Build

build-staging/assets/js/12bd37d8.3d39aec5.js

@@ -0,0 +1 @@
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[6977],{4388:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/acl","page":1,"postsPerPage":10,"totalPages":1,"totalCount":1,"blogDescription":"Blog","blogTitle":"Blog"}')}}]);

build-staging/assets/js/15d993af.22680242.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1174],{3170:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch","page":1,"postsPerPage":10,"totalPages":3,"totalCount":24,"nextPage":"/blog/tags/cwtch/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1174],{3170:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch","page":1,"postsPerPage":10,"totalPages":3,"totalCount":25,"nextPage":"/blog/tags/cwtch/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]);

build-staging/assets/js/16838ca5.5ccbca1a.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[4704],{4674:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":24,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[4704],{4674:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":25,"unlisted":false}')}}]);

build-staging/assets/js/37b110a9.e9105257.js

@@ -0,0 +1 @@
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[645],{1019:a=>{a.exports=JSON.parse('{"label":"acl","permalink":"/blog/tags/acl","allTagsPath":"/blog/tags","count":1,"unlisted":false}')}}]);

build-staging/assets/js/39c54b43.f4b7cb31.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8793],{4990:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/blog/tags/cwtch","nextPage":"/blog/tags/cwtch/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8793],{4990:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/blog/tags/cwtch","nextPage":"/blog/tags/cwtch/page/3","blogDescription":"Blog","blogTitle":"Blog"}')}}]);

build-staging/assets/js/52f07771.046b25fa.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[7958],{6818:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":24,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[7958],{6818:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":25,"unlisted":false}')}}]);

build-staging/assets/js/55d4c988.0ce1fb3c.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[6946],{9048:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":24,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[6946],{9048:s=>{s.exports=JSON.parse('{"label":"cwtch","permalink":"/blog/tags/cwtch","allTagsPath":"/blog/tags","count":25,"unlisted":false}')}}]);

build-staging/assets/js/8eb4e46b.4046048e.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1],{2638:e=>{e.exports=JSON.parse('{"permalink":"/blog/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/blog","nextPage":"/blog/page/3","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1],{2638:e=>{e.exports=JSON.parse('{"permalink":"/blog/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/blog","nextPage":"/blog/page/3","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);

build-staging/assets/js/92999a1c.c2c34541.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8442],{5310:e=>{e.exports=JSON.parse('{"permalink":"/blog/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/blog/page/2","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8442],{5310:e=>{e.exports=JSON.parse('{"permalink":"/blog/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/blog/page/2","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);

build-staging/assets/js/a11b2692.02b7c737.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8688],{4904:s=>{s.exports=JSON.parse('{"label":"hybrid-groups","permalink":"/blog/tags/hybrid-groups","allTagsPath":"/blog/tags","count":1,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[8688],{4904:s=>{s.exports=JSON.parse('{"label":"hybrid-groups","permalink":"/blog/tags/hybrid-groups","allTagsPath":"/blog/tags","count":2,"unlisted":false}')}}]);

build-staging/assets/js/a7023ddc.6dd090fe.js

@@ -0,0 +1 @@
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1713],{3457:l=>{l.exports=JSON.parse('[{"label":"cwtch","permalink":"/blog/tags/cwtch","count":25},{"label":"hybrid-groups","permalink":"/blog/tags/hybrid-groups","count":2},{"label":"acl","permalink":"/blog/tags/acl","count":1},{"label":"cwtch-stable","permalink":"/blog/tags/cwtch-stable","count":23},{"label":"release","permalink":"/blog/tags/release","count":3},{"label":"planning","permalink":"/blog/tags/planning","count":5},{"label":"nightly","permalink":"/blog/tags/nightly","count":4},{"label":"whonix","permalink":"/blog/tags/whonix","count":1},{"label":"preview","permalink":"/blog/tags/preview","count":2},{"label":"search","permalink":"/blog/tags/search","count":1},{"label":"contributors","permalink":"/blog/tags/contributors","count":1},{"label":"community","permalink":"/blog/tags/community","count":1},{"label":"reproducible-builds","permalink":"/blog/tags/reproducible-builds","count":3},{"label":"bindings","permalink":"/blog/tags/bindings","count":5},{"label":"repliqate","permalink":"/blog/tags/repliqate","count":3},{"label":"developer-documentation","permalink":"/blog/tags/developer-documentation","count":1},{"label":"documentation","permalink":"/blog/tags/documentation","count":1},{"label":"security-handbook","permalink":"/blog/tags/security-handbook","count":1},{"label":"autobindings","permalink":"/blog/tags/autobindings","count":2},{"label":"libcwtch","permalink":"/blog/tags/libcwtch","count":2},{"label":"support","permalink":"/blog/tags/support","count":3},{"label":"testing","permalink":"/blog/tags/testing","count":2},{"label":"api","permalink":"/blog/tags/api","count":1}]')}}]);

