{ "type": "entry", "author": { "name": "fluffy", "url": "http://beesbuzz.biz/", "photo": null }, "url": "http://beesbuzz.biz/blog/2550-Current-goings-on", "published": "2021-07-10T23:08:45-07:00", "content": { "html": "<p>Still on disability leave, and still in considerable pain. I\u2019m trying not to work too hard on things, but it\u2019s hard not to do things.</p><p>For example, I worked on a song with my friends Ken and Huan-Hua for this week\u2019s <a href=\"https://songfight.org/\">Song Fight!</a>; we entered the \u201cWe Did Everything We Could\u201d fight under the band name Richard Donner Party. It was a fun song to make. Fortunately I didn\u2019t have to even so much as look at a guitar. Most of my work was vocals, light keyboard work, and editing.</p>\n\n\n<p>I\u2019m increasingly sure that I have some form of <a href=\"https://www.ehlers-danlos.com/\">EDS</a>. I guess my occasional fixation on <a href=\"https://www.ehlers-danlos.com/why-the-zebra/\">zebra stripes</a> is justified after all.</p><p>I\u2019ve also managed to put some more work into Publ; in particular I finally added <a href=\"https://indieweb.org/IndieAuth_Ticket_Auth\">Ticket Auth</a> support, now that a bunch of people are suddenly <a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff\">very interested in moving forward</a>. I feel like we\u2019re actually close to making it so that we can do proper, private, secure social networking without having to buy into overwrought protocols like ActivityPub or buy into a closed ecosystem.</p><p>I really want to work on Subl to build a reader that supports all this stuff from the ground up, rather than just hacking it into Feed on Feeds. That said, I do have an idea how it might be possible to do in a secure-ish way, and of course a quick hack would be totally fine for a single-user instance (but I don\u2019t want to rely on people using it in a single-user context).</p><p>It seems likely that one of the Microsub-based readers (such as <a href=\"https://aperture.p3k.io/\">Aperture</a>) might get to a usable TicketAuth-based state first, although I\u2019m not a fan of its UX and I haven\u2019t found any Microsub-based reader which works the way I want. The Microsub protocol itself seems strangely resistant to the handful of UX things I want in the first place. Which is a big part of why I\u2019m still looking into Subl being a fully-integrated reader (which might eventually support Microsub but it\u2019ll be primarily designed around its own self-contained UX). Also I wouldn\u2019t want Subl to require someone to be an IndieWeb user to use it, and I\u2019d still manage authentication via Authl.</p><p>On a similar note, I had a <a href=\"https://chat.indieweb.org/dev/2021-07-10#t1625943648837300\">rather lengthy conversation trying to hash out Micropub support in Publ</a>, and what I\u2019m taking away from it is that supporting it would be a bit different than what I had in mind. Most likely, a Micropub-based publishing endpoint for Publ would require building out a thing that basically gives users a site-specific author page and using that as the identity to hand to a client. And then the login flow for that can still go through Authl \u2014 which is actually pretty cool, because that means that e.g. a community blog could be set up using any Authl-supported login mechanism, rather than requiring people to buy into IndieWeb. So that makes Micropub seem like a really compelling protocol for building something like a Tumblr group blog! And that makes me a lot more optimistic about moving, say, <a href=\"https://doublejumpseattle.com/\">my drawing group\u2019s website</a> over to Publ.</p><p>Of course all this conversation and development is preventing me from properly healing. But at least getting in pain from things I\u2019m passionate about is better than the alternative, I suppose.</p><p>I ended up buying a <a href=\"https://amzn.to/3r2xNL8\">knockoff Chirp Wheel</a> a couple weeks ago and while it took a while to get the hang of using it, I feel like it is actually helping a bit. And hopefully loosening up my spine will help with this current bout of dizzy spells I\u2019ve been having; one theory about fibromyalgia dizziness is that it\u2019s due to neck trigger points, which the yoga wheel helps with. So that\u2019s now part of my daily regimen.</p><p>I also need to spend more time doing exercise. I have new knee braces and that should help me play more DDR, but also I should take more walks or bring my stationary bike up to the living room to work out on that while watching TV. Which I\u2019ve been doing a <em>lot</em> of, lately.</p><p>Also smoking weed. So much weed.</p><p>Anyway. That\u2019s what\u2019s going on with me lately.</p>\n\n<p><a href=\"http://beesbuzz.biz/blog/2550-Current-goings-on#comments\">comments</a></p>", "text": "Still on disability leave, and still in considerable pain. I\u2019m trying not to work too hard on things, but it\u2019s hard not to do things.For example, I worked on a song with my friends Ken and Huan-Hua for this week\u2019s Song Fight!; we entered the \u201cWe Did Everything We Could\u201d fight under the band name Richard Donner Party. It was a fun song to make. Fortunately I didn\u2019t have to even so much as look at a guitar. Most of my work was vocals, light keyboard work, and editing.\n\n\nI\u2019m increasingly sure that I have some form of EDS. I guess my occasional fixation on zebra stripes is justified after all.I\u2019ve also managed to put some more work into Publ; in particular I finally added Ticket Auth support, now that a bunch of people are suddenly very interested in moving forward. I feel like we\u2019re actually close to making it so that we can do proper, private, secure social networking without having to buy into overwrought protocols like ActivityPub or buy into a closed ecosystem.I really want to work on Subl to build a reader that supports all this stuff from the ground up, rather than just hacking it into Feed on Feeds. That said, I do have an idea how it might be possible to do in a secure-ish way, and of course a quick hack would be totally fine for a single-user instance (but I don\u2019t want to rely on people using it in a single-user context).It seems likely that one of the Microsub-based readers (such as Aperture) might get to a usable TicketAuth-based state first, although I\u2019m not a fan of its UX and I haven\u2019t found any Microsub-based reader which works the way I want. The Microsub protocol itself seems strangely resistant to the handful of UX things I want in the first place. Which is a big part of why I\u2019m still looking into Subl being a fully-integrated reader (which might eventually support Microsub but it\u2019ll be primarily designed around its own self-contained UX). Also I wouldn\u2019t want Subl to require someone to be an IndieWeb user to use it, and I\u2019d still manage authentication via Authl.On a similar note, I had a rather lengthy conversation trying to hash out Micropub support in Publ, and what I\u2019m taking away from it is that supporting it would be a bit different than what I had in mind. Most likely, a Micropub-based publishing endpoint for Publ would require building out a thing that basically gives users a site-specific author page and using that as the identity to hand to a client. And then the login flow for that can still go through Authl \u2014 which is actually pretty cool, because that means that e.g. a community blog could be set up using any Authl-supported login mechanism, rather than requiring people to buy into IndieWeb. So that makes Micropub seem like a really compelling protocol for building something like a Tumblr group blog! And that makes me a lot more optimistic about moving, say, my drawing group\u2019s website over to Publ.Of course all this conversation and development is preventing me from properly healing. But at least getting in pain from things I\u2019m passionate about is better than the alternative, I suppose.I ended up buying a knockoff Chirp Wheel a couple weeks ago and while it took a while to get the hang of using it, I feel like it is actually helping a bit. And hopefully loosening up my spine will help with this current bout of dizzy spells I\u2019ve been having; one theory about fibromyalgia dizziness is that it\u2019s due to neck trigger points, which the yoga wheel helps with. So that\u2019s now part of my daily regimen.I also need to spend more time doing exercise. I have new knee braces and that should help me play more DDR, but also I should take more walks or bring my stationary bike up to the living room to work out on that while watching TV. Which I\u2019ve been doing a lot of, lately.Also smoking weed. So much weed.Anyway. That\u2019s what\u2019s going on with me lately.\n\ncomments" }, "name": "fluffy rambles: Current goings-on", "post-type": "article", "_id": "21947673", "_source": "3782", "_is_read": true }
{ "type": "entry", "author": { "name": "Will Norris", "url": "https://willnorris.com/", "photo": null }, "url": "https://willnorris.com/2021/07/intentionally-positive/", "published": "2021-07-07T16:25:59-07:00", "content": { "html": "<img src=\"https://willnorris.com/hand-heart.jpg\" alt=\"Woman holding her hands in the shape of a heart, framing a sunset.\" /><p>Over the last decade or so, many companies (especially in tech) have adopted a\n\u201cNo Jerks\u201d policy. The idea is to have policies in place for dealing with\nworkplace bullies and jerks, and to have safeguards in the recruiting and hiring\npipeline to prevent them from being hired in the first place. Much of this wave\nof emphasizing workplace civility seems to have begun with Robert Sutton\u2019s 2007\nbook, <em><a href=\"https://en.wikipedia.org/wiki/The_No_Asshole_Rule\">The No Asshole Rule</a></em> and the numerous articles that followed. When I\nwas at Google, this topic was emphasized in a 2013 internal memo from a senior\nexecutive that was (and still is) widely circulated around the company.</p>\n<p>These kinds of articles and memos can serve as great introductions to\nunderstanding the impact bullies and jerks have on teams and the entire\norganization, and the more extreme examples of this behavior are often easy to\nspot. However, I found that some of the examples in Sutton\u2019s book, while true\nreports of actual situations, were <strong>so</strong> extreme that they bordered on caricature.\nIt became all too easy to dismiss them, feeling that my workplace doesn\u2019t have\nany of those people.</p>\n<p>But what I have found in my experience is that <strong>most</strong> people are not overtly\njerks <strong>most</strong> of the time. People tend to be far more nuanced, and the\nbehaviors that can lead to discord on a team are far more subtle, and often\nunintentional.</p>\n<p>The risk of teams and organizations only focusing on avoiding negative behavior\nis that they will, at best, trend toward neutral behavior. It\u2019s not enough to\nsimply not be a jerk. We must strive to be <strong>intentionally positive</strong>.</p>\n<p>Being <em>intentionally positive</em> is not something that happens by accident. It\u2019s\nnot something you stumble into, and I suspect that it does not come naturally to\nmany people. By definition, being intentionally positive is a conscious and\ndeliberate choice to behave in a particular way.</p>\n<p>So what does it mean to be intentionally positive in the workplace? It\u2019s really\nnothing profound or surprising. It\u2019s about being respectful to coworkers,\nempathetic and thoughtful in communication, quick to correct and apologize when\nyou make a mistake, and quick to forgive when others do. I\u2019ve always worked in\nengineering organizations, so I\u2019ll give two concrete examples from my experience\nthere, but the lessons apply to any kind of work.</p>\n<h2>Building a better future</h2>\n<p>Any sufficiently complex software project is going to\nhave bugs. The documentation is never as clear as you would like, and the tests\nare never as thorough. Decisions or policies that were made years ago might no\nlonger make sense, and there may be no one left that even remembers how or why\nthey were made in the first place. We nearly always work in imperfect\nsituations, but the attitude we have toward that can have a big impact on a\nteam.</p>\n<p>Off-handed remarks about how poorly a piece of work has been done, or how\nshort-sighted a decision was, sets the tone for how other\u2019s work is evaluated.\nWhen done in a critical rather than constructive manner, it only serves to tear\npeople down, even if they\u2019re no longer around to hear it. In fact, it\u2019s\nespecially important if they\u2019re no longer around, since this signals to the\ncurrent team how they should expect their own work to be discussed after they\u2019re\ngone.</p>\n<p>There\u2019s a concept in improvisational acting and comedy called \u201cYes, and\u2026\u201d. It\u2019s\na technique of accepting whatever idea or direction your partner gives you (the\n\u201cyes\u201d), and then build on that (the \u201cand\u201d). Even if the idea seems preposterous\nor isn\u2019t where you were wanting to go. In business settings, this is often\ndiscussed in connection with brainstorming sessions, but I think it applies here\nas well because it\u2019s really about attitude. If we\u2019re dealing with legacy code\nor unclear policies, we accept whatever we have today, and then build on it. We\nmay still end up changing it, even drastically, but it means we will do so with\nan intentionally positive attitude.</p>\n<p>Bob Ross was famous for saying that \u201cwe don\u2019t make mistakes, we have happy\naccidents\u201d. What is that, if not applying \u201cyes, and\u2026\u201d to his painting? Yes\nthis thing happened, and we\u2019re going to work with it and turn it into something\npositive.</p>\n<h2>Communicating with care</h2>\n<p>I think one of the hardest skills in life, and one I\u2019m\nnot sure I\u2019ll ever truly master, is effective communication. Especially as more\npeople are working remotely, and conversations are split across a variety of\ncommunication channels, the opportunity for misunderstandings is ever\nincreasing. Whether it\u2019s a simple code or design review for a teammate, or\nanswering the same customer question for the 100th time by a new-hire that\ndoesn\u2019t know any better, there is a huge opportunity to be intentionally\npositive in our communication.</p>\n<p>In technical reviews in particular, I have found that short, to-the-point\ncomments meant to be expedient can also be received as brusque, impatient, or\ndismissive. Projects like Conventional Comments suggest a structured way to\nprefix comments with additional context, but I\u2019ve also found that simply\nresponding in complete sentences often leads to clearer communication. Or\nasking questions rather than giving commands: \u201cHave you considered X here?\u201d\nrather than \u201cdo X here\u201d. (I\u2019ve also seen this backfire where such a Socratic\nmethod led to frustration with a reviewer that clearly seemed to have an opinion\nbut just wouldn\u2019t outright say it.)</p>\n<p>When dealing with customer questions, we can start by being careful to fully\nunderstand their specific situation, since it may actually not be the same as\nthose before them. And then we can be friendly, helpful, and understanding of\ntheir problem. This isn\u2019t about platitudes or fake hospitality (that really\ndrives me crazy); this is about genuine empathy and kindness.</p>\n<p>While being intentionally positive with how we communicate toward others, it\u2019s\nequally (if not more) important to take the same attitude when we\u2019re on the\nreceiving end. This is often described as \u201cassuming good intent\u201d or the\nprinciple of charity. If something that someone says could be interpreted\nmultiple ways, assume that they meant it in the best possible interpretation.\nEven if you know that they didn\u2019t, it can sometimes be effective to simply\nignore that fact and respond as if they did.</p>\n<h2>The cost of being intentionally positive</h2>\n<p>Like any other skill, this will not come naturally for everyone (I know it often\ndoesn\u2019t for me). It may require conscious effort, and it may feel awkward at\ntimes. And that may mean that it takes longer to reply to an email or complete\na code review because you have to spend extra time thinking about how you\nrespond. That\u2019s okay. As a manager, <strong>I\u2019m willing to sacrifice velocity in\norder to improve team health</strong> because I know that we will only get better at it\nand it will come more naturally with practice.</p>\n<p>The only way to build the kind of team that I would like to work on is to make\ndeliberate decisions to be that team each day.</p>\n<p>(I picked up the term \u201cintentionally positive\u201d from the <a href=\"https://indieweb.org/code-of-conduct\">IndieWeb Code of\nConduct</a> which begins, \u201cIndieWeb is an intentionally positive community\u201d, which\nI absolutely love and it\u2019s always stuck with me. I did some digging, and it\nwas added by <a href=\"https://tantek.com/\">Tantek \u00c7elik</a> in <a href=\"https://indieweb.org/wiki/index.php?title=code-of-conduct&type=revision&diff=1939&oldid=1938\">February 2013</a>.)</p>", "text": "Over the last decade or so, many companies (especially in tech) have adopted a\n\u201cNo Jerks\u201d policy. The idea is to have policies in place for dealing with\nworkplace bullies and jerks, and to have safeguards in the recruiting and hiring\npipeline to prevent them from being hired in the first place. Much of this wave\nof emphasizing workplace civility seems to have begun with Robert Sutton\u2019s 2007\nbook, The No Asshole Rule and the numerous articles that followed. When I\nwas at Google, this topic was emphasized in a 2013 internal memo from a senior\nexecutive that was (and still is) widely circulated around the company.\nThese kinds of articles and memos can serve as great introductions to\nunderstanding the impact bullies and jerks have on teams and the entire\norganization, and the more extreme examples of this behavior are often easy to\nspot. However, I found that some of the examples in Sutton\u2019s book, while true\nreports of actual situations, were so extreme that they bordered on caricature.\nIt became all too easy to dismiss them, feeling that my workplace doesn\u2019t have\nany of those people.\nBut what I have found in my experience is that most people are not overtly\njerks most of the time. People tend to be far more nuanced, and the\nbehaviors that can lead to discord on a team are far more subtle, and often\nunintentional.\nThe risk of teams and organizations only focusing on avoiding negative behavior\nis that they will, at best, trend toward neutral behavior. It\u2019s not enough to\nsimply not be a jerk. We must strive to be intentionally positive.