neue medienordnung plus
  last edited: Sat, 16 Dec 2017 06:23:55 -0500  
Where find I CHANGELOG for Hubzilla version latter as 2.2 ? I find only https://github.com/HappyPony/hubzilla/blob/master/CHANGELOG with changes until Hubzilla 2.2 (2017-03-08)
@Hubzilla Development+ #CHANGELOG
neue medienordnung plus
  
The solution:

yet fin I https://github.com/redmatrix/hubzilla/blob/master/CHANGELOG over this post . But why linked github navigation to outdated changelog?

outdated changelog is my GitHub clone from hubzilla master.
Andrew Manning
  
What is linking to the HappyPony fork? People should always be directed to the official project repo.

M. Dent
 
Ran into a problem with a couple of WIKI names containing an ampersand (&).  Clicking on any internal WIKI link within a WIKI whose name contains an ampersand returns you to the WIKI selection page as if the WIKI doesn't exist.  Looking closely at the links, it appears that the WIKI name isn't escaped (or at least ampersands in wiki names are not escaped).  I was going to wait and just fix it and send a pull request, but with 3.0RC coming out, I didn't want to keep the knowledge to myself in case I don't get to it right away.

Also - wasn't sure if the preferred method was the github issues tracker or here, so I submitted to both.
Mike Macgirvin
  last edited: Wed, 13 Dec 2017 14:58:28 -0500  
The wiki and wikipage names both need to be reworked. I thought double urlencoding would fix the issues originally but it turns out it does not. Tracking the '+' in wiki page names led me to discover why it won't work. My current recommendation would be to use quoted-printable as a first transform, followed by urlencode/decode to escape the '='.
M. Dent
  
I'm guessing my American ethnocentrism prevents me from seeing the inherent problems with limiting the range of legal values to those that would not need to be encoded like other projects do.
Mike Macgirvin
  last edited: Wed, 13 Dec 2017 16:18:28 -0500  
In my view the actual name should not be restricted. The URL path, however, must be restricted. In the original wiki implementation these names were derived directly from each other. I rewrote the storage layer last year from Andrew's original implementation but all I did with the naming stuff was try to make it work. There were originally about 20 problematic characters. Now there are only a couple.

So the only question is how you derive the URL name. In the webpage module it can be entered separately - and is transliterated, with a fallback to a substring of the message-id if transliteration fails (as it will with Chinese or Hebrew input). We do not limit the webpage title itself.

That, or something like it is probably what needs to happen in the wiki. You should be able to name these things anything you want, and have a separate place to adjust the "clean URL" pathname to something that is acceptable; possibly starting with a transliteration and falling back to a hex blob if we can't reach agreement.

It could involve a significant re-write to get there from here.

Mario Vavti
  last edited: Wed, 13 Dec 2017 08:09:37 -0500  
If you installed Hubzilla via git and running master branch, you are only a git checkout 3.0RC away from the next major Hubzilla release. Make sure to also git checkout 3.0RC the addons if you upgrade.

Please help us test this RC and provide feedback in form of bugreports or pull requests on issues you might find. Also testing of addons/plugins is highly appreciated.

You can follow the progress of RC testing in this wiki. Keep in mind that the wiki is not yet complete. Please PM me for write-access if desired.

For the changelog please have a look at the git history for now.

A condensed summary will follow with the version 3.0 release announcement.

Happy testing!

@Hubzilla Announcements+  @Hubzilla Development+
Holger (Hubzilla)
  
Changed to 3.0RC ?

M. Dent
 
If I am creating an addon that uses something like PAYPAL IPN (instant payment notification) which needs to do a 'callback' into the application - is it possible to use something like

api_register_func('myaddonname/ppipn-callback','my-callback-processor',false);

either in  myaddon_init()  or just inline in order to have paypal callbacks routed to my-callback-processor()  (assuming my-callback-processor is not in a class)?

