Mastodon Icons!

It took some doing, but I finally have a Mastodon icon for my social media menu. It may not seem like it’s important, but I’m really nit-picky about this crap.

A picture of the social media icons on my site (menu and footer).
Yay!

Turns out it took a bit of doing. I installed Add Fediverse Icons to Jetpack, then (thanks to the developer of that plugin) I added this snippet he wrote for me:

add_filter( 'walker_nav_menu_start_el', 'my_apply_icon', 100, 4 );
function my_apply_icon( $item_output, $item, $depth, $args ) {
	$social_icons = array(
		'Diaspora'   => 'diaspora',
		'Friendica'  => 'friendica',
		'GNU Social' => 'gnu-social',
		'Mastodon'   => 'mastodon',
		'PeerTube'   => 'peertube',
		'Pixelfed'   => 'pixelfed',
	);

	if ( 'social' === $args->theme_location ) {
		foreach ( $social_icons as $attr => $value ) {
			if ( false !== stripos( $item_output, $attr ) ) {
                                $item_output = preg_replace( '@<svg(.*?)</svg>@', '', $item_output );
				$item_output = str_ireplace(
					$args->link_after,
					'</span>' . jetpack_social_menu_get_svg( array( 'icon' => esc_attr( $value ) ) ),
					$item_output
				);
			}
		}
	}

	return $item_output;
}

This added the icon to successfully to my menu. However, it was giant. I noticed in the web inspector in Firefox, that the bounding box for the SVG was huge. I changed it to be 24 pixels tall like so:

.icon.icon-mastodon {
  height: 24px;
}

Finally, things are good!

Edit: I keep all my CSS edits in Git.

A picture of the homepage of ThemeGrill (as of 2020-02-18T10:19-05)

Plugin Vulnerability

If you’re one of the 200,000+ users/clients of the ThemeGrill plugin, you should update yesterday.

Plugin vulnerabilities are not a new thing. The only novel thing about this one is the number of affected sites. It’d be like Askimet having a major remote control exploit. You can mitigate these issues by making sure your plugins are up-to-date. WordPress is not particularly hard to manage. There are lots of plugins and services that make it brainless (shoutout: Jetpack). So, this should be a non-issue.

While we’re talking about plugin vulnerabilities, you should go visit Marko Saric’s guide on securing your WordPress install. Lots of good advice in there. I personally like using Jetpack (with Askimet and Vaultpress), but there are lots of free tools that you can use to secure yourself.

App Stores

You know. I used to think app stores were neat. It was a novel concept coming from Windows or Mac where you basically had to hunt down applications to install and configure yourself. Only the largest of companies had real collections of anything. Even ancient Linux systems had dependency hell that made the idea of a store an appealing idea.

Then, you know, we fixed that. RPM, Debian, et al just fixed the problem with dependencies and now you just say:

$ yum install firefox # RPM
$ apt install firefox-esr # Debian
$ pacman -Syu firefox # Arch Linux
# Etc..

And within a few minutes, Firefox and all it’s dependencies are installed, configured and ready to be launched. These app stores that Apple and Microsoft hawk are pale imitations of this system. They tout that they’re sandboxing applications (something the system should already do, like AppArmor, et al) from these stores and they’re reviewed/vetted. The problem is, they’re just repackaging the already shitty app discovery/dependency experience and saying: “Here, all the crap that you need to run, no matter how old or twisted it is, put it in this box with your application and run it from there”. This isn’t a solution, just shifting the focus.

It seems that some people believe that this idea would be great on Linux, too. AppImages, Flatpaks and all sorts of containerized systems popping up to “simplify” the Linux install experience. Oddly enough, it does just what the big kids do, ignore the base system and shove everything into a box until it runs. Fuck disk space, fuck bandwidth, fuck security updates and comparability or integration. Does it run? Good, ship it.

It almost seems like they’ve missed the point of the whole package management system. It would seem that way, but they’re too smart to have just “missed” the underlying system that bootstraps literally the entire system into existence, libraries and all.

No, I imagine what they’ve done is willfully ignored it because packaging is hard. It is. No two ways around that. If you want your app in one of those systems, you have to package it and make sure it works. Either that or help the package maintainers do that. It sucks because a lot of systems are more byzantine than they have any right to be. That is something we could address.