\nBeing intentionally positive is not something that happens by accident. It\u2019s\nnot something you stumble into, and I suspect that it does not come naturally to\nmany people. By definition, being intentionally positive is a conscious and\ndeliberate choice to behave in a particular way.\nSo what does it mean to be intentionally positive in the workplace? It\u2019s really\nnothing profound or surprising. It\u2019s about being respectful to coworkers,\nempathetic and thoughtful in communication, quick to correct and apologize when\nyou make a mistake, and quick to forgive when others do. I\u2019ve always worked in\nengineering organizations, so I\u2019ll give two concrete examples from my experience\nthere, but the lessons apply to any kind of work.\nBuilding a better future\nAny sufficiently complex software project is going to\nhave bugs. The documentation is never as clear as you would like, and the tests\nare never as thorough. Decisions or policies that were made years ago might no\nlonger make sense, and there may be no one left that even remembers how or why\nthey were made in the first place. We nearly always work in imperfect\nsituations, but the attitude we have toward that can have a big impact on a\nteam.\nOff-handed remarks about how poorly a piece of work has been done, or how\nshort-sighted a decision was, sets the tone for how other\u2019s work is evaluated.\nWhen done in a critical rather than constructive manner, it only serves to tear\npeople down, even if they\u2019re no longer around to hear it. In fact, it\u2019s\nespecially important if they\u2019re no longer around, since this signals to the\ncurrent team how they should expect their own work to be discussed after they\u2019re\ngone.\nThere\u2019s a concept in improvisational acting and comedy called \u201cYes, and\u2026\u201d. It\u2019s\na technique of accepting whatever idea or direction your partner gives you (the\n\u201cyes\u201d), and then build on that (the \u201cand\u201d). Even if the idea seems preposterous\nor isn\u2019t where you were wanting to go. In business settings, this is often\ndiscussed in connection with brainstorming sessions, but I think it applies here\nas well because it\u2019s really about attitude. If we\u2019re dealing with legacy code\nor unclear policies, we accept whatever we have today, and then build on it. We\nmay still end up changing it, even drastically, but it means we will do so with\nan intentionally positive attitude.\nBob Ross was famous for saying that \u201cwe don\u2019t make mistakes, we have happy\naccidents\u201d. What is that, if not applying \u201cyes, and\u2026\u201d to his painting? Yes\nthis thing happened, and we\u2019re going to work with it and turn it into something\npositive.\nCommunicating with care\nI think one of the hardest skills in life, and one I\u2019m\nnot sure I\u2019ll ever truly master, is effective communication. Especially as more\npeople are working remotely, and conversations are split across a variety of\ncommunication channels, the opportunity for misunderstandings is ever\nincreasing. Whether it\u2019s a simple code or design review for a teammate, or\nanswering the same customer question for the 100th time by a new-hire that\ndoesn\u2019t know any better, there is a huge opportunity to be intentionally\npositive in our communication.\nIn technical reviews in particular, I have found that short, to-the-point\ncomments meant to be expedient can also be received as brusque, impatient, or\ndismissive. Projects like Conventional Comments suggest a structured way to\nprefix comments with additional context, but I\u2019ve also found that simply\nresponding in complete sentences often leads to clearer communication. Or\nasking questions rather than giving commands: \u201cHave you considered X here?\u201d\nrather than \u201cdo X here\u201d. (I\u2019ve also seen this backfire where such a Socratic\nmethod led to frustration with a reviewer that clearly seemed to have an opinion\nbut just wouldn\u2019t outright say it.)\nWhen dealing with customer questions, we can start by being careful to fully\nunderstand their specific situation, since it may actually not be the same as\nthose before them. And then we can be friendly, helpful, and understanding of\ntheir problem. This isn\u2019t about platitudes or fake hospitality (that really\ndrives me crazy); this is about genuine empathy and kindness.\nWhile being intentionally positive with how we communicate toward others, it\u2019s\nequally (if not more) important to take the same attitude when we\u2019re on the\nreceiving end. This is often described as \u201cassuming good intent\u201d or the\nprinciple of charity. If something that someone says could be interpreted\nmultiple ways, assume that they meant it in the best possible interpretation.\nEven if you know that they didn\u2019t, it can sometimes be effective to simply\nignore that fact and respond as if they did.\nThe cost of being intentionally positive\nLike any other skill, this will not come naturally for everyone (I know it often\ndoesn\u2019t for me). It may require conscious effort, and it may feel awkward at\ntimes. And that may mean that it takes longer to reply to an email or complete\na code review because you have to spend extra time thinking about how you\nrespond. That\u2019s okay. As a manager, I\u2019m willing to sacrifice velocity in\norder to improve team health because I know that we will only get better at it\nand it will come more naturally with practice.\nThe only way to build the kind of team that I would like to work on is to make\ndeliberate decisions to be that team each day.\n(I picked up the term \u201cintentionally positive\u201d from the IndieWeb Code of\nConduct which begins, \u201cIndieWeb is an intentionally positive community\u201d, which\nI absolutely love and it\u2019s always stuck with me. I did some digging, and it\nwas added by Tantek \u00c7elik in February 2013.)" }, "name": "Intentionally Positive", "post-type": "article", "_id": "21875468", "_source": "248", "_is_read": true }
{ "type": "entry", "published": "2021-07-05T21:13:20+00:00", "url": "https://werd.io/2021/answering-your-questions", "name": "Answering your questions", "content": { "text": "At the end of last week, I encouraged readers to ask me anything related to my work. I wasn\u2019t sure if anyone actually would, but I was curious about what kinds of questions people had.I got a surprising number of questions! So much so that I think I\u2019m going to make it a series. Let\u2019s open it up: you can ask me a question about anything, and I\u2019ll do my best to answer in a future post.Here are my answers to the questions I\u2019ve received so far. Questions have been edited for spelling, punctuation, and grammar only.\u00a0Burnout is common in our industry. What is your approach to avoid or recover from burnout?My take on burnout in tech is that it usually happens when we are disempowered to make decisions that relate to our workload. For example, if you\u2019re a developer, it might be because you\u2019re being asked to build something at speed with ill-defined specifications and an unrealistic deadline. (We\u2019ve all been there.) Or you might have a dysfunctional work culture. Or just be completely swamped.Those things go together: a company\u2019s dysfunctional culture might encourage you to work over the weekend, or pressure you to make commitments to deliver something that hasn\u2019t even been defined yet. It might feel utterly Sisyphean: you\u2019re working hard at the best of your ability but the nature of the workplace or changing goalposts makes success impossible. This is incredibly common in dysfunctional tech workplaces where non-engineers are empowered to make decisions about engineering without deeply understanding the problem - often while declaring, \u201cit should be easy!\u201dI\u2019ve also found myself burned out because of external factors. Being a part-time carer for my mother, for example, was something I felt privileged to be able to do. But maintaining the energy to do that and a demanding job wasn\u2019t always possible. (I always, for what it\u2019s worth, prioritized my mother\u2019s care.) For many people, just having to live in the society we do, with its biases and prejudices, can be a really legitimate source of burnout.I always start by talking to my manager, if I can, about my concerns. But particularly in a dysfunctional workplace, it might be hard to achieve any change. My coping strategies have been threefold:Immediate: Intentional breathing exercises really help. So does, well, exercise: either going for a run or a really long walk out in the world. I\u2019ve also found that constantly having a book on the go has been really helpful; the act of reading is, in itself, meditative. There\u2019s a reason I mostly don\u2019t read books that are directly related to work.Proximate: Take a damn vacation. Back when I lived in the UK, I would try to take three week vacations: typically I\u2019d only start to really relax and decompress during the third week. In the US, which is a more psychotically workaholic culture, this tends to be frowned upon. So I always say to my team: know when your next vacation is. Not taking vacations isn\u2019t a strength; it\u2019s a character flaw.Long-term: Get the fuck out. I feel comfortable giving this answer in tech, which is the context the question gave, but I don\u2019t take this privilege lightly. I know it\u2019s not something everyone can do. But I\u2019d rather have a sustainable position that doesn\u2019t burn me out but pays less well than one that leaves me ragged and has a higher salary. I\u2019ll do better work; chances are, I\u2019ll do more mission-driven work, too. Like any dysfunctional relationship, sometimes it can\u2019t be saved.Check out Tricia Hersey\u2019s Nap Ministry (and follow it on Instagram): it\u2019s such a great collection of condensed wisdom, deployed to free us from the treadmill many of us have been conditioned to put ourselves on.\u00a0What do you look for in deciding whether a startup is worthy of investment?I have to give two caveats here.The first is that I\u2019m not an active investor right now. I actually get quite a bit of dealflow, and I still have a small carry interest in Matter\u2019s second fund. But I\u2019m not making any new investments.The second is that no startup is worthy of investment: it\u2019s not a value judgment. There are plenty of startups, projects, and endeavors that are incredibly valuable, but don\u2019t happen to fit a venture-scale investment thesis - or just one investor\u2019s particular thesis. Because investment is an informed bet that a fund\u2019s money will grow while invested in a startup\u2019s equity - and not a grant, gift, or value judgment - everything comes down to how that investor thinks about becoming more informed.I invested at a very early stage. At this point in a startup\u2019s life, the thing that matters most is the team: who they are, what they\u2019re capable of, and most of all, how they think.I don\u2019t care where someone went to school or what degree they earned, if any. (I feel the same way about hiring, for what it\u2019s worth.) Their skills are important: I\u2019m probably not going to invest in a tech company that can\u2019t build software, for example, or doesn\u2019t have domain knowledge relating to the problem they\u2019re trying to solve. And their mindset is even more important than that. Can they identify their assumptions and de-risk them quickly, finding a well-defined core community to focus on first? Or are they quixotically ploughing ahead powered by blind belief, refusing to contemplate that they might fail, while declaring that \u201cthis is for everyone\u201d? The latter mindset is really common and absolutely deadly.I care deeply about societal effects and wouldn\u2019t invest if I thought something was potentially harmful. I was also careful to source a pool of startups with diverse founders. Everyone was evaluated according to the same criteria. Nonetheless, a more diverse pool naturally led to a more diverse portfolio. Not only is supporting diverse founders the right thing to do, a wider set of perspectives can more effectively solve a broader range of problems.And then there\u2019s the big question: do I believe in the problem the team is trying to solve? Can they make me believe in it? Do I believe that other investors will also believe?After that, there\u2019s math, and there are logistics. Is the potential market size of the startup big enough to support the sort of financial growth the fund needs? Is the capitalization table (the list of who owns how many shares) clean enough to invest in? (Red flags here include people who are no longer involved in the company owning a potentially controlling interest.) Is it a legal entity that can be invested in easily - not just by me, but by future investors - and does it own all the IP? Are there debts? And so on.This is a pretty narrow set of criteria. So it\u2019s not that a startup is worthy of investment as such: it has to run such a tight gauntlet of restrictions that it just might not fit into the template.Personally? I\u2019m hoping to bootstrap my next startup. It\u2019s genuinely nothing against VC: I\u2019m just not sure I want to commit to a venture-scale market size, and I\u2019m not sure I want to be beholden to investor commitments. Call me a control freak.\u00a0What\u2019s next? (Big picture\u2014technology trends)There are a lot of trends I could be interested in. Here are some I actually am:Ambient computing. Broad adoption of 5G is starting to mean broadband-quality internet in more and more places outside the home. These enable a new set of devices and experiences that go far beyond just the laptop / tablet / phone paradigms we\u2019ve been tied to for decades. Moreover, as we move from one context to another, we\u2019ll expect our services to seamlessly follow us. How do we build this future while maintaining personal privacy and freedom from advertising?Human-centered data. The aforementioned future requires that all our data can be pooled together and kept under our control. We\u2019re going to see an end to data that is locked up in silos belonging to individual services. A lot of investors call these customer data platforms because of the implications for commerce; I think the implications go far beyond.Decentralization. Blockchain isn\u2019t the trend: it\u2019s a technology, in the same way that the web is a trend and CSS is a technology. Decentralization doesn\u2019t need to depend on blockchains, although they\u2019ve captured the zeitgeist right now because of the earnings potential. My interest continues to be in the potential to empower co-operatives, collectives, and other alternatives to centralized wealth and power structures. I\u2019ve been a part of efforts to do this for as long as I\u2019ve had a tech career; what\u2019s super-coolThe creator economy. There was a time, not so long ago, when I thought this was all about influencers, which I\u2019m explicitly not interested in. But empowering individual creators - artists, writers, independent journalists - to make money on their own terms from their own sites and experiences? Sign me up.And some trends I\u2019m not:Self-driving cars. Say it quietly, but I think this might be a red herring? I can easily imagine self-driving mass carriers though: think anything that has a set route along well-maintained roadways, like a bus, a sort of longer, rail-less tram, or a cargo truck transporting goods between distribution centers.Machine learning. Again: call it a technique or a technology, but not necessarily a trend in itself. It\u2019s too often described in magical terms that downplay the inherent problems both in its use and prerequisite data collection.Audio rooms. See: Clubhouse, Twitter Spaces, whatever the Facebook thing is called. Someone took panels, which are the worst part of every conference, and turned them into a 24/7 product? Great.VR. Maybe I need to be more of a gamer, but I don\u2019t see this becoming more than niche.\u00a0What\u2019s scary and what should we be doing about it? (Are we?)Two growing trends genuinely scare me:Global warming. We\u2019re not doing nearly enough about this. Like many people, I\u2019m worried about the focus on individual responsibility vs widespread industrial change. To be clear, both are necessary - particularly as we live in a representative democracy - but the onus of change can\u2019t be placed on individuals over the industrial forces that are ultimately responsible for so much of the underlying pollution.We\u2019ve got to change the way society works, and we\u2019ve got to make and enforce far stronger rules. A lot of global climate policy amounts to rearranging the deck chairs on the Titanic. And I think ideas like carbon trading just perpetuate the problems we need to solve. We need massive, government-led change, and we need it decades ago.Rent-seeking. Just about everything is available on a subscription basis these days, with true ownership diminishing. The effect in housing is well-documented: generations of people are being more or less locked out of home ownership. But it\u2019s also true in everything from software to cars. The effect is to create a stratum of wealthy property owners, whose property continues to expand and grow in value, and a much bigger one of less wealthy people who are forced to pay rent on an increasing number of things. The property owners get to set the terms by which their property is rented; the renters must abide by them.We\u2019ve always had a disparity in rule-making, where the wealthy held more of the cards, but it grows the more the gulf between property owners and renters widens. A lot of this situation has been enabled by the tech industry, VC-enabled business models, and the desire to maximize recurring revenue at all costs. I don\u2019t see this trend slowing down, let alone reversing, but it only leads to widespread poverty and, with it, unrest.\u00a0What\u2019s exciting and promising and what should we doing about it? (Are we?)Decentralization! Renewable energy! Better mass transit! A move away from selfish individualism to a better collective future! Better societal infrastructure!I\u2019m also really excited about remote working. Being able to work in your own home empowers people who couldn\u2019t necessarily make it to an office before; it also spreads wealth across the country and potentially across the world. Everyone\u2019s comfortable with it after a year of doing it; in my opinion all of the reasons to go back into an office come down to personal preference rather than it being inherently better.Consequently, when we look back a decade or so from now, I think we\u2019ll find that tech companies which have embraced remote working after the pandemic will do far better than those that don\u2019t. They\u2019ll be more attractive, they\u2019ll attract a broader set of candidates, and they\u2019ll have solved communication problems that allow them to work more efficiently.Do I want to go back to an office? I do not. And there are a lot of people who feel the same.