Is this the right way to do this?  Is there a different approved/correct way to do this sort of thing?
Mike Macgirvin
  last edited: Sat, 02 Dec 2017 14:36:31 -0500  
There are a number of non-referenced but important doc files which I believe Andrew is trying to fix.
M. Dent
  
All good, the comment wasn't a complaint as much as  trying to leave breadcrumbs for myself and others who may be looking for stuff.
Andrew Manning
  
Yeah, right now the best way for developers to find documentation is to manually search the /doc folder in the repo. I assume you are using a sensible IDE that makes this easy. I'm making a lot of progress with the revisions to the online help pages, but unfortunately I can't commit to a completion date. Hopefully I'll finish in this century.

Mario Vavti
 
ACL for file uploads in /cloud does not work as expected atm. All files uploaded will be public until this is fixed.

The ACL can still be adjusted after the upload.

If you need privacy, make sure to create a private folder and upload your files directly to the private folder.

Alternatively you can checkout this commit 455720ae938126d9a0d3c728beb0a7ba3268a4d0 which is not yet affected by this bug.

M. Dent
  
@Hubzilla Development+

Is there a single function call to get the xchan_hash for both local and remote users?  It appears from a quick look that get_observer will only return the xchan of remote users.

What I'm looking for is a globally unique identifier by which to store the history of interaction within the app I'm creating.  Does such a thing already exist?  Or do I need to create a custom function to do this?
M. Dent
  
Ok, nevermind, I found where the observer is set for local users (hint for future: it's in the change_channel function in include/security.php.

That means get_observer_hash should work for both local and remotes to get xchan_hash, correct?
Mike Macgirvin
  last edited: Fri, 01 Dec 2017 16:53:44 -0500  
Right.

M. Dent
 
I'm working on my first add-on - looking at the skeleton addon, I've already been led "astray" a little bit by the whole deprecated "register_hook" vs. using the Zotlabs\Extend\Hook::register() interface...

In digging through things, I see that there are calls for  {addon}_install/uninstall as well as {addon}_load/unload.  I want to make sure I am reading/understanding things properly:

{addon}_install/uninstall is called by the util/addons cli interface and then {addon}_load/unload is called by the admin interface when the addon is "enabled" on the hub.

If this is the case, since my addon creates a couple of custom database tables, it seems that the best place for table creation/destruction is in the install/uninstall functions and the hook creation/destruction is in load/unload.  

Is that about right?
Mike Macgirvin
  last edited: Thu, 30 Nov 2017 17:51:15 -0500  
Very close.

install is called once to install the addon (either from the cli or via the web admin). It calls load as a side effect. We load or unload the plugin more frequently than this, for instance if the plugin modification time changed, we unload it and load it again to make sure we have all the latest callbacks registered. You don't want to destroy or re-create a DB table to do this.

We actually need one more function than we currently provide - a 'disable' function which will uninstall the plugin but not destroy any associated data. This hasn't yet been implemented, so most plugins that create tables never actually delete them.
Andrew Manning
  
If you look at the Rendezvous add-on you'll find an example of a plugin setting where you let the admin specify whether to delete the custom tables upon uninstall.

M. Dent
 
I think I've finally figured out one of my "hangups" regarding permissions and how I think things should work from how they actually do work.

For some reason, my brain has put together permissions and "privacy groups" - as if privacy groups should have the ability to administer security settings rather than needing to go into each individual connection and changing settings (which, frankly, is a big pain if I have more than a few conections and want to group their permissions).  

Is there any means or mechanism to group connections into some sort of "permissions groups" - and/or is there an architectural reason that "privacy groups" do not fill this role?  Or is it merely an implementation thing (nobody has picked up the ball)?

