11:54:10 RRSAgent has joined #miniapp 11:54:14 logging to https://www.w3.org/2023/03/23-miniapp-irc 11:54:24 Meeting: MiniApps WG & CG Joint Meeting 11:54:26 present+ 11:54:34 rrsagent, make log public 11:54:37 rrsagent, make minutes 11:54:38 I have made the request to generate https://www.w3.org/2023/03/23-miniapp-minutes.html xfq_ 11:59:40 present+ martin 12:00:03 present+ Zitao_Wang 12:00:09 martin has joined #miniapp 12:00:30 present+ 12:01:57 present+ Dan_Zhou 12:03:01 chair: Zitao_Wang 12:03:05 scribe: xfq_ 12:04:03 Open PRs for UI components: https://github.com/w3c/miniapp-components/pulls 12:04:23 zitao: martin has sent PRs 12:04:30 ... any comments? 12:04:37 Topic: Components 12:04:48 dan: working on Addressing 12:05:02 ... haven't looked at components yet 12:05:34 zitao: components will be a note 12:06:02 ... next step is to talk with web components folks 12:06:50 dan: I will review this PR before next week 12:07:07 ... and will either approve or comment on them 12:07:16 s/this PR/these PRs 12:07:33 martin: if you see anything you want to change, just comment 12:07:38 ... I'll iterate 12:08:16 Topic: Addressing 12:08:25 present+ Jia_Wang 12:08:54 dan: when I update the Addressing explainer last year 12:08:58 ... I found some issues 12:09:23 ... @@ origin needs help 12:10:26 https://github.com/w3c/miniapp-addressing/pull/13 12:11:15 [dan shares her screen] 12:11:29 dan: when the URI scheme is https, the origin is the part before the first slash 12:12:03 ... but the origin should be the whole URL, which includes the platform, miniapp name, and miniapp platform 12:12:09 present+ 12:12:28 ... there are differences between URL origin and miniapp origin 12:13:42 zitao: I think we can talk about it later to see how we can harmonize 12:13:56 ... thank you 12:14:25 Topic: Manifest and Packaging 12:14:32 martin: no activity on manifest 12:14:44 ... about Packaging 12:14:47 https://github.com/w3c/miniapp-packaging/pull/65 12:15:17 ... would like to address the comment from the privacy review 12:15:28 ... this is not related to the TAG review 12:15:35 ... but it is an issue we need to solve 12:16:01 ... to protect the user's privacy we should clear the data 12:16:43 ... it's referring to the Lifecycle spec 12:16:58 ... unless you have any objections, I would like to merge it 12:17:31 present+ QingAn 12:17:47 dan: +1 12:18:29 martin: when the Lifecycle spec is updated, I'll update the Packaging spec 12:18:47 QingAn: I've submitted a PR to the Lifecycle spec 12:19:05 ... please take a look 12:19:19 https://github.com/w3c/miniapp-lifecycle/pull/37 12:22:09 Topic: TAG's comments on MiniApp specs 12:22:15 https://github.com/w3c/miniapp/issues/195 12:22:53 zitao: I think people have reviewed this and understand the issue around origin model 12:23:09 ... martin, can you introduce your idea? 12:23:56 martin: most of my comments are related to the use cases 12:24:11 ... the first one is about the origin model 12:24:58 ... if the miniapp protocol is http/https we can preserve the origin model 12:25:17 ... user agents can implement this 12:25:37 ... in this case the problem is solved 12:25:54 qing: is the miniapp publisher the miniapp platform? 12:26:03 martin: it's where you find the miniapp on the web 12:26:18 ... a marketplace, or a web server 12:26:26 ... can be accessed using https 12:26:44 qing: I'm not sure if it can address TAG's concern 12:27:56 ... if the miniapp publisher is a marketplace, if a miniapp is developed by the marketplace, we can achieve this, but if the miniapp is developed by a third-party developer, I don't think we can achieve this 12:28:08 martin: in this case the origin will be the publisher 12:28:45 qing: I discussed this with zitao and dan 12:29:18 ... if the miniapp is not developed by the miniapp platform, we should also preserve the origin model 12:29:46 ... I think folks from Baidu has a proposal, but they're not ready to present this today 12:30:09 dan: I think the TAG asked us to use the http scheme, not the file scheme 12:30:43 ... first we need