Project

General

Profile

Roadmap » History » Version 27

koszko, 10/20/2022 11:52 AM
add "Upstream proxy configurable through Haketilo UI" task idea

1 26 koszko
# Haketilo/Hydrilla Roadmap
2 1 koszko
3
{{toc}}
4
5 26 koszko
## Planned tasks
6
This section lists tasks on which efforts are going to concentrate. It is not said that all of those tasks are being worked on at any given point in time. They are just considered to be potentially very beneficial when completed.
7 1 koszko
8 26 koszko
### Distribution of Hydrilla and Haketilo in package managers (#106)
9 1 koszko
10 20 koszko
It is beneficial to have tools available in a format specific to various operating system distributions.
11 15 koszko
While the process of inclusion in official repositories is often a complex and lengthy one, preparing
12 1 koszko
the actual packages, as is the goal of this task, is a good first step to making that happen.
13
14 26 koszko
##### To do
15 4 koszko
16 1 koszko
* .deb packaging of Haketilo and Hydrilla[^3_debian_packaging]
17 5 koszko
* Nix packaging of Hydrilla
18 4 koszko
* Pacman PKGBUILDs for Haketilo and Hydrilla
19 26 koszko
* ~~Guix packaging of Haketilo and Hydrilla~~
20 4 koszko
* RPM packaging of Haketilo and Hydrilla
21 23 koszko
22 1 koszko
[^3_debian_packaging]: [APT repository](http://hydrillarepos.koszko.org/apt/) and debian package git branches ([Hydrilla](/projects/hydrilla/repository/hydrilla?rev=debian-debian) and [Hydrilla builder](/projects/hydrilla/repository/hydrilla-builder?rev=debian-debian))
23 4 koszko
24 26 koszko
### Development of Hydrilla website part (#35)
25 1 koszko
26 22 koszko
A project's website makes its first impression, and therefore deserves special care. In our case the
27 23 koszko
website will be part of our software Hydrilla.
28 4 koszko
29 26 koszko
##### To do
30 4 koszko
31 1 koszko
* planning a site structure
32
* designing a landing page
33
* cross-reference with Hydrilla to ensure uniformity of design and compatibility with the on-disk format
34
* crafting of text, graphics, and any other media
35 4 koszko
* assembly of website
36
37 26 koszko
### Permissions system for Haketilo-supplied resources (#73)
38 1 koszko
39
Custom, user-supplied resources Haketilo may deploy on viewed pages might require looser
40
restrictions than those normally employed on pages. Or, they might allow for tighter security
41
mechanisms to be employed.
42 4 koszko
43 26 koszko
##### To do
44 4 koszko
45 1 koszko
* specification of a new revision of Hydrilla API and on-disk format with permissions support[^6_hydrilla_api]
46 26 koszko
* facility to limit domains for which a Haketilo-supplied script is allowed to perform unrestricted HTTP requests
47 1 koszko
* facility to specify what custom Content Security Policy should be used on a given pages (#88)
48
49
[^6_hydrilla_api]: [commit 7206db45f277c10c34d1b7ed9bd35343ac742d30](/projects/hydrilla/repository/hydrilla-json-schemas/revisions/7206db45f277c10c34d1b7ed9bd35343ac742d30)
50
51 26 koszko
### Further means of user-controlled customization of sites (#108)
52 1 koszko
53 4 koszko
Besides the initial function of replacing sites' JavaScript it is also desired to facilitate supplying
54 16 koszko
additional data (e.g. images) and replacing other site components.
55 4 koszko
56 26 koszko
##### To do
57 4 koszko
58
* facility to make arbitrary bundled data files accessible to Haketilo-supplied scripts (#69)
59 24 koszko
* facility to replace the entire interface of a web page with user-supplied HTML (#70)
60
* facility to add user-supplied CSS to a web page
61 1 koszko
* facility to add user-supplied fonts to a web page
62
63 26 koszko
### 50 sample site resources for Haketilo (#109)
64 4 koszko
65 1 koszko
To build the community its purpose depends on, Hydrilla must be clearly ready for use. This
66
requires a representative, well-stocked library of packages.
