Fedify: an ActivityPub server framework

10月26日（土）に開催されるOSC 2024 Tokyo/FallにFedify/Hollo合同で出展します！可愛いFedifyのロゴのシールと『自分だけのフェディバースのマイクロブログを作ろう！』日本語版の紙の本を持って行く予定です。よろしくお願いします。

https://event.ospn.jp/osc2024-fall/

#Fedify #Hollo #osc24tk

Fedify is an #ActivityPub server framework in #TypeScript & #JavaScript. It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

The key features it provides currently are:

• Type-safe objects for Activity Vocabulary (including some vendor-specific extensions)
• #WebFinger client and server
• HTTP Signatures & Linked Data Signatures & Object Integrity Proofs
• Middleware for handling webhooks
• #NodeInfo protocol
• #Node.js, #Deno, and #Bun support
• CLI toolchain for testing and debugging

If you're curious, take a look at the #Fedify website! There's comprehensive docs, a demo, a tutorial, example code, and more:

https://fedify.dev/

Hello, #fediverse! It's the official fedi account of the Fedify, an #ActivityPub server framework!

#Fedify #fedidev

Fedify 越来越强大了，官方甚至还出了一篇教程： https://fedify.dev/tutorial/microblog
#Fedify

dahlia/microblog: A simple federated microblog example using Fedify for educational purpose

https://github.com/dahlia/microblog

Windowsで試してみた

> This program is for educational purposes only. Do not use it for any other purpose, since it has not been tested for security.
だけどこれ普通に使えたら便利そう

https://fedify.dev/
@fedify

Want to build your own #ActivityPub software? Follow the tutorial for #Fedify, the ActivityPub server framework!

https://fedify.dev/tutorial/microblog

The version 1.1.0 of #Fedify, an #ActivityPub server framework, released! The key changes include:

• Added uility functions for traversing remote collections. See also the Traversing remote collections section in the docs.

• Added EmojiReact class to Activity Vocabulary API. [FEP-c0e0]

• Added successor property to the Actor types in the Activity Vocabulary API.

• Added DidService class to Activity Vocabulary API. [FEP-9091]

• Added Export class to Activity Vocabulary API. [FEP-9091]

• Added service property to the Actor types in the Activity Vocabulary API. [FEP-9091]

• The default time window for verifying HTTP Signatures of incoming requests is now an hour (was a minute). This new default window is according to the ActivityPub and HTTP Signatures document.

• In the fedify inbox command's web interface, the Raw Activity tab is added to show the raw JSON object of the received activity.

For details, see the full changelog as well!

#fedidev

The version 1.1.0 of #Fedify, an #ActivityPub server framework, released! The key changes include:

• Added uility functions for traversing remote collections. See also the Traversing remote collections section in the docs.

• Added EmojiReact class to Activity Vocabulary API. [FEP-c0e0]

• Added successor property to the Actor types in the Activity Vocabulary API.

• Added DidService class to Activity Vocabulary API. [FEP-9091]

• Added Export class to Activity Vocabulary API. [FEP-9091]

• Added service property to the Actor types in the Activity Vocabulary API. [FEP-9091]

• The default time window for verifying HTTP Signatures of incoming requests is now an hour (was a minute). This new default window is according to the ActivityPub and HTTP Signatures document.

• In the fedify inbox command's web interface, the Raw Activity tab is added to show the raw JSON object of the received activity.

For details, see the full changelog as well!

#fedidev

Let's create your own #ActivityPub implementation using #Fedify!

Even though I am a slow coder, it only took me about a month to create most of #Hollo's features in #Fedify. Having a framework makes a huge difference in productivity.

#fedidev

We now have #Hollo and #Fedify's official #Discord server! Join us now!

https://discord.gg/hGXXxUq2jK

10月26日（土）に開催されるOSC 2024 Tokyo/FallにFedify/Hollo合同で出展します！可愛いFedifyのロゴのシールと『自分だけのフェディバースのマイクロブログを作ろう！』日本語版の紙の本を持って行く予定です。よろしくお願いします。

https://event.ospn.jp/osc2024-fall/

#Fedify #Hollo #osc24tk

The Japanese version of the #Fedify tutorial, Creating your own federated microblog, is now available in paperback!

