moose-team / friends Goto Github PK
View Code? Open in Web Editor NEW:tv: P2P chat powered by the web.
Home Page: http://moose-team.github.io/friends/
License: MIT License
:tv: P2P chat powered by the web.
Home Page: http://moose-team.github.io/friends/
License: MIT License
While public channels are all well and good, they aren't suitable for every purpose. It would be nice to have hidden/private/invite only channels
idea is to run then when you first see someone, so you can gather all the public keys related to them
This would be a good platform for using web-components, since this is an installed app and speed isn't such an issue or number of bytes for the payload.
This would also allow reusing existing customelements.io content and maybe polymer paper elements (if using polymer).
Apart from that, it would allow for a wider audience to understand the code-base and contribute more freely.
[24899:0429/095427:INFO:socket_host_udp.cc(337)] sendto() has failed twice returning a transient error. Dropping the packet.
fills up my console (on a mac)
First up - you had me at hello, this is awesome.
Second - I was getting a failure trying to run the npm run rebuild
under iojs but after switching nvm back to 0.12
it was happy. Is that something specific to my setup or is iojs support for atom (seemed to be the problem) still in the works?
> [email protected] rebuild /home/doehlman/code/github/friends/app
> cd node_modules/leveldown && HOME=~/.electron-gyp node-gyp rebuild --target=0.25.1 --arch=x64 --dist-url=https://atom.io/download/atom-shell
gyp http GET https://atom.io/download/atom-shell/v0.25.1/iojs-v0.25.1.tar.gz
gyp http 403 https://atom.io/download/atom-shell/v0.25.1/iojs-v0.25.1.tar.gz
...
get a 403 when trying to download https://atom.io/download/atom-shell/v0.25.1/iojs-v0.25.1.tar.gz
I could log in first, it doesn't work anymore. The only error message is the following:
[25612:0429/231242:WARNING:backend_impl.cc(1775)] Destroying invalid entry. [25612:0429/231242:WARNING:backend_impl.cc(1775)] Destroying invalid entry.
It also cranks up my one of my CPUs. If there are debug flags, I'm happy to provide more info.
It would be pretty cool if it was possible to chat alone in an organization. So that it would only be moose-team
that could chat. It would also be interesting if it was locked down to the collaborators of a repo.
Then it could replace whatever chat layer most projects/organizations have.
Other opinions?
Typing expands the input textarea automatically, but this overlaps and hides recent messages.
Error:
[23896:0429/133016:INFO:renderer_main.cc(200)] Renderer process started
[23364:0429/133022:INFO:CONSOLE(14)] "[object Object]", source: c:\Users\Jason\dev\patches\github-current-user\github-current-user.js (14)
[23364:0429/134045:INFO:CONSOLE(333)] "Uncaught TypeError: Cannot read property 'setBadge' of undefined", source: C:\Users\Jason\dev\patches\friends\app.js (333)
New messages were not being drawn on screen (I didn't delve deeper to see if they were being received, but I think they were). The peers counter continued to fluctuate, so I know there was some sort of network activity.
I was still able to send a new message, but could not see it locally. When I restarted and reconnected, I could see the message I sent.
Hi nice moose-team people!
I wanted to file an issue suggesting that you consider using a different private key for message signing as for SSH protocol signing.
@kentonv discusses signing oracles here https://plus.google.com/+KentonVarda/posts/J3vcacmUUc1, which is a problem where if I can get someone to say something in a moose chat, and that message is also meaningful in a different context, now I can show their signed message to someone else and claim they signed something with different meaning in the new context.
TLS 1.3 has some built-in protections around this, and GPG's standard approach is to use sub-keys. I imagine a sensible approach for moose would also to be create a subkey that is specific for the purpose of signing messages in moose.
Note that I haven't dug into the moose code yet, so if you already do create a sub-key for signing messages in moose, OK; please accept my apologies. I'm writing this based on the description I see at moose-team.github.io/friends/ website, which I am hoping is up-to-date.
(I'm also generally a little weirded-out by your remark that it is "secure" at the top of that page, which isn't a super meaningful thing to say without a clear threat model. One example of a great threat model document is this -- https://pond.imperialviolet.org/threat.html -- which reads basically like a collection of user stories, so should be a reasonably approachable thing to write in an aspirational way about the properties you want the software to have. If you want, I can file a separate bug requesting a threat model; I thought I'd merely point out the concept here, and if you feel that's in-scope for the project, great.)
Cheers!
It would be super radical if I could one-click share my screen with one or more people in a chat room via screen cat.
after I get a notification and click on the client the counter does not go down.