67
68 26 koszko
##### To do
69 1 koszko
70 4 koszko
* guide describing how to make and contribute custom site resources to Hydrilla
71 1 koszko
* at least 5 alternative site interfaces
72
* JavaScript of at least 10 free/libre web tools (like Etherpad, Ethercalc) repackaged to be run in a user-controlled way from Haketilo
73 4 koszko
* at least 50 different custom site resources in total
74 1 koszko
75 26 koszko
### Localization of Haketilo and Hydrilla
76 1 koszko
77
To truly empower to web users all over the world, Haketilo, Hydrilla, and all associated materials
78 24 koszko
must be able to support languages from across the world.
79 1 koszko
80 26 koszko
##### To do
81 4 koszko
82 24 koszko
* automatic content language negotiation on Hydrilla pages and the website
83
* language selection option on Hydrilla pages and the website
84 1 koszko
* internationalization of Haketilo (#51)
85
* language selection option in Haketilo
86
* Polish translation
87
88 26 koszko
### Tighter testing of Haketilo
89 1 koszko
90 26 koszko
Testing in multiple browser environments can help catch problems.
91 4 koszko
92 26 koszko
##### To do
93 1 koszko
94 26 koszko
* automated tests under each supported extension platform with at least 1 Firefox-based and Chromium-based platform
95
* integration tests of communication between Haketilo and a Hydrilla instance
96 1 koszko
97 26 koszko
### Tooling for building of site resources
98 4 koszko
99 26 koszko
Simple scripts don't require building before distribution. Wasm modules and bigger libraries do. We could benefit from a well-defined way of accessing the sources and repeating the build process.
100 1 koszko
101 26 koszko
Hydrilla builder currently allows contents of APT packages to be reused in Haketilo packages. This already partially achieves the goal, since APT/Debian have a well-defined way of building packages. On the other hand, it might be more practical to instead use GNU Guix for the tasks as its package definitions can usually be contained inside a single file and it has a friendlier learning curve.
102 1 koszko
103 26 koszko
##### To do
104 1 koszko
105 26 koszko
* specification of new version of Haketilo source package format which gives ability to specify other programs the build process depends on
106
* Hydrilla builder functionality to automatically build a Haketilo source package
107
### Package signing in Haketilo and Hydrilla
108 1 koszko
109 26 koszko
Haketilo uses encrypted HTTPS connections to query Hydrilla API. However, to boost the security
110
and enable use of mirrors, we plan to also use PGP signatures on site resources served.
111 1 koszko
112 26 koszko
##### To do
113 1 koszko
114 26 koszko
* specification of a new revision of Hydrilla API and on-disk format with PGP signatures support
115
* tool for batch signing of site resources
116
* Hydrilla support for serving PGP signatures
117
* Haketilo support for downloading and verifying PGP signatures
118
* facility to manage trusted public keys within Haketilo
119 1 koszko
120 26 koszko
### Support for custom meta-sites in Haketilo/Hydrilla
121 1 koszko
122 26 koszko
Allowing users to modify pages loaded by their browsers is our goal. Allowing them to aggregate
123
content from many sites on one page is a natural extension of it. Just as is allowing them to run
124
static web apps without having to trust some website serving them.
125 4 koszko
126 26 koszko
##### To do
127 1 koszko
128 26 koszko
* specification of a new revision of Hydrilla API and on-disk format with meta-sites support
129
* support for meta-sites in Hydrilla and Haketilo (#72)
130 4 koszko
131 26 koszko
### REUSE specification compliance
132 4 koszko
133 26 koszko
License terms of software projects' files should be unambiguous and easy to analyze by humans
134
and computers alike. Compliance with the REUSE specification helps ensure that.
135 1 koszko
136 26 koszko
##### To do
137 1 koszko
138 26 koszko
* ~~REUSE compliance in Haketilo&Hydrilla repository~~ (done)
139
* REUSE compliance in project website repository
140
* ~~REUSE compliance in custom site resources repository(ies)~~ (done)
141 4 koszko
142 26 koszko
## Extra task ideas
143
This section lists tasks that could be considered in the future but which are not currently being worked on. In general, tasks on this list are considered to have higher amount-of-work:usefulness ratio than those in the [[#Planned tasks|Planned tasks]] section.