\u00a0You once wrote a blog post suggesting that a 4th 'bubble\u2019, sustainability, be added to the traditional design thinking bubbles of 'desirability, feasibility, viability\u2019. I found this while researching Design Thinking for Social Innovation for a presentation I was doing. I explored it with the audience, themselves all heavily vested and involved in Social Innovation, but the resulting debate led us to the conclusion that if the existing 3 bubbles are used appropriately, then the 4th is not needed, and that between 'Desirability' and 'Viability', Sustainability is covered. My question is, have you explored this further in your work, have you since changed your perspective, and have you encountered further widespread support (for or against) your thoughts on this?I agree that if the existing three principles are used appropriately, the fourth is not needed. That\u2019s a big \u201cif\u201d. I think, in most cases, that it\u2019s important to have a model to explicitly consider these issues. It\u2019s possible to have a desirable, viable product that you can feasibly build - if you only evaluate first-order effects - that also has negative societal effects. Some teams understand that sustainability is baked right into desirability, viability, and feasibility once you evaluate how the product sits in its context over time; for others, calling it out directly as part of the model may be helpful. And it may not be possible for a product team to properly evaluate in which group they sit: some may think they don\u2019t need it, while in reality they could still benefit.In teaching our Designing for Equity session in the Google News Initiative / Newmark School / News Catalyst Product Immersion for Small Newsrooms course, Roxann Stafford and I talk about reframing from building a Minimum Viable Product to Maximum Distributed Equity. While this isn\u2019t a direct continuation of the Sustainability idea, it lives on the same spectrum. It\u2019s not that maximum distributed equity is the only lens you should use; it does, however, force conversations and design thinking that would not occur if you didn\u2019t evaluate it intentionally. Some teams might think (and often say so, vocally) that they don\u2019t need to explicitly consider equity; generally, they\u2019re wrong. It\u2019s something we all need to work on, and naming it helps us remember to consider it carefully.\u00a0Can you share your thoughts on where you see crypto going in the future and projects / possibilities to keep an eye on?I see a few things as inevitable:Moving away from proof of work. Possibly legislatively. These algorithms, and their environmental effects, are absurd. Great proof of concept, well done, now let\u2019s move on. I think proof of stake is a great v2, and I\u2019m sure there will be something better in the future.Stronger smart contracts. Again, Ethereum was a pretty fantastic proof of concept here. But let\u2019s keep an eye on Algorand, Polkadot, and others that are pushing the envelope of what can be built.Privacy. I don\u2019t see a network that is completely public as being desirable. Privacy is a prerequisite for democratic freedom.Blockchain as part of a delicious, decentralized breakfast. Right now, as described above, blockchain is often considered to be the trend in itself. It\u2019s just one decentralized technology; it wasn\u2019t the first and won\u2019t be the last. It also has enduring limitations. We\u2019ll do more off-chain than we do on-chain, and making that more seamless will be part of building the decentralized future.\u00a0Should I code indieweb or fediverse protocols?Yes.Longer answer: it depends on what you\u2019re trying to build! The indieweb and the fediverse are two complementary ideas. Both are sets of protocols that allow people to communicate with each other from their independent websites and platforms. Neither is a monoculture. So I don\u2019t see it as a debate: start with the experience you want to build for the user, work backwards to figure out the best way to build it, and go from there.\u00a0\"Specialists know everything about nothing, generalists know nothing about everything\". Should person attempt/claim to be a full-stack developer+ops+dba+tester, or welcome specialists within a broad team/community/church? In my opinion we should foster mutual co-ed training to raise cultural awareness without claiming expertise in every field. What ever happened to brown bag lunch sessions as bite-sized learning?Speaking as an unashamed technical generalist:My answer to most questions about engineering approaches like this is that it comes down to the human context. There\u2019s the perfect situation, and then there\u2019s the one you\u2019re actually in.So the answer to this question depends on the organization you\u2019re a part of, and what you\u2019re trying to do. In a larger company, you\u2019re more able to have people who occupy specialities and can go deep on those. In a smaller one - let\u2019s say a three-person startup - you\u2019re forced to be a generalist, whether you like it or not. It\u2019s not so much about what you claim to be as what you have to do in order to get the job done.Given this reality, should there be cross-team collaboration and learning? Absolutely. We should do better at that as an industry. As an engineering leader, I should also be better at doing this within my own team; in all honesty, I haven\u2019t found a way to effectively replicate brown bag lunches / continuous group education in a remote context, and it\u2019s something we all need.\u00a0I am guilty of debugger-based development to muddle towards an eventual solution. Is there any hope for this repentant sinner?You\u2019d be surprised which engineers write code by using console.log all over the place. Just do what works for you. We all code differently, and coding sucks for everyone. Wear it proudly.That said: I can\u2019t overstate the utility of automated testing. It\u2019s not a fun habit to get into, but it\u2019s so much better than having to go back and add them later on. You don\u2019t need to engage in test driven development (where writing the tests comes first), but you really should write those tests. Every language you write in has a test framework; use it.\u00a0Patterns and interfaces = good, over-engineering (ability to change DB etc but seldom required) = bad. Newbies always overwork the latest read/fad instead of pragmatism. Do cyclomatics etc help dictate the tipping point?Pragmatism is learned, and the opposite comes from nervousness. The solution is not to apply more metrics to force the issue, in my opinion. It\u2019s about laying out good team / project principles.Engineers often overlook the \u201csoft stuff\u201d: team principles, coding culture, communication, and conveying why we do things. They\u2019re crucial. The non-deterministic aspects of engineering are at least as important as the algorithms and data structures. This is one of those questions: how much abstraction is too much abstraction? The answer will vary depending on the needs of the project you\u2019re working on.If there is a hard and fast rule, I think it\u2019s around readability and flexibility of architecture, and speed of execution. Abstractions shouldn\u2019t interfere with ease of comprehension: too abstract and you may have to learn to play four dimensional chess just to figure out how it all fits together. Not abstract enough, and you may find your architecture is largely defined by the structure of external services or libraries. There\u2019s a sweet spot in the middle.Finally, of course, spending your time on building abstracted interfaces that you don\u2019t have an obvious use case for is just yak shaving. Ship that code.\u00a0Should you be a polyglot language speaker [coder] or accept that your favorite language/framework/OS/protocol/Db is good enough to meet your requirements?Again, this is a fuzzier, less-deterministic question than it appears. It depends!You should use the best language for fulfilling your requirements. Probably, that\u2019s the language you already know rather than one you need to learn. At the same time, not everything is interchangeable: Ruby on Rails is not like-for-like with Node, for example. They work in different ways (one\u2019s a framework, for one thing), and therefore some tasks can be done better with Node than Rails. They have different ecosystems of libraries and supporting documentation, and so on. Whether it\u2019s worth switching to a technology you\u2019re not an expert in yet depends on how much better it\u2019s likely to be.Nobody can be an expert in every language and framework, so there\u2019s always going to be some level of shoehorning requirements into what you already know, and there\u2019s always going to be some level of learning something new.An unsatisfying answer if you\u2019re looking for something deterministic, perhaps, but it\u2019s an insight into why programming is both super-fun and terrible.\u00a0There are many open source software packages but the huge time it takes to assess whether they\u2019re good/bad/ugly is largely wasted. How do you find the right package before you build? Then how do you best keep it updated [or replace it] without finding yourself in dependency hell?First assess: do you need an external library to begin with? Every addition does create a dependency. The story behind left-pad is a great example of why care is needed.Then it\u2019s about social proof. Who wrote it? How many people are using it? When was the source code repository last updated? Is it active or abandoned? Is the maintainer a jerk? Are there reviews or tutorials on the web?Don\u2019t forget to assess if the license it\u2019s distributed under is compatible with your project. Are you legally allowed to incorporate it?This kind of due diligence takes a little time, but it\u2019s worth it. And a little friction means you don\u2019t end up adding libraries to your code without thinking about it, which is probably a good thing.As for dependency hell: there are plenty of useful tools that can keep your projects up to date. As a GitHub user, I like Dependabot, alongside its dependency graph tools. I\u2019m not even remotely interested in keeping my dependencies current manually. Who has the time? But this is another reason to maintain robust automated tests: because an automated update could break your code, it\u2019s important to have a test suite that Dependabot (etc) can test its updates against....Those questions were fun to answer. I\u2019d love to do this again in a future post; ask me anything at this link and I\u2019ll do my best to answer in the future.", "html": "<p>At the end of last week, <a href=\"https://werd.io/2021/ask-me-anything\">I encouraged readers to ask me anything related to my work</a>. I wasn\u2019t sure if anyone actually would, but I was curious about what kinds of questions people had.</p><p>I got a surprising number of questions! So much so that I think I\u2019m going to make it a series. Let\u2019s open it up: <a href=\"https://airtable.com/shrBGvo85v0Hoy0c4\">you can ask me a question about <em>anything</em>, and I\u2019ll do my best to answer in a future post</a>.</p><p>Here are my answers to the questions I\u2019ve received so far. Questions have been edited for spelling, punctuation, and grammar only.</p><p>\u00a0</p><p><strong>Burnout is common in our industry. What is your approach to avoid or recover from burnout?</strong></p><p>My take on burnout in tech is that it usually happens when we are disempowered to make decisions that relate to our workload. For example, if you\u2019re a developer, it might be because you\u2019re being asked to build something at speed with ill-defined specifications and an unrealistic deadline. (We\u2019ve all been there.) Or you might have a dysfunctional work culture. Or just be completely swamped.</p><p>Those things go together: a company\u2019s dysfunctional culture might encourage you to work over the weekend, or pressure you to make commitments to deliver something that hasn\u2019t even been defined yet. It might feel utterly Sisyphean: you\u2019re working hard at the best of your ability but the nature of the workplace or changing goalposts makes success impossible. This is incredibly common in dysfunctional tech workplaces where non-engineers are empowered to make decisions about engineering without deeply understanding the problem - often while declaring, \u201cit should be easy!\u201d</p><p>I\u2019ve also found myself burned out because of external factors. Being a part-time carer for my mother, for example, was something I felt privileged to be able to do. But maintaining the energy to do that and a demanding job wasn\u2019t always possible. (I always, for what it\u2019s worth, prioritized my mother\u2019s care.) For many people, just having to live in the society we do, with its biases and prejudices, can be a really legitimate source of burnout.</p><p>I always start by talking to my manager, if I can, about my concerns. But particularly in a dysfunctional workplace, it might be hard to achieve any change. My coping strategies have been threefold:</p><p><strong>Immediate:</strong> Intentional breathing exercises really help. So does, well, <em>exercise</em>: either going for a run or a really long walk out in the world. I\u2019ve also found that constantly having a book on the go has been really helpful; the act of reading is, in itself, meditative. There\u2019s a reason I mostly don\u2019t read books that are directly related to work.</p><p><strong>Proximate:</strong> Take a damn vacation. Back when I lived in the UK, I would try to take three week vacations: typically I\u2019d only start to really relax and decompress during the third week. In the US, which is a more psychotically workaholic culture, this tends to be frowned upon. So I always say to my team: know when your next vacation is. Not taking vacations isn\u2019t a strength; it\u2019s a character flaw.</p><p><strong>Long-term:</strong> Get the fuck out. I feel comfortable giving this answer in tech, which is the context the question gave, but I don\u2019t take this privilege lightly. I know it\u2019s not something everyone can do. But I\u2019d rather have a sustainable position that doesn\u2019t burn me out but pays less well than one that leaves me ragged and has a higher salary. I\u2019ll do better work; chances are, I\u2019ll do more mission-driven work, too. Like any dysfunctional relationship, sometimes it can\u2019t be saved.</p><p>Check out Tricia Hersey\u2019s <a href=\"https://thenapministry.wordpress.com/\">Nap Ministry</a> (and <a href=\"https://www.instagram.com/thenapministry/?hl=en\">follow it on Instagram</a>): it\u2019s such a great collection of condensed wisdom, deployed to free us from the treadmill many of us have been conditioned to put ourselves on.</p><p>\u00a0</p><p><strong>What do you look for in deciding whether a startup is worthy of investment?</strong></p><p>I have to give two caveats here.</p><p>The first is that I\u2019m not an active investor right now. I actually get quite a bit of dealflow, and I still have <a href=\"https://crowdmatrix.co/management-fees-and-carry-explained\">a small carry interest</a> in <a href=\"https://www.matter.vc/\">Matter\u2019s</a> second fund. But I\u2019m not making any new investments.</p><p>The second is that no startup is <em>worthy</em> of investment: it\u2019s not a value judgment. There are plenty of startups, projects, and endeavors that are incredibly valuable, but don\u2019t happen to fit a venture-scale investment thesis - or just one investor\u2019s <em>particular</em> thesis. Because investment is an informed bet that a fund\u2019s money will grow while invested in a startup\u2019s equity - and not a grant, gift, or value judgment - everything comes down to how that investor thinks about becoming more informed.</p><p>I invested at a very early stage. At this point in a startup\u2019s life, the thing that matters most is the team: who they are, what they\u2019re capable of, and most of all, <em>how they think</em>.</p><p>I don\u2019t care where someone went to school or what degree they earned, if any. (I feel the same way about hiring, for what it\u2019s worth.) Their skills <em>are</em> important: I\u2019m probably not going to invest in a tech company that can\u2019t build software, for example, or doesn\u2019t have domain knowledge relating to the problem they\u2019re trying to solve. And their mindset is even more important than that. Can they identify their assumptions and de-risk them quickly, finding a well-defined core community to focus on first? Or are they quixotically ploughing ahead powered by blind belief, refusing to contemplate that they might fail, while declaring that \u201cthis is for everyone\u201d? The latter mindset is really common and absolutely deadly.</p><p>I care deeply about societal effects and wouldn\u2019t invest if I thought something was potentially harmful. I was also careful to source a pool of startups with diverse founders. Everyone was evaluated according to the same criteria. Nonetheless, a more diverse pool naturally led to a more diverse portfolio. Not only is supporting diverse founders the right thing to do, a wider set of perspectives can more effectively solve a broader range of problems.</p><p>And then there\u2019s the big question: do I believe in the problem the team is trying to solve? Can they <em>make me</em> believe in it? Do I believe that other investors will <em>also</em> believe?</p><p>After that, there\u2019s math, and there are logistics. Is the potential market size of the startup big enough to support the sort of financial growth the fund needs? Is the capitalization table (the list of who owns how many shares) clean enough to invest in? (Red flags here include people who are no longer involved in the company owning a potentially controlling interest.) Is it a legal entity that <em>can</em> be invested in easily - not just by me, but by future investors - and does it own all the IP? Are there debts? And so on.</p><p>This is a pretty narrow set of criteria. So it\u2019s not that a startup is <em>worthy</em> of investment as such: it has to run such a tight gauntlet of restrictions that it just might not fit into the template.