-
daniel
What's not to get about the mam thread. Closing gaps is incredibly difficult in current MAM.
-
daniel
I can totally see why they want to retrieve a list of all ids
-
jonasw
yeah, I realized that while writing my reply
-
daniel
Also when you are woken up by the os after a push I can see why you maybe want to just get one message instead of all the back log
-
jonasw
but assuming that with bad connection, the overlap between the "huge" gap (which spans from "last message ID of the gapless huge block in the past to now) and messages received inbetween should be small enough to not worry about the overhead?
-
daniel
I might not do that in my application.
-
daniel
But I can see why someone would want to do that
-
Kev
How is filling a hole hard? You say "Give me stuff between these ids".
-
jonasw
yeah, I don’t see the problem with that; the push service should just deliver that ID.
-
jonasw
Kev, what if you don’t have those IDs?
-
daniel
Kev: remembering where the gaps are is
-
jonasw
because you don’t get IDs for messages you sent!!k
-
intosi
jonasw: you have ids of things surrounding the gap. You can use the start and end of a returned set that isn't complete.
-
intosi
* first / last
-
jonasw
intosi, *if* you actually have the IDs, yes
-
jonasw
but it makes things more complex than "query MAM from the last ID you got"
-
Kev
Other than sent messages, which are an obviously different problem, why would you not have them?
-
intosi
^ what Kev asked
-
jonasw
Kev, other than that, you’d have them if your server supports giving you IDs on carbons
-
intosi
If you know there's a hole, you have a first and a last id.
-
jonasw
I am just arguing that the suggesiton from that thread that all you’d have to do is to query since the last ID: > And how it is more simple than "the latest message I have has ID XXXXX, request all messages since XXXXX"? is not correct.
-
Kev
jonasw: It depends what you're trying to achieve.
-
Kev
If you want complete sync, then Edwin is right.
-
Kev
If you only want recent sync, then the holes don't matter so much.
-
Kev
But in any case, ISTM that filling the holes is possible anyway.
-
Kev
Assuming you get the ids on messages sent/received, but those are orthogonal issues.
-
jonasw
Kev, yes, it is possible
-
jonasw
so I drafted this: https://github.com/jabbercat/jabbercat/issues/26#issuecomment-370333729
-
jonasw
would that work or do I have a logic fault in that?
-
jonasw
(regarding backfilling holes)
-
jonasw
s/event/message/ if you can’t follow
-
daniel
jonasw: sounds pretty complicated considering the general dump clients approach of xmpp
-
jonasw
I find it rather okay-ish. It has the advantage (compared to a list of stanza-IDs from the server) that I can dedup properly even if I don’t get stanza-ids on all stanzas, which is sadly currently the state-of-the-xmpp-art
-
daniel
jonasw: i agree with you that it is _possible_ to close gaps. But at what cost. Do you really want to point every xmpp developer to that algorithm?
-
jonasw
one could also simply keep track of the last "MAM-confirmed" message and always sync from there.
-
jonasw
the number of dups should be neglectible anyways if sync failed due to bad network.
-
daniel
> one could also simply keep track of the last "MAM-confirmed" message and always sync from there. That's what I do. And I only dedup once because then I put the mam ID in the dedupped message by the way
-
daniel
But thats a different thing than closing gaps
-
Kev
Sounds straightforward enough.
-
jonasw
daniel, in the end, the gap is closed; what do you consider "closing gaps"?
-
daniel
I love how for every xep there is ab 'algorithm' or an explanation on some random persons blog or github like here is how you use that xep.
-
edhelas
https://github.com/signalapp/Signal-Android/issues/7460 Signal down
-
Ge0rG
Time to blow the xmpp horn!
-
Ge0rG
Oh, it's up again, only was down for two hours
-
Holger
Damn.
-
jonasw
vanitasvitae, wouldn’t the MAM usage you proposed on standards@ cause a long-connected client to re-download all messages it alread has received live?
