| 00:21 | <JonathanNeal> | What on earth was this flexbox standard and whatever happened to this template approach? http://www.xanthir.com/blog/b4580 |
| 00:34 | <caitp> | heh, that's interesting |
| 00:34 | <caitp> | sort of terrible, but interesting |
| 00:45 | <tantek> | JonathanNeal: some of the template approach / ideas made it into http://dev.w3.org/csswg/css-grid/ |
| 00:48 | <JonathanNeal> | http://caniuse.com/#feat=css-grid ? |
| 01:28 | <TabAtkins> | JonathanNeal: What do you mean "what on earth was this flexbox standard"? |
| 01:28 | <TabAtkins> | The template approach is Grid Layout. |
| 01:35 | <TabAtkins> | Rather, became Grid Layout. |
| 05:46 | <MikeSmith> | rektide: I think the energy spent critiquing the Push API on twitter would be a lot better directed toward talking with the relatively smart people who are actually working on the Push API spec (and related protocol) and have thought about this stuff already |
| 05:47 | <MikeSmith> | e.g., Martin Thompson |
| 05:48 | <MikeSmith> | rektide: I hope you don't really imagine you're the first one to have considered the stuff you mention, or that people who have considered it have just blown it off |
| 05:50 | <MikeSmith> | rektide: and positioning any of the problems as something that "W3C" is somehow responsible for shows a lack of insight about how specs get developed |
| 05:50 | <tantek> | MikeSmith, speaking of how (w3c and other) specs are developed: http://tantek.com/2015/068/b1/security-towards-minimum-viable-web-platform |
| 05:53 | <MikeSmith> | rektide: it's just a relatively small group of people who are highly focused on solving a specific problem and they get together somewhere to do that. It could be anywhere. So if you want to constructively criticize the technical decisions, your feedback should better of be directed to the actually real people who are writing the specsăźnot to @w3c or some other abstract entity it's convenient to hate o |
| 05:53 | <MikeSmith> | n |
| 05:53 | MikeSmith | looks at tantek's URL |
| 05:54 | <MikeSmith> | ah good |
| 05:54 | <MikeSmith> | glad you took time to write about this |
| 05:54 | MikeSmith | reads further |
| 05:54 | <tantek> | there's more to write but I wanted to at least get this much out there |
| 05:55 | <tantek> | no checklist substitutes for the value and drive to minimize |
| 05:57 | <MikeSmith> | tantek: as far as "we need a security group", as Brad Hill has pointed out, we already have one. The problem is time |
| 05:57 | <MikeSmith> | https://twitter.com/hillbrad/status/572491470697074688 |
| 05:58 | <MikeSmith> | "Already there, also the Security IG. What there is not is magically more time for SMEs to do work." |
| 05:58 | <tantek> | MikeSmith: I'm not sure an IG is sufficient |
| 05:58 | <MikeSmith> | it's not just the IG |
| 05:58 | <MikeSmith> | the WebAppSec WG is chartered for this already |
| 05:58 | <tantek> | Yan's tweet hints at the issue: https://twitter.com/bcrypt/status/572220477919260672 |
| 05:58 | <MikeSmith> | that's why he said "also" |
| 05:59 | <tantek> | my understanding is that WebAppSec was not yet chartered for this |
| 05:59 | <tantek> | and that is one of the things we need to fix |
| 05:59 | <MikeSmith> | then you've been misled :) |
| 06:00 | <MikeSmith> | they are chartered for it |
| 06:00 | MikeSmith | goes to look |
| 06:00 | <tantek> | tell Yan ;) |
| 06:00 | <tantek> | I also appreciate looping in the TAG |
| 06:00 | <tantek> | since they of all people should get used to saying "no" |
| 06:00 | <MikeSmith> | I though Brad did already reply to Yan to say exactly that |
| 06:00 | <MikeSmith> | that they were chartered for it |
| 06:00 | <MikeSmith> | http://www.w3.org/2013/07/webappsec-charter.html |
