profile
viewpoint
Andy Matuschak andymatuschak San Francisco, CA http://andymatuschak.org Wonder, blunder, salve, solve! Working on tools that expand what people can think and do. Past: led R&D @khanacademy; helped build iOS @apple.

andymatuschak/note-link-janitor 294

Maintains backlink structure among interlinked Markdown notes

andymatuschak/Khan-Academy-Offer-Acceptance-Toy 76

The playful way that I joined Khan Academy.

andymatuschak/Bear-Markdown-Export 34

Markdown export from Bear sqlite database

andymatuschak/DOMNodeAndChildOffsetContainingViewportLocation 7

What is at this location—to the letter?

andymatuschak/66 4

Quartz Composer-based reinterpretation of Tangent Spaces' reinterpretation of Geometry Daily #66

andymatuschak/alfred-bear 2

Alfred 3 workflow to create and search notes in Bear.

andymatuschak/alfred-ulysses-workflow 2

Alfred 3 workflow for Ulysses

andymatuschak/bear-link-janitor 2

A fairly dangerous script which monitors + fixes broken wiki-style links in one's Bear library

andymatuschak/dynamicland-video-dropzone 2

Physical-to-digital-to-physical bridge for video in Dynamicland: video uploading webserver

andymatuschak/articles 1

All current objc.io articles

pull request commentexpo/expo

Fixes #7166: don't use deprecated PHAsset API on macOS Catalyst

@sjchmiela Done; sorry that I missed that the first time around.

andymatuschak

comment created time in 4 days

push eventandymatuschak/expo

Andy Matuschak

commit sha b26837c0d88a5559365bb1b80740d284bf08cd83

Updated changelog for #9055

view details

push time in 4 days

PR opened expo/expo

Reviewers
Fixes #7166: don't use deprecated PHAsset API on macOS Catalyst

Why

Per #7166, expo-file-system doesn't build on macOS Catalyst because it uses a PHAsset API which has been deprecated since iOS 8 (and which has been removed in the Catalyst SDK).

How

I've made attempts to access assets at these old URL schemes fail on Catalyst. It'll also warn the developer (the first time).

Test Plan

Compile EXFileSystem against the Catalyst SDK.

+9 -0

0 comment

1 changed file

pr created time in 5 days

push eventandymatuschak/expo

Andy Matuschak

commit sha c947d523fea29a9876eba3a952490e7301b3a3d3

Fixes #7166: don't use deprecated PHAsset API on macOS Catalyst

view details

push time in 5 days

startedsamuelgozi/firebase-auth-lite

started time in 6 days

issue commentsamuelgozi/firebase-auth-lite

Switch to IndexedDB

To recap; I will switch to IndexedDB in the future

FWIW, there are some contexts where local storage will remain the better option: for example, Safari forbids IDB access in iframes. I like your dependency injection approach!

aidarkhanov

comment created time in 6 days

issue closedandymatuschak/note-link-janitor

License Info

Thank you for open sourcing this tool. Do you have any plans to add a license to the repo? I'd like to use some of the ideas in my own project, specifically the nearest block heuristic for adding context to backlinks. The package.json says MIT license but I'm not sure if that was an intentional choice or just a default. Cheers.

closed time in 8 days

lukesmurray

issue commentandymatuschak/note-link-janitor

License Info

Ah, good nudge; added an MIT LICENSE file in #7.

lukesmurray

comment created time in 8 days

push eventandymatuschak/note-link-janitor

Andy Matuschak

commit sha a56dfbf411a7baac53e04627c2b9d052252aa936

Add MIT license to repo

view details

Andy Matuschak

commit sha 033ec23b8ce5c15db3ef949c5b1f6d9dd283bdab

Merge pull request #7 from andymatuschak/add-license-1 Add MIT license to repo

view details

push time in 8 days

create barnchandymatuschak/note-link-janitor

branch : add-license-1

created branch time in 8 days

PR opened tradle/asyncstorage-down

Add reference to react-native-leveldown

Hi, all! My project has some intense data requirements, so I've implemented a new library providing native bindings to LevelDB (currently iOS/Mac only). In my Readme, I link to asyncstorage-down as an alternative for folks who don't want to add native modules to their project