</p><p>Personally? I\u2019m hoping to bootstrap my next startup. It\u2019s genuinely nothing against VC: I\u2019m just not sure I want to commit to a venture-scale market size, and I\u2019m not sure I want to be beholden to investor commitments. Call me a control freak.</p><p>\u00a0</p><p><strong>What\u2019s next? (Big picture\u2014technology trends)</strong></p><p>There are a lot of trends I <em>could be</em> interested in. Here are some I actually am:</p><p><strong>Ambient computing.</strong> Broad adoption of 5G is starting to mean broadband-quality internet in more and more places outside the home. These enable a new set of devices and experiences that go far beyond just the laptop / tablet / phone paradigms we\u2019ve been tied to for decades. Moreover, as we move from one context to another, we\u2019ll expect our services to seamlessly follow us. How do we build this future while maintaining personal privacy and freedom from advertising?</p><p><strong>Human-centered data.</strong> The aforementioned future requires that all our data can be pooled together and kept under our control. We\u2019re going to see an end to data that is locked up in silos belonging to individual services. A lot of investors call these <em>customer data platforms</em> because of the implications for commerce; I think the implications go far beyond.</p><p><strong>Decentralization.</strong> Blockchain isn\u2019t the trend: it\u2019s a technology, in the same way that the web is a trend and CSS is a technology. Decentralization doesn\u2019t need to depend on blockchains, although they\u2019ve captured the zeitgeist right now because of the earnings potential. My interest continues to be in the potential to empower co-operatives, collectives, and other alternatives to centralized wealth and power structures. I\u2019ve been a part of efforts to do this for as long as I\u2019ve had a tech career; what\u2019s super-cool</p><p><strong>The creator economy.</strong> There was a time, not so long ago, when I thought this was all about influencers, which I\u2019m explicitly not interested in. But empowering individual creators - artists, writers, independent journalists - to make money on their own terms from their own sites and experiences? Sign me up.</p><p>And some trends I\u2019m not:</p><p><strong>Self-driving cars.</strong> Say it quietly, but I think this might be a red herring? I can easily imagine self-driving mass carriers though: think anything that has a set route along well-maintained roadways, like a bus, a sort of longer, rail-less tram, or a cargo truck transporting goods between distribution centers.</p><p><strong>Machine learning.</strong> Again: call it a technique or a technology, but not necessarily a trend in itself. It\u2019s too often described in magical terms that downplay the inherent problems both in its use and prerequisite data collection.</p><p><strong>Audio rooms.</strong> See: Clubhouse, Twitter Spaces, whatever the Facebook thing is called. Someone took panels, which are the worst part of every conference, and turned them into a 24/7 product? <em>Great.</em></p><p><strong>VR.</strong> Maybe I need to be more of a gamer, but I don\u2019t see this becoming more than niche.</p><p>\u00a0</p><p><strong>What\u2019s scary and what should we be doing about it? (Are we?)</strong></p><p>Two growing trends genuinely scare me:</p><p><strong>Global warming.</strong> We\u2019re not doing nearly enough about this. Like many people, I\u2019m worried about the focus on individual responsibility vs widespread industrial change. To be clear, both are necessary - particularly as we live in a representative democracy - but the onus of change can\u2019t be placed on individuals over the industrial forces that are ultimately responsible for so much of the underlying pollution.</p><p>We\u2019ve got to change the way society works, and we\u2019ve got to make and enforce far stronger rules. A lot of global climate policy amounts to rearranging the deck chairs on the Titanic. And I think ideas like carbon trading just perpetuate the problems we need to solve. We need massive, government-led change, and we need it decades ago.</p><p><strong>Rent-seeking.</strong> Just about everything is available on a subscription basis these days, with true ownership diminishing. The effect in housing is well-documented: generations of people are being more or less locked out of home ownership. But it\u2019s also true in everything from software to cars. The effect is to create a stratum of wealthy property owners, whose property continues to expand and grow in value, and a much bigger one of less wealthy people who are forced to pay rent on an increasing number of things. The property owners get to set the terms by which their property is rented; the renters must abide by them.</p><p>We\u2019ve always had a disparity in rule-making, where the wealthy held more of the cards, but it grows the more the gulf between property owners and renters widens. A lot of this situation has been enabled by the tech industry, VC-enabled business models, and the desire to maximize recurring revenue at all costs. I don\u2019t see this trend slowing down, let alone reversing, but it only leads to widespread poverty and, with it, unrest.</p><p>\u00a0</p><p><strong>What\u2019s exciting and promising and what should we doing about it? (Are we?)</strong></p><p>Decentralization! Renewable energy! Better mass transit! A move away from selfish individualism to a better collective future! Better societal infrastructure!</p><p>I\u2019m also really excited about remote working. Being able to work in your own home empowers people who couldn\u2019t necessarily make it to an office before; it also spreads wealth across the country and potentially across the world. Everyone\u2019s comfortable with it after a year of doing it; in my opinion all of the reasons to go back into an office come down to personal preference rather than it being inherently better.</p><p>Consequently, when we look back a decade or so from now, I think we\u2019ll find that tech companies which have embraced remote working after the pandemic will do far better than those that don\u2019t. They\u2019ll be more attractive, they\u2019ll attract a broader set of candidates, and they\u2019ll have solved communication problems that allow them to work more efficiently.</p><p>Do I want to go back to an office? I do not. And there are a lot of people who feel the same.</p><p>\u00a0</p><p><strong>You once <a href=\"https://werd.io/2018/desirability-viability-feasibility-sustainability\">wrote a blog post suggesting that a 4th 'bubble\u2019, sustainability, be added to the traditional design thinking bubbles of 'desirability, feasibility, viability\u2019</a>. I found this while researching Design Thinking for Social Innovation for a presentation I was doing. I explored it with the audience, themselves all heavily vested and involved in Social Innovation, but the resulting debate led us to the conclusion that if the existing 3 bubbles are used appropriately, then the 4th is not needed, and that between 'Desirability' and 'Viability', Sustainability is covered. My question is, have you explored this further in your work, have you since changed your perspective, and have you encountered further widespread support (for or against) your thoughts on this?</strong></p><p>I agree that <em>if</em> the existing three principles are used appropriately, the fourth is not needed. That\u2019s a big \u201cif\u201d. I think, in most cases, that it\u2019s important to have a model to explicitly consider these issues. It\u2019s possible to have a desirable, viable product that you can feasibly build - if you only evaluate first-order effects - that also has negative societal effects. Some teams understand that sustainability is baked right into desirability, viability, and feasibility once you evaluate how the product sits in its context over time; for others, calling it out directly as part of the model may be helpful. And it may not be possible for a product team to properly evaluate in which group they sit: some may think they don\u2019t need it, while in reality they could still benefit.</p><p>In teaching <a href=\"https://werd.io/2020/designing-for-equity\">our <em>Designing for Equity</em> session</a> in the Google News Initiative / Newmark School / News Catalyst Product Immersion for Small Newsrooms course, <a href=\"https://twitter.com/jroxann?lang=en\">Roxann Stafford</a> and I talk about reframing from building a Minimum Viable Product to Maximum Distributed Equity. While this isn\u2019t a direct continuation of the Sustainability idea, it lives on the same spectrum. It\u2019s not that maximum distributed equity is the <em>only</em> lens you should use; it does, however, force conversations and design thinking that would not occur if you didn\u2019t evaluate it intentionally. Some teams might think (and often say so, vocally) that they don\u2019t need to explicitly consider equity; generally, they\u2019re wrong. It\u2019s something we all need to work on, and naming it helps us remember to consider it carefully.</p><p>\u00a0</p><p><strong>Can you share your thoughts on where you see crypto going in the future and projects / possibilities to keep an eye on?</strong></p><p>I see a few things as inevitable:</p><p><strong>Moving away from proof of work.</strong> Possibly legislatively. These algorithms, and their environmental effects, are <em>absurd</em>. Great proof of concept, well done, now let\u2019s move on. I think proof of stake is a great v2, and I\u2019m sure there will be something better in the future.</p><p><strong>Stronger smart contracts.</strong> Again, Ethereum was a pretty fantastic proof of concept here. But let\u2019s keep an eye on Algorand, Polkadot, and others that are pushing the envelope of what can be built.</p><p><strong>Privacy.</strong> I don\u2019t see a network that is completely public as being desirable. <a href=\"https://privacyinternational.org/blog/1111/two-sides-same-coin-right-privacy-and-freedom-expression\">Privacy is a prerequisite for democratic freedom.</a></p><p><strong>Blockchain as part of a delicious, decentralized breakfast.</strong> Right now, as described above, blockchain is often considered to be the trend in itself. It\u2019s just one decentralized technology; it wasn\u2019t the first and won\u2019t be the last. It also has enduring limitations. We\u2019ll do more off-chain than we do on-chain, and making that more seamless will be part of building the decentralized future.</p><p>\u00a0</p><p><strong>Should I code indieweb or fediverse protocols?</strong></p><p>Yes.</p><p>Longer answer: it depends on what you\u2019re trying to build! The <a href=\"https://indieweb.org/\">indieweb</a> and the <a href=\"https://en.wikipedia.org/wiki/Fediverse\">fediverse</a> are two complementary ideas. Both are sets of protocols that allow people to communicate with each other from their independent websites and platforms. Neither is a monoculture. So I don\u2019t see it as a debate: start with the experience you want to build for the user, work backwards to figure out the best way to build it, and go from there.</p><p>\u00a0</p><p><strong>\"Specialists know everything about nothing, generalists know nothing about everything\". Should person attempt/claim to be a full-stack developer+ops+dba+tester, or welcome specialists within a broad team/community/church? In my opinion we should foster mutual co-ed training to raise cultural awareness without claiming expertise in every field. What ever happened to brown bag lunch sessions as bite-sized learning?</strong></p><p>Speaking as an unashamed technical generalist:</p><p>My answer to most questions about engineering approaches like this is that it comes down to the human context. There\u2019s the perfect situation, and then there\u2019s the one you\u2019re actually in.</p><p>So the answer to this question depends on the organization you\u2019re a part of, and what you\u2019re trying to do. In a larger company, you\u2019re more able to have people who occupy specialities and can go deep on those. In a smaller one - let\u2019s say a three-person startup - you\u2019re <em>forced</em> to be a generalist, whether you like it or not. It\u2019s not so much about what you claim to be as what you have to do in order to get the job done.</p><p>Given this reality, should there be cross-team collaboration and learning? Absolutely. We should do better at that as an industry. As an engineering leader, I should also be better at doing this within my own team; in all honesty, I haven\u2019t found a way to effectively replicate brown bag lunches / continuous group education in a remote context, and it\u2019s something we all need.</p><p>\u00a0</p><p><strong>I am guilty of debugger-based development to muddle towards an eventual solution. Is there any hope for this repentant sinner?</strong></p><p>You\u2019d be surprised which engineers write code by using <em>console.log</em> all over the place. Just do what works for you. We all code differently, and coding sucks for everyone. Wear it proudly.</p><p>That said: I can\u2019t overstate the utility of automated testing. It\u2019s not a fun habit to get into, but it\u2019s so much better than having to go back and add them later on. You don\u2019t need to engage in test driven development (where writing the tests comes first), but you really should write those tests. Every language you write in has a test framework; use it.</p><p>\u00a0</p><p><strong>Patterns and interfaces = good, over-engineering (ability to change DB etc but seldom required) = bad. Newbies always overwork the latest read/fad instead of pragmatism. Do cyclomatics etc help dictate the tipping point?</strong></p><p>Pragmatism is learned, and the opposite comes from nervousness. The solution is not to apply more metrics to force the issue, in my opinion. It\u2019s about laying out good team / project principles.</p><p>Engineers often overlook the \u201csoft stuff\u201d: team principles, coding culture, communication, and conveying <em>why</em> we do things. They\u2019re crucial. The non-deterministic aspects of engineering are at least as important as the algorithms and data structures. This is one of those questions: how much abstraction is too much abstraction? The answer will vary depending on the needs of the project you\u2019re working on.</p><p>If there <em>is</em> a hard and fast rule, I think it\u2019s around readability and flexibility of architecture, and speed of execution. Abstractions shouldn\u2019t interfere with ease of comprehension: too abstract and you may have to learn to play four dimensional chess just to figure out how it all fits together. Not abstract enough, and you may find your architecture is largely defined by the structure of external services or libraries. There\u2019s a sweet spot in the middle.</p><p>Finally, of course, spending your time on building abstracted interfaces that you don\u2019t have an obvious use case for is just <a href=\"https://www.hanselman.com/blog/yak-shaving-defined-ill-get-that-done-as-soon-as-i-shave-this-yak\">yak shaving</a>. Ship that code.</p><p>\u00a0</p><p><strong>Should you be a polyglot language speaker [coder] or accept that your favorite language/framework/OS/protocol/Db is good enough to meet your requirements?</strong></p><p>Again, this is a fuzzier, less-deterministic question than it appears. It depends!</p><p>You should use the best language for fulfilling your requirements. Probably, that\u2019s the language you already know rather than one you need to learn. At the same time, not everything is interchangeable: Ruby on Rails is not like-for-like with Node, for example. They work in different ways (one\u2019s a framework, for one thing), and therefore some tasks <em>can</em> be done better with Node than Rails. They have different ecosystems of libraries and supporting documentation, and so on. Whether it\u2019s worth switching to a technology you\u2019re not an expert in yet depends on how <em>much</em> better it\u2019s likely to be.</p><p>Nobody can be an expert in every language and framework, so there\u2019s always going to be some level of shoehorning requirements into what you already know, and there\u2019s always going to be some level of learning something new.</p><p>An unsatisfying answer if you\u2019re looking for something deterministic, perhaps, but it\u2019s an insight into why programming is both super-fun and terrible.</p><p>\u00a0</p><p><strong>There are many open source software packages but the huge time it takes to assess whether they\u2019re good/bad/ugly is largely wasted. How do you find the right package before you build? Then how do you best keep it updated [or replace it] without finding yourself in dependency hell?</strong></p><p>First assess: do you need an external library to begin with? Every addition does create a dependency. The story behind <a href=\"https://www.theregister.com/2016/03/23/npm_left_pad_chaos/\">left-pad</a> is a great example of why care is needed.</p><p>Then it\u2019s about social proof. Who wrote it? How many people are using it? When was the source code repository last updated? Is it active or abandoned? Is the maintainer a jerk? Are there reviews or tutorials on the web?</p><p>Don\u2019t forget to assess if the license it\u2019s distributed under is compatible with your project. Are you legally allowed to incorporate it?</p><p>This kind of due diligence takes a little time, but it\u2019s worth it. And a little friction means you don\u2019t end up adding libraries to your code without thinking about it, which is probably a good thing.</p><p>As for dependency hell: there are plenty of useful tools that can keep your projects up to date. As a GitHub user, I like <a href=\"https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates\">Dependabot</a>, alongside its dependency graph tools. I\u2019m not even remotely interested in keeping my dependencies current manually. Who has the time? But this is another reason to maintain robust automated tests: because an automated update could break your code, it\u2019s important to have a test suite that Dependabot (etc) can test its updates against.</p><p>...</p><p>Those questions were fun to answer. I\u2019d love to do this again in a future post; <a href=\"https://airtable.com/shrBGvo85v0Hoy0c4\">ask me anything at this link</a> and I\u2019ll do my best to answer in the future.</p>" }, "author": { "type": "card", "name": "Ben Werdm\u00fcller", "url": "https://werd.io/profile/benwerd", "photo": "https://werd.io/file/5d388c5fb16ea14aac640912/thumb.jpg" }, "post-type": "article", "_id": "21818316", "_source": "191", "_is_read": true }
This is a useful script from @aaronpk to export data from Foursquare and (optionally) import it into a blog via Micropub. It should work with Micro.blog. Just having all the data exported is great too.
