Pascal Birchler

Category: General

  • AMP Fest 2020: Web Stories for WordPress

    AMP Fest 2020: Web Stories for WordPress

    Yesterday, on October 13th, AMP Fest 2020 took place — a free online event on all things AMP ⚡. There was a wide variety of sessions covering performance, Web Stories, AMP For Email and many more things.

    I had the opportunity to participate in AMP Fest with a talk on Web Stories for WordPress, a new visual editor I’ve been working on that brings first-class Web Stories support to WordPress. You can rewatch my AMP Fest session on YouTube to learn all about it:

    I was really excited to share my perspective on Web Stories for WordPress and its benefits for web creators. If you wanna check it out yourself, learn more about it on the plugin website or download it from the WordPress.org plugin directory.

    Check out the event playlist on the AMP YouTube channel for more great content from this year’s event!

  • Automated AMP Validation using Jest and AMP Optimizer

    Automated AMP Validation using Jest and AMP Optimizer

    At Google I am currently working on a new editor to create visual stories on the web. Under the hood, Web Stories are powered by the AMP story format.

    AMP is a simple and robust format for creating user-first web experiences. One of its benefits is the AMP HTML specification. The spec defines the markup requirements for a document to be considered AMP-valid. Tools like the AMP Validator allow developers to easily verify the validation status of a given web page.

    For our project, it is important that the resulting stories always adhere to the specification. In order to guarantee AMP-valid output and prevent regressions, we needed a way to automate the validation process and integrate it into the development workflow.

    Performing AMP Validation

    So how can we run the AMP Validator as part of our test suite? Luckily, the AMP project maintains the official amphtml-validator npm package. The package offers both a command line tool as well as a Node.js API. Using this API we can parse a given string and return a list of found errors:

    import amphtmlValidator from 'amphtml-validator';

async function getAMPValidationErrors(string) {
  const validator = await amphtmlValidator.getInstance();
  const { errors } = validator.validateString(string);

  const errorMessages = [];

  for (const err of errors) {
    const { message, specUrl } = err;

    const msg = specUrl ? `${message} (see ${specUrl})` : message;

    errorMessages.push(msg);
  }

  return errorMessages;
}
Code language: JavaScript (javascript)

    Custom Jest Matchers

    The Web Stories editor is written in React, and Jest is our unit testing framework of choice. It seemed obvious that we’d want to try automated AMP Validation using Jest. For that, we can leverage Jest’s custom matchers API. Custom matchers allow writing tests like this:

    it('should produce valid AMP output', async () => {
  await expect(<MyComponent />).toBeValidAMP();
});Code language: JavaScript (javascript)

    Next, we need to write our custom matcher that leverages the above helper function and displays potential errors to the developer. At this point it’s worth noting that the validator only parses static strings. Since we want to pass rendered components to the matcher, we need to process them accordingly using something like renderToStaticMarkup.

    import { renderToStaticMarkup } from 'react-dom/server';

async function toBeValidAMP(component, ...args) {
  const string =  '<!DOCTYPE html>' + renderToStaticMarkup(component);
  const errors = await getAMPValidationErrors(string, ...args);
  const pass = errors.length === 0;

  return {
    pass,
    message: () =>
      pass
        ? `Expected ${string} not to be valid AMP.`
        : `Expected ${string} to be valid AMP. Errors:\n${errors.join('\n')}`,
  };
}

expect.extend({
  toBeValidAMP,
});
Code language: JavaScript (javascript)

    That’s it! We now have a new Jest matcher that validates our component’s output and warns us when invalid markup is encountered!

    However, the markup will inevitably be invalid, because it lacks the required HTML in the document head, like the AMP boilerplate code. Here is where the AMP Optimizer comes into play.

    Leveraging AMP Optimizer

    AMP Optimizer is a tool to simplify creating AMP pages. One of the many optimizations it performs is automatically importing missing AMP component scripts and adding any missing mandatary AMP tags. This is exactly what we need! Transforming our original markup using AMP Optimizer is as easy as follows:

    import AmpOptimizer from '@ampproject/toolbox-optimizer';

const ampOptimizer = AmpOptimizer.create();
const params = {
  canonical: 'https://example.com',
};
const string = await ampOptimizer.transformHtml(
  renderToStaticMarkup(component),
  params
);

// ...
Code language: JavaScript (javascript)

    If we now run the resulting markup through the validator, it won’t complain about missing boilerplate code, but instead only about issues in our original component. One minor drawback there: if it does find issues, our custom Jest matcher will print the whole optimized AMP markup to the console (“Expected ${string} not to be valid AMP.“).