to make package use http(s) 12:30:48 s/package/packages 12:31:23 dan: my colleegue will talk about it next time 12:31:56 ... the second question is end-to-end cryptographically guaranteed scheme 12:32:21 ... we need to make the digital signature more secure 12:32:33 ... my colleegue will talk about this too next time 12:32:48 ... he knows more than me 12:33:57 martin: @@1 12:34:41 ... feel free to comment on the issue 12:35:44 ... another thing is a new member in the Manifest spec about Content Security Policy 12:36:38 zitao: I'm thinking about how the super app is initiating the miniapp 12:37:16 ... the miniapp developer develops the miniapp, publish it in the miniapp platform 12:37:47 ... if the miniapp publisher can directly uses the miniapp developer's URL, it could just work 12:38:06 ... we should think about whether it works 12:38:18 ... maybe it can help move forward 12:38:43 martin: if you want to comment on the issue, I think we can continue the discussion offline 12:38:58 ... if you want to organise a special meeting, I'm also OK with it 12:39:11 zitao: I think it is a really important issue and we need to address it 12:39:31 qing: for the thrid point ZIP, martin, do you think we should continue using ZIP? 12:39:53 martin: when we started working on the spec, the requrirement was to use ZIP 12:40:44 ... if there's strong objection on using ZIP then we could change it 12:41:33 ... I'd be happy to evolve the document based on your comments 12:42:02 qing: I think this comment is not a blocking issue comparing with the first and second one 12:42:41 ... but my suggestion is that if we can reuse the web bundles spec it can help resolve this issue 12:42:51 ... not sure if it's possible, but just an idea 12:43:07 zitao: most MiniApps use ZIP 12:43:26 ... Bilibili and Bytedance might have ways of streaming a miniapp 12:43:33 ... I'll talk with them 12:43:57 ... I agree with you than #1 and #2 are more important 12:44:00 https://github.com/w3c/miniapp/pull/1 : fix: fix Mini Program to Quick App; ETC; Baidu Smart Mini Program 12:44:01 https://github.com/w3c/miniapp/pull/2 : Fixed typo 12:44:06 s/than/that 12:44:59 qing: we can have a separate meeting next week on the TAG feedback 12:45:28 ... since we're recharting the group, this could help reducing potential objections on rechartering the WG 12:47:12 xfq: Looking forward to this discussion to clarify the blocking issues. 12:47:32 Topic: TPAC 12:47:55 xfq: I wonder what is your plan for the TPAC. 12:48:05 scribe+ martin 12:48:14 https://www.w3.org/2002/09/wbs/1/GroupsTPAC2023/ 12:48:15 ... will we meet in TPAC? 12:48:52 zitao: maybe we can discuss this on github 12:49:07 zitao: We need to think on this, it could be possible. I think we should be there. 12:49:21 martin: I'll be there, for sure 12:49:53 dan: for me it's a little bit difficult 12:50:29 martin: good food, good whether, nice people here in Spain! 12:51:09 martin: the event we organised in Spain was a really nice event 12:51:25 ... organised by the W3C Spanish Chapter 12:51:42 ... the local authorities were there 12:52:00 ... many people were interested in W3C technologies 12:52:09 ... tom presented pwa and fugu 12:52:20 ... qing presented MiniApps for IoT 12:52:56 ... three different orgs asked me to repeat the event in Spain 12:53:11 ... it was really good 12:53:31 zitao: if you have videos or other resources please share it with the group 12:53:37 martin: I'll create a report 12:53:44 ... and a 4-minute video 12:53:56 So far this is the video posted by W3C Spain: https://www.youtube.com/watch?v=JPJoyJ-_l9Y 12:55:39 next meeting, April 27 12:55:42 +1 27 12:56:04 rrsagent, make minutes 12:56:06 I have made the request to generate https://www.w3.org/2023/03/23-miniapp-minutes.html xfq_ 13:05:44 xfq__ has joined #miniapp 13:16:38 xfq_ has joined #miniapp 14:01:00 xfq__ has joined #miniapp 14:08:35 xfq__ has joined #miniapp 14:20:55 Zakim has left #miniapp 14:25:50 xfq__ has joined #miniapp 14:37:59 xfq_ has joined #miniapp 14:40:34 xfq__ has joined #miniapp