-
vanitasvitae
jonasw: sorry, I'm not sure which proposal you are talking about :D
-
jonasw
vanitasvitae, the email which starts with: > Maybe it helps to write down how most xmpp devs use MAM
-
jonasw
oh damn
-
vanitasvitae
:D
-
jonasw
I think I got you confused
-
vanitasvitae
Wasnt me probably
-
jonasw
which also explains why "you" are so proficient with MAM, that was unexpected to me
-
vanitasvitae
:D
-
vanitasvitae
I think lovetox sent that mail, right?
-
jonasw
yeah
-
Link Mauve
Ugh… https://github.com/redsolution/xabber-android/issues/802
-
Kev
Suddenly Swift's issue reporting doesn't seem so bad, does it? :)
-
Link Mauve
You mean closing any issue and opening it in your internal bugtracker, where you can say exactly the same thing without me knowing it? :p
-
Kev
I think the 'without you knowing it' bit matters :)
-
Kev
I mean, no, we'd never do that!
-
intosi
😼
-
moparisthebest
Link Mauve, to be fair that scanner thing had a ton of false positives, even on conversations...
-
moparisthebest
in fact what I've seen of it was *only* false positives up to now
-
Link Mauve
moparisthebest, they haven’t been able to scan Conversations because you have to pay for it.
-
moparisthebest
oh, was it a different scan then?
-
moparisthebest
I'm having trouble finding it but there was definitly a 'scan report' released recently that accused conversations of having trackers too
-
Link Mauve
moparisthebest, there was one for some Conversations “plugin”: https://reports.exodus-privacy.eu.org/reports/search/eu.siacs.conversations.sharelocation
-
Link Mauve
But that’s not Conversations.
-
SamWhited
I hatethose things, they always say stuff without any context
-
SamWhited
'ACCESS_COARSE_LOCATION Dangerous' … umm, no, it's a mapping app, that's expected.
-
Link Mauve
https://reports.exodus-privacy.eu.org/reports/2332/ otoh, is doing well.
-
Link Mauve
SamWhited, or internet access, for an application opening a TCP connection on a non-HTTP port. :p
-
SamWhited
Isn't Android's INTERNET permission just implicit and given to everything? That one seems really extreme
-
moparisthebest
yes
-
jonasw
lolwat, INTERNET "dangerous"?
-
moparisthebest
I thought they were changing that at some point, maybe 8 or in the future?
-
moparisthebest
this is one of the now fewer reasons why I insist rooting is necessary for a secure android phone
-
moparisthebest
(because you can firewall applications from the internet that way)
-
jonasw
I’m more worried about android or the telephony itself being massively insecure. If I wouldn’t trust the apps I’m running, I can trash the device right away I feel.
-
Link Mauve
Anyway, these guys are very open to suggestions, I can pass any you have.
-
SamWhited
I'm more worried about "scanners" like this training non-technical users to look at exactly the wrong things.
-
jonasw
yeah
-
jonasw
scanning for trackers is probably sane
-
SamWhited
Not IMO
-
jonasw
dunno
-
Link Mauve
SamWhited, when you see things such as https://blog.acolyer.org/2018/03/05/apps-trackers-privacy-and-regulators-a-global-study-of-the-mobile-tracking-ecosystem/
-
jonasw
depends on how safe against false-positives it is
-
Link Mauve
It’s not exactly “the wrong thing”.
-
SamWhited
I'm aware, but Google's app analytics stuff isn't that.
-
Link Mauve
jonasw, it isn’t, because by European laws they are not allowed to decompile or anything.
-
Link Mauve
Their tester is a glorified grep.
-
jonasw
I would not support a statement which said that "google analytics is exactly the wrong thing to look at when checking how privacy friendly a thing is" though
-
Link Mauve
I block Google Analytics on the web, I would do the same if I had a phone.
-
moparisthebest
yea but if you voluntarily use the google play store to install apps, that seems like a hard opt-in to google analytics tracking to me
-
moparisthebest
which is why I only use f-droid personally
-
Link Mauve
moparisthebest, most people don’t know alternatives even exist.
