If you're trying to dereference all RDF namespaces found in the #ActivityStreams JSON-LD document you must first download the internet.
Now downloading google.com...
Search results
Hi @marius!
I just managed to make a C2S post to my work-in-progress ActivityPub instance using your BOX client.
I had to make a couple of minor changes to it:
Are you interested in patches/PRs? What's the best way to submit them?
#ActivityPubDev
I just managed to make a C2S post to my work-in-progress ActivityPub instance using your BOX client.
I had to make a couple of minor changes to it:
- The
authorizecommand respects$HTTPS_PROXY, but thepostcommand doesn't. I had to change this to get it to talk to services on my test network. - It doesn't send an OAuth
stateparameter; the OAuth server library I'm using complains about this so I fixed it.
Are you interested in patches/PRs? What's the best way to submit them?
#ActivityPubDev
Another OpenAPI tool crashes and burns
FenTiger @fentiger@zotum.net
Just over a year after Go's OpenAPI generator let me down, the #ActivityPub Content-Type causes the same problem again, this time in Python:
Or am I venturing off the beaten track by trying to be explicit about them in my
#ActivityPubDev #BangHeadHere
Read more →example_client/api/default/put_object.py:34:62: SyntaxError: Simple statements must be separated by newlines or semicolons
|
33 | _kwargs["json"] = _body
34 | headers["Content-Type"] = "application/ld+json; profile="https://www.w3.org/ns/activitystreams""
| ^Or am I venturing off the beaten track by trying to be explicit about them in my
openapi.yml file?#ActivityPubDev #BangHeadHere
Interesting new DID method: "did:self"
FenTiger @fentiger@zotum.net
One consequence of trying to separate identity hosting from the other components of the system is that it makes the other components harder to bootstrap. If I run just one component of my instance in isolation, how can I authenticate to it in order to configure/manage/test it, if I don't have an identity that I can use?
The answer might be to use a did:self identifier. The flow would look something like
Which seems like a reasonable fix for the classic problem of "how do you create the first user", and also a useful fallback for when the system is too badly borked to be able to look up real identities.
Another interesting property of
Of course these identities will only be visible to the server they're copied to, not to the whole network, but that shouldn't be a major problem.
(Cue the peanut gallery, with their suggestions of "it's easy, just do so-and-so", because everything looks easy when you take it out of context...)
#ActivityPubDev #FediDev
Read more →The answer might be to use a did:self identifier. The flow would look something like
- Management CLI tool generates a JWT describing a
did:selfidentifier, and stores the private key locally - Admin uses
scpor something to copy this JWT to the right place on the server - The server now has the ID's public key and so the CLI tool can prove that it "owns" the identifier
Which seems like a reasonable fix for the classic problem of "how do you create the first user", and also a useful fallback for when the system is too badly borked to be able to look up real identities.
Another interesting property of
did:self is that seems to be possible to add extra metadata, such as a human-readable name, to the ID, by using standard JWT claims - without needing the data to appear in the DID document.Of course these identities will only be visible to the server they're copied to, not to the whole network, but that shouldn't be a major problem.
(Cue the peanut gallery, with their suggestions of "it's easy, just do so-and-so", because everything looks easy when you take it out of context...)
#ActivityPubDev #FediDev
💡 Proposal for ActivityPub: FediStamp
What if any federated platform (Mastodon, WordPress, Pixelfed, PeerTube, WriteFreely...) could offer automatic certification of original content?
When publishing a poem, article, photo or video, you check "Certify original content" and the system gives you:
🔗 A public verifiable link to the registry
📄 A .fedistamp file as permanent proof
✅ A visible badge (Certified content) with clickable link
🧩 Metadata embedded in ActivityPub that travels with each share
Example: I publish a poem on Mastodon, enable the option, and instantly get my ✓ certified proof of authorship.
👉 This doesn't replace copyright (which already protects you), but strengthens it with technical evidence of authorship and date.
⚡ Key points:
Only registers the content hash (no cryptocurrency, just authorship certification).
Free.
Opt-in: you choose what to certify.
Automatic protection for creators across the federated ecosystem, without relying on centralized platforms.
I'm not a programmer, just a writer who sees the need. If someone technical sees merit and feasibility, go ahead.
#ActivityPub #Fediverse #FediStamp #FEP #ActivityPubDev #Mastodon #WordPress #Pixelfed #PeerTube #Creators #OpenSource #DigitalRights #OpenProposal
Writing documentation was good for #GoActivityPub.
It gives me the opportunity to go through some user scenarios for the tools I'm documenting and make sure that they work the way I'm describing.
I've fixed a couple of issues in this way these past days.
https://man.sr.ht/~mariusor/go-activitypub/go-ap/pitfalls.md#changing-the-type-of-an-object
Flag Activity
FenTiger @fentiger@zotum.net
Is there any information anywhere on how the Flag activity is used in practice?
As ever, the spec only tells me that it exists; it doesn't say anything about what it contains, where it gets delivered to, how the recipient processes it, etc.