Note that the AsciiDoc source of the book is fully open source, which is available at this repository!

https://fedibird.com/@hongminhee/113331365440336287

印刷所に注文した『自分だけのフェディバースのマイクロブログを作ろう！』の紙の本、到着した‼️

We now have #Fedify and #Hollo's official #Discord server! Join us now!

https://discord.gg/bhtwpzURwd

@fedify good to mention: there is also a Matrix space for those who are like "why discord?!"

https://matrix.to/#/#fedify:matrix.org

We now have #Fedify and #Hollo's official #Discord server! Join us now!

https://discord.gg/bhtwpzURwd

#Fedify now has an #AMQP driver! This means you can use #RabbitMQ as Fedify's message queue. To use it, first install the @fedify/amqp package, then set it up like below:

import { createFederation } from "@fedify/fedify";
import { AmqpMessageQueue } from "@fedify/amqp";
import { connect } from "amqplib";

const federation = createFederation({
  queue: new AmqpMessageQueue(await connect("amqp://localhost")),
  // ... other configurations
});

Oh, and we've also added results from AmqpMessageQueue to our benchmarks.

#fedidev

#Fedify takes 20 minutes for GitHub Actions to finish. What do you think?

Fedify is an #ActivityPub server framework in #TypeScript & #JavaScript. It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

The key features it provides currently are:

• Type-safe objects for Activity Vocabulary (including some vendor-specific extensions)
• #WebFinger client and server
• HTTP Signatures & Linked Data Signatures & Object Integrity Proofs
• Middleware for handling webhooks
• #NodeInfo protocol
• #Node.js, #Deno, and #Bun support
• CLI toolchain for testing and debugging

If you're curious, take a look at the #Fedify website! There's comprehensive docs, a demo, a tutorial, example code, and more:

https://fedify.dev/

If you're on the fence about which driver to choose for #Fedify's message queue, here's a benchmark that just came out. In addition to no queue, we compare 5 drivers, for a total of 11 setups:

• No queue
• InProcessMessageQueue
• DenoKvMessageQueue
• RedisMessageQueue
• PostgresMessageQueue
• AmqpMessageQueue
• InProcessMessageQueue × 4
• DenoKvMessageQueue × 4
• RedisMessageQueue × 4
• PostgresMessageQueue × 4
• AmqpMessageQueue × 4

Curious to see the results? Check out the GitHub repository!

https://github.com/dahlia/fedify-queue-benchmarks

https://fosstodon.org/@hongminhee/113247723368865290

#Fedify now has an #AMQP driver! This means you can use #RabbitMQ as Fedify's message queue. To use it, first install the @fedify/amqp package, then set it up like below:

import { createFederation } from "@fedify/fedify";
import { AmqpMessageQueue } from "@fedify/amqp";
import { connect } from "amqplib";

const federation = createFederation({
  queue: new AmqpMessageQueue(await connect("amqp://localhost")),
  // ... other configurations
});

Oh, and we've also added results from AmqpMessageQueue to our benchmarks.

#fedidev

The #Fedify repository has reached 500 stars! Thank you everyone!

https://github.com/dahlia/fedify

10月26日（土）に開催されるOSC 2024 Tokyo/FallにFedify/Hollo合同で出展します！可愛いFedifyのロゴのシールと『自分だけのフェディバースのマイクロブログを作ろう！』日本語版の紙の本を持って行く予定です。よろしくお願いします。

https://event.ospn.jp/osc2024-fall/

#Fedify #Hollo #osc24tk

自作ActivityPubサーバーに興味が有る方は、ActivityPubサーバーフレームワークであるFedifyを一度使ってみてください。ちなみに、公式日本語チュートリアルである『自分だけのフェディバースのマイクロブログを作ろう！』がZennにも掲載されています。

https://zenn.dev/hongminhee/books/4a38b6358a027b

What's your biggest wish for Fedify?

If you're considering creating your own implementation of #ActivityPub, consider #Fedify.

