Leaderboard

This week we've ProcessWire 3.0.267 on the dev branch, here are some highlights (commits): The entire WireTests module has been moved into the core. All of the tests now live alongside the classes that they test. The WireTests module is used from the command line. Once installed, you can type "php index.php test" for a list of WireTest commands. If you already have the non-core WireTests module installed, I recommend uninstalling it and installing the core version. More than a dozen new WireTests and API.md documentation files have been added this week (this is where the biggest additions of the week are). Many improvements to the CLI "docs" command, especially with regard to chapter retrieval. New faster $modules->refresh() method from @matjazp New HOWTO-API.md documentation that outlines how to write API.md files for your own modules. New getFresh() and getRaw() methods added to $fields and $templates. These do the same as their $pages method equivalents (getFresh and getRaw), except for fields and templates. This was requested by an agent in AgentTools. This week we also have a new guest blog post! Page's best kept secret: the meta() method Thanks for reading and have a great weekend!

Hi everyone, I have released a new ProcessWire module: TokenForge. TokenForge is a lightweight JWT/signature toolkit for ProcessWire modules and external API integrations. It creates, signs, validates helper inputs, and caches short-lived JWTs for services that require server-side signed tokens. GitHub: https://github.com/mxmsmnv/TokenForge What it does Generates JWT tokens with HS256, RS256, and ES256. Supports Apple .p8 / EC P-256 keys for ES256. Supports RSA private keys for RS256. Supports shared secrets for HS256. Provides createJwt() and createCachedJwt() APIs for other modules. Uses ProcessWire cache for reusable short-lived provider tokens. Fingerprints cached entries by token options, so changed claims/keys do not accidentally reuse an old token. Includes a superuser-only admin UI with dashboard, quick presets, Apple service setup, JWT generator, diagnostics, cache tools, and activity log. Why I built it I needed Apple WeatherKit support in my Meteo module. Apple WeatherKit requires ES256 JWT generation with an Apple .p8 key, and I did not want that signing logic to live only inside one weather module. So TokenForge is intentionally separate: it can be used by Meteo, but also by other modules or integrations that need JWT-based authentication. Apple support TokenForge includes an Apple-focused preset for services that use signed developer/provider tokens, for example: WeatherKit REST API Apple Maps Server API / MapKit JS tokens APNs token-based authentication App Store Connect API MusicKit / DeviceCheck-style developer tokens The Apple preset helps prepare the usual ES256 structure: issuer/team ID, service identifier, key ID, .p8 private key path, headers and payload. Not only Apple The module also includes starting points for: Android/Firebase-style RS256 service account assertions Samsung-style RS256 service assertions Generic HS256 Generic RS256 Generic ES256 Quick presets include demo signing material, so the generator can be tested immediately. For real integrations, replace the demo identifiers and keys with provider values. Security notes TokenForge does not store generated JWTs, private key contents, or shared secrets in module settings. Recommended production usage is to keep private keys in a file path such as: /site/assets/private/AuthKey_XXXX.p8 and pass private_key_path to TokenForge. Basic example $tokenForge = $modules->get('TokenForge'); $jwt = $tokenForge->createCachedJwt('my_provider_token', [ 'ttl' => 3300, 'algorithm' => 'ES256', 'key_id' => $keyId, 'private_key_path' => $privateKeyPath, 'headers' => [ 'id' => $teamId . '.' . $serviceId, ], 'payload' => [ 'iss' => $teamId, 'iat' => time(), 'exp' => time() + 3600, 'sub' => $serviceId, ], ]); Requirements ProcessWire 3+ PHP 8.1+ OpenSSL extension MIT licensed. Repository: https://github.com/mxmsmnv/TokenForge

There've been a few instances published about AI models going to extremes to solve a question. It's not that AI is malicious or over-eager to please. It's how it's wired. Find an answer or best guess or stop if there's an off-switch in the prompt when the goal cannot be reached. I have a non-technical client who thinks AI is the bee's knees and the answer to his content/SEO/GEO prayers. Client has no DDEV/SSH/FTP site access or coding knowledge. Claude app navigated the owner to the TracyDebugger console in admin to fulfil the owner's request to update site content. Client had no clue about TD until that moment. Claude did. It took client through a questionnaire about installed modules. Claude only had a 'snapshot' of pages, no holistic understanding of db, templates, etc. Client now thinks TD console is the best thing ever. He asks Claude a question. Claude answers and tells client to copy/paste it into TD console. Am now busy trying to bring Claude under control with audit trails, approvals and convincing client to use @ryan AgentTools to minimise risk. Yes, on live production site. OMG! No matter what your views on AI, it's out there and loves PW.

Is this the desk setup and keyboard thread? I love seeing people's desk setups. I just cleaned up my desk, so here's mine. Computer is a Macbook Air M5 mounted on a shelf under the desk, running from single thunderbolt cable. Monitors are 27" 4k Dell S2725QC (the cheapest 4k USB-C screens you can buy, but I like them). Keyboard is a Kisnt k85. An ebay thunderbolt 4 hub mounted under the desk feeds the screens and an external drive. A cable management basket under the desk keeps all the cables tidy. Monitors are mounted with arms attached to the rear of the desk. ProcessWire coffee and water bottle are my daily drivers, thanks to @Jonathan Lahijani

Meteo update: Apple WeatherKit provider Small update for Meteo: Apple WeatherKit support has been added. Meteo now supports these providers: Open-Meteo OpenWeatherMap WeatherAPI.com Apple WeatherKit Apple WeatherKit uses Apple REST API authentication and requires ES256 JWT tokens. For that part Meteo now uses a separate helper module, TokenForge, which handles JWT generation and caching. Meteo repository: https://github.com/mxmsmnv/Meteo TokenForge repository: https://github.com/mxmsmnv/TokenForge Apple WeatherKit requirements To use the Apple provider you need: Apple Developer account Team ID WeatherKit Services ID Key ID downloaded Apple .p8 private key TokenForge installed Recommended key location is a private, non-public path such as: /site/assets/private/AuthKey_YOURKEYID.p8 Meteo asks TokenForge to create and cache the short-lived WeatherKit JWT, then sends it as a Bearer token to Apple WeatherKit. This update is in Meteo 1.1.0.

NativeAnalytics has been updated to version 1.0.30. This is a small maintenance release with a few focused fixes: Fixed the analytics page widget appearing in field-limited edit interfaces, such as image/file edit modals. Improved PrivacyWire integration so consent changes are synced immediately in the same browser tab. Added a PrivacyWire consent version check to prevent stale consent from older PrivacyWire versions being reused. Fixed a dashboard tab display flash where the Overview tab could briefly appear before the requested tab was activated. Thanks to @adrian for reporting the widget issue and for the helpful pull requests. As always, please refresh modules after updating.

If you keep discussing keyboards, I’ll end up with another keyboard I don’t need 🤪

My workplace at the moment 😊

Since back in 1996 I'm a big fan and user of the smallest Cherry Keyboards, with and without NumPads. But mainly the types without NumPads, CHERRY G84-4100: But on my primary Desktop working place I use a Razer Huntsman Elite RZ03-0187 :