Maybe I could find out more by setting up some test instances and experimenting with it, or by trying to trawl through various repositories to find the relevant source code - but it seems a lot quicker to just ask.
#ActivityPub #ActivityPubDev #FediDev #FediDevs
Read more →As ever, the spec only tells me that it exists; it doesn't say anything about what it contains, where it gets delivered to, how the recipient processes it, etc.
Maybe I could find out more by setting up some test instances and experimenting with it, or by trying to trawl through various repositories to find the relevant source code - but it seems a lot quicker to just ask.
#ActivityPub #ActivityPubDev #FediDev #FediDevs
For the past couple of days I've been hard at work writing documentation in the attempt to decrease the friction for developers that try #GoActivityPub for their applications.
I am of a mind to pay some #Go developers in the near future to do a weekend's worth of programming into trying to use the library in projects, so we can iron out potential issues with the use of the library itself and the documentation.
Anyone interested?
I just realized that the default specifications for ActivityPub/ActivityStreams do not have a way to perform an update on an object's ID. (ie, moving it from example.com/1 -> example.com/2)
An Update activity does not allow ID updates because it would lose the reference to the original one. (It can be massaged by using an Origin property, but I don't like that).
Another option would be to use a Move activity (which is defined as moving objects between collections), where the Origin property is the object itself instead of a collection. (I like this behaviour better, as it requires less divergence from the spec)
Is anyone aware of a FEP for that?
I just realized that the default specifications for ActivityPub/ActivityStreams do not have a way to perform an update on an object's ID. (ie, moving it from example.com/1 -> example.com/2)
An Update activity does not allow ID updates because it would lose the reference to the original one. (It can be massaged by using an Origin property, but I don't like that).
Another option would be to use a Move activity (which is defined as moving objects between collections), where the Origin property is the object itself instead of a collection. (I like this behaviour better, as it requires less divergence from the spec)
Remote Follow가 어떻게 구현이 되어있나하고 궁금해서 찾아봤는데, WebFinger를 응용하긴 하는 듯
- Akkoma 구현 - Server에서 Webfinger 요청날리고, 해당 서버 기준의 프로필 페이지로 안내
- Mastodon 구현 클라이언트에서 Webfinger 요청 날리고, /authorized_interactions 경로로 리다이렉트
Grrrr spent almost an hour debugging a problem. It was the receiver as:Public. as:Public is the devil !
Another nail in the coffin for #JsonLD:
That's a post that I edited shortly after I first made it. The corresponding conversation container contains both the original Create, and an Update with the changes. This means that the embedded Note object appears twice, with different contents, but with the same ID.
JSON-LD processing will kind of squish them together into the same object that contains both the original and the new
#ActivityPubDev
{
"id": "https://zotum.net/conversation/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
"orderedItems": [
{
"type": "Add",
"object": {
"type": "Create",
"object": {
"type": "Note",
"id": "https://zotum.net/item/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
"published": "2025-02-25T20:28:33Z",
[... original version of post ... ]
},
},
},
{
"type": "Add",
"object": {
"type": "Update",
"object": {
"type": "Note",
"id": "https://zotum.net/item/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
"published": "2025-02-25T20:28:33Z",
"updated": "2025-02-25T20:29:03Z",
[... edited version of post ...]
},That's a post that I edited shortly after I first made it. The corresponding conversation container contains both the original Create, and an Update with the changes. This means that the embedded Note object appears twice, with different contents, but with the same ID.
JSON-LD processing will kind of squish them together into the same object that contains both the original and the new
content etc. Handling this as JSON-LD will mean recognising the high level structure of it first, and then iterating over the orderedItems and processing them individually, rather than trying to treat the whole thing as a single JSON-LD message.#ActivityPubDev
What to learn more about the #fediverse and #ActivityPub? This tutorial (https://fedify.dev/tutorial/microblog) from 
I've made good progress again in the last few days. My signature problems seem to have vanished into thin air. Still having some trouble with reject/undo follow(ing), but I need a break from that for now. Today I took care of the display of the 
@Kartevonmorgen events. I'm very happy, even if something is still going wrong with the redundant data.
I'm confused again. from a C2S perspective, “reject following” and “reject follower” look structurally identical, don't they?
@silverpill any idea if there's a FEP regarding how to sign an activity that gets propagated through the Forwarding from Inbox mechanism? https://www.w3.org/TR/activitypub/#inbox-forwarding
My first instinct is to use the instance actor for the server that received it, but I'm not sure.
Maybe the actor that received it in their inbox would be better, but that feels slightly unsanitary.
Anyone else keeping track of these tags feel free to jump in if you have any actionable ideas. :) TY
@silverpill any idea if there's a FEP regarding how to sign an activity that gets propagated through the Forwarding from Inbox mechanism? https://www.w3.org/TR/activitypub/#inbox-forwarding
My first instinct is to use the instance actor for the server that received it, but I'm not sure.
Maybe the actor that received it in their inbox would be better, but that feels slightly unsanitary.