build-staging/assets/js/a7023ddc.8d54de22.js

@@ -1 +0,0 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1713],{3457:l=>{l.exports=JSON.parse('[{"label":"cwtch","permalink":"/blog/tags/cwtch","count":24},{"label":"hybrid-groups","permalink":"/blog/tags/hybrid-groups","count":1},{"label":"cwtch-stable","permalink":"/blog/tags/cwtch-stable","count":23},{"label":"release","permalink":"/blog/tags/release","count":3},{"label":"planning","permalink":"/blog/tags/planning","count":5},{"label":"nightly","permalink":"/blog/tags/nightly","count":4},{"label":"whonix","permalink":"/blog/tags/whonix","count":1},{"label":"preview","permalink":"/blog/tags/preview","count":2},{"label":"search","permalink":"/blog/tags/search","count":1},{"label":"contributors","permalink":"/blog/tags/contributors","count":1},{"label":"community","permalink":"/blog/tags/community","count":1},{"label":"reproducible-builds","permalink":"/blog/tags/reproducible-builds","count":3},{"label":"bindings","permalink":"/blog/tags/bindings","count":5},{"label":"repliqate","permalink":"/blog/tags/repliqate","count":3},{"label":"developer-documentation","permalink":"/blog/tags/developer-documentation","count":1},{"label":"documentation","permalink":"/blog/tags/documentation","count":1},{"label":"security-handbook","permalink":"/blog/tags/security-handbook","count":1},{"label":"autobindings","permalink":"/blog/tags/autobindings","count":2},{"label":"libcwtch","permalink":"/blog/tags/libcwtch","count":2},{"label":"support","permalink":"/blog/tags/support","count":3},{"label":"testing","permalink":"/blog/tags/testing","count":2},{"label":"api","permalink":"/blog/tags/api","count":1}]')}}]);

build-staging/assets/js/a827eaec.b45c3fa7.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[7548],{9163:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/hybrid-groups","page":1,"postsPerPage":10,"totalPages":1,"totalCount":1,"blogDescription":"Blog","blogTitle":"Blog"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[7548],{9163:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/hybrid-groups","page":1,"postsPerPage":10,"totalPages":1,"totalCount":2,"blogDescription":"Blog","blogTitle":"Blog"}')}}]);

build-staging/assets/js/b2b675dd.c3a4b6ef.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[533],{8017:e=>{e.exports=JSON.parse('{"permalink":"/blog","page":1,"postsPerPage":10,"totalPages":3,"totalCount":24,"nextPage":"/blog/page/2","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[533],{8017:e=>{e.exports=JSON.parse('{"permalink":"/blog","page":1,"postsPerPage":10,"totalPages":3,"totalCount":25,"nextPage":"/blog/page/2","blogDescription":"The latest updated on Cwtch development.","blogTitle":"Development Log"}')}}]);

build-staging/assets/js/fdfbe12f.9f63d3d2.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[6522],{1484:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/blog/tags/cwtch/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[6522],{1484:e=>{e.exports=JSON.parse('{"permalink":"/blog/tags/cwtch/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/blog/tags/cwtch/page/2","blogDescription":"Blog","blogTitle":"Blog"}')}}]);

