maiyannah on community.highlandarrow.com

This remote profile is registered on another site; see maiyannah's original profile page on community.highlandarrow.com.

1. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 07:12:25 EST maiyannah

   Remote profile options...

   • Constance Variable
   @lambadalambda I want to keep any changes to the existing API to plugins so that I don't touch the core behaviour and end up breaking compatability.  I'd be willing to backport YAML versions to a Twitter API plugin though.
2. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 07:08:33 EST maiyannah

   Remote profile options...
   Now listening to:
   The Tristar, from "The Rigel Axiom" by Dynatron
   https://blood-music.bandcamp.com/track/the-tristar
3. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 07:05:54 EST maiyannah

   Remote profile options...

   • verius
   @verius You would be doing me (and probably Custard) a favour if you could describe what you'd like to see for endpoints of the new YAML API at the issue I made for it here: http://status.hackerposse.com/url/13321 Trying to get a good idea of what people want of it and since this is mostly for Custard (and anyone else who wants the shiny new interface it uses) your…
4. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 07:02:39 EST maiyannah

   Remote profile options...

   • Bob Mottram
   @bob It is my understanding that this is the reason the functionality of restoring remote backups was curtailed in StatusNet originally, from the comments, but I may be wrong.
5. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 07:00:53 EST maiyannah

   Remote profile options...

   • Bob Mottram
   @bob Well I figure if the archive is encrypted and the end-user doesn't have the key then that mitigates most attacks regarding injection of bad data sufficiently.
6. Bob Mottram (bob)'s status on Monday, 12-Dec-2016 06:47:17 EST Bob Mottram

   Remote profile options...
   https://social.freedombone.net/attachment/675
7. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:51:38 EST maiyannah

   Remote profile options...

   • Bob Mottram
   What do you think of this implementation idea for your suggestion, @bob?
8. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:43:50 EST maiyannah

   Remote profile options...

   • Purple Hippo
   @purplehippo Well, it's for the gits after all.
9. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:43:25 EST maiyannah

   Remote profile options...
   Thought: You could have the migration generate a key used to encrypt the backup, which is then transmitted only to the target server and then stored, and then email the user the migration data when the backup task is complete.  They would then upload that zip file to the target server and the key would be needed to decrypt the archive and thus import the account.
10. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:41:29 EST maiyannah

    Remote profile options...

    • Bob Mottram
    @bob *such injections, though I would agree that injection attacks suck, yes
11. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:40:06 EST maiyannah

    Remote profile options...
    The old API is getting maintenance/security updates only, and is maintained only for backwards compatibility.  If you disagree with that stance, I invite you to construct a plugin with the changes you desire.
12. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:38:34 EST maiyannah

    Remote profile options...

    • Bob Mottram
    @bob  Outputting the full YAML outline of an account is entirely possible, though it could be resource-consuming for a large account.  That isn't an unsurmountable concern however and there is already a means to deal with large content in the codebase we can leverage towards this end.
    
    The larger concern is devising a way to detect malicious edits or other suck injection vectors through the imported data.
13. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:35:59 EST maiyannah

    Remote profile options...

    • Constance Variable
    • Bob Mottram
    @bob @lambadalambda Migration actually exists in the backend, but was made optional a long time ago due to security concerns.  I am probably going to re-examine this however.
14. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:32:22 EST maiyannah

    Remote profile options...

    • Constance Variable
    @lambadalambda I won't be changing the existing API.
15. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:31:11 EST maiyannah

    Remote profile options...

    • Purple Hippo
    @purplehippo Well, he did develop 'git'
16. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:30:42 EST maiyannah

    Remote profile options...

    • 桃
    @xj9 Ok
17. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:30:32 EST maiyannah

    Remote profile options...

    • Constance Variable
    @lambadalambda I will copy this into my issue for the API so it's not forgotten.
    
    One thing I do want to do with postActiv is make remote and local users as transparent in the backend as possible.
18. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:27:38 EST maiyannah

    Remote profile options...

    • Archaeme
    @archaeme This is also why I want to cut out the external libraries as much as is possible.
19. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:27:16 EST maiyannah

    Remote profile options...

    • Archaeme
    @archaeme While I could patch Qvitter to do this, I kind of want to avoid getting sucked into patching a bunch of third-party products, for a bunch of reasons.
20. maiyannah (maiyannah)'s status on Monday, 12-Dec-2016 06:26:33 EST maiyannah

    Remote profile options...

    • louis
    @louis I am always willing to rebase specific changes of postActiv that GNU social desires to have.

• After
• Before