If you're working on #ActivityPub, I *highly* recommend the new draft report on using HTTP Signature and ActivityPub by @snarfed.org and @nightpool . This draft just hit the stands this week, and it's a really complete coverage of the topic.
36 posts total
12
Evan Prodromou
If you're working on #ActivityPub, I *highly* recommend the new draft report on using HTTP Signature and ActivityPub by @snarfed.org and @nightpool . This draft just hit the stands this week, and it's a really complete coverage of the topic.
Evan Prodromou
Anonymous poll
Poll
Strongly agree
291
85.8%
Somewhat agree
39
11.5%
Somewhat disagree
7
2.1%
Strongly disagree
339 people voted. 2
0.6%
Voting ended 20 March at 23:40.
Show previous comments
Andrew Eisenberg❗️
@evan It’s an open standard. If someone isn’t allowed to implement it, then it’s not open. It’s equivalent to putting up a billboard in a public place and questioning if everyone is allowed to read it.
Evan Prodromou
The unbearable shame of using ddrescue
Evan Prodromou
I am so grateful to be part of the fediverse with you.
Alan Langford
@evan You're in the middle of one of those artsy-fartsy be-one-with-the-universe seminars, aren't you? ;)
Evan Prodromou
I'm implementing some sample code for the #ActivityPubBook at https://github.com/evanp/bots-rodeo . I'm realizing that we can really get wedged on delivery between using `sharedInbox` and `bto` or `bcc`. Preventing double delivery is kind of a chore, here.
Evan Prodromou
Basically, if `userA@domain1` has followers `userB@domain2`, `userC@domain2`, and `userD@domain2`, and they have an activity that has `to`: `followers` and `bcc`: `userD@domain2`, and domain2 has a shared inbox, you can't deliver to the shared inbox without double-delivery to userD. domain2 can do double-delivery-detection, but that kind of sucks.
Evan Prodromou
"This document is dedicated to all citizens of planet Earth. You deserve freedom of communication; we hope we have contributed in some part, however small, towards that goal and right." I really like this dedication. #ActivityPub
Evan Prodromou
I don't know who actually wrote this but `git blame` says @cwebber added it and honestly that is some pure crystal Christine Lemmer-Webber energy if I've ever seen it.
Dr. Matt Lee
@evan if you can easily alter this it seems to deadname @cwebber and way-less importantly gets GNU social’s name wrong.
Evan Prodromou
I submitted a FEP for identifying the canonical #Webfinger address for an #ActivityPub actor.
Evan Prodromou
I'm interested in hearing from #ActivityPub developers who've successfully mapped #OpenGraph properties from <meta> tags in Web pages onto the `Page` type and its properties in AS2.
Evan Prodromou
"Facebook was better in the Platform era (2007-2011), when third-party developers could add widgets to profile pages, and in-stream interactive experiences." Anonymous poll
Poll
Strongly agree
88
31.5%
Somewhat agree
123
44.1%
Somewhat disagree
37
13.3%
Strongly disagree
279 people voted. 31
11.1%
Voting ended 16 Dec 2023 at 16:50.
Show previous comments
Evan Prodromou
Are there any Mastodon clients that use the `replies` collection to get the full list of replies from a remote server?
Show previous comments
infinite love ⴳ
@evan this wouldn’t be the job of the mastodon client, no? it’s the job of the activitypub client / mastodon server. a mastodon client would use the mastodon api for fetching conversations, and may choose to fetch from the root’s origin instead of your local server (although this bypasses your local blocks and mutes)
Evan Prodromou
For today's issue triage, I worked on an #ActivityPub primer page on testing: https://www.w3.org/wiki/ActivityPub/Primer/Testing There are a lot of TBD elements in there. In particular, I need to figure out the best way to make the hostnames of different implementations visible in container environments. I also need to figure out how to turn off SSL cert validation in different AP implementations.
Evan Prodromou
So, if I were going to make a tech manifesto, it might be something like: - protocols not platforms
Show previous comments
Brendan Jones
Evan Prodromou
One part of the enshittification process that @pluralistic leaves out of his equation is third-party developers. Developers are like the canaries in the enshittification coalmine. They create a huge part of the value of a platform for both end users and businesses. Platforms encourage this value creation in the ecosystem, and cherry-pick the best apps to either clone or acquire. Then, they shiv developers with an API TOS change.
