29 Nov 2024

feedPlanet Plone - Where Developers And Integrators Write

Maurits van Rees: Lightning talks Friday

Bonnie Tyler Sprint

On 12 August 2026 there is a total solar eclipse that can be seen from Valencia, Spain. So we organise a sprint there.

This conference

We had 291 participants, 234 in person and 57 online. 13 Brazilian states (that is all of them), 14 countries.

24.5 percent women, was 13% in 2013, so that has gone up, but we are not there yet. Thank you to PyLadies and Django Girls for making this happen.

We had more than 80 presenters, about 30 lightning talks, lots of talk in the hall ways.

Thanks also to the team!

Ramiro Luz: Yoga time

Yoga exercise.

Rikupekka: University case student portal

We have a student portal at the university. But mostly:

Welcome to Jyväskylä university in Finald for Plone conference 2025, October 13-19!

Jakob: Beethovensprint

26-30 mei 2025 in Bonn, Duitsland.

Afterwards, on May 30 and June 1 there will be FedCon in Bonn, a SciFi convention.

Piero/Victor: BYOUI

Add-ons first development with @plone/registry. See https://plone-registry.readthedocs.io/

It allows for development that is framework agnostic, so it is not only for Plone. It is around configuration that can be extended and injected, which is tricky in most javascript frameworks.

Imagine it.

Ana Dulce: 3D printing

For a difficult model I had trust the process, it took a week, but it worked.

Renan & Iza: Python Brasil

We organised the Python Brasil conference from 16 to 23 October this year in Rio de Janeiro.

Next year 21-27 October in São Paulo.

Erico: Python Cerrado

31 July to 2 August 2025 is the next Python Cerrado conference.

29 Nov 2024 10:25pm GMT

Maurits van Rees: Paul Roeland: The value of longevity

Link to talk information on Plone conference website.

I work for the Clean Clothes Campaign: https://cleanclothes.org/

After three large disasters in factories in 2012 and 2013 with over 1000 deaths, it took three years to get an agreement with clothes manufacturers to get 30 million dollar compensation. It does not bring lives back, but it helps the survivors.

See Open Supply Hub for open data that we collected, for checking which brands are produced in which factories.

Documenting history matters. Stories must be told.

The global closing industry is worth around 1.8 trillion dollars, in a country that would put them on the 12th place in the world. 75 million workers.

Our strongest weapon: backlinks. We have links from OECD, UN, wikipedia, school curriculum, books. Especially those last two don't change ever, so you should never change urls.

Plone: enable the sitemap, please, why not by default? Create a good robots.txt. I weekly check Google Search console, looking for broken links. Tag early, tag often, great tool, even if you have an AI do it.

Our website: started 1998 written in Notepad, 2004 Dreamweaver, 2006 Bluefish, 2010 Joomla, 2013 Plone 4, 2020 Castle CMS (opinionated distribution of Plone, but does not really exist anymore) 2024 Plone 6 with Volto Light Theme (work in progress). Thank you kitconcept for all the help, especially Jonas.

Migrations are painful. Along the years we used wget to csv to SQL to csv, Python script, "Franken-mogrifier", collective.exportimport.

Lessons learned: stable urls are awesome, migrations are painful. Please don't try to salvage CSS from your old site, just start fresh in your new system. Do not try to migrate composite pages or listings.

What if your website does not provide an export? Use wget, still works and is better than httrack. sed/awk/regex are your friend. archivebox (WARC).

Document your steps for your own sanity.

To manage json, jq or jello can be used. sq is a Swiss knife for json/sql/csv. emuto is a hybrid between jq and GraphQL.

Normalize import/export. We have `plone.exportimport` in core now.

In the future I would like a plone exporter script that accepts a regex and exports only matching pages. Switch backends: ZODB, relstorage, nick, quantum-db. Sitewide search/replace/sed. Sneakernet is useful in difficult countries where you cannot send data over the internet: so export to a usb stick.

A backup is only a backup if it regularly gets restored so you know that it works.

  • Keeping content and URL stability is a superpower.
  • Assuming that export/import/backup/restore/migration are rare occurrences, is wrong.
  • Quick export/import is very useful.

Do small migrations, treat it as maintenance. Don't be too far behind. Large migrations one every five years will be costly. Do a small migration every year. Do your part. Clients should also do their part, by budgeting this yearly. That is how budgeting works. Use every iteration to review custom code.

Make your sites live long and prosper.

