#dev 2020-12-23

2020-12-23 UTC
# 00:02 
[chrisaldrich] [snarfed]++ for taking it on 🙂
# 00:02 
Loqi [snarfed] has 33 karma in this channel over the last year (55 in all channels)
# 00:04 
[snarfed] oh also it doesn’t work with facebook container tabs in ff. sorry for the caveats
# 00:14 
[chrisaldrich] Is there any sort of dashboard data like https://brid.gy/instagram/chrisaldrich would have provided? Or is it just "magic" for now?
# 00:14 
[chrisaldrich] Or maybe ways to re-send/force missed mentions?
# 00:16 
[snarfed] your bridgy user page is the dashboard!
# 00:16 
[snarfed] it integrates
# 01:03 
[snarfed] [chrisaldrich] got your comment backfed! https://snarfed.org/2020-11-13_42333#comments
# 01:18 
[chrisaldrich] need to check my facebook container tabs settings... hadn't seen anything (yet)
# 01:18 
[snarfed] ah yeah like i said earlier, it doesn’t work with facebook container tabs, you’d need to disable that extension entirely
# 01:19 
[snarfed] or, i think it only works with them if you keep an IG tab open’
# 01:19 
[snarfed] checking
# 01:19 
[snarfed] yeah, it doesn’t work at all, for a strange reason i don’t understand yet
# 01:19 
[snarfed] you’d need to disable the container tabs extension and then log into IG again
jeremycherfas, geoffo, [Raphael_Luckom], [fluffy] and [snarfed] joined the channel
# 03:48 
[snarfed] woo, looks like the browser extension is working for [chrisaldrich]: https://brid.gy/instagram/chrisaldrich
schmudde and [chrisaldrich] joined the channel
# 05:03 
[chrisaldrich] [snarfed]++ Thanks, it does seem to be up and running and working like I would have expected. For some reason the UI on Brid.gy took a bit before it looked like I was logged in and able to use it as before.
# 05:03 
Loqi [snarfed] has 34 karma in this channel over the last year (56 in all channels)
# 05:03 
[chrisaldrich] Definitely worth a square on the gift calendar in my opinion!
KartikPrabhu and [tantek] joined the channel
# 06:37 
[tantek] Definitely!
enpo, KartikPrabhu, schmudde, [Raphael_Luckom] and geoffo joined the channel
# 15:15 
@simpledevMe Blade-Component: Webmentions | Blog | Tom Witkowski - Gummibeer https://gummibeer.dev/blog/2020/blade-component-webmentions (twitter.com/_/status/1341764021544841217)
[snarfed] joined the channel
# 15:18 
[snarfed] [chrisaldrich] welcome! it polls every 30m. looks like it didn’t work at first because of container tabs, but after you turned that off, the next 30m run worked and turned on your account
geoffo joined the channel
# 15:35 
[snarfed] hey aaronpk, i’m starting to think about indieauth in the browser extension, and i’m a bit lost. i know i’d do PKCE, but i don’t know how to do the redirect back, since the extension isn’t URI-addressable
# 15:36 
[snarfed] or should i just punt, do it all server side, and then give the user a token that they’d paste into the extension?
# 15:36 
[snarfed] basically i think i need the extension to be able to prove to _my_ server (bridgy) that it’s indieauthed for a given domain
# 15:37 
[snarfed] or maybe i just accept (and warn loudly about) the flawed security model 😎
# 15:41 
aaronpk [snarfed]: is there any kind of url that can launch the extension? Like a chrome:// url or something?
# 15:41 
aaronpk omnibear got it to work somehow
# 15:42 
[snarfed] ah ok, examples are good, i’ll look at that
# 15:42 
[snarfed] no clue about extension urls
# 15:43 
aaronpk oh hm i see it used a server side redirect https://github.com/keithjgrant/omnibear/blob/master/src/components/LoginForm.js#L107
# 15:44 
[snarfed] i guess that could be fine? the extension could identify itself with some some token that it includes in later requests
# 15:45 
aaronpk presumably that server-side redirect url just passes the authorization code to the extension
# 15:45 
[snarfed] oh, sure
# 15:46 
[snarfed] i’d probably have to pass it back to the server though, since in my case the goal is for the extension to prove to _bridgy_ that it’s authed
# 15:46 
[snarfed] security modeling, ugh
# 15:47 
aaronpk in that case that sounds like the normal flow except that instead of it happening in a browser window it's happening in the extension window
# 15:48 
aaronpk it's bridgy doing the indieauth flow, it just happens to be accessed by the extension
# 15:48 
aaronpk am i understanding that right?
gxt joined the channel
# 15:54 
aaronpk fwiw visiting this URL in a new tab opens the extension options page for my extension chrome://extensions/?options=bjommifdalanmhmajhnnkblpafpdgnmo
# 16:01 
[snarfed] eh, bridgy also needs to verify the auth
# 16:01 
[snarfed] sorry, back
# 16:02 
[snarfed] bridgy (server) needs to be able to verify that a client, ie the extension, has indieauthed to a given domain
# 16:02 
[snarfed] so the auth and verification is spread across client and server 😢
# 16:02 
aaronpk so yeah that's normal
# 16:02 
[snarfed] oh?