build-staging/blog/atom.xml

@@ -2,12 +2,75 @@
 <feed xmlns="http://www.w3.org/2005/Atom">
     <id>https://docs.cwtch.im/blog</id>
     <title>Cwtch Development Log</title>
-    <updated>2024-01-05T00:00:00.000Z</updated>
+    <updated>2024-01-12T00:00:00.000Z</updated>
     <generator>https://github.com/jpmonette/feed</generator>
     <link rel="alternate" href="https://docs.cwtch.im/blog"/>
     <subtitle>The latest insight into Cwtch Development and what the Cwtch team are working on</subtitle>
     <icon>https://docs.cwtch.im/img/favicon.png</icon>
     <rights>Copyright © ${new Date().getFullYear()} Open Privacy Research Society</rights>
+    <entry>
+        <title type="html"><![CDATA[Enhanced Permissions]]></title>
+        <id>https://docs.cwtch.im/blog/enhanced-permissions</id>
+        <link href="https://docs.cwtch.im/blog/enhanced-permissions"/>
+        <updated>2024-01-12T00:00:00.000Z</updated>
+        <summary type="html"><![CDATA[An introduction to the new fine-grained permissions API exposed in libCwtch]]></summary>
+        <content type="html"><![CDATA[<p><a href="https://docs.cwtch.im/blog/path-to-hybrid-groups">Last week</a>, we mentioned that <!-- --><strong>enhanced permissions</strong> are esential to implementing many of the aspects
+of the new <!-- --><strong>hybrid groups</strong> design.<!-- --></p>
+<!-- --><p>In this post we will introduce the new enhanced permissions api in libCwtch, explain why it is needed, and how future version of Cwtch will manage
+conversation-level permissions.</p>
+<!-- --><p><img loading="lazy" src="https://docs.cwtch.im/assets/images/enhancedpermissions-a654ed1dfe43e9abc541278df1fda501.png" width="1005" height="481" class="img_ev3q"></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-do-conversation-level-permissions-work-in-cwtch-right-now">How do conversation-level permissions work in Cwtch right now?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-do-conversation-level-permissions-work-in-cwtch-right-now" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>Underneath the libCwtch API, all conversations maintain an access control list. For peer-to-peer conversations this list has a single entry, keyed by
+the handle of the contact.</p>
+<!-- --><p>Currently, this access control list only maintains the <!-- --><code>Blocked</code>-state of the contact. If a user blocks another, then this is where the flag is stored. While
+there are other fields in this list, they have been unused, until now.<!-- --></p>
+<!-- --><p>Additionally, each conversation also stored an <!-- --><code>Accepted</code> flag, indicating if the user has approved a contact request. The <!-- --><code>Accepted</code> flag has many different
+effects including whether certain features (like file sharing) are accessible, or whether the connection attempts with the contact are tried automatically.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-are-enhanced-permissions">What Are Enhanced Permissions?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#what-are-enhanced-permissions" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>The current approach has several issues. The major one being that profiles have minimal control over how they deal with contacts. Ideally, you should be able to
+automatically attempt to connect with a given cwtch user, but not allow file shares, for example.</p>
+<!-- --><p>This is the initial driving use case behind Enhanced Permissions. Exposing this underlying ACL and augmenting it with additional flags like <!-- --><code>ShareFiles</code>,
+<!-- --><code>RenderImages</code>, and <!-- --><code>AutoConnect</code>.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="the-api">The API<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#the-api" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>Enhanced permissions will be available through a new set of low level libCwtch APIs i.e.:</p>
+<!-- --><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">	UpdateConversationAccessControlList(id int, acl model.AccessControlList) error</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	EnhancedUpdateConversationAccessControlList(conversation int, serialized_acl string) error</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	GetConversationAccessControlList(conversation int) (model.AccessControlList, error)</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	EnhancedGetConversationAccessControlList(conversation int) (string, error)</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
+<!-- --><p>As with other libCwtch APIs the <!-- --><code>Enhanced</code> functions speak JSON and be suitable for integration with UIs and other clients that cannot speak the
+Go model.<!-- --></p>
+<!-- --><p><code>AccessControlList</code> maintains it's current structure, while <!-- --><code>AccessControl</code> itself has been augmented with the fields
+described in the previous section.<!-- --></p>
+<!-- --><p>Existing access-control APIs e.g. <!-- --><code>AcceptConversation</code>, <!-- --><code>BlockConversation</code> and <!-- --><code>UnblockConversation</code> have been updated
+internally to use the augmented <!-- --><code>AccessControl</code> model, and will be able to be safely used by existing and future clients.<!-- --></p>
+<!-- --><p>However, the <!-- --><code>Accepted</code> field in the <!-- --><code>Conversation</code> model is now considered deprecated, and will be removed in a future Cwtch version.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-will-migration-work">How will Migration Work?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-will-migration-work" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>To simplify migration newer versions of Cwtch will detect if Enhanced Permissions have been enabled, and if they haven't will automatically turn on
+all new flags for <!-- --><code>Accepted</code> conversations. This will maintain behaviour between versions, and should minimize any potential confusion.<!-- --></p>
+<!-- --><p>You will then be able to modify this ACL on a per-conversation level in the Cwtch UI.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="when-will-enhanced-permissions-be-available">When will Enhanced Permissions be Available?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#when-will-enhanced-permissions-be-available" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>We are aiming to roll out a nightly with Enhanced Permissions in the coming weeks. We will then spend some time iterating
+on the UI to ensure that the new permissions are understandable and usable.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-does-this-fit-into-hybrid-groups">How does this fit into Hybrid Groups?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-does-this-fit-into-hybrid-groups" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>That is not the end of the story as far as Enhanced Permissions go. As I mentioned above for peer-to-peer conversations the
+ACL has a single entry.</p>
+<!-- --><p>For Hybrid Groups, this list will have multiple entries, for each member of the group. This will allow group admins to
+control who can post to a group, and what kinds of messages they can post.</p>
+<!-- --><p>How this list will be maintained, propagated, and authenticated by group members will be a topic of a future development log.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="stay-up-to-date">Stay up to date!<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#stay-up-to-date" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>As always, we will be regularly updating this devlog <!-- --><a href="https://fosstodon.org/@cwtch" target="_blank" rel="noopener noreferrer">and other channels</a> as we continue to make progress towards
+surveillance resistant infrastructure!<!-- --></p>
+<!-- --><p>Subscribe to our <!-- --><a href="https://docs.cwtch.im/blog/rss.xml">RSS feed</a>, <!-- --><a href="https://docs.cwtch.im/blog/atom.xml">Atom feed</a>, or <!-- --><a href="https://docs.cwtch.im/blog/feed.json">JSON feed</a> to stay up to date, and get the latest on, all aspects of Cwtch development.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="help-us-go-further">Help us go further!<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#help-us-go-further" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>We couldn't do what we do without all the wonderful community support we get, from <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">one-off donations</a> to <!-- --><a href="https://www.patreon.com/openprivacy" target="_blank" rel="noopener noreferrer">recurring support via Patreon</a>.<!-- --></p>
+<!-- --><p>If you want to see us move faster on some of these goals and are in a position to, please <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">donate</a>. If you happen to be at a company that wants to do more for the community and this aligns, please consider donating or sponsoring a developer.<!-- --></p>
+<!-- --><p>Donations of <!-- --><strong>$5 or more</strong> can opt to receive stickers as a thank-you gift!<!-- --></p>
+<!-- --><p>For more information about donating to Open Privacy and claiming a thank you gift <!-- --><a href="https://openprivacy.ca/donate/" target="_blank" rel="noopener noreferrer">please visit the Open Privacy Donate page</a>.<!-- --></p>
+<!-- --><p><img loading="lazy" alt="A Photo of Cwtch Stickers" src="https://docs.cwtch.im/assets/images/stickers-new-1e9b14bdd638b4907cce833e813a09ad.jpg" width="1024" height="768" class="img_ev3q"></p>]]></content>
+        <author>
+            <name>Sarah Jamie Lewis</name>
+        </author>
+        <category label="cwtch" term="cwtch"/>
+        <category label="hybrid-groups" term="hybrid-groups"/>
+        <category label="acl" term="acl"/>
+    </entry>
     <entry>
         <title type="html"><![CDATA[Path to Hybrid Groups]]></title>
         <id>https://docs.cwtch.im/blog/path-to-hybrid-groups</id>
@@ -1047,69 +1110,4 @@ without an associated decoration).<!-- --></p>
         <category label="bindings" term="bindings"/>
         <category label="repliqate" term="repliqate"/>
     </entry>