{ "type": "entry", "author": { "name": "Manton Reece", "url": "https://www.manton.org/", "photo": "https://micro.blog/manton/avatar.jpg" }, "url": "https://www.manton.org/2021/07/03/this-is-a.html", "content": { "html": "<p><a href=\"https://aaronparecki.com/2021/07/03/5/export-foursquare-checkin-history\">This is a useful script</a> from <a href=\"https://micro.blog/aaronpk\">@aaronpk</a> to export data from Foursquare and (optionally) import it into a blog via Micropub. It should work with Micro.blog. Just having all the data exported is great too.</p>", "text": "This is a useful script from @aaronpk to export data from Foursquare and (optionally) import it into a blog via Micropub. It should work with Micro.blog. Just having all the data exported is great too." }, "published": "2021-07-03T14:26:39-05:00", "post-type": "note", "_id": "21775397", "_source": "12", "_is_read": true }
{ "type": "entry", "published": "2021-07-03T11:14:48-07:00", "summary": "Today I finished up a tool that you can use to export your complete history from Foursquare and publish the checkins to your website!", "url": "https://aaronparecki.com/2021/07/03/5/export-foursquare-checkin-history", "category": [ "foursquare", "swarm", "micropub", "ownyourswarm", "checkins", "ownyourdata", "indieweb" ], "name": "How to export your complete Foursquare checkin history", "author": { "type": "card", "name": "Aaron Parecki", "url": "https://aaronparecki.com/", "photo": "https://aperture-media.p3k.io/aaronparecki.com/41061f9de825966faa22e9c42830e1d4a614a321213b4575b9488aa93f89817a.jpg" }, "post-type": "article", "_id": "21773990", "_source": "16", "_is_read": true }
This is my new favourite indie web site (super performant and responsive too).
{ "type": "entry", "published": "2021-07-01T17:39:53Z", "url": "https://adactio.com/links/18260", "category": [ "indieweb", "homepage", "website", "responsive", "html", "css", "frontend", "development" ], "bookmark-of": [ "https://www.dianash.dev/" ], "content": { "text": "Diana Ashktorab\n\n\n\nThis is my new favourite indie web site (super performant and responsive too).", "html": "<h3>\n<a class=\"p-name u-bookmark-of\" href=\"https://www.dianash.dev/\">\nDiana Ashktorab\n</a>\n</h3>\n\n<p>This is my new favourite indie web site (super performant and <a href=\"https://twitter.com/diana_ashktorab/status/1410646905789599758\">responsive</a> too).</p>" }, "author": { "type": "card", "name": "Jeremy Keith", "url": "https://adactio.com/", "photo": "https://adactio.com/images/photo-150.jpg" }, "post-type": "bookmark", "_id": "21725702", "_source": "2", "_is_read": true }
{ "type": "entry", "published": "2021-06-28T10:41:22Z", "url": "https://adactio.com/journal/18248", "category": [ "coil", "monetisation", "micropayments", "crypto", "scams", "scamming", "ponzi", "grifters", "blockchain" ], "syndication": [ "https://adactio.medium.com/c39831a4db9e" ], "name": "ReCoil", "content": { "text": "On the Coil developers site there\u2019s a page proudly answering the question who is web monetized?\n\nYou\u2019ll some familiar sites in there: CSS Tricks, A List Apart, and even this humble website, adactio.com.\n\nBut lest you think that this social proof is in any way an endorsement, I should probably clarify what my experience with Coil has been like.\n\nCoil itself is grand. You get an identifier and you add it to your website in a meta element, much like you would do with indie web endpoints for webmentions or micropub.\n\nThe problem is with how you then actually get hold of any money that is owed to you from micropayments. Coil doesn\u2019t handle this directly. You have to set up a \u201cwallet\u201d with a third-party service and therein lies the problem.\n\nThey are all terrible.\n\nI\u2019m not talking about the hoops you have to jump through to set up an account. I get it. This is scary financial stuff so of course I\u2019ll need to scan my passport and hand over loads of information (more than is needed to open an actual bank account with, say, Monzo).\n\nNo, the problem is the stench of crypto. \n\nI tried Stronghold for a while. They really, really don\u2019t want you to use boring old-fashioned currencies like the euro or the pound. There\u2019s also Gatehub. Same. And there\u2019s Uphold. Also a shell game.\n\nI\u2019ve been using Coil and Uphold for a while now, and I\u2019ve amassed a grand total of \u00a36.06 \u2014 woo-hoo! So I log into my account and attempt to transfer that sweet, sweet monetisation and \u2026I can\u2019t.\n\n\n The amount needs to be greater than or equal to \u00a311.53 GBP\n\n\nBut I can still exchange that \u00a36.06 for magic beans like Bitcoin, XRP, and Ether.\n\nThe whole thing smells of grift and it feels icky to be in any way associated with it. I understand why Coil needs to partner with existing payment providers, but it would be nice if just one of them weren\u2019t propping up ponzi schemes. If anyone has found a way to get web monetisation to work without needing like you need to take a shower afterwards, I\u2019d love to hear about it.", "html": "<p>On <a href=\"https://developers.coil.com/\">the Coil developers site</a> there\u2019s a page proudly answering the question <a href=\"https://developers.coil.com/community/who-is-web-monetized\">who is web monetized?</a></p>\n\n<p>You\u2019ll some familiar sites in there: CSS Tricks, A List Apart, and even this humble website, adactio.com.</p>\n\n<p>But lest you think that this social proof is in any way an endorsement, I should probably clarify what my experience with <a href=\"https://coil.com/\">Coil</a> has been like.</p>\n\n<p>Coil itself is grand. You get an identifier and you add it to your website in a <code>meta</code> element, much like you would do with indie web endpoints for webmentions or micropub.</p>\n\n<p>The problem is with how you then actually get hold of any money that is owed to you from micropayments. Coil doesn\u2019t handle this directly. You have to set up a \u201cwallet\u201d with a third-party service and therein lies the problem.</p>\n\n<p>They are all terrible.</p>\n\n<p>I\u2019m not talking about the hoops you have to jump through to set up an account. I get it. This is scary financial stuff so of course I\u2019ll need to scan my passport and hand over loads of information (more than is needed to open an <em>actual</em> bank account with, say, Monzo).</p>\n\n<p>No, the problem is the stench of crypto. </p>\n\n<p>I tried <a href=\"https://stronghold.co/\">Stronghold</a> for a while. They really, really don\u2019t want you to use boring old-fashioned currencies like the euro or the pound. There\u2019s also <a href=\"https://gatehub.net/\">Gatehub</a>. Same. And there\u2019s <a href=\"https://uphold.com/\">Uphold</a>. Also a shell game.</p>\n\n<p>I\u2019ve been using Coil and Uphold for a while now, and I\u2019ve amassed a grand total of \u00a36.06 \u2014 woo-hoo! So I log into my account and attempt to transfer that sweet, sweet monetisation and \u2026I can\u2019t.</p>\n\n<blockquote>\n <p>The amount needs to be greater than or equal to \u00a311.53 GBP</p>\n</blockquote>\n\n<p>But I can still exchange that \u00a36.06 for magic beans like Bitcoin, XRP, and Ether.</p>\n\n<p>The whole thing smells of grift and it feels icky to be in any way associated with it. I understand why Coil needs to partner with existing payment providers, but it would be nice if just one of them weren\u2019t <a href=\"https://davidgerard.co.uk/blockchain/2021/06/27/bitcoin-myths-immutability-decentralisation-and-the-cult-of-21-million/\">propping up ponzi schemes</a>. If anyone has found a way to get web monetisation to work without needing like you need to take a shower afterwards, I\u2019d love to hear about it.</p>" }, "author": { "type": "card", "name": "Jeremy Keith", "url": "https://adactio.com/", "photo": "https://adactio.com/images/photo-150.jpg" }, "post-type": "article", "_id": "21634747", "_source": "2", "_is_read": true }
{ "type": "entry", "author": { "name": "fluffy", "url": "http://beesbuzz.biz/", "photo": null }, "url": "http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff", "published": "2021-06-27T10:32:40-07:00", "content": { "html": "<p>Yesterday I participated in the <a href=\"https://indieweb.org/2021/Pop-ups/Very_Sensitive_Data_on_Your_Personal_Website\">IndieWeb sensitive data pop-up</a>, or at least the first half of it (I had to disappear for my <a href=\"http://beesbuzz.biz/blog/7690-High-temperature-alert\">refrigerator delivery</a>). It was really great to have some further discussion about what people want out of this stuff and how we\u2019re all going to agree to get it.</p><h3><a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#12341_h3_1_Authentication-stuff\"></a>Authentication stuff</h3><p>One of the biggest pain points that keeps on coming up is there being no support for people to be able to get private posts without having to log in or be notified about them in side channels. Lots of people are doing things like making pages with unguessable URLs and then doing side-channel notification, but that\u2019s unwieldy; fewer folks are doing things with actual login mechanisms.</p>\n\n\n<p>In Publ I support both approaches, and also templates are allowed to get <em>limited</em> data about unauthorized posts so that they can provide some sort of generic notification about unauthorized content. For example, in my Atom template I have the following:</p><pre><a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L1\"></a>{% for entry in view.entries(unauthorized=1 if not user else 0) %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L2\"></a> <entry>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L3\"></a> {% if entry.authorized %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L4\"></a> <title>{{'\ud83d\udd0f ' if entry.private else ''}}{{entry.category.name ~ \": \" if entry.category.name != category.name}}{{entry.title(markup=False, smartquotes=False)}}</title>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L5\"></a> <!-- the rest of the authorized entry metadata goes here -->\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L6\"></a> <content type=\"html\"><![CDATA[\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L7\"></a> {% if entry.private %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L8\"></a> <aside><i><mark>Note:</mark> This is a private entry, so please use discretion in linking to it or mentioning it publicly. Thanks!</i></aside>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L9\"></a> {% endif %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L10\"></a> <!-- The rest of the entry content goes here -->\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L11\"></a> ]]></content>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L12\"></a> {% else %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L13\"></a> <title>\ud83d\udd0f Private entry [{{entry.title(always_show=True).split()|join(attribute=0)}}]</title>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L14\"></a> <link href=\"{{ entry.permalink(absolute=True) }}\" rel=\"alternate\" type=\"text/html\" />\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L15\"></a> <published>{{entry.date.isoformat()}}</published>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L16\"></a> <updated>{{entry.last_modified.isoformat()}}</updated>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L17\"></a> <id>urn:uuid:{{entry.uuid}}</id>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L18\"></a> <author><name>{{ entry.author if entry.author else \"fluffy\" }}</name></author>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L19\"></a> <content type=\"html\">This entry has a restricted audience.</content>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L20\"></a> {% endif %}\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L21\"></a> </entry>\n<a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb1L22\"></a>{% endfor %}\n</pre><p>What this does is:</p>\n<ul><li><p>If the user (or their feed reader) is authorized to view the entry, show it directly</p><p>Further, if the entry has a privacy restriction, indicate that clearly in both the title and the <code><aside></code> blurb.</p></li>\n<li><p>If they are not authorized, show a stub entry that indicates that there is a private entry available</p><p>In this context, Publ limits the kind of data that\u2019s available for an entry, and takes a secure-by-default approach; <code>entry.permalink</code> can only generate slugless, categoryless short-links (e.g. <code>https://example.com/12345</code>), and <a href=\"https://github.com/PlaidWeb/Publ/blob/ee40cfcd388ee31b3e5c977b5ca326ce0af1e013/publ/entry.py#L620\">very few other metadata items</a> are available at all (basically just the bare minimum that\u2019s necessary for Atom feeds, really). <code>entry.title</code> will normally not be generated, but the <code>always_show=True</code> parameter overrides that, and in this case the feed template uses that to generate an initialism of the post title, just for the convenience of readers (for example, a post with a title of <code>This thing that keeps on PISSING ME OFF</code> will appear as <code>[TttkoPMO]</code> in the unauthorized feed).</p></li>\n</ul><p>Also, for an extra layer of leak-avoidance, Publ has to be told how many unauthorized entries to even allow in the view to begin with; <code>view.entries(unauthorized=1)</code> means only the most recent unauthorized entry will even get a stub. This way, random people can\u2019t see how many private posts I\u2019ve been making recently without a lot of work. (The <code>if not user</code> check is so that if someone is logged in, no stubs get generated at all \u2014 if someone\u2019s signed in there\u2019s no sense in telling them there\u2019s entries they still can\u2019t see!)</p><p>Granted, there are ways that they could figure out which days have private entries, or they could infer it by looking at the Twitter autoposts, or they could subscribe to my feed and log all the private posts that occur going forward, but I find this an acceptable tradeoff.</p><p>But! My hope is that this tradeoff won\u2019t be necessary forever. I\u2019ve long been very interested in supporting a protocol like <a href=\"https://indieweb.org/AutoAuth\">AutoAuth</a> or <a href=\"https://indieweb.org/IndieAuth_Ticket_Auth\">TicketAuth</a>. Neither has gotten a lot of traction, unfortunately; AutoAuth has one experimental implementation that I know of, and adding support to it requires a <em>significant</em> amount of agreement between a <em>lot</em> of moving parts (for example, it needs to be supported by the IndieAuth endpoint, its associated token endpoint, the feed reader, and the publisher), whereas TicketAuth seems a lot more feasible (as it only requires support from a purpose-specific TicketAuth endpoint and the publisher, and then the reader needs to be able to consume the ticket in some way, and also the publisher\u2019s side of things is much, much simpler). TicketAuth also only tries to answer the question about how a ticket gets sent in the first place, and doesn\u2019t make any specific interaction requirements on how a publisher opts to grant a ticket to a reader.</p><p>I already have most of the functionality in Publ for supporting TicketAuth; for example, there is full support for bearer tokens (want one? get it from your <a href=\"http://beesbuzz.biz/profile\">user profile</a>!) and if you already have a means of associating a bearer token with your feed fetcher, you can get fully-authenticated feeds already; for example, <code>curl https://beesbuzz.biz/feed -H 'Authorization: Bearer [TOKEN GOES HERE]'</code> \u2014 and this will work on any page request). What\u2019s missing is the actual token grant flow.