Sure, the question is always "what is the consuming use-case?"
# [LewisCowles] Someone that wants a representation of me, to be most specific from least specific, with cascade order
# [LewisCowles] u-photo
# [LewisCowles] u-avatar
# [LewisCowles] u-logo
# [LewisCowles] what I look like
# [LewisCowles] a consistent simple graphic to serve as a sign / symbol of me
# [LewisCowles] a representation I've chosen of me (doesn't have to be human but can be more complex, just not photo realistic)
# [LewisCowles] it happens to be my avatar is simple, but avatars can be complex. Confusingly they can also be photo-realistic
[chrisaldrich] joined the channel
# [LewisCowles] I don't want a photo so IndieWeb in slack shows me with an avatar
# [LewisCowles] But My facebook has a photo
# [LewisCowles] and my website has a logo
# [LewisCowles] It's probably a sign of how much neuroticism I've spent over the years. The good news is I've not made a new one since 2014
# [LewisCowles] I stopped at 3 levels
# gRegorLove hehe
# [LewisCowles] There is not. I'm kinda going to mark one up though
# [LewisCowles] It could be a case of "Hi, I'm
{name} <photo>. You may know me as {tag}
<avatar> [maybe context?], I work for <logo>"# gRegorLove Hm, not sure I follow the distinction between photo and avatar. Like anything that someone would upload to a social media profile would be u-photo to me.
# gRegorLove Regardless if it's an actual self photo or some stylistic graphic
# gRegorLove My favicon is a lowercase g, so I'd be more likely to set that as u-logo (thoug I don't think I do, yet)
# gRegorLove [LewisCowles], Here's an attempt of what I'd markup for what you described http://php.microformats.io/?id=20200324225123155
# gRegorLove jacky, not sure there's consumers for u-icon?
# gRegorLove There's mixed opinions on recommended use of `-x`
# gRegorLove oops, missed the u-photo in the top-level h-card. That could go after the nickname in that example
# [LewisCowles] I quite like it, and jacky, I'd totally settle on u-icon if it worked, but u-x-avatar will work for me too
# [LewisCowles] [gRegorLove] ++ for the example and the extension representation
# gRegorLove yeah, I noticed that ambiguity, heh
# [LewisCowles] I am sorry that I engage in this level of specificity
# gRegorLove no apology needed, that's what dev is for :)
# gRegorLove stands 2m back from the hug
# [LewisCowles] it's okay, but it might violate a few CoC too
# [LewisCowles] photo if provided
# [LewisCowles] avatar if no photo as it's explicitly saying, I prefer this
# jacky so I remembered just now that rel=me does this thing with `authn` https://indieweb.org/RelMeAuth
# [LewisCowles] then logo arguably could be additional to either, or as a fallback the user has set before app fallback
# [LewisCowles] they should be stored in one place totally
# [LewisCowles] to avoid a runtime cascade. It's a parse-time cascade I'm describing
# [LewisCowles] that sounds beautiful
# [LewisCowles] I tried to sell the idea of idempotent / predictable avatar paths where I used to work when they pivoted to a "[social]-network", and it hurt me so much everyone wanted to go to rails->db->rails->s3->rails->json->users
# [LewisCowles] just overwrite
{storage}/public/{user_pk}
/avatar.ext# [LewisCowles] I understand representing all 3 would be mad
# [LewisCowles] but having that level of creative control is what makes me excited about tooling
# [LewisCowles] ❤ I will enjoy seeing that
# [LewisCowles] I'll totally follow suit if I see a way that isn't confusing, I've just never seen one yet
# [LewisCowles] a bit like the evolution from being known for our profession, vs our chosen name, vs our chosen identity
[jacky] and [jgmac1106] joined the channel
# [jgmac1106] wants to see how people handle the data, at least I have now solid estimates of what hosting video would cost on AWS or something...ISP won't let me serve that much bandwidth I doubt....will keep rocking Reclaim...started using University Servers back down to 40-50 gigs a day
# gRegorLove I was wondering about that for doing /story video posts
# [jgmac1106] I thought at somepoint they would cut me off for pushing limits of "unlimited" but never did,
# [jgmac1106] one off videos so easy to host on the page, my video page is a basic fork of your photo page gRegor
# gRegorLove Dreamhost is "unlimited" too, but I'm also on shared. idk, doubt I'd get heavy traffic on it
# gRegorLove what is reclaim hosting
# Loqi Reclaim Hosting is a web hosting company focused on the education sector to provide educators and instutitions an easy way to offer their students domains and web hosting that they own and control https://indieweb.org/Reclaim_Hosting
# [jgmac1106] dreamhost has a specific message about their "unlimited" and don'
# [jgmac1106] t be a 1% jerk who streams audio and video
# [jgmac1106] but the occasional video/story post be easy peasy
# gRegorLove Suppose it depends how ephemeral I make them
# [jgmac1106] they made it a bit more specific: https://www.dreamhost.com/legal/unlimited-policy/
# [jgmac1106] I don't see explicit comments about streaming video, unless it's video people really want
# gRegorLove what is pasta
# Loqi PASTA is an acronym/abbreviation for Publish Anywhere, Save To (private) Archive, the practice of automatically saving a copy of whatever you post on (social media) silos to someplace else under your own control, like a private directory on your own server, or a local folder on your laptop that is less vulnerable to site-death https://indieweb.org/PASTA
# [jgmac1106] this line in in the Dreamhost policy is what turned me off, "File upload / sharing / archive / backup / mirroring / distribution sites." I do all that except distribute sites
# gRegorLove I'm more worried about performance than hitting DH's limits
# [jgmac1106] gRegorLove I had degradation to subdirectory performance, only got rate limited once, only one pingdom warning, I did 170 gigs of bandwidth that day though
# gRegorLove too many things. I need to focus on a few indieweb things instead of going on these rabbit trails, haha
# gRegorLove [jgmac1106], you're on reclaim though, right? Shared or VPS?
# [jgmac1106] if it is just a story/video, just think of it as one large photo file
# [jgmac1106] yeah shared...was afraid they would make be bump up to an enterprise level
# [jgmac1106] i prolly deserved it....
# [jgmac1106] I do only shoot at 720p but as much more my students and mainly bc I am using crappy iMac camera