-    <entry>
-        <title type="html"><![CDATA[Notes on Cwtch UI Testing]]></title>
-        <id>https://docs.cwtch.im/blog/cwtch-testing-i</id>
-        <link href="https://docs.cwtch.im/blog/cwtch-testing-i"/>
-        <updated>2023-02-03T00:00:00.000Z</updated>
-        <summary type="html"><![CDATA[In this development log we provide an update on automated UI integration testing!]]></summary>
-        <content type="html"><![CDATA[<p>We first <!-- --><a href="https://openprivacy.ca/discreet-log/23-cucumber-testing/" target="_blank" rel="noopener noreferrer">introduced UI tests last January</a>. At the time we had developed a suite of UI tests that could be run manually in a development environment. However, we faced a number of issues consistently running these tests in our automated pipelines.<!-- --></p>
-<!-- --><p>One of the main threads of work that needs to be complete early in the <!-- --><a href="https://docs.cwtch.im/blog/path-to-cwtch-stable" target="_blank" rel="noopener noreferrer">Cwtch Stable roadmap</a> is integrating UI tests into our CI pipelines, in addition to expanding their scope. Now that Flutter 3 has stabilized desktop support, and we have invested effort in improving Cwtch performance, it is time to ensure these tests are running on every build.<!-- --></p>
-<!-- --><p><img loading="lazy" src="https://docs.cwtch.im/assets/images/devlog5-3d09f11235d2bc53dd5e6f68d231cd53.png" width="1005" height="481" class="img_ev3q"></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="current-limitations-of-flutter-gherkin">Current Limitations of Flutter Gherkin<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#current-limitations-of-flutter-gherkin" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>The original <!-- --><a href="https://pub.dev/packages/flutter_gherkin" target="_blank" rel="noopener noreferrer">flutter_gherkin</a> is under semi-active development; however, the latest published versions don't support using it with <!-- --><code>flutter test</code>.<!-- --></p>
-<!-- --><ul>
-<!-- --><li><strong>Flutter Test</strong> was originally intended to run single widget/unit tests for a Flutter project.<!-- --></li>
-<!-- --><li><strong>Flutter Drive</strong> was originally intended to run integration tests <!-- --><em>on a device or an emulator</em>.<!-- --></li>
-<!-- --></ul>
-<!-- --><p>However, in recent releases these lines have become blurred. The new <!-- --><a href="https://docs.flutter.dev/testing/integration-tests" target="_blank" rel="noopener noreferrer">integration_test</a> package that comes built into newer Flutter releases has support for both <!-- --><code>flutter drive</code> and <!-- --><code>flutter test</code>. This was a great change because it decreases the required overhead to run larger integration tests (<!-- --><code>flutter drive</code> sets up a host-controller model that requires a dedicated control channel to be setup, whereas <!-- --><code>flutter test</code> can take advantage of the knowledge that it is being run in the same process, and is noticeably faster - very important when the goal is to run tests as often as possible).<!-- --></p>
-<!-- --><p>There is thankfully code in the <!-- --><code>flutter_gherkin</code> repository that supports running tests with <!-- --><code>flutter test</code>, however this code currently has a few issues:<!-- --></p>
-<!-- --><ul>
-<!-- --><li>The test code generation produces code that doesn't compile without minor changes.</li>
-<!-- --><li>Certain functionality like "take a screenshot" does not work on desktop.</li>
-<!-- --></ul>
-<!-- --><p>Additionally, there are a few limitations in built-in flutter_gherkin steps that we noticed our tests running into:</p>
-<!-- --><ul>
-<!-- --><li>Certain tests that fail with async timeouts will cause Flutter exceptions instead of a failed test.</li>
-<!-- --><li>Certain Flutter widgets like <!-- --><code>DropdownButton</code> are not compatible with built-in steps like <!-- --><code>tap</code> because they internally contain multiple copies of the same widget.<!-- --></li>
-<!-- --></ul>
-<!-- --><p>Because of the above issues we have chosen to <!-- --><a href="https://git.openprivacy.ca/openprivacy/flutter_gherkin" target="_blank" rel="noopener noreferrer">fork flutter_gherkin</a> to fix some of these issues, with the intent of contributing significant fixes upstream, while allowing us to iterate faster on Flutter UI testing.<!-- --></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="integrating-tests-into-the-pipeline">Integrating Tests into the Pipeline<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#integrating-tests-into-the-pipeline" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>One of the major limitations of <!-- --><code>flutter test</code> is the lack of a headless mode. In order to successfully run tests in our pipeline we need a headless mode, as most of the containers we use do not have any kind of active display.<!-- --></p>
-<!-- --><p>Thankfully it is possible to use <!-- --><a href="https://en.wikipedia.org/wiki/Xvfb" target="_blank" rel="noopener noreferrer">Xfvb</a> to create a virtual framebuffer, and set <!-- --><code>DISPLAY</code> to render to that buffer:<!-- --></p>
-<!-- --><p>export DISPLAY=:99
-Xvfb -ac :99 -screen 0 1280x1024x24 &gt; /dev/null 2&gt;&amp;1 &amp;</p>
-<!-- --><p>This allows us to neutralize our main issue with <!-- --><code>flutter test</code>, and efficiently run tests in our pipeline.<!-- --></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="catching-bugs">Catching Bugs!<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#catching-bugs" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>This small amount of integration work has already caught its first bug.</p>
-<!-- --><p>Once we had fixed most of the issues outlined above, we were still seeing failures on what should have been a very basic scenario. <!-- --><a href="https://git.openprivacy.ca/cwtch.im/cwtch-ui/src/branch/trunk/integration_test/features/01_general/02_save_load.feature" target="_blank" rel="noopener noreferrer">02_save_load.feature</a> simply turns a set of experiments on and checks that the state is saved. This test runs perfectly fine on
-development environments, but when uploaded to our build pipeline it always failed in the same place - turning on the file sharing experiment.<!-- --></p>
-<!-- --><p>The cause of this was an actual bug in Cwtch UI. The file sharing experiment failed to turn on if the directory <!-- --><code>$USER_HOME/Downloads</code> didn't exist. This is rarely the case on most real world systems, but is the case in our build pipelines. We have since fixed this behaviour to allow file sharing to be turned on even if the usual Download directories are not available.<!-- --></p>
-<!-- --><p>As we enable more of our UI tests in our pipeline, and across more platforms, we expect to catch more subtle issues like the above - a big win for people who use Cwtch!</p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="next-steps">Next Steps<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#next-steps" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><ul>
-<!-- --><li>
-<!-- --><p><strong>More automated tests:</strong> We have a nice collection of pre-written tests that we can begin to automatically run within pipelines. We have already begun this work, and anticipate finishing it before Cwtch 1.11.<!-- --></p>
-<!-- --></li>
-<!-- --><li>
-<!-- --><p><strong>More platforms:</strong> Right now UI tests only run on Linux. In order to fully take advantage of these tests we need to be able to run them across <!-- --><a href="https://docs.cwtch.im/docs/getting-started/supported_platforms" target="_blank" rel="noopener noreferrer">our target platforms</a>. We expect to start this work soon; expect more news in a future Cwtch Testing update!<!-- --></p>
-<!-- --></li>
-<!-- --><li>
-<!-- --><p><strong>More steps:</strong> One of our longer-term goals with UI testing was to produce a language around Cwtch testing that went beyond widgets. We had begun to explore this last year with the <!-- --><code>expect to see the message</code> step. As we grow our test library we will be looking for opportunities to build out additional higher-level and Cwtch-specific constructs, e.g. <!-- --><code>send a file</code> or <!-- --><code>set profile picture</code>.<!-- --></p>
-<!-- --></li>
-<!-- --></ul>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="help-us-go-further">Help us go further!<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#help-us-go-further" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>We couldn't do what we do without all the wonderful community support we get, from <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">one-off donations</a> to <!-- --><a href="https://www.patreon.com/openprivacy" target="_blank" rel="noopener noreferrer">recurring support via Patreon</a>.<!-- --></p>
-<!-- --><p>If you want to see us move faster on some of these goals and are in a position to, please <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">donate</a>. If you happen to be at a company that wants to do more for the community and this aligns, please consider donating or sponsoring a developer.<!-- --></p>
-<!-- --><p>Donations of <!-- --><strong>$5 or more</strong> can opt to receive stickers as a thank-you gift!<!-- --></p>
-<!-- --><p>For more information about donating to Open Privacy and claiming a thank you gift <!-- --><a href="https://openprivacy.ca/donate/" target="_blank" rel="noopener noreferrer">please visit the Open Privacy Donate page</a>.<!-- --></p>
-<!-- --><p><img loading="lazy" alt="A Photo of Cwtch Stickers" src="https://docs.cwtch.im/assets/images/stickers-new-1e9b14bdd638b4907cce833e813a09ad.jpg" width="1024" height="768" class="img_ev3q"></p>]]></content>
-        <author>
-            <name>Sarah Jamie Lewis</name>
-        </author>
-        <category label="cwtch" term="cwtch"/>
-        <category label="cwtch-stable" term="cwtch-stable"/>
-        <category label="support" term="support"/>
-        <category label="testing" term="testing"/>
-    </entry>
 </feed>

