@2024-10-08T19:36:38-07:00@a.9srv.net Thanks for the followup. I agrees with most of it - especially:

Please nobody suggest sticking the content type in more metadata. 🙄

Yes, URL can be considered ugly, but they work and are understandable by both humans and machines. And its trivial for any client to hide the URLs used as reference in replies/treading.

Webfinger can be an add-on to help lookup people, and it can be made independent of the nick by just serving the same json regardless of the nick as people do with static sites and a as I implemented it on darch.dk (wf endpoint). Try RANDOMSTRING@darch.dk on http://darch.dk/wf-lookup.php (wf lookup) or RANDOMSTRING@garrido.io on https://webfinger.net

@prologic@twtxt.net

See https://dev.twtxt.net

Yes, that is exactly what I meant. I like that collection and “twtxt v2” feels like a departure.

Maybe there’s an advantage to grouping it into one spec, but IMO that shouldn’t be done at the same time as introducing new untested ideas.

See https://yarn.social (especially this section: https://yarn.social/#self-host) – It really doesn’t get much simpler than this 🤣

Again, I like this existing simplicity. (I would even argue you don’t need the metadata.)

That page says “For the best experience your client should also support some of the Twtxt Extensions…” but it is clear you don’t need to. I would like it to stay that way, and publishing a big long spec and calling it “twtxt v2” feels like a departure from that. (I think the content of the document is valuable; I’m just carping about how it’s being presented.)

@david@collantes.us Thanks, that’s good feedback to have. I wonder to what extent this already exists in registry servers and yarn pods. I haven’t really tried digging into the past in either one.

How interested would you be in changes in metadata and other comments in the feeds? I’m thinking of just permanently saving every version of each twtxt file that gets pulled, not just the twts. It wouldn’t be hard to do (though presenting the information in a sensible way is another matter). Compression should make storage a non-issue unless someone does something weird with their feed like shuffle the comments around every time I fetch it.

@prologic@twtxt.net

(#w4chkna) @falsifian@www.falsifian.org You mean the idea of being able to inline # url = changes in your feed?

Yes, that one. But @lyse@lyse.isobeef.org pointed out suffers a compatibility issue, since currently the first listed url is used for hashing, not the last. Unless your feed is in reverse chronological order. Heh, I guess another metadata field could indicate which version to use.

Or maybe url changes could somehow be combined with the archive feeds extension? Could the url metadata field be local to each archive file, so that to switch to a new url all you need to do is archive everything you’ve got and start a new file at the new url?

I don’t think it’s that likely my feed url will change.

@prologic@twtxt.net Some criticisms and a possible alternative direction:

1. Key rotation. I’m not a security person, but my understanding is that it’s good to be able to give keys an expiry date and replace them with new ones periodically.

2. It makes maintaining a feed more complicated. Now instead of just needing to put a file on a web server (and scan the logs for user agents) I also need to do this. What brought me to twtxt was its radical simplicity.

Instead, maybe we should think about a way to allow old urls to be rotated out? Like, my metadata could somehow say that X used to be my primary URL, but going forward from date D onward my primary url is Y. (Or, if you really want to use public key cryptography, maybe something similar could be used for key rotation there.)

It’s nice that your scheme would add a way to verify the twts you download, but https is supposed to do that anyway. If you don’t trust https to do that (maybe you don’t like relying on root CAs?) then maybe your preferred solution should be reflected by your primary feed url. E.g. if you prefer the security offered by IPFS, then maybe an IPNS url would do the trick. The fact that feed locations are URLs gives some flexibility. (But then rotation is still an issue, if I understand ipns right.)

@prologic@twtxt.net Fair enough! I just added some metadata.

PEP 746: Type checking Annotated metadata
This PEP proposes a mechanism for type checking metadata that uses the typing.Annotated type. Metadata objects that implement the new __supports_type__ protocol will be type checked by static type checkers to ensure that the metadata is valid for the given type. ⌘ Read more

Thanks for your feedback @lyse@lyse.isobeef.org. For some reason i missed it until now. For now I have implemented endpoint discovery for #webmentions as a metadata field in the twtxt.txt like this:
# webmention = http://darch.dk/timeline/webmention

PEP 727: Documentation Metadata in Typing
This document proposes a way to complement docstrings to add additional documentation to Python symbols using type annotations with Annotated (in class attributes, function and method parameters, return values, and variables). ⌘ Read more

PEP 723: Embedding pyproject.toml in single-file scripts
This PEP specifies a metadata format that can be embedded in single-file Python scripts to assist launchers, IDEs and other external tools which may need to interact with such scripts. ⌘ Read more

An official FBI document dated January 2021, obtained by the American association “Property of People” through the Freedom of Information Act.