| 06:01 | <MikeSmith> | > The Web Application Security Working Group may provide review of specifications from other Working Groups, in particular as these specifications touch on chartered deliverables of this group (in particular CSP), or the Web Security model. |
| 06:02 | <MikeSmith> | and on top of that we do as Brad pointed out also have the IG |
| 06:02 | <tantek> | well alrighty thing. nothing like citations and quotes ;) |
| 06:02 | <MikeSmith> | yeah so the problem isn't one of people not having already planned for review |
| 06:04 | <MikeSmith> | tantek: but anyway in general I am deeply suspicious of any model where some WG is given organizational authority to approve or disapprove of other WGs work where it touches on some particular area |
| 06:05 | <MikeSmith> | we've had that with WAI PFWG and I don't think most people would consider that to be a great success, or something we want to use a model |
| 06:05 | <MikeSmith> | and that's pretty much a big understatement |
| 06:06 | <MikeSmith> | as far as how that group is viewed by a lot of people |
| 06:06 | <tantek> | MikeSmith, sure, I share such suspicions |
| 06:06 | <MikeSmith> | tantek: ok |
| 06:06 | <tantek> | more than that, I want to put the fear of featuritis into every spec authors mind |
| 06:06 | <tantek> | and every working group's mind |
| 06:06 | <MikeSmith> | sure |
| 06:06 | <tantek> | and every chair's mind |
| 06:06 | <tantek> | because right now, W3C, WHATWG specs both have massive featuritis tumors |
| 06:07 | <MikeSmith> | well that's nothing new by a long shot |
| 06:07 | <MikeSmith> | CSS cough cough |
| 06:08 | <tantek> | hey man, I've been cutting features left and right from CSS3-UI, doing what little I can there. actually helped inspire some of this thinking. |
| 06:08 | <tantek> | OTOH what's with everyone going nuts with JSON? |
| 06:08 | <MikeSmith> | dunno |
| 06:09 | <tantek> | it's just the backend syntax du jour, today's XML |
| 06:09 | <MikeSmith> | but as far as CSS on the aggregate I think the numbers speak for themselves |
| 06:09 | <MikeSmith> | there are literally on the order of 50 CSS specs in development right now |
| 06:09 | <MikeSmith> | last time I could |
| 06:09 | <tantek> | that's a good thing actually - a side effect of *minimizing* features per spec |
| 06:10 | <MikeSmith> | compare that to, for the entire rest of the platform, everything else, we have *maybe* 50 specs in current development |
| 06:10 | <MikeSmith> | tantek: there are lots of creative ways to rationalize the numbers I guess |
| 06:10 | <tantek> | that's not to say that CSS WG dynamics and even spec development couldn't be improved, but there's at least active work towards that (in some respects) |
| 06:11 | <MikeSmith> | but there are still a large volume of features there |
| 06:11 | <tantek> | the nice thing about the "50 specs in development" number is that it puts pressure on cutting/dumping some of those specs |
| 06:11 | <MikeSmith> | yeah |
| 06:11 | <MikeSmith> | ture |
| 06:12 | <tantek> | so feel free to keep up the pressure :) |
| 06:13 | <MikeSmith> | well I have nothing to do with CSS |
| 06:13 | <tantek> | but you can count :) |
| 06:13 | <MikeSmith> | well except backroom political lobbying |
| 06:13 | <MikeSmith> | well I can rant to plh |
| 06:14 | <tantek> | ranting does seem to be an effective mechanism for gaining attention at W3C |
| 06:14 | <MikeSmith> | actually plh does listen to my feedback |
| 06:14 | <MikeSmith> | not effective for plh |
| 06:14 | <tantek> | not exclusively, but often. ranting that is. |
| 06:14 | <MikeSmith> | plh is very good about focusing on problems he can actually solve, and not wasting time on problems he can't |
