#dev 2023-12-23

2023-12-23 UTC
[manton] joined the channel
# 00:08 
[manton] [snarfed] Does Bridgy accept at:// URLs for u-syndication when matching up a blog post to its Bluesky post, or does it need to be https://? I should probably switch to web links but wanted to do some testing with what I already have.
Shannon and geoffo joined the channel
# 03:30 
[snarfed] [manton] both!
sebbu2, [tantek], bterry1 and [jamietanna] joined the channel
# 11:04 
[jamietanna] Snarfed any idea whether the `None` on https://fed.brid.gy/web/www.jvt.me/notifications is maybe an ActivityPub Move? There's no log associated with it, and the post doesn't seem to exist (at least when read via the browser)
# 11:04 
[jamietanna] That is the "Quinze Plush None @quinze's post"
# 11:14 
[jamietanna] Also seeing the reply below it with no log 🤔
[KevinMarks] and win0err joined the channel
# 14:39 
aaronpk .io domains are going up again. i really want to move off of that TLD for my projects
# 14:56 
[tantek] No rent control on domain names
peterkaminski and geoffo joined the channel
# 15:43 
[snarfed] [jamietanna] maybe a Delete? the link returns 410 in both browsers and with AS2 conneg
# 15:44 
[snarfed] ah it's an Undo of an Announce
peterkaminski joined the channel
# 16:02 
[snarfed] fixed, minimally
win0err joined the channel
# 16:30 
[jacky] domain names, the newest feudal frontier (lol)
# 16:31 
[jacky] aaronpk: if `.dev` is appealing, that's an option!
# 16:31 
[jacky] there's the `.xyz` space too
# 16:31 
[jacky] two letter gTLDs are prime space (less effort)
# 16:33 
aaronpk i've started moving some of the p3k.io things to p3k.app
# 16:33 
aaronpk the tough one will be webmention.io
# 16:33 
aaronpk because i don't require an email address to sign up to use it, so i have no way to contact everyone who is using it
# 16:34 
sknebel how much are they now?
# 16:34 
aaronpk i might have to start sticking a fake webmention in the JSON response that's a warning like "you need to update to the new domain" or something 😂
# 16:35 
aaronpk namecheap raised the prices by $5
# 16:35 
[jacky] target=https://webmention.io/#users source=https://webmention.p3k.app/blog/new-home 👀
# 16:41 
sknebel 70€/y it seems (at a random registrar I just checked). yeah, not exactly cheap
# 16:41 
aaronpk it's like $48 at namecheap now
# 16:46 
[manton] [snarfed] This is kid of an edge case, but I think Bridgy might get confused if there are links in a Bluesky post that aren’t the canonical link for the post. For example, this post has two inline links elsewhere — https://bsky.app/profile/manton.org/post/3kh62nbtbw72b — so Bridgy just tries to discover a Webmention endpoint for the first one, instead of trying to send the mention back to my blog. (Do I have this right?)
# 16:46 
Loqi [preview] [Manton Reece] I like the new Bluesky butterfly logo. Still invite-only, but I have a handful of invite codes if you want to try it out.
# 16:46 
[manton] (Er, “kind of an edge case”, not kid.)
# 16:55 
[jacky] what is http://indieauth.com
gRegorLove_ joined the channel
# 16:57 
[jacky] squints
# 16:57 
aaronpk what is indieauth.com?
# 16:57 
Loqi indieauth.com provides an authorization server that you can use with your website in order to log in to IndieAuth and Micropub apps https://indieweb.org/indieauth.com
# 16:57 
[jacky] I thought Loqi was on strike lol
# 16:58 
sknebel the bridge adds http:// to what it thinks are urls, and loqi does not like that
# 16:58 
[jacky] do you have some sense of numbers of what parts of http://indieauth.com is used?
# 16:58 
[jacky] ahhhhhh good to know
# 16:58 
[jacky] more reason to go back to IRC lol
# 16:59 
aaronpk what do you mean parts?
# 17:01 
[jacky] like how many people use which silo or if things like OpenID are used a lot
# 17:02 
[jacky] prob not
# 17:02 
[jacky] too many 👀
# 17:02 
[jacky] lol
# 17:04 
aaronpk oh yeah i have logs of that kind of thing
# 17:09 
aaronpk one sec, this is interesting
# 17:11 
[jacky] I ask because I'm curious about supporting OpenID as well (in hopes of making this something more attractive for supporting)
# 17:11 
[jacky] but might be too much before the cart
# 17:15 
aaronpk do you mean OpenID 1?
