eww can haz font

After some help from Eli, I now have a proof of concept of rendering HTML with proportional fonts in Emacs.  The main difficulty is, of course, doing line folding on a pixel basis instead of a word basis, and lining stuff up in tables.

Here’s how my test page looked before these changes:

variable5And now with a variable-width font:

variable1So pretty!

Let’s have a look at a couple of real-life pages.  Duck Duck Go:

variable2

And Wikipedia:

variable4 variable3

It’s kinda starting to resemble a real browser, if you squint at it.  After more than a couple of beers.

It’s just a proof of concept, so far.  There is, of course, lots of twiddling to be done with <pre>, font style sheets and stuff, but the main issue that has to be addressed is speed.  At the moment, it’s quite slow.  I suspect we’ll have to add a C-level function that can say “what pixel column am I at now”, because the Emacs Lisp version I’ve cobbled together isn’t effective enough.

One Touch Maintainin’

Emacs gets a lot of very nice, but quite simple patches that take quite a lot of keystrokes to process.  It’s hard on the fingers, and you always forget various bits.

So I wondered how simple it could be, and hacked up this workflow tonight.

You start in the debbugs-gnu buffer, as always, narrowed down to the patches with `C-u / patch’ and perhaps an `x’.

patch0

Select a likely message with `RET’.

patch1

Then the fun begins with the new `M-m’ command.  It determines whether the patch is in the MIME attachments or just included in the message, applies it, and displays the diffs and possibly any rejected hunks.  It also does a `compile’ in the lisp directory so that we see that things are OK.

patch2

Everthing is hunky dory, so we just hit `M-m’ again to go to the changed file.

patch3

Here we can imagine that we do some clean-up, but this patch is perfect, so we just hit `M-m’ again.  This pops us into the ChangeLog with the correct user name, and the bug number appended.  If the user has never had any non-“tiny change” code in Emacs before, “(tiny change)” is appended automatically.

patch4

But there’s one non-tiny change from this user before, so no (tiny change), and we just type in an entry.

patch5

Then `M-m’.  This pops us to the top-level checkin buffer, filled out with the right data.

patch6

And then just type in a summary and `C-c C-c’, and you’re done.

Ok, it’s not a one click solution, but it’s better than…  doing all this by hand.

Or using a web browser.

The Emacs Network Security Manager

Emacs 25 will have a network security manager. You know — the thing that nags you when you visit https pages with invalid certificates and annoys all y’all so much.

firefox
The Firefox security manager

Yay.

Designing a thing like that is a minefield. On one hand, you have professional security professionals who seem to insist that the sky is constantly falling and that the only secure thing one can do is to snip the Ethernet cable, pour concrete over the computer and then bury it in a volcano.

On the other hand, you have, literally, everybody else: People who don’t care about network security at all, and if you so much as ask them a simple question once, they get mad and send you email about how mad this makes them.

So! Into the breach.

The network security manager in Emacs 25 (merged into trunk last week and switched on today) checks certificate validity, STARTTLS downgrade attacks, unencrypted sending of passwords via IMAP, POP3 and SMTP, and does certificate/public key pinning for self-signed certificates.

nsm
The Emacs Network Security Manager

If you’re paranoid, you can make it do certificate pinning for validated certificates, too, so that you can see when the NSA man-in-the-middles your traffic by getting a Certificate Authority to issue a forged certificate for the domains you are visiting. That’s not on by default, because we are not paranoid.

It allows you to save all these “security exceptions” for the session or permanently. And that’s where the professional security professionals will balk.

The argument is that if we allow the user to accept unverified connections, there is no security, because users always just says “yes” to everything. While that argument may be valid, the other side of the coin is that failing to communicate can also have negative ramifications.

Only the user can really say whether visiting a web site that has a problematic certificate is justified or not. When visiting an email archive to find the answer to a technical question — perhaps it is. When visiting your bank — probably not.

So: I hope that the network security manager we’ve implemented is sufficiently non-intrusive that people won’t feel it necessary to switch it off, and I hope that it’s encompassing enough that it offers some added security against snooping.

If you want to start using it now, pull down the development version of Emacs.

Making SVG images in Emacs

While working on the Emacs Network Security Manager, it was suggested that Emacs implement a visual hash for certificates.  It turned out to be a not-unproblematic idea, so I didn’t do that, but by then I had already written an SVG library.

While staring at it, it occurred to me that it would be kinda neat if the image created would update in real-time.

So I did that.

I think this library will probably end up on GNU ELPA.

Welcome, New Emacs Developers

Emacs switched the version control system from Bazaar to git yesterday, so now is the time to start hacking away at Emacs.

Emacs: The Best Thing Since Sliced Bread If It Wasn’t For The Fact That Emacs Was Actually Invented Before Sliced Bread.

This is a very short how-to guide on building and then contributing to Emacs.

Depending on what OS you’re running, you should install some libraries and stuff.  On Debian/Ubuntu you’d say something like

sudo apt build-dep emacs

(See the end of this post for instructions for other operating systems.)

Then you need to get the Emacs sources and build Emacs.  Here’s how on most Linux systems:

git clone git://git.savannah.gnu.org/emacs.git
cd emacs
make
./src/emacs &

And you’re off! If you know what you want to add to Emacs, just start hacking away. If not, you should have a look at the wishlist in the Emacs bug tracker.  Starting with a new feature can be less daunting than starting with a bug, since it’s more open ended.  And more fun.

First we need to get the bug tracker into Emacs.

M-x package-install RET debbugs RET

Ready for action!

M-x debbugs-gnu RET C-a C-k wishlist RET

debbugs3This will list everything that anybody wanted, but nobody got around to doing anything about.  Find one you think look interesting, hit enter to read more about it, and if you think you want to have a go, start hacking away.

debbugs4When you’re done, make a diff, reply to the bug report with F, and include the diff in the email.

Emacs requires a copyright assignment on all bits that are larger than 15 lines.  Send an email to copyright-clerk@fsf.org saying you wish to assign your Emacs code to the FSF, and they’ll get back to you on the paperwork, which is very un-daunting.

If you’re fixing lots of bugs and adding lots of new code, just ask for commit rights to the Emacs repository, and your code will fly out a lot faster.

Go forth and Emacs!

——————–

Appendix:

If apt-get build-dep doesn’t work for you on Debian/Ubuntu, you could say something like

sudo apt-get install gcc automake autotools libmagick++-dev \
  libgtk2.0-dev libxft-dev libgnutls-dev libdbus-1-dev libgif-dev

On Fedora you’d say

sudo yum-builddep emacs

or

sudo yum install gcc makeinfo texinfo gtk3-devel gnutls-devel\
 giflib-devel ImageMagick-c++-devel autotools automake \
 libXaw-devel libpng-devel ncurses-devel libxml2-devel  

If you have instructions for other OS-es, or these instructions here are wrong, please leave a comment.

If you need more information on the git flow for Emacs developers, have a peek here.