#dev 2021-01-26
2021-01-26 UTC
# Loqi jacky: [jgmac1106] left you a message 1 day, 9 hours ago: geared toward DoD since staring there first with cybersecurity but everything you do must swim in FCI and CUI (classifications for types of federally protected data in US outside of Classified) http://fcivscui.com/
# jacky some things are coming up as 'must-have': some sort of "chip" (like in Material Design) https://material.io/components/chips#usage to help with inline h-cards, client-side MF2 renders to 'enhance' content (or at least normalize it in a way that can encourage people to actually _read_ things) and other stuff
# jacky my question though: should I _push_ to keep mf2 markup in these Custom Elements (https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements)? I can see it being handy for people in the space that use static sites that are fully JavaScript (so then their markup when first rendered properly on the Web will be valid)
[tantek] joined the channel
[KevinMarks] joined the channel
# [KevinMarks] are these web components?
# [KevinMarks] so, I like the idea of web components, but each example I see tens to be "we replaced the built in elements with our own magic ones" - cf amphtml or https://shoelace.style/
# [KevinMarks] but using them for embedding meaningful chunks like h-card or h-event makes more sense to me; it seems to fit with the higher level thinking behind gutenberg in WP, or maybe the other rich chunk editors
# [KevinMarks] could you make the custom element embed the content too though? Shoelace seems to do that
# [KevinMarks] the way shoelace uses slot feels a bit like mf properties
# [KevinMarks] well, this is a bit scary https://gomox.medium.com/google-safe-browsing-can-kill-your-startup-7d73c474b98d
[Raphael_Luckom] joined the channel
# [Raphael_Luckom] absolutely bonkers
ShadowKyogre, KartikPrabhu and alex11 joined the channel; ShadowKyogre left the channel
jjuran, [KevinMarks], KartikPrabhu, swentel, ShadowKyogre, pikselaxam, BudaDude[m], aciccarello[m], khimaros[m], nekr0z, jamietanna[m], smacko[m], astrojl_matrix, JackyAlcin[m], Salt[m], marinin[m], fredcy_, Caleb[m]1, antonio[m], drhitchcock[m], [jgmac1106], deathrow1, schmudde, saptaks, DanC, dckc-, [tantek] and [chrisaldrich] joined the channel; ShadowKyogre left the channel
# bhavin192 That was scary indeed!
# bhavin192 [tantek], I tried to login to https://indieweb.org/ with my domain, it gives me few options like Twitter and GitHub, I'm going to enable PGP option for my site by following instructions given here https://indielogin.com/setup :D
# bhavin192 jacky, exactly :(
leg joined the channel
[Raphael_Luckom] joined the channel
# [Raphael_Luckom] and anyone trying to collaborate on security research on malicious files
# [Raphael_Luckom] it doesn't surprise me that the author of the post is in the security space. You can't really provide a service that protects people without accepting uploads of potentially-malicious files.
ccchapman joined the channel
# [Raphael_Luckom] "For context, InvGate (our company) is a SaaS platform for IT departments that runs on AWS with over 1000 SME and enterprise customers, serving millions of end users. This means our product is used by IT teams to manage issues and requests from their own users. You can imagine the pleasant reaction of IT Managers when suddenly their IT ticketing system starts displaying such ominous security warnings to their end users."
# [Raphael_Luckom] How do you run an IT ticketing system without letting users upload stuff?
# [Raphael_Luckom] ok
# [Raphael_Luckom] ok
lahacker, ShadowKyogre and [KevinMarks] joined the channel
# [KevinMarks] Right, the stuff I do for svgshare.com is instructive
ShadowKyogre, schmudde and kitt joined the channel; ShadowKyogre left the channel
# lahacker kevinmarks have you released that anywhere?
[fluffy], [Raphael_Luckom] and [timothy_chambe] joined the channel
# [KevinMarks] It's open source - but basically I parse the svg with html5lib and then rip the script out
# [KevinMarks] It's py 2.7 on appengine, so not exactly cutting edge, but that backend does scale well.
jjuran, [tantek] and [snarfed] joined the channel; ShadowKyogre left the channel
# [Raphael_Luckom] to (maybe) carry over a conversation from #indieweb-chat, my reason for liking dynamo is that, when I imagine the amount that one, single user is going to use a DB for their social media, and then I think about how I'd chop up one cluster's worth of capacity so that thousands of users could securely have their own access to it, I feel like dynamo is a pretty reasonable end-point. It's not great. If I had 100k users I wouldn't put them
# [Raphael_Luckom] on dynamo. But what system would handle _one_ user better?
# Loqi It looks like we don't have a page for "dynamo" yet. Would you like to create it? (Or just say "dynamo is ____", a sentence describing the term)
# [Raphael_Luckom] dynamo is Amazon Web Services' most popular pay-as-you-go NoSQL database
# [Raphael_Luckom] yeah, I should have done that instead.
# Loqi DynamoDB is a key/value database service provided by Amazon Web Services https://indieweb.org/DynamoDB