One thought would be that the permissions for an individual connection would be determined as follows:

(({CHANNEL PERMISSIONS} OR {PRIVACY GROUP OVERRIDES "YES"}) XOR
({PRIVACY GROUP OVERRIDES "NO"} OR {CONNECTION OVERRIDE "NO"})) OR {CONNECTION OVERRIDE YES}

The clear issue is what about connections in multiple privacy groups?  Do we default to "allow", do we default to "deny", or how do we resolve conflicts.  The above "formula" would keep conflicts to a minimum - and if conflicts occur at the "privacy group" level, they could be resolved at the "connection" level.  

The thought is to use 3 "options" per permission category  (NO) (INHERIT) (YES).  The default setting for all of them would be "inherit" - so everything would simply be inherited from the CHANNEL PERMISSION settings.  Then you have "OVERRIDE NO" and "OVERRIDE YES" as options as well.  This could be "hidden" as an advanced feature.  Ultimately, things would work as they do now by default (except maybe you COULD override the inherited values from the CHANNEL SETTINGS).

----
Anyway, this is really nothing other than thinking out loud and throwing out a discussion starter or a breadcrumb for anyone with time and inclination... perhaps (and likely) the discussion has been hashed, rehashed, rerehashed to death - in which case, I'm sorry - just pat me on the head and point me to the previous discussions.
M. Dent
  
Ok, I see... still take a bit to wrap my head around everything, but it's starting to beocome clearer.  I had overlooked the Permission Groups feature.  With that - it looks like all the pieces are there to do all the things anyone would want - and overall is probably a little cleaner than combining it with privacy groups.
Mike Macgirvin
  last edited: Thu, 30 Nov 2017 17:40:00 -0500  
It's a complex bit of machinery. I would encourage you to continue looking at it with a critical eye and suggesting improvements.
M. Dent
  
Thanks for the encouragement - with my posts lately, I fear coming across as "that guy" who simply nit-picks and gives unwanted advice.  That's certainly not my intent - but I can see how it can come across that way.... if it ever feels like that - I apologize in advance.  Patient explanations are very much appreciated but pointers to previous conversations are sufficient and the occasional, "Yeah... I don't have time to explain it right now, but you're definitely missing something important," won't hurt my feelings.
Mario Vavti
  
I created a new module which might replace /network as the default landing page. See here: /hq

It is very simple and clean and loading quick even on low level hardware. It only loads the latest top level item (instead of many of them in /network) and lets you quickly look through your most common notifications one by one without reloading the page using ajax calls (this works for the most common notifications).

You can make hq your landing page using the Start Page plugin.

Let me know what you think...

@Hubzilla Development+
Mario Vavti
  
The current behaviour when you go to /hq should be:
  • load the newest top level post - the url remains at /hq
  • open network notifications
  • click a notification
  • the url should look like this /hq/b64.someencodedmid
  • click anothe notification
  • the url should look like this /hq/b64.anotherencodedmid
  • the browser back button brings you to the previous post

This works reliable for me... Not sure why it does not for you...

Any errors in the console maybe?
Haakon Meland Eriksen (Parlementum)
  
I opened hq when I did not have any notification. I clicked the notification icon anyway and got a white page below the navbar.

I like the general idea of one at a time. :-) I think it would be easier if scrolling up or down or swiping left or right loaded the next or previous item. Going up to notifications feel clunky. It makes sense when you do not want the next or previous item, so keep that and carry on with the good work. :-)
Alexandre Hannud Abdo
  
Sorry Mario, I ain't running Dev, my tests were done with the widget on the right of Network and Display present in master. Should have noted that before.

M. Dent
 
Okay, new question - looking through the code for hooks - what is the purpose of the first parameter in registered hooks?


            if(is_callable($hook[1])) {
                $func = $hook[1];
                if($hook[3])
                    $func($data);
                else
                    $func($a, $data);
            }


$a=0 - and doesn't seem to ever get set to anything else, and it appears that every hook registered will always have $hook[3]=0 since that appears to be the "hook_version" and there is nothing in register_hook() to set the version (I do see that inserted hooks have a parameter for "hook_version", but I'm unclear as to the why's and wherefores of a difference between the two).  