29 Nov 2024 8:58pm GMT

Maurits van Rees: Fred van Dijk: Run Plone in containers on your own cluster with coolify.io

Link to talk information on Plone conference website.

Sorry, I ran out of time trying to set up https://coolify.io

So let's talk about another problem. Running applications (stacks) in containers is the future. Well: abstraction and isolation is the future, and containers is the current phase.

I am on the Plone A/I team, with Paul, Kim, Erico. All senior sysadmins, so we kept things running. In 2022 we worked on containerisation. Kubernetes was the kool kid then, but Docker Swarm was easier. Checkout Erico's training with new cookieplone templates.

Doing devops well is hard. You have a high workload, but still need to keep learning new stuff to keep up with what is changing.

I want to plug Coolify, which is a full open source product. "Self-hosting with super powers." The main developer, Andras Bacsal, believes in open source and 'hates' pay by usage cloud providers with a vengeance.

Coolify is still docker swarm. We also want Kubernetes support. But we still need sysadmins. Someone will still need to install coolify, and keep it updated.

I would like to run an online DevOps course somewhere January-March 2025. 4-6 meetings of 2 hours, maybe Friday afternoon. Talk through devops and sysadmin concepts, show docker swarm, try coolify, etc.

29 Nov 2024 7:58pm GMT

Maurits van Rees: Ziming Yuan: How a Beginner Built an RSS Feed Provider in Volto

Link to talk information on Plone conference website.

I am studying computer science. This summer I have participated in the Google Summer of Code for Plone. Thank you to mentors Paul, Roeland and Mike!

I have built several full-stack web apps with React, but am new to open source.

What is RSS? It is Really Simple Syndication. It is used by websites to publish updated information, such as blog or news. It lets users decide what they read every day, instead of algorithms.

In Plone the RSS feed should use a catalog query to filter contents, for example a feed of science articles or of events.

For an RSS feed content type we could use a collection behavior or a blocks behavior with a listing block. The listing block is the way to go for Volto. So I did that. Plus extra fields like maximum title length and maximum description length.

I created a view component for the content type. Important is the Express middleware with which we got information from the backend.

We decided on `rss` as Node package for the feed. We looked at another newer one called `feed`, but it did not work for us or was missing features.

There were challenges for me as person new to Plone. Do I really understand the code? Often the answer is: no. For example ZCML? i18n? XML files in the profiles? There is a really nested structure. Create a new project, then you have backend / src / rss / src / rss, at least something very deeply nested. It was always confusing to me as I did not really know what should end up in git or in a release. The worst is that I don't know what are the most important files.

And what if my code fails, it was hard to understand errors on the front end. There are just too many things that may be the source of the error.

Another challenge: what if I want to create something new? The training lets you learn by example. But what does each line of the example code actually do? Are there other options?

Missing documentation: how do prevent the user from removing the title or rss block? We found out about initialBlocks per content type. And prevent adding new blocks? There is a feature disableNewBlocks, that could be set on an individual block, but what about doing this for all instances of this content type?

An overview of the code base would be good. How different components are connected, how different files work together. A guide about how to approach the source code, what files I should look at first.

For developers new to Plone: the source code is your friend, the Plone community is helpful, but be specific in the questions you ask, and tell what you have already tried.

Source code:

29 Nov 2024 6:52pm GMT

Maurits van Rees: Érico Andrei: Plone + pytest: Tips and tricks

Link to talk information on Plone conference website.

Plone loves tests. The first was committed in October 2002 by Sidnei da Silva. We have used lots of different testing framework. I like using pytest. The unittest framework was inspired by Java testing and you see it. pytest is simple and pythonic. It does dependency injection, which can look magical, okay. There is a large ecosystem of plugins. It has support for unittest. There is a Brazilian maintainer.

I have created pytest-plone, built upon zope.pytest. It provides fixtures and helpers. it is the default in cookieplone templates. Take a look at plone.distribution and plone.exportimport for examples.

Golden rules

If you need a Plone site in your test, you need to wrap your test in a class. That helps for not tearing down everything after every test. Start with a method that gets portal and probably get_fti, and use @pytest.fixture(autouse=True).

Use @parametrize to run the same test function with multiple inputs and output.

Use fixtures.

Trust and love pytest plugins. There are plugins for running the tests in random order, or in parallel. Code coverage is a plugin. You can start a docker container.

