thanks for your thoughts. npm is popular for a reason and vanillajs doesnt scale very well. so any deps used could be an issue.

i was also considering if with the webcomponent approach it could be “furture-proof” as it seems to be the rhetoric i hear around. im sure i wont have a great implementation any time soon, but id like to try out a few ideas to see if it holds-up. hopefully to lead to a “secure javascript ui framework” (which itself could be a whole discussion).

but based on all the feedback ive recieved, it seem for the messaging app refactor, i’ll be fine to use react on it. which is great because i already have a working-ish demo.

thanks for your thoughts.

thats not quite what im asking. im wondering if there are nuanced benefits to using webcomponents over something like react. with the key difference being the native support.

i hope with the webcomponent approach it could be “furture-proof” as it seems to be the rhetoric i hear around. im sure i wont have a great implementation any time soon, but id like to try out a few ideas to see if it holds-up. hopefully to lead to a “secure javascript ui framework” (which itself could be a whole discussion). i hope that by having it open source, i can point to an example to discuss and improve it.

it seem for the messaging app refactor, i’ll be fine to use react on it. which is great because i already have a working-ish demo.

https://positive-intentions.com/blog/async-state-management/ https://positive-intentions.com/blog/bottom-up-storage/

the state management with the useStore hook seem tricky to explain and can be a whole separate dicussion. i try to explain a bit in those posts. im still working on it more and while it isnt document anywhere, but im also investigating having it store data encrypted-at-rest.

thanks. thats what id like to aim for and i dont think its far off. the build script there is mainly for the storybook statics (as seen in the link provided for “website”).

couple things i hope to do soon, remove lit as a dependency - i use this right now because its useful for template rendering and lifecycle methods. webcomponents have a an ugly approach to this which Lit makes easier, and so i pushed it back, but its still on the todo.

after that i should be able to have a more vanilla web dx.

Thanks!

https://www.reddit.com/r/cryptography/comments/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm/

Tldr; I had that question before myself. It doesn’t seem to introduce any improvement over WebCrypto API which itself should have gone through peer-review and auditing. (“Choose your browser wisely” could be considered the advice here.)

I’d like to still look into wasm for several other details of the project, but it seems the built-in browser cryptography functions are performant and generally pretty good if used correctly.

Interesting. I’ll investigate this further. Thanks for pointing it out.

thanks! ikr. i had the same exp which im sure imspired this approach.

the functional approach makes it easier for readability and debugging.

thanks for the tip. youre right i think i need to do more housekeeping there. i dont give it much attention, because as a solo project, id mostly just be doing it to myself with admin stuff.

i previsously made an attempt for things like issues, but it doesnt seem to have made any different and is just an additional overhead that im ignoring: https://github.com/positive-intentions/chat/issues

i used to pay more attention to it, but its only my time being wasted if nobody else is interested (thats fine… but it results in the amount of attention i give it. and i have a lot of things to do already when i dont have enough time for it)

thanks for your thoughts!

a scenario so that people who aren’t immediately familiar ‘get’ what it is you’re achieving

i think the ability to tell a story is important here and id like to put more time to learn how to frame it. its a very secure chat implementation from what i understand about what ive created. im keen to be challenged on if its the most secure chat app out there, but this typically seen as confrontational and seems to hurt public opnion of the project (and thus i dial it down).

here is an attempt to try explain it as “more secure than mainstream solutions”: https://www.reddit.com/r/cryptography/comments/1evdby4/is_this_a_secure_messaging_app

while i think i have a point about the security implementation. im also aware that the project is not very user friendly and full of bugs which makes for a very unappealing product.

its worth noting, that im trying to communicate about the project to cybersecurity professionals at the moment to see if the theory hold up and i think it does. i iteratively improved the UI in an attempt to gain traction. as a webdeveloper i know that i can spend more time on the UI that everything else combined, but that wouldnt be a good use of my time compared to some under-the-hood changes for stability and fixes.

thanks! i’ll make time to create those.

i took a brief look. this looks like a really good read! thanks for pointing me to it!

thanks! i’ll make those changes when i can.

completely understandable conclusion.

it started off as a curiosity, but i think there is something to it. I’m aiming for something that looks and behaves like react, but without the overhead of the react tooling for transpiling.

im not trying to take a share of that market, i come across this solution as pf of the chat app project. id like to build up this ui framework well enough to rebuild the chat proct with it… the chat app is made with react and material UI. with this framework, i am aiming to create a more simplified version of the chat app where the “no need to transpile” is a feature for its transparency. perhaps it doesnt make sense right now without the ability to effectively demonstrate it.

thanks. i think then i should continue as im going and see where i end up.

thanks for you thoughts.

i previously didnt have the “unstable” warning. this results is people saying that i should make it more clear. i think the project is in its early enough stages for it to be sensible to include there. im already planning on breaking changes which could make things worse so this is something i hope make it clear to users about the status of the project. before i had that notice, i would get complains from people that the app is terrible and doesnt work (which was basically true because it still is a work in progress and full of bugs.). i added a bit of a polish on it so it leads people to think its a finished product.

im looking for contributors on the dim repo because there part things i would like to do (and tried), but reached the limits of what i understand. i can learn and figure it out if i pour more time into it, but i have already poured time into it. im hoping someone with relevent experience would want to help.

im hoping to get a following on lemmy, mastodon, reddit in order to get traction on the projects. as it stand its just me and so its a bit of an uphill to get traction on something like the chat project. what you might be interpreting as ego, is a mannerism i have to adopt if i want to actively promote it as being a “secure chat system”. otherwise, feedback is a lot more dismissive about the project. that would surely sink the project immidiately.

im a developer not a sales person… but since working on these project ive learnt to moderate how cautious my tone should be to balance the communication of technical details as well as promoting something. i dont think i do the best job of it, but im still in the learning process.

ive tried several variations in how to communicate about it.

with blog link/with repo link/with a mix

https://programming.dev/post/21417457

it seems my projects are well recieved, but i guess it just isnt interesting for the minority of developers that would consider contributing. i also dont explicitly ask for contribution. this post this the first time im doing that to see what it could yield.

https://github.com/positive-intentions/chat https://github.com/positive-intentions/dim

i dont think my documentation is as clear as it could be, but i dont think its unclear: https://positive-intentions.com/blog/dim-functional-webcomponents

i think i have put efforts towards a good landing page, readme, documentation etc. id appriciate if you critique those.

thanks. maybe i havent reached the point at which people are using my projects enough for them to to improve a part of it.

thanks for the tips.

i typically mention the git repo’s involved.

i’ll give it a go with something like contribution welcome. my projects are on github and i think i have something setup for issues tracking.

i suspect my projects might be a bit complicated and so unappealing to a random contributor.

its further described by this previous post: https://programming.dev/post/23381812 … to put it simply, its a javascript UI framework.

i have another project https://github.com/positive-intentions/chat … but that project is very complicated. too complicated for me to easily explain how it works.