auth-upgrade migration

[bourgeoa]

• podRoot's index.html usually contains a login/logout button
• the new authorization is not directly compatible

There are different ways to solve this problem :

1. do nothing : users will have an old login/logout button that send to pages with the new new login/logout
2. modify the lold login/logout function to return an alert explaining that this function is discarded and has no effect
3. Not to lose any specific pod data the podRoot/index.html shall be renamed to podRoot/index_1.html with a simple script.

[bourgeoa]

Detail of a simple script to execute point 3
A simulation on the backup at /mnt/volume_lon1_03/solidcommunity.net/data took 1h 20

*********
* check that the destination filename do not exist
*  index1.html exists in 2 pods
*  index_1.html do not exist
*********
root@solidcommunity:~# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -name index1.html
/mnt/volume_lon1_01/solid.community/sebbon.solidcommunity.net/index1.html
/mnt/volume_lon1_01/solid.community/bourgeoa.solidcommunity.net/index1.html
root@solidcommunity:~# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -name index_1.html
root@solidcommunity:~#

*********
* pod count
**********
root@solidcommunity:~# find /mnt/volume_lon1_01/solid.community -maxdepth 1 -type d | wc -l
57954
*********
* podRoot/index.html count
*********
root@solidcommunity:~# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index.html | wc -l
50006
*********
* rename filename index.html to index_1.html
*********
root@solidcommunity:~# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index.html -exec rename -n -d 's/.html/_1.html/' '{}' \;

-n, --nono
No action: print names of files to be renamed, but don't rename
-d, --filename, --nopath, --nofullpath
Do not rename directory: only rename filename component of path.

[jeff-zucker]

57,954 pods? Wow!

Script looks fine to me.

[mikeadams1]

I have 10% of those pods

[mikeadams1]

@bourgeoa do you want the username for all of those?
lol just joking but, i do have that many at least

[jeff-zucker]

Here's a first pass at a public announcement. Edit at will!

After months of work, a new SolidOS Databrowser - the frontend for solidcommunity.net - is about to be released. SolidOS, the Solid operating system built into the Databrowser, provides

• resource creation, editing, navigation, and mangement
• a rich set of tools to view semantic data in different formats
• productivity apps such as notepads and task managers
• collaboration apps such as chat and meeting schedulers

The new changes bring solidcommunity.net, the Databrowser, and the SolidOS software stack into line with the latest Solid OIDC specifications, making them more secure, interoperable, and forward-looking.

From a user's perspective : most will not experience any changes from the switch-over. The one exception is people who have an index.html located in the root of their pod e.g. https://you.solidcommunity.net/index.html. Previously those files were provisioned with a login button which will no longer work. So we will be running a script to change all existing index.html files in the root of pods changed to the name index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

From a developer's perspective : you should no longer use solid-auth-client as your authentication library. Instead use Inrupt's solid-client-authn-browser.

The changes in SolidOS and solidcommunity.net are the work of an active open source team working with an independent contractor hired by Inrupt specifically for this upgrade. The open source team actively welcomes collaborators. Please visit our team homepage at [link to SolidOS]. Please also let us know about any issues or suggestions [link to issue].

[jeff-zucker]

After months of work, a new SolidOS Databrowser - the frontend for solidcommunity.net - is about to be released. SolidOS, the Solid operating system built into the Databrowser, provides

• resource creation, editing, navigation, and mangement
• a rich set of tools to view semantic data in different formats
• productivity apps such as notepads and task managers
• collaboration apps such as chat apps and meeting schedulers

The new changes bring solidcommunity.net, the Databrowser, and the SolidOS software stack into line with the latest Solid OIDC specifications, making them more secure, interoperable, and forward-looking.

From a user's perspective : most will not experience any changes from the switch-over. The one exception is people who have an index.html located in the root of their pod e.g. https://you.solidcommunity.net/index.html. Previously those files were provisioned with a login button which will no longer work. So we will be running a script to change all existing index.html files in the root of pods changed to the name index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

From a developer's perspective : you should no longer use solid-auth-client as your authentication library. Instead use Inrupt's solid-client-authn-browser. The entire SolidOS software stack now works with the Inrupt library.

The changes in SolidOS and solidcommunity.net are the work of an active open source team working with an independent contractor hired by Inrupt specifically for this upgrade. The open source team actively welcomes collaborators. Please visit our team homepage at [link to SolidOS]. Please also let us know about any issues or suggestions [link to issue].

P.S. For those of you with pods on other pod-providers, you can use the SolidOS Databrowser as a stand-alone web app [link to browse.html] or a local desktop app [link to Data Kitchen].

[timea-solid]

Thank you Jeff for starting this off. As follows my suggestion on the release note. Feel free to edit it further.

SolidOS version x release on dateX

After months of work, a new SolidOS version is about to be released. SolidOS comes in two flavours:

• SolidOS Data Browser which is the frontend for solidcommunity.net but can be used on any Pod-provider
• Data Kitchen the stand-alone desktop app.

This release is focused on security and it makes the code stack Solid-OIDC specification compliant.

1. The solid-auth-client library was replaced by the inrupt/solid-client-authn-js

• All SolidOS dependencies (mashlib, solid-panes, solid-ui, solid-logic...) were updated to use the new authentication library. The exact work can be followed on this git issue.

2. Some new features

• 'Add me to your friends' button on your profile git issue
• Include link to user guide git issue

3. Some bugfixes

• JSON-LD files are now readable git issue
• Deleting a resource triggers a UI refresh now git issue

Impact:

• As a developer, instead of using the solid-auth-client library use inrupt/solid-client-authn-js in your developments.
• Pod owners with an index.html file located in the root of their Pod (e.g. https://you.solidcommunity.net/index.html), your first page on the Pod will change. Previously the index.html file was provisioned with a login button which will no longer work due to the authentication library upgrade. Upon release, we will be running a script to rename all existing index.html files in the root of Pods to index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

The changes in SolidOS and solidcommunity.net are the work of an active open source team. The open source team actively welcomes collaborators. Please visit our project GitHub [link to SolidOS readme] for more information. For any concerns, issues or suggestions chat with the SolidOS team over at gitter or create a [git issue](maybe https://github.com/solid/solidos/issues).

[bourgeoa]

I have a few comments :

• Title shall make reference to solidOS and NSS
• re-introduce jeff's explanation what is solidOS
• remove point 2 and 3 to be included in tags version
• solidcommunity.net specifics

---

SolidOS v1.7.7 an NSS (node-solid-server) v5.6.12

After months of work, a new SolidOS databrowser - the frontend for solidcommunity.net - is about to be released. SolidOS, the Solid operating system, provides

• resource creation, editing, navigation, and access control management
• a rich set of tools to view semantic data in different formats
• productivity apps such as notepads and task managers
• collaboration apps such as chat apps and meeting schedulers

The change bring NSS, the SolidOS and dependencies into line with the latest Solid-OIDC specification, making them more secure, interoperable, and forward-looking.

SolidOS comes in 3 flavours :

• SolidOS which is a frontend for NSS and in near future on CSS
• Data Kitchen the stand-alone desktop app.
• a standalone webapp https://solidos.github.io/solidos/browse.html that can be used on compliant Solid Servers.

This release is focused on security and it makes the code stack Solid-OIDC specification compliant.

• The solid-auth-client library was replaced by the inrupt/solid-client-authn-js
  The exact work can be followed on this git issue
  As a developer, instead of using the solid-auth-client library use inrupt/solid-client-authn-js in your developments.

• https://solidcommunity.net Pod owners with an index.html file located in the root of their Pod (ex: https://user.solidcommunity.net/index.html), your first page on the Pod will change. Previously the index.html file was provisioned with a login button which will no longer work due to the authentication library upgrade. Upon release, we will be running a server script to rename all existing index.html files in the root of Pods to index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

The changes in SolidOS and solidcommunity.net are the work of an active open source team. The open source team actively welcomes collaborators. Please visit our project GitHub [link to SolidOS readme] for more information. For any concerns, issues or suggestions chat with the SolidOS team over at gitter or create a [git issue](maybe https://github.com/solid/solidos/issues).

[bourgeoa]

reopened. it was a mistake sorry

[timea-solid]

Great improvements so far, I think we are close to a final version.

1. It is confusing to me what the naming convention is: SolidOS, SolidOS Data Browser, SolidOS Databrowser ... I do not mind which it is, as long as we are consistent in all our documentation about it.
   Example: "Databrowser, and the SolidOS software stack" -> what does this mean?
2. The intention of this release seems to be:

• inform the reader what SolidOS is (but not NSS)
• that there is a release both on SolidOS and NSS
• what they need to do about it
  Isn't this a bit too much?

3. In the vision we talk about what SolidOS is: https://solidos.solidcommunity.net/Team/docs/SolidOSNorthStar.html My suggestion is to be consistent with the message - either change this message or change the vision document.
4. SolidOS can be a frontend for ANY Solid server not just for NSS and CSS.

P.s. I like the title. Thanks for the versions. Also I did not know about the 3rd flavour. #neverStopLearningSolid ☺️

[bourgeoa]

point 1 : agreed "Databrowser, and the SolidOS software stack" either replaced with "SolidOS and dependencies" or simply `SolidOS'
point 2 : a bit too much. It's a fact. We can make more messages to detail things if there are questions
point 3 : can you make a proposal for discrepencies
point 4 : yes and no. Actually yes integration for NSS and CSS. For other solid servers : Yes for the solidOS webapp, integration must be provided. That's why webapp is important.

(changes directly edited in the above text)

[timea-solid]

Thanks @bourgeoa . Trying to combine everything in one here. The description of SolidOS is copy paste from the vision (https://solidos.solidcommunity.net/Team/docs/SolidOSNorthStar.html). Here is the proposed up to date version:

SolidOS v1.7.7 an NSS (node-solid-server) v5.6.12 release

After months of work, a new SolidOS and NSS version is about to be released.

------ version with what SolidOS is ---------
SolidOS, the Solid operating system, is showcasing the possibility of Solid for the future, and we mean:

• true data ownership: management of personal data & authorization control;
• avoidance of vendor lock-in to services: easy moving to a different Pod or WebID provider;
• data reuse between applications: with help of data interoperability and data discoverability.

SolidOS comes in 3 flavours :

• SolidOS (https://github.com/solid/solidos/blob/main/README.md) which is a frontend for NSS and in near future for CSS
• Data Kitchen (https://github.com/solid/data-kitchen) the stand-alone desktop app.
• A stand-alone web-app (https://solidos.github.io/solidos/browse.html) that can be used on compliant Solid Servers.
  ----- end part about what SolidOS is ----------

This release is focused on security and it makes the code stack Solid-OIDC specification (https://github.com/solid/solid-oidc) compliant.

• The solid-auth-client library was replaced by the inrupt/solid-client-authn-js (https://github.com/inrupt/solid-client-authn-js)
  • The exact work can be followed on this git issue: SolidOS Auth Upgrade SolidOS/solidos#38
  • As a developer, instead of using the solid-auth-client library use inrupt/solid-client-authn-js (https://github.com/inrupt/solid-client-authn-js) in your developments.
• https://solidcommunity.net Pod owners with an index.html file located in the root of their Pod (ex: https://user.solidcommunity.net/index.html), your first page on the Pod will change. Previously the index.html file was provisioned with a login button which will no longer work due to the authentication library upgrade. Upon release, we will be running a server script to rename all existing index.html files in the root of Pods to index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

The changes in SolidOS and solidcommunity.net are the work of an active open source team. The open source team actively welcomes collaborators. Please visit our project on GitHub at https://github.com/solid/solidos/blob/main/README.md for more information. For any concerns, issues or suggestions chat with the SolidOS team over at gitter (https://gitter.im/solid/solidos) or create a [git issue](maybe https://github.com/solid/solidos/issues).

[bourgeoa]

@theRealImy I much prefer @jeff-zucker version.
Yours is technical and not so much user oriented you also lost some links
If you want we can add a link to NorthStar, but not sure it is relevant

[jeff-zucker]

1. It is confusing to me what the naming convention is: SolidOS, SolidOS Data Browser, SolidOS Databrowser ... I do not mind which it is, as long as we are consistent in all our documentation about it.

This is how I see it :

• The SolidOS Databrowser
  • Used as a frontend for solidcommunity.net, inrupt.net, solidweb.org and other servers
  • Used as a stand-alone web-app (SolidOS Web app)
  • Used as a stand-alone desktop app (SolidOS Data-Kitchen)
• The SolidOS Software Stack
  • Used to build the Databrowser
  • Used as individual libraries by other apps
  • Includes mashlib, solid-panes, solid-ui, solid-logic, rdflib, the Solid forms ontology

Since rdflib is the dependency of 693 other libraries/apps, amd solid-ui of 50, this usage of the software stack is in the wild and is an important role of the software. I use "the Databrowser" or "the SolidOS Databrowser" when I am talking about the app and "SolidOS" or "the SolidOS software stack" when I am talking about the software libraries used to build the app.

[bourgeoa]

@jeff-zucker @theRealImy
Could you agree to this as reference release text. #59 (comment)
From your last comment @jeff-zucker shall we leave "SolidOS and dependencies" or do you prefer "SolidOS databrowser"

[jeff-zucker]

My thoughts on #59 (comment) :

Data ownership, avoiding vendor lock-in, and data reuse are the goals of the entire Solid Project. Every software in the Solid ecosystem should be striving for those. Most people in the forum understand that these are the goals of Solid. Listing these goals will not be new information for most people. Many people in the forum however do not understand what role SolidOS and the databrowser play in that ecosystem. Many think of the databrowser as a simple file explorer and are unaware of its semantic navigation and app creation features.

So this is my current draft.

Major updates to SolidOS, NSS, and solidcommunity.net

Please note : If you have a pod on solidcommunity.net, be sure to read the impact on users section below.

After months of work, a new SolidOS is about to be released. SolidOS, the Solid operating system, comes in four flavors :

• The SolidOS Databrowser Frontend - a frontend for Solid Servers like solidcommunity.net
• The SolidOS Databrowser Webapp - a stand-alone web app
• The SolidOS Data-Kitchen - a stand-alone desktop app
• The SolidOS software stack - a set of libraries that may be used independently of the databrowser

SolidOS, in all of its flavors, provides pod navigation and management tools; semantic views of all data; productivity apps like notepads, and task-mangers; and collaboration apps like chat apps and meeting schedulers. All features have the aim of supporting the core Solid vision - user control, freedom from vendor lock-in, and re-usability of data.

This release is focused on security and it makes the code stack Solid-OIDC specification compliant. All code using solid-auth-client was replaced by code using @inrupt/solid-client-authn. The release also includes improvements to handling of Javascript, JSON-LD, and a variety of bug-fixes and UI improvements. See this list of upgrade issues for details. For reference : the releases are SolidOS v1.7.7 and NSS (Node solid-server) v5.6.12.

The release impacts users of solidcommunity.net, developers using the SolidOS software stack, and pod providers who use NSS.

Impact on users

Owners of Pods on solidcommunity.net with an index.html file located in the root of their Pod (ex: https://user.solidcommunity.net/index.html) : your first page on the Pod will change. Previously the index.html file was provisioned with a login button which will no longer work due to the authentication library upgrade. Upon release, we will be running a server script to rename all existing index.html files in the root of Pods to index_1.html. If you wish to get your index.html back, you can remove any login code and buttons from the document and then rename it back to index.html. Unfortunately, there is currently no easy way to provide a login button on a pod root index page.

Impact on developers

Developers who use the SolidOS stack (mashlib, solid-panes, solid-ui, solid-logic, rdflib) should be aware that these libraries have all switched to using Inrupt's solid-client-authn instead of solid-auth-client.

