Posted Sunday, August 2 at 2:37 AM (a week ago)
Some pretty big new features added. First, in Authl:
- Major documentation improvements
- Bug fixes with Fediverse instance caching
- All providers now normalize to the same profile format
- Some basic spam prevention for the email provider
- 100% unit test coverage on the Fediverse provider (which is now using mastodon.py instead of a hand-rolled OAuth client)
And in Publ:
- Fenced code now uses
<figcaption> instead of ad-hoc
<div>s for its layout, and the overall HTML semantic has been greatly improved
- Individual code blocks are now configurable with respect to highlighting and line numbering
- The user object now provides a user profile and separates the identity URL from the familiar name
Posted Wednesday, July 22 at 10:02 PM (2 weeks ago)
Publ v0.6.7 is out now. Various changes:
- Now using Poetry for the build system
- Cleaned up some
Redirect-Url logic to cut down on the number of page load hops
- Renamed the main branch to
- Bail out on files which repeatedly fail indexer fixups
- Default entry title and slug are now blank, rather than trying to guess from the filename
- Officially deprecated Python 3.5 support, which hasn’t worked for quite some time anyway
- Defer Authl loading, and other Authl-related changes to support the latest version
- Add support for line-numbering and captions in code blocks
I’m already regretting some of the decisions I made with the fenced code amendments; in the future it will almost certainly switch to using
<figcaption>, and change some of the other structural bits. Feel free to share your opinions.
There’s also a known issue where the quick-login link (for e.g. Twitter) doesn’t work on pages which are login-required; this is actually an issue with the Authl login template, and has already been fixed in Authl pending the next release.
And speaking of Authl, the online docs are way better now. Hopefully it’s finally in a state where other people will be able to use it!
Posted Sunday, May 31 at 3:32 AM (3 months ago)
I’ve just released new versions of Publ and Authl.
Publ v0.6.6 changes:
- Fixed a regression that made it impossible to log out
- Fixed a problem where
WWW-Authenticate headers weren’t being cached properly
- Improve the changed-file cache-busting methodology
- Add object pooling to Entry, Category, and View (for a potentially big memory and performance improvement)
Authl v0.4.0 changes:
- Finally started to add unit tests
- Removed some legacy WebFinger code that was no longer relevant or ever touched
- Added a mechanism to allow providers to go directly to login, as appropriate
- Added friendly visual icons for providers which support them (a so-called “NASCAR interface”)
Posted Thursday, May 28 at 3:45 PM (3 months ago)
Publ v0.6.5 is now out. Has the following changes:
- Upgrading Publ will now invalidate the cache
- Fixes the missing database session around the authentication log viewer
- Fixes the way that the indexer works when an entry changes ID
- Fixes a bug where draft entries' temporary IDs were overriding the permanent/assigned IDs of visible entries
- Added some useful commandline tools
The next things I want to work on:
- Micropub endpoint (done as a separate component that you can optionally add)
- Adding more unit tests
- Maybe an actual (very basic) CMS UI? I dunno
Posted Wednesday, May 20 at 7:00 PM (3 months ago)
There are several important bugfixes in this as well as one major new feature. Changes since v0.6.3:
- Rewrote the indexer scheduling logic both for better peformance and to (hopefully) stop clobbering entry text on content deployments
- Added entry attachments, which allows associating entries directly with one another
- Fixed a silly caching bug introduced in v0.6.3 which basically broke the cache
Posted Thursday, May 14 at 11:21 PM (3 months ago)
Just a few bugfixes:
- Fixed a problem that prevented logging out from working
view.deleted work correctly on count-based paginations
- Allowed date-based paginations to work from an empty starting point
Posted Friday, May 1 at 7:30 PM (3 months ago)
Just a few changes:
- External images now get correctly-extracted into
og:image card data
- Local images get
- Scheduled posts now flush the cache when they become visible
- Once again fix extracted entry summaries to not be double-escaped
Posted Tuesday, April 28 at 10:32 PM (4 months ago)
webmention.js now supports changing the sort criterion and order of responses, and defaults to publication (rather than receipt) time.
