Search results

Another OpenAPI tool crashes and burns

FenTiger @fentiger@zotum.net

Just over a year after Go's OpenAPI generator let me down, the #ActivityPub Content-Type causes the same problem again, this time in Python:
example_client/api/default/put_object.py:34:62: SyntaxError: Simple statements must be separated by newlines or semicolons
   |
33 |     _kwargs["json"] = _body
34 |     headers["Content-Type"] = "application/ld+json; profile="https://www.w3.org/ns/activitystreams""
   |                                                              ^
Is it really that unusual to include parameters in MIME types like this? I'm sure I've seen them all over the place.

Or am I venturing off the beaten track by trying to be explicit about them in my openapi.yml file?

#ActivityPubDev #BangHeadHere
Read more →
0
0
0

Interesting new DID method: "did:self"

FenTiger @fentiger@zotum.net

One consequence of trying to separate identity hosting from the other components of the system is that it makes the other components harder to bootstrap. If I run just one component of my instance in isolation, how can I authenticate to it in order to configure/manage/test it, if I don't have an identity that I can use?

The answer might be to use a did:self identifier. The flow would look something like

  • Management CLI tool generates a JWT describing a did:self identifier, and stores the private key locally
  • Admin uses scp or something to copy this JWT to the right place on the server
  • The server now has the ID's public key and so the CLI tool can prove that it "owns" the identifier

Which seems like a reasonable fix for the classic problem of "how do you create the first user", and also a useful fallback for when the system is too badly borked to be able to look up real identities.

Another interesting property of did:self is that seems to be possible to add extra metadata, such as a human-readable name, to the ID, by using standard JWT claims - without needing the data to appear in the DID document.

Of course these identities will only be visible to the server they're copied to, not to the whole network, but that shouldn't be a major problem.

(Cue the peanut gallery, with their suggestions of "it's easy, just do so-and-so", because everything looks easy when you take it out of context...)

#ActivityPubDev #FediDev
Read more →
0
0
0
LyegEsp @lyegesp@masto.es
Public

💡 Proposal for ActivityPub: FediStamp

What if any federated platform (Mastodon, WordPress, Pixelfed, PeerTube, WriteFreely...) could offer automatic certification of original content?

When publishing a poem, article, photo or video, you check "Certify original content" and the system gives you:

🔗 A public verifiable link to the registry

📄 A .fedistamp file as permanent proof

✅ A visible badge (Certified content) with clickable link

🧩 Metadata embedded in ActivityPub that travels with each share

Example: I publish a poem on Mastodon, enable the option, and instantly get my ✓ certified proof of authorship.

👉 This doesn't replace copyright (which already protects you), but strengthens it with technical evidence of authorship and date.

⚡ Key points:

Only registers the content hash (no cryptocurrency, just authorship certification).

Free.

Opt-in: you choose what to certify.

Automatic protection for creators across the federated ecosystem, without relying on centralized platforms.

I'm not a programmer, just a writer who sees the need. If someone technical sees merit and feasibility, go ahead.

0
0
0
0
0
0

Flag Activity

FenTiger @fentiger@zotum.net

Is there any information anywhere on how the Flag activity is used in practice?

As ever, the spec only tells me that it exists; it doesn't say anything about what it contains, where it gets delivered to, how the recipient processes it, etc.

Maybe I could find out more by setting up some test instances and experimenting with it, or by trying to trawl through various repositories to find the relevant source code - but it seems a lot quicker to just ask.

#ActivityPub #ActivityPubDev #FediDev #FediDevs
Read more →
0
0
0
marius @mariusor@metalhead.club
Public

For the past couple of days I've been hard at work writing documentation in the attempt to decrease the friction for developers that try for their applications.

I am of a mind to pay some developers in the near future to do a weekend's worth of programming into trying to use the library in projects, so we can iron out potential issues with the use of the library itself and the documentation.

Anyone interested?

0
0
0
marius @mariusor@metalhead.club
Public

I just realized that the default specifications for ActivityPub/ActivityStreams do not have a way to perform an update on an object's ID. (ie, moving it from example.com/1 -> example.com/2)

An Update activity does not allow ID updates because it would lose the reference to the original one. (It can be massaged by using an Origin property, but I don't like that).

Another option would be to use a Move activity (which is defined as moving objects between collections), where the Origin property is the object itself instead of a collection. (I like this behaviour better, as it requires less divergence from the spec)

0
0
0
marius @mariusor@metalhead.club
Public

I just realized that the default specifications for ActivityPub/ActivityStreams do not have a way to perform an update on an object's ID. (ie, moving it from example.com/1 -> example.com/2)

An Update activity does not allow ID updates because it would lose the reference to the original one. (It can be massaged by using an Origin property, but I don't like that).

Another option would be to use a Move activity (which is defined as moving objects between collections), where the Origin property is the object itself instead of a collection. (I like this behaviour better, as it requires less divergence from the spec)

0
0
0
Jaeyeol Lee @kodingwarrior@hackers.pub
Public

Remote Follow가 어떻게 구현이 되어있나하고 궁금해서 찾아봤는데, WebFinger를 응용하긴 하는 듯

  • Akkoma 구현 - Server에서 Webfinger 요청날리고, 해당 서버 기준의 프로필 페이지로 안내
  • Mastodon 구현 클라이언트에서 Webfinger 요청 날리고, /authorized_interactions 경로로 리다이렉트

Summary card of repository AkkomaGang/akkoma

akkoma/lib/pleroma/web/twitter_api/controllers/util_controller.ex at e2987402b3f5d731a8627e8748dfc03287acaf27

akkoma - Magically expressive social media

akkoma.dev · Akkoma Development

1
0
0
0
0
0
FenTiger @fentiger@zotum.net
Public
Another nail in the coffin for #JsonLD:

{
    "id": "https://zotum.net/conversation/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
    "orderedItems": [
        {
            "type": "Add",
            "object": {
                "type": "Create",
                "object": {
                    "type": "Note",
                    "id": "https://zotum.net/item/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
                    "published": "2025-02-25T20:28:33Z",
                    [... original version of post ... ]
                },
            },
        },
        {
            "type": "Add",
            "object": {
                "type": "Update",
                "object": {
                    "type": "Note",
                    "id": "https://zotum.net/item/235e8736-1b3e-4d7f-ab9e-3d49f04ecda7",
                    "published": "2025-02-25T20:28:33Z",
                    "updated": "2025-02-25T20:29:03Z",
                    [... edited version of post ...]
                },

That's a post that I edited shortly after I first made it. The corresponding conversation container contains both the original Create, and an Update with the changes. This means that the embedded Note object appears twice, with different contents, but with the same ID.

JSON-LD processing will kind of squish them together into the same object that contains both the original and the new content etc. Handling this as JSON-LD will mean recognising the high level structure of it first, and then iterating over the orderedItems and processing them individually, rather than trying to treat the whole thing as a single JSON-LD message.

#ActivityPubDev

Zotum

zotum.net

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0