Kaspars Dambis's Avatar

Kaspars Dambis

@kaspars.damb.is

Full stack maker of things with passion for #WordPress, electronics, sustainable living, personal finance and teaching. Find me at https://kaspars.net and https://wpelevator.com

119 Followers  |  131 Following  |  340 Posts  |  Joined: 09.09.2023  |  1.7818

Latest posts by kaspars.damb.is on Bluesky

I feel like β€œblock comments” or β€œeditor comments” would avoid all confusion.

Otherwise we end up with pattern and template mess πŸ˜‡

10.10.2025 07:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

This looks fun! Just joined. See you there.

10.10.2025 07:01 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Have you experieced β€œdefault to AI” in your work?

Reading through verbose RFCs and PRDs filled with emojied lists accompanied by obviously vibe coded prototype pull requests, shared via AI composed emails and Slack threads is a sad experience.

29.09.2025 12:14 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
What the heck is BIMI and why is it so important? BIMI (or Brand Indicators for Message Identification) is critical for email deliverability. We explain what it is and how to enable it for your email messages.

Yeah, the cost of the cert is significant.

However, it seems that many email providers don’t require VMC (gmail does, though): postmarkapp.com/blog/what-th...

24.09.2025 04:54 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Set up BIMI - Google Workspace Admin Help You can use the Brand Indicators for Message Identification (BIMI) standard to add your organization’s logo to outgoing email messages sent from your organization or domain. Email clients that support

Here is how to set it up: support.google.com/a/answer/109...

23.09.2025 12:14 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Today I learned about the BIMI standard for adding a profile image or logo to your emails. It requires a DNS record that points to a SVG Tiny-P file URL.

For this to work the domain must also have a valid and passing DMARC record with a β€œquarantine” or stricter policy.

23.09.2025 12:14 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

ConvertKit is rising prices by 100% for the entry level plans.

What is your prefered email newsletter service?

17.09.2025 04:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

> the biggest problem with vibe-coded app copyright is the fact that there are no vibe-coded apps in the wild

Well, that's very true! πŸ˜†

09.09.2025 18:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Tell us the impact. Does that make up a full 1% of the full collection? πŸ˜†

09.09.2025 09:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

AI code generation is the ultimate copyright loophole -- trained on collective knowledge of copyrighted work and producing new work which is supposedly authored by the collective brain.

Who owns the copyright for all the vibe-coded apps?

09.09.2025 04:05 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

Turns out you can still do that if the birthday is 18+. Only the kids accounts enforce gmail usage because of family link requirements/compatability. Probably similar to how workspace accounts can’t pay for youtube premium.

08.09.2025 10:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

When did Google stop allowing custom emails for Google accounts (not workspace but regular accounts)?

07.09.2025 08:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

First time seeing my blog mentioned in a Google AI overview. Remember hearing in a few recent interviews with Sundar Pichai that they're now adjusting the AI Overview placement to improve source attribution.

03.09.2025 04:05 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub Pull Requests - Visual Studio Marketplace Extension for Visual Studio Code - Pull Request and Issue Provider for GitHub

Would love to have conventional comments support, though.

Get the extension here: marketplace.visualstudio.com/items?itemNa...

30.08.2025 04:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

GitHub web UI is getting slower every week! Doing code reviews is a pain now.

Use the GitHub Pull Request extension for VSCode to do them right in your editor -- leave inline comments, explore commit history, etc.

30.08.2025 04:05 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

Sharing my recent numbers not to brag but to get feedback.

I find it hard to make technical content engaging. What are the one or two things that have helped you get consistent replies and shares?

29.08.2025 12:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image

So many of the AI crawlers don't use JS-enabled browsers so you need to access raw HTTP access logs to see the actual requests.

The problem is that most of this data is terminated at your CDN level and you might never know the true amount of referrals and crawlers.

Attached is OpenAI traffic.

29.08.2025 04:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Has anyone built a WordPress version of Writebook for publishing books and manuals online?

Here is the link: once.com/writebook

28.08.2025 12:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

This is the amount of auth credentials Google expects you to pass for a simple API fetch from Google Analytics, for example. There is no way to do it with a simple API key string.

Wow!

28.08.2025 04:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - kasparsd/wp-docs-md: WordPress documentation as markdown files for LLMs WordPress documentation as markdown files for LLMs - kasparsd/wp-docs-md

Get it from: github.com/kasparsd/wp-...

26.08.2025 12:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

The combined WordPress documentation markdown files for LLMs now include the WP-CLI documentation!

26.08.2025 12:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Most WordPress plugins get abandoned not because nobody uses them but because the dev burns out.

Paying for plugins isn't about features, it's about sustainability of reliable solutions.

26.08.2025 08:35 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The verification is simple enough and the results can be cached so it is only needed when the DID content from the directory changes.

Alternatively, it could query multiple directories and compare the data to protect against a single directory takeover.

26.08.2025 04:57 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Thanks for jumping in and providing additional context!

How do you feel about all the threat models when trusting a directory HTTP response over TLS?

I feel like the clients should always implement audit log verification to confirm the signing keys. Otherwise it’s just DID:WEB.

26.08.2025 04:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Modal window showing all post meta fields and their values in the WordPress block editor.

Modal window showing all post meta fields and their values in the WordPress block editor.

Which user capability should have access to this post meta inspector modal in WordPress? Possibly with an option to edit fields directly.

26.08.2025 04:05 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Rendered diagram

Rendered diagram

Diagram source

Diagram source

Today I learned about Mermaid diagrams which are created from plain text. Turns out even GitHub markdown supports them and LLMs are great at generating them.

Checkout this GitHub issue for an example: github.com/fairpm/fair-...

25.08.2025 12:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

From the genesis op in the audit log you derive and compare the DID (which you have). With the rest of operations you determine that the final signing key is valid.

The only remaining risk is stale data with an old and compromised key. That can be solved by comparing results from two directories.

25.08.2025 05:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Resolving Identities | Bluesky Identities in the Bluesky network consist of multiple parts:

Turns out it’s called out here:

> For did:plc specifically, implementations should decide whether to trust the PLC directory to return accurate DID documents, or to fetch the operation log (or even audit log) and fully re-validate the operations.

docs.bsky.app/docs/advance...

24.08.2025 21:37 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

With web DIDs I totally get that each vendor is responsible for keeping the domain (and the reported public key) secure, but putting all PLC DID trust into a single hostname _without_ the op step verification is extremely risky IMHO.

24.08.2025 21:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

That’s like trusting WP-org to return my untampered signing public key πŸ˜… what if somebody fails to renew plc.directory or injects random stuff?

The whole promise of DID fails if we start trusting random JSON payloads without verifying them.

24.08.2025 20:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@kaspars.damb.is is following 20 prominent accounts