Publ v0.7.2, Authl v0.5.0

Big new releases for Publ and Authl!

Publ changes:

• Added support for IndieAuth Ticket Auth, allowing aware readers to automatically log in on your behalf and get private entries
• Added support for HTML 5 lazy image loading; all images are now lazy-loaded by default

Authl changes:

• Improve the meta robots rules on the login form
• Add IndieWeb endpoint discovery to the profile

SQLite vs. Postgres, at a glance

There’s a general belief that SQLite is a “slow” database and Postgres is “fast,” and many software packages (including FOSS) insist that SQLite is only suitable for testing and doesn’t scale. However, this doesn’t make much sense when you think about it; SQLite is an in-process database so there’s no communications overhead between the service and the database, and because it’s only designed to be accessed from a single process it can make use of optimistic locking to speed up transactions.

Since I was installing postgres for another purpose on my webserver, I decided to quickly see if Publ performs better on Postgres vs SQLite. To test the performance I compared the timing for my website on both doing a full site reindex, and rendering the Atom feed several times (using the debug Flask server and caching disabled).

Publ 0.7.1, now with full-text search

I finally got around to adding whoosh full-text search to Publ, as an experimental feature. See it in operation.

Other changes:

• Improve the way that tag names get normalized
• Change entry.prev and entry.next to not default to subcategory recursion if a category context is specified

v0.7.0 finally released

It took me way longer than I should have, but I finally decided to bump the minor version of Publ to 0.7.0.

My original intention was to only do that after getting the unit test coverage up to 90%, then to 80%, then to 50%… but it’s at 45% and that’s Good Enough I guess. I’d still like to get some proper automated testing in place for the bits that are tricky to test but with a system as complex as Publ it’s not particularly clear how to do a lot of that. The main issue is a fundamental mismatch between how the underlying ORM works vs. how unit testing is supposed to work, and I’ve so far been unable to square that circle. But maybe someday I’ll get the test coverage number up where I want it to be.

In any case, the only actual code change since 0.6.14 was some fixes to how page redirection works, especially around private entries.

Publ v0.6.14

End-of-the-year updates to Publ, mostly bug/interoperability fixes but a couple of small new features:

• URL chasing (e.g. example.com/1234 → example.com/blog/1234-hello-world) now uses permanent redirects
• Tag displayname normalization only updates if the newly-seen version is mixed-case
• You can now configure template default layout options globally
• view now has a has_unauthorized property
• Hidden tags no longer appear in category.tags
• Generated tag-browsing URLs (e.g. view(tag=...).link, entry.archive(tag=...), etc.) will normalize the case and order of included tags

Assuming this is stable, this will become the basis of the long-overdue 0.7.0 release.

Publ v0.6.13 released

Just some minor fixes for v0.6.13:

• Database performance improvements
• SEO improvements
• Fix the Windows test runner (ironically untested)
• Remove the minimal sample site from the source repository, as this is better served by the git repository for this site and the getting started documentation.

Authl v0.4.6 released

Wow, it’s been a while since I’ve worked on this stuff, huh?

Anyway, IndieAuth validation rules have changed for the better, so Authl has been updated accordingly.

There’s a few other changes as well:

• On IndieAuth profiles, p-pronoun is treated as a fallback for p-pronouns
• The Flask templates add some rel="nofollow" in some appropriate places

v0.6.12 released

A mostly-bugfix update:

• Path-Canonical/Path-Mount now works properly in conjunction with Auth
• Path-Alias et al now support URL-encoded special characters for the path mapping
• Improved error handling; more cases of malformed and malicious URLs now result in a 400 Bad Request error instead of a 500 Internal Server Error

v0.6.11 released

Just some cleanups and usability fixes:

• Raise a 400 error on malformed URLs with known handling instead of 500
• Don’t include subcategories with no indexable entries (e.g. all GONE/HIDDEN/etc.)
• Improve the admin dashboard
• Miscellaneous code cleanups

Also I forgot to announce v0.6.10, released back on September 1; the changes from v0.6.9 were:

• Let 401 Unauthorized status overcome a path alias
• Improve the tests
• Sort the “recent users” display on the admin dashboard

Publ 0.6.9

Publ 0.6.9 is out and has the following changes:

• Removed the vestigial attempt at supporting AutoAuth
• Path-alias now works for all URL paths, and not just ones which happened to match Publ’s routing rules
• Fixed a bug in formatted code blocks that was generating extra newlines per line
• Added user bearer token generation to the public API
• Changing a user’s permissions now correctly invalidates their rendition cache

Important: In the incredibly unlikely event you were using the token_endpoint function, that has been removed, along with the token endpoint itself.

Publ 0.6.8, Authl 0.4.3

Some pretty big new features added. First, in Authl:

• Major documentation improvements
• Bug fixes with Fediverse instance caching
• All providers now normalize to the same profile format
• Some basic spam prevention for the email provider
• 100% unit test coverage on the Fediverse provider (which is now using mastodon.py instead of a hand-rolled OAuth client)

And in Publ:

• Fenced code now uses <figure> and <figcaption> instead of ad-hoc <div>s for its layout, and the overall HTML semantic has been greatly improved
• Individual code blocks are now configurable with respect to highlighting and line numbering
• The user object now provides a user profile and separates the identity URL from the familiar name

New domain!