This was mostly to improve the presentation of responses received via brid.gy, particularly from Twitter.
Posted Sunday, March 15 at 4:32 PM (5 months ago)
This is a new version of Publ. The main change is how deletions (using
<del>HTML</del> <s>tags</s>) get converted to plaintext — namely they get removed, to make it make more visible sense.
Doing this also led to refactoring the internal
strip_html function to provide a bit more flexibility, so now it’s now available as a Jinja2 template filter.
I also removed a couple of troublesome micro-optimizations that were causing more trouble than they were worth.
Posted Saturday, March 7 at 3:07 PM (5 months ago)
The 0.6 milestone has finally been completed, so Publ 0.6.0 is now released!
Changes since v0.5.16:
- Fix some startup bugs around file fingerprint checking
category.tags use the most-recently-seen capitalization of any given tag
- Make view tag tests case-insensitive (so tag browsers have a chance of working correctly)
- Add some basic unit tests and coverage analysis
- Fix some bugs which were shaken out by the unit testing (go figure!)
And, since this is a new milestone, what’s improved since v0.5.0? Quite a lot! 237 commits, in fact. Here’s some of the features that stand out to me in the change log:
- Major improvements to entry authentication, both for performance and admin usability
- Tables of contents!
- Improved support for tag browsing, including filter constraints!
- Support for image renditions in arbitrary HTML attributes
- IndieAuth c2s support (groundwork for apps like MicroPub), and a first pass at s2s (for AutoAuth)
- Lots and lots of bug fixes
At this point I feel like Publ is very usable and flexible, and I would love to see more people give it a try. At some point I need to do a documentation push — both improving the quality of the user documentation (it’s gotten to be quite a mess!) and also making this site more of a demo of what Publ can do.
This is something I’d love to get some help with.
Posted Sunday, February 23 at 10:35 PM (6 months ago)
Today I released Publ v0.5.16, since it has a few features I wanted to deploy on my own sites:
- Path aliases can now be set to be an alternate “mount point” or to override the canonical entry path (for example)
- View tags can now be filtered to show entries with any, all, or none of the requested tags
- As a consequence of the above, category tag lists can also be used as a progressive refinement (see, for example, on this blog)
Posted Wednesday, February 12 at 12:47 AM (6 months ago)
Not much to say about this, just a handful of performance tweaks and bug fixes:
- Improved caching behavior around URL parameters
- Allow configuring the maximum image render threads
- Fixed an exception when trying to extract an OpenGraph card from an empty entry
- Improve entry ID conflict reconciliation
- Force absolute image URLs in OpenGraph tags
Posted Tuesday, February 4 at 5:40 PM (6 months ago)
Today I released v0.5.14 of Publ, which has a bunch of improvements:
- Fixed a bug in card retrieval when there’s no summary
- Admin panel works again
- Markdown entry headings now get individual permalinks (the presentation of which can be templated)
- Markdown entry headings can be extracted into an outline to be used for a table of contents
- Lots of performance improvements around ToC and footnote extraction, and template API functions in general
Posted Tuesday, January 7 at 12:25 AM (7 months ago)
Progress being made, although not much of it has been in service of my intended v0.6 milestone. At some point I’m going to have to bite the bullet and actually start writing some automated tests.
- Applied the
no_smartquotes API change to
- Consolidated and cleaned up OpenGraph card parsing to make it consistent across Markdown and HTML entries, and fixing a few Markdown-specific bugs
- Refactored the image rendition pipeline to make it more extensible/testable/clean (and also fixed a caching issue with palette quantization)
- Added the ability to select scaling algorithm on a per-image basis
- Cleaned up entry deletion and reindexing
- Improved the testing of
- Removed a short-term performance hack on the authentication dashboard
Also, as of now, I run a live version of the Publ integration tests, although it’s currently only manually-updated.