build-staging/blog/rss.xml

@@ -4,11 +4,71 @@
         <title>Cwtch Development Log</title>
         <link>https://docs.cwtch.im/blog</link>
         <description>The latest insight into Cwtch Development and what the Cwtch team are working on</description>
-        <lastBuildDate>Fri, 05 Jan 2024 00:00:00 GMT</lastBuildDate>
+        <lastBuildDate>Fri, 12 Jan 2024 00:00:00 GMT</lastBuildDate>
         <docs>https://validator.w3.org/feed/docs/rss2.html</docs>
         <generator>https://github.com/jpmonette/feed</generator>
         <language>en</language>
         <copyright>Copyright © ${new Date().getFullYear()} Open Privacy Research Society</copyright>
+        <item>
+            <title><![CDATA[Enhanced Permissions]]></title>
+            <link>https://docs.cwtch.im/blog/enhanced-permissions</link>
+            <guid>https://docs.cwtch.im/blog/enhanced-permissions</guid>
+            <pubDate>Fri, 12 Jan 2024 00:00:00 GMT</pubDate>
+            <description><![CDATA[An introduction to the new fine-grained permissions API exposed in libCwtch]]></description>
+            <content:encoded><![CDATA[<p><a href="https://docs.cwtch.im/blog/path-to-hybrid-groups">Last week</a>, we mentioned that <!-- --><strong>enhanced permissions</strong> are esential to implementing many of the aspects
+of the new <!-- --><strong>hybrid groups</strong> design.<!-- --></p>
+<!-- --><p>In this post we will introduce the new enhanced permissions api in libCwtch, explain why it is needed, and how future version of Cwtch will manage
+conversation-level permissions.</p>
+<!-- --><p><img loading="lazy" src="https://docs.cwtch.im/assets/images/enhancedpermissions-a654ed1dfe43e9abc541278df1fda501.png" width="1005" height="481" class="img_ev3q"></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-do-conversation-level-permissions-work-in-cwtch-right-now">How do conversation-level permissions work in Cwtch right now?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-do-conversation-level-permissions-work-in-cwtch-right-now" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>Underneath the libCwtch API, all conversations maintain an access control list. For peer-to-peer conversations this list has a single entry, keyed by
+the handle of the contact.</p>
+<!-- --><p>Currently, this access control list only maintains the <!-- --><code>Blocked</code>-state of the contact. If a user blocks another, then this is where the flag is stored. While
+there are other fields in this list, they have been unused, until now.<!-- --></p>
+<!-- --><p>Additionally, each conversation also stored an <!-- --><code>Accepted</code> flag, indicating if the user has approved a contact request. The <!-- --><code>Accepted</code> flag has many different
+effects including whether certain features (like file sharing) are accessible, or whether the connection attempts with the contact are tried automatically.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="what-are-enhanced-permissions">What Are Enhanced Permissions?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#what-are-enhanced-permissions" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>The current approach has several issues. The major one being that profiles have minimal control over how they deal with contacts. Ideally, you should be able to
+automatically attempt to connect with a given cwtch user, but not allow file shares, for example.</p>
+<!-- --><p>This is the initial driving use case behind Enhanced Permissions. Exposing this underlying ACL and augmenting it with additional flags like <!-- --><code>ShareFiles</code>,
+<!-- --><code>RenderImages</code>, and <!-- --><code>AutoConnect</code>.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="the-api">The API<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#the-api" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>Enhanced permissions will be available through a new set of low level libCwtch APIs i.e.:</p>
+<!-- --><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">	UpdateConversationAccessControlList(id int, acl model.AccessControlList) error</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	EnhancedUpdateConversationAccessControlList(conversation int, serialized_acl string) error</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	GetConversationAccessControlList(conversation int) (model.AccessControlList, error)</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">	EnhancedGetConversationAccessControlList(conversation int) (string, error)</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
+<!-- --><p>As with other libCwtch APIs the <!-- --><code>Enhanced</code> functions speak JSON and be suitable for integration with UIs and other clients that cannot speak the
+Go model.<!-- --></p>
+<!-- --><p><code>AccessControlList</code> maintains it's current structure, while <!-- --><code>AccessControl</code> itself has been augmented with the fields
+described in the previous section.<!-- --></p>
+<!-- --><p>Existing access-control APIs e.g. <!-- --><code>AcceptConversation</code>, <!-- --><code>BlockConversation</code> and <!-- --><code>UnblockConversation</code> have been updated
+internally to use the augmented <!-- --><code>AccessControl</code> model, and will be able to be safely used by existing and future clients.<!-- --></p>
+<!-- --><p>However, the <!-- --><code>Accepted</code> field in the <!-- --><code>Conversation</code> model is now considered deprecated, and will be removed in a future Cwtch version.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-will-migration-work">How will Migration Work?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-will-migration-work" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>To simplify migration newer versions of Cwtch will detect if Enhanced Permissions have been enabled, and if they haven't will automatically turn on
+all new flags for <!-- --><code>Accepted</code> conversations. This will maintain behaviour between versions, and should minimize any potential confusion.<!-- --></p>
+<!-- --><p>You will then be able to modify this ACL on a per-conversation level in the Cwtch UI.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="when-will-enhanced-permissions-be-available">When will Enhanced Permissions be Available?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#when-will-enhanced-permissions-be-available" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>We are aiming to roll out a nightly with Enhanced Permissions in the coming weeks. We will then spend some time iterating