Implementing ActivityPub from scratch requires more than you might think. WebFinger, HTTP Signatures, Linked Data Signatures, Object Integrity Proofs, NodeInfo, queues for sending and receiving activities, followers collection synchronization, remote object lookups, interoperability with Mastodon, Akkoma, Misskey, Threads, and more…

Just use Fedify and feel free to create your own ActivityPub implementation!

#fedidev

https://fedify.dev/

Did you know that? The #Fedify CLI has a command called fedify lookup, which can easily look up ActivityStreams objects on servers with authorized fetch (a.k.a. secure mode) enabled by turning on the -a/--authorized-fetch flag.

Here's demo!

#fedidev #ActivityPub

@steve Yes, if you specify queue option of createFederation() function, incoming and outgoing activities are queued and processed by the background workers.

See also the following docs:

• Enqueuing an outgoing activity
• Making inbox listeners non-blocking

If you're on the fence about which driver to choose for #Fedify's message queue, here's a benchmark that just came out. In addition to no queue, we compare 5 drivers, for a total of 11 setups:

• No queue
• InProcessMessageQueue
• DenoKvMessageQueue
• RedisMessageQueue
• PostgresMessageQueue
• AmqpMessageQueue
• InProcessMessageQueue × 4
• DenoKvMessageQueue × 4
• RedisMessageQueue × 4
• PostgresMessageQueue × 4
• AmqpMessageQueue × 4

Curious to see the results? Check out the GitHub repository!

https://github.com/dahlia/fedify-queue-benchmarks

https://fosstodon.org/@hongminhee/113247723368865290

If you're considering creating your own implementation of #ActivityPub, consider #Fedify.

Implementing ActivityPub from scratch requires more than you might think. WebFinger, HTTP Signatures, Linked Data Signatures, Object Integrity Proofs, NodeInfo, queues for sending and receiving activities, followers collection synchronization, remote object lookups, interoperability with Mastodon, Akkoma, Misskey, Threads, and more…

Just use Fedify and feel free to create your own ActivityPub implementation!

#fedidev

https://fedify.dev/

独自のActivityPubの実装を作りたい方は、Fedifyを検討してみてください。

ActivityPubをゼロから実装するには、想像以上に多くの物を作る必要が有ります。WebFinger、HTTP Signatures、Linked Data Signatures、Object Integrity Proofs、NodeInfo、アクティビティの送受信のキュー、フォロワーコレクションのシンクロ、リモートオブジェクトの照会、MastodonやMisskey等との相互運用性の為の雑多な処理まで…Fedifyを使えば簡単に自分だけのActivityPubの実装を作る事が出来ます！

https://fedify.dev/

#Fedify #ActivityPub #fedidev

New: Last Week in #Fediverse - ep 86

This week's news:
- Threads degrades their #activitypub integration, delaying posts by 15 minutes before they appear in the rest of the fediverse
- Website League is a new ActivityPub-based Island network, outside of the rest of the fediverse
- Ghost discusses their beta plans and pricing.

https://fediversereport.com/last-week-in-fediverse-ep-86/

Adding vocabularies for FEP-9091 to #Fedify.

https://github.com/dahlia/fedify/issues/146

#fedidev #ActivityPub

Did you know that? The #Fedify CLI has a command called fedify lookup, which can easily look up ActivityStreams objects on servers with authorized fetch (a.k.a. secure mode) enabled by turning on the -a/--authorized-fetch flag.

Here's demo!

#fedidev #ActivityPub

Fedifyを使うのを躊躇う理由が有れば？

#Fedify

Introducing Fedify: Build Your Own Fediverse App with Ease! 🚀

Are you excited about the #fediverse but find implementing #ActivityPub daunting? Meet #Fedify, a #TypeScript framework that simplifies building federated server apps. Whether you're creating the next Mastodon, Pixelfed, or something entirely new, Fedify has you covered.

#fedidev

What Fedify Offers:

• 🧩 Type-safe Activity Vocabulary objects
• 🔍 WebFinger client and server
• 🔐 HTTP Signatures, Linked Data Signatures, and Object Integrity Proofs
• 📨 Easy-to-use inbox listeners
• ℹ️ NodeInfo protocol support
• 🛠 CLI tools for testing and debugging

Fedify abstracts away the complexities of ActivityPub, letting you focus on your app's unique features. It's designed to work seamlessly with popular web frameworks like Hono, Express, and Fresh.

