XMLvL active development
Posted 7 Jun 2001 at 15:17 UTC by lkcl
The original advogato.org engine, mod_virgule, was first released in
November 1999. One of the things that Raph mentioned he wanted was less
hard-coded c, more XML. Well, virgule resulted, from four months
hard-core code morphing, as a fledgeling forum scripting language.
Development of this project, after a six month wait, is now underway
again, at http://virgule.sourceforge.net.
Well, i figured that adding usage of APR (http://apr.apache.org) was
worthwhile enough to consider the development of the xvl engine
"active", especially as it was possible to re-enable the cgi-bin
capability again, as a result.
One of the things missing from mod_virgule is the capability to run
external executables, such as automatically emailing users passwords to
them, running
cvs, news, etc., all of which are on the feature 'wish-list' for more
advanced virgule forums.
Well, they're now feasible.
I'm in the process of getting a development site set up that _uses_ xvl
[nothing like believing in your own technology, neh? :) ] so will
follow-up later and announce when that happens.
This implementation has been accused of being an all-singing,
all-dancing scripting engine. If _that's_ the case, then php is the fat
lady queen of the opera _and_ you have to go to her concerts every day.
uggh :)
It can't claim to be all-singing all-dancing [only php can].
Fascinating? yes. Suffering from first-stage design / implementation
warts? yes. Stable? yes. Useable? yes. XML-data-driven? yes. Not for
the faint-hearted? Yes.
I like it :)
Could you enumerate the requirements for a web scripting engine to be
all-singing, all-dancing?
hm. let's see.
you'd need... an interface to the sound device. html client to locate
mp3s... a script to locate the shutdown command and remove it... a small
amount of assembler to access the bios and disable power-off mode... i'm
not sure how you'd arrange to stop people pulling the plug out the back
of the machine, though.
i'll leave the all-dancing one to your imagination, shall i? :)
HLL, posted 11 Jun 2001 at 21:24 UTC by nmw »
(Journeyer)
Arguably, you want a high level language for this stuff and arguably you
are defining one.
Why not write the whole thing in Perl, or Python, or Lisp, or ...?
hiya,
well, i ported the trust metric code to python, already.
see pymmetry - python
trust metrics. however, that doesn't make a community-based web
server :)
the answer to your question is, i don't really know! maybe it's because
i want to see how far i can push this concept, it's not exactly a new
one: there already exists an XML scripting language, called xsl. i
borrowed the o'reilly xsl in a nutshell book, read it, and was impressed
by bits of it and not by others (for example, its boolean
expression/evaluations are put into a property as if xsl was a standard
scripting language) whereas xvl leverages tags, which makes for a much
simpler code-base, by having <expr:if>,
<expr:then>, <expr:else> and <expr:eval>. you get and, or and not, and
full if-then-else syntax, and this is implemented in a grand total of
326 lines of c code. for c-code, that's almost unheard of, these days
:)
xvl is like, dedicated to XML data manipulation, and feeding that XML
data to and from HTML. with those simple principles, and the
extensibility via dynamic module loading, doing whatever-you-like is
actually pretty trivial.
the whole point of python is 'Do it Once, Do It Right'.
the whole point of perl is 'Do It Many Times' [afaict! :)]
so python is slim, and yet highly advanced and functional.
xvl is slim to the point of being a beanstalk, at 12-15,000 LOC,
and still functional enough to do a feature-rich web site [not
that i can write good HTML to fully demonstrate that myself, however
that shouldn't stop anyone else! :) :)]
so, truthful answer to your question: i don't know! and until i
find out, i'm going to carry on, because i can, this is open source,
and i hope that APR and other projects will benefit as an indirect
result :) :)
DV's diary just mentioned that libxslt is being
developed.
xmlsoft xslt. very
pleased
to see this, daniel!
what xslt is designed for is to do exactly what xvl does,
too: take in XML documents, spit out XML documents. i think it's
probably worthwhile investigating. i'd love to not have to
write an entire set of new data manipulation constructs
and to use a pre-existing feature-complete codebase.
i wonder how it may be possible to add a <tm:calc /> tag so that i can
do the trust metric calculations off of the user-certifications?
i wonder, also, if the xslt team have plans to write an apache module,
to serve HTML from xml templates?
curious and interesting.
kloc, posted 12 Jun 2001 at 18:24 UTC by nmw »
(Journeyer)
It's interesting that Lions thought that 9-10k loc was the limit that
his students and most programmers could be expected to understand, which
is why he liked using Unix v6 for teaching as the kernel was that small.
