#wordpress 2018-05-29

2018-05-29 UTC
# 00:04 
GWG Omnibear works for my tests though
wagle, Ruxton, globbot, gRegorLove, sknebel, drkokandy, petermolnar_, aaronpk, GWG, ben_thatmustbeme, doubleloop[m], [Natris1979], [tantek] and tantek_ joined the channel
# 08:26 
petermolnar_ slightly offtopic: why is akismet telling me I need to display GDPR consent?
# 08:27 
Ruxton "Added a hook to provide Akismet-specific privacy information for a site’s privacy policy."
# 08:27 
Ruxton they've done a few point updates since 26th may all around GDPR stuff
# 08:29 
Ruxton can dismiss the notification and it shuld stop displaying
# 08:35 
sknebel petermolnar: "consent" would likely be wrong, but you have to inform since you hand them personal data
# 08:39 
sknebel (eh, I might be wrong, some articles I just read suggest you actually need consent due to their legal status, but that's pre-GDPR German sources, so unclear if that applies still)
# 08:40 
sknebel if you use Akismet, you send your commenters IP, name and e-mail address to a third-party outside Europe
# 08:54 
petermolnar that's actually interesting, I honestly thought akismet checks the text only
enjikaka and [jgmac1106] joined the channel
# 10:40 
[jgmac1106] My Askimet says if anybody in Eurpoe uses your site. If not no worries
# 11:11 
petermolnar [jgmac1106]: "uses" - what does that mean? Is that a mere visitor? A commenter? A author?
# 11:14 
[jgmac1106] let me get the exact language
# 11:15 
[jgmac1106] To help your site be compliant with GDPR and other laws requiring notification of tracking, Akismet can display a notice to your users on your contact form. This feature is disabled by default, however, if you or your audience is located in Europe, you need to turn it on.
# 11:16 
[jgmac1106] My guess it is on by default in EU
# 11:33 
petermolnar ack
# 11:34 
petermolnar ugh, one of the sites hosted on my server: akismet stats, blocked spam: 472,328
# 11:34 
GWG Try antispam bee
# 11:35 
petermolnar looking at it, thank you!
# 11:45 
GWG It has an active community, from the looks of it.
# 11:49 
[jgmac1106] Here was a strange syndication: https://twitter.com/jgmac1106/status/1001430216156368896
# 11:49 
@jgmac1106 Skip to content Menu About Me Posts Web Annotations Image Credits Quick Thoughts Blog P+T Binder Publications Consulting Attending Events - IndieWeb Pleas join @chrisaldrich and @wiobryne  and others for a Virtual Homebrew… https://jgregorymcverry.com/vhwc/ (twitter.com/_/status/1001430216156368896)
# 11:51 
[jgmac1106] picked up the screen reader class
# 11:55 
sknebel old implied name rules
# 11:57 
sknebel since you've set no name, the parser tried to guess one, and that can go wrong like this if lots of stuff is in the h-entry
# 12:02 
sknebel (should be fixed in bridgy soon, since the parser it uses just updated to new behavior)
# 12:17 
[jgmac1106] yeah if I added a title it didn't happen. seems p-name important to Twitter from Bridgy
# 12:18 
sknebel it checks if there is a p-name first, yes
# 12:19 
sknebel the problem is that there's a shortcut to "guess" a p-name if there isn't one explicitly set
# 12:19 
sknebel we recently made that trigger only sometimes, but not everything has been updated yet
# 12:19 
sknebel (and probably won't be for a while)
# 12:19 
sknebel partly because of that the recommendation for notes has been to mark the content up both as content and name
# 12:20 
sknebel so it can't accidentially happen that a wrong name is guessed
# 12:24 
[jgmac1106] yeah it kills me leaving the posts untitled and then having a page of post called (no title) makes searching for notes PITA, but minor inconvienence
[kevinmarks], jgmac1106, [cjwillcock], [tantek] and [pfefferle] joined the channel
# 16:41 
[pfefferle] GWG?
tantek_, [schmarty] and [cleverdevil] joined the channel
# 18:27 
GWG Yes?