Get Started Today!

Check out our step-by-step tutorial to create a microblog: https://fedify.dev/tutorial/microblog

Explore the discussions, contribute, or just star us on GitHub: https://github.com/dahlia/fedify

Join the Fedify community! Questions? Ideas? Find us on Matrix: #fedify:matrix.org.

Let's build a more diverse and interoperable fediverse together with Fedify!

I'm adding the #EmojiReact (FEP-c0e0) class to #Fedify… It will be coming in Fedify 1.1.0.

https://w3id.org/fep/c0e

#ActivityPub #fedidev

[[Fedify]] looks cool:

https://fedify.dev/intro

> Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards, so-called fediverse.

h/t @band

@FiFachik @rf Для тех, кто хочет потестить федерирование для своего бложика с поддержкой #ActivityPub, могу только посоветовать #Fedify. Там есть встроенная команда для подключения к сервису на выбор, который может дать временный домен для тестирования.

ActivityPub 서버 프레임워크인 Fedify가 드디어 첫 스테이블 버전인 1.0.0을 릴리스했습니다!

https://velog.io/@hongminhee/fedify-1.0.0

ActivityPubのサーバーフレームワークであるFedifyがついに最初の正規バージョンである1.0.0をリリースしました！

https://zenn.dev/hongminhee/articles/c913bbf8030412
QT: https://hollo.social/@fedify/019229e7-4fdc-7a46-a0ec-d383566a49cc [参照]

If you're a hands-on learner and want to learn how to build for ActivityPub, I urge you to try out @fedify.

The documentation alone is a great way to understand the underlying mechanics, and you'll be prototyping ideas in no time. I've been using it for the last few months and can't recommend it enough.

They just launched their first stable release: https://fedify.dev/

s/o to @hongminhee for this fantastic resource.

Fedify, an ActivityPub framework, has finally released its first stable version, 1.0.0! Here are key changes:

Deprecation of the term handle

From this version, the term handle across Fedify will only be used to refer to fediverse handles (e.g., @[email protected]). An actor's internal unique ID (e.g., b379dbdc-3b4f-4ef4-88c2-fc25632d1c22) is referred to as an identifier, and the WebFinger name (e.g., hongminhee) is referred to as a username.

The term handle in the API will be maintained for a while for backward compatibility, but deprecation warnings will be logged, and it is planned to be removed in the future.

For more details, please refer to the related documentation.

Linked Data Signatures

Linked Data Signatures is an outdated standard, but it's still relied upon by major fediverse implementations such as Mastodon.

In addition to HTTP Signatures and Object Integrity Proofs, Fedify now supports Linked Data Signatures from this version, thus supporting all types of signature methods used in the fediverse. This makes Fedify an ActivityPub implementation with the best interoperability.

However, Fedify users don't need to do anything special to use Linked Data Signatures. If an incoming activity has Linked Data Signatures, it automatically verifies the signature, and all outgoing activities will have signatures in three formats: HTTP Signatures, Linked Data Signatures, and Object Integrity Proofs.

For more details, please refer to the related documentation.

Activity forwarding

From this version, you can forward activities received in the inbox to other actors using the InboxContext.forwardActivity() method.

At first glance, you might think that you could just resend an activity received in the inbox using the Context.sendActivity() method. However, if you do this, the original signature is removed before the activity is delivered to the inbox, and when sending it, the signature of the forwarding actor is attached instead, causing the receiving side of the forwarded activity to not trust it.

On the other hand, when using the InboxContext.forwardActivity() method, the activity is forwarded with the original signature preserved, avoiding this problem. (Of course, the original activity itself must be signed with Linked Data Signatures or Object Integrity Proofs.)

For more details, please refer to the related documentation.

Sending Delete(Application) on fedify inbox termination

From this version, fedify inbox will send a Delete(Application) activity to all peer servers it encountered when terminated. This is typically an activity sent when deleting an account, which will help prevent residual data related to temporary actors from remaining on other servers.