# 17:19 
aaronpk hm, i can't figure out why there's no record of the original openid logins here
# 17:25 
[jacky] ahh did not realize there was a difference
# 17:25 
[jacky] that's enough for me to look away from that lol
# 17:28 
aaronpk openid 1 is effectively dead at this point
# 17:28 
aaronpk openid connect is very much alive, but has nothing to do with openid 1
# 17:29 
[jacky] makes a note of that
# 17:29 
aaronpk traditional openid connect isn't really indieweb relevant either. the closest it gets is with the new OpenID Verifiable Credentials stuff
bterry1 joined the channel
# 17:40 
aaronpk https://media.aaronpk.com/2023/12/23094043-1140.png
# 17:41 
aaronpk https://media.aaronpk.com/2023/12/23094147-6448.png
# 17:50 
[jacky] wow that's a lot more through SMS than I expected
# 17:51 
[jacky] this is really cool, thank you
# 17:51 
[jacky] good to know that's a contender for folks
# 17:51 
[jacky] tricky but doable tbh
# 17:51 
[jacky] technically _could_ do it for free through cheogram and an XMPP account but Twilio's easier lol
# 17:55 
aaronpk the sms and github colors are really close in that
# 17:55 
aaronpk here's the data https://media.aaronpk.com/2023/12/23095538-1970.png
# 17:57 
aaronpk i'd also like to see the numbers for unique users by provider rather than number of logins per provider but i can't figure out that SQL right now
# 17:59 
[jacky] hah where's the resident dataviz person when you need it
# 18:00 
[jacky] it's clear, though, that people will go for the options that require the least code changes _and_ one that's less "exposing"
# 18:00 
[jacky] hence the use of github
# 18:00 
[jacky] but even then, seeing self-hosted IndieAuth use _double_ is good
# 18:02 
aaronpk guess i should do it for indielogin.com too
# 18:03 
[jacky] oh tbh I _completely_ forgot about that service lol
# 18:03 
[jacky] def curious
# 18:04 
[jacky] def also curious about the eventual deprecation of http://indieauth.com (if that's something you're considering)
geoffo and [chrisaldrich] joined the channel
# 18:32 
aaronpk some day
AramZS, AramZS_, win0err and geoffo joined the channel
# 21:28 
Soni any of y'all into portuguese btw? https://chaos.social/@SoniEx2/111631786962817551
# 21:29 
Loqi [preview] [Genders: ♾️, 🟪⬛🟩; Soni L.] Acabamos de fazer uma nova spec FediLinks, introduzindo URIs web+feed para feeds tipo Atom: https://fedilinks.org/spec/pt/5-O-URI-web-feed:BoostOK: @fedilinks#FediLinks #Atom #Feeds #IndieWeb
# 21:54 
Soni (decided to forbid userinfo entirely. auth should not be embedded in a web+feed URI, even in machine-to-machine contexts.)
# 21:54 
Soni (also decided to explicitly reject RSS feeds)
win0err joined the channel
# 22:39 
[jacky] shout out to in-browser translation with firefox now
# 22:39 
[jacky] and it's local (i.e: doesn't go up to a remote service) https://support.mozilla.org/kb/website-translation
# 22:39 
[jacky] local-first++
# 22:39 
Loqi local-first has 1 karma over the last year
# 22:40 
[jacky] okay so Soni, this page looks cool!
# 22:45 
Soni ohh right we should probably check that out
# 23:00 
Soni thanks tho!
Al_Abut and geoffo joined the channel
# 23:09 
[tantek] thanks jacky! yes, I think local-first is a great way to provide new features to users while preserving privacy
Al_Abut joined the channel
# 23:36 
[jacky] rel-me-auth discovery is sorta expensive
# 23:36 
[jacky] it's possible to frontload parts of it but being more opportunistic makes it harder 🤔
# 23:37 
[jacky] or more time consuming, rather (b/c of the _N_ providers available and the ceiling of providers one could support)
Al_Abut joined the channel
# 23:42 
Soni wow it's... not great. still, pretty cool for something that runs entirely locally.
# 23:42 
[jacky] was the translation not as accurate?
# 23:43 
[jacky] is guessing so
# 23:43 
Soni one of the mistakes with the translation was turning "erro" (error) into "mistake"
# 23:44 
[jacky] ha, a common mistake 😉
# 23:44 
Soni also "deve" (must) into "should"
# 23:45 
[jacky] I _think_ there's a way to report the translation errors!
# 23:45 
[jacky] which, heh, would be good, if someone's reading a spec
# 23:45 
Soni so instead of "userinfo being present must be treated as an error", the translation says "userinfo being present should be treated as a mistake"
# 23:46 
[jacky] must and should def carry more weight to my BCP-enforced ears
# 23:49 
Soni the intent is to reject web+feed URIs with userinfo, instead of silently "correcting" them like browsers do with https nowadays.
# 23:51 
Soni (we have never managed to get browser to process optional authentication (i.e. WWW-Authenticate on a 200 response), not even with userinfo...)
# 23:52 
Soni (but anyway we digress)
# 23:53 
Soni we think authentication should be handled out of band, by the feed reader, not by the URI. (do any feed readers integrate indieauth etc yet?)
# 23:54 
Soni at the same time, we wouldn't be entirely opposed to some sort of "auth:" URI that takes the auth method, auth parameters, and the base URI, particularly for use with m2m
# 23:54 
Soni (so instead of shoving userinfo in your DB settings, you'd shove an auth URI. this would be one step closer to removing userinfo from URIs altogether.)
# 23:56 
Soni (we used to think repurposing userinfo was a good idea, not too long ago even, it's only been a month since we last tried to repurpose userinfo, but nowadays we're not so sure...)