| 06:15 | <tantek> | good to know. better to encourage / pay attention to good behavior than bad. |
| 06:19 | <MikeSmith> | anyway, about the security review, what I said above about failure of our existing review groups is why I was suggesting we make a stronger effort to try also some bottom-up approach to facilitating quality review based on a detailed set of shared criteria that anybody can evaluate on their own |
| 06:19 | <tantek> | yes |
| 06:19 | <tantek> | makes sense, also provides positive incentive |
| 06:19 | <tantek> | you can make your specs look better by providing a security review! |
| 06:19 | <MikeSmith> | yeah |
| 06:19 | <tantek> | (and inviting external review of your review etc.) |
| 06:20 | <tantek> | hence why I submitted a pull-request to the self-review doc |
| 06:20 | <tantek> | hoping to improve it at the source |
| 06:20 | <MikeSmith> | and ideally I think we should get somewhere closer to removing the idea of "experts" we all are supposed to go to, hat in hand, to request review |
| 06:20 | <MikeSmith> | yeah I submitted a PR on that doc too |
| 06:20 | <tantek> | cool |
| 06:20 | <MikeSmith> | but mike west has ignored it so far! |
| 06:21 | <MikeSmith> | I think Mike's maybe away on vacation or something actually |
| 06:27 | <MikeSmith> | botie, inform smaug____ initMessageEvent has been dropped, right? replaced by just initEvent? |
| 06:27 | <botie> | will do |
| 07:50 | <The-Compiler> | I hope this is the right place for this kind of question - In an UA, if an user temporarily ignores an SSL error, what "similiar" SSL errors should I automatically ignore? Does it sound sensible to ignore all subsequent errors if (error, certificate, scheme, host, port) all match? |
| 08:15 | <annevk> | The-Compiler: it doesn't really sound sensible to ignore SSL errors |
| 08:19 | <The-Compiler> | annevk: yeah, but power to the user :) |
| 10:43 | <botie> | smaug____, at 2015-03-10 06:27 UTC, MikeSmith said: initMessageEvent has been dropped, right? replaced by just initEvent? |
| 10:43 | <Ms2ger> | MikeSmith, replaced by new MessageEvent |
| 10:45 | <smaug____> | yes, all init*Event are at least deprecated |
| 10:45 | <MikeSmith> | Ms2ger: ah OK |
| 10:45 | <smaug____> | who are you, botie |
| 10:45 | <botie> | bugger all, i dunno, smaug____ |
| 10:45 | <smaug____> | that is what I thought |
| 10:47 | <MikeSmith> | smaug____: ah OK, yeah vaguely remembering that now (about general deprecation) |
| 10:48 | <MikeSmith> | botie is my personal assistant |
| 10:48 | <MikeSmith> | botie, CSS? |
| 10:48 | <botie> | mikesmith: bugger all, i dunno |
| 10:57 | <annevk> | GPHemsley: https://phabricator.wikimedia.org/T62835 might be of interest |
| 11:53 | <Ms2ger> | MikeSmith, wait, why is initMessageEvent in the spec |
| 12:12 | <zcorpan> | i think it was needed for web compat |
| 13:30 | <annevk> | beverloo++ |
| 13:30 | <beverloo> | glad to help :) |
| 13:32 | <annevk> | beverloo: so Version history -> Commits |
| 13:32 | <annevk> | beverloo: and that should be two separate entries |
| 13:32 | <annevk> | beverloo: and after participate |
| 13:32 | <beverloo> | aah missed those, I'll do that right now |
| 13:32 | <annevk> | beverloo: also "File an issue" / "open issues" |
| 13:33 | annevk | will skim through the rest meanwhile |
| 13:37 | <annevk> | Looks okay, kind of curious that the References have a different order, but seems to be okay |
| 13:58 | <beverloo> | annevk, all done. Unsure about the reference order. Created a bikeshed PR too regarding the ordering. |
| 13:59 | <annevk> | beverloo: cool |
| 14:02 | <zcorpan> | mathiasbynens: it's Element#closest not HTMLElement#closest |
| 14:02 | <mathiasbynens> | zcorpan: thanks |
| 14:02 | <annevk> | beverloo: feel free to merge it |
