I got a decent amount accomplished, this week, for the first time in a while…
After a few weeks of ignoring that I wanted to do so, I finally tweaked the background generator to allow for a little footer. In my case, I wanted to have an easy way to show messages or link back to a host (like Colagioia Industries, in my case) without making that a part of the committed code.
So, instead, the server now checks to see if there’s a
public/css/footer.css file, using them if they’re there.
I also updated the licensing with a mention in
README.md that the configuration file (
config.json) is not licensed under the AGPLv3, but instead given a CC0 Dedication. I don’t like that solution, but this post and the relevant Libre Lounge episode convinced me—even though it somehow hasn’t convinced the very people who brought the point up in the first place—that external code-like configuration files under the AGPL can technically be requested from service providers, thereby exposing their passwords and API keys.
To be clear, I don’t think that this represents any sort of imminent danger. But to future-proof my applications against hypothetical “licensing trolls,” I’ll be going through my web applications looking for similar configuration files and shifting them more equivalent to public domain, as well. I still think the AGPL is the correct license for web services until there’s a new generation of copyleft licenses, but files with secrets should probably be treated separately until then.
GitHub was nagging me about some security updates, so I spent some time upgrading all the packages used by Bicker and giving the application a quick test to make sure I didn’t break anything obvious.
For reference in case anybody else wants to do this, first, be aware that the application could easily break by putting incompatible library versions together, but if you’re OK risking that…
yarn upgrade --latest bundle update
Again, in my case, this worked out fine. But if it didn’t, I had already committed to version control and could have easily rolled back, if it didn’t go as well. I recommend you use at least that amount of caution.
Despite my better judgement, Miniboost edges ever closer to being a full replacement for Boost Note, this time by throwing in a button to create a new note category. The New Category button replaces itself with a confirmation button and space to type the new name, highlighting the name if it conflicts with another category.
Unfortunately, it does feel like I’m pushing Proton Native near its limits. Everything still works, but there are too few components to work with and many features of the existing components aren’t implemented. That’s not a dig against the developer, since it’s only one person who’s apparently a student, but rather to point out that something like this needs more attention than just one part-time person unless Miniboost is meant to be the cutting edge project.
It isn’t getting any prettier, of course, but Uxuyu now extracts URLs from posts and turns them into buttons that follow the post, which will open the URL in the default web browser. Depending on how you use twtxt, you might think that’s a new feature, but it actually just mimics my terminal emulator on Ubuntu, which highlights URLs.
I’ve also tried to clean up the display of mentioned users and started the process of harvesting mentioned accounts to be combined with the information that can be pulled from registries.
It doesn’t do anything, yet, but the last significant piece I added is a text entry field and button that will soon be used to post from Uxuyu.
I honestly wasn’t intending to revisit SlackBackup, since I don’t work nearly as much through Slack as I used to (at one point, I had five Slack teams for just one job!), it’s desktop software that doesn’t require much security babysitting, and Slack has begun the process of phasing out the tokens the software relies on. But the security advisories were piling up, so it seemed worth some time to update whatever packages won’t make significantly more work.
As a quick note, no, I have no intention of convert its authentication to OAuth2. If some fairy godmother would like to implement it and file a pull request, I’ll gladly accept it. But it’s not a particularly interesting task for a project I no longer use often enough to care, so it’s an extremely low priority. I reserve the right to change my mind if a future employer throws me on another hyperactive cluster of Slack teams and won’t pay for them, but for now, I’m ignoring the problem.
Entropy Arbitrage, Itself
As a weird kind of milestone, my post this past Saturday (the 25th) on this blog was the last of the content I had partially pre-written. As a peek behind the curtain, I started a version of the Star Trek project last year, without even a mention of the Blish adaptations and not intending to publish such detailed posts, but it meant that I had decent notes up through Balance of Terror. Similarly, I did a lot of the leg-work for the Free Software social network showdown about two years ago and built my prototype block/follow analysis code then, as well.
So, May is going to be the first real test of whether posting five-to-six days per week is sustainable. It should be fun, at least for me. To be fair, I don’t think I ever envisioned posting every Saturday and every Sunday.
On a nice, cold morning, this past week, I tried my hand at baked oatmeal, using steel-cut oats instead of rolled oats. Since I mostly winged it, I don’t really have a recipe, except to say that I came out with about a cup of oats, seeds (flax, hemp, chia), nuts…and one ancient, dessicated banana that I found in cleaning out the freezer. I mixed that mess with two cups of water and put it into a bread pan, baking it at 375° for…oh, about an hour, then took it out of the pan, flipped it, and baked it again upside-down, because I forgot that I was using the proportions I generally use to just make a bowl of oatmeal…
However, what I ended up with was…basically an oat-based bread. The nuts interrupted clean slices and made buttering the slices difficult, but I’d highly recommend trying something like this out, if you need something new to bake. Cut down on the water and crush/chop/eliminated the nuts, though.
The plan for the week is to continue on with Uxuyu. Now that the follower thread repeats its task every few minutes to update the messages, the program should start scraping the user registries in a second thread to combine with the users being harvested from posts. The interface is also in serious need of refactoring, at this point, too.
Like I said last time, I should also spend more time on Bicker, especially working out dealing with the URL previews, now that I have a primitive version. And I want go get back to figuring out how to implement Open Oubliette, as well.
Tags: programming project devjournal bicker uxuyu
Sign up for My Newsletter!
Get monthly (or thereabouts) notifications on Entropy Arbitrage
posts, additional reading of interest, random thoughts, and previews
of upcoming projects, delivered right to your inbox. I won’t
share your information or use it for anything else.
You can view previous issues. Unless it's still June 2020, in which case you can only see test messages.
If you disable trackers (like I do), this form won’t work, so you’ll need to sign up on Mailchimp's site. Sorry!