junobuild / juno Goto Github PK

[
in the latest release 0.0.8, the description doesn't look right as above snapshot

https://github.com/buildwithjuno/juno/releases/tag/v0.0.8

It seems that the store that holds the information about the satellite version is not updated after a new satellite is created

Display directly the address within the message.

It seems there is an issue in the pagination (display) of the users in the authentication tab when the last page is reached.
It display "No registered users" even though there are registered users.

"juno deploy" on windows deploy assets with \ (\index.html) instead of / (/index.html) which makes the storage not able to provide resources on the web

Add the feature to rename satellite

We have a collection of examples but, none are branded. Therefore the goal of this task is to add a Juno badge in form of a link to https://juno.build on each examples (React, Next, Angular, Vue and Vanilla).

The badge can for example be displayed as a footer of each sample dapp.

• Brand and badge: https://github.com/buildwithjuno/brand
• Examples: https://github.com/buildwithjuno/examples

Context

Currently it is not possible to set HTTP headers on the non raw domain. Thanks to the certification v2, this will be possible.
This is notable useful for CORS headers, caching and streaming.

Resources

https://github.com/dfinity/sdk/tree/master/src/canisters/frontend/ic-certified-assets/src/asset_certification

On the storage page, when an asset is selected, display "somewhere" a button or link to open the asset url in another tab

developers found "Rules" tab in the administration not that UX, "Collections" sounds better according the feedbacks

from certified asset

let (status_code, body) = if etags.contains(&enc.sha256) {
            (304, RcBytes::default())
        } else {
            headers.insert(
                "etag".to_string(),
                format!("\"{}\"", hex::encode(enc.sha256)),
            );
            (200, enc.content_chunks[chunk_index].clone())
        };

It would be interesting to support anonymouse / guess identity.

As I used to use in DeckDeckGo with Firebase https://firebase.google.com/docs/auth/web/anonymous-auth

TBD

• static (website) vs dynamic
• dynamic
  • sessions
  • read / write

interesting article: https://usefulangle.com/post/335/javascript-implement-analytics-page-views

would also maybe some metrics about time per queries or updates be interesting?

As an information in the dashboard(s)

We got now a #releases channel on Discord, therefore it would be cool to automate the propagation of the release text to this related channel.

This can maybe be implemented with following GitHub action: https://github.com/sarisia/actions-status-discord

Originally, I implemented an "observatory" canister that listed IC transactions (e.g. create a satellite) made on Juno.

After deploying it to mainnet, I noticed that its hearbeat was too clostly. I could had replace it with a timer which might have not been accurate but, as someday an ICP Index canister will be hopefully probably be proposed on mainnet, I could wait a bit until this happens or not.

"Observaroty" was removed in PR #6 and corresponding canister on mainnet was stopped.

On login, maybe the console can suggest the user to reuse existing controllers and apply those if not yet assigned to the satellite for which the login is performed.

The sentence "No collection defined. Start one in Rules tab" is incorrect, it's in "Collections" tab.
Also an i18n key can be extracted.

• edit data
• delete document or asset

It's difficult to know which controller is which controller.
Adding optional name and timestamps will help knowing this better.

Easy solution:

Add an option (a button) to upload a site folder to a satellite. Basically what juno deploy does in the CLI within the console.

More complicated solution:

Build a dedicated dapp that does this - like the Netlify showcase https://app.netlify.com/drop/.

If the same UX is applied, this would make the solution more complicated because satellites would have to be created for unregistered users which can afterwards sign-in to claim their work.

Currently "Read" permission sets the same permission for "Read - Get" and "List" actions. We can probably add some optional fine grain there.

Maybe same idea for "Write" into "Set / Update / Delete".

Let's see if anyone requires this.

https://github.com/dfinity/stable-structures

Follow-up to documentation PR https://github.com/buildwithjuno/docs/pull/27/files

Probably not the highest priority but, as for custom domain which populates automatically the ./well-known/ic-domains file, we can implement an automatic feature that would set up the alternative origins thing.

Like adding a button in the UI "Activate alternative origin" on/off.

Currently, collections are mutable, which means developers can change permissions on the fly at any time. While this provides great flexibility, there might be cases where someone sets a collection as "Private" to protect their user data but still wants to ensure that the permission settings remain fixed for privacy reasons.

To address this, we discussed the idea of introducing a flag that defines a collection as either mutable (default) or immutable.

This way, developers can choose to lock the permissions of a collection, ensuring they cannot be changed later, which could be beneficial for certain use cases requiring strict data privacy.

It would be handy to have the ability to display a QR code representing the account identifier of the mission control.
That way one can display the QR code, scan it with NNS dapp and transfer easily icp.
I can imagine we can for example display the QR code in a modal.

Context

Juno is expecting developers to use SSG / prerendering. For example, if an URL /marketplace/sales is requested and if there is no /marketplace/sales/index.html or /marketplace/sales.html available in the dapp, nothing is resolved and the URL ends in error.

Solution

Similar to Firebase, we can add an option "Configure as a single-page app (rewrite all urls to /index.html)?"