Use helpers in pytest-plone to check that your latest upgrade step matches the metadata profile version. Check that your add-on is installed.

plone-pytest 1.0 is coming. Small problem: the tests are breaking on Python 3.9.

Write more tests with less code. I will sprint on pytest-plone.

29 Nov 2024 6:52pm GMT

Maurits van Rees: Fabiano Weimar: Plone on Kubernetes

Link to talk information on Plone conference website.

Kubernetes (k8s) is an open source system for managing containerised applications It provides mechanisms for deployment and scaling. It is part of the Cloud Native Computing Foundation.

Kubernetes' benefits are scalability, fault tolerant, self-healing, efficient resource utilisation, declarative configuration, rich ecosystem.

Kubernetes basics:

  • pods: the smallest deployable unit of computing, consisting of one or more containers. Containers in one pod can talk with each other like they are all on localhost.
  • deployments: manage the replication and updates of pods
  • RepicaSets: manage a fixed number of identical pods.
  • StatefulSets: manage stateful apps, lik databases
  • Jobs: one-off tasks
  • CronJob: regular tasks
  • ConfigMap: store configuration data
  • Secrets: store sensitive information
  • PersistentVolumeClaims: request storage
  • PersistentVolumes: actual storage
  • Pod Disruption Budgets (pdb): limit the number of pods that can be unavailable at any given time, for example during upgrades, self-healing during disaster recovery.
  • Autoscaler: automatically scale the number of nodes in a cluster based on workload. Resource optimisation.
  • Ingress: routing external traffic to services, SSL termination, load balancing, caching, rate limiting.
  • Operator: software extensions to Kubernetes that make use of custom resources to manage applications and their components. Think of this as a human operator who would go in and do some stuff.

Plone components as Kubernetes resources:

  • Plone backend: StatefulSet
  • Plone frontend: Depoloyment
  • PostgreSQL: StatefulSet
  • Varnish: Deployment
  • nginx
  • cronjobs

Kubernetes for Devops. It has a steep learning curve. For your laptop you have microk8s and k3d so you have the Kubernetes api, although without the options that you would have with multiple machines. Basics: `apt install docker.io` and `snap install kubectl --classic` and `snap install heml --classic`. And read https://k3d.io/

At the Alpine City Sprint this year we worked on helm charts for Plone: https://github.com/plone/helm-charts/

Tips and tricks:

  • You can use ArgoCD to automatically do a deploy when something changes in a git repo. You need to configure this correctly of course.
  • Plone can do better on integration with proper observability tools like Grafana and Prometheus. For example, how can such tools get the logs when they are in multiple places.
  • Use ZODB with PostgreSQL and relstorage. I think it is the most stable implementation today.
  • Varnish Operator from IBM looks promising when you want to run multiple instances of varnish.
  • If you run the `test.sh` from Plone help charts this may use a lot of bandwidth downloading docker images. k3d supports import of docker images so they are in a cache.

29 Nov 2024 2:39pm GMT

Maurits van Rees: Rikupekka Oksanen: Building a secure video portal for researchers

Link to talk information on Plone conference website.

We needed a video platform for our university. Difficult, but we had a dev team of 8 with some architecture experience, so let's try. We did a successful POC in 2023.

We use: Plone 6, VideoJS player, Wowza streaming engine, Keycloak, WhisperX, Camunda 7, Nomad. Most important: open source and license free.

Security. We have it in a dedicated and separate server environment. All data is stored on own servers of the university. All data and files are encrypted. Plone is very secure. All transactions are logged. There is a process for data protection, and it has been reviewed and documented.

There was no definite deadline, which is both good and bad. We could focus on quality, but also needed to focus on other projects.

Now a nice working demo.

[Sorry, I was distracted by client work.]

29 Nov 2024 1:54pm GMT

Maurits van Rees: Melissa Weber Mendonça: Writing and maintaining friendly (and interesting) docs

Link to talk information on Plone conference website.

I do open source for a living now. No Plone, but scipy and other scientific libraries. I was at the Python/Plone Brasil conference in 2013. At that percent 10 percent of women at the conference. First Python conference with a code of conduct. I am very happy with that. This year at Python Brasil we had 30 percent women, so very different.

I was using scipy, numpy, and I like teaching, so the first thing I had to do at my job was documentation.

Who likes to write docs? Who writes the docs in your company/project? How often do you read the docs? How valuable is documentation for you?

I want to talk about information, tools, open source, and empathy and anti patterns.

