Re: web interface to notmuch
Brian Sniffen writes: >> Assuming that you had a sanitize_this_html_part() function available to >> you, do you think it would be possible to make this safe? Have you >> considered proposing it for inclusion in contrib upstream? > > Okay, https://github.com/briansniffen/notmuch/tree/nmweb is now rebased > onto the notmuchmail.org head as of this morning. All of the changes > are under contrib/notmuch-web. > Maybe a minor point, but there is at least one existing "notmuch-web" [1]. I'm not sure if John Lenz (in copy) considers the project a going concern, but it might be worth thinking about search engine collision. > I haven't done this before, so: exactly how would you like this proposed > for upstream inclusion? It looks from > https://notmuchmail.org/contributing/ like you'd like documentation, > tests, NEWS, and then `git send-email`. Is that right? > > Do you want this crunched into one commit, "write an e-mail client"? I think Daniel covered this well, but let me reinforce that we want to review things in meaningful, not too large chunks. [1]: https://bitbucket.org/wuzzeb/notmuch-web ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
Re: web interface to notmuch
Hi Brian-- On Wed 2017-12-06 10:00:19 -0500, Brian Sniffen wrote: > Okay, https://github.com/briansniffen/notmuch/tree/nmweb is now rebased > onto the notmuchmail.org head as of this morning. All of the changes > are under contrib/notmuch-web. thanks for doing this! traditionally, we've encouraged code contributions to come in in separate patches (not one big lump), with each commit clearly justifying their changes. And yes, tests would make it much more likely that this sweet contribution doesn't bitrot! one thing i note is you've included a copy of jquery directly. i think we want to avoid having retrieved or generated code in the repository. if there's an external dependency, the repo should point to it but it shouldn't include it. notmuch doesn't include gmime, but it states that it has gmime as a dependency (with specific versions), and lets the builder/maintainer retrieve the dependency themselves. This makes licensing, source vetting, and maintenance easier by ensuring that it all stays loosely coupled. Presumably you aren't signing up for ensuring that any security vulnerabilities in jquery get pushed into the notmuch repo too :) Maybe you could do a similar explicitly-stated dependency for jquery instead of including it directly? debian ships jquery as libjs-jquery, for example (though you could also use an explicit fetch from the web for systems that aren't running an OS that provides a packaged form of jquery). other folks might have other preferences, i hope they'll chime in. --dkg signature.asc Description: PGP signature ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
Re: web interface to notmuch
> Assuming that you had a sanitize_this_html_part() function available to > you, do you think it would be possible to make this safe? Have you > considered proposing it for inclusion in contrib upstream? Okay, https://github.com/briansniffen/notmuch/tree/nmweb is now rebased onto the notmuchmail.org head as of this morning. All of the changes are under contrib/notmuch-web. I haven't done this before, so: exactly how would you like this proposed for upstream inclusion? It looks from https://notmuchmail.org/contributing/ like you'd like documentation, tests, NEWS, and then `git send-email`. Is that right? Do you want this crunched into one commit, "write an e-mail client"? Thanks, Brian ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch