Replied to a tweet by Matthias Ott Matthias Ott (Twitter)

Oh, we’re reading you Tania Rascia (@taniarascia)! Even easier for you it looks like Chris Biscardi (@chrisbiscardi) has already built out some infrastructure for webmentions on Gatsby(@gatsbyjs).
https://indieweb.org/gatsby#Plugins

Chris has written a bit about his process as well: Building Gatsby Plugin Webmentions.

 

 

Replied to Dumb Twitter by Adam CroomAdam Croom (Adam Croom)
Here’s my pitch for a Dumb Twitter app: The app forces you to tweet at the original 140 character tweet length. You can reply. You can’t like or retweet. You most certainly can’t quote tweet. There is no private DMing. Linear tweet stream only.

Adam, as you describe “dumb Twitter”, I can’t help but think about many of the design decisions that Manton Reece has made while more consciously designing and building micro.blog which specifically leaves out reposting, likes, and quote tweets as you’ve indicated. Admittedly micro.blog is still relatively small in scale compared to Twitter, and perhaps that size also helps guard against some of the toxic behaviors seen in Twitter. However, I might also suggest that since people are paying for a product and/or using one that has their personal identity built right into it with their own custom domain name, they are far less likely to proverbially “shout from their front porch” at passerby.

I notice you have a micro site which you were using with a micro.blog account, though I suspect you may have given up experimenting with them? Admittedly there is a bit of a technical hurdle in dovetailing either a WordPress or WithKnown site into the platform, but even tying RSS feeds from these platforms into the system isn’t too difficult.

I suspect that as a proponent of DoOO, you may find it fruitful to take another crack at micro.blog which, to a great extent, is really just a DoOO platform for the broader public. For a small monthly fee it allows users to bring their own domain name and get inexpensive hosting to own their own content including articles, status updates, photos, and podcasts. Otherwise, for free, you can use your own site (as you started to) and interact with the community by syndicating your content into it via RSS instead of crossposting via other means they way you’ve done with Twitter in the past.

I might suggest you try using your WithKnown site with micro.blog instead of WordPress, particularly as Known supports webmention out of the box. As a result, anything you syndicate into the system will automatically provide you notifications of any replies. You could then have just the “dumb Twitter” you wanted along with a solid DoOO solution at the same time. Ultimately you’d be using the micro.blog interface as a feed reader to scroll through content while posting your content from your own site.

If it helps to join the community there I’ve got a post that lists several micro.blog users who are in the education space, many of whom are tinkering around in areas like DoOO and IndieWeb, and a few of whom you may recognize.

I’m happy to help if you need any getting set up or experimenting. There’s a lot more power and value in the hybrid set up that micro.blog provides than it gets credit for.

Replied to a tweet by Dr. DeanDr. Dean (Twitter)
I’ve just started reading Mike Monteiro’s book Ruined by Design which puts a fine point on caring about design.

Reply to My list of blogs appear jumbled | WordPress.org

Replied to My list of blogs appear jumbled by mats317 (wordpress.org)
My blog has 5 tabs/categories. When the first tab is selected the appearance is fine but when you select other tabs the titles and descriptions are not appearing correctly. They are either missing or in the wrong place. The page I need help with: https://www.mats.org/category/in-the-community/

On first blush, it looks like the divs for the other tabs/categories aren’t nested the same way as your most recent (blog) page is.

In particular I see a div class=”ssba-classic-2 ssba ssbp-wrap left ssbp–theme-1″ that appears underneath one of the div class=”blog-desc” which may be throwing things off.

Which theme are you using and is it defining a slightly different template for your blog page than it does for the category pages? (See also: https://codex.wordpress.org/Category_Templates)

👓 Kids Event Working Group Chat Agenda | Thursday 25 April 2019 | Make WordPress Communities

Replied to Kids Event Working Group Chat Agenda | Thursday 25 April 2019 (Make WordPress Communities)
Our next weekly Kids Events Working Group chat is happening this Thursday, 25 April 2019 at 2100 UTC/ 5pm EST. This chat will occur in the Make WordPress Community-Team Slack channel. Agenda Update…

Sandy, it was great to meet you at WordCamp Orange County. I’m glad you came out and I was able to run into you. Sorry I’ve missed the meeting by a few days, but I’ll try to be around and help out in the future.

Replied to facebook backfeed via email notifications (unlikely) · Issue #854 · snarfed/bridgy by Ryan Barrett (GitHub)

thanks @grantcodes!

i could come up with gmail, sieve, etc email filters for people to install that would forward all facebook emails except password resets. or maybe only notification emails. still seems iffy security wise, and awful UX, but...meh?

quick poll time. hey @aaronpk @chrisaldrich @jgmac1106 @grantcodes @dshanske @tantek and others: if you could get facebook backfeed again by setting up an email filter like this, but it'd be somewhat sketchy security wise (discussion above), and might be inconsistent and incomplete, and the bridgy UI might be weak or nonexistent...would you do it? feel free to emoji respond +1 for yes, -1 for no. also feel free to @-mention anyone else who might vote.