Evan Prodromou
@pluralistic Facebook Platform did this. LinkedIn did this. Google. Twitter has been knifing its developer community for over a decade.
Alan Langford
@evan @pluralistic I used to have an add-on that aggregated and filtered several feeds from a social media site, so for example one could just see posts with a specific keyword or hashtag. An emergency response org in the US used it to present a true real time dashboard of all the things that were happening from its field stations across the state. All gone now. As always the real value is in the long tail, but because that can't be turned into revenue, it doesn't matter.
Evan Prodromou
Wow; I just re-read the old socialcg minutes for why we don't have an extension process, and apparently I just got tired of working on it without a vote and downvoted it out of consensus. https://chat.indieweb.org/social/2018-09-12 It was a perfectly reasonable proposal. I should have stuck to it! #ActivityPub would be much better now with that process in place!
Evan Prodromou
So, one weird thing about parasocial relationships is that people feel familiar enough to make what seems to them to be fun, teasing comments with their Internet pal. For the person on the other side of the relationship, it's yet another rando with anger issues coming out of the aether to ruin their day. Don't pretend to be someone you're not -- an angry person, a stupid person -- with people who don't know who you are. They can't tell that you're pretending, and will take you at face value.
Evan Prodromou
I've signed an agreement to write a book about #ActivityPub for O'Reilly Media. The book should be available sometime after summer 2024. Blog post here: https://evanp.me/2023/09/07/activitypub-book-for-oreilly-media/
Show previous comments
n8 Doesn't follow you 🇺🇦
@evan I'll give you 20 bucks if you let me pick the first word. No tricks, either; I'll tell you publicly what the word is before you have to agree. But it's a binding contract, so I have to know the terms are settled before I say.
Evan Prodromou
Anonymous poll
Poll
0
83
14.6%
1
136
23.9%
2 to 5
321
56.4%
6 or more
569 people voted. 29
5.1%
Voting ended 2 Sep 2023 at 0:53.
Show previous comments
Evan Prodromou
Fediverse developer, when someone reports a security issue with your software, there is one and only one correct course of action. Say thank you. Prioritize an immediate fix. Publish a hot patch version for all applicable major versions within hours or days. Publicly acknowledge the report. Avoid minimisation, whataboutism, personal attacks, and complaining about the work involved.
Stefan Bohacek
@evan Typically you have to pay for things like QA, user research, security audits, etc. And most people don't even bother telling you when they encounter issues with your website or app, they just move on. People really need to learn to be humble and appreciate when a stranger takes the time out of their day just to help them improve their work.
Mark Gardner
gabbo wafrn guy
@evan@cosocial.ca an old user I banned here for being a transphobe. he sent me an email and I had to rotate the keys of all the users. the software still was not being used anywhere else. fixed the issue and acknowledged the issue
Evan Prodromou
Anonymous poll
Poll
Strongly agree
223
44.6%
Somewhat agree
205
41%
Somewhat disagree
43
8.6%
Strongly disagree
500 people voted. 29
5.8%
Voting ended 10 Jul 2023 at 17:16.
Show previous comments
kel
I am a strong no but only because I am sick the the back teeth of being had over by proprietary software services and they all need to shut down and do nothing, never mind start interfering with even more stuff. Consent is applicable in more ways than one and they have been taking far too many liberties for far too long. It's time we started 'fingering' them for a change - figuratively speaking!
Evan Prodromou
Wow, this is a lot higher than I expected. I'm a strongly agree. When proprietary software services implement open standards, it gives people a choice on what services to use. In the case of ActivityPub, I want people in walled gardens to have access to the entire social web. I want them to see what's here, and I want them to know they can be here, too. Thanks to everyone who replied.
Evan Prodromou
Identi.ca opened up 15 years ago today.
Show previous comments
Luke T. Shumaker
Chema Hernández Gil :sf:
@evan Happy anniversary 🎉🥳! Fifteen years of the #fediverse and it's never been stronger. That's an accomplishment worth celebrating. Congratulations and I hope it only gets bigger and better.
(And it would be good to have a name for today!) 12
|
@evan @snarfed.org @nightpool
Interesting that this is more about identity than "privacy" so native to #4opens a breath of fresh air in this.