Note: this is derived from the project plan prepared in relation to NLnet grant received by Haketilo/Hydrilla

Project plan Haketilo/Hydrilla

At the time of this writing the browser extension Haketilo and its repository, Hydrilla, have already
seen their initial 0.1 demo releases. Below is a plan for their further development that will use the
experience gained during initial prototyping to increase stability and supply functionalities that have
been missing or provisional only, as well as make the tools available to a wider audience, more
secure and easier to use.

1. Haketilo and Hydrilla 1.0 pre-release (#103)

Some big code changes to land in Haketilo and Hydrilla 1.0 will be available in a pre-release. The
pre-release will be made before delivery of several other side artifacts planned for 1.0.

Milestones

2. Haketilo and Hydrilla 1.0 release (#104)

This will be the first release since receiving the NLnet grant and the first non-demo
release, hence it includes many improvements in various fields.

Milestones
Estimated time

1.5 weeks

3. Distribution of Hydrilla and (when applicable) Haketilo in package managers (#106)

It is beneficial to have tools available in a format specific to various operating system distributions.
While the process of inclusion in official repositories is often a complex and lengthy one, preparing
the actual packages, as is the goal of this task, is a good first step to making that happen.

Milestones
Estimated time

2 weeks

4. Development of Hydrilla website part (#35)

A project's website makes its first impression, and therefore deserves special care. In our case the
website will be part of our software Hydrilla.

Milestones
Estimated time

2 weeks

5. Development of a user-controlled captcha client (#107)

Haketilo's goal is to give internet users control over their browsing. Replacing proprietary,
privacy-hostile client-side programs is part of that. A tool similar to the librecaptcha Python program
is needed, but in the form of a JavaScript library.

Milestones
Estimated time

3 weeks

6. Permissions system for Haketilo-supplied resources (#73)

Custom, user-supplied resources Haketilo may deploy on viewed pages might require looser
restrictions than those normally employed on pages. Or, they might allow for tighter security
mechanisms to be employed.

Milestones
Estimated time

2 weeks

7. Further means of user-controlled customization of sites (#108)

Besides the initial function of replacing sites' JavaScript it is also desired to facilitate supplying
additional data (e.g. images) and replacing other site components.

Milestones
Estimated time

3 weeks

8. 50 sample site resources for Haketilo (#109)

To build the community its purpose depends on, Hydrilla must be clearly ready for use. This
requires a representative, well-stocked library of packages.

Milestones
Estimated time

2 weeks

9. Hektilo LibrePlanet presentation (#110)

LibrePlanet is a conference organized by the Free Software Foundation (FSF). It is "an opportunity
to meet and interact with other people with both a technical and non technical background" and to
share experience.

Milestones

10. Localization of Haketilo and Hydrilla

To truly empower to web users all over the world, Haketilo, Hydrilla, and all associated materials
must be able to support languages from across the world.

Milestones
Estimated time

3 weeks

11. Security vetting of Haketilo and Hydrilla

As NLNet-funded projects, Haketilo and Hydrilla have the privilege of a security review from
Radically Open Security. To make use of this opportunity, we will ensure any findings provided are
properly addressed.

Milestones
Estimated time

2 weeks

12. Accessibility vetting of Haketilo and Hydrilla

To empower every web user, Haketilo and Hydrilla must support the interfaces they need.

Milestones
Estimated time

2 weeks

13. Manifest V3 Haketilo port

Although highly controversial, the Manifest V3 extension format seems unavoidable.

Milestones
Estimated time

4 weeks

14. Tighter testing of Haketilo

Testing in multiple browser environments is important to ensure stability of the extension.

Milestones
Estimated time

2 weeks

15. More thorough documentation of Haketilo and Hydrilla internals

With codebase refactored and stabilized, a worthy thing is to have it properly described for others
to hack on.

Milestones
Estimated time

2 weeks

16. Tooling for building of site resources

Simple scripts don't require building before distribution. Wasm modules and bigger libraries do. For
users to control the resources they use in Haketilo, there needs to be some well-defined way of
accessing the sources and repeating the build process.

Milestones
Estimated time

2 weeks

17. Package signing in Haketilo and Hydrilla

Haketilo uses encrypted HTTPS connections to query Hydrilla API. However, to boost the security
and enable use of mirrors, we plan to also use PGP signatures on site resources served.

Milestones
Estimated time

3 weeks

18. Support for custom meta-sites in Haketilo/Hydrilla

Allowing users to modify pages loaded by their browsers is our goal. Allowing them to aggregate
content from many sites on one page is a natural extension of it. Just as is allowing them to run
static web apps without having to trust some website serving them.

Milestones
Estimated time

3 weeks

19. Easier content management and editing within Haketilo (I)

Easy configuring and editing of site resource bundles is Haketilo's raison d'ĂȘtre. To definitively
meet this expectation, any shortcomings must be identified and rethought.

Milestones
Estimated time

2 weeks

20. Easier content management and editing within Haketilo (II)

The previously compiled plan and carefully-prepared user interface mocks will direct the
implementation efforts.

Milestones
Estimated time

2 weeks

21. REUSE specification compliance

License terms of software projects' files should be unambiguous and easy to analyze by humans
and computers alike. Compliance with the REUSE specification helps ensure that.