Nice work!, posted 13 Jun 2001 at 07:36 UTC by sethcohn »
(Master)
It's taken some playing but I've got a test website running bits and
pieces of this, and so far, I can see the great potential of it.
As you said, Luke, not for the faint of heart, but with just a little
mangling, I did get it running. Something is wrong with either the XML
schema, aprs, or the c code, because the options tags didn't end up as
valid HTML select options. Hacking the c code to make it write good
tags fixed it for
me, and as I add sample data to the site, most of the pages are
starting to fill out correctly, since they tend to die/look odd without
a single database entry in many cases.
The cert stuff is still badly confused (it will let me Certify things
as people and vice versa) and there are other bugs I'm noticing as I
play with it.
Features that are in this that Advogato lacks (for those
interested):
Messaging - how many times did you read something in a diary and
want
to write a reply to it you are sure the other person will see?
News and Articles - Articles same as Advogato's but News needs
to be
certed before it gets posted. Articles can be created under a project
too.
Tasks - per person or per project, task list creation.
URLs - create a list and even view targets with a frame. (bug: I
can
only seem to create one URL and edit it, not create a 2nd one...)
Certifying - can list reason for rating, multiple kinds of
ratings,
including the main one, staff, project interest, project connection.
Extendable pretty easily. (In fact, that's why I'm looking at this, I
want to do a discussion website completely un-software related, needing
trust metrics, but want to remove all of the project/master/developer
references and replace with something similar but not just a name
switch (ala badvogato), and still easy enough that computer newbies can
navigate it and still participate in trust issues/ratings.
overall, very rough and not yet ready for someone to plug and play, but
clearly a logical step up from the current codebase and worth the wait!
ta seth, posted 13 Jun 2001 at 11:31 UTC by lkcl »
(Master)
thx seth.
yes, you are allowed to certify projects, articles, news and urls, as
well as people. in fact, in the xmlvl example, the only way to get news
onto the frontpage is for it to have a Certification of Apprentice or
above. no cert, no trusted, no news.
also, as a test, try Certifying a test project as 'Interesting' and then
go to your /person/username page: you will see that the cert is listed
under a heading 'This person has the following Interests'.
also, if you Certify a person as 'None', meaning 'No Interest', then
no-one, including you, will ever see messages sent to you from that
person on your /person/username page.
so, if someone starts spamming you, you just Certify them as 'None', and
their offensive messages disappear [the default Certification level for
Interest is 'Ambivalent', btw].
this is just a couple of examples of the uses of advanced Certification:
it effectively becomes like a Search Engine, as thom and others have
pointed out, in other articles about xvl.
... *click*. did you use the advogato.org example site or the xmlvl
example site?
i haven't updated the advogato.org example for quite a while, my main
focus at the mo is on the xmlvl one to get it ready.
i've added tasks to people and projects, and am working on a way to do
dependencies / task management.
and discussion (reply) to projects and urls. i considered adding
replies to diary entries, but it requires a bit of thought/redesign:
diary entries are *already* a sub-directoried entity, and adding subdirs
to subdirs will require a little bit of redesign.
oh, and much as people might like to, i'm _not_ going to add discussion
threads to people - it _is_ supposed to be a public forum, after all ;)
luke
You are allowed to certify projects, articles, news
and urls, as well as people.
I understand that, but (at least in my test site) it is offering me
_all_ of the choices for everything. I can see certing a person as
Interesting, Master, Documenter, etc, but a project as Master? That's
confusing.
in fact, in the xmlvl example, the only way to get news onto the
frontpage is for it to have a Certification of Apprentice or above. no
cert, no trusted, no news.
Yes, I noticed and liked that, but Certing news as Apprentice doesn't
make sense to me, using the Interest cert instead does. It would nice
if the different cert schemas has limits as to what can apply to what...
I thought they did, till I played with it. It offers you all of the
different certs for everything.
also, if you Certify a person as 'None', meaning 'No Interest', then no-
one, including you, will ever see messages sent to you from that person
on your /person/username page. so, if someone starts spamming you, you
just Certify them as 'None', and their offensive messages disappear
[the default Certification level for Interest is 'Ambivalent', btw].
ah ha, I was wondering about that... the documentation is still so
sketchy. Maybe a negative cert would be a better filter name. None
still seems neutral to me. If Interesting is a good cert, maybe
Offensive would be a zero/bad cert? So that if I found a
topic/person/url I didn't like, rate it offensive and it's gone...
at least for my view...