+on the UI to ensure that the new permissions are understandable and usable.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="how-does-this-fit-into-hybrid-groups">How does this fit into Hybrid Groups?<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#how-does-this-fit-into-hybrid-groups" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>That is not the end of the story as far as Enhanced Permissions go. As I mentioned above for peer-to-peer conversations the
+ACL has a single entry.</p>
+<!-- --><p>For Hybrid Groups, this list will have multiple entries, for each member of the group. This will allow group admins to
+control who can post to a group, and what kinds of messages they can post.</p>
+<!-- --><p>How this list will be maintained, propagated, and authenticated by group members will be a topic of a future development log.</p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="stay-up-to-date">Stay up to date!<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#stay-up-to-date" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>As always, we will be regularly updating this devlog <!-- --><a href="https://fosstodon.org/@cwtch" target="_blank" rel="noopener noreferrer">and other channels</a> as we continue to make progress towards
+surveillance resistant infrastructure!<!-- --></p>
+<!-- --><p>Subscribe to our <!-- --><a href="https://docs.cwtch.im/blog/rss.xml">RSS feed</a>, <!-- --><a href="https://docs.cwtch.im/blog/atom.xml">Atom feed</a>, or <!-- --><a href="https://docs.cwtch.im/blog/feed.json">JSON feed</a> to stay up to date, and get the latest on, all aspects of Cwtch development.<!-- --></p>
+<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="help-us-go-further">Help us go further!<!-- --><a href="https://docs.cwtch.im/blog/enhanced-permissions#help-us-go-further" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
+<!-- --><p>We couldn't do what we do without all the wonderful community support we get, from <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">one-off donations</a> to <!-- --><a href="https://www.patreon.com/openprivacy" target="_blank" rel="noopener noreferrer">recurring support via Patreon</a>.<!-- --></p>
+<!-- --><p>If you want to see us move faster on some of these goals and are in a position to, please <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">donate</a>. If you happen to be at a company that wants to do more for the community and this aligns, please consider donating or sponsoring a developer.<!-- --></p>
+<!-- --><p>Donations of <!-- --><strong>$5 or more</strong> can opt to receive stickers as a thank-you gift!<!-- --></p>
+<!-- --><p>For more information about donating to Open Privacy and claiming a thank you gift <!-- --><a href="https://openprivacy.ca/donate/" target="_blank" rel="noopener noreferrer">please visit the Open Privacy Donate page</a>.<!-- --></p>
+<!-- --><p><img loading="lazy" alt="A Photo of Cwtch Stickers" src="https://docs.cwtch.im/assets/images/stickers-new-1e9b14bdd638b4907cce833e813a09ad.jpg" width="1024" height="768" class="img_ev3q"></p>]]></content:encoded>
+            <category>cwtch</category>
+            <category>hybrid-groups</category>
+            <category>acl</category>
+        </item>
         <item>
             <title><![CDATA[Path to Hybrid Groups]]></title>
             <link>https://docs.cwtch.im/blog/path-to-hybrid-groups</link>
@@ -991,67 +1051,5 @@ without an associated decoration).<!-- --></p>
             <category>bindings</category>
             <category>repliqate</category>
         </item>
-        <item>
-            <title><![CDATA[Notes on Cwtch UI Testing]]></title>
-            <link>https://docs.cwtch.im/blog/cwtch-testing-i</link>
-            <guid>https://docs.cwtch.im/blog/cwtch-testing-i</guid>
-            <pubDate>Fri, 03 Feb 2023 00:00:00 GMT</pubDate>
-            <description><![CDATA[In this development log we provide an update on automated UI integration testing!]]></description>
-            <content:encoded><![CDATA[<p>We first <!-- --><a href="https://openprivacy.ca/discreet-log/23-cucumber-testing/" target="_blank" rel="noopener noreferrer">introduced UI tests last January</a>. At the time we had developed a suite of UI tests that could be run manually in a development environment. However, we faced a number of issues consistently running these tests in our automated pipelines.<!-- --></p>
-<!-- --><p>One of the main threads of work that needs to be complete early in the <!-- --><a href="https://docs.cwtch.im/blog/path-to-cwtch-stable" target="_blank" rel="noopener noreferrer">Cwtch Stable roadmap</a> is integrating UI tests into our CI pipelines, in addition to expanding their scope. Now that Flutter 3 has stabilized desktop support, and we have invested effort in improving Cwtch performance, it is time to ensure these tests are running on every build.<!-- --></p>
-<!-- --><p><img loading="lazy" src="https://docs.cwtch.im/assets/images/devlog5-3d09f11235d2bc53dd5e6f68d231cd53.png" width="1005" height="481" class="img_ev3q"></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="current-limitations-of-flutter-gherkin">Current Limitations of Flutter Gherkin<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#current-limitations-of-flutter-gherkin" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>The original <!-- --><a href="https://pub.dev/packages/flutter_gherkin" target="_blank" rel="noopener noreferrer">flutter_gherkin</a> is under semi-active development; however, the latest published versions don't support using it with <!-- --><code>flutter test</code>.<!-- --></p>
-<!-- --><ul>
-<!-- --><li><strong>Flutter Test</strong> was originally intended to run single widget/unit tests for a Flutter project.<!-- --></li>
-<!-- --><li><strong>Flutter Drive</strong> was originally intended to run integration tests <!-- --><em>on a device or an emulator</em>.<!-- --></li>
-<!-- --></ul>
-<!-- --><p>However, in recent releases these lines have become blurred. The new <!-- --><a href="https://docs.flutter.dev/testing/integration-tests" target="_blank" rel="noopener noreferrer">integration_test</a> package that comes built into newer Flutter releases has support for both <!-- --><code>flutter drive</code> and <!-- --><code>flutter test</code>. This was a great change because it decreases the required overhead to run larger integration tests (<!-- --><code>flutter drive</code> sets up a host-controller model that requires a dedicated control channel to be setup, whereas <!-- --><code>flutter test</code> can take advantage of the knowledge that it is being run in the same process, and is noticeably faster - very important when the goal is to run tests as often as possible).<!-- --></p>
-<!-- --><p>There is thankfully code in the <!-- --><code>flutter_gherkin</code> repository that supports running tests with <!-- --><code>flutter test</code>, however this code currently has a few issues:<!-- --></p>
-<!-- --><ul>