This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata (“Pen Register”) or connection data retention law (“18 USC§2703”). Here, in essence, is the information the FBI says it can retrieve:

• Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.

• Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).

• Signal: date and time of account creation and date of last connection.

• Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.

• Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.

• Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).

• WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.

• WhatsApp: the targeted person’s basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time (“Pen Register”); message content can be retrieved via iCloud backups.

• Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.

TL;DR Signal is the messaging system that provides the least information to investigators.

PEP 714: Rename dist-info-metadata in the Simple API
This PEP renames the metadata provided by PEP 658 in both HTML and JSON formats of the Simple API and provides guidelines for both clients and servers in how to handle the renaming. ⌘ Read more

Metadata from a single picture can destroy your privacy
What someone can learn from your Image EXIF Metadata, and how to secure your photos ⌘ Read more

Dependabot relieves alert fatigue from npm devDependencies
A new alert rules engine for Dependabot leverages alert metadata to identify and auto-dismiss up to 15% of alerts as false positives. ⌘ Read more

PEP 710: Recording the provenance of installed packages
This PEP describes a way to record the provenance of installed Python distributions. The record is created by an installer and is available to users in the form of a JSON file provenance_url.json in the .dist-info directory. The mentioned JSON file captures additional metadata to allow recording a URL to a :term:`distribution package` together with the installed distribution hash. This proposal is built on top of PEP 610 following :ref:`its corresponding canonical PyPA spec … ⌘ Read more`

**RT by @mind_booster: My new hobby: finding public domain images that Getty sells for $500, locating hi-rez scans of their original publications, cropping and cleaning them up, adding metadata, and uploading them to Wikimedia Commons.

First one: https://commons.wikimedia.org/wiki/File:Fig_6_Le_Telephone_by_T_De_Moncel_Paris_1878.png**
My new hobby: finding public domain images that Getty sells for $500, locating hi-rez scans of their original publications, cropping and cleaning them up, adding metadata, and uplo … ⌘ Read more

GitHub Security Lab audited DataHub: Here’s what they found
The GitHub Security Lab audited DataHub, an open source metadata platform, and discovered several vulnerabilities in the platform’s authentication and authorization modules. These vulnerabilities could have enabled an attacker to bypass authentication and gain access to sensitive data stored on the platform. ⌘ Read more

PEP 706: Filter for tarfile.extractall
The extraction methods in :external+py3.11:mod:`tarfile` gain a filter argument, which allows rejecting files or modifying metadata as the archive is extracted. Three built-in named filters are provided, aimed at limiting features that might be surprising or dangerous. These can be used as-is, or serve as a base for custom filters. ⌘ Read more

🌠 More LLM Integrations & Sample Notes for Cooking, Workouts, etc.
Obsidian’s nominated for a Golden Kitty in Productivity, there’s a new RGB theme. Plus, fancy new dataview & templater scripts for day planning & YouTube metadata. ⌘ Read more

@prologic@twtxt.net: I understand the benefits of using hashes, it’s much easier to implement client applications (at the expense of ease of use without the proper client). I must say that I like the way the metadata extension is done. Simple and elegant! It’s hard to design simple things!

🌠 An academic vault tour & weekly review templates
Media workflow diagrams, film project dashboards, daily journaling discussions, python libraries for batch-changing metadata, and more! ⌘ Read more

“Bloggers, Dump Your Twitter Card Tags”
It’s crazy to think how much bandwidth is being used by metadata tags. Every company wants to invent it’s own new system. Wouter Groeneveld gives a brief overview and recommends getting rid of them (for the most part). I agree with him completely. The only one of these systems that my blog supports is Microformats, which is quite popular among the IndieWeb community. ⌘ Read more

Playing around with cmus tonight. My music library has so much bad metadata, it’s not even funny.