Part 1: information

Some people like to say we are not living in the information age anymore, but in the content age.

Documentation can be narrative: tutorials, how-to guides, books. Also doc strings, code comments, code review comments. Video, talks, slides. Communications, social media. Internap processes, handbooks.

How do we use documentation? We can have various goals. Document technical decisions, explain code logic, a concept, a workflow, a process, structure. Help onboard new people. "You can set the tone for the project. Reach other people, communicate news, events, announcements. What binds it together is that we try to reach other people. This is a very human interaction.

Can you find what you are looking for? Curating information is important, the writer has a responsibility to signpost what is important. Search can be very useful. Keep in mind that people like to skim documentation pages, so help them quickly jump somewhere.

There can be a sea of information. Help people navigate this. We have more information than we can process as humans. Danger is that people find old information on the internet and then file bugs because it does not work. Having official documentation helps.

For organising your content, have a look at https://diataxis.fr. Four types of docs: tutorials, how-to, explanation, reference. This is not definitive, explore and choose one taxonomy that works for you.

Reader profiles: organise your target audience. Are you writing for beginner, experienced, sighted, student, non-dominant culture/language, a child, artist, scientist? Think about who your audience will most likely be. Take care of accessibility. Identify who your reader is and organize around this. When your docs talk about a person let it not always be a white male, be inclusive.

Part 2: tools define the docs that we write.

If you use Restructured text, you probably try to avoid adding links, because it is a difficult syntax.

Often nowadays projects have "docs as code". So if you use GitHub for your code, you will use issues and PRs for your documentation as well. Often this comes with docs-driven development: if it is not documented, it is broken or does not exist. Technical writers (if they are relevant in your context) may not be used to GitHub and have their own tools. Be careful with credit, authorship, and the limitations of your tools: people who contribute to docs deserve just as much credit as someone who contributes to the code.

Media: where are your docs? On a blog, web, book, in docstrings? Be mindful of how you present your information: audience, goals, voice.

Write/build the docs. As markup language you should look at MyST Markdown (the Plone documentation uses this too). Documentation engines; Sphinx, MkDocs, AsciiDoc, Quarto. More traditional approaches Confluence, Notion, plain text, docusaurus, GitBook/MdBook.

Share it. Is it help for a command line tool? A PDF (probably less links needed, as people may print it)? Web, a book, video, etc. Does your audience know where to find you?

Update the documentation. Your docs may be perfect, but then the code changes and the docs don't match anymore. This is especially hard for images and videos. If you can generate those automatically, that would be a very good idea. You may just need to do frequent reviews. And you may need to version your docs, that old and new versions can be found.

Invite. Interactive documentation draws people in. JupyterLite, PyScript, MyST JS. Translations help for people who are not so good in English. Create docs on how to contribute to the docs.

Part 3: open source documentation

What makes this different from other kinds of docs? So great, there is no boss, so no one can tell us what to do. Oh, but there is no one to tell us what to do, so I don't do know what to do.

You want to lead by example, write docs when you are a project lead. Not RTFM, but WTFM: write the fine manual. Make sure contributors are recognised, valued. You don't need to be an expert to start writing docs, preferably not even!

Onboarding: welcome new contributors. Docs are usually the first point of contact between users and your work. Be clear about prerequisites, unwritten rules push people away. In your project it may be perfectly fine to tell potential new documentation contributors that they need a decent knowledge of C code.

The practice: When there are meetings, committees, other in-person decisions, record this somewhere, make it available for the people who were not there.

The elephant in the room: should we use AI for docs, just let ChatGPT write them?

  • No: LLMs are frequently wrong, poisoned or non-sensical, telling you to call functions that have never existed.
  • Yes: LLMs can be useful to summarise information for a quick starting point. They can help you index information and identify patterns in your corpus.

Dont't rely entirely on AI tools. If you use them, be transparent about it. Agree on a policy, for example: don't accept PRs that were generated by AI.

Avoid ephemeral media like Discord. Don't say "this is easy", that just creates unnecessary anxiety. Don't use foo, bar, a, b: you can use long variable names, it is allowed.

Celebrate human intelligence. Writing documentation is an exercise in empathy. You are not your audience. Docs are living things, they will never be finished, it is okay to deliver something now, and update later.