144 1 koszko
145 27 koszko
### Upstream proxy configurable through Haketilo UI
146
It is currently possible to use [proxychains](https://github.com/rofl0r/proxychains-ng) to tunnel Haketilo traffic through yet another proxy. This can be for example a [Tor](https://www.torproject.org/) SOCKS proxy. Chaining Haketilo with other proxies could be made more convenient, especially for non-technical users. It can be achieved for example by integrating proxychains into Haketilo as a dependency.
147
148 26 koszko
### Haketilo site resources available as GreaseMonkey user scripts (when applicable)
149
Haketilo in general aims to do something different than GreaseMonkey does. Despite that, some scripts distributed through Hydrilla could probably be also useful to GreaseMonkey users.
150 1 koszko
151 26 koszko
### More thorough documentation of Haketilo and Hydrilla internals
152 17 koszko
153
With codebase refactored and stabilized, a worthy thing is to have it properly described for others
154 1 koszko
to hack on.
155
156 26 koszko
##### To do
157 4 koszko
158 1 koszko
* graphical diagram(s) describing execution contexts in Haketilo and the way scripts running in various context communicate
159 4 koszko
* graphical diagram(s) describing the algorithm for querying by Haketilo URL patterns
160 1 koszko
* comprehensive description of strategies employed and APIs used for replacing scripts and CSP in Haketilo
161
* graphical diagram describing how entities (resources, mappings, licenses) depend on each another
162
* docstring documentation of every Python function
163
* HTML documentation generated from Python source code
164 26 koszko
* ~~JSDoc description of every Haketilo JavaScript function exported from file~~ (not applicable to Haketilo proxy)
165
* ~~HTML documentation generated from JavaScript source code~~ (not applicable to Haketilo proxy)
166 1 koszko
167 26 koszko
### Sample meta-sites for Haketilo/Hydrilla
168 4 koszko
169 26 koszko
Running a static webapp like litewrite by visiting its website relies on the security of TLS and
170
network connectivity. Having it packaged as a separate browser extension requires giving it
171
excessive permissions. Running it from an HTML file is inconvenient.
172 4 koszko
173 26 koszko
##### To do
174 1 koszko
175 26 koszko
* at least 5 existing webapps packaged as meta-sites
176
* at least 5 meta-sites aggregating content from various client websites
177 4 koszko
178 26 koszko
### User upload of custom site resources to Hydrilla website
179 4 koszko
180 26 koszko
To be able to easier gather and share custom site resources within the community, we need a
181
user-friendly platform.
182 4 koszko
183 26 koszko
##### To do
184 4 koszko
185 26 koszko
* registrations on a Hydrilla instance
186
* upload of custom site resources to a Hydrilla instance
187
* facility to easily and efficiently moderate the content uploaded by users
188 4 koszko
189 26 koszko
### Facility for setting up Hydrilla repository mirrors
190 1 koszko
191 26 koszko
While allowing users to set up independent instances of Hydrilla gives them greater control over
192
site content they use, it does not by itself increase the robustness and maximum throughput of
193
Hydrilla platform. Enabling the use of mirrors does.
194 4 koszko
195 26 koszko
##### To do
196 1 koszko
197 26 koszko
* support for setting up and automatically synchronizing Hydrilla mirrors
198
* support for announcing available mirrors in Hydrilla
199
* support for fetching repository mirrors list in Haketilo
200
* support for distributing requests over multiple repository mirrors in Haketilo
201
* documentation
202 4 koszko
203 26 koszko
### Self-documented Haketilo
204 4 koszko
205 26 koszko
Now matter how user-friendly the graphical interface is, an explanation of some of the concepts
206
might be needed. The next step, after having the documentation available on the project website,
207
is bundling it with the extension itself.
