Publ: Development Blog

Authl v0.2.0, now in beta status!

Posted Monday, August 19 at 1:49 AM (a day ago)

I’ve released Authl v0.2.0. Changes since v0.1.8:

• Big ol' refactor to support Twitter (see the fuller discussion below the cut!)
• Released to beta!

And changes from v0.1.7 to v0.1.8 (which I didn’t bother to post an announcement about):

• Fixed an incredibly minor security issue in the Mastodon client (the client_secret was leaking but in the context of Mastodon that couldn’t really be used for anything anyway)
• Centralize/refactor the login token management, allowing for future flexibility in the service stack
• Make callback IDs protocol-stable, which helps with some stricter services (e.g. Twitter)

Pushl v0.2.7

Posted Monday, August 12 at 5:25 PM (7 days ago)

Around a month ago a bunch of my webmention stuff broke on my site, and I just figured out what was causing it. Pushl was getting confused by the fact that I had multiple feeds which provided the same content, and some of them were in a no-webmentions context. The no-webmentions ones were getting processed first, which was preventing the webmention-context versions from actually being processed.

So, I fixed this bug by making the context part of what dedupes the actions.

Every time I work on Pushl I feel like it could use a major rewrite, incidentally. This is one of those times.

Authl v0.1.7, now with IndieAuth support!

Posted Monday, August 12 at 1:41 AM (8 days ago)

I’ve released Authl v0.1.7, which now adds direct support for IndieAuth (rather than requiring IndieLogin.com as a broker). This means that now folks who have an IndieAuth identity can log in using that; previously I was expecting IndieLogin.com to eventually open up client registrations to make that a useful authentication path, but for various reasons Aaron hasn’t opened it up to the general public.

Part of this update was to also refactor how OAuth is handled, so it’ll be a lot easier for me to add more OAuth-based providers in the future; hopefully I’ll have direct support for Twitter, GitHub, and maybe even Facebook in the near-ish future. But for now, between Mastodon, email, and IndieAuth, I think I have all of my own personal needs taken care of.

Feel free to make suggestions for other identity providers in the Authl issue tracker, though!

v0.5.1 released (also Authl v0.1.6)

Posted Saturday, August 10 at 2:04 AM (10 days ago)

Oh gosh I seem to be on a roll with these updates again. Here’s what changed in Publ:

• Fixed a silly bug in the admin dashboard renderer which made it not work in production mode
• Make the admin log only record the most recent access per user per entry, making it way more useful
• Make the logout operation happen via POST method rather than GET, fixing a problem with browser prefetching; added a logout.html template to support that. (Also made the default unauthorized.html use Authl’s default CSS.)
• Actually make entry.authorized available, rather than just documented. Also gave it a better name while I was at it.
• view.entries can now take an optional argument for inlining unauthorized entries, improving its usage within feeds.
• view.unauthorized can now take an optional argument for limiting the unauthorized view count, which helps performance and makes it a bit more predictable
• Images now provide their filename as the default alt text, which is arguably better for accessibility than just leaving it a blank string. I am willing to change my mind on this, however.
• Cleaned up the code around category.subcats(recurse=True) and also added some actual tests for the sort ordering. They pass.

And the Authl changes (which were actually released before Publ 0.5.0 but I didn’t bother announcing them until I had them tested “in the wild”):

• Changed to using packaged data for templates
• Made the login page CSS available through url_for
• Removed the spurious precision from the email message template

Anyway, I of course updated the sample beesbuzz.biz templates to reflect the new functionality.

Wow, Publ’s feeling like it’s actually kinda pretty good at stuff now. I hope someone else ever wants to actually, like, use it or something.

v0.5.0 released

Posted Thursday, August 8 at 3:24 PM (11 days ago)

I figured there wasn’t really any reason to keep waiting. So here we are.

Changes since v0.4.6:

• Improve the performance and stability of the admin dashboard
• Correctly fall back to the internal Authl templates
• Remove some spurious/empty attributes from image tags
• Don’t cache template mappings forever
• Don’t mark an entry title as being markup if its markup is disabled
• Correctly set the default entry recursion for entry.previous/next
• Disable an arrow warning for a future change

In other news, over on my main website I have successfully migrated my comments over to Isso, which is a nice self-hosted alternative to Disqus that does a much better job of handling privacy in particular, as well as providing a simpler UX that doesn’t try to get in your face about everything. If you want to read more about how I made that change, read the several blog entries starting with “Moving away from Disqus,” and also look at the sample templates to see the actual implementation.