I should have outlined this originally… Likely safer (for Bridgy and the end user) would be to follow the model of posting to WordPress via email (or services like Reading.am which allow posting to it via custom email addresses). Bridgy could provide users with a private hashed email address like 123xyzABC@brid.gy which could be linked to their particular account to which they could manually (or automatically) forward the relevant Facebook notification emails. Upon receipt, Bridgy would know which account sent it and could also match it to the user’s post URL as a check before sending the appropriate webmentions.

This would leave Bridgy free from being the potential source for security leaks and put the onus on the end user. You’d naturally need to have the ability to reset/change the user’s hash in the case that they accidentally allowed their custom email address to leak, although generally this isn’t a huge issue as emails which don’t match the user’s account/endpoints would be dropped and not send webmentions in any case. (In some sense it’s roughly equivalent to my being able to visit https://brid.gy/twitter/schnarfed and clicking on the Poll now or Crawl now buttons. It’s doable, but doesn’t give a bad actor much. You’d probably want to rate limit incoming emails to prevent against mass spam or DDoS sort of attacks against Bridgy.)

A side benefit of all of this is that those who have kept their old email notifications could relatively easily get much of their past missing back feed as well. Or if they’re missing back feed for some reason, they could easily get it by re-sending the relevant emails instead of some of the current manual methods. Perhaps allowing preformatted emails with those same manual methods could be used to do back feed for Facebook or other providers as well?

We could also put together some forwarding filters for common platforms like gmail to help people set up autoforwarders with appropriate keywords/data to cut down on the amount of false positive or password containing emails being sent to Bridgy.

The one potential privacy issue to consider(?) is that this set up may mean that Bridgy could be sending webmentions for private messages since users get both private and public message notifications whereas the API distinguished these in the past. To remedy this, the comment URL could be tested to see if/how it renders as a test for public/private prior to sending. Separately, since Bridgy doesn’t need to store or show these messages (for long?), private messages could be sent, but potentially with a payload that allows the receiving end to mark them as private (or to be moderated to use WordPress terminology). This would allow the user’s website to receive the notifications and give them the decision to show or not show them, though this may be a potential moral gray area as they could choose to show responses that the originator meant to be private communication. The API would have prevented this in the past, but this email method could potentially route around that.

Replied to Add nag notice and new script for checking headers by dshanske · Pull Request #136 · indieweb/wordpress-indieauth by David ShanskeDavid Shanske (GitHub)
This adds in a script that will nag you to run it until you do. Hopefully this will help educate people on the dangers of not passing Auth headers.

Manually testing this on my site generally seems okay, but I think it contains a logic error because it is returning what must be a false positive.

I see the message in the admin UI and can click on the test which returns the message “Alternate Header Found. You are good to go.” However, when attempting to actually log into Monocle, I get the same 403 error saying that it couldn’t find the bearer token, and it won’t let me log in. So obviously I’m not “good to go.”

From a UI perspective something like “Your headers are properly configured and accessible.” may be better than the “You are good to go” which may be a more difficult construction for non-English speakers. Additionally wrapping that message in an anchor that will redirect to their admin UI might be nice.

Replied to a tweet by Katherine MossKatherine Moss (Twitter)

There’s no reason you can’t have multiple websites. Several of us do it for a variety of reasons:
https://indieweb.org/multi-site_indieweb

I’ve been running versions of both for many years and they each have their pros and cons. In terms of IndieWeb support they’re both very solid. Why not try them both for a bit and see which appeals to you more? Depending on your skill level and what you’re looking for in your site you may find one easier to run and maintain than another.

Personally I’ve used WithKnown (I’ve used it for multiple sites since it started) in a more “set it and forget it” mode where I just post content there and worry less about maintenance or tinkering around. On my WordPress site  I tend to do a lot more tinkering and playing around, particularly because there is a much larger number of plugins available to utilize without writing any of my own code. Lately I am kind of itching to play around with Drupal again now that it has a pretty solid looking IndieWeb module (aka plugin).

Replied to Hypothes.is and Remi Kalir on Twitter (Twitter)

Here’s a link to the report from CNN with searchable text, which means that you won’t get all the orphaned comments and annotations other versions of the Mueller Report will show using Hypothes.is.

https://via.hypothes.is/cdn.cnn.com/cnn/2019/images/04/18/mueller-report-searchable.pdf

Replied to a tweet by Dr LJ Dr LJ (Twitter)

Content doesn’t always need to be public. On my WordPress-based commonplace book (aka my website), a huge amount of it is either private or password protected for smaller groups. Would something like that have worked in your case?

Replied to David Wolfpaw: WordPress and the IndieWeb – Why You Should Own Your Voice (WordPress.tv)

Great job David!

To clarify a bit, while I use and promote a lot of the WordPress IndieWeb plugins and often contribute documentation or small bug fixes, I didn’t write or maintain any of them. The bulk of the credit for all that hard work goes to fantastic developers like Matthias Pfefferle, David Shanske, Ryan Barrett, and many others.

Reposted a tweet by Jeffrey ZeldmanJeffrey Zeldman (Twitter)