Notices by Beady Belle Fanchannel (profpatsch@mastodon.xyz)

@silverpill @liaizon What does this mean? “Follow redirects, but set a limit. Request must be re-signed after every redirect.”

do you mean I have to check the new http signature on every 30x response? I don’t believe that can work??

@liaizon Right now it’s two golang files that do a half-assed job at implementing activitypub

@liaizon yeah, it’s published, but currently I’d not feel comfortable being listed anywhere, the code is really rough and I haven’t really made sure it’s free of security issues

@liaizon Haha, that might be true. I did link it in the post, right now it lives at https://codeberg.org/Profpatsch/Profpatsch/src/branch/canon/users/Profpatsch/booster-bot and https://codeberg.org/Profpatsch/Profpatsch/src/branch/canon/users/Profpatsch/activitypub-go

@liaizon fwiw I made & deployed some security improvements, the current security mechanisms are documented in https://codeberg.org/Profpatsch/Profpatsch/src/commit/249aa389a2023814b328af8fc795750fd28d995d/users/Profpatsch/activitypub-go/security.md

maybe @silverpill wants to take a look at whether this all sounds sensible?

@liaizon @silverpill I want to write a blog post on this at one point, but I don’t know if I missed anything or misunderstand things.

@silverpill @liaizon Another issue I noticed: “set a max request/response size” means that we are essentially forced to implement paging of outboxes both on client and server

New post: Can we have a more “social” media?

https://profpatsch.de/essays/a-more-social-media

On advertising, the Fediverse, and what a more human social web could look like.

Special mentions: @smallcircles, @phnt, @happy-programming

#fediverse #activitypub #socialmedia #writing #essay

@evan xh, a rust rewrite of httpie, both are a nicer UX alternative to curl for http-only use-cases like querying REST APIs

Sorry, but requiring requests to public activitypub objects to be signed is completely whack, merveilles.town

#activitypub #mastodon

@silverpill @Yonggan ah I skipped that one cause it lacked a motivation section

@silverpill So thinking about this, I think it has a fundamental flaw in the current setup:

Mastodon will never reply to the Announce object, it will always dereference to the original note and set that as inReplyTo.

So an ActivityPoll impl loses all interesting features, most notably replies/comments by default.

@silverpill The other issue is that remote instance actor statuses are *invisible to Mastodon until someone actively follows the actor*, so messages won’t ever propagate

@silverpill At least that’s what Sonnet gathered when I threw the codebase & FEP at it, and it matches my observations of Mastodon behaviour

This cafe has amazing ambience, but I can't share it because Mastodon does not accept .m4a

We need an audio sharing fedi plattform

@Yonggan no audio sharing not music, I feel like those have different UIs

@Yonggan but maybe not, thinking of how you can have a "post created on behalf of actor X" thing so you don't need a different account for each service cc @silverpill

@skeletor

@NeonPurpleStar bounce bounce bounce bounce