| 14:02 | <annevk> | beverloo: I gave you some powers |
| 15:09 | <MikeSmith> | yeah we have a relatively small number of heavy bugzilla users at w3c: Hixie, AnneVK, Msger, Simon Pieters from Opera, jgraham |
| 15:09 | <MikeSmith> | and me |
| 15:09 | <MikeSmith> | the rest of the users are tourists :-) |
| 15:10 | <MikeSmith> | ooofs |
| 15:10 | <MikeSmith> | ahah I meant to write that to glob |
| 15:10 | <MikeSmith> | oh well |
| 15:12 | <MikeSmith> | I should probably have included mathiasbynens in that list |
| 17:24 | <beverloo> | annevk, cool, thanks! |
| 17:24 | <beverloo> | annevk, before I merge, is there anything you need to update on the server side for updating on pushes? |
| 17:24 | <beverloo> | given that Overview.html now is called notifications.html |
| 17:56 | <annevk> | beverloo: ah yeah, I need to fix that |
| 17:56 | <annevk> | beverloo: I think you can push and then I'll just change a few things over ssh |
| 19:22 | <zcorpan> | hmm, i didn't know about the third argument to String#replace. don't see it in https://kangax.github.io/compat-table/es6/ either |
| 19:22 | <zcorpan> | re https://github.com/w3c/web-platform-tests/pull/1671 |
| 19:23 | <caitp> | zcorpan: it doesn't show up in the draft either, afaik |
| 19:25 | <caitp> | annex E does mention that the algorithm for replace was specified wrong when the search object is a regexp with the global flag set though |
| 19:30 | <zcorpan> | https://bugzilla.mozilla.org/show_bug.cgi?id=481738 |
| 19:32 | <Mateon1> | zcorpan: The flags argument is not standardized, and doesn't work in Chrome, sadly. |
| 19:35 | <zcorpan> | Mateon1: it doesn't enable anything that a regexp in the first argument can't do, does it? |
| 19:36 | <Mateon1> | No, but I was hoping for str.replace("match", "substitute", "g");, though. |
| 19:36 | <zcorpan> | why? |
| 19:37 | <Mateon1> | Less code, an additional new RegExp("match", "g"); in case of dynamic "match" is a bit long |
| 19:39 | <zcorpan> | ok. yeah i guess it could be more ergonomic in some cases, but OTOH it's more to learn and it's a shorter path to interop for gecko to drop it (I assume IE doesn't have it but i haven't tested) |
| 22:33 | <Mateon1> | Is there any chance there will ever be an actual integer type (outside of typed arrays) in Javascript? I find having to do rounding at every point of the program a bit unneccessary. |
| 22:47 | <jgraham> | Why do you have to round at every point in the program? |
| 22:48 | <caitp> | I think spidermonkey has the same "small integer" type as v8's 31 bit representation, so you have at least 2 variations of fixed size integers |
| 22:53 | <Mateon1> | This is starting to make me think about making another transcompiler over Javascript. A good language needs types... An example is storing a structure/object containing some data, a function expects an integer but would crap out if it got a float - you take the data out of the struct, expecting int, you get float, the function craps out. |
| 22:54 | <jgraham> | Things that annoy me #187: the word "transplier". We already have a word for that: "compiler" |
| 22:55 | <jgraham> | Anyway, if you want a js-like lanuage with better type safety try typescript or something |
| 22:56 | <Mateon1> | Interesting, reminds me of ActionScript. |
| 22:58 | <caitp> | i mean, typescript doesn't really get you stuff like integer bit width, but hey |
| 22:59 | <caitp> | not sure it even has a specific "integer" type |
| 23:03 | <Mateon1> | I'm looking for a language that has type safety, doesn't matter if optional or enforced, but shouldn't involve too much extra code. should have a non-nullable type, as well as an Optional type. Is there anything close to that? |