208 4 koszko
209 26 koszko
##### To do
210 4 koszko
211 26 koszko
* ~~Haketilo popup self-documented inline~~ (not applicable to Haketilo proxy)
212
* Haketilo settings page self-documented inline
213
* documentation included as extension-bundled HTML pages
214 4 koszko
215 26 koszko
### Automatic generation of independent browser extensions from Haketilo site resources
216 4 koszko
217 26 koszko
Haketilo's rich feature set might also be an inconvenience. It may be overwhelming or irritating to
218
some users and has a higher risk of breaking with newer browser versions than a simple extension
219
would have. Thus, an option to install just a single Haketilo resource in the browser would be
220
useful.
221 4 koszko
222 26 koszko
##### To do
223 4 koszko
224 26 koszko
* automatic generation of Firefox WebExtensions from Haketilo site resources
225
* automatic generation of Chromium ManifestV3 WebExtensions from Haketilo site resources
226 4 koszko
227 26 koszko
### Facility to automatically convert page's "native" scripts to a Haketilo resource (#6)
228 4 koszko
229 26 koszko
Haketilo gives users control over scripts being executed on a given web page. The scripts to be
230
used need to be defined in Haketilo as a resource. Doing this manually might be time-consuming
231
for a user who aims to use mostly the same JavaScript a website normally serves, but served from
232
within Haketilo.
233 4 koszko
234 26 koszko
##### To do
235 4 koszko
236 26 koszko
* automatic conversion of page's inline scripts in a Haketilo resource
237
* inclusion of page's external scripts in generated resource
238
* inclusion of page's intrinsic JavaScript events in generated resource (#7)
239
* displaying warnings when a site's JavaScript is known to use mechanisms that might stop
240
  such automatic package from working properly
241 4 koszko
242 26 koszko
### Support for building Hydrilla and Haketilo using Autotools
243 4 koszko
244 26 koszko
The specificity of Haketilo and Hydrilla means a complex build system like Autotools is not
245
necessary. It could, however, be added as optional to supplement the Python build system used.
246 4 koszko
247 26 koszko
##### To do
248 4 koszko
249 26 koszko
* Haketilo&Hydrilla buildable with Autotools
250
* Haketilo&Hydrilla out-of-source builds possible
251 4 koszko
* Haketilo&Hydrilla tarball producible with a make rule
252
253 26 koszko
## Completed tasks
254
Section title leaves no need for additional explanation.
255 4 koszko
256 26 koszko
### Haketilo and Hydrilla 1.0 pre-release (#103)
257
Some big code changes to land in Haketilo and Hydrilla 1.0 will be available in a pre-release. The
258
pre-release will be made before delivery of several other side artifacts planned for 1.0.
259 4 koszko
260 26 koszko
##### To do
261
* ~~project plan~~[^1_prplan]
262
* ~~tentative software bill of materials~~[^1_bom_haketilo][^1_bom_hydrilla]
263
* ~~use of registerContentScript API in Firefox Haketilo port~~ (#92)[^1_haketilo_buildable_again]
264
* ~~move to the new Hydrilla JSON API prototyped at [https://hydrillabugs.koszko.org/projects/hydrilla/wiki/Repository_API
265
](/projects/hydrilla/wiki/Repository_API)~~[^1_haketilo_buildable_again]
266
* ~~most WebExtension storage.local uses replaced with IndexedDB~~ (#98)[^1_haketilo_buildable_again]
267
* ~~Python implementation of Hydrilla~~[^1_python_hydrilla]
268 4 koszko
269 26 koszko
[^1_prplan]: [[Roadmap|this very document]]
270
[^1_bom_haketilo]: [[Haketilo Software Bill of Materials]]
271
[^1_bom_hydrilla]: [[hydrilla:Hydrilla Software Bill of Materials]]
272
[^1_haketilo_buildable_again]: [commit 4c6a2323d90e9321ec2b78e226167b3013ea69ab](/projects/haketilo/repository/haketilo/revisions/4c6a2323d90e9321ec2b78e226167b3013ea69ab)
273
[^1_python_hydrilla]: [Hydrilla](/projects/hydrilla/repository/hydrilla) and [Hydrilla builder](/projects/hydrilla/repository/hydrilla-builder) repositories
274 4 koszko
275 26 koszko
### Haketilo and Hydrilla 1.0 release (#104)
276
This will be the first release since receiving the NLnet grant and the first non-demo
277
release, hence it includes many improvements in various fields.