-<!-- --><li>The test code generation produces code that doesn't compile without minor changes.</li>
-<!-- --><li>Certain functionality like "take a screenshot" does not work on desktop.</li>
-<!-- --></ul>
-<!-- --><p>Additionally, there are a few limitations in built-in flutter_gherkin steps that we noticed our tests running into:</p>
-<!-- --><ul>
-<!-- --><li>Certain tests that fail with async timeouts will cause Flutter exceptions instead of a failed test.</li>
-<!-- --><li>Certain Flutter widgets like <!-- --><code>DropdownButton</code> are not compatible with built-in steps like <!-- --><code>tap</code> because they internally contain multiple copies of the same widget.<!-- --></li>
-<!-- --></ul>
-<!-- --><p>Because of the above issues we have chosen to <!-- --><a href="https://git.openprivacy.ca/openprivacy/flutter_gherkin" target="_blank" rel="noopener noreferrer">fork flutter_gherkin</a> to fix some of these issues, with the intent of contributing significant fixes upstream, while allowing us to iterate faster on Flutter UI testing.<!-- --></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="integrating-tests-into-the-pipeline">Integrating Tests into the Pipeline<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#integrating-tests-into-the-pipeline" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>One of the major limitations of <!-- --><code>flutter test</code> is the lack of a headless mode. In order to successfully run tests in our pipeline we need a headless mode, as most of the containers we use do not have any kind of active display.<!-- --></p>
-<!-- --><p>Thankfully it is possible to use <!-- --><a href="https://en.wikipedia.org/wiki/Xvfb" target="_blank" rel="noopener noreferrer">Xfvb</a> to create a virtual framebuffer, and set <!-- --><code>DISPLAY</code> to render to that buffer:<!-- --></p>
-<!-- --><p>export DISPLAY=:99
-Xvfb -ac :99 -screen 0 1280x1024x24 &gt; /dev/null 2&gt;&amp;1 &amp;</p>
-<!-- --><p>This allows us to neutralize our main issue with <!-- --><code>flutter test</code>, and efficiently run tests in our pipeline.<!-- --></p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="catching-bugs">Catching Bugs!<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#catching-bugs" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>This small amount of integration work has already caught its first bug.</p>
-<!-- --><p>Once we had fixed most of the issues outlined above, we were still seeing failures on what should have been a very basic scenario. <!-- --><a href="https://git.openprivacy.ca/cwtch.im/cwtch-ui/src/branch/trunk/integration_test/features/01_general/02_save_load.feature" target="_blank" rel="noopener noreferrer">02_save_load.feature</a> simply turns a set of experiments on and checks that the state is saved. This test runs perfectly fine on
-development environments, but when uploaded to our build pipeline it always failed in the same place - turning on the file sharing experiment.<!-- --></p>
-<!-- --><p>The cause of this was an actual bug in Cwtch UI. The file sharing experiment failed to turn on if the directory <!-- --><code>$USER_HOME/Downloads</code> didn't exist. This is rarely the case on most real world systems, but is the case in our build pipelines. We have since fixed this behaviour to allow file sharing to be turned on even if the usual Download directories are not available.<!-- --></p>
-<!-- --><p>As we enable more of our UI tests in our pipeline, and across more platforms, we expect to catch more subtle issues like the above - a big win for people who use Cwtch!</p>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="next-steps">Next Steps<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#next-steps" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><ul>
-<!-- --><li>
-<!-- --><p><strong>More automated tests:</strong> We have a nice collection of pre-written tests that we can begin to automatically run within pipelines. We have already begun this work, and anticipate finishing it before Cwtch 1.11.<!-- --></p>
-<!-- --></li>
-<!-- --><li>
-<!-- --><p><strong>More platforms:</strong> Right now UI tests only run on Linux. In order to fully take advantage of these tests we need to be able to run them across <!-- --><a href="https://docs.cwtch.im/docs/getting-started/supported_platforms" target="_blank" rel="noopener noreferrer">our target platforms</a>. We expect to start this work soon; expect more news in a future Cwtch Testing update!<!-- --></p>
-<!-- --></li>
-<!-- --><li>
-<!-- --><p><strong>More steps:</strong> One of our longer-term goals with UI testing was to produce a language around Cwtch testing that went beyond widgets. We had begun to explore this last year with the <!-- --><code>expect to see the message</code> step. As we grow our test library we will be looking for opportunities to build out additional higher-level and Cwtch-specific constructs, e.g. <!-- --><code>send a file</code> or <!-- --><code>set profile picture</code>.<!-- --></p>
-<!-- --></li>
-<!-- --></ul>
-<!-- --><h2 class="anchor anchorWithStickyNavbar_LWe7" id="help-us-go-further">Help us go further!<!-- --><a href="https://docs.cwtch.im/blog/cwtch-testing-i#help-us-go-further" class="hash-link" aria-label="Direct link to heading" title="Direct link to heading">​</a></h2>
-<!-- --><p>We couldn't do what we do without all the wonderful community support we get, from <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">one-off donations</a> to <!-- --><a href="https://www.patreon.com/openprivacy" target="_blank" rel="noopener noreferrer">recurring support via Patreon</a>.<!-- --></p>
-<!-- --><p>If you want to see us move faster on some of these goals and are in a position to, please <!-- --><a href="https://openprivacy.ca/donate" target="_blank" rel="noopener noreferrer">donate</a>. If you happen to be at a company that wants to do more for the community and this aligns, please consider donating or sponsoring a developer.<!-- --></p>
-<!-- --><p>Donations of <!-- --><strong>$5 or more</strong> can opt to receive stickers as a thank-you gift!<!-- --></p>
-<!-- --><p>For more information about donating to Open Privacy and claiming a thank you gift <!-- --><a href="https://openprivacy.ca/donate/" target="_blank" rel="noopener noreferrer">please visit the Open Privacy Donate page</a>.<!-- --></p>
-<!-- --><p><img loading="lazy" alt="A Photo of Cwtch Stickers" src="https://docs.cwtch.im/assets/images/stickers-new-1e9b14bdd638b4907cce833e813a09ad.jpg" width="1024" height="768" class="img_ev3q"></p>]]></content:encoded>
-            <category>cwtch</category>
-            <category>cwtch-stable</category>
-            <category>support</category>
-            <category>testing</category>
-        </item>
     </channel>
 </rss>

