Team blog: Developers

As part of modernizing the codebase, we had to phase out greenlock, a neat Node extension for automatic HTTPS cert management directly within Node. Unfortunately, it’s no longer maintained. Fortunately, certbot has come a long way over the years and makes HTTPS cert management quite painless!

lib.reviews now directly serves up HTTPS certs generated via certbot, which should be quietly auto-renewed without downtime when the time comes. Fingers crossed!

Oh, and pm2 is also gone. It’s a nice process manager for Node, but for our purposes, it just adds overhead. Our production setup is now just managed with systemd.

I’m working my way through modernizing the lib.reviews codebase, starting with older dependencies.

Today included:

• Switch to maintained bcrypt dependency for password hashing (compatible with previous hashes)
• Phase out deprecated request dependency
• vendored Thinky ORM (unmaintained) and improved its accessibility; removed its reliance on bluebird
• made test suite fixture setup more resilient against interruption or errors by using a test wrapper
• replaced unmaintained node-webhooks with internal webhook handler
• replaced unmaintained remote-ac autocomplete library with vendored & modernized version

The changes ahead will include:

• moving away from the unmaintained greenlock library for managing HTTPS certs; I’ll likely just use certbot and a trigger to re-generate certs as needed
• likely dropping pm2 for managing production deploys in favor of just using systemd

And the biggest planned change is to move from RethinkDB (unmaintained DB backend) to PostgreSQL. That literally touches every aspect of the site, so it may need to proceed in a long-lived branch until we’re ready to flip the switch.

I’ve transferred the lib.reviews repo to the Permacommons organization, which I also manage. The idea behind Permacommons is to build a permanent home for shared resources, managed with AI support (in the case of lib.reviews, for development) and automation in mind. If you’re interested, check out the other projects that are being built under the same GitHub org.

The lib.reviews server has been upgraded to Ubuntu 24.04. I’m also in the process of incrementally updating many older dependencies and modernizing things under the hood. If you notice anything break, please open an issue!

Belatedly, the Twitter/X account for lib.reviews is gone and won’t be coming back, since Twitter/X has been turned into a hate platform. If you’d like to follow us, you can do so on Mastodon or of course on this blog :-).

We’ve had basic support for aggregate review metadata (using schema.org types) since 2017. We’ve now converted this data into the more modern JSON-LD format, and added it for individual reviews as well. The latter should help make reviews more discoverable in search engines. Thanks to Nortix for the suggestion.

The new social media image support seems to be working well, but it had an issue where it would sometimes lose track of files you uploaded from the editor, especially when using preview (the dropdown list to select a social media image would be empty even though you uploaded files). This should now be fixed, but please file a bug report if you encounter any new or old problems.

One feature common to social media sites like Twitter and Mastodon is support for rich previews that tell you more about the link that you’re about to click on.

Rich previews typically include an image as well as an excerpt.

When you create or edit a review, you can now select the image that will be used for previews on social media and other sites that implement Open Graph.

To select a social media image:

1. Upload the image, either on the review subject page (like this one), or in the review editor by clicking the “Cloud upload” icon.

2. In the review editor, click “Additional settings”.

3. Select the image from the available options.

4. Save or publish your review.

That’s it. When you include a link to the review in social media, you should now see a preview like this one:

Please note that this currently only works for individual review links, not for review subject pages.

This is still a brand-new feature, so expect the unexpected! Let us know if you encounter any issues.

(As part of this update, team settings can now also be found in the “Additional settings” section to de-clutter the review editor a bit.)

In case you haven’t been following along, the FreeNode chat network recently imploded, and hundreds of of open source projects have migrated their chat infrastructure to Libera.Chat, a community-run alternative. That includes lib.reviews, and you can now find us on #lib.reviews on irc.libera.chat.

The lib.reviews VPS is now running on Ubuntu 20.04 (Focal), the latest Long Term Support release, which receives security updates until April 2025. The upgrade was fairly painless, but the do-release-upgrade wrapper script was interrupted, and I had to manually fix some broken packages.

I also fixed a small bug which has been annoying me for a while: The Wikidata search box wasn’t working when you started a new review, until you un-focused and re-focused it.