I wondered if you all might be up for linking to my implementation for people who are interested in a native implementation? No worries if not—I'm mostly hoping to attract the help of someone who might feel like implementing the Android shim. :)

+4 -0

0 comment

1 changed file

pr created time in 10 days

push eventandymatuschak/asyncstorage-down

Andy Matuschak

commit sha 5c69f387baddb4d0e441a27badec5c13efb94029

Add reference to react-native-leveldown

view details

push time in 10 days

fork andymatuschak/asyncstorage-down

A leveldown API implementation that maps to AsyncStorage in React Native

fork in 10 days

PR opened jondot/awesome-react-native

Adding react-native-leveldown

Hi all! Adding a link to this new LevelDB binding for React Native: https://github.com/andymatuschak/react-native-leveldown

+1 -0

0 comment

1 changed file

pr created time in 10 days

push eventandymatuschak/awesome-react-native

Andy Matuschak

commit sha 32833ef0ad553f4bd5c3afd62e65789d2ce7eb58

Adding react-native-leveldown

view details

push time in 10 days

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha 581730b07be6c42c47af2fb859e9016dc527341d

Contrast with abstract-leveldown

view details

push time in 10 days

fork andymatuschak/awesome-react-native

Awesome React Native components, news, tools, and learning material!

http://www.awesome-react-native.com

fork in 10 days

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha f3e87169d5427cb3c9676aab8ba96e97d88f5cdb

Added reference to Android bindings issue

view details

push time in 10 days

issue openedandymatuschak/react-native-leveldown

Add Android bindings

Right now, this project only has iOS/Mac bindings. I'd like to add Android bindings, too, but I don't have much experience with the Android build system, so I suspect it'll take me a while.

I'd be grateful for help! Looks like there are already LevelDB JNI bindings we can use.

created time in 10 days

PR opened invertase/react-native-firebase

fix(app,ios): Build fails when targeting Mac (Project Catalyst)

Description

The Catalyst SDK does not support assets-library:// URLs (see #2698), which have been deprecated for many years. This patch fixes the build failure when compiling with the Catalyst SDK; requests for such assets will fail and log (the first time).

Related issues

Fixes #2698

Release Summary

Fixes compilation failures when targeting macOS Catalyst.

Checklist

  • I read the Contributor Guide and followed the process outlined there for submitting PRs.
    • [X] Yes
  • My change supports the following platforms;
    • [ ] Android
    • [X] iOS
  • My change includes tests;
    • [ ] e2e tests added or updated in packages/\*\*/e2e
    • [ ] jest tests added or updated in packages/\*\*/__tests__
  • [ ] I have updated TypeScript types that are affected by my change.
  • This is a breaking change;
    • [ ] Yes
    • [X] No

Test Plan

  1. Initialize a new React Native app with react-native init
  2. Integrate @react-native-firebase/app
  3. Check the "macOS" platform box in Xcode to add Catalyst support.
  4. Build for macOS.

🔥

+10 -1

0 comment

1 changed file

pr created time in 11 days

push eventandymatuschak/react-native-firebase

Andy Matuschak

commit sha 90562e03b8f8b5ab4e168f59525293862c419414

Fix #2698: Build fails when targeting Mac (Project Catalyst) The Catalyst SDK does not support `assets-library://` URLs, which have been deprecated for many years. This patch fixes the build failure when compiling with the Catalyst SDK; requests for such assets will fail and log (the first time).

view details

push time in 11 days

fork andymatuschak/react-native-firebase

🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.

https://rnfirebase.io

fork in 11 days

PR opened Level/awesome

Adding react-native-leveldown

I've implemented native LevelDB bindings for React Native in react-native-leveldown. This module passes the abstract-leveldown test suite.

The bindings are currently only implemented for iOS and macOS; patches adding Android bindings would be welcome.