Since there’s now a lot more to PlaidWeb than just Publ, there is now a new organization website which will become the top-level home of these different things, which allows for better organization of this stuff to begin with.

While I’m still trying to work out how I’m going to organize things, my expectations are as follows:

• The Publ documentation and demo site will live at publ.plaidweb.site
• This dev/release blog will move to the main domain at some point
• Elements which don’t have their own website will get a microsite on the main domain
• Every incoming webmention that the old domain received will remain missing/broken in perpetuity (or at least until I get around to adding native webmentions to Publ)

Also, publ.beesbuzz.biz is intended to redirect over here, but it’s disappeared from my DNS host for some reason; it was actually this happening which inspired me to finally take this action. It seems to be a bug with how LiNode’s wildcard domains work, and I have an active support ticket open. Update: Turns out this was a subtle issue with how DNS wildcards work, which is explained below the cut.

Publ v0.6.7

Publ v0.6.7 is out now. Various changes:

• Now using Poetry for the build system
• Cleaned up some Redirect-Url logic to cut down on the number of page load hops
• Renamed the main branch to main¹
• Bail out on files which repeatedly fail indexer fixups
• Default entry title and slug are now blank, rather than trying to guess from the filename
• Officially deprecated Python 3.5 support, which hasn’t worked for quite some time anyway
• Defer Authl loading, and other Authl-related changes to support the latest version
• Add support for line-numbering and captions in code blocks

I’m already regretting some of the decisions I made with the fenced code amendments; in the future it will almost certainly switch to using <figure> and <figcaption>, and change some of the other structural bits. Feel free to share your opinions.

There’s also a known issue where the quick-login link (for e.g. Twitter) doesn’t work on pages which are login-required; this is actually an issue with the Authl login template, and has already been fixed in Authl pending the next release.

And speaking of Authl, the online docs are way better now. Hopefully it’s finally in a state where other people will be able to use it!

Authl v0.4.2: poetry in motion

Authl v0.4.2 is out. Mostly infrastructural changes, but a few other changes too:

• Switched the development environment to poetry
• Made some internal naming changes, and renamed the technically-incorrect force_ssl to the more-accurate force_https
• It is also now up to handlers to do all of their own exception catching, which cleans up some stuff
• Massively overhauled the docs, and got doc site generation working with Sphinx (many thanks to Khr for help!)

In theory there will now be docs visible at authl.readthedocs.io, although I’m still having trouble getting some of it to actually appear.

But, speaking of appearing, somehow the hostname for this site stopped resolving, so hopefully by the time this site comes back, the readthedocs stuff will be working too!

Authl 0.4.1

Authl 0.4.1 is out. Changes below:

• Better unit test coverage
• Some better error messaging in some places
• Removed the IndieLogin handler, which serves no real purpose when there’s native IndieAuth support anyway

Pushl v0.3.0, and some terminology changes

Pushl v0.3.0 is now out. Changes since v0.2.14:

• Some caching fixes
• Updates to some antiquated terminology

Per the above, the main code branch¹ is now called main, and you include and exclude link rel attributes with --rel-include and --rel-exclude, in keeping with some long-overdue naming convention updates.

We’re all in this together.

Publ 0.6.6, Authl 0.4.0

I’ve just released new versions of Publ and Authl.

Publ v0.6.6 changes:

• Fixed a regression that made it impossible to log out
• Fixed a problem where WWW-Authenticate headers weren’t being cached properly
• Improve the changed-file cache-busting methodology
• Add object pooling to Entry, Category, and View (for a potentially big memory and performance improvement)

Authl v0.4.0 changes:

• Finally started to add unit tests
• Removed some legacy WebFinger code that was no longer relevant or ever touched
• Added a mechanism to allow providers to go directly to login, as appropriate
• Added friendly visual icons for providers which support them (a so-called “NASCAR interface”)

Publ v0.6.5

Publ v0.6.5 is now out. Has the following changes:

• Upgrading Publ will now invalidate the cache
• Fixes the missing database session around the authentication log viewer
• Fixes the way that the indexer works when an entry changes ID
• Fixes a bug where draft entries' temporary IDs were overriding the permanent/assigned IDs of visible entries
• Added some useful commandline tools

The next things I want to work on:

• Micropub endpoint (done as a separate component that you can optionally add)
• Adding more unit tests
• Maybe an actual (very basic) CMS UI? I dunno

Publ v0.6.4, now with attachments

There are several important bugfixes in this as well as one major new feature. Changes since v0.6.3:

• Rewrote the indexer scheduling logic both for better peformance and to (hopefully) stop clobbering entry text on content deployments
• Added entry attachments, which allows associating entries directly with one another
• Fixed a silly caching bug introduced in v0.6.3 which basically broke the cache

Publ v0.6.3

Just a few bugfixes:

• Fixed a problem that prevented logging out from working
• Made view.deleted work correctly on count-based paginations
• Allowed date-based paginations to work from an empty starting point