Regardless, great work! Choosing Svelte to hit that 4.7kb mark is super sweet!
See https://docs.coralproject.net/coral/v5/integrating/cms/ to get an idea of it's use.
(We're also hiring to work on this open source project!)
For a commenting system, that sounds more like a feature than an issue to me.
Also, trying to ensure the correct quality of comments is time-consuming. If someone asks "Why would I use C#?", it might seem low quality and won't be published but what if someone asks "You are using C# but Go would make a lot of this easier", it might warrant publishing and even a reply but how many people really want to start a long discussion with a stranger about the merits of different languages?
Plenty of programmers, actually. Just see the comments on HN or reddit on posts about programming languages for example.
Hope can help.
Do not use placeholders for labels please.
It's dead, as far as I can tell.
So there's a whole bunch of improvements actively going on the behind-the-scenes (essentially a Commento v2) and I hope to announce things soon. I know support has been lackluster and I intend to turn that around too. It's certainly not dead :)
Also would love for it to be easier to match the CSS to the host site.
Was running it self-hosted on Cloudron but would be happy to try the paid, hosted product if it worked for me.
I actually sent you two emails.
I will send you another one.
Last commit is last month
> So I tried to contact the guy behind it. He didn't respond.
Did you buy support from the author? As the author of an unrelated open source project, I receive an enormous amount of messages from people feeling entitled to receive support for free on the pretext it's open source. Answering and following up on those message could well be a full time job in itself except it doesn't pay for my bills
I am sure the creator of Commento is happy you are here exacting vigilante justice against his customers for their imaginary entitlement.
I signed up for a free trial of his commento.io service, and immediately tried to integrate it with my static site.
When I ran into difficulties (bad responses from commento.io) I contacted support.
If I had got it working, I would have gladly paid him, and I would still be paying him.
I think I was within my rights to request a modicum of support during the free trial period for a paid product, and then to not pay for it when I did not receive a response.
In this context, I find your story about some open source project you have to be quite irrelevant.
You can even deploy it relatively painlessly. A little googling brought up an ansible playbook to set it up with minimal configuration: https://github.com/kathawala/commento-ansible-playbook
I've been using RemarkBox for the last couple of months and like it. It's privacy respecting, hosted, pay what you want.
Talk about a useful open source chunk of software.
Open sourcing it would be hard, because you'd have to trust everyone else to classify things correctly, or you'd have to review every input yourself. A spammer could easily sneak in a lot of false positives or false negatives to throw the entire model off.
For example, if one set of users started rating a specific subset of posts as spam, then those users could be bucketed together into a “doesn’t want to see message type A” group while others, who minded other messages, would be bucketed into a “No B-messages” group.
This would need to be applied selectively, as it could easily result in an echo chamber for normal discourse, but I would’ve given my left arm to have that sort of filtering available in the game during my WoW days. Those city spammers were unbearable!
I, of course, would have fallen into the “I don’t care how great a deal your Thunderfury, Blessed Blade of the Windseeker, is, I’m just here to socialize” bucket.
There's not a way you could choose which people/groups you trust (and don't) to classify spam correctly? Don't open source adblockers work like this?
With ad blocking you have none of that. Gigabytes of text go into training, kilobytes of inscrutable numbers go out. And all the debug info you get is how certain the computer sounded saying no.
Also, I get the impression that reCAPTCHA v3 is waaaaay less smart than people think. At a small scale, it’s near trivial to tweak your browser so it’ll give scores at opposite ends of the spectrum.
There are better alternatives like OOPSpam API that gives a score and works in the backend so no interaction with the user.
reCAPTCHA v2 is the “I’m not a robot” checkbox widget followed by challenges if Google doesn’t like you.
Invisible reCAPTCHA is reCAPTCHA v2 but the site initiates verification instead of the user being given an “I’m not a robot” checkbox widget to click; but if Google doesn’t like you, it’ll still trap you in the purgatory¹ of puzzle solving. Site operators can then blame Google, for all the good that does. “Invisible reCAPTCHA” is a bad name for the product, because it’s not invisible.
reCAPTCHA v3 never presents a challenge for you to solve, but decides a score (in practice, I’ve only seen 0.1, 0.3, 0.7 and 0.9) where higher means Google’s feeling more friendly towards you, and it’s up to the site operator to decide what to do with that score—whether to simply deny access to people that Google doesn’t like (catastrophically bad and widely illegal, as it blocks legitimate users with no recourse) or to do something else. But now the liability for blocking real people is clearly with the site operator and not Google. But of course far too many people will ignore Google’s “don’t gate on this alone” direction and just see the higher version number and assume it must be better than reCAPTCHA v2. “reCAPTCHA v3” is a bad name for the product because it’s not a CAPTCHA, as there’s no challenge; it’s straight fraud detection.