+19 -11

0 comment

3 changed files

pr created time in 11 days

push eventandymatuschak/awesome

Andy Matuschak

commit sha 8fbf7858efdd61e5d1e5889e310cb0a3ef526d4b

Added react-native-leveldown

view details

push time in 11 days

fork andymatuschak/awesome

An open list of awesome Level modules and resources.

fork in 11 days

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha e505b12f66a6fdabab095090533018f45d987ce7

Upgraded react-native

view details

push time in 11 days

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha 5be0a81685d38425d0afa031835c13c08ad781db

Fixed files list for publish

view details

Andy Matuschak

commit sha bb0f6000dcc24a0d1e51be920b81f8b2c4449d0e

v0.0.3

view details

Andy Matuschak

commit sha 92de6c1404397d360f7dfd466431ca8a7206f7ad

Include ios/ in npm package

view details

Andy Matuschak

commit sha 1c6fd93596dcef817c5eb2d4090b4d0e2a89ecb6

v0.0.4

view details

Andy Matuschak

commit sha d9c812920e144930d957a9aec424138e1b56a72f

Include podspec in published library

view details

Andy Matuschak

commit sha 29c43359b3e4ec40eee838f8a72dc87a84d2274d

v0.0.5

view details

Andy Matuschak

commit sha db1c5e1d09c1224c83708940d3f01435602c80e0

Added support for abstract-leveldown tests; fixed many small issues to pass the tests

view details

push time in 11 days

PR opened Level/subleveldown

Don't mutate arguments in SubIterator._next

This method mutates an argument and subsequently references arguments. In JS strict mode, the arguments symbol references a copy of the initial function arguments; it does not reflect mutations made to the arguments in the body of the function (see spec)—so the mutation is inadvertently dropped. I've fixed this issue by using the argument names directly rather than the arguments objects.

+1 -1

0 comment

1 changed file

pr created time in 11 days

push eventandymatuschak/note-link-janitor

Francisco Javier Martinez Lago

commit sha 29926c68aba387131ffdf61d7a6ea51df0dac180

Update readAllNotes.ts

view details

Andy Matuschak

commit sha a17cd89ee3e226718b86afcc94dc367c1a93f5c9

Merge pull request #5 from andymatuschak/note-link-janitor/master Adds missing parens

view details

push time in 19 days

PR merged andymatuschak/note-link-janitor

Adds missing parens

A merged PR introduced a bug as !entry.name.startsWith("." doesn't have closing parens.

This PR fixes that.

+1 -1

0 comment

1 changed file

edoreld

pr closed time in 19 days

PR merged andymatuschak/note-link-janitor

Only .md files processed

Makes is to that only files that end with ".md" are processed by the script.

+1 -1

0 comment

1 changed file

edoreld

pr closed time in 19 days

push eventandymatuschak/note-link-janitor

Francisco Javier Martinez Lago

commit sha a2d81e641d48ef6071132d0b8c367cb99e4563d1

Only .md files processed

view details

Andy Matuschak

commit sha cdd49e69c84fed6b58bffcdcf09c23ef1a394f44

Merge pull request #4 from edoreld/master Only .md files processed

view details

push time in 19 days

pull request commentandymatuschak/note-link-janitor

Only .md files processed

Sure, that's reasonable. Thanks!

edoreld

comment created time in 19 days

push eventandymatuschak/note-link-janitor

Andy Matuschak

commit sha 41b639384a2cc30d8f624c13e8a8c7a25c1775b3

added link to french localization

view details

push time in 24 days

issue commentprivacycg/storage-access

Way to know who to prompt for storage access in the first place

Oh sorry, when you said "open the login UI directly" I thought that meant there would be a login form directly inside the iframe. If you open your login UI in a popup, I think the compatibility measure means that you actually should have cookie access, even without requestStorageAccess.

Right, but I'm going the more baroque server-cookie + postMessage path because I've been duly warned that this compatibility measure is temporary and will go away. :) I wrote plenty of those warnings to developers myself when I worked on UIKit, so I wouldn't want to build new software which ignores one!