</p><p>My <em>intention</em> has been that when someone logs in to my site, the profile parser (which lives in Authl) will see if there\u2019s a ticketauth endpoint and provide that to Publ, and if Publ sees that, it\u2019ll enqueue a ticket granting transaction. I was debating whether Publ should do the profile parsing itself with the hope that non-IndieAuth things support this (after all, that should be possible), but the possibility of that ever happening seems pretty remote, so it\u2019d be better to just have it live in the identity providers. Anyway, if hell freezes over and Twitter does support arbitrary federated social media endpoints, it\u2019d probably be in their user-specific JSON blob and not on the user profile page anyway, right?</p><p>Mastodon support seems less-remote, but Mastodon already has a different means of getting private posts (via ActivityPub delivery filtering), and supporting that would involve natively supporting ActivityPub, which is a <em>lot</em> of work, but something I do want to do\u2026 someday\u2026 eventually\u2026</p><p>I\u2019ve also been wanting to hack a TicketAuth endpoint into <a href=\"https://github.com/fluffy-critter/Feed-on-Feeds\">Feed-on-Feeds</a>, but its security model makes that a really bad idea. Improving the security model is one of my many goals for <a href=\"https://github.com/PlaidWeb/Subl/\">Subl</a>, which I swear I\u2019ll get around to working on someday. I suppose that adding bearer token support to FoF is possible, but it\u2019d have the caveat that FoF doesn\u2019t have any means of doing per-user data on a feed or any way of doing a per-user subscription, and it seems really risky to allow this on a multi-user installation. I suppose I could hack it in for my own personal uses but it just seems like a <em>gigantic</em> privacy risk right now. So I\u2019d rather not.</p><p>Anyway. The lack of TicketAuth support has been a big chicken-egg situation; I\u2019ve been really wanting to implement the publisher side of TicketAuth, but with no receivers out there it just didn\u2019t feel like a worthwhile time investment. But! As a result of yesterday\u2019s popup, several folks (including <a href=\"https://david.shanske.com/2021/06/27/thinking-about-ticket-auth/\">David Shansky</a>) have voiced support towards implementing a TicketAuth endpoint, which at least provides an initial test case for this.</p><p>To reiterate what David said:</p>\n<blockquote>\n<p>But first things first. Let\u2019s build something.</p></blockquote>\n<p>I absolutely promise that I will build TicketAuth publishing into Publ, and when someone has built a TicketAuth endpoint I will work with them to make sure it actually works.</p><p>Heck, I should build a standalone TicketAuth endpoint just as a proof-of-concept. And for testing. And so on.</p><p>Yeah. Let\u2019s build something.</p><h3><a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#12341_h3_2_Other-content-limiting-stuff\"></a>Other content limiting stuff</h3><p>Another topic which came up is the desire to have an entry have different content visible to different viewers; for example, friends can see \u201cI went out to lunch with Barack Obama\u201d while others can only see \u201cI went out to lunch with a well-known politician.\u201d Back in the day when I was running Movable Type and had all sorts of unwieldy hacks for friends-only access, I was able to do this, as an additional layer of hacks.</p><p>Since my MT templates were still statically-generating files which happened to be PHP, I could put something like this into my entries:</p><pre><a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#e12341cb2L1\"></a>Today I had lunch with <?= $user_friend ? \"Barack Obama\" : \"a well-known politician\" ?>\n</pre><p>and it would work. Or at least it did until DreamHost beefed up their <code>mod_security</code> settings and detected this as a PHP injection attack (which, to be fair, <em>it was</em>).</p><p>Publ doesn\u2019t have any current support for inline conditional content, although I\u2019d be tempted to try adding it. I sort of want to hold off on markup-related extensions until I get around to <a href=\"https://github.com/PlaidWeb/Publ/issues/261\">switching to a more flexible Markdown processor</a>, although I suppose this sort of thing would be better served in the entry body parser anyway. Like maybe adding a custom XMLish tag that runs blocks through Jinja before handing it off to the actual renderer. That would be tricky to do right though, and I\u2019m not sure how much benefit there\u2019d be.</p><p>That said, Publ <em>does</em> have an incredibly unwieldy mechanism that could be used for this sort of thing, in the form of entry attachments. Right now I only use attachments for comic transcripts, but one of the intended use cases would be to provide \u201ccut\u201d sections, and since attachments get the same per-entry security model (since attachments are just entries) it\u2019d be possible to have my content block be something like:</p><pre>{{entry.body}}\n\n{% for attach in entry.attachments(order='title') %}\n{{attach.body}}\n{% endfor %}\n</pre><p>and then have different versions of attachments for different permission types. I don\u2019t really know of a good way to do the fallback, though, and managing this from the UX standpoint would be ridiculous. (There\u2019s also a few other things I want to rework with attachments anyway, like it should be possible for something to attach itself to something else, rather than requiring an entry to declare its attachments.)</p>\n\n<p><a href=\"http://beesbuzz.biz/blog/12341-Private-friends-only-IndieWeb-stuff#comments\">comments</a></p>", "text": "Yesterday I participated in the IndieWeb sensitive data pop-up, or at least the first half of it (I had to disappear for my refrigerator delivery). It was really great to have some further discussion about what people want out of this stuff and how we\u2019re all going to agree to get it.Authentication stuffOne of the biggest pain points that keeps on coming up is there being no support for people to be able to get private posts without having to log in or be notified about them in side channels. Lots of people are doing things like making pages with unguessable URLs and then doing side-channel notification, but that\u2019s unwieldy; fewer folks are doing things with actual login mechanisms.\n\n\nIn Publ I support both approaches, and also templates are allowed to get limited data about unauthorized posts so that they can provide some sort of generic notification about unauthorized content. For example, in my Atom template I have the following:{% for entry in view.entries(unauthorized=1 if not user else 0) %}\n <entry>\n {% if entry.authorized %}\n <title>{{'\ud83d\udd0f ' if entry.private else ''}}{{entry.category.name ~ \": \" if entry.category.name != category.name}}{{entry.title(markup=False, smartquotes=False)}}</title>\n <!-- the rest of the authorized entry metadata goes here -->\n <content type=\"html\"><![CDATA[\n {% if entry.private %}\n <aside><i><mark>Note:</mark> This is a private entry, so please use discretion in linking to it or mentioning it publicly. Thanks!</i></aside>\n {% endif %}\n <!-- The rest of the entry content goes here -->\n ]]></content>\n {% else %}\n <title>\ud83d\udd0f Private entry [{{entry.title(always_show=True).split()|join(attribute=0)}}]</title>\n <link href=\"{{ entry.permalink(absolute=True) }}\" rel=\"alternate\" type=\"text/html\" />\n <published>{{entry.date.isoformat()}}</published>\n <updated>{{entry.last_modified.isoformat()}}</updated>\n <id>urn:uuid:{{entry.uuid}}</id>\n <author><name>{{ entry.author if entry.author else \"fluffy\" }}</name></author>\n <content type=\"html\">This entry has a restricted audience.</content>\n {% endif %}\n </entry>\n{% endfor %}\nWhat this does is:\nIf the user (or their feed reader) is authorized to view the entry, show it directlyFurther, if the entry has a privacy restriction, indicate that clearly in both the title and the <aside> blurb.\nIf they are not authorized, show a stub entry that indicates that there is a private entry availableIn this context, Publ limits the kind of data that\u2019s available for an entry, and takes a secure-by-default approach; entry.permalink can only generate slugless, categoryless short-links (e.g. https://example.com/12345), and very few other metadata items are available at all (basically just the bare minimum that\u2019s necessary for Atom feeds, really). entry.title will normally not be generated, but the always_show=True parameter overrides that, and in this case the feed template uses that to generate an initialism of the post title, just for the convenience of readers (for example, a post with a title of This thing that keeps on PISSING ME OFF will appear as [TttkoPMO] in the unauthorized feed).\nAlso, for an extra layer of leak-avoidance, Publ has to be told how many unauthorized entries to even allow in the view to begin with; view.entries(unauthorized=1) means only the most recent unauthorized entry will even get a stub. This way, random people can\u2019t see how many private posts I\u2019ve been making recently without a lot of work. (The if not user check is so that if someone is logged in, no stubs get generated at all \u2014 if someone\u2019s signed in there\u2019s no sense in telling them there\u2019s entries they still can\u2019t see!)Granted, there are ways that they could figure out which days have private entries, or they could infer it by looking at the Twitter autoposts, or they could subscribe to my feed and log all the private posts that occur going forward, but I find this an acceptable tradeoff.But! My hope is that this tradeoff won\u2019t be necessary forever. I\u2019ve long been very interested in supporting a protocol like AutoAuth or TicketAuth. Neither has gotten a lot of traction, unfortunately; AutoAuth has one experimental implementation that I know of, and adding support to it requires a significant amount of agreement between a lot of moving parts (for example, it needs to be supported by the IndieAuth endpoint, its associated token endpoint, the feed reader, and the publisher), whereas TicketAuth seems a lot more feasible (as it only requires support from a purpose-specific TicketAuth endpoint and the publisher, and then the reader needs to be able to consume the ticket in some way, and also the publisher\u2019s side of things is much, much simpler). TicketAuth also only tries to answer the question about how a ticket gets sent in the first place, and doesn\u2019t make any specific interaction requirements on how a publisher opts to grant a ticket to a reader.I already have most of the functionality in Publ for supporting TicketAuth; for example, there is full support for bearer tokens (want one? get it from your user profile!) and if you already have a means of associating a bearer token with your feed fetcher, you can get fully-authenticated feeds already; for example, curl https://beesbuzz.biz/feed -H 'Authorization: Bearer [TOKEN GOES HERE]' \u2014 and this will work on any page request). What\u2019s missing is the actual token grant flow.My intention has been that when someone logs in to my site, the profile parser (which lives in Authl) will see if there\u2019s a ticketauth endpoint and provide that to Publ, and if Publ sees that, it\u2019ll enqueue a ticket granting transaction. I was debating whether Publ should do the profile parsing itself with the hope that non-IndieAuth things support this (after all, that should be possible), but the possibility of that ever happening seems pretty remote, so it\u2019d be better to just have it live in the identity providers. Anyway, if hell freezes over and Twitter does support arbitrary federated social media endpoints, it\u2019d probably be in their user-specific JSON blob and not on the user profile page anyway, right?Mastodon support seems less-remote, but Mastodon already has a different means of getting private posts (via ActivityPub delivery filtering), and supporting that would involve natively supporting ActivityPub, which is a lot of work, but something I do want to do\u2026 someday\u2026 eventually\u2026I\u2019ve also been wanting to hack a TicketAuth endpoint into Feed-on-Feeds, but its security model makes that a really bad idea. Improving the security model is one of my many goals for Subl, which I swear I\u2019ll get around to working on someday. I suppose that adding bearer token support to FoF is possible, but it\u2019d have the caveat that FoF doesn\u2019t have any means of doing per-user data on a feed or any way of doing a per-user subscription, and it seems really risky to allow this on a multi-user installation. I suppose I could hack it in for my own personal uses but it just seems like a gigantic privacy risk right now. So I\u2019d rather not.Anyway. The lack of TicketAuth support has been a big chicken-egg situation; I\u2019ve been really wanting to implement the publisher side of TicketAuth, but with no receivers out there it just didn\u2019t feel like a worthwhile time investment. But! As a result of yesterday\u2019s popup, several folks (including David Shansky) have voiced support towards implementing a TicketAuth endpoint, which at least provides an initial test case for this.To reiterate what David said:\n\nBut first things first. Let\u2019s build something.\nI absolutely promise that I will build TicketAuth publishing into Publ, and when someone has built a TicketAuth endpoint I will work with them to make sure it actually works.Heck, I should build a standalone TicketAuth endpoint just as a proof-of-concept. And for testing. And so on.Yeah. Let\u2019s build something.Other content limiting stuffAnother topic which came up is the desire to have an entry have different content visible to different viewers; for example, friends can see \u201cI went out to lunch with Barack Obama\u201d while others can only see \u201cI went out to lunch with a well-known politician.\u201d Back in the day when I was running Movable Type and had all sorts of unwieldy hacks for friends-only access, I was able to do this, as an additional layer of hacks.Since my MT templates were still statically-generating files which happened to be PHP, I could put something like this into my entries:Today I had lunch with <?= $user_friend ? \"Barack Obama\" : \"a well-known politician\" ?>\nand it would work. Or at least it did until DreamHost beefed up their mod_security settings and detected this as a PHP injection attack (which, to be fair, it was).Publ doesn\u2019t have any current support for inline conditional content, although I\u2019d be tempted to try adding it. I sort of want to hold off on markup-related extensions until I get around to switching to a more flexible Markdown processor, although I suppose this sort of thing would be better served in the entry body parser anyway. Like maybe adding a custom XMLish tag that runs blocks through Jinja before handing it off to the actual renderer. That would be tricky to do right though, and I\u2019m not sure how much benefit there\u2019d be.That said, Publ does have an incredibly unwieldy mechanism that could be used for this sort of thing, in the form of entry attachments. Right now I only use attachments for comic transcripts, but one of the intended use cases would be to provide \u201ccut\u201d sections, and since attachments get the same per-entry security model (since attachments are just entries) it\u2019d be possible to have my content block be something like:{{entry.body}}\n\n{% for attach in entry.attachments(order='title') %}\n{{attach.body}}\n{% endfor %}\nand then have different versions of attachments for different permission types. I don\u2019t really know of a good way to do the fallback, though, and managing this from the UX standpoint would be ridiculous. (There\u2019s also a few other things I want to rework with attachments anyway, like it should be possible for something to attach itself to something else, rather than requiring an entry to declare its attachments.)\n\ncomments" }, "name": "fluffy rambles: Private, friends-only, IndieWeb stuff", "post-type": "article", "_id": "21620448", "_source": "3782", "_is_read": true }
After today's IndieWebCamp popup session, I built a way to create unlisted posts on my site that require a secret key in the URL in order to view.