Instead, I think the idea is to get proprietary software to a point where companies don’t have to rely on trusted packagers (who are probably somewhat agnostic or hostile to them) or having to do the work themselves. They just wrap the whole mess up in a FlatPak or AppImage and they’re off to the races.

Elementary OS seems to think that App Stores are a great idea, too. They’re even revamping theirs so that “Linux developers can get paid”.

Let me just pick that apart for a minute:

  • How are they not able to get paid? Were they somehow prohibited in previous iterations of the App Store?
  • Are open source (not Linux…) developers somehow prohibited from setting up donation boxes like Librepay, Paypal or literally any of the other pay for stuff services?
  • If app developers, through this store, are allowed to get paid… are they allowed to restrict users from installing the software without paying for it?
    • This breaks open source/free-software
  • How are you going to moderate this store from going the way of every other App Store where thousands of pieces of barely compiling crap with pretty icons get shoved up to the top with paid advertising or bot-farm reviews? Have you somehow solved this problem?

I have no problem paying open source developers, or rather, donating to them. I do it all the time. Projects I use regularly or need, I give money to. I just don’t see how an App Store is somehow going to fix this in ways that aren’t already possible, without somehow turning it into a shitshow of shovelware and trashy apps.

Linux doesn’t need App Stores. It already has them in the form of package management. There are even nice interfaces through Discover and Gnome’s “Software”. This is a solved problem. So why are we reinventing it?

I’m probably a curmudgeon, but this seems a solution in search of a problem.

A picture of an Apple MacBook sitting next to a user who is running a (obsensibly) Windows HP lapotp

GNUThink

I sometimes get to a point where I question a lot of what I do and what matters to me. Sometimes it’s because of simple things, like a broken tool, or a frustrating problem. Sometimes it’s more of a philosophy problem, where I question how I feel about something and if I should change my ideas or mannerisms behind some action.

Lately, it’s been a little of both. I use an iPhone, Apple Music, iCloud (storage, etc), Office 365, and probably other tools and services that would be considered “non-free” in the “libre” sense. This has lead to me thinking about what I actually want out of computing. It’s such a thorny question, because there are so many comfortable choices that I’m in, that upending them would probably throw my life (and my family’s) into temporary turmoil.

For instance: Office 365. I pay for just the Exchange Online component, because I don’t need the actual Office suite as we (my family) get it free from my school and other organizations that we’re associated with. Exchange Online has been fine from a end-user perspective. Very rarely do I have any real issues to speak of, other than paying for it. My real problem here is that it’s a very proprietary platform, and because of that, it’s moderately difficult to get out of and to connect to with free-software tools. The IMAP support is… functional, but the contacts and calendars are tied down.

Similarly, I have lots of Apple devices and services. Like Office 365, I don’t have any complaints, per se, it’s just that they’re extremely proprietary and that means getting out of the ecosystem is difficult, and like above, connecting using free-software tools is straight up impossible.

The reason I have these things in the first place is that my family, who don’t hold my free-software ideals, want/need access to reliable tools they can use from multiple places. This is not an unreasonable request, and is one that can be solved with enough time, free-software, capital and expertise. Unfortunately, I’m not willing or able to host all of that, or even administer it. I don’t have the time, and I certainly don’t have the specific expertise to do all of it. Hence the current implementation.

Balance between freedom, convenience and cost is a tricky one. While I’d personally like to model myself more in line with the FSF’s computing ideals. The problem is that I have family members that I have to support as well. I’d also like to move them toward more free-software systems. While I recognize their choice in platforms is their own, I also get to say what I will and will not support (kind of, family is so complicated).

I don’t have any kind of resolution for this, I’m still trying to figure out what kind of path I want to take. Is pragmatism the smarter choice? Idealism feels right, but is massively more difficult to implement. There is probably a good middle of the road, but I don’t know if I’m on it. Maybe it doesn’t matter?

What should I do?

Featured Image

“Ugh, a Mac”, by Joe Wilcox – License: CC BY-NC-SA 2.0