278 4 koszko
279 26 koszko
##### To do
280
* ~~basic automated Haketilo tests using Selenium and a Firefox-based web browser~~ (#66)
281
* ~~JSON schemas describing Hydrilla on-disk resource format, Hydrilla HTTP API and other JSON interfaces in use~~[^2_schemas_repo]
282
* ~~validation of all external JSON data in Haketilo and Hydrilla using included JSON schemas~~ (#105)[^2_schemas_used_haketilo]
283
* ~~sample Apache2 configuration file for use with Hydrilla~~ (#55)[^2_apache2_configs_added]
284
* ~~detailed documentation for installation and running of Hydrilla~~ (#55)[^2_hydrilla_user_manual]
285
* ~~manpage for Hydrilla~~ (#55)[^2_manpages]
286 4 koszko
287 26 koszko
[^2_schemas_repo]: [JSON schemas](/projects/hydrilla/repository/hydrilla-json-schemas) repository
288
[^2_schemas_used_haketilo]: [commit 57ce414ca81682a71288018a4d9001604002ec23 ](/projects/haketilo/repository/haketilo/revisions/57ce414ca81682a71288018a4d9001604002ec23)
289
[^2_apache2_configs_added]: [commit ea6afb92048c835752fe1c72ad52f424e2df88a8](/projects/hydrilla/repository/hydrilla/revisions/ea6afb92048c835752fe1c72ad52f424e2df88a8)
290
[^2_hydrilla_user_manual]: [[hydrilla:User manual]]
291
[^2_manpages]: [commit 1cb6aaae2055283d04aa0aa581e82addb8049ce4](/projects/hydrilla/repository/hydrilla/revisions/1cb6aaae2055283d04aa0aa581e82addb8049ce4) and [commit 363cbbb6a9fac49a377d8fa13ffede1483feabd5](/projects/hydrilla/repository/hydrilla-builder/revisions/363cbbb6a9fac49a377d8fa13ffede1483feabd5)
292 4 koszko
293 26 koszko
### Development of a user-controlled captcha client (#107)
294 4 koszko
295 26 koszko
Haketilo's goal is to give internet users control over their browsing. Replacing proprietary,
296
privacy-hostile client-side programs is part of that. A tool similar to the librecaptcha Python program
297
is needed, but in the form of a JavaScript library.
298 4 koszko
299 26 koszko
##### To do
300 4 koszko
301 26 koszko
* ~~facility for Haketilo-supplied scripts to bypass CORS~~[^5_bypass_cors]
302
* ~~free/libre JavaScript library for solving reCAPTCHA challenges~~[^5_recaptcha_client]
303
* ~~sample Haketilo resource making use of the library on a chosen website~~[^5_recaptcha_client_sample_script]
304 4 koszko
305 26 koszko
[^5_bypass_cors]: [Haketilo release v2.0-beta1](/news/13)
306
[^5_recaptcha_client]: [Hacktcha release 2022.6.21](https://git.koszko.org/haketilo-packages/hacktcha/tag/?h=v2022.6.21)
307
[^5_recaptcha_client_sample_script]: [Hacktcha demo script](https://git.koszko.org/haketilo-packages/hacktcha/tree/captcha-demo.js?h=v2022.6.21)
308 4 koszko
309 26 koszko
### Haketilo LibrePlanet presentation (#110)
310 4 koszko
311 26 koszko
LibrePlanet is a conference organized by the Free Software Foundation (FSF). It is "an opportunity
312
to meet and interact with other people with both a technical and non technical background" and to
313
share experience.
314 4 koszko
315 26 koszko
##### To do
316 4 koszko
317 26 koszko
* ~~applied to LibrePlanet 2022~~
318
* ~~prepared presentation about giving users back the control over web browsing~~
319
* ~~made the presentation at LibrePlanet 2022 (if accepted there) or posted a video presentation on Haketilo website (as a fallback case)~~[^lp2022]
320 4 koszko
321 26 koszko
[^lp2022]: https://libreplanet.org/2022/speakers/#5790
322 4 koszko
323 26 koszko
### Integrity constraints in Haketilo
324 4 koszko
325 26 koszko
One Haketilo custom site resource may depend on another, but initial versions of Haketilo did not
326
verify that dependencies are present. This and other sanity checks can be employed.