Impact on Pod providers

As mentioned above under impacts on users, index.html pages with login buttons will no longer work. You should contact us to get a script to rename these files and warn your users before installing the new NSS.

Join our team!

The changes in SolidOS, NSS, and solidcommunity.net are the work of an active open source team led by Sir Tim Berners-Lee. The open source team actively welcomes collaborators. Please
visit our project pod or our GitHub repo for more information. For any concerns, issues or suggestions chat with the SolidOS team in the gitter chatroom or create a git issue.

[bourgeoa]

-status

• .acl at root in the old times where private. They are now created as public READ (when that happen I don't know V4 or V5 ?)
  and the date information is lost due to the migration from solid.community to solidcommunity.net. These old files are all dated Oct 9 2020
• indew.html was public with a index.html.acl with everybody READ
• DPoP migration moved only index.html to index_1.html making it private

examples of existing ACL for the https://trainwreck.solidcommunity.net pod

  root@solidcommunity:/mnt/volume_lon1_03/solidcommunity.net/data/trainwreck.solidcommunity.net# cat .acl
  # Root ACL resource for the user account
  @prefix acl: <http://www.w3.org/ns/auth/acl#>.

  <#owner>
    a acl:Authorization;

    acl:agent <https://trainwreck.solidcommunity.net/profile/card#me> ;

    # Optional owner email, to be used for account recovery:
    acl:agent <mailto:[email protected]>;

    # Set the access to the root storage folder itself
    acl:accessTo </>;

    # All resources will inherit this authorization, by default
    acl:defaultForNew </>;

    # The owner has all of the access modes allowed
    acl:mode
        acl:Read, acl:Write, acl:Control.

  # Data is private by default; no other agents get access unless specifically
  # authorized in other .acls
  root@solidcommunity:/mnt/volume_lon1_03/solidcommunity.net/data/trainwreck.solidcommunity.net# ^C
  root@solidcommunity:/mnt/volume_lon1_03/solidcommunity.net/data/trainwreck.solidcommunity.net# cat index.html.acl
  @prefix acl: <http://www.w3.org/ns/auth/acl#>.
  @prefix foaf: <http://xmlns.com/foaf/0.1/>.

  <#owner>
    a acl:Authorization;

    acl:agent
        <https://trainwreck.solidcommunity.net/profile/card#me>;

    acl:accessTo </index.html>;

    acl:mode
        acl:Read, acl:Write, acl:Control.

  <#public>
    a acl:Authorization;

    acl:agentClass foaf:Agent;  # everyone

    acl:accessTo <./index.html>;

    acl:mode acl:Read.
  root@solidcommunity:/mnt/volume_lon1_03/solidcommunity.net/data/trainwreck.solidcommunity.net#

• proposed solution

 find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index.html.acl -exec rename -n -d 's/.html/_1.html/' '{}' \;

 find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index_1.html -exec sed -i 's+</index.html>+</index_1.html>+g' {} +

{} is the receptacle of the find : here : index_1.html
sed uses + (cannot use / here) or can be nearly any 1 bit character even space (not some confusing | or \ for example)
is the last + correct or ; (escaped;) : verified, yes they are
I still need to make a test somewhere (on my own pod or on my server)

*** stats results on solidcommunity.net server*** 
 root@solidcommunity:/mnt/volume_lon1_01/solid.community# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index_1.html.acl | wc -l
0
root@solidcommunity:/mnt/volume_lon1_01/solid.community# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index_1.html | wc -l
49989
root@solidcommunity:/mnt/volume_lon1_01/solid.community# find /mnt/volume_lon1_01/solid.community -maxdepth 2 -mindepth 2 -name index.html.acl | wc -l
49446
root@solidcommunity:/mnt/volume_lon1_01/solid.community#

[bourgeoa]

Timea @theRealImy Feb 02 15:23
aclCopy.sh
this is my script, not sure it works cleanly on linux