vnu_filter: style/comments on obsolete filter

One filter removes false-positives but has been fixed upstream; will
keep the filter for a little while until Validator.nu updates to catch
up to my local copy and validator.w3.org.

Makefile

@@ -24,7 +24,7 @@ csv/webrings.csv:
 
 .PHONY: hugo
 hugo: csv/webrings.csv $(SRCFILES)
-	sh scripts/get-token.sh
+	sh scripts/get-webmentions.sh
 	hugo -b $(HUGO_BASEURL) $(HUGO_FLAGS) -d $(OUTPUT_DIR)
 	mv $(OUTPUT_DIR)/about/_index.gmi $(OUTPUT_DIR)/about/index.gmi
 

linter-configs/vnu_filter.jq

@@ -1,8 +1,7 @@
 # Filter false positives from the .messages entry of Nu Validator output
 .messages |= map(
 	. | select(
-		.type == "error" and
-		(
+		.type == "error" and (
 			( # See https://github.com/w3c/css-validator/issues/361
 				.message == "CSS: Parse Error."
 				and .extract == "){outline:none}}@media(prefers"
@@ -10,6 +9,8 @@
 			)
 			or
 			( # See https://github.com/validator/validator/issues/1166
+			  # This false-positive has been fixed; will remove once validator.nu updates
+				# validator.w3.org/nu is up-to-date.
 				.message == "Attribute “media” not allowed on element “meta” at this point."
 				and (.extract | test(" name=\"theme-color\""))
 			)

scripts/get-token.sh

@@ -1,31 +0,0 @@
-#!/bin/sh
-#
-# Script to authenticate with webmentiond and grab a temporary generated
-# bearer token, writing it to .webmentiond-token for Hugo to then read.
-
-set -e
-
-_key() {
-	if [ -n "$BUILD_SUBMITTER" ]; then
-		cat ~/.webmentiond-key
-	else
-		pash show webmentiond-ci-key
-	fi
-}
-
-key="$(_key)"
-
-set -u 
-
-# just a lil curl wrapper I use on seirdy.one
-alias ccurl='curl --proto "=https" --proto-default https --tlsv1.3 --cert-status --compressed'
-
-_token() {
-	ccurl -sX POST https://seirdy.one/webmentions/authenticate/access-key -d "key=$key"
-}
-
-token="$(_token)"
-
-set +u
-ccurl -H "Authorization: Bearer $token" 'https://seirdy.one/webmentions/manage/mentions?limit=9999&status=approved' >data/webmentions.json
-# printf '%s' "$token" >.webmentiond-token

scripts/get-webmentions.sh

@@ -0,0 +1,44 @@
+#!/bin/sh
+#
+# Script to fetch all approved webmentions from webmentiond as a big json response.
+# Uses POSIX and cURL in CI, also uses any pass/pash-compatible pwmngr otherwise
+# The response is cached for 90 minutes.
+
+set -e -u
+
+auth_url='https://seirdy.one/webmentions/authenticate/access-key'
+webmentions_url='https://seirdy.one/webmentions/manage/mentions?limit=9999&status=approved'
+webmentions_file="$(realpath data/webmentions.json)"
+
+# just a little curl wrapper I use on seirdy.one
+alias ccurl='curl --proto "=https" --proto-default https --tlsv1.3 --cert-status'
+
+# use a long-lived key (password) to fetch a short-lived bearer token.
+key() {
+	set +u
+	if [ -n "$BUILD_SUBMITTER" ]; then
+		cat ~/.webmentiond-key
+	else
+		pash show webmentiond-ci-key
+	fi
+	set -u
+}
+
+token() {
+	ccurl -sX POST "$auth_url" -d "key=$(key)"
+}
+
+# use that token to fetch all webmentions
+fetch_webmentions() {
+	ccurl --compressed -H "Authorization: Bearer $(token)" "$webmentions_url"
+}
+
+# fetch webmentions if we don't have a fresh copy already.
+
+if [ -f "$webmentions_file" ] \
+	&& [ "$(find "$webmentions_file" -mmin +90)" == "" ]; then
+	echo 'Using cached webmentions'
+else
+	echo 'Fetching webmentions'
+	fetch_webmentions >"$webmentions_file"
+fi