"You can't teach people everything they need to know. The best you can do is position them where they can find what they need to know when they need to know it." Seymour Papert

https://github.com/melissawm

29 Nov 2024 1:15pm GMT

28 Nov 2024

feedPlanet Plone - Where Developers And Integrators Write

Maurits van Rees: Lightning talks Thursday

Martin Peeters: Plone Foundation membership

You can apply to become a member of the Plone Foundation membership. Use this form. Ask for help, especially if you are not so good in English. Don't be shy, we all suffer from imposter syndrome. If you are in this room, you probably should be a foundation member.

Paul: Sprints

In the weekend there are sprints. You don't need to be a programmer, there are lots of other things you can do. So join us this weekend.

Astrid: Democracy

There were lots of elections in democracies this year. Plone is also a democracy. Join a Plone team.

Subscribe to the Plone newsletter.

Donate

Alexander Loechel: Alpine City Sprint

The Alpine City sprint will happen in Innsbruck Austria, February 10-14.

See https://alpinecity.tirol/. Join us, and go skiing if you want.

Dante: Axolote sprint

Join us for this sprint in Mexico, June 23-27.

Erico: "Axolote was the best sprint this year by far."

Antoine: collective AI

This is a collection of packages that brings artificial intelligence in Plone. You can use it for generating summaries of articles. At IMIO plan a release in January. Contact us if you are interested.

Fred van Dijk: Site go live tips, tricks, checks, caveats

https://vmm.vlaanderen.be/ went live this morning. Went fine mostly, but of course there were issues.

The domain had to change from vmm.be to vmm.vlaanderen.be. There were absolute urls to this or a pre-production domain in some of the texts, so those need to be fixed. I did a search and replace to the blocks with a script.

Check settings in Analytics consoles, update the allowed domains.

We have iframe blocks. But where: we use collective.tileindex, meant for Classic UI tiles but reused for Volto blocks, so we know where they are.

Traefik: you can install a file provider.

Renan: electro magnetics and screws

I have a bachelor's degree in physics. I learned something about electro magnetism. An electric current going upwards, generates a magnetic field counter clockwise. Now you know which way to turn a screw driver.

Mohammed: GSoC student

This is my first Plone conference as a GSoC student. It is a global online program connecting students with open source programs. We get a mentor. It teaches us how to communicate and engage. You gave us a warm welcome at the conference, thank you. What I learned here, I did not learn in college. I'll be back. I will give a talk tomorrow about Hydra. I won't bore you, I promise.

Kim: Plone funding

You can sponsor Plone, donate to Plone.

I have been helping with sponsorships. It is 100 percent of our income. Here are our sponsors: https://plone.org/foundation/sponsorship/sponsors

You can also donate individually via GitHub: https://github.com/sponsors/plone

It is not only about us getting money. It is also about how it looks on GitHub: it helps if people there see that people are sponsoring us.

The money we have as foundation is stable. But what are we not doing? We could advertise more. Sponsor local sprints. Have some paid positions. What is the effect of not doing these things? We have a marketing team creating material, but it is not reaching a lot of people. Let's find creative way to raise funds. I will buy you a cerveza.

28 Nov 2024 9:54pm GMT

Maurits van Rees: David Glick: Cookieplone

Link to talk information on Plone conference website.

Cookieplone is a project generator for Plone. It has several templates to choose from: backend add-on, frontend add-on, project with both.

It is recommended for Volto 18 with Plone 6.0 or 6.1.

See the Plone documentation.

A brief history of Plone installers. What makes a good installer? Minimal: you don't want to need to install a bunch of things before you can use the installer. Reliable: works each time. Portable: works on your laptop and the server, Linux and Mac (and Windows hopefully). Easy to use, batteries included, flexible. Both easy to use and flexible can be hard to get right.

Why can't you just run `pip install Plone`? You can, then you have the Python packages. But then you need scripts, configuration, add-ons, databases, maintenance jobs, a front-end, etc.

Long time ago: download a tarball and unpack it. No dependency management.

Buildout came along, this handled dependency management, could create configuration and scripts using recipes. It has served us well. It has a bit of a learning curve. The reliability and portability could be a problem, especially when the server would be different from your laptop, or you did not pin all versions, or a package could no longer be downloaded.

Then we had the Unified Installer and Windows Installer. It was a wrapper around buildout, including all the needed packages and some scripts to make sure you had the right prerequisites.

plonecli / bobtemplates were more in the area of project scaffolds.

Somewhere in the past decade it become possible to install Plone with pip.