May your private entries remain exclusive, and your public entries be brilliant.

UPDATE: Someday I’ll learn to use and test rc builds before making an actual public release. Oops.

Publ 0.4.6, Authl 0.1.5

Posted Friday, July 26 at 12:36 AM (a month ago)

Updated some packages.

Main things with Publ since the last release:

• Internal cleanups to how caching happens
• Stop spuriously-caching a bunch of stuff; in particular login/logout endpoint URLs no longer get cached
• Various cleanups
• Improve the way that built-in templates are managed
• Initial cruddy implementation of an admin authentication dashboard (although this isn’t quite ready for prime time)

The only Authl change is that email identities are now given as a full mailto: URL; going forward all identity strings will be full URLs. This simplifies the UX for admin dashboards, in particular, and removes some ambiguity.

Publ 0.4.5.1, Authl 0.1.4

Posted Sunday, July 21 at 2:24 AM (a month ago)

I’ve released a mini-update of Publ to fix an authentication problem (the config parser was “helpfully” sanitizing things that didn’t want to be sanitized), and also some refactoring/improvements/bugfixes to Authl.

The big changes to Authl are that the email handler generates shorter/nicer links, and it also puts an anti-abuse timeout into email login attempts to prevent people from spamming themselves or others with spurious email notifications. There’s also a bunch of small bugfixes to Authl’s login flow, and Flask apps can specify that sessions should not be made permanent.

v0.4.5

Posted Monday, July 15 at 9:16 PM (a month ago)

Normally I wouldn’t release a new version just for a single minor bugfix, but this was causing bigger problems. Oops.

Anyway, there was one other minor fix, which allows “cb” to be a valid category name again. It’s minor and fiddly but hey, consistency, right? (And anyway you never know, someone might use Publ for a site that has a CB enthusiasm blog!)

v0.4.4, and private entries in the wild

Posted Saturday, July 13 at 5:25 PM (a month ago)

I’ve added private entry stuff to my website (here’s an example post) and in doing so I shook out a few loose ends:

• Improved the login flow for when someone is logged in but goes to an entry they don’t have access to
• Added Status: UNLISTED as a synonym for Status: HIDDEN

All the auth-related things are now documented here and also demonstrated in the sample templates.

There is not much left for v0.5, incidentally!

v0.4.3! Authentication!

Posted Saturday, July 13 at 2:58 AM (a month ago)

Wow, this is a pretty major update: authentication is now a thing!

It isn’t quite complete yet – I still have a few more things I want to add before I consider it done (and therefore release v0.5.0) – but this is at least in a state where it’s ready to be experimented with. Probably. I need to sleep first, before I start adding authentication to my website.

Auth is working nicely

Posted Monday, July 8 at 11:56 AM (a month ago)

I’ve released Authl 0.1.1, which adds support for Mastodon authentication. And the Publ test suite now is up-to-date with that as well.

There’s a few things I want to do on Publ before I release a version for use on my own website, the big one being the ability to provide a better login page, and some refactoring around built-in templates now that built-in templates are becoming a thing.

I also really want to redo how I manage the documentation site, because it’s getting kind of untenable at this point.

Anyway, really soon I’ll have properly-private content on my website again, and hopefully this will be enough of a feature for people to actually be interested in Publ!

Posted Thursday, July 4 at 10:58 PM (2 months ago)

I’ve put a bunch more work into Authl, and have released it into PyPI. Of note is that now it has a simplified mechanism for setting it up with a Flask application.

Hey, wait, Publ’s a Flask application!

Authl finally under progress

Posted Monday, July 1 at 12:07 AM (2 months ago)

I wrote more about this on my personal blog but to summarize, I finally made some progress on actually working on Authl, which was the missing piece I needed before finally getting started on private posts. No promises on when I’ll actually have that functionality working, but at least I’ve finally gotten over the chicken-and-egg bump of not having any auth system to implement privacy against (and no privacy system to implement auth for).

Anyway, if anyone wants to play with what I have so far, there’s an incredibly basic starting point over yonder.

v0.4.2 released

Posted Friday, June 28 at 12:08 AM (2 months ago)

Just another small-ish release to address some bugs and minor interop concerns:

This weekend I’ll be at IndieWeb Summit in Portland, Oregon! I hope to see some of you there.

v0.4.1 – it’s released

Posted Thursday, June 6 at 12:43 AM (2 months ago)

Not a whole lot new in this one, because I haven’t had time to work on Publ lately.