...as thom and
others have pointed out, in other articles about xvl.
Where are those articles? I can't find them. I posted on the
xmlvl sourceforge list and got no answer, and there is (almost) nothing
in the archive, so I decided posting here would at
least get some notice (grin)
... *click*. did you use the advogato.org example site or the xmlvl
example site?
the xmlvl site... looked far more complete to me. It's still not a
good general sample site, though, so I've been working on that, trying
to minimize the specific stuff and make it look as general as possible,
so I can figure out what I want to keep and what I want to change (and
where to make those changes)
The best way I've found to figure what something this complex does is
to try reducing it down until it doesn't work, then restore it bit by
bit.
Great features, posted 13 Jun 2001 at 19:08 UTC by nmw »
(Journeyer)
Yes, I've seen this, or an earlier version also by lkcl
in action at the open-it web page.
It's very neat, very very neat.
more more!, posted 14 Jun 2001 at 10:55 UTC by lkcl »
(Master)
well, thanks to DV's input, from his diary entry 2day
ago, i'm adding support for <xincludes/> and will also add in xslt - XML
Schema Language Templating.
the combination of xvl and xslt is, well... the possibilities are very
powerful (not least because xslt is a recognised standard)
xslt is a tool that can be used _by_ XML-based databases. it is
mandatory to specify two files as input, one the source doc, the other
the template. this makes it impossible to use xslt to drive, say, a web
site, unless you... oh, _i_ get it.
oh i LIKE it. of course! _that_'s why xslt is being used to generate
WAP site content.
of course, ha ha! you can use xslt to template-drive a site for the
format, and the 'data' is the site's content!
so, you have one template for a WAP client, one template for a netscape
client, one template for lynx, another for internet destroyer, another
for no-frames, another for text-only, and... say... another with or
without style sheets! and by using xslt to 'merge' the template and the
site content, they all get the same data with minimum site-development
effort.
hey, that's so wicked!
I understand that, but (at least in my test site) it is
offering me _all_ of the choices for everything. I can see
certing a person as Interesting, Master, Documenter, etc,
but a project as Master? That's confusing.
okay. well, there are two reasons for being able to Cert a project as
Master.
1) ... you can potentially login as a project. i haven't enabled this,
but it _is_ possible. 2) i intend for 'Project Developers' and 'Project
Documenters' to be able to gain privileges *by way of the project having
been certified by real people*.
imagine a weighted graph, like the advogato cert-net. now add projects
to it, not just people. _now_ add 'developers' and 'documenters' as
edges of a special type in that graph.
what do you have [other than a mess] when you do Trust-Metric evaluation
on that? an information-loaded hierarchy representing people's roles in
projects, and a way to assign them rights to, say, cvs commit, manage a
project, etc.
in fact, in the xmlvl example, the only way to get
news onto the frontpage is for it to have a
Certification of Apprentice or above. no cert, no
trusted, no news.
Yes, I noticed and liked that, but Certing news as
Apprentice doesn't make sense to me, using the Interest cert
instead does.
okay, well, it kinda-sorta-makes-sense to me, but i do know what you
mean. designing Certs is tricky [aside from having to get the
grammatical syntax right, you have to pick either all-nouns, or
all-adverbs, or all-adjectives yick].
if you can think of something, please - do let me know, and i will
create it. see, the purpose of applying 'Master' to news is that if
someone deems an item to be news-worthy and within the Charter of the
site, they Certify it. it then, if they have Weight, will go onto the
front-page.
Interest doesn't really cut it, alone. Interest was designed to be of
'Personal' interest, for use a bit like a 'number-of-degrees-from'
search-engine.
however, you are right: it may be good to 'customise' a site by
displaying, on the front-page, things of 'Interest' to you.
but, as you can see, that's not really necessary. you go to someone's
home-page, you see they have Certified a news article as 'Interesting',
you click on it. or, you go to your _own_ home page, you see things
that _you_ have Certed as Interesting, you click on _them_.
couldn't be simpler, really.
btw i haven't implemented 'double-level' Trust Metric evaluations [i.e.
into the netflow code you put *two* certs not just one like there is at
the moment] by type-of-cert, yet, but i _have_ implemented a means to
'multiply' two Certs together, see <tm:chart />, to produce 'ratings',
which i totally hate.