You can use Docker to install Plone. Less useful for development.

cookiecutter-plone-starter was the way to start with Volto and Plone 6. It would give you a Plone backend package and run a separate command to generate a Volto frontend.

And this year cookieplone. It was born in May this year during the Axolote sprint in Mexico City.

What is new compared to cookiecutter-plone-starter?

  • It is a mono repo for frontend and backend.
  • There are now minimal differences between an add-on and a project.
  • We now use pnpm-workspaces for the frontend, which helps if you want to try an unreleased version of a package like Volto.

How does it work? It is a wrapper around Cookiecutter, running several templates, and then some actions at the end: modifying some files or deleting files that you don't want. It has custom filters.

What if I prefer Buildout, or don't want Volto, prefer unittest over pytest? Partial answer: cookieplone is opinionated, so no. But we can talk about it. You can contribute. You can also fork it if your company has different opinions.

It is expected that the templates will evolve over time. We will fix bugs or do things differently. How can I update an existing project? You could generate a new one and then copy in the custom parts that you already have.

What's in progress:

  • GitLab pipeline
  • Support for bob templates has recently landed, with some commands to extend an already generated project.
  • Add a documentation section in the generated project.
  • Option to create a Plone distribution.
  • Use hatch for the backend.
  • Run via web-based UI or GitHub code spaces.

28 Nov 2024 8:44pm GMT

Maurits van Rees: Plone Foundation membership meeting

The Plone Foundation is a non-profit organization that exists to protect and promote Plone. We have an open annual meeting of the membership during the Plone conference. Some links:

Currently 92 active members from 22 countries. This year 45 new contributors really contributed to the Plone code repositories. We had Daniel, Mohammad and Ziming as Google Summer of Code students.

This week we had an election for board members, all four candidates have been chosen for a period of two years: Brian Davis, Gouveia, João Henrique, Martin Peeters, Rafahela Bazzanella. Thank you to Paul Roeland and Kim Paulissen for their service on the board. The other existing board members stay for another year.

28 Nov 2024 3:33pm GMT

Maurits van Rees: Mikel Larreategi: Multilingual Plone & Volto

Link to talk information on Plone conference website.

In our region we have Basque, Spanish and French as languages, with different official rights. So a multilingual approach is important.

Basic options that you have in Plone are to set a default language and other available languages. then you get a language switcher at the top of the page to choose the language of the UI. This is useful when you have basic needs.

You can also activate the multilingual add-on. This gives more options for multilingual content. For each language, a folder is created automatically and the user interface is shown in the language of that folder. This is useful when you have most content in the main language and then have secondary languages.

You can force using an admin language for the UI using the https://github.com/miohtama/silvuple add-on.

You can also choose real multilingual content: link all translations, for example go to a Spanish news item, select Basque as language, and you are redirected to the Basque version of this same news item.

Of course an editor needs to create the translations of those pages. In the toolbar (Classic UI) are extra options for adding a translation or linking existing content as a translation. When editing, you can use the "babel view" to see the original language on the left and the editable language on the right.

The translated pages are not special items: a translated news item is still a news item, not something special. You can move it, rename it, workflow it, etc.

You can link to the same content in all languages: there is a multilingual link that is shown in the toolbar. In the html head of the page, there are links to the other languages. This is useful for search engines.

If as a visitor you go to a Plone multilingual site for the first time, Plone accesses the language-switcher view. This looks at the Accept-Language header, at an I18N_LANGUAGE cookie, or falls back to the default language.

There are some glitches and problems for SEO. Language change urls are not direct. Sometimes Plone keeps showing a `?set_language=XX` parameter in the url, leading to duplicately indexed content.

How about Volto? You need to configure the backend as you would do in Classic UI. In the Volto config you need to add some settings, like `isMultilingual = true`.

Can we use automatic translation? Yes, there is an integration with Google Translate. You need to get an API key for that from Google, then it is available in the babel translate view. And in Volto? You can use ecityclic.google_translate.

This can work for Spanish, but in Basque the automatic translations are not so good. There are some external services you could use. We made a pull request to improve this.

There is an add-on with which you can force an admin language in case you deal with some languages that you really can't read: https://github.com/miohtama/silvuple

28 Nov 2024 3:00pm GMT

27 Nov 2024

feedPlanet Plone - Where Developers And Integrators Write

Maurits van Rees: Lightning talks Wednesday

Érico Andrei: PyTour 2024

There were five Python conferences in Brazil this year. Six with this one. If you visited all of them, that is more than 12 thousand kilometers. Two heroines visited them all!