PostgreSQL drivers

The @fedify/postgres package, which implements PostgreSQL drivers for the KvStore and MessageQueue interfaces, has been released alongside this version.

The PostgreSQL driver is a backend that can be sufficiently used in production, especially recommended for projects already using PostgreSQL.

Additionally, an option to select the PostgreSQL driver has been added to the fedify init command.

Celebrating Fedify 1.0.0

With the release of version 1.0.0, Fedify will now maintain API backward compatibility as much as possible. (Of course, in the long term, there may be a 2.0.0 that breaks backward compatibility.) This should be good news for those who have been hesitant to use Fedify because there hasn't been a stable version until now!

So, hoping that more services will support ActivityPub in the future, I conclude this post!

#Fedify #ActivityPub #fedidev

Fedify 1.0.0 released by @hongminhee https://lobste.rs/s/khzn8u #distributed #web
https://github.com/dahlia/fedify/discussions/141

activitypub typescript server framework called Fedify announces first stable release. It is being used by the open source Ghost CMS platform. Can't wait to see what other apps are created with Fedify

Github repo here: https://github.com/dahlia/fedify/releases/tag/1.0.0

#fedify #framework #typescript #activitypub #foss #opensource #oss #ghostcms #ghostblog #fediverse

@voxpelli No, we haven't been aware of the SWF until yesterday.

Fedify, an ActivityPub framework, has finally released its first stable version, 1.0.0! Here are key changes:

Deprecation of the term handle

From this version, the term handle across Fedify will only be used to refer to fediverse handles (e.g., @[email protected]). An actor's internal unique ID (e.g., b379dbdc-3b4f-4ef4-88c2-fc25632d1c22) is referred to as an identifier, and the WebFinger name (e.g., hongminhee) is referred to as a username.

The term handle in the API will be maintained for a while for backward compatibility, but deprecation warnings will be logged, and it is planned to be removed in the future.

For more details, please refer to the related documentation.

Linked Data Signatures

Linked Data Signatures is an outdated standard, but it's still relied upon by major fediverse implementations such as Mastodon.

In addition to HTTP Signatures and Object Integrity Proofs, Fedify now supports Linked Data Signatures from this version, thus supporting all types of signature methods used in the fediverse. This makes Fedify an ActivityPub implementation with the best interoperability.

However, Fedify users don't need to do anything special to use Linked Data Signatures. If an incoming activity has Linked Data Signatures, it automatically verifies the signature, and all outgoing activities will have signatures in three formats: HTTP Signatures, Linked Data Signatures, and Object Integrity Proofs.

For more details, please refer to the related documentation.

Activity forwarding

From this version, you can forward activities received in the inbox to other actors using the InboxContext.forwardActivity() method.

At first glance, you might think that you could just resend an activity received in the inbox using the Context.sendActivity() method. However, if you do this, the original signature is removed before the activity is delivered to the inbox, and when sending it, the signature of the forwarding actor is attached instead, causing the receiving side of the forwarded activity to not trust it.

On the other hand, when using the InboxContext.forwardActivity() method, the activity is forwarded with the original signature preserved, avoiding this problem. (Of course, the original activity itself must be signed with Linked Data Signatures or Object Integrity Proofs.)

For more details, please refer to the related documentation.

Sending Delete(Application) on fedify inbox termination

From this version, fedify inbox will send a Delete(Application) activity to all peer servers it encountered when terminated. This is typically an activity sent when deleting an account, which will help prevent residual data related to temporary actors from remaining on other servers.

PostgreSQL drivers

The @fedify/postgres package, which implements PostgreSQL drivers for the KvStore and MessageQueue interfaces, has been released alongside this version.

The PostgreSQL driver is a backend that can be sufficiently used in production, especially recommended for projects already using PostgreSQL.

Additionally, an option to select the PostgreSQL driver has been added to the fedify init command.

Celebrating Fedify 1.0.0

With the release of version 1.0.0, Fedify will now maintain API backward compatibility as much as possible. (Of course, in the long term, there may be a 2.0.0 that breaks backward compatibility.) This should be good news for those who have been hesitant to use Fedify because there hasn't been a stable version until now!

