All Activity

Claude is always asking me to test things via Tracy console. This is why I added to the copy MD for agent, including the Copy All button at the bottom. It lets it understand the file/template/data structure and also to run comparisons on the data retrieved when refactoring code or adding new features. I much prefer this to giving Claude direct access to the site DB - this way I can check each query it's about to make and to choose whether I provide it with the complete results or not. Not that it is a real lock, but Tracy does have a setting to prevent all access to superusers with another role so if they don't know about Tracy then you could keep them out. Best bet would be to define this setting via $config>tracy rather than in the module settings so it's harder for them to override.

@ryan, I often see the JS error below in the browser console:

Is this the desk setup and keyboard thread? I love seeing people's desk setups. I just cleaned up my desk, so here's mine. Computer is a Macbook Air M5 mounted on a shelf under the desk, running from single thunderbolt cable. Monitors are 27" 4k Dell S2725QC (the cheapest 4k USB-C screens you can buy, but I like them). Keyboard is a Kisnt k85. An ebay thunderbolt 4 hub mounted under the desk feeds the screens and an external drive. A cable management basket under the desk keeps all the cables tidy. Monitors are mounted with arms attached to the rear of the desk. ProcessWire coffee and water bottle are my daily drivers, thanks to @Jonathan Lahijani

Hi everyone, I have released a new ProcessWire module: TokenForge. TokenForge is a lightweight JWT/signature toolkit for ProcessWire modules and external API integrations. It creates, signs, validates helper inputs, and caches short-lived JWTs for services that require server-side signed tokens. GitHub: https://github.com/mxmsmnv/TokenForge What it does Generates JWT tokens with HS256, RS256, and ES256. Supports Apple .p8 / EC P-256 keys for ES256. Supports RSA private keys for RS256. Supports shared secrets for HS256. Provides createJwt() and createCachedJwt() APIs for other modules. Uses ProcessWire cache for reusable short-lived provider tokens. Fingerprints cached entries by token options, so changed claims/keys do not accidentally reuse an old token. Includes a superuser-only admin UI with dashboard, quick presets, Apple service setup, JWT generator, diagnostics, cache tools, and activity log. Why I built it I needed Apple WeatherKit support in my Meteo module. Apple WeatherKit requires ES256 JWT generation with an Apple .p8 key, and I did not want that signing logic to live only inside one weather module. So TokenForge is intentionally separate: it can be used by Meteo, but also by other modules or integrations that need JWT-based authentication. Apple support TokenForge includes an Apple-focused preset for services that use signed developer/provider tokens, for example: WeatherKit REST API Apple Maps Server API / MapKit JS tokens APNs token-based authentication App Store Connect API MusicKit / DeviceCheck-style developer tokens The Apple preset helps prepare the usual ES256 structure: issuer/team ID, service identifier, key ID, .p8 private key path, headers and payload. Not only Apple The module also includes starting points for: Android/Firebase-style RS256 service account assertions Samsung-style RS256 service assertions Generic HS256 Generic RS256 Generic ES256 Quick presets include demo signing material, so the generator can be tested immediately. For real integrations, replace the demo identifiers and keys with provider values. Security notes TokenForge does not store generated JWTs, private key contents, or shared secrets in module settings. Recommended production usage is to keep private keys in a file path such as: /site/assets/private/AuthKey_XXXX.p8 and pass private_key_path to TokenForge. Basic example $tokenForge = $modules->get('TokenForge'); $jwt = $tokenForge->createCachedJwt('my_provider_token', [ 'ttl' => 3300, 'algorithm' => 'ES256', 'key_id' => $keyId, 'private_key_path' => $privateKeyPath, 'headers' => [ 'id' => $teamId . '.' . $serviceId, ], 'payload' => [ 'iss' => $teamId, 'iat' => time(), 'exp' => time() + 3600, 'sub' => $serviceId, ], ]); Requirements ProcessWire 3+ PHP 8.1+ OpenSSL extension MIT licensed. Repository: https://github.com/mxmsmnv/TokenForge

Meteo update: Apple WeatherKit provider Small update for Meteo: Apple WeatherKit support has been added. Meteo now supports these providers: Open-Meteo OpenWeatherMap WeatherAPI.com Apple WeatherKit Apple WeatherKit uses Apple REST API authentication and requires ES256 JWT tokens. For that part Meteo now uses a separate helper module, TokenForge, which handles JWT generation and caching. Meteo repository: https://github.com/mxmsmnv/Meteo TokenForge repository: https://github.com/mxmsmnv/TokenForge Apple WeatherKit requirements To use the Apple provider you need: Apple Developer account Team ID WeatherKit Services ID Key ID downloaded Apple .p8 private key TokenForge installed Recommended key location is a private, non-public path such as: /site/assets/private/AuthKey_YOURKEYID.p8 Meteo asks TokenForge to create and cache the short-lived WeatherKit JWT, then sends it as a Bearer token to Apple WeatherKit. This update is in Meteo 1.1.0.

This week we've ProcessWire 3.0.267 on the dev branch, here are some highlights (commits): The entire WireTests module has been moved into the core. All of the tests now live alongside the classes that they test. The WireTests module is used from the command line. Once installed, you can type "php index.php test" for a list of WireTest commands. If you already have the non-core WireTests module installed, I recommend uninstalling it and installing the core version. More than a dozen new WireTests and API.md documentation files have been added this week (this is where the biggest additions of the week are). Many improvements to the CLI "docs" command, especially with regard to chapter retrieval. New faster $modules->refresh() method from @matjazp New HOWTO-API.md documentation that outlines how to write API.md files for your own modules. New getFresh() and getRaw() methods added to $fields and $templates. These do the same as their $pages method equivalents (getFresh and getRaw), except for fields and templates. This was requested by an agent in AgentTools. This week we also have a new guest blog post! Page's best kept secret: the meta() method Thanks for reading and have a great weekend!