It would nice if the different cert schemas has limits as to what can
apply to what... I thought
they did, till I played with it.
yes, they do, and i applied them to lots of things, but not all-to-all.
e.g. i don't apply the 'staff.xml' cert to news or articles.
see the certs/ directory, for example, see the certs/interest.xml you
will find that a) it has no seeds (because the Interest Cert is relative
to individual tastes, not to the tastes of the site maintainer) b) it
applies to proj, news, article, person, url.
the certs/staff.xml cert applies to people and proj, and again, has no
seeds because the seed is *automatically* taken as the project to which
the Developers belong. anyone who has registered that they are a
Developer for someone else will *automatically* be listed under the
Project Staff, via their... errr... Manager. whatever.
It offers you all of the different certs for everything.
not quite.
also, if you Certify a person as 'None', meaning 'No
Interest', then no- one, including you, will ever
see messages sent to you from that person on your
/person/username page. so, if someone starts
spamming you, you just Certify them as 'None', and
their offensive messages disappear [the
default Certification level for Interest is
'Ambivalent', btw].
ah ha, I was wondering about that... the documentation is
still so sketchy.
sorry :)
Maybe a negative cert would be a
better filter name. None still seems neutral to me. If
Interesting is a good cert, maybe Offensive would be a
zero/bad cert? So that if I found a topic/person/url I
didn't like, rate it offensive and it's gone... at least for my
view...
i'm giving a talk on trust metrics and social engineering at the ukuug
in manchester, end of this month. one of the reasons why you _don't_
add Negative Certs is because it then encourages idiots to use it for
their own personal amusement. remember the Dummy Rating, and how much
fun it was for people with no other authority on the site to Certify rms
as Dummy?
_that_ doesn't sound like it's in the Charter of the advogato.org site
[to promote open source dev / discussion]!
...as thom and others have pointed out, in other
articles about xvl.
Where are those articles? I can't find them. I posted on the
xmlvl sourceforge list and got no answer, and there
is (almost) nothing in the archive, so I decided posting
here would at least get some notice (grin)
eek! you did??? hardly anyone uses it!!! :) :) maybe i should switch
it off or something.
... *click*. did you use the advogato.org example site
or the xmlvl example site?
the xmlvl site... looked far more complete to me. It's still
not a good general sample site, though, so I've been
working on that, trying to minimize the specific stuff and
make it look as general as possible, so I can figure
out what I want to keep and what I want to change (and where
to make those changes) The best way I've
found to figure what something this complex does is to try
reducing it down until it doesn't work, then restore
it bit by bit.
one of the things i wanted to do was to create a 'basic', simple site.
if you'd like to help do that, i'd be honoured. my focus at the mo is
on getting xmlvl ready for launch when the server goes live, however,
the whole point of _that_ exercise is to find other people who may be
able
to tell me if this is a Good Thing or not. so, if you're willing to
explore, i'm willing to help clear the path.
luke.
featuures, posted 14 Jun 2001 at 11:40 UTC by lkcl »
(Master)
other xvl articles, posted 14 Jun 2001 at 12:18 UTC by lkcl »
(Master)
well, _if_ advogato was running an 'Interests' Cert, or had the URL
capability, i could point you at my homepage and it would be easy: i
would have Certified all my own articles as 'Interesting'.
:) :)
when xmlvl goes live, i will trawl through the internet and create lots
of links and references etc.
[hm, this spells.... i have an idea. i should 'categorise' URLs, by a
group-name. hmmm. :) at the moment, they are just numbered, like
articles. hmmm....]
wha-heey! the simple tests work. i moved on to a larger one (the XML
spec) and that bombed out half-way through [at the xvl end, not
libxslt]. not bad for 2 hours quick-hacking: will investigate over w/e
and find out wassup.
well, it was incredibly easy. a simple <schema:table /> get and i have
the user's password, for mod_auth_xvl, and a simple <cert:check /> and i
have mod_access_xvl. cut/paste from mod_auth.c and mod_acccess.c, and
it's done.
v. impressed with apache.
in case i haven't mentioned it here, yet, i also morphed the xvl
codebase so that .xvl is now a registered mime-type.
one of the serious limitations of mod_virgule is that it 'takes over' an
entire directory, controlling the entire site from there. whilst i
originally thought
this was cool, i decided that a more 'conventional' approach would have
far more benefits. such as not having to have mod_virgule do its *own*
loading and decoding of mpeg, jpg and the scores of other mime types
that apache handles.
with mod_virgule, mixing php in the same directory is _totally_ out of
the question. with mod_xvl / xvl, you can.