I’ve just released new versions of Publ and Authl.
Publ v0.6.6 changes:
- Fixed a regression that made it impossible to log out
- Fixed a problem where
WWW-Authenticateheaders weren’t being cached properly
- Improve the changed-file cache-busting methodology
- Add object pooling to Entry, Category, and View (for a potentially big memory and performance improvement)
Authl v0.4.0 changes:
- Finally started to add unit tests
- Removed some legacy WebFinger code that was no longer relevant or ever touched
- Added a mechanism to allow providers to go directly to login, as appropriate
- Added friendly visual icons for providers which support them (a so-called “NASCAR interface”)
The main reason for this update is just that the embarrassing logout bug was rearing its head and I wanted to fix it on my site without monkeypatching it or temporarily moving to git head or whatever. The
WWW-Authenticate fix is nice, though, as it’s related to some work I’m doing on Pushl (namely adding the ability to retrieve bearer tokens from an external helper program).
It’s difficult to estimate what a performance change will be like based on testing on a developer desktop vs. a production VPS. In particular, the various I/O performance characteristics can vary a lot, and Publ is primarily I/O bound. In my desktop-side testing I found that the object pooling increased performance by 15%, which is already pretty great, but that’s also on a machine with a lot of memory, a huge file cache, and no disk virtualization. I’ve only deployed Publ 0.6.6 on my personal website around half an hour ago, but already my site monitoring is showing a rather impressive performance improvement. For example, the Atom feed used to take around 30 seconds to render on a cache miss. Right now it seems to take 2.5 seconds.
So, yeah, it takes only 10% of the time to run now – that’s around a 900% performance improvement in a typical deployment scenario. So, that’s pretty great.
Right now the largest remaining performance bottleneck seems to be in PonyORM, which is unfortunate. I haven’t yet figured out if it’s with PonyORM itself, or with its interface to sqlite. From what I can tell, the way that trace profiling works in Python means that things with a lot of function calls become quite a lot slower than long-running things within a single function, so things that do a lot of abstraction and dependency injection (like, say, PonyORM) get unfairly impacted in trace profiling. A sample-based profiling approach would be much more fair and realistic, but I haven’t found any sample-based Python profilers (and I don’t know enough about Python’s internals to know if that’s even a possibility).
My short-term goals for Publ are otherwise unchanged since the last release announcement.
I hadn’t worked on Authl in quite some time, but I felt like it needed some attention.
These Authl changes are basically for some UX improvements that had been bugging me for a while; there was an awful lot of text to read and that was possibly scary to newcomers. Now there’s still just as much text to read but there’s friendly icons for a bunch of the supported services, and silo services such as Twitter can now go straight to the login flow without implying that the username is necessary.
Here’s a before and after on the default Flask template:
The next thing I want to work on for Authl is finally adding actual support for user profiles. This would also probably go along with things like adding more providers, particularly Facebook, Tumblr, and maybe even OpenID 1.x (i.e. Dreamwidth). Better profile support means having a friendlier greeting than just the canonical identity URL, among other things that people might want in their own federated login use cases.
Now that Publ supports entry attachments, it might be reasonable to add native server-side webmentions; rather than fetching the mentions from webmention.io on every page view, have a webhook on update that triggers a script that fetches and formats the mentions as an attachment that can then be rendered and cached, as well as getting all of the benefits of SEO that it would bring. For some sites, having the comments be indexed by the search engines makes a huge difference to page ranking, since the conversation about an article can add in some useful keywords that weren’t in the actual article. (Not to mention it improves the page’s “freshness” as far as the search engine is concerned.)
Another thought I’ve had about attachments is they could be used to implement a server-side comment system, although that would require a lot more work than webmention rendering (UI, moderation/spam-filtering, migrating stuff again) and after all the work I put into my Isso setup I’m not quite ready to think about how to actually do that. I’d probably want to do it in the form of having a mechanism to pre-render the Isso comment thread and form into an HTML attachment rather than having every part of it handled via Publ entry attachments.