Haha, yep, it's me again with some more ridiculously nerdy questions. At least you guys know that someone out there is noticing some of the gourmet ingredients you bake together into your haute cuisine of code, right?
So, first, a truly atrociously bad "bug report" regarding the Markdown parser employed in the Notes section, because it was actually a couple days ago that I attempted to use some syntactic element of Markdown and got no love, and was too busy at the time to report it, and now I don't recall all the details. Knowing me, after 18 years of volunteer editing at Wikimedia Foundation sites it was either a table, or an image. Oh, no, in fact I think it was a hyperlink (anchor link, external, might've even been a mailto: or ircs:, I can't be sure, but that's how I roll), and I know you guys previously put the kibosh on those based on security concerns, but please hear me out anyway.
I do agree that as a blanket policy, letting the general userbase run amok with Markdown is asking for headaches, that's how we get poop like GitHub-Flavored Markdown, we just can't have nice things when half the population has, by definition, a below-average IQ. However, I'm sure we can tacitly agree that restricting the Notes part of 1P to essentially plain text with Markdown just for syntactic sugar is unworthy of such a robust and powerful platform. We can be creative and think through the pitfalls, I'm certain of it. For instance, there are instances that I would really benefit from embedding images served on the public internet into the notes of my vault items, but of course being aware of how insidious an attack surface that could quickly become, I'd only want to do it from domains that I own, manage personally, and ideally have physical possession of the server and data hardware for. I think providing users with a config key that accepts an array of such domains that they wish whitelisted is a reasonable ask. You can even turn off wildcards in the array values and then if anyone unexpectedly discovers a lemonparty in their vault courtesy of Imgur/GIPHY/a random hotlink, the presence of the guilty domain in the array is proof of user erred at whitelisting, not bad software design.
My point being that in today's cloud-first world, it's reasonable to expect that more than a few of us have digital resources siloed remotely with security we're satisfied with and in light of the fact that we are always responsible for the contents of our vaults and no one else, should ultimately be the ones evaluating those risks. Just look at Obsidian as proof of how pervasive a concept brain dumps stored as Markdown have become/are becoming. You may want to counter with the fact that you already have file attachments and we can create as many data structures in vault items as we want, but when I need to review the inventory of various safety deposit boxes or registration numbers and engine sizes for a garage full of ATVs on the fly from my mobile, an attached .xls/.ods file or PDF scan of such is about the last thing I want; rather, I want that info neatly arranged in a "party like it's 1999"-chic HTML table, ideally with sortable headers and one column just for thumbnails of images served from my roll-your-own Nextcloud, all in the Notes field of a vault item. And the first 1P team member that tells me they're not privately nodding their head slowly right now and muttering "Mmmm, yeah, that would be super sweet..." is a liar. (Don't make me pontificate on how it's the perfect way to flip the criticism of the Electron frontend on its ear, by letting users make full advantage of the fact that it's a web-based UI framework to use HTML layout elements to their full advantage as Notes, because I will... )
Ugh, that was one long-damned digression, and for that I apologize. Since I need to hit the sack so let me get back to my original two inquiries as succinctly as the pleonastic male offspring of an unmarried woman can...
pulldown-cmark, but with 37 "stable" Markdown parser libraries in the wild that I know of, chances are I'd be lucky to just be way out in left field with that one and not some other ZIP code. I ask because thanks to Markdown being the hippie-dippy, free-love, "we don't need no stinking definitive specifications" language it is, us users are certain to run into quirks or absent elements we're used to using elsewhere but go nowhere in 1P, and I'd rather be able to understand those limits outright than waste precious time on field-testing some workaround we used once in a similar situation. Plus I've once or twice wanted to escape certain things from the parser entirely, a la comments in source code, and since Markdown doesn't even attempt to provide a syntax for comments other than HTML-style (and those don't work either), knowing which bronco I'm riding could clue me into how to ride it.
Alright, my most heartfelt gratitude to anyone who made it this far. I swear I don't mean to write so much to communicate so little all of the time, it just happens. If it's any consolation, I still think you all hung the moon with 1Password, even the Early Access builds have been a privilege to use and watch evolve. Thanks for hanging in there, and good night.
Peter "RogueScholar" Mello
P.S. Oh yeah...Alphabet Strip! We need one of those (a jump menu) in the 1P8 desktop clients, for moving to a specific letter in the list, a la the Win10/Win11 Start Menu or MusicBee library interface. I know there's always search, but sometimes the mouse is already in my hand, and it's a super-low footprint UI element to tuck in along some edge somewhere. Think about it, okay? Later, alligator. poofs
1Password Version: 8.2.2-39.BETA
Extension Version: 2.1.0
OS Version: Windows 11 Build 22454.1000/Kubuntu 21.10 Impish