Alexander Loechel: Secure your keys

You should only use key-based authentication for accessing servers via ssh. Use ssh-fido or ssh-resident keys. Don't store them on your machines. Get hardware keys. You can check with a command if your server supports these keys.

Alin Voinea: EEA and Plone

The EEA, European Environment Agency, is using Plone since at least 2006. In 2019 we jumped into Volto, Plone 6 in 2023, this year Volto 17.

We have 74 PyPI add-ons and 119 NPM add-ons, around 400 Docker images and 900 repositories on GitHub.

EEA has a design system, see https://eea.github.io/volto-eea-design-system/. That makes them not always work with the Volto Light Theme, but talk with us and we can look.

We use generative AI with Volto-chatbot to generate answers from all our Plone sites.

Kim: Plone user guide

Plone's user guide was written for Plone Classic. We wanted an updated version for the training: https://plone.org/userguide

This was done with https://scribehow.com/, a paid service. Can export to PDF, html.

Breno Brito: Speed run coding with AI

Demo. Prompt: make a beautiful to do app with Python and Flask.

Belisa: Eu te amo, pandas

I love you, pandas. I am working with some Brazilian data in an Excel file with 188 thousand rows. I import them using pandas and polars and compare how they do. With polars it takes 12 seconds to import. With pandas... still busy, so let's sing some karaoke. So I love you, pandas, but...

Mikel Larreategi: Translations

Plone translations are in the plone.app.locales package: https://github.com/collective/plone.app.locales/

Most translations in Volto also come from this package. Some specific translations are in Volto itself.

In the readme of plone.app.locales you can see a graph that shows how much in your language is translated. You can clone the repo and edit, or use online Weblate: https://hosted.weblate.org/projects/plone/

The documentation is here: https://6.docs.plone.org/i18n-l10n/contributing-translations.html

27 Nov 2024 9:59pm GMT

Maurits van Rees: Piero Nicolli: Bring your own front-end

Link to talk information on Plone conference website.

Volto is already almost ten years old. Things are moving in the frontend world.

We had a client request for something specific for tourists, with native look and feel, PWA support, multilingual, good performance and UX, accessible. Of course limited budget. It did not really need dynamic routes or the whole that Plone has to offer. But they did like to use Plone for this. But did not really look like a Volto project.

Bring your own frontend. There is Vite, but we already knew NextJS and had only short time so we went with it.

I felt it was faster for us to really start from scratch with a new layout, for this project. We used framer-motion for animated route changes. And used @plone/client, @plone/providers, @plone/components, Tailwind CSS, TypeScript.

react-aria actively helps you with accessibility, it logs warnings.

After a while they wanted dynamic routes anyway, so being able to create pages in a section of the site and they could get dynamically loaded, next to the static routes. Sure. We used @plone/registry.

What if... we would show the whole site? With the dynamic routes we were almost there anyway, we could show pages with blocks just fine.

Promise: we can run Plone in Next.JS. I am working on a template for that. Features/plan: config registry and add-ons, blocks, slots, fully dynamic routes, dynamic theme. Ideas and feedback are welcome here: https://github.com/plone/volto/pull/6442.

27 Nov 2024 8:52pm GMT

Maurits van Rees: Thijs Feryn: Varnish caching in Plone

Link to talk information on Plone conference website.

If your website is slow or is down, you lose money. How do you solve this. Some say: throw servers/money at the problem. Yes, this can work in the short term, but mo' money, mo' servers, mo' problems.

Optimize: make it faster: your Python, javascript, css, html. At some point you hit a limit.

Use caching. That is what we will talk about. Basic idea: why would you recompute if the data has not changed.

I am tech evangelist at Varnish software. I have a colleague here at the conference who speaks Portuguese, and a German colleague who speaks Spanish. So talk to them as well if you want.

New book by me: Varnish 6 by example.

The visitor of your site first gets sent to Varnish, and this either sends the request on to Plone, or serves a previous answer from its cache. That is basically how it works.

Everything that is static is easy to cache. We listen to any cache headers that are available in the request, or set by Plone in the response.

But by default, if the request has a cookie, we do not cache. But these days every website uses cookies! So we just have to deal with them properly.

You do this using the VCL language. This is a domain-specific language for Varnish only. It is not a top-down language, it builds on other settings, and you can write extra routines for this.

Let's talk about caching in problem. Disclaimer: I am not a Plone expert.