    We can circumvent this by validating the optimized markup, but only printing our original, unoptimized markup in the case of an error:

    const string = renderToStaticMarkup(stringOrComponent);
const ampOptimizer = AmpOptimizer.create();
const params = {
  canonical: 'https://example.com',
};
const optimized = await ampOptimizer.transformHtml(
  '<!DOCTYPE html>' + string,
  params
);
const errors = await getAMPValidationErrors(optimized, ...args);

// ...
Code language: JavaScript (javascript)

    Et voilà! Put all these pieces together and you have fully functioning and automated AMP validation using Jest and AMP Optimizer!

    The Final Result

    Now, when using an assertion like expect(output).toBeValidAMPStoryElement() in your test suite, you would get a message like follows in case of AMP validation errors:

    Expected <amp-video autoPlay="true" poster="https://example.com/poster.png" artwork="https://example.com/poster.png" alt="" layout="fill" loop="loop"><source type="video/mp4" src="https://example.com/image.mp4"/></amp-video> to be valid AMP. Errors:
    The attribute 'autoplay' in tag 'amp-story >> amp-video' is set to the invalid value 'true'. (see https://amp.dev/documentation/components/amp-video)Code language: PHP (php)

    Curious to see the whole source code? Check out the Web Stories editor’s GitHub repository.

  • Get Ready for WordCamp Zurich 2019

    Get Ready for WordCamp Zurich 2019

    It’s been a while since I have been involved with organizing a WordCamp. After a 4-year break, this is changing now. I am very excited that WordCamp Zurich is taking place on September 14, 2019.

    Back in 2014 and 2015, we already hosted two amazing WordPress conferences in Zurich. After a small local event in Switzerland in 2011, those were the first bigger WordCamps with a more international audience. We called them WordCamp Switzerland, as the Swiss community felt we were to small to host city-named events.

    In the following years, many things have changed. The Swiss WordPress community was — and still is — flourishing. This year’s WordCamp Europe in Berlin is excellent proof for that, as there were about 30 attendees from Switzerland present, which I think is amazing.

    The Swiss WordPress community at WordCamp Europe 2019 in Berlin, Germany (Photo: Florian Ziegler)

    Many new WordPress meetups throughout the country have been started since the last WordCamp Switzerland. There have been WordCamps in Geneva, Bern, and Lausanne in the last three years. As a community, we thought now is a good time to go back to Zurich for once.

    What to Expect at WordCamp Zurich

    WordCamp Zurich is not just a local WordPress conference. It is a collaboration between WordPress enthusiasts and friends from all over Switzerland, joining forces to make sure this event will be just as awesome as the previous conferences.

    Conference Day

    The main event is taking place on Saturday, September 14th in the heart of Zurich. This is gonna be one full day with talks from speakers from both local and international speakers, in German and English.

    The Call for Speakers for this conference day is going to open soon, so make sure to subscribe to any news updates.

    Contributor Day

    On September 13, the day before the actual conference, we are organizing a so-called Contributor Day. This event gives you a special opportunity to learn more about how you can contribute to the WordPress open source project.

    This will be a smaller gathering at a different venue. Once registration is open, we will communicate it on the WordCamp website and all social media channels.

    Call for Sponsors

    To make this event a success, the Swiss WordPress community needs your support! WordCamps are non-profit events, organized by people from within the community on a voluntary basis. We rely on companies and individual sponsors to support us, so that we are able to provide attendees with a great event at very affordable ticket prices.

    If you are interested in sponsoring WordCamp Zurich, please check out our Call for Sponsors post.

  • CMS Security Summit

    A couple of weeks ago, I had the opportunity to attend the CMS Security Summit in Chicago. For this event, Google brought together content management systems, security researchers, and hosting providers to talk about security. WordPress, powering a third of the web, was represented by security team lead Barry.