Hi @Robin S - sorry for delay in responding, but thanks for the follow up. I haven't used that module regularly in so long. Anyway, glad you figured out an approach that works for you. Cheers.

Hey @jploch Thanks for jumping in and providing your design thinking. All solid reasons.

This is exactly why I tweaked mine to look like this with the top/bottom border (box-shadow) on hover. You get the definition you need with a nicer grey (IMO). with: .PageList .PageListItem:hover { box-shadow: inset 0 0.5px 0 0 #ccc, inset 0 -0.5px 0 0 #ccc; border-radius: 0 !important; }

@Peter Knight The darker color is intentional, there are two reasons why we (Diogo and me) decided for the darker grey: Contrast: Bringing more focus to the white areas even on screens that have bad contrast/color settings. This is especially helpful when input fields are offset from one another; it makes it easier to distinguish between the fields. It also helps to seperate the navigation and content area. The white hover on the page tree is also benefiting from the darker grey. Also like @BrendonKoz says it helps to seperate the inputs from the background. While the borders already enforce this contrast, I feel like the combination of border and background is what makes it stand out more. When putting screenshots from the admin on the PW website we want them to have a different background color so the image stands out better. This is why we choose a lighter background color for the website. While the image usually has a border, the background still improves the contrast, so the two don’t blend together as much. All in all, a lighter color would work too, and I certainly understand that some people might find the grey a bit too “grey.” However, I think the darker grey is a more functional default.

Hey @joshua, I'm trying to output head and content manually, unfortunally it's not working. Any idea? Cheers, Jens aka DV-JF

Thats a great video. I wonder if you can actually buy those mugs.

NativeAnalytics has been updated to version 1.0.30. This is a small maintenance release with a few focused fixes: Fixed the analytics page widget appearing in field-limited edit interfaces, such as image/file edit modals. Improved PrivacyWire integration so consent changes are synced immediately in the same browser tab. Added a PrivacyWire consent version check to prevent stale consent from older PrivacyWire versions being reused. Fixed a dashboard tab display flash where the Overview tab could briefly appear before the requested tab was activated. Thanks to @adrian for reporting the widget issue and for the helpful pull requests. As always, please refresh modules after updating.

I've heard a few other similar stories, eg

@adrian, don't spend time responding to my questions above. I realised I needed several more customisations so it made more sense for me to add a custom Lister markup field to Page Edit rather than adapt Batch Child Editor.

Although a wild guess, having looked at the example proposed images, I'm thinking the darker background color for the admin theme (over the PW homepage for branding) was chosen to better highlight the distinction between input elements' target areas compared to empty/white space. It's a noticeable visual distinction, at least on my monitor.

Oops! I should have created a new paragraph after mentioning you, virtualgadjo. The continuation of my message was actually intended for floko, but appreciate the additional thoughts in your response! 😅 It was nice reading how your thoughts progressed through the problem.

Psy, your experience reminds me of well-known AI YouTuber Alex Finn. His AI agent autonomously purchased a phone number, connected to the ChatGPT Voice API and called him to request access to something. I think his setup was running autonomous agents permanently on a Mac mini and he gives them a limited amount of credit card access.

(side note: you might be interesed by this module from @Robin S https://processwire.com/modules/limited-module-edit/)

Yep, they do. That was more a personal preference. IE a grey that is light enough to be subtle but dark enough to sit on a white without needing a border.

But don't all elements have the grey border which helps to separate them from the background - I think that is why #fbfbfb works.

Interesting that you both chose fbfbfb. Do you find there's enough contrast between fbfbfb and white? I think it might be lost on most monitors, but that's simply a guess. In the attached, I have removed the login panels grey border to help visualise both fbfbfb and f5f5f5 against a white.

I would prefer #fbfbfb; too. That's what I change the background color to on my sites too.

Thanks @Tiberium for the thoughtful reply. I don't think we're actually disagreeing. Your managed service model is a perfectly valid choice for your clients. Mine is different. I don't host or manage client infrastructure, and I prefer that domains, hosting and sites are owned by the client rather than by me. My original point wasn't really about client permissions though. It was that I was genuinely impressed by how Claude found an unexpected way to achieve the user's goal. It wasn't being malicious, it was being resourceful. That's both fascinating and, on a live production site, something we need to manage carefully. That experience reinforced for me the importance of approvals, audit trails and human oversight when AI is involved, regardless of who has superuser access.

Hi @adrian, I've been trying out the module, in particular the Lister mode. It's a very feature-rich and well-thought-out module. Thanks for creating it! My use case is probably not typical so I expect I'll need to do some custom styling and modifications, but I thought I'd run a few questions by you first in case there are built-in options that I missed. 1. I've set my Default Filter settings, but I get a filter row at the top for "include" that isn't in my settings. Is there a way to avoid that row, or is that compulsory so that users will always see unpublished children? 2. When "template" is included in the filters, is there a way to have the select limited to the "Allowed templates for children" that are defined for the parent page template? 3. I want to use the module for its Lister features rather than for batch editing, so is there a way I can not have the column with the pencil icon that enables inline editing? 4. For my use case the nested fieldset is a bit redundant. No worries to visually hide the nested fieldset using some custom CSS, but one feature idea would be for the module to automatically hide the nested fieldset when the options for "Lister mode title", "Lister mode description", and "Lister mode notes" are all left empty.