Dino: Stateless File Sharing: Source Attachment and Wrap-Up

Stateless file sharing (sfs) is a generic file sharing message which, alongside metadata, sends a list of sources where the file can be retrieved from.
It is generic in the sense, that sources can be from different kinds of file transfer methods.
HTTP, Jingle and any other file transfers can be encapsulated with it.
The big idea is that functionality can be implemented for all file transfer methods at once, thanks to … ⌘ Read more

Dino: Stateless File Sharing: Async, Metadata with Thumbnails and some UI

Asynchronous programming is a neat tool, until you work with a foreign project in a foreign language using it.
As a messenger, Dino uses lots of asynchronous code, not always though.
Usually my progress wasn’t interfered by such instances, but sometimes I had to work around it.

Async in Vala

No surprises here.
Functions are annotated with async, and yield expressions that are asyn … ⌘ Read more

@prologic@twtxt.net I have added that to my twtxt file. Even if I can’t see the metadata the people from yarn can. Not a big deal to add the metadata and it helps yarn users

@prologic@twtxt.net I don’t think Jenny does much of anything with the avatar and description but I do know yarn does and its not a bad thing to include the metadata for those users.

Dino: Stateless File Sharing: Base implementation
The last few weeks were quite busy for me, but there was also a lot of progress.
I’m happy to say that the base of stateless file sharing is implemented and working.
Let’s explore some of the more interesting topics.

File hashes have some practical applications, such as file validation and duplication detection.
As such, they are part of the [metadata element](https://xmpp.org/extensio … ⌘ Read more

🌠 Quick Share & a new Minimalist Theme
Group snippets for one-click activation, compare tags and folders, & improve your inline metadata. ⌘ Read more

@movq@www.uninformativ.de
I would recommend a longer rotation, perhaps? The way I see it, you are proposing a monthly one. That can make metadata huge too. Maybe yearly, or every 6 months?

@prologic@twtxt.net

No, it would be sufficient to skip avatar discovery when metadata does contain an avatar.

PEP 658: Static Distribution Metadata in the Simple Repository API ⌘ Read more…

PEP 643: Metadata for Package Source Distributions ⌘ https://www.python.org/dev/peps/pep-0643/

PEP 621: Storing project metadata in pyproject.toml ⌘ http://www.python.org/dev/peps/pep-0621

It’s a new one in the instant messaging game :P https://getsession.org It’s a fork of Signal and claims no metadata. I too have my chatting tools, but it doesn’t prevent to check new stuff ^^

Seems useful to have a set of consistent lexical conventions. # for comments; . for lookup; / for metadata. e.g cat ~.conf.git.core.pager

An ergonomic syntax for machine code: numbers, metadata, strings, tests, blocks. https://mastodon.social/@akkartik/102825992961303855

Metadata: Judoing the Dunning-Kruger effect: the “surprisingly-popular option” strategy for crowdsourcing https://muratbuffalo.blogspot.com/2018/11/judoing-dunning-kruger-effect.html

GitHub - jimkang/random-internet-archive: Gets a random Internet Archive resource, in URL form with some metadata. https://github.com/jimkang/random-internet-archive

@mdom@domgoergen.com metadata is there now. I was one commit behind.

@sdk@codevoid.de Great! Though i don’t see any metadata on your feed?

@mdom@domgoergen.com That’s interesting. So does txtnish read that metadata? or would an end user just look at the file to see it? Is the meta data going to be the standard?

@mdom@domgoergen.com what metadata feature is that?

New feature for txtnish: After setting add_metadata to 1, txtnish will, uhm, add metadata to your twtfile. Currently i only add followings, client and your gpg fingerprint. See my file for an example.

The workflow app on iOS is magic. I now have a button that asks me to select a picture, then converts it to png, resizes it, strips the metadata, scps it to my jumphost, scps it further to my gopher jail and into my paste directory, constructs the http proxy URL and opens it in safari. All without user-interaction. Now I can share my mobile life with you guys! Prepare for cat pictures!

a story, told as a browser history (title: metadata)

updated metadata on twtxt.txt file

Metadata: Paper review. IPFS: Content addressed, versio… http://muratbuffalo.blogspot.com/2018/02/paper-review-ipfs-content-addressed.html

@reednj@twtxt.xyz I think this would be the first time two clients implement the same #metadata format.

I’ll take another swing at #metadata for #twtxt. You can check my feed for an example. The headers aren’t important, only # key = value