    As a WordPress core committer and Noogler, this was a very insightful event for me. All the discussions with the attendees were super valuable—just the temperatures were a bit cold for my taste (-50 degrees, yikes!). If you wanna learn more about the event, some people published recap blog posts:

    I think the key takeaway is that most projects are dealing with the same issues and that they all benefit from working more closely together. Some examples include:

    • Automatic updates and package signing
    • Code reviews and static analysis
    • Collaborating with security researchers

    For this blog post, I want to dig a bit deeper on code analysis and what it means for WordPress.

    Static Code Analysis for WordPress Plugins

    WordPress is only as strong and secure as its ecosystem. Part of that ecosystem are the 60,000 plugins and themes that are available for download on WordPress.org. It’s impossible to manually scan all these projects for potential security vulnerabilities.

    At the summit, the RIPS code analysis platform was mentioned a few times. It’s a paid solution, but they also work together with open source projects. For example, Joomla uses RIPS to continuously scan their code base. At the moment WordPress doesn’t use that tool, but for RIPS the platform is of interest either way. The just recently demonstrated this via their WordPress Security Advent Calendar.

    Another example is their security risk analysis platform, CodeRisk. According to the website, CodeRisk “rates the security risk of WordPress plugins by analyzing them with the RIPS static code analyzer and combining the results into an easy to understand value”.

    I’m not sure how useful a plain number is, but I guess it works well for marketing. Anyway, I wanted to give the site a try to find out if there’s more behind that. It turns out that as a plugin developer you get free access to their static code analysis tool to scan all your plugins for security vulnerabilities.

    This is a really nice gesture! I wondered if other people use that feature too, so I posted a quick poll on Twitter:

    In that poll nobody said they use the CodeRisk platform, which was a bit of a surprise to me. Perhaps it’s not clear enough what the site does, or it’s just too complicated to set things up.

    Tools like this demonstrate that there are lots of possibilities to improve security in the wider WordPress ecosystem and in the overall CMS landscape. I’m curious to see how this area evolves in the next few years.

  • I’m Joining Google

    I’m Joining Google

    Today I have some big personal news to share! I am very excited to announce that, starting in January, I will be joining Google as a Developer Programs Engineer here in Zurich.

    This is a quite a change for me after having worked at required for almost four years. Luckily, it doesn’t mean I won’t be working with WordPress anymore. Some have already heard about Google stepping into the WordPress ecosystem and building a dedicated team for this. Most recently, my friend and soon colleague Felix Arntz has joined — and now I am going to be part of it as well!

    Fun fact: my move has been in the making for a while and not many people knew about it. However, if you’ve paid attention, Felix has already hinted at it in his blog post. So far I only know one person who correctly guessed the news.

    I am very much looking forward to be working together with talented people like Weston Ruter, Alberto Medina, Thierry Mueller, and of course Felix. It’s going to be an exciting challenge to help improving the open web and bringing its benefits closer to WordPress.

    Before I start at Google in January, I’m going to enjoy the last few weeks working with my fabulous friends at required and also doing some travels. This includes a Christmas trip with the whole team. As we usually all work remote, this gives me a chance for a proper goodbye.

  • How to Be a Successful Software Engineer

    I’ve decided to give Medium a go and published an article there about some learnings from the Young Creators Summit in Amsterdam, Netherlands.

    You can read the full article on Medium: How to Be a Successful Software Engineer

  • New Challenges

    As I am only studying computer science part-time, I was looking for a job a couple of months ago. Today I’ve been working with required for over a month now and I already managed to develop lots of new things.

    Working with required+ allows me to work more on WordPress and contribute back to the community. We released the WP Team List plugin in February and many other plugins are already in the pipeline. I’ll be also attending more WordCamps this year: London, Vienna, Cologne and Seville are on my roadmap.

    I’m pretty excited about WordCamp Europe in Sevilla, as my speaker application was approved yesterday. I’m going to talk about Centralizing WordPress Professionals, so stay tuned!

  • Hello World!

    I finally found time to create personal website of mine in English. It’s mainly a big resume page, but I also want to post some great content in the future. Stay tuned!