In any event, as far as I can tell, registered hooks will always be called as my_hook(0,$data).  But why the first parameter?  I'm obviously missing something.   ?hints?
Mike Macgirvin
  last edited: Wed, 29 Nov 2017 23:21:52 -0500  
Legacy.

We used to pass the App class as a global ($a) all over the place. Now we use static functions and variables for the base App class and don't need to pass any globals around.

register_hook() is the original interface from many years ago. You can still use it, but $a was deprecated and we've slowly been removing it. We now use Zotlabs\Extend\Hook::register() which defaults to version 1 and functions using it only require 1 parameter.

This was a tough sucker to figure out how to migrate forward without breaking everybody's plugins.

M. Dent
 
Just under a year ago, @Andrew Manning in a comment mentioned some sort of "chat widget" - just curious if any progress has been made on it?  It'd be nice to have some sort of widget that would at least highlight THAT new messages have come in on a given chat.  I'm working on consolidating to Hubzilla as a communications platform - and the one thing that's a sticking point from moving from MatterMost (slack-like messaging), is that there is no easy place to see a list of "channels" that I'm a member of - or to see if there are new messages on those channels.

It'd also be handy if there were a way to restrict a chat to "this-hub-only" (or maybe it is already?).  No doubt I'm looking in the wrong place, but I haven't found a way to do that yet.

Finally - I remember reading info about how securely chat messages are stored in the database, but I can't find it now.  Even if chat messages arent E2E encrypted - are they in any way secured/obfuscated in the database?
Andrew Manning
  
Mike is the only one who really understands the core infrastructure well (just being honest), but my guess is that anything propagating using the standard system will be too slow (potentially) for real-time chat. I suppose there's nothing preventing you from using a special real-time hub-to-hub relay, but it feels kind of like we're reinventing the wheel here. Probably the most productive thing you could do is get Hubzilla to do the authentication for WebRTC chat. That would open the door to video chat and all the benefits of WebRTC technology.
Mike Macgirvin
  last edited: Wed, 29 Nov 2017 21:25:03 -0500  
If you look through the addons, there are a number of different chat solutions in various states of (neglected) maintenance.

The built-in chat has been maligned numerous times because it is a simple ajax chat with no federation protocol behind it.  It remains the built-in chat (though you can turn it off if you don't want it), only because it provides chatrooms with access control that are fully compatible and consistent with our other cross-domain access controlled resources. This is our primary feature (the "main thing" is to keep the "main thing" the "main thing") and is really the only reason we have it. You would be welcome to plug in any instant messaging system you want (there appear to be hundreds to choose from), and nobody here will stop you, but these offerings won't really work with our permission system.

Anyway, back to technical details - I'm not certain that providing a federation layer for this weird custom chat is a worthwhile exercise, but interacting with a widget remotely would be low-hanging fruit. To get around CORS you could serve the widget javascript locally and interact with json data served from the remote site or even proxy it through your own server. All you need is a room_id and a valid session to grab the room JSON ("who's here" and any new content).

Probably the most productive thing you could do is get Hubzilla to do the authentication for WebRTC chat.


Absolutely. A few folks have taken a look but haven't seen it through. It's almost trivial to do WebRTC on the open internet, but as soon as you mention STUN,TURN, and ICE to reach behind firewalls the eyes start to glaze.
Andrew Manning
  
but as soon as you mention STUN,TURN, and ICE to reach behind firewalls the eyes start to glaze.

Haha, so true.
Mario Vavti
  last edited: Wed, 29 Nov 2017 06:26:05 -0500  
I am thinking about changing the behaviour of the Take me home menu button on remote sites.

ATM it brings us to Channel Home. I would like it to bring us to the home hub only. Thus bringing us to our selected landing page (default activity) if loged in.

The downside would be that if we are not loged in anymore at the home hub (which is probably rare), it will just bring us to the login page or respectively the home hub front page.