So, hoping that more services will support ActivityPub in the future, I conclude this post!

#Fedify #ActivityPub #fedidev

Okay, now #Fedify implements misskey:isCat property, and it will be shipped with Fedify v1.0.0.

https://github.com/dahlia/fedify/commit/f75c19cf84cabb012e68e2893ce63c10c4416b21

Does #Fedify need to support the misskey:isCat property?

Looks like #Fedify v1.0.0 will be released this week! Is there anything you'd like to see added or fixed before then?

#fedidev #ActivityPub

I'm polishing the #docs and filling in the gaps before releasing #Fedify v1.0. Is there something else you'd like to see in the @fedify docs?

#fedidev #ActivityPub

The next version of #Fedify, v1.0, adds ParallelMessageQueue, which makes it easy to parallelize sending and receiving activities without increasing the number of processes or nodes.

It's available for preview in v1.0.0-dev.408+f4e245b4 (JSR & npm).

https://unstable.fedify.dev/manual/mq#parallel-message-processing

#ActivityPub #fedidev

I'm quietly really pleased with having been the mover for this change in @fedify.

Too many ActivityPub servers have put usernames in Actor URLs and it creates a complete mess when wanting to allow users to change their usernames, and created other confusion when you had non-user Actors that you wish to federate.

Here's the PR that prompted the change: https://github.com/dahlia/fedify/pull/140
https://hollo.social/@fedify/01920e31-2b71-7d3e-9d05-f5a6f347598b

I'm quietly really pleased with having been the mover for this change in @fedify.

Too many ActivityPub servers have put usernames in Actor URLs and it creates a complete mess when wanting to allow users to change their usernames, and created other confusion when you had non-user Actors that you wish to federate.

Here's the PR that prompted the change: https://github.com/dahlia/fedify/pull/140
https://hollo.social/@fedify/01920e31-2b71-7d3e-9d05-f5a6f347598b

The #Fedify docs now have a section on actor identifiers and #WebFinger usernames.

https://unstable.fedify.dev/manual/actor#actor-identifier-and-webfinger-username

Starting with #Fedify v1.0.0, the term handle throughout Fedify will only be used to refer to a fediverse handle (e.g., @[email protected]). An actor's internal unique ID (e.g., b379dbdc-3b4f-4ef4-88c2-fc25632d1c22) will be referred to as identifier and a WebFinger name (e.g., hongminhee) will be referred to as username. The term handle in the API will be retained for the time being for backwards compatibility, but a deprecation warning will be logged and will be deprecated in the future.

Q: Which does your #ActivityPub implementation implement, HTTP Signatures, Linked Data Signatures, or Object Integrity Proofs?

Fedify: Y·E·S!

#Fedify #fedidev

In the next release of #Fedify, v1.0.0, you'll be able to forward received activities inside an inbox listener without any modifications.

You can preview this feature in v1.0.0-dev.398+5c6e1394 (JSR & npm).

https://unstable.fedify.dev/manual/inbox#forwarding-activities-to-another-server

Once the next version of #Fedify, v1.0.0, is released, the API will be stabilized. Are there any features you'd like to see before the API is stabilized?

#fedidev #ActivityPub

Q: Which does your #ActivityPub implementation implement, HTTP Signatures, Linked Data Signatures, or Object Integrity Proofs?

Fedify: Y·E·S!

#Fedify #fedidev

@antolius We're definitely thinking about implementing C2S interactions, and it's certainly on our roadmap! But the problem is that we don't have a de facto standard for authentication yet.

Once the next version of #Fedify, v1.0.0, is released, the API will be stabilized. Are there any features you'd like to see before the API is stabilized?

#fedidev #ActivityPub

1/3 @deadsuperhero As someone new to developing ActivityPub apps the poor documentation was a big turn off. @fedify have done a great job in making it easier to build new apps and their documentation is much better. The new book by @evan is also a great read for new AP developers.

However given that the Activity Vocab was defined way back in 2017 by the W3C and Mastodon the biggest AP client still doesn't support all the verbs is a disappointment. e.g summary, listen etc.