Since all my URLs are more or less sequential, I needed a way to be able to add something to the URL that is unguessable. It was a relatively easy thing to add!
Try viewing this post without the secret string at the end to see the feature in action: https://aaronparecki.com/2021/06/26/9/MXJEJKW
{ "type": "entry", "published": "2021-06-26T13:45:18-07:00", "url": "https://aaronparecki.com/2021/06/26/10/secret-posts", "category": [ "indieweb", "secret" ], "content": { "text": "After today's IndieWebCamp popup session, I built a way to create unlisted posts on my site that require a secret key in the URL in order to view.\n\nSince all my URLs are more or less sequential, I needed a way to be able to add something to the URL that is unguessable. It was a relatively easy thing to add!\n\nTry viewing this post without the secret string at the end to see the feature in action: https://aaronparecki.com/2021/06/26/9/MXJEJKW", "html": "<p>After <a href=\"https://events.indieweb.org/2021/06/indiewebcamp-popup-sensitive-data-on-your-personal-website-DNjCEi05jHfH\">today's IndieWebCamp popup session</a>, I built a way to create unlisted posts on my site that require a secret key in the URL in order to view.</p>\n\n<p>Since all my URLs are more or less sequential, I needed a way to be able to add something to the URL that is unguessable. It was a relatively easy thing to add!</p>\n\n<p>Try viewing this post without the secret string at the end to see the feature in action: <a href=\"https://aaronparecki.com/2021/06/26/9/MXJEJKW\">https://aaronparecki.com/2021/06/26/9/MXJEJKW</a></p>" }, "author": { "type": "card", "name": "Aaron Parecki", "url": "https://aaronparecki.com/", "photo": "https://aperture-media.p3k.io/aaronparecki.com/41061f9de825966faa22e9c42830e1d4a614a321213b4575b9488aa93f89817a.jpg" }, "post-type": "note", "_id": "21602693", "_source": "16", "_is_read": true }
New #indieweb libraries: taproot/micropub-adapter and taproot/indieauth!
Finally put the finishing touches on these two closely-related libraries, which make it very easy to add Micropub and IndieAuth support to any PHP app which uses PSR-7.
Feedback appreciated, either as replies, GH issues, or at indieweb.org/discuss
{ "type": "entry", "published": "2021-06-24T15:01:20+03:00", "summary": "New #indieweb libraries: taproot/micropub-adapter and taproot/indieauth!\nFinally put the finishing touches on these two closely-related libraries, which make it very easy to add Micropub and IndieAuth support to any PHP app which uses PSR-7.\nFeedback appreciated, either as replies, GH issues, or at indieweb.org/discuss", "url": "https://waterpigs.co.uk/notes/5DNF1L/", "content": { "text": "New #indieweb libraries: taproot/micropub-adapter and taproot/indieauth!\n\nFinally put the finishing touches on these two closely-related libraries, which make it very easy to add Micropub and IndieAuth support to any PHP app which uses PSR-7.\n\nFeedback appreciated, either as replies, GH issues, or at indieweb.org/discuss", "html": "<p>New <a href=\"https://waterpigs.co.uk/tags/indieweb\">#indieweb</a> libraries: <a href=\"https://github.com/Taproot/micropub-adapter\">taproot/micropub-adapter</a> and <a href=\"https://github.com/Taproot/indieauth\">taproot/indieauth</a>!</p>\n\n<p>Finally put the finishing touches on these two closely-related libraries, which make it very easy to add <a href=\"https://indieweb.org/Micropub\">Micropub</a> and <a href=\"https://indieweb.org/IndieAuth\">IndieAuth</a> support to any PHP app which uses PSR-7.</p>\n\n<p>Feedback appreciated, either as replies, GH issues, or at <a href=\"http://indieweb.org/discuss\">indieweb.org/discuss</a></p>" }, "author": { "type": "card", "name": "Barnaby Walters", "url": "https://waterpigs.co.uk", "photo": "https://waterpigs.co.uk/photo-2021-04-22.jpg" }, "post-type": "note", "_id": "21546400", "_source": "188", "_is_read": true }
{ "type": "entry", "published": "2021-06-23T15:27:24-0400", "url": "https://martymcgui.re/2021/06/23/152724/", "photo": [ "https://res.cloudinary.com/schmarty/image/fetch/w_960,c_fill/https://media.martymcgui.re/9d/d3/01/3b/1e0afc1cedfa18a2226aa834c3bb8dab2ef5be604d60cc5560e503af.jpg" ], "content": { "text": "It\u2019s like an IndieWeb thing probably!", "html": "<a href=\"https://media.martymcgui.re/9d/d3/01/3b/1e0afc1cedfa18a2226aa834c3bb8dab2ef5be604d60cc5560e503af.jpg\"></a>\n\n <p>It\u2019s like an IndieWeb thing probably!</p>" }, "author": { "type": "card", "name": "Marty McGuire", "url": "https://martymcgui.re/", "photo": "https://martymcgui.re/images/logo.jpg" }, "post-type": "photo", "_id": "21523459", "_source": "175", "_is_read": true }
{ "type": "entry", "author": { "name": "Manton Reece", "url": "https://www.manton.org/", "photo": "https://micro.blog/manton/avatar.jpg" }, "url": "https://www.manton.org/2021/06/17/building-on-the.html", "name": "Building on the Micro.blog books API", "content": { "html": "<p>Since <a href=\"https://www.manton.org/2021/05/11/bookshelves-beta-for.html\">launching the bookshelves feature</a> in Micro.blog on the web, I\u2019ve been wondering whether we should build a native interface for this in the Micro.blog app. My answer: no. Books are so unique that it feels like they need a dedicated app, just like there is a native app for Goodreads on iOS and Android. Native apps could make it easy to quickly mark a book as \u201cfinished reading\u201d, or provide fun features like barcode scanning from the phone camera.</p>\n\n<p>You can make a pretty strong case that we already have <em>too many</em> official iOS apps: Micro.blog, Sunlit, and Wavelength. Books seems like a great third-party opportunity instead.</p>\n\n<p>I\u2019ve documented the <a href=\"https://help.micro.blog/t/json-api-books/545/2\">bookshelves API in the Help Center</a>. It can do most of what Micro.blog on the web does, with the notable exception of book search. If you are building a books app, you\u2019ll need to \u201cbring your own\u201d book search from Open Library, ISBNdb, Google Books, Amazon, or wherever.</p>\n\n<p>A theoretical app built on Micro.blog could let the user sign in with their Micro.blog account <a href=\"https://help.micro.blog/t/indieauth/99\">using IndieAuth</a>. Then the app could get the user\u2019s bookshelves, add new books, or post to their blog with a link to the book.</p>\n\n<p>Like most of Micro.blog, the API is based on JSON Feed. Lists of bookshelves and books are just JSON Feed with a little bit of extra data like <code>isbn</code> in a namespace field. When Micro.blog has the book cover, it\u2019s included in <code>image</code>.</p>\n\n<p>There have been some <a href=\"https://tomcritchlow.com/2020/04/15/library-json/\">interesting experiments with custom JSON formats</a> or even <a href=\"https://www.zylstra.org/blog/2021/05/federated-bookshelf-proof-of-concept/\">based on OPML</a>, but as I was reviewing these it seemed like an unusual departure for Micro.blog to not use JSON Feed. We can consider adding additional formats later.</p>\n\n<p>I\u2019m happy to support whoever wants to tackle this. <a href=\"https://jonhays.me/\">Jon Hays</a> suggested a hackathon for people to get together and tinker with the API, or build an app together. What do y\u2019all think?</p>\n\n<p>In addition to the Micro.blog API, another area where we could experiment is an app that connects bookshelf data from independent web sites. For Micro.blog-hosted blogs, the bookshelves are <a href=\"https://help.micro.blog/t/bookshelves/515\">available via Hugo templates</a>, so it\u2019s possible to generate HTML pages that include Microformats. <a href=\"https://indieweb.org/read\">See the IndieWeb wiki</a> for some prior art about this.</p>", "text": "Since launching the bookshelves feature in Micro.blog on the web, I\u2019ve been wondering whether we should build a native interface for this in the Micro.blog app. My answer: no. Books are so unique that it feels like they need a dedicated app, just like there is a native app for Goodreads on iOS and Android. Native apps could make it easy to quickly mark a book as \u201cfinished reading\u201d, or provide fun features like barcode scanning from the phone camera.\n\nYou can make a pretty strong case that we already have too many official iOS apps: Micro.blog, Sunlit, and Wavelength. Books seems like a great third-party opportunity instead.\n\nI\u2019ve documented the bookshelves API in the Help Center. It can do most of what Micro.blog on the web does, with the notable exception of book search. If you are building a books app, you\u2019ll need to \u201cbring your own\u201d book search from Open Library, ISBNdb, Google Books, Amazon, or wherever.\n\nA theoretical app built on Micro.blog could let the user sign in with their Micro.blog account using IndieAuth. Then the app could get the user\u2019s bookshelves, add new books, or post to their blog with a link to the book.\n\nLike most of Micro.blog, the API is based on JSON Feed. Lists of bookshelves and books are just JSON Feed with a little bit of extra data like isbn in a namespace field. When Micro.blog has the book cover, it\u2019s included in image.\n\nThere have been some interesting experiments with custom JSON formats or even based on OPML, but as I was reviewing these it seemed like an unusual departure for Micro.blog to not use JSON Feed. We can consider adding additional formats later.\n\nI\u2019m happy to support whoever wants to tackle this. Jon Hays suggested a hackathon for people to get together and tinker with the API, or build an app together. What do y\u2019all think?\n\nIn addition to the Micro.blog API, another area where we could experiment is an app that connects bookshelf data from independent web sites. For Micro.blog-hosted blogs, the bookshelves are available via Hugo templates, so it\u2019s possible to generate HTML pages that include Microformats. See the IndieWeb wiki for some prior art about this." }, "published": "2021-06-17T08:29:27-05:00", "category": [ "Essays" ], "post-type": "article", "_id": "21369249", "_source": "12", "_is_read": true }
{ "type": "entry", "published": "2021-06-15T16:24:35+00:00", "url": "https://werd.io/2021/i-hooked-up-my-bookmarks-from-notion", "content": { "text": "I hooked up my bookmarks from Notion to automatically post to my site via micropub. The micropub standard makes this really easy. And Known lets you subscribe to just the content of your choice - so if you want just my posts, or just my links, you can get that." }, "author": { "type": "card", "name": "Ben Werdm\u00fcller", "url": "https://werd.io/profile/benwerd", "photo": "https://werd.io/file/5d388c5fb16ea14aac640912/thumb.jpg" }, "post-type": "note", "_id": "21316965", "_source": "191", "_is_read": true }
PHPUnit’s HTML code coverage reports don’t play nicely with GitHub pages “main branch /docs folder” by default, as they store CSS, JS and icon assets in folders prefixed with underscores.
Here’s a little bash script to run tests with code coverage enabled, then move the assets around:
rm -rf docs/coverage/
XDEBUG_MODE=coverage ./vendor/bin/phpunit tests --coverage-filter src --coverage-html docs/coverage
mv docs/coverage/_css docs/coverage/phpunit_css
mv docs/coverage/_icons docs/coverage/phpunit_icons
mv docs/coverage/_js docs/coverage/phpunit_js
grep -rl _css docs/coverage | xargs sed -i "" -e 's/_css/phpunit_css/g'
grep -rl _icons docs/coverage | xargs sed -i "" -e 's/_icons/phpunit_icons/g'
grep -rl _js docs/coverage | xargs sed -i "" -e 's/_js/phpunit_js/g'
That allows you to use GitHub pages to show code coverage reports as well as docs, as I’m doing for taproot/indieauth.