Any objections?

@Hubzilla Development+
Alexandre Hannud Abdo
  
Makes a lot of sense to me.
h.ear.t | tobias
  
This is something I long for as my landing page is /network. If I am not logged in getting the login form is what I'd call expected behaviour.

Anmol Sharma
 
I can not ping from the Bittorrent Server plugin . Do I need to open some ports for my server?
Andrew Manning
  
From the readme on the repo page you linked:
On activating the plugin, the server starts on port [6881..6891].

Is that what you need to open? I don't know much about it, but I've been wanting to understand and improve those WebTorrent plugins. Good work was done there, but as usual, the big cool decentralized technology languishes without an existing base of people who practically benefit from it and thus help push the technology forward. Good luck and keep us posted.

neue medienordnung plus
  last edited: Sun, 26 Nov 2017 12:00:44 -0500  
I'm loggedin as admin, but I find no possibility to investigate, how much storage demanded each channel. How can I investigate, how much storage demanded each channel?

= German Edition =
Ich bin angemeldet als Admin auf https://hub.freecommunication.org mit der Version 2.8.1, aber unter "Konten" und "Kanäle" sehe ich keine Möglichkeit, diese Speicherwerte zu ermitteln.

Hat man als Admin die Möglichkeit zu ermitteln, was den Speicherverbrauch auf dem jeweiligen Kanal verursacht?

#Storage @Hubzilla Development+ @Hubzilla Support Forum+ @Deutschsprachige Nutzer+
h.ear.t | tobias
  
Each channel gets its own dedicated file storage folder inside that folder.
h.ear.t | tobias
  
Why the for loop?

du -sh *          
1.3M    [data]
1.4M    drafts                                                    
20K     hzkick
4.0K    notebook                                                
8.5M    tobias
h.ear.t | tobias
  
Depends on what is available. du is on any basic install and just works. ncdu is an additional installation. It is quite a nifty tool though, yes. But a server should only have just as much software installed as it really needs to get the job done. Software that is not installed cannot be used for any exploits and malitious actions.
For a server beauty is simplicity en par with security.

M. Dent
 
Is there a description anywhere of the purpose and function of each of the differing kinds of "config" settings?

  * config
  * xconfig
  * pconfig
  * aconfig
  * abconfig

I think I have a vague understanding from the docs and code - but I'd be interested in knowing what the intended purpose or example "use cases" are for each config type.  Doesn't have to be lengthy and invovled, I just can't seem to find the clear lines between some of them (especially WRT aconfig and abconfig).
M. Dent
 
Assuming those are correct - Is the difference between xconfig and pconfig that xconfig info is propagated to channel clones, but pconfig is not?  (Is it right to think of xconfig as your "grid profile" used for non-hub-specific settings [or things that are generic enough that they reasonably could be expected to apply to multiple hubs] and pconfig as your "local profile for hub specific settings"?)
Mike Macgirvin
  last edited: Sat, 25 Nov 2017 17:11:26 -0500  
You've mostly got it. A few minor clarifications...

It's all metadata/preference storage to keep from extending the base tables every time we need to store something new. config is *this* server configuration and should not be shared. pconfig (personal config) is for metadata/preferences about the local channel and is propagated to clones. It is heavily used. abconfig data is also shared to your clones since it holds the permissions you've assigned.

xconfig is settings for remote visitors who may not have a local account. This is used to store directory preferences for example - so if you have an adult site we'll always remember that you turned "safe mode" on (or off). Xconfig is not propagated anywhere. There's also sconfig (site metadata) and iconfig (item metadata, which offers a choice on whether or not to propagate it with the item).

aconfig is for something related to your account and isn't specific to any of your channels. This is intended for something like subscription information and there are some service class settings (e.g. free account vs. premium account settings) which use this.

