Episode 56
Welcome to issue 56 of our Kosmos newsletter.
In case you missed it: we released Kirby 3.5.4 last week with an important security update that fixes potential XSS attacks from uploaded SVG or XML files. For details, check out our security advisory.
On Tuesday, we published RC-1 for Kirby 3.5.5 with cool new features like a refactored video KirbyTag, controlling cache expiry from controllers, improvements for the blocks field, and a lot more.
Kirbyverse
In an enlightening—albeit German—video published by publishingNETWORK, Georg Obermayr talked about the "Content First" approach they implemented for LOWA, the outdoor boots company. We are very happy and excited that we are going to run a new Stay Curious event on June 2nd with Georg & Bastian. This will give us the chance to talk a lot more about the Kirby specifics there and will be an opportunity to ask any questions you might have. The event will be free and in English and there will be a recording for anyone who cannot attend the live show.
8 Reasons for using Kirby from a happy user's perspective by Alex Mango.
Kirby in the wild
Websites created with Kirby out in the wild are always a great source of inspiration and show that with its flexibility and extensibility there are hardly any limits to what you can create with Kirby.
Plugins & Kits
Plausible is a website analytics tool with a focus on privacy. Kirby Plausible is a plugin for Plausible that provides a Panel view and simple frontend snippet.
Fetch Instagram photos without the need for app approval. The Kirby Instagram plugin will download photos and/or video thumbnails to local storage. All media will be stored in a JSON file.
Simple Staging is a plugin job for the Janitor plugin and provides a simple staging setup via PHP or rsync (still beta).
Cookbook recipe
Kirby meets Docker
Get started with Docker for development: Quickly spin up Kirby's Starterkit in a Docker container, bind local directories and add other services like MailHog.
Privacy
FLoC is Google's new way to support their business model by tracking people's behavior right in the browser without the need for 3rd-party cookies. You can read more about the background and how to opt-out in this Plausible article, and you can find out if you are already part of a cohort here (currently, this new tracking technology is not implemented in countries with GDPR in place).
There's also an article by Rohan Cumar that tries to demystify some recommendations around FLoC opt-out options.
A11y
Chartability is a methodology for making sure that data visualizations, systems, and interfaces are accessible. It provides a list of tests across 7 criteria.
Reminder to prefer semantic HTML over aria attributes added to general HTML tags whenever possible.
Frontend
One day, bundlers will hopefully be a thing of a dark past. In the meantime, if you have to learn webpack for some reason or another, check out this Webpack step-by-step-tutorial for beginners.
Manuel Matuzovic published a collection of front-end debugging script snippets to be used in the Sources panel in Chrome DevTools.
Nicholas C. Zakas gives an intro into the lazy-loading pattern in JavaScript.
In The Almost-Complete Guide to Cumulative Layout Shift, Jess P. Beck does a deep dive into what CLS means, how to measure it, and how to solve problems when you run into CLS issues.
Tools
natto.dev is a tool for fidgeting with JavaScript. Write and manipulate JavaScript expressions on a spatial canvas.
This & That
While Apache is probably still the most used web server, more and more web applications today run on nginx. If you want to get familiar with this web server software, check out the free Nginx Handbook.
Hash & manifest is a tool created by Adam Kiss that renames asset files in a directory to their hashed versions and generates a configurable manifest file.
A free MOOC about design systems with Ethan Marcotte covers topics like working with pattern libraries, user experience design and design tokens.
While writing SQL queries is probably not our main concern when working with a flat file CMS like Kirby, getting information out of databases is still something that is often necessary. SQL Best Practices has some tips for writing better queries.
Short read why storing a timestamp in place of a boolean value is often preferable and provides more meaning to data.
OverAPI.com provides all collection of useful cheat sheets for PHP, JavaScript, Node, MySQL, and more.