@hongminhee I see, but is that safe to disseminate as part of a library? Meaning that multiple developers will be making use of those services through - what I assume to be - your account.
@hongminhee I like the part of "spinning up a temporary ActivityPub server", but how does that work? The key needs to be reachable from the internet, so DNS and such must be already set up.
@agates probably it would be useful for the people in the back to state who is the "us" that you're representing. And also what does "has chosen not to work with" actually mean?
@steve you might be right, I might have been dismissive of your comments and I apologise if I started it. :D
I think my position stems from the impression that I get from comments similar to yours, that C2S is not really under consideration due to its perceived issues, and that the implementers automatically default to anything else. That's probably not the case always.
I'll try to keep that in check for the future and be less defensive. ☮️
@hongminhee the simplest way to store ActivityPub objects is in a KV store because mainly you already have the keys: the object IRIs, and the value in the form of the raw JSON.
My advice: start with KV and plan for multiple storage options as a nice to have.
In my case the sqlite storage is used mainly as a KV store anyway, with generated columns for query convenience.
@hongminhee I think KV stores are the way because IRIs generally partition nicely by hosts. If you use a human readable IRI generation schema (eg: example.com/actors/name instead of example.com/70b5b164-2093-4c98-97e2-bc0ff49f61d0) then it partitions and queries even better.
My simplest storage option is basically just a directory tree on disk, but that's not really meant for production use. :D
> It won't take much effort for someone to write a payload running on random compromised webservers
@monsieuricon that's not true because generally servers don't accept incoming payloads if they don't have a valid HTTP Signature.
So a random compromised machine also needs access to a random compromised fediverse actor (in order to have access to its private key) so it can generate a valid signature/digest.
@drewdevault is that what you intended with your post? To get people to talk more about sexual abuse? Not to imply that Stallman condones it and even fosters it, without any consideration for the society that RMS is a product of, nor for the illness that influences his discourse?
@drewdevault your post might not make any accusations, but the implications are heavy and your replies here make your stance crystal clear.
Acknowledging Stallman is a septuagenarian that spent his life outside of regular society, probably due to his autistic tendencies, might make for a more balanced take, otherwise you're just stoking the fires of cancel culture.
His words might be questionable, but the people that use them as a start point for hurting others are entirely to blame.
Mostly a programmer.Implementing #ActivityPub in the #Go programming language.Current projects: * #GoActivityPub - a library to use ActivityPub in Go. * #FedBOX - a generic ActivityPub service supporting the client to server API. * #brutalinks - a link aggregator inspired by (old) reddit, hacker news and lobste.rs built on top of FedBOX. * #oni - a single user ActivityPub server with minimal fuss.My posts are mostly related to ActivityPub and web development.