When set to true, if an URL /marketplace/sales would resolve no asset, then it should fallback to the root ./index.html.

Firebase

Firebase does more than "just" rewriting to ./index.html it also provide a configurable way to provide multiple rewrites.

https://firebase.google.com/docs/hosting/full-config#rewrites

Certified asset canister

This strategy exists for example on the IC in the certified asset canister.

See:

• https://github.com/dfinity/sdk/blob/master/src/canisters/frontend/ic-certified-assets/src/state_machine.rs#L813

• https://github.com/dfinity/sdk/blob/master/src/canisters/frontend/ic-certified-assets/src/state_machine.rs#L825

Using query parameters leads to certification issue. In other words, query parameters are not supported yet.

Papy.rs is a special case and needs to be embedded in an iframe which is blocked by the default security policy of the satellite.

So should the security options be made optional or should developer be able to opt-out?

fn security_headers() -> Vec<HeaderField> {
    vec![
        HeaderField("X-Frame-Options".to_string(), "DENY".to_string()),
        HeaderField("X-Content-Type-Options".to_string(), "nosniff".to_string()),
        HeaderField(
            "Strict-Transport-Security".to_string(),
            "max-age=31536000 ; includeSubDomains".to_string(),
        ),
        // "Referrer-Policy: no-referrer" would be more strict, but breaks local dev deployment
        // same-origin is still ok from a security perspective
        HeaderField("Referrer-Policy".to_string(), "same-origin".to_string()),
    ]
}

See sample project that demonstrates how to use Sign in with Ethereum (SIWE) on the Internet Computer:

https://github.com/domwoe/siwe_ic

@bytesun once mentionned that it would be useful to be able to filter list per owner. while it can be achieved using keys that contains the textual values of the user id, it would be easier to integrate it in the list of filters since it's a common use case.

#[derive(Default, CandidType, Deserialize, Clone)]
    pub struct ListParams {
        pub matcher: Option<String>,
        pub paginate: Option<ListPaginate>,
        pub order: Option<ListOrder>,
        pub owner: Option<UserId>,  // <-- new
    }

Querying data in a db way got much better with proper pagination (#116 ) and non key based property (#108). 🙏🏽
Why not target a long-lasting solution in the form of SQLite or some key value DB's

see:

1. ICSQLite
2. IndexedDB
3. dino

every minute until status Available or Error

maybe deleting a collection should check if there is still documents?

"Collection not empty, cannot delete"

A new version of ic-cdk has been released so the workaround pointing to github in toml files can be removed.

At the same time, maybe I can have a look how to define the common crates in the root Cargo.toml file instead of duplicating references in multiple files.

It would be nice to be able to stop and start satellites.

Great to have it in the UI, not sure if I want to implement this in the Cli too (I don't want the Cli to become too complex).

ic-cdk-optimizer is deprecated

As a developer, I'd like to know whether I reached the last page of the paginated collection so that I can confidently and eagerly load all collection items without doing meaningless queries after I reach the end.

A more complete pagination information looks like:

{
   total: number,
   per_page: number,
   current_page: number,
   last_page: number,
}

pagination inspiration borrowed from Laravel Database: Pagination

"Example" within the section's title is enough.

Add links to documentation about "How to send ICP" in following modals:

• Create a new satellite (display the link only if required)
• Top up satellite / mission control

It would be handy to support listDocs, assets and users per timestamps.

updated_at and created_at desc and asc

One added to satellite and lib, it would be nice to have the option in the console as well.

Only user signed-in can switch language at the moment. It will be better in the future to allow this also if not signed in

As for datastore, make collection mandatory in list_assets and del_assets. In the console I had a weird side effect in which I was able to list the dapp assets somehow and it's cleaner.

.unwrap_or_else(|| DEFAULT_ASSETS_COLLECTIONS[0].0.to_string())

A document is a blob in memory, therefore it is not easy to filter and list documents based on their content. Most of the work has to be done in the frontend or by tweaking keys or duplicating data.

To overcome the issue, this weekend idea discussed on Discord, is the addition of a hashmap/hashset or plaintext field for the documents.

export interface Doc<D> {
  key: string;
  data: D;
  owner?: string;
  created_at?: bigint;
  updated_at?: bigint;
  metadata?: ???? // <----- here something new
}

https://forum.dfinity.org/t/optimal-upload-chunk-size/20444/23?u=peterparker

In addition to status, cycles and memory display also the idle_cycles_burned_per_day information.

  canister_status : (record {canister_id : canister_id}) -> (record {
      status : variant { running; stopping; stopped };
      settings: definite_canister_settings;
      module_hash: opt blob;
      memory_size: nat;
      cycles: nat;
      idle_cycles_burned_per_day: nat;
  });

“Delete” is not yet implemented. Long story short, there is no easy way on the IC to get to know how little cycles should be retained on a canister to be able to delete it - which annoys me - so I did not made yet the effort to research this (again). But we should implement a way to delete satellites and the remaining cycles (minus what's needed to delete the satellites) should be transferred to the mission control.

In addition to the CLI, it would be cool to be able to upgrade satellites and mission controls directly in the browser.