Re: Samizdat Status

[boud]

Hi all

On Sat, 2 Sep 2006, Dmitry Borodaenko wrote:

> Greetings everyone,
>
> Sorry for going quiet for such a long time, I had a lot of personal
> matters to attend to recently, that's why this list hasn't seen much
> traffic. The project isn't as dormant as it seems from the list
> archive: last snapshot of Samizdat was uploaded to Debian/experimental
> in April, and the last time I touched the code was late May. Since
> then, I didn't have a chance to move the code forward, but now that
> I've finally settled in Sheffield, I will be able to spend more time
> on it. Consider my summer vacation over :)

Hi Dmitry - glad to hear from you :).

> The short-term plan (as in really-soon-now) is to get the package in
> shape for 0.6.0 release (the code is ready, but unit tests and
> documentation need to be updated), and make the Debian packaging fit
> for unstable. Next step will be to make the software more modular and
> easy to hack on: I will give Rails another try, if it doesn't help, I
> will at least refactor the code to follow the MVC model more closely.

i think i said this earlier, but my idea of a debian package is that 
the user should be able to type

aptitude install samizdat

(or at the moment put the appropriate URLs in /etc/apt/sources.list and then: 
aptitude -t experimental install samizdat
)

and then have the whole installation and configuration done with
default (secure, conservatively safe) settings and questions for those
parameters that the user really does have to choose him/herself - just 
like

aptitude install apache 
or
aptitude install postgresql


If nobody else does this, i may eventually try it (after RTFMing basic
debianising stuff).

While a user who just types in this one line because s/he doesn't know
much more about admining a gnu/linux box might further along make 
security errors and thereby put his/her system at risk, i think this is
no worse than installing apache.  If installation becomes this easy
(a one line command), then it might be a good idea to add a warning
along the lines of

"You have finished installing the content management system (CMS)
samizdat. If you use samizdat or any other CMS in production on the
world wide web, be careful of the security settings and read the
documentation carefully, since you are giving external users access to
writing files on your computer, which is intrinsically a risk to your
system. We believe that samizdat is reasonably secure, but no system
is perfect and if you modify things without understanding them, you might
be able to create a security hole."

Hmmm, well, this is too long for an install note. Maybe something shorter
like

"You have finished installing the content management system (CMS)
samizdat. Although we believe that samizdat is probably securer than
many other CMSs because of its general design and development strategy,
the more that you read the documentation and think about what you're
doing, the safer your installation will be."



Anyway, my point is that if the system only requires a one line command
to install for anyone with a debian installation, then the chance of 
many more local groups of people creating their own media independently
of corporations/governments is likely to increase considerably.

Sorry if i'm repeating myself :).


i've recently seen a few indymedia or related groups start using
drupal - which is a php based CMS, distributed in debian/sarge and
presumably also other standard linux distributions. So if a php based
CMS can start becoming popular this way, surely a ruby based CMS could
also become popular to groups interested in something better designed
and secure etc. than php...


> David, welcome to the list! The world is small indeed, can you tell us
> what your project is about, or is it too early to let the world know?
>
> Yes, I am tracking GPL3 progress, too, and I plan to use it once it's 
> released.

David, Dmitry - i only know enough that i'm glad that RMS and people
working with him are doing all the hard work to get GPL3 up to a consensus,
officially releasable version.

> Boud, inclusion of RDF feeds is not supported at the moment, but it
> wouldn't be too difficult to add, Ruby has a very good RSS library.

Thanks - i'll try learning a bit about this.

> Graphical representations -- I haven't seen any usable graphical RDF
> representation so far, and the RDF library is the most complicated
> part of Samizdat code, it won't be easy to tackle.

OK: so i've got some learning to do. ;)

> Underlying Wiki
> code in Samizdat is simple and flexible, but I suspect that many
> user-friendly features in that code and elsewhere in the engine will
> require better modularization of the code. On the other hand, the best
> way to start with this modularization is to start doing things that
> require it :)

ok. It seems to me that all the low-level libraries should in principle
already exist - through whatever "diff" uses as its low-level library 
and something which compounds diffs. In any case, i'm sure we could learn
from whatever mediawiki does if it's not as easy as it seems.


cheers
boud