xconfig is rarely used, as are sconfig and aconfig ; and all these are implemented using the same table iirc. I intend to use site config a lot more in the future, so we can remember your site encryption modes and what protocol revision you are using and what additional protocols you have activated so we'll know whether we need to translate Diaspora comments into ActivityPub for your site or vice versa.
Andrew Manning
 
I added this to my glacial overhaul of the help pages. I'll try to use dev.hubzilla.org to display progress by putting that hub on my "docs" branch. As a result the link below might break at any time:

https://dev.hubzilla.org/help/en/admin/database#Configuration_Storage

Andrew Manning
  
Since there has been only a single request for registration on https://start.hubzilla.org after advertising on http://hubzilla.org, I removed the invitation code requirement during registration and enabled email verification.

@Hubzilla Development+
Anmol Sharma
  
@Andrew Manning
What backup solution you use for start.hubzilla.org? Loosing the users data is a nightmare. We do keep regular imports of the channels, but I am sure most users of the hub will not do that on regular basis.
Andrew Manning
  
Currently I'm relying on the DigitalOcean weekly backups. If the site gets more popular and data becomes more important, I can take more frequent snapshots of the hub inbetween the virtual machine snapshots.
neue medienordnung plus
  last edited: Thu, 07 Dec 2017 04:22:34 -0500  
If the site gets more popular and data becomes more important, I can take more frequent snapshots of the hub inbetween the virtual machine snapshots.
  
@Anmol Sharma
I mean, that correspond to Hubzilla philosophy of de-centrality and Hubzilla concept, that the Hubzilla member are responsible themselves for the availability, for the vitality of Hubzilla infrastructure inherent backups of Hubzilla contacts and other data.

Hubzilla provide one effective and comfortable decentralised solution for high availability of my personal Hubzilla infrastructure - clones of my Hubzilla profiles. I declare all new Hubzilla member, that they have to create at least one clone of they Hubzilla profile for better availability of Hubzilla infrastructure.
Andrew Manning
  
Can we remove the hard-coded age of 13 for registration? Is there any reason not to make that a config setting that you could perhaps override in .htconfig.php?

@Hubzilla Development+
giac hellvecio
  
Someone has that spark, the magic one...this one may be 14 or maybe 15 years old, the law says... 13, but if you discriminate those under the 18, then they will have missed a chance...you cut their wings.
Maria Karlsen
  last edited: Sat, 25 Nov 2017 06:14:23 -0500  
When I think about processing data I don't think it's so much about being "mature" or not. It's more about human rights. Google...Facebook... Every child should have the right not to be exposed to heavy tracking unless it's absolutely necessary. Then of course some places are safer than others - like Hubzilla:-)
Hubzilla can probably be safe enough for kids of any age, with a parent guiding and the right settings - but when it comes to hubs anministration you simply have to follow the law.
Mario Vavti
  
Haha... Kids - the more you forbid them, the sooner they will register...

neue medienordnung plus
  
I moved files/ folder from location/ hub A. But the copies from moved files/ folder stay on the hub B. Is it correct behavior of Hubzilla? Hubzilla version on both hubs A and B is 2.8.1.

@Hubzilla Development+ @Hubzilla Support Forum+ #deletedObjects #movedObjects
Mike Macgirvin
  
This seems to be dependent on exactly *how* the files were removed. It works correctly using DAV but failed to sync properly if deleted using the web browser interface.

Should be fixed upstream.

Andrew Manning
  last edited: Thu, 23 Nov 2017 20:31:28 -0500  
What's the deal with the new Articles module? Perusing the code in my food coma, it looks like a cousin to the Cards module?

Edit: Articles.php is identical to the Cards.php file but with "card" replaced by "article".

@Hubzilla Development+
Mike Macgirvin
  
It's not finished.
Andrew Manning
  
Can I relegate the file to the git history books then?
Andrew Manning
  
Well, maybe I can keep it as a deployment method but with a big warning at the top that it's for reference and will be updated if possible.
Haakon Meland Eriksen (Parlementum)
  
You decide. :-)