This release is mostly to fix a silly bug that was causing apostrophes and quotes to get dropped from plaintext renditions of titles and whatnot, which was caused by some of the refactoring I did in the run up to the 0.4.0 release and didn’t notice until just now.

I also fixed a MathJax test, and did a bunch of refactoring/cleanup of one of the internal API shims. Nothing user-facing.

Oh! And I’ll be attending IndieWeb Summit 2019 in Portland at the end of the month. I look forward to meeting other IndieWeb wonks! I love that RSVPing to it got me to finally fix my site template’s RSVP function.

And in other news I’ve finally been cleaning up the quickstart guide thanks to some feedback from a potential user. If you’ve been wanting to try Publ but were entirely confused or lost or whatever, please give it another look! And of course I am happy to get documentation feedback (or pull requests!) on the site repository.

v0.4.0 released! Let’s talk future!

Posted Monday, May 13 at 11:11 PM (3 months ago)

Oh wow, I finally closed out the Publ 0.4.0 milestone. So, wow, this is a pretty big deal for me.

Changes since 0.3.23:

So that closes out the last three issues before I was ready to consider this usable by a wider audience. Neat.

There’s a lot of stuff I want to do for 1.0 of course, but also more importantly I need to vastly improve the documentation on this site, as well as collect things to make it easier for people to get started with Publ. I would absolutely invite people to make suggestions; have you looked into Publ, and been confused about what exactly to do? Please let me know!

The best ways to do so are to either hop onto my Discord channel or to open issues against the documentation site.

v0.3.23 Released

Posted Wednesday, May 8 at 12:31 AM (3 months ago)

I got an itch today to do a bunch of feature work, and also found and fixed a bunch of bugs that I didn’t catch before.

Changes for this release:

• Fixed a bunch of tests which broke when I reorganized the test repository
• prefix_ attributes now apply correctly to image and imageset style and class attributes
• Entries with empty slug-text now omit the slug-text separator from their permalink URL
• Markdown entries now support link rewriting for href and src attributes (so for example <audio src="local_file.mp3"> will now work)
• Major bug fixes to the HTML renderer, which was dropping all entities, character references, and comments (oops)
• Disabled automatic smartquoting in HTML entries

Reblob!

Posted Sunday, April 28 at 2:39 AM (4 months ago)

It’s been a while since I’ve worked on IndieWeb stuff, but I finally got around to releasing an extremely preliminary version of reblob, a little commandline thingus to make this stuff easier. Eventually I’ll also have a server-based version here, at least as an example.

v0.3.22, now with tag browsing functionality

Posted Monday, April 8 at 9:41 PM (4 months ago)

I’ve now released Publ v0.3.22, which is mostly a bugfix release but also adds a couple of useful things. Major changes:

• Entries which are set to status DRAFT or GONE no longer function as path-alias redirections
• category now has tags, allowing templates to build in tag browsing
• Similarly, view now has tag refinements, making it easier to modify views' tag restrictions
• Fixed a silly bug which was causing top-level categories to not redirect without a trailing /
• Also did a bunch of refactoring on image handling, with no functionality change but it makes the code easier to navigate (I hope)

Oh and I guess I forgot to post a release announcement of v0.3.21 back on April 2, oops! There were some pretty major fixes to that:

• Somehow the <img alt> attribute got turned to <img alt_text>, which is not valid. That has been fixed. (I suspect I was really tired when I was reorganizing some code.)
• JPEGs now correctly support EXIF orientations/rotations
• Added support for entry.summary, as well as overriding the summary text on an entry..

Also, how did I miss that v0.3.21’s release was on the first anniversary of my first functioning blog post?! Wow, time flies.

Pushl v0.2.5 (not a joke!)

Posted Monday, April 1 at 11:29 AM (4 months ago)

I have released v0.2.5 of Pushl. The changes since v0.2.4:

• Improved the logging levels a bunch, making them more useful
• Added the ability to only send WebSub for feeds

The latter improvement makes it so that if your site is accessible from multiple URLs (e.g. http and https, or multiple domain names), it won’t send multiple Webmentions to everyone with each possible URL. This helps to cut down on spamminess to sites which don’t detect multi-origin pings (such as most IndieWeb blogs or fed.brid.gy).

I also finally added a tools page to this website, to collect useful things that make Publ work better with other things. I also intend to add various useful quality-of-life things like an image cropping tool, and whatever else might occur to me down the road.

Someday I need to get around to making a proper “Features” page for this site, too. Someday…