Skip to content

Enjoy Kaizen

Category: Communication

What if …

… the mistakes of auto-correct are a cash-grab orchestrated by the cell-phone manufacturers and telecoms hoping we send follow-up texts with manual corrections and spend more pennies?

And that’s why they got rid of the penny! So we couldn’t keep track.

Installing a PHP Extension Outside Home

FEATURING: mf2 for PHP by cj.w6k.ca!

Have you seen similar?

cjw@buster201908:~$ []

You may recognize tilde hanging out there in the prompt:

... :~$ []

The tilde ~ is where the current directory name is written.

When you first login to your server, you’ll be chillin’ at home in $HOME circa ~. Change your current directory to /usr/local:

... :~$ cd /usr/local
... :/usr/local$

Make an empty folder here with the name phpext-mf2:

# don't forget sudo or you get pneughed ...
... :/usr/local$ mkdir phpext-mf2
mkdir: cannot create directory ‘phpext-mf2’: Permission denied

# with sudo
... :/usr/local$ sudo mkdir phpext-mf2

Now is a good time to take ownership with your login handle and default group, so you don’t get pneuged again. Use the chown command on /usr/local/phpext-mf2/.

From here, it’s time to clone the mf2 repo from code.cjwillcock.ca (or wherever):

... :/usr/local$ git clone https://code.cjwillcock.ca/php-extensions/mf2.git phpext-mf2
... :/usr/local$ cd phpext-mf2
... :/usr/local/phpext-mf2$ []

phpize is required next. It’s with the php-dev package:

... :/usr/local/phpext-mf2$ sudo apt-get install php-dev

Now the instructions from the mf2 README.md, but not in a rush like that. Run the 153 tests and decide if it will probably work for your server.

... :/usr/local/phpext-mf2$ phpize
... :/usr/local/phpext-mf2$ ./configure
... :/usr/local/phpext-mf2$ make
... :/usr/local/phpext-mf2$ make test

If everything passes, then install it!

... :/usr/local/phpext-mf2$ sudo make install
Installing shared extensions:     /usr/lib/php/20180731/

From here, installation is equivalent for any destination. Our prompt for the purpose of demonstration simplifies to $.

Make available for activation, your new extension:

$ echo "extension=/usr/lib/php/20180731/mf2.so" | sudo tee -a /etc/php/7.3/mods-available/mf2.ini

Activate it:

$ sudo ln -s /etc/php/7.3/mods-available/mf2.ini /etc/php/7.3/cli/conf.d/mf2.ini

Did it work?

$ php --ri mf2

mf2

Microformats2 support => enabled
cjw@buster201908:/usr/local/phpext-mf2$

Who Changed the Name?!?

The Universal Declaration of Human Rights has og:title Universal Declaration of Human Rights.

Against selfdogfood as Polite Nomenclature for Principles

I don’t like the association to the selfdogfood term.

I love making my own stuff for my own site that I use. That’s ‘selfdogfooding’ on the IndieWeb.

‘Food’ I plan to ‘eat’ in the morning, is that breakfast selfdogfooding then?

That’s an unhappy association.

A dog’s breakfast is a breakfast mistake. As is a dog’s dinner.

I feel it trend on through all the foods fit for the dog.

I strive for no mistakes in making a meal.

I seem to have a compatibility issue with the term.

To put it simply, I must eat.

To suggest my own made meal is like the dog’s?

That’s impolite and uncalled-for.

Johannes Me That Duck

I just wanted to embed my self-hosted WP-theme repository for this theme, via iframe on my blog post.

I recently added some microformats in a single commit, that I would reason over, here.

Check Out the Bill on That, Duck.

I always turn that screen off if I’m watching a movie. Now Win10 wants to turn off my notifications when I full-screen any other monitor. #nothanks

A graph from my report of the past 26 weeks in domain monitoring.

Duck, We Should Talk

When I copy text to my clipboard, and paste it into a table cell using the Gutenberg editor, a space is automatically added at the front of the text I paste.

What?

I hit paste. I carefully remove that leading space that WordPress seems to think is necessary.

Every. Time.

Nothing To See Here Duck

It would be swell if the page-break block in WordPress allowed me to specify a piece of content that would appear as page-footer & page-header on subsequent page-fulls.

The various page-break blocks should share their content, so that changing the content in one, changes content in all others to match at the same time.

At present, the page-break block has no configurable options at all.

Why Sign Git Commits?

From the Making of Dads’ Breakfast


https://cjwillcock.ca/dads-breakfast-making-of/

When choosing to trust code written by another person, I endeavour to take a measured risk. Consider the attack on CoPay, carried out via the compromise of an overlooked-on-update dependency, otherwise unrelated to the virtual currency exchange software concern.

Scenario: What if that code-contributing person is victimized by a masquerading identity thief, and goes on unknowingly promulgating the originating repository, now including commits of malicious code?

Challenge: When all is found out, is the whole identity compromised?

Resolution (GPG): Notify the certifier of the compromised GPG fingerprint. The master private key holder has de-certification authority over the signature certified for signing commits, and may revoke certification of the maligned signing certification, rapidly upon providing their own advertisement of change of certifications. Upon receipt of such a fingerprint or similar identifying information, revoke the compromised signing key and exercise stable surety-of-identity from the master key to generate and certify anew, a signing key for origination of authentic commits to the code repository. The identity is not the signing key, and the originator can readily have an assured identity with which to signify the authenticity of corrective actions and sundry commits.

I hope my original works are useful mechanisms by which surety-of-origination acts to strengthen the whole, now that I am signing my commits.

I have my master private key stored offline in an encrypted USB, but keep a signing subkey-pair on my local machine for day-to-day use. I ensured that my signing subkey was present on the shell where my development work was taking place, and configured my git client to use my signing subkey.

When I could manually sign any commit by git commit -S, and have it work as expected, it was then time to have git challenge for signature on every commit, by setting the global option: git config --global commit.gpgsign true.

On commit, I answer the challenge with my GPG passphrase to apply my signature using my private signing subkey. Such signed commits are indicated as verified by both my-own installation of Gitea at code.cjwillcock.ca and third-parties Github, et al.

My signing certificate expires two (2) years from the day I certified it, on 2021-03-16. If I go down, I’m taking all my certificates with me! 😀 That’s the graceful failure mode, and hopefully unnecessary for a very long time while I give it some more thought!

I welcome criticism, discussion and advice of the reader, that we may talk awhile.

I found the article Create GnuPG key with sub-keys to sign, encrypt, authenticate by Gerhard, via Tinned Software, helpful in getting started with GPG.

I found the article Using an offline GnuPG master key by Damien Goutte-Gattat helpful in learning to remove the secret from my master key, such that I now have an offline master key in encrypted, cold storage, while continuing to have the convenience of signing keys on my workstation.