¹ Some hold it’s hell, rather than purgatory.
As @j3th9n mentioned, reCAPTCHA v3 does have challenge and you can invoke it based on a score.
(As they confirm near the start of the document, “reCAPTCHA v3 will never interrupt your users, so you can run it whenever you like without affecting conversion.”)
But cusdis looks great so far!
Just uses Git(Hub|Lab) to triage and approve comments for your static sites, like Jekyll.
Unless you're fine with re-inventing known best-practices ofc.
See https://cactus.chat, which is on the Matrix network.
Like, if I am the only one pinning (and storing) the data, everyone downloads it from me correct? Why not just use a regular storage at that point?
This is how the blockchain storage companies do it.
It can even be otherwise identical to Disqus except self hosted.
Edit: I now see the "support markdown" commit. You might want a "preview" button so people can see what they have. At the moment I see only a "Post Comment" button.
Also, does it understand the concept of canonical urls so that pages that are the same one, but with different urls, share the same comments? I searched the repo for "canonical" and didn't see anything.
Can I suggest you add something of an architecture diagram/flowchart od the website? Just a little something that illustrates what the frontend talks to, where the data is stored, that sort of thing?
Since Cusdis was designed for self-hosted, the data should be stored in your own server. The Docker image provides both sqlite and pgsql options. Then the comment widget that embed in your web page talks to this server through a http call, which fetch all the approved comments and display them.
The "Try it now" is a demo server that I've hosted for the people who want to just look around what is it look like, it's not scalable and shouldn't be used in production yet. It run in my vps on Digital Ocean, data is stored in this vps with a pgsql instance.
I have a plan to migrate the pgsql to a DigitalOcean managed database.
I hope that's not too close to the original name
Kind of like a public mailbox that you send comments to, and articles get recompiled with the comments on a static blog.
Plus, it would be naturally threaded if your mailto: link includes a thread ID.
the platform itself is stable and in production. the REST api needs some work to support accessing comments and a frontend for comments needs to be built.
unfortunately, i lack the resources to work on this right now with family and paid work taking priority.
the platform is licensed as GPL2. it was created by a german university, and i forked it after they stopped development on it, and added the REST API myself.
frontends using the REST API could be in any license of your choice, since the code would not be derived from the backend.
the implementation language is pike. (a language similar to python, but with C-syntax)
adding new abilities to the REST API should be easy enough, by looking at the existing API code. though i'd also like to create a graphql API.
the project lives at https://gitlab.com/societyserver and http://societyserver.org/
The ideal comment system for me would use the mailing list feature from SourceHut, with each post on a blog having their own list and using the In-Reply-To and Message-Id headers. SourceHut already exposes forms that sends emails to mailing lists and is open source, so I guess someone could probably look into their implementation to make this happen.
Honestly, I would pay a good amount of money to licence something simple like this on a per-website basis, as long as the code is open source and the back-end is self-hostable—extra points if the developer includes a well-written WordPress plugin.
I might look into writing a WordPress plugin that implements this idea. However, because I really like the idea and working with email in general—in no small part because of aerc—, I am obviously biased towards it, so my opinion my not be the best one. Heck, maybe there is no market for this at all.
The biggest reason why this idea will forever live in a drawer in my mental desk, however, are the privacy and potential GDPR issues; after all, anyone who leaves a comment will now have their email address exposed. I am not sure how to resolve that one.
Disqus.. the dark commenting system.
I made this walk-through video of the project inclusive the deployment to Vercel and Railway:
The interesting, for me, part is the antispam. It is also silly hard, for obvious reasons. A big part of why Disqus is hard to replace is that they're doing a great job with it. Only once you clear that bar, you can think of successful monetisation.
I.e: my blog has like... 200 visits per month? I don't have comments right now - only link to twitter/reddit - but I expect I would have a dozen comments per month, tops. At this point I don't even care about anti-spam, but if a tool asks me $10 a month, I can't justify paying it. Make it $1 and I'm in.
Do you have a tutorial for that?
1) On your computer, open Chrome.
2) At the top right, click More. Settings.
3) Click Privacy and security. Site settings.
5) Turn on Allowed (recommended).
Other browsers might have similar instructions.
I agree that it's exceedingly heavy for comment only use (and generally requires user accounts), but if you're trying to build a community that also has blog posts, the two do integrate very nicely.
Discourse is a "forum". Not the same thing.