{ "type": "entry", "published": "2021-06-13T16:59:09+03:00", "summary": "PHPUnit\u2019s HTML code coverage reports don\u2019t play nicely with GitHub pages \u201cmain branch /docs folder\u201d by default, as they store CSS, JS and icon assets in folders prefixed with underscores.\nHere\u2019s a little bash script to run tests with code coverage enabled, then move the assets around: rm -rf docs/coverage/ XDEBUG_MODE=coverage ./vendor/bin/phpunit tests --coverage-filter src --coverage-html docs/coverage mv docs/coverage/_css docs/coverage/phpunit_css mv docs/coverage/_icons docs/coverage/phpunit_icons mv docs/coverage/_js docs/coverage/phpunit_js grep -rl _css docs/coverage | xargs sed -i \"\" -e 's/_css/phpunit_css/g' grep -rl _icons docs/coverage | xargs sed -i \"\" -e 's/_icons/phpunit_icons/g' grep -rl _js docs/coverage | xargs sed -i \"\" -e 's/_js/phpunit_js/g'\nThat allows you to use GitHub pages to show code coverage reports as well as docs, as I\u2019m doing for taproot/indieauth.", "url": "https://waterpigs.co.uk/notes/5DBGz9/", "content": { "text": "PHPUnit\u2019s HTML code coverage reports don\u2019t play nicely with GitHub pages \u201cmain branch /docs folder\u201d by default, as they store CSS, JS and icon assets in folders prefixed with underscores.\n\nHere\u2019s a little bash script to run tests with code coverage enabled, then move the assets around:\n\nrm -rf docs/coverage/\nXDEBUG_MODE=coverage ./vendor/bin/phpunit tests --coverage-filter src --coverage-html docs/coverage\nmv docs/coverage/_css docs/coverage/phpunit_css\nmv docs/coverage/_icons docs/coverage/phpunit_icons\nmv docs/coverage/_js docs/coverage/phpunit_js\ngrep -rl _css docs/coverage | xargs sed -i \"\" -e 's/_css/phpunit_css/g'\ngrep -rl _icons docs/coverage | xargs sed -i \"\" -e 's/_icons/phpunit_icons/g'\ngrep -rl _js docs/coverage | xargs sed -i \"\" -e 's/_js/phpunit_js/g'\n\n\nThat allows you to use GitHub pages to show code coverage reports as well as docs, as I\u2019m doing for taproot/indieauth.", "html": "<p>PHPUnit\u2019s HTML code coverage reports don\u2019t play nicely with GitHub pages \u201cmain branch /docs folder\u201d by default, as they store CSS, JS and icon assets in folders prefixed with underscores.</p>\n\n<p>Here\u2019s a little bash script to run tests with code coverage enabled, then move the assets around:</p>\n\n<pre><code>rm -rf docs/coverage/\nXDEBUG_MODE=coverage ./vendor/bin/phpunit tests --coverage-filter src --coverage-html docs/coverage\nmv docs/coverage/_css docs/coverage/phpunit_css\nmv docs/coverage/_icons docs/coverage/phpunit_icons\nmv docs/coverage/_js docs/coverage/phpunit_js\ngrep -rl _css docs/coverage | xargs sed -i \"\" -e 's/_css/phpunit_css/g'\ngrep -rl _icons docs/coverage | xargs sed -i \"\" -e 's/_icons/phpunit_icons/g'\ngrep -rl _js docs/coverage | xargs sed -i \"\" -e 's/_js/phpunit_js/g'\n</code></pre>\n\n<p>That allows you to use GitHub pages to show code coverage reports as well as docs, as I\u2019m doing <a href=\"https://taproot.github.io/indieauth/coverage/\">for taproot/indieauth</a>.</p>" }, "author": { "type": "card", "name": "Barnaby Walters", "url": "https://waterpigs.co.uk", "photo": "https://waterpigs.co.uk/photo-2021-04-22.jpg" }, "post-type": "note", "_id": "21261568", "_source": "188", "_is_read": true }
Reminder that it's #HomebrewWebsiteClub Nottingham tomorrow! I hope to see you there at 1730 for some website stuff! https://events.indieweb.org/2021/06/homebrew-website-club-nottingham-pqX9qzmGWbHp
{ "type": "entry", "published": "2021-06-08T10:06:07.061Z", "url": "https://www.jvt.me/mf2/2021/06/fyejk/", "category": [ "homebrew-website-club" ], "content": { "text": "Reminder that it's #HomebrewWebsiteClub Nottingham tomorrow! I hope to see you there at 1730 for some website stuff! https://events.indieweb.org/2021/06/homebrew-website-club-nottingham-pqX9qzmGWbHp", "html": "<p>Reminder that it's <a href=\"https://www.jvt.me/tags/homebrew-website-club/\">#HomebrewWebsiteClub</a> Nottingham tomorrow! I hope to see you there at 1730 for some website stuff! <a href=\"https://events.indieweb.org/2021/06/homebrew-website-club-nottingham-pqX9qzmGWbHp\">https://events.indieweb.org/2021/06/homebrew-website-club-nottingham-pqX9qzmGWbHp</a></p>" }, "author": { "type": "card", "name": "Jamie Tanna", "url": "https://www.jvt.me", "photo": "https://www.jvt.me/img/profile.png" }, "post-type": "note", "_id": "21122591", "_source": "2169", "_is_read": true }
Not unrelatedly, Jack Jamieson’s dissertation on the IndieWeb is called Independent Together: Building and Maintaining Values in a Distributed Web Infrastructure.
Also on:{ "type": "entry", "author": { "name": "Neil Mather", "url": "https://doubleloop.net/", "photo": null }, "url": "https://doubleloop.net/2021/06/06/i-think-indieweb-is-an-example/", "published": "2021-06-06T12:38:09+00:00", "content": { "html": "I think IndieWeb is an example of Nested-I and Ubuntu Rationality as per Free, Fair and Alive.\n<p>Not unrelatedly, Jack Jamieson\u2019s dissertation on the IndieWeb is called Independent Together: Building and Maintaining Values in a Distributed Web Infrastructure.</p>\nAlso on:<p><a href=\"https://social.coop/@neil/106363819973748731\"> social.coop</a></p>", "text": "I think IndieWeb is an example of Nested-I and Ubuntu Rationality as per Free, Fair and Alive.\nNot unrelatedly, Jack Jamieson\u2019s dissertation on the IndieWeb is called Independent Together: Building and Maintaining Values in a Distributed Web Infrastructure.\nAlso on: social.coop" }, "post-type": "note", "_id": "21068944", "_source": "1895", "_is_read": true }
Yea that looks like a cool site! I hope it catches on, but we also have IndieNews and Indieweb.xyz and those have never really had huge usage.Yea I think showing the replies inline makes it more interesting than just an aggregator to me. I hope it might stimulate some blogchains (https://doubleloop.net/2020/04/05/blogchains-and-hyperconversations/)
I kicked one off, if you’re interested! – https://www.indieforums.net/threads/c1c36e81a755848c.html
{ "type": "entry", "author": { "name": "Neil Mather", "url": "https://doubleloop.net/", "photo": null }, "url": "https://doubleloop.net/2021/05/31/yea-i-think-showing-the-replies/", "published": "2021-05-31T10:31:21+00:00", "content": { "html": "Replied to <a href=\"https://adhoc.systems/replies/indieforum\">https://adhoc.systems/replies/indieforum</a><em> (adhoc.systems)</em>\n<blockquote>Yea that looks like a cool site! I hope it catches on, but we also have IndieNews and Indieweb.xyz and those have never really had huge usage.</blockquote>\n\nYea I think showing the replies inline makes it more interesting than just an aggregator to me. I hope it might stimulate some blogchains (<a href=\"https://doubleloop.net/2020/04/05/blogchains-and-hyperconversations/\">https://doubleloop.net/2020/04/05/blogchains-and-hyperconversations/</a>)\n<p>I kicked one off, if you\u2019re interested! \u2013 <a href=\"https://www.indieforums.net/threads/c1c36e81a755848c.html\">https://www.indieforums.net/threads/c1c36e81a755848c.html</a></p>", "text": "Replied to https://adhoc.systems/replies/indieforum (adhoc.systems)\nYea that looks like a cool site! I hope it catches on, but we also have IndieNews and Indieweb.xyz and those have never really had huge usage.\n\nYea I think showing the replies inline makes it more interesting than just an aggregator to me. I hope it might stimulate some blogchains (https://doubleloop.net/2020/04/05/blogchains-and-hyperconversations/)\nI kicked one off, if you\u2019re interested! \u2013 https://www.indieforums.net/threads/c1c36e81a755848c.html" }, "post-type": "note", "_id": "20903813", "_source": "1895", "_is_read": true }
https://github.com/hometown-fork/hometown/wiki/Exclusive-lists
Also on:{ "type": "entry", "author": { "name": "Neil Mather", "url": "https://doubleloop.net/", "photo": null }, "url": "https://doubleloop.net/2021/05/31/hometown-says-on-its-wiki-also/", "published": "2021-05-31T10:11:40+00:00", "content": { "html": "Hometown says on its wiki: \"Also, if Hometown is going to be a universal reader, you\u2019re going to need better control over organizing your feeds.\" That\u2019s really interesting \u2013 same as the social reader idea in IndieWeb presumably. (I\u2019ve imagined before a social reader in the Mastodon/TweetDeck style.)\n<p><a href=\"https://github.com/hometown-fork/hometown/wiki/Exclusive-lists\">https://github.com/hometown-fork/hometown/wiki/Exclusive-lists</a></p>\nAlso on:<p><a href=\"https://social.coop/@neil/106329270063684683\"> social.coop</a></p>", "text": "Hometown says on its wiki: \"Also, if Hometown is going to be a universal reader, you\u2019re going to need better control over organizing your feeds.\" That\u2019s really interesting \u2013 same as the social reader idea in IndieWeb presumably. (I\u2019ve imagined before a social reader in the Mastodon/TweetDeck style.)\nhttps://github.com/hometown-fork/hometown/wiki/Exclusive-lists\nAlso on: social.coop" }, "post-type": "note", "_id": "20903814", "_source": "1895", "_is_read": true }
{ "type": "entry", "author": { "name": "Neil Mather", "url": "https://doubleloop.net/", "photo": null }, "url": "https://doubleloop.net/2021/05/29/when-did-you-join-the-indieweb/", "published": "2021-05-29T18:18:55+00:00", "content": { "html": "(Hopefully this appears at <a href=\"https://www.indieforums.net/\">https://www.indieforums.net</a>)\n<p>I think I first <strong>heard</strong> of the <a href=\"https://indieweb.org/\">IndieWeb</a> movement in 2016 sometime. It\u2019s a bit hazy now, but I\u2019ve a memory that I stumbled on it through a trail of links starting on <a href=\"https://anagora.org/node/wikity\">Wikity</a>.</p>\n<p>I\u2019ve tinkered with web sites in some form or another for a long time, and I have happy memories of various weird Geocities experiments, sadly lost to the sands of time it seems.</p>\n<p>As far as independently hosting goes, I appear to have had a self-hosted blog since 2006 at my old domain <a href=\"http://noodlemaps.net/\">noodlemaps.net</a> \u2013 thanks Wayback Machine for that! My first self-hosted post is seemingly on the topic of <a href=\"https://web.archive.org/web/20060822085346/http://blog.noodlemaps.net/index.php?/archives/1-Art-in-Linux.html\">data sonification and playing non-audio files through /dev/dsp on Linux</a>. Excellent.</p>\n<p>I\u2019ve had a self-hosted blog up at <a href=\"http://doubleloop.net/\">doubleloop.net</a> since around <a href=\"https://web.archive.org/web/20160823223823/http://doubleloop.net/blog/archives\">2013</a> (thanks again Internet Archive). I went through a through static site generators. I actually really like how my old Hexo-based site looked. Better than my current site\u2026</p>\n<p>My first documented attendance of HWC London looks to be <a href=\"https://indieweb.org/events/2016-12-14-homebrew-website-club\">December 2016</a>, hosted by <a href=\"https://calumryan.com/\">Calum</a> and <a href=\"https://barryfrost.com/\">Barry</a> who were really welcoming. Around then, I fiddled about with various platforms before switching over to WordPress.</p>\n<p>I\u2019ve really enjoyed being part of the IndieWeb community. My active involvement (at events, on IRC, etc) has peaked and waned over the years, but I\u2019ve still always felt part of the bigger whole. That\u2019s another post, though.</p>\n<p>How did you find out about the IndieWeb community?</p>\nAlso on:<p><a href=\"https://www.indieforums.net/\"> indieforums.net</a></p>", "text": "(Hopefully this appears at https://www.indieforums.net)\nI think I first heard of the IndieWeb movement in 2016 sometime. It\u2019s a bit hazy now, but I\u2019ve a memory that I stumbled on it through a trail of links starting on Wikity.\nI\u2019ve tinkered with web sites in some form or another for a long time, and I have happy memories of various weird Geocities experiments, sadly lost to the sands of time it seems.\nAs far as independently hosting goes, I appear to have had a self-hosted blog since 2006 at my old domain noodlemaps.net \u2013 thanks Wayback Machine for that! My first self-hosted post is seemingly on the topic of data sonification and playing non-audio files through /dev/dsp on Linux. Excellent.\nI\u2019ve had a self-hosted blog up at doubleloop.net since around 2013 (thanks again Internet Archive). I went through a through static site generators. I actually really like how my old Hexo-based site looked. Better than my current site\u2026\nMy first documented attendance of HWC London looks to be December 2016, hosted by Calum and Barry who were really welcoming. Around then, I fiddled about with various platforms before switching over to WordPress.\nI\u2019ve really enjoyed being part of the IndieWeb community. My active involvement (at events, on IRC, etc) has peaked and waned over the years, but I\u2019ve still always felt part of the bigger whole. That\u2019s another post, though.\nHow did you find out about the IndieWeb community?\nAlso on: indieforums.net" }, "name": "When did you join the IndieWeb?", "post-type": "article", "_id": "20870866", "_source": "1895", "_is_read": true }
{ "type": "entry", "published": "2021-05-29T07:54:10.689Z", "url": "https://barryfrost.com/2021/05/using-tailwind-css-with-microformats-2", "category": [ "tailwind", "css", "microformats" ], "name": "Using Tailwind CSS with Microformats 2", "content": { "text": "Finding a workaround for MF2 parsers to work with HTML marked up with Tailwind height classes." }, "author": { "type": "card", "name": "Barry Frost", "url": "https://barryfrost.com/", "photo": "https://barryfrost.com/barryfrost.jpg" }, "post-type": "article", "_id": "20862107", "_source": "189", "_is_read": true }