build-staging/de/assets/js/08a52b3e.52cf549d.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[9580],{6754:e=>{e.exports=JSON.parse('{"permalink":"/de/blog/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/de/blog/page/2","blogDescription":"Die neuste Aktualisierung der Cwtch Entwicklung.","blogTitle":"Entwicklungsprotokoll"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[9580],{6754:e=>{e.exports=JSON.parse('{"permalink":"/de/blog/page/3","page":3,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/de/blog/page/2","blogDescription":"Die neuste Aktualisierung der Cwtch Entwicklung.","blogTitle":"Entwicklungsprotokoll"}')}}]);

build-staging/de/assets/js/0c915b16.ac3c6483.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2833],{6317:e=>{e.exports=JSON.parse('{"label":"cwtch","permalink":"/de/blog/tags/cwtch","allTagsPath":"/de/blog/tags","count":24,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2833],{6317:e=>{e.exports=JSON.parse('{"label":"cwtch","permalink":"/de/blog/tags/cwtch","allTagsPath":"/de/blog/tags","count":25,"unlisted":false}')}}]);

build-staging/de/assets/js/1a97c86e.3de32637.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[3727],{9074:e=>{e.exports=JSON.parse('{"permalink":"/de/blog/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":24,"previousPage":"/de/blog","nextPage":"/de/blog/page/3","blogDescription":"Die neuste Aktualisierung der Cwtch Entwicklung.","blogTitle":"Entwicklungsprotokoll"}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[3727],{9074:e=>{e.exports=JSON.parse('{"permalink":"/de/blog/page/2","page":2,"postsPerPage":10,"totalPages":3,"totalCount":25,"previousPage":"/de/blog","nextPage":"/de/blog/page/3","blogDescription":"Die neuste Aktualisierung der Cwtch Entwicklung.","blogTitle":"Entwicklungsprotokoll"}')}}]);

build-staging/de/assets/js/28734d29.18e69050.js

@@ -1 +1 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1860],{4512:e=>{e.exports=JSON.parse('{"label":"cwtch","permalink":"/de/blog/tags/cwtch","allTagsPath":"/de/blog/tags","count":24,"unlisted":false}')}}]);
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[1860],{4512:e=>{e.exports=JSON.parse('{"label":"cwtch","permalink":"/de/blog/tags/cwtch","allTagsPath":"/de/blog/tags","count":25,"unlisted":false}')}}]);