Milestones
Estimated time

1 week

22. Integrity constraints in Haketilo (optional)

One Haketilo custom site resource may depend on another, but initial versions of Haketilo did not
verify that dependencies are present. This and other sanity checks can be employed.

Milestones
Estimated time

1 week

23. Sample meta-sites for Haketilo/Hydrilla (optional)

Running a static webapp like litewrite by visiting its website relies on the security of TLS and
network connectivity. Having it packaged as a separate browser extension requires giving it
excessive permissions. Running it from an HTML file is inconvenient.

Milestones
Estimated time

3 weeks

24. Haketilo build system runnable from the browser (optional)

For portability of Haketilo's POSIX shell-based build system we avoided depending on Node.js,
NPM and similar tools. However, an even more portable alternative exists - to contain the build
system inside a standalone HTML page.

Milestones
Estimated time

2 weeks

25. User upload of content to Hydrilla website (optional)

To be able to easier gather and share custom site resources within the community, we need a
user-friendly platform.

Milestones
Estimated time

3 weeks

26. Further development of Hydrilla platform (optional)

Users should be able to share not only custom site resources but also their opinions about them.

Milestones
Estimated time

2 weeks

27. Facility for setting up Hydrilla repository mirrors (optional)

While allowing users to set up independent instances of Hydrilla gives them greater control over
site content they use, it does not by itself increase the robustness and maximum throughput of
Hydrilla platform. Enabling the use of mirrors does.

Milestones
Estimated time

2 weeks

28. 150 sample site resources for Haketilo (optional)

To maintain community growth and participation, Hydrilla's collection must be visibly alive and
evolve with Haketilo's feature set.

Milestones
Estimated time

2 weeks

29. 200 sample site resources for Haketilo (optional)

To maintain community growth and participation, Hydrilla's collection must be visibly alive and
evolve with Haketilo's feature set.

Milestones
Estimated time

2 weeks

30. Automated building of Haketilo source packages uploaded to Hydrilla (optional)

Requiring packagers to upload compiled code places an extra burden on them, and complicates
reproducibility. Hydrilla should be able to build from source packages.

Milestones
Estimated time

2 weeks

31. Self-documented Haketilo (optional)

Now matter how user-friendly the graphical interface is, an explanation of some of the concepts
might be needed. The next step, after having the documentation available on the project website,
is bundling it with the extension itself.

Milestones
Estimated time

2 weeks

32. Displaying Hypothesis annotations for given site (optional)

Haketilo makes site resources for websites you visit available in only a few clicks. It would be
useful to have the same capacity for comments. The established, libre https://hypothes.is/ provides
a framework for this.

Milestones
Estimated time

2 weeks

33. Automatic generation of independent browser extensions from Haketilo site resources (optional)

Haketilo's rich feature set might also be an inconvenience. It may be overwhelming or irritating to
some users and has a higher risk of breaking with newer browser versions than a simple extension
would have. Thus, an option to install just a single Haketilo resource in the browser would be
useful.

Milestones
Estimated time

2 weeks

34. Facility to automatically convert page's "native" scripts to a Haketilo resource (optional) (#6)

Haketilo gives users control over scripts being executed on a given web page. The scripts to be
used need to be defined in Haketilo as a resource. Doing this manually might be time-consuming
for a user who aims to use mostly the same JavaScript a website normally serves, but served from
within Haketilo.

Milestones
Estimated time

3 weeks

35. Use of a standalone JavaScript engine to perform unit tests in Haketilo (optional)

A Selenium-driven web browser is currently used to test parts of Haketilo. Those tests that don't
rely on browser APIs could as well be run outside of browser which would save time during tests.

Milestones
Estimated time

2 weeks

36. Supplemental anti-bot measures in Hydrilla (optional)

Limiting the number of allowed registrations and content uploads is our planned basic way to
prevent Hydrilla instances from being harmed by automated requests. Another measures can be
added to further improve platform's resilience.

Milestones
Estimated time

2 weeks

37. Support for external user authentication mechanisms in Hydrilla (optional)

It should be possible to run Hydrilla as part of a bigger web service. Users should be able to use
the same set of credentials for logging in in various parts of such service.

Milestones
Estimated time

1 week

38. Support for building Hydrilla and Haketilo using Autotools (optional)

The specificity of Haketilo and Hydrilla means a complex build system like Autotools is not
necessary. It could, however, be added as optional to supplement their simple build mechanisms.

Milestones
Estimated time

1 week

39. Evaluation of non-WebExtension platforms for the purpose of porting Haketilo (optional)

WebExtensions are really a convenient platform for developing software that empowers users. But
this platform is also tightly controlled by big organizations and has some serious limitations and
shortcomings.

Milestones
Estimated time

1 week

40. Development of the first non-WebExtension Haketilo port (optional)

Users suffer a vendor lock-in with few mainstream web browsers. Lack of their favorite extensions
is what stops them from switching to more user-controlled alternatives. Haketilo should not
contribute to that problem.

Milestones
Estimated time

7.5 weeks


  1. this very document 

  2. Haketilo Software Bill of Materials 

  3. Hydrilla Software Bill of Materials 

  4. commit 4c6a2323d90e9321ec2b78e226167b3013ea69ab 

  5. Hydrilla and Hydrilla builder repositories 

  6. JSON schemas repository 

  7. commit 1cb6aaae2055283d04aa0aa581e82addb8049ce4 and commit 363cbbb6a9fac49a377d8fa13ffede1483feabd5