Update: And as if to hammer home the point regarding automated testing, I had to release 0.5.13.1 because, wellp, released with a site-breaking bug in the new card parser… Sigh.
Posted Tuesday, December 31 at 12:02 AM (8 months ago)
Today I got a fire lit under me and decided to do a bunch of bug fixing and general performance improvements.
Changes since v0.5.11:
- Fixed a micro-optimization which was causing some pretty bad cache problems (I really should write a blog entry about this but tl;dr micro-optimizations are usually bugs in disguise)
- Fixed an issue which was causing the page render cache to not actually activate most of the time (you know there’s going to be a ramble about this below…)
- Fixed a bunch of spurious log meessages about nested transactions
- Refactored the way that
markup=False works, making it available from all Markdown/HTML contexts
no_smartquotes is retained for template compatibility) (although I missed this on
entry.title; I’ve already committed a fix for the next version)
- Improve the way that the page render cache interacts with templates
- Fixed an issue where changing a template might cause issues to occur until the cache expires
Posted Saturday, December 14 at 2:24 PM (8 months ago)
Some fresh new versions of things.
Changes to Publ:
- Massive improvements to how footnotes are handled; now they get their own virtual section (so if you’re currently using footnotes you’ll need to update your templates!)1
- Various performance improvements:
- Some internal caching on image rendition stuff
- Reduce contention in the content indexer (to hopefully make large sites more responsive on restart)
- Minor optimizations to
config.secret_key; now this should be configured on the application object per Flask standards
- Allow HTML attributes other than
src to contain image renditions
- Improve WebFinger support
Posted Wednesday, November 27 at 9:13 PM (9 months ago)
Publ v0.5.10 is now available. The following has changed since v0.5.9:
- Image sets will generate fullsize renditions (and their links) for images which were skipped, so they will still appear in the lightbox
- Footnotes now get rolled up into the
entry.more (with some caveats), and also get stable permalinks for their references1
- You can now annotate an HTML attribute with
I’ve also made a bunch of changes to the sample templates.
Posted Thursday, November 7 at 12:03 PM (9 months ago)
Publ v0.5.9 is now out. Just a couple of bugfixes in this one:
- Login pages now properly redirect to https again (after that was broken due to some of the recent auth-related changes)
view.range works correctly again, as does everything else that relied on
len() on parameter-optional properties (e.g.
Posted Wednesday, October 30 at 7:11 PM (10 months ago)
So, both Publ and Authl had a pretty naïve issue with the identity verification step of the IndieAuth flow; it simply accepted whatever the authorization endpoint said the user’s identity was. This made it very simple to spoof one’s identity and log in as anyone on any Publ or Authl site.
Authl 0.3.1 fixes the problem with the IndieAuth login flow, and Publ 0.5.8 fixes the problem with the Bearer token flow.
Posted Tuesday, October 29 at 9:38 PM (10 months ago)
There is only one feature for this new release of Publ, but it’s a big one – there is (theoretical) support for AutoAuth! That’s right, deploy this version and people should be able to magically log on to your website using unattended IndieAuth providers.
Unfortunately, there aren’t any tools that I know of which actually support this mode of operation; all testing has been manual and In Theory.
Fortunately, if someone does want to test AutoAuth (or IndieAuth Bearer authentication in general), you can test it out on this site! You can use this entry as an individual entry, and this category or this feed to see how well it works with the “partial public” path.
Also, this page will tell you all sorts of useful information about the current user (if any).
And I’d might as well use this opportunity to show off the admin dashboard – just sign in as the user
test:admin to see how it looks.
EDIT: It looks like there’s a problem with third-party auth due to the way that Heroku works. I should have anticipated this. Third-party auth is temporarily disabled for now. (But this doesn’t affect
AutoAuth at least!)