327 4 koszko
328 26 koszko
##### To do
329 4 koszko
330 26 koszko
* ~~dependency checks when "installing" or upgrading a custom resource in Haketilo~~
331
* ~~dependency checks when removing a custom resource from Haketilo~~
332
* ~~facility for cascade removal~~
333
* ~~validation of Haketilo URL patterns and other values typed in by the user~~
334 4 koszko
335 26 koszko
## Tasks that have been put aside
336 4 koszko
337 26 koszko
This section describes tasks that were once in the roadmap but which will not be specifically worked on. Tasks might have landed here for various reasons. It might be that they are too complicated to complete, too far-reaching or that their completion relied on actions of some other party. Regardless of the cause, the tasks are listed here for documentation purposes.
338 4 koszko
339 26 koszko
### Security vetting of Haketilo and Hydrilla
340 4 koszko
341 26 koszko
As NLNet-funded projects, Haketilo and Hydrilla have the privilege of a security review from
342
Radically Open Security. To make use of this opportunity, we will ensure any findings provided are
343
properly addressed.
344 4 koszko
345 26 koszko
##### To do
346 4 koszko
347 26 koszko
* action on any recommendations or other findings
348
* report of how each finding from the vetting was addressed, and why
349
* note of any key issues in the developer documentation, in order to avoid repetition in the future
350 4 koszko
351 26 koszko
### Accessibility vetting of Haketilo and Hydrilla
352 4 koszko
353 26 koszko
To empower every web user, Haketilo and Hydrilla must support the interfaces they need.
354 4 koszko
355 26 koszko
##### To do
356 4 koszko
357 26 koszko
* action on any recommendations or other findings
358
* report of how each finding from the vetting was addressed, and why
359
* note of any key issues in the developer documentation, in order to avoid repetition in the future
360
* certified WCAG accessible
361 4 koszko
362 26 koszko
### Manifest V3 Haketilo port
363 4 koszko
364 26 koszko
Although highly controversial, the Manifest V3 extension format seems unavoidable.
365 4 koszko
366 26 koszko
##### To do
367 4 koszko
368 26 koszko
* background page replaced with Service Workers
369
* blocking webRequest operations replaced with declarativeNetRequest
370
* Haketilo working under a Chromium-based browser as a Manifest V3 extension
371 4 koszko
372 26 koszko
### Easier content management and editing within Haketilo (I)
373 4 koszko
374 26 koszko
Easy configuring and editing of site resource bundles is Haketilo's raison d'être. To definitively
375
meet this expectation, any shortcomings must be identified and rethought.
376 4 koszko
377 26 koszko
##### To do
378 4 koszko
379 26 koszko
* testing with untrained users/consultation with "UX experts"
380
* identified annoying quirks/problems
381
* comparison with UIs of similar extensions
382
* designed alternatives to identified problems
383
* user interface mock
384
* a compiled plan for UI changes
385 4 koszko
386 26 koszko
### Easier content management and editing within Haketilo (II)
387 4 koszko
388 26 koszko
The previously compiled plan and carefully-prepared user interface mocks will direct the
389
implementation efforts.
390 4 koszko
391 26 koszko
##### To do
392 4 koszko
393 26 koszko
* new Haketilo settings page interface implementation following the plan
394
* new Haketilo popup page implementation following the plan
395
* automated Haketilo GUI tests
396 4 koszko
397 26 koszko
### Haketilo build system runnable from the browser
398 4 koszko
399 26 koszko
For portability of Haketilo's POSIX shell-based build system we avoided depending on Node.js,
400
NPM and similar tools. However, an even more portable alternative exists - to contain the build
401
system inside a standalone HTML page.
402 4 koszko
403 26 koszko
##### To do
404 4 koszko
405 26 koszko
* JavaScript-based build system in an HTML page (#47)
406
* facility to run the JavaScript-based build system from the command line
407 4 koszko
408 26 koszko
### Further development of Hydrilla platform
409
410
Users should be able to share not only custom site resources but also their opinions about them.