I have setup a Plone backend and Volto frontend locally with varnish, in Docker containers.

In the cache settings:

  • I see good things in here, you can enable caching.
  • Very good: you can set a url for purge requests.
  • A bit strange: you need to select which content types should be purged, I selected them all.
  • For various sorts of contents and files you can choose strong caching, moderate, weak or terse, which sets all kinds of cache headers, even some e-tags, which is cool.

E-tags are sent on again by the browser if it requests this again. Plone then checks this e-tag and if nothing has changed, it sends back a 304 Not Modified response.

What if we could store the e-tag somewhere, then you could return very fast maybe even without contacting the framework. Maybe this happens already.

Some of the rules use a Vary header, but I wonder if the Accept header is the best here. Also, watch out for filling the cache when an attacker makes request after request with a different Accept header. In Varnish we have an `accept` module that can help here.

Cache purging: on a PURGE request we clear the cache for a url. You allow this from a white list of IP addresses. Plone purges a lot of paths, but maybe not enough. I think the `/Plone` is missing from some urls. And some urls with query parameters are not purged.

I have written a VCL for this, but not sure if that is the way to go. What about tag-based cache invalidation instead? You can do that in the VCL with `add_key`. You can also strip off query parameters.

Also, you can mark things as required, instead of actively purging it. Note that you can also serve stale content while Varnish gets a fresh answer from Plone.

Can we set the stale-while-revalidate keyword in Plone, for the Cache-Control header? That could help.

Question: should you use the varnish load balancer or a specialised load balancer like haproxy? Answer: I am biased of course, but if you are already using Varnish, just use that. We have some advanced options.

Plone is already very advanced here in how it does caching. But look at the Vary Accept header, and at tag-based caching.

27 Nov 2024 8:20pm GMT

Maurits van Rees: Guido Stevens: Public Sector & Open Source: Natural Allies

Link to talk information on Plone conference website.

The worldwide Crowdstrike outage on Windows computers this year: crazy how such a thing can happen. I have better quality control than that! How resilient is our tech infrastructure?

What is the point of writing code if the world is going to pieces?

A short history of the internet revolution. The Berkeley software was started in the sixties. It grew a lot, in the nineties Web 1.0 started. Metcalfe's law: the value of each new connection increases.

Mandelbrot wrote The (mis)behavior of markets. From bell curve to power law or the long tail: a few people get very rich and most people get very poor. That happens in networked connections. People are more geared towards linear connections.

Web 2.0, in the 2000s, went from a read-only web, to a read-write web.

Trump, Brexit, Covid, they all rocked the world.

"Post-truth is pre-fascism", writes Timothy Snyder in On tyranny. You should read this.

Web 3.0 is skipped and we just have AI. AI will swamp the web with nonsense, and no one can find your content anymore.

I had higher hopes, too. I did not sign up for this dystopia. I have an MBA in environmental economics, done OSS web development for decades, am on the Plone Foundation, and founder of Quaive.

I wrote a book Systems of intent: Open source (Plone) plus knowledge management = Quaive. Quaive changes the Plone UI. It shows an activity stream, documents, news, personally configurable dashboard. It enables a shift in the company from top-down to bottom-up. Technology can also cause problems. But is technology the problem? Or is capitalism the problem? Resistance is not futile.

Chaos theory, butterfly effect: small acts can have huge effects. You and I are all complex individuals, complex systems. It is a shift from a clockwork universe to an alive universe. Emergence: on a higher level something more happens than what you can imagine looking at the lower levels.

Adrienne Maree Brown: Emergent strategy. Adaptive: constant change. Move at the speed of trust.

Principles:

  • Local autonomy. Have control over your technology.
  • Strive for technological excellence. Our stuff needs to be good and secure.
  • Networked agility: how we cooperate and coordinate effectively.
  • Community sharing: celebrate that we are not alone.

The clients that use Quaive may not be interested in our GPK license, but they do care about those principles.

Asterix: the whole of France is occupied? No, one corner not. Same now: Half of Belgium (the Walloon region) uses Plone in basically all their towns, supported by IMIO. We got into an agreement when I visited personally.

Technical detail: using Docker, IMIO was able to host 8 sites on a server where we previously could only host one site.

Think global, act local. Open source is not only free as in beer, but free as in freedom. The community makes this possible: Free as in community. Public sector and open source are natural allies.

27 Nov 2024 6:35pm GMT