# 16:02 
aaronpk that's like logging in to quill (server-side app) from a browser
# 16:03 
[snarfed] ohhh true
# 16:03 
aaronpk the quill server gets the indieauth response and issues a session ID to the browser
# 16:03 
[snarfed] so yeah then we’re back to URI-addressability of the extension, which you spoke to in chrome at least
# 16:03 
[snarfed] (i forgot the server side indieauth verification)
# 16:03 
aaronpk if you don't want to rely on a URI for the extension then you can at least handle the redirect with a page on brid.gy
# 16:05 
[snarfed] right, as long as there’s some token exchange to identify the client
# 16:05 
[snarfed] ok, options. thank you!
# 16:05 
aaronpk just a normal session ID from the extension to the bridgy server should suffice
# 16:05 
[snarfed] right, equivalent. (there isn’t already one, so i’d just generate one)
# 16:06 
aaronpk that whole side of things is left out of oauth and indieauth. that's where openid connect starts to define some more tools for managing it, but a session ID is usually "good enough"
[KevinMarks] joined the channel
# 16:37 
[KevinMarks] https://twitter.com/dhh/status/1341739269367472129?s=20
# 16:37 
@dhh "The price for pursuing JavaScript for everything has been a monstrosity of modern complexity. Yes, it’s far more powerful than it ever was. But it’s also far more convoluted and time-consuming than is anywhere close to reasonable most web applications." https://m.signalvnoise.com/html-over-the-wire/ (twitter.com/_/status/1341739269367472129)
# 17:05 
[KevinMarks] HotWire is a new version of JAH/AHAH https://epeus.blogspot.com/2005/05/jah-ajax-without-xml.html
[Raphael_Luckom] joined the channel
# 17:09 
[Raphael_Luckom] In order to understand what he means, I'd want to know where he draws the borders around "complexity" when he says "a monstrosity of modern complexity." because I think there's an argument that https://twitter.com/dhh/status/1341420143239450624?s=20 is about as complex and jargon-y
# 17:09 
@dhh Hotwire aka NEW MAGIC is finally here: An alternative approach to building modern web applications without using much JavaScript by sending HTML instead of JSON over the wire. This includes our brand-new Turbo framework and pairs with Stimulus 2.0 😍🎉🥂 https://hotwire.dev (twitter.com/_/status/1341420143239450624)
gRegorLove joined the channel
# 17:14 
[Raphael_Luckom] If you take a client-side JS application and change it to not use a client side framework but instead to do equivalent processing sever side, then your net complexity is about the same. But that choice definitely makes sense if, for instance, you're more familiar with server-side frameworks likr Rails.
# 17:18 
[KevinMarks] That's looking at it slightly obliquely - if you don't start with a client side framework, this is a way to do partial updates more easily, by sending html fragments. What DHH has in the new version is some web component based syntax to declare the frames, and integration of  service workers for caching of the partials. The basic ide aof html over the wire is old though http://www.kevinmarks.com/staticjah.html
# 17:22 
[Raphael_Luckom] html over the wire is the original web idea, right? And React has server-side rendering if you want it, also giving you html over the wire. tbh the part I actually object to is that "monstrously" and the attitude it represents.
# 17:22 
[Raphael_Luckom] *monstrosity
# 17:29 
[KevinMarks] well, the whole js construction of a parallel dom with it's own change management in json is rather a rube goldberg approach. It is nice that React is now announcing being able to serve pure HTML too though https://reactjs.org/blog/2020/12/21/data-fetching-with-react-server-components.html
# 17:29 
aaronpk i'm just glad to see people finally realizing that maybe the full swing to JS everything was a bit of an overreaction against HTML
# 17:30 
superkuh This is the way.
# 17:32 
[KevinMarks] "The fundamental challenge was that React apps were client-centric and weren’t taking sufficient advantage of the server." https://github.com/josephsavona/rfcs/blob/server-components/text/0000-server-components.md#motivation
# 17:33 
[Raphael_Luckom] The main argument against client-side JS that resonates for me is that it interferes with accessibility. That's _bad_. It's also bad, (but less bad) that it hurts interoperability to the extent that it requires clients to understand JS (largely not an issue, because the API is usually trivially seperable from a JS client). Everything else is preference.