OSX
if you use :shipit:
for example it turns the :s
into a smilie first
npm install fails for me (Ubuntu 15.04):
…
npm http 304 https://registry.npmjs.org/view-list
npm http 304 https://registry.npmjs.org/leveldown
npm http 304 https://registry.npmjs.org/raf
npm ERR! notarget No compatible version found: leveldown@'maxogden/leveldown#newnan'
npm ERR! notarget Valid install targets:
npm ERR! notarget ["0.0.0","0.0.1","0.0.2","0.1.0","0.1.1","0.1.2","0.2.0-b00","0.2.0-b01","0.2.0-b02","0.1.3","0.1.4","0.2.0","0.2.1","0.3.0","0.3.1","0.4.0","0.4.1","0.2.3","0.4.2","0.4.3","0.4.4","0.2.4","0.5.0","0.6.0","0.6.1","0.6.2","0.7.0","0.8.0","0.8.1","0.8.2","0.8.3","0.9.0","0.9.1","0.9.2","0.10.0","0.10.1","0.10.2","1.0.0","1.0.1","0.10.3","0.10.4","1.0.2"]
npm ERR! notarget
npm ERR! notarget This is most likely not a problem with npm itself.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! System Linux 3.19.0-15-generic
npm ERR! command "/usr/bin/node" "/usr/bin/npm" "install"
npm ERR! cwd /home/jan/friends/app
npm ERR! node -v v0.10.28
npm ERR! npm -v 1.4.9
npm ERR! code ETARGET
npm http 304 https://registry.npmjs.org/node-gyp
npm http 304 https://registry.npmjs.org/autolinker
npm http 304 https://registry.npmjs.org/webrtc-swarm
npm http 304 https://registry.npmjs.org/subleveldown
npm http 304 https://registry.npmjs.org/virtual-dom
npm http 304 https://registry.npmjs.org/cat-names
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/jan/friends/app/npm-debug.log
npm ERR! not ok code 0
npm ERR! [email protected] install: `cd app && npm install`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] install script.
npm ERR! This is most likely a problem with the friends package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! cd app && npm install
npm ERR! You can get their info via:
npm ERR! npm owner ls friends
npm ERR! There is likely additional logging output above.
npm ERR! System Linux 3.19.0-15-generic
npm ERR! command "/usr/bin/node" "/usr/bin/npm" "install"
npm ERR! cwd /home/jan/friends
npm ERR! node -v v0.10.28
npm ERR! npm -v 1.4.9
npm ERR! code ELIFECYCLE
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/jan/friends/npm-debug.log
npm ERR! not ok code 0
Relevant parts of the debug log:
…
558 verbose addNamed [ 'raf', '2.0.4' ]
559 verbose addNamed [ '2.0.4', '2.0.4' ]
560 silly lockFile dc0b33b6-raf-2-0-4 [email protected]
561 verbose lock [email protected] /home/jan/.npm/dc0b33b6-raf-2-0-4.lock
562 error notarget No compatible version found: leveldown@'maxogden/leveldown#newnan'
562 error notarget Valid install targets:
562 error notarget ["0.0.0","0.0.1","0.0.2","0.1.0","0.1.1","0.1.2","0.2.0-b00","0.2.0-b01","0.2.0-b02","0.1.3","0.1.4","0.2.0","0.2.1","0.3.0","0.3.1","0.4.0","0.4.1","0.2.3","0.4.2","0.4.3","0.4.4","0.2.4","0.5.0","0.6.0","0.6.1","0.6.2","0.7.0","0.8.0","0.8.1","0.8.2","0.8.3","0.9.0","0.9.1","0.9.2","0.10.0","0.10.1","0.10.2","1.0.0","1.0.1","0.10.3","0.10.4","1.0.2"]
562 error notarget
562 error notarget This is most likely not a problem with npm itself.
562 error notarget In most cases you or one of your dependencies are requesting
562 error notarget a package version that doesn't exist.
563 error System Linux 3.19.0-15-generic
564 error command "/usr/bin/node" "/usr/bin/npm" "install"
565 error cwd /home/jan/friends/app
566 error node -v v0.10.28
567 error npm -v 1.4.9
568 error code ETARGET
569 verbose exit [ 1, true ]
I'm getting a 403 error when running the command cd node_modules/leveldown && HOME=~/.electron-gyp node-gyp rebuild --target=0.25.1 --arch=x64 --dist-url=https://atom.io/download/atom-shell
I've included the output from my console and the relevant npm-debug.log in a gist (https://gist.github.com/byronhulcher/4e2df5c57294a6857832). Looks like it could be related to #23 but I'm unfamiliar with nvm unfortunately.