[pfefferle] joined the channel
# 19:01 
[pfefferle] posted a long answer to your pull request on github
[keithjgrant] joined the channel
# 19:43 
aaronpk this is getting confusing having these conversations on random github pull requests and issues
# 19:43 
aaronpk I think I see the confusion that's happening
# 19:44 
[pfefferle] 😉
# 19:45 
aaronpk so the primary feature of the indieauth plugin is that it turns wordpress into an indieauth authorization server
# 19:45 
[pfefferle] true
# 19:45 
aaronpk the secondary feature isn't really indieauth at all, it's web sign-in for wordpress
# 19:45 
[pfefferle] why not indieauth?
# 19:45 
aaronpk in the case that the website you're using when you're signing in also has its own indieauth server, then web sign-in can be completed through indieauth
# 19:46 
[pfefferle] ok
# 19:47 
[pfefferle] i like the idea, if you have a lot of WordPress sites, you manage
# 19:47 
[pfefferle] and as long as we provide the login form, it should work
# 19:51 
aaronpk if your site does not have its own indieauth server, then you end up doing relmeauth, and this is where the confusion happens
# 19:52 
aaronpk so for example, if your site is notiz.blog and you don't have any plugins installed, and you'r etrying to sign in to indiewp.com, then indiewp.com needs to do relmeauth to your twitter profile for instance
# 19:52 
aaronpk that's normally what you'd use the indieauth.com server for, so that indiewp.com doesn't have to impleement the twitter API itself
# 19:53 
aaronpk but if notiz.blog *does* have an indieauth server, then indiewp.com shouldn't do relmeauth and should instead talk to that indieauth server directly
# 19:53 
[pfefferle] is it so? I think it currently has no indieauth.com/indielogin fallback
# 19:53 
aaronpk riight, and that's why this keeps not working
# 19:53 
[pfefferle] I am not sure I get your point
# 19:54 
aaronpk this logic of "use the indieauth server if present, otherwise do relmeauth" is all built in to indielogin.com
# 19:54 
aaronpk so this web sign-in feature for wordpress should probably just *always* use indielogin.com to authenticate people. since it's a completely separate feature from providing an indieauth authorization server for signing in to other apps
# 19:56 
[pfefferle] hmmm... now I get your point, but I do not completly agree... I am aware of indieauth, so I do not like to have a "service in the middle"... perhaps we need a setting, so the user can choose between the "web-sign-in" or the "indielogin.com" form
# 19:56 
[pfefferle] or both
# 19:57 
aaronpk my actual point is that these are two completely different features, and i think it's confusing everyone having them in the same plugin
# 19:58 
[pfefferle] understood and I agree that it might be too complex for > gen 2 users
# 19:58 
aaronpk so it might even be better to move the web sign-in part into its own web sign-in plugin, so that feature can be enabled independently of the plugin providing an indieauth server
# 19:59 
aaronpk and in that case, I can also see that some people might want to support web sign-in via indieauth+relmeauth, or just via indieauth with no external dependencies like you're saying
# 20:00 
[pfefferle] I would love to try it like it is, starting with a nicer settings UI and more user friendly documentation
# 20:01 
[pfefferle] but I understand you point and if we don't get it to work, we really should split it!
# 20:01 
aaronpk well in any case, we should get the terminology straight
# 20:01 
[pfefferle] yes
# 20:01 
aaronpk let's talk about "web sign-in" when talking about logging in to wordpress
# 20:02 
aaronpk and "indieauth" when talking about using wordpress to log in to other places
# 20:02 
[pfefferle] 👍
# 20:06 
notiz.blog edited /Wordpress_IndieAuth_Plugin (+126) (view diff)
[jgmac1106], tantek_, [cleverdevil], [jeremycherfas], [jz], chrisaldrich and [schmarty] joined the channel