[tantek] joined the channel
# 17:38 
[tantek] [Raphael_Luckom] I don't object to client-side JS that's progressive enhancement, it's *depending* on client-side JS that I object to, or rather, more and more it means I just ignore a (typically content) site because it is irrelevant (dead) to history anyway per js;dr. Easiest way to close a tab quickly.
# 17:41 
[KevinMarks] the new DHH way is still js dependent by default, though less js involved. Feels like you could do a bit more non-js fallback with actual iframes rather than `<turbo-frame>` components
# 17:43 
[Raphael_Luckom] Right--and that makes sense. I think that it comes off as elitist and intimidating for community leaders to introduce their new ideas by taking potshots at the kinds of technologies you'd naturally think about learning if you were, e.g. a non-engineer trying to get into the field. just having a good idea is plenty, you don't have to redefine something else as bad to get a leg up.
# 17:43 
Loqi Right has -2 karma in this channel over the last year (-4 in all channels)
# 17:43 
[Raphael_Luckom] f
# 17:44 
aaronpk that's fair, but this is all in response to the "technologies you'd naturally think about" being technologies that are hyped up and likely should never have reached that status in the first place
# 17:47 
[Raphael_Luckom] when you use terms like "hyped" and "should never have reached that status," it sounds like you're dismissing all the _positive_ things that people have to say about <thing you don't like> as bad-faith. And since almost no one (least of all community outsiders) has your intuition about why that might be true, it's very hard to respond to it as a reasoned argument.
[schmarty] joined the channel
# 17:53 
[schmarty] [Raphael_Luckom] - a product announcement doesn't need to present reasoned arguments nor to give space to "positive things people have to say about <thing they don't like>".
# 17:53 
[schmarty] if you want to tone police DHH i don't think this is the channel for it.
# 17:55 
GWG Have people been leaving Travis CI for GitHub actions of late for testing?
# 17:56 
aaronpk GWG: good question. i haven't set up any new tests recently, but i have set up some automations on github actions that i previously may have used travis-ci before
# 17:57 
GWG I am wondering if it is worth migrating
# 17:57 
GWG The same way I got rid of the master branch...as I updated other things
# 18:08 
[Raphael_Luckom] [schmarty] it is a very interesting choice to use the language of social justice to defend someone like DHH against someone like me.
# 18:12 
[Raphael_Luckom] by definition, I can't argue that I'm not tone policing--I'm absolutely doing exactly that, no argument.
# 18:28 
[tantek] [Raphael_Luckom] not bad-faith, but rather ignorance (though in FB's case, perhaps willful neglect) of existing simpler methods (that have become so well established that they're boring and harder for folks to pitch big "thought pieces" about)
# 18:35 
[tantek] This tweet still sums up a lot of it for me: https://twitter.com/fakebaldur/status/1341348238151065605
# 18:35 
@fakebaldur Which tells me that the React crowd has been ceaselessly campaigning against server-rendered-no-hydration websites over the past few years solely because React couldn’t do it out of the box.  They’ve basically let Facebook’s tech priorities ruin large parts of the internet. (twitter.com/_/status/1341348238151065605)
shoesNsocks1 joined the channel
# 18:45 
@JAMstackTORONTO ↩️ Webmentions + @eleven_ty by @TheGreenGreek  4/

https://youtu.be/zjHb4xtnTvU (twitter.com/_/status/1341816443927748609)
# 19:35 
gRegorLove Not sure if this is big enough a thing for the indieweb calendar, but I made some minor updates to mf2toical: https://github.com/gRegorLove/mf2-to-iCalendar#changelog
# 19:35 
aaronpk it's indieweb related and has a link, i'd say that counts!
# 20:25 
@TheGreenGreek My lightning talk on Webmentions + Eleventy is up! I give an overview of Webmentions and the IndieWeb which is good to know even without Eleventy. (twitter.com/_/status/1341841745466843137)
# 20:35 
@TheGreenGreek ↩️ Updated my post to add the video too - you can see slides, video, and resources all in one place! https://sia.codes/posts/webmentions-eleventy-talk/ (twitter.com/_/status/1341844370031579138)
# 20:40 
@RubygemsN webmention-cli (1.5.0): A command-line interface for Webmention. https://rubygems.org/gems/webmention-cli (twitter.com/_/status/1341845455475380224)
KartikPrabhu, [fluffy], [Raphael_Luckom], [KevinMarks] and schmudde joined the channel