To clarify, if this were the case, then you would not be able to "clearly label the button as either "Connect to XXX" in the case of isLoggedIn but with restricted storage access, or as "Sign in" in the case of !isLoggedIn", right?

I'm sort of lucking out here, I guess. In my UI, it wouldn't make sense to present authentication UI until the user had already interacted. So I'd have a chance to silently check isLoggedIn before I need to present the authentication button. This seems like a pretty common configuration for the "social commenting widget" scenario.

Then, if isLoggedIn is true, I can label the button "Connect to XXX." Clicking it performs requestStorageAccess. If isLoggedIn is false, I label it "Sign in," and clicking it opens the login prompt.

It seems that the double-interaction of the permission prompt followed by a login popup is intentionally encouraged by design: https://github.com/privacycg/storage-access#the-user-is-not-yet-logged-in-to-the-embedee

Yikes. You're right, the double interaction is implied by that answer. That's an unacceptable user experience in my book, particularly since it's in the extra-sensitive onboarding path, and I'll certainly go to enormous lengths to avoid it.

I think you could actually avoid this double-interaction, though, by using the compatibility measure: instead of bothering with isLoggedIn or requestStorageAccess, you always open a popup and it either displays a login form, or if you're already logged-in it just has a button "Connect to XXX from YYY" (where YYY is the first-party).

That seems true! But involving a popup in every session—including the common-case happy path—is also unacceptable UX in my mind. Popups are quite disorienting and add a lot of friction. I definitely wouldn't use a popup at all if not for the 1P interaction requirement (I'd embed the login UI inline). I'd really like to create a zero-interruption "happy path" when users are signed in and have authorized security access.

~

FWIW, the UX impact here is so onerous that I've resigned myself to building a Safari Extension to ensure my users can avoid these frictions. Of course, many won't install it, so I still want to make the extension-less case as smooth as possible.

kushal

comment created time in a month

issue commentprivacycg/storage-access

Way to know who to prompt for storage access in the first place

One more thought, which could partially mitigate the privacy concerns: in terms of making a good user experience, it'd be fine if isLoggedIn() could be accessed in the 3P context only after user interaction! That restriction would make it much harder to accumulate a bit vector to fingerprint the user across many different embedded 3Ps.

kushal

comment created time in a month

issue commentprivacycg/storage-access

Way to know who to prompt for storage access in the first place

Ah, so, I present my login UI in a popup window (now first-party, navigated to my origin). The login request is made in that context, so the HttpOnly Secure cookie would be set in unpartitioned cookie storage. Back in the 3P opener, though, I suppose I'm asking that isLoggedIn query unpartitioned cookie storage, even if storage access is still restricted.

kushal

comment created time in a month

issue commentprivacycg/storage-access

Way to know who to prompt for storage access in the first place

@andymatuschak In case you haven't seen it, I think @johnwilander's comment on a precursor ticket applies to your case:

Yep, it does! Thank you for the pointer. In my case, I'm very happy to build the UI around this spec and its restrictions. The problem is that even in this greenfield context, I'm not sure how to build a good experience! But it's good to see @johnwilander open to isLoggedIn being available in this situation.

When they click "Sign in", wouldn't you still have to requestStorageAccess, so there's a double-interaction regardless? If you don't, you won't have any way to remember that they're signed-in when they visit a different site that embeds your widget.

If isLoggedIn is false, I wouldn't requestStorageAccess: I'd open the login UI directly, have it save an HttpOnly Secure cookie on completion, and use that to make subsequent requests.

kushal

comment created time in a month

issue commentprivacycg/storage-access

Way to know who to prompt for storage access in the first place

I'll add my own story from the field (ex-Apple here! hi! 👋) . I'm having great difficulty creating a good user experience in the context of Storage Access without something like this API. My use case is congruent to the social commenting widgets.

Once a user's begun an interaction with the 3P, they must authenticate to complete that interaction. It's possible that they've already authenticated, but we can't tell because storage access is restricted. Probably we want to do something like: first requestStorageAccess, then if we discover that the user has not logged in, present a login interface. But it's not clear how to present an affordance for that interaction to the user.