-
Link Mauve
They use what was installed when they bought their phone.
-
Zash
Windows monopoly all over again
-
moparisthebest
I know, depressing :'(
-
Link Mauve
moparisthebest, does Google Play Store leaks when you launch applications or what you do in them, or something?
-
moparisthebest
additionally most phones don't allow you to remove google play, again, you have to root it for that
-
Link Mauve
Or is it just what you install and when?
-
moparisthebest
I know it can uninstall apps and install updates without your permission too
-
moparisthebest
so *probably* all of those things?
-
moparisthebest
wait did you say only https wasn't a red flag? why is TLS on 443 any less suspicious than other ports? :'(
-
Link Mauve
“18:05:56 jonasw> lolwat, INTERNET "dangerous"?”, I asked them, apparently the category is given by Google.
-
daniel
That quoting
-
Link Mauve
Sorry, I haven’t worked on poezio in a long time. :x
-
jjrh
Anyone have any recommendations for a simple XMPP git bot?
-
rion
github sends me notifications on commits. maybe their bot is opensource. I don't know.
-
j.r
rion: how?
-
jjrh
Yeah github has uh hubot? It's kinda a giant thing that does a whole lot more than respond to a on commit hook
-
Zash
There's one that announces commits in the poezio room, ask them what they use.
-
jjrh
Thanks Zash
-
Zash
IIRC it got added to Github itself, somehow.
-
Link Mauve
I think there is one by github themselves, which they host, and a ruĝamia from redmine.
-
Zash
You could also do what we (prosody) do, and put something as a receive-hook on the server, if you have control over that
-
jjrh
Zash, that's what i'm planning on doing.
-
rion
example of github standard hook http://pix.academ.info/img/2018/03/06/af0363c83be4f268ad76a09ecb0fa35f.png
-
j.r
> I think there is one by github themselves, which they host, and a ruĝamia from redmine. Where can I finds the bot by github itself?
-
jjrh
We already do this with email, but channel notifications would be nice.
-
moparisthebest
you could have the email trigger an xmpp message >:)
-
Link Mauve
j.r, I couldn’t find their source code in a short search, I don’t know.
-
j.r
Ok
-
jjrh
moparisthebest, yes - but what software exists to do the XMPP part?
-
jjrh
I could write this myself but I figured someone had already done it
-
Zash
https://github.com/github/github-services/tree/master/lib/services search for "xmpp"
-
Zash
wild guess
-
Zash
Seems to match the options in Settings → Integrations
-
moparisthebest
jjrh, https://github.com/moparisthebest/sendxmpp-py https://github.com/moparisthebest/sendxmpp-rs ancient-perl-sendxmpp, called by a hook or sieve script
-
jjrh
cheers!
-
moparisthebest
of those I'd suggest the python one if it works for you
-
jjrh
Does it do MUC or just message?
-
moparisthebest
ew yea, just message
-
moparisthebest
you probably want a proper bot then
-
jjrh
Yeah that's what it's sounding like. Probably should just write something myself, the examples are handy though.
-
moparisthebest
sendxmpp-py should be fairly easy to modify to do that I think
-
jjrh
Yeah - what might work nicely is to use sendxmpp to send a message to a bot which can have some more smarts
-
jjrh
https://github.com/moparisthebest/sendxmpp-rs/blob/master/Cargo.toml I think your description might be wrong ;)
-
moparisthebest
ha yea looks like it, how the hell did that happen, probably what cargo new does by default or something
-
pep.
rion, do you have a room for psi dev?
-
pep.
or psi in general
-
Neustradamus
xmpp:psi-dev@conference.jabber.ru?join
-
pep.
yay captcha..
-
marc
Ge0rG, https://github.com/ge0rg/easy-xmpp-invitation/pull/9 works fine for me on firefox and firefox focus (mobile)
-
marc
Would be nice if you merge it t get rid of Google Fonts
-
marc
s/t/to