411
412
##### To do
413
414
* support for user comments
415
* support for user ratings
416
* support for flagging site resources that are broken or have other issues
417
* development of comment quality control systems and policies
418
419
### 150 sample site resources for Haketilo
420
421 4 koszko
To maintain community growth and participation, Hydrilla's collection must be visibly alive and
422
evolve with Haketilo's feature set.
423
424 26 koszko
##### To do
425 4 koszko
426
* at least 20 alternative site interfaces
427
* at least 20 existing webapps packaged as meta-sites
428
* at least 150 custom site resources in total
429
430 26 koszko
### 200 sample site resources for Haketilo
431 16 koszko
432 4 koszko
To maintain community growth and participation, Hydrilla's collection must be visibly alive and
433
evolve with Haketilo's feature set.
434
435 26 koszko
##### To do
436 4 koszko
437
* at least 20 accessibility-improving site changes
438
* at least 10 meta-sites aggregating content from various client websites
439
* at least 200 custom site resources in total
440
441 26 koszko
### Automated building of Haketilo source packages uploaded to Hydrilla
442 4 koszko
443
Requiring packagers to upload compiled code places an extra burden on them, and complicates
444
reproducibility. Hydrilla should be able to build from source packages.
445
446 26 koszko
##### To do
447 4 koszko
448
* Hydrilla automated resource builds feature
449
* security consultation of the feature
450
451 26 koszko
### Displaying Hypothesis annotations for given site
452 4 koszko
453
Haketilo makes site resources for websites you visit available in only a few clicks. It would be
454
useful to have the same capacity for comments. The established, libre https://hypothes.is/ provides
455
a framework for this.
456
457 26 koszko
##### To do
458 4 koszko
459
* support for displaying current site's Hypothesis annotations in the popup
460
* support for adding adding Hypothesis annotations in Haketilo
461
462 26 koszko
### Use of a standalone JavaScript engine to perform unit tests in Haketilo
463 4 koszko
464
A Selenium-driven web browser is currently used to test parts of Haketilo. Those tests that don't
465
rely on browser APIs could as well be run outside of browser which would save time during tests.
466
467 26 koszko
##### To do
468 4 koszko
469
* selected the JavaScript engine to use for testing
470
* facilitated writing Haketilo tests against the chosen engine
471
* applicable existing tests modified to be run without a web browser
472
473 26 koszko
### Supplemental anti-bot measures in Hydrilla
474 4 koszko
475
Limiting the number of allowed registrations and content uploads is our planned basic way to
476
prevent Hydrilla instances from being harmed by automated requests. Another measures can be
477
added to further improve platform's resilience.
478
479 26 koszko
##### To do
480 4 koszko
481
* email-verified registrations
482
* selected an ethical, privacy-friendly captcha solution
483
* implementation of the chosen captcha solution
484
485 26 koszko
### Support for external user authentication mechanisms in Hydrilla
486 4 koszko
487
It should be possible to run Hydrilla as part of a bigger web service. Users should be able to use
488
the same set of credentials for logging in in various parts of such service.
489
490 26 koszko
##### To do
491 4 koszko
492
* selected an authentication mechanism to support
493
* implementation of the feature
494
495 26 koszko
### Evaluation of non-WebExtension platforms for the purpose of porting Haketilo
496 4 koszko
497
WebExtensions are really a convenient platform for developing software that empowers users. But
498
this platform is also tightly controlled by big organizations and has some serious limitations and
499
shortcomings.
500
501 26 koszko
##### To do
502 4 koszko
503
* evaluation of existing Webkit-based browsers
504
* evaluation of XUL extensions platform still used in some Firefox forks
505
* prepared evaluation report
506
507 26 koszko
### Development of the first non-WebExtension Haketilo port
508 4 koszko
509
Users suffer a vendor lock-in with few mainstream web browsers. Lack of their favorite extensions
510
is what stops them from switching to more user-controlled alternatives. Haketilo should not
511
contribute to that problem.
512
513 26 koszko
##### To do
514 4 koszko
515
* selection of a target platform based on previous evaluation
516
* specification of tasks
517
* development roadmap
518
* prototype
519
* automated tests
520
* developer documentation
521
* user documentation