I'm running io.js v1.8.1 and npm 2.8.3. I'd be happy to provide anything else you might need for debug, unfortunately I'm pretty nub when it comes to node. The app looks very cool, congrats on the soft launch!
starting friends produces the following warning for me currently,
[5949:0429/234914:INFO:CONSOLE(232)] "(node) warning: possible EventEmitter memory leak detected. %d %s listeners added. Use emitter.setMaxListeners() to increase limit.", source: events.js (232)
Maybe on hover?
Understandably not a desired feature, but I appreciate link/og parsing found in apps like slack and hipchat. Happy to work on it, but looking for some feedback on if this is wanted before I spend some time on it.
using hyperlog now, but would be better to use dat so we can replicate graph data out in a standard way
e.g. you are ngoldman
replace any instances of ngoldman
in message text with <span class="highlight">ngoldman</span>
trying to figure this out but virtual-dom is making the solution not obvious to me
It feels like /lib/rich-message.js
could be a nice little separate module that could be useful outside of friends
too.
Any thoughts around separating it into another module at this time? Maybe moose-team/enrich-message
? Or is this still premature?
we need to track how many messages are in each room
when we refactor the rooms to be independent graphs this should be nice because then when you are syncing on startup you can ask the other side to first tell you how many total messages there are in their room graph, and you can subtract how many you have to get a rough estimate for showing a progress bar during sync
also we can use these numbers to show message counts in the sidebar next to room names etc
Fedora 20
default browser: Mozilla Firefox 39.0a2 (developer edition)
Edit: It seems to only happen if I don't already have an instance of firefox running.
You pick a random secret, giving somebody access means posting a message with somebodies name and the Secret encrypted with that person's public key
Benefits would be it would be truly end to end, as decreypted data would only be stored on the users computer in memory. Whoever sending the message would be able to see all the people who can decrypt it.
Cons: theoretically could be non deterministic as different users could see things in different order (maybe key would also include an ID so you could say what key was used to encrypt message?). No ability to restrict users, any user could leak key.
Nuts and bolts, since we are already signing messages we can just sign the encrypted ones in the same way (after encrypting them) of we used ctr mode we could randomly generate the nonce per message.
Basically joining a room would be the equivalent subscribing to a feed.
Would allow for more complex irc style permissions, E. G. Being voiced would be a white list of users allowed to post with replicating clients rejecting posts not signed by them, owner would be the root node etc.
No idea how feasible it is to do in hyper log
for a case where we can't verify your private key (e.g. if you are on someone elses computer and your private key isnt there)
you should be able to login with username/personal access token to the app and have it verify you
since channels became their own thing you know can't see them unless you manually type them in. We could have a default channel that is only used to announce chancels (and maybe entering and leaving channels which might also have the benefit of letting you remember where you where logged in accross comps)
I'd argue that chat programs are likely to be open alongside other windows, so a thin window is a use case worth considering.
Currently it will scroll to the bottom of the messages when a new message is received making it difficult to scroll back when people are talking.
It should scroll to the bottom automatically unless the user has scrolled up.
Currently we are passing app
into the UI elements to send events up. But this will create peer dependencies to app
and make it harder to split out the UI elements into their own modules.
Instead we should just create a target
callback for sending actions up. Such as:
function action (name, params) {
/* Handle action name */
}
self.views = {
channels: new Channels({ target: action })
}
and then in the UI element:
function Composer (opts) {
opts = opts || {}
this.target = opts.target || function() {}
}
Composer.prototype.render = function () {
var self = this
var input = h('input', {
placeholder: 'Send a message...',
autofocus: true
})
return h('form.composer', {
onsubmit: function (e) {
e.preventDefault()
var input = this.querySelector('input')
self.target('sendMessage', input.value)
input.value = ''
}
}, input)
}
Or get more fancy and have the actions bubble up: https://gist.github.com/shama/33f7aaeb902a001637e8
Trusted users (moose team) should be able to send messages that show up HUGE and in RED for everyone. This is so we can tell people to upgrade if there's a security issue, or if we're making a backwards-incompatible data model change.
Eventually, we'll get auto-update working, but that's harder than this. This is a good stop-gap.
I'm lazy... if I could have tab completion for my thoughts I would
mafi<tab>
should expand to mafintosh:
like irc cloud. if more than one user has the same prefix it could just cycle through them on subsequent <tab>
s
Then they can be reused by others and get more focused attention.
Doing #16 will help make this easier.
we should cache avatars so they work offline
Currently you are blasted with all the messages from for ever when joining a channel. It would be nice to be able to page and only see the latest sub set when joining. This could be a great feature to include in Friends golden platinum edition, or potential keep in a roadmap to pitch to investors.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.