To label a button "Sign in" would be confusing because it may not actually ask the user to sign in! Instead it might present the requestStorageAccess agent permission UI, or if we can be granted access without permission and the user has previously signed in, it might result in the user being signed in with no further interaction. Still more confusing is the worst case, in which storage access is restricted but the user has not previously signed in: the user might first be prompted with the requestStorageAccess agent permission UI, and then with a login form. Quite disorienting, and quite a lot of interaction for a low-stakes embedded interface!

We could label such a button "Connect to XXX," and then the interaction would be less surprising, but the worst-case double-interaction is still awfully rough.

It would be a much smoother experience if we could requestStorageAccess only if the user isLoggedIn. That would handle the worst-case double interaction, and it would allow us to clearly label the button as either "Connect to XXX" in the case of isLoggedIn but with restricted storage access, or as "Sign in" in the case of !isLoggedIn.

Another strategy (which I suspect you all won't like!) would be an API which would allow the 3P to determine if requestStorageAccess would need to present a user approval UI. With this API, we could silently request access upon first user interaction if they'd previously approved access. That would at least handle the returning user happy-path case.

In any case, thank you all for what you're doing to protect users' privacy. There are some UI edge cases to work out here, but those are secondary to this important work.

kushal

comment created time in a month

pull request commentandymatuschak/note-link-janitor

Fix typo "s/by/be" in Readme

Thanks.

RiderOfGiraffes

comment created time in a month

push eventandymatuschak/note-link-janitor

RiderOfGiraffes

commit sha 5843f742f4401c874aa518a922e2322591507fc8

Fix typo "s/by/be" in Readme

view details

Andy Matuschak

commit sha 9576359d26ccf4458571b227b957ff19e36a7bee

Merge pull request #3 from andymatuschak/note-link-janitor/patch-1 Fix typo "s/by/be" in Readme

view details

push time in a month

startedmpiannucci/react-native-context-menu-view

started time in 2 months

issue closedandymatuschak/note-link-janitor

How to use this script in Bear note?

I noticed that your bear has backlinks. Do you use this script to generate that?

image

closed time in 2 months

forrestchang

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha b7176e7caa2c647a0b671ca332ff0274b401ceaa

v0.0.2

view details

push time in 2 months

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha 0f149a94e549e1c0835f4a8ef04b7e41e721cac6

Call callbacks on next tick

view details

push time in 2 months

push eventandymatuschak/react-native-leveldown

Andy Matuschak

commit sha eeec68ee76c0e555248cbe5abb67856878d61106

Removed spurious logs

view details

push time in 2 months

created tagandymatuschak/react-native-leveldown

tag0.0.1

Native bindings to LevelDB for React Native, exposed as leveldown-compatible interface

created time in 2 months

create barnchandymatuschak/react-native-leveldown

branch : master

created branch time in 2 months

created repositoryandymatuschak/react-native-leveldown

Native bindings to LevelDB for React Native, exposed as leveldown-compatible interface

created time in 2 months

issue commentinvertase/react-native-firebase

Build fails when targeting Mac (Project Catalyst)

Those APIs are deprecated and have been for several years. They represent a way to access assets via an older URL representation. Clients using those old-style URLs will need to migrate to the newer style URLs. The ReactNative sources using the older PHAsset APIs should throw in those branches #if TARGET_OS_MACCATALYST.

brunolemos

comment created time in 2 months

issue commentinvertase/react-native-firebase

Build fails when targeting Mac (Project Catalyst)

That does seem to be the case. My project only uses /firestore and /functions, but I was able to get it running without issue after disabling the deprecated PHAsset fetch.

brunolemos

comment created time in 2 months

push eventandymatuschak/subleveldown

Andy Matuschak

commit sha 41dd28eb78ff03b40a533f47cc73316e6db3efb2

Fix for reliance on mutating arguments object, which fails in strict mode

view details

push time in 2 months

fork andymatuschak/subleveldown

Split a levelup database into sublevels with their own keyspace, encoding and events.

fork in 2 months

more