@squaredot3301 Integrating with more web frameworks is always on Fedify's roadmap, so if there's a web framework you're looking for in particular, open an issue in our issue tracker!

In the next release of #Fedify, v1.0.0, you'll be able to forward received activities inside an inbox listener without any modifications.

You can preview this feature in v1.0.0-dev.398+5c6e1394 (JSR & npm).

https://unstable.fedify.dev/manual/inbox#forwarding-activities-to-another-server

#Fedify started out exclusively for #Deno, but now also supports #Node.js and #Bun. However, the #logo we created in the early days still features the character from Deno. Should Fedify change its logo now?

@darius Fedify is super cool. I’ve been eyeing it for some future projects, just gotta get better at JavaScript 😅

It’s pretty wild, though, that you can totally take this library, and spin up a working Fediverse app with it. Having to do all of the federation stuff from scratch seems like it would be a nightmare.

Damn... Fedify is really good. It seems like the ActivityPub library I always wanted for Node applications (rather than a reference server like the one I created for ExpressJS).

I love that it's built so you can take an existing app and quickly drop in the federation features you need (like oh okay I need my application to Follow/Accept/Reject/Undo and have the ability to Create an Article but that's it, cool, Fedify has me covered)

https://fedify.dev/tutorial/basics

One of the benefits of #Fedify is that you don't have to worry about whether a property of an Activity Vocabulary object has a URL or embeds an actual object. If you need an object, you can call the `getObject()` method (which will fetch a remote object if necessary). If you need a URI, you can access the `objectId` property.

https://fedify.dev/manual/vocab#object-ids-and-remote-objects

#ActivityPub #fedidev

#Fedify has over 400 stars on GitHub now! 🎊

https://github.com/dahlia/fedify

Creating your own federated microblog by @hongminhee https://lobste.rs/s/albrk0 #distributed #web
https://fedify.dev/tutorial/microblog

LobstersにFedifyチュートリアル「自分だけのフェディバースのマイクロブログを作ろう！」の英語版を投稿しました。

https://lobste.rs/s/albrk0/creating_your_own_federated_microblog

I submitted the @fedify tutorial “Creating your own federated microblog” to @lobsters!

https://lobste.rs/s/albrk0/creating_your_own_federated_microblog

We've applied Twoslash to the Fedify docs to show type information as tooltips in TypeScript example code—check it out now!

https://fosstodon.org/@hongminhee/113134894222177741

次のバージョンのFedifyはLinked Data Signatures (RsaSignature2017)に対応します。つまり、Mastodonが他のサーバーからフォワードしたアクティビティをFedifyが検証出来る様になります。

また、Context.sendActivity()メソッドで送信するアクティビティは、RSA-PKCS#1-v1.5の鍵ペアが一つでも有る場合、HTTP Signaturesに加え、Linked Data Signaturesが添付されます。

すでに廃止された標準であるLinked Data Signaturesを実装するのは気が進まなかったのですが、この変更がFedifyアプリのより良い互換性と相互運用性の基礎になる事を願っています。
QT: https://hollo.social/@fedify/0191ec91-922b-70d5-b5df-8afc07abbec3 [参照]

The next version of #Fedify will support #LDSignatures (#RsaSignature2017), which means that Fedify will be able to verify activities forwarded by #Mastodon from other servers.

In addition, activities sent with the Context.sendActivity() method will have Linked Data Signatures attached in addition to HTTP Signatures if any RSA-PKCS#1-v1.5 key pairs are present.

We were not motivated by implementing Linked Data Signatures, which is already an outdated standard, but we hope this change will lead to better compatibility and interoperability of Fedify apps!

#fedidev #ActivityPub

Working on @fedify's docs about #LDSignatures… I hope someday #Fedify drop the support for Linked Data Signatures… 😇

#fedidev #ActivityPub

The next #Fedify release will finally be 1.0.0. Stay tuned!

#fedidev

If you're curious about #Fedify's property hydration, here's the docs for it:

https://unstable.fedify.dev/manual/vocab#property-hydration

#Fedify has a side effect that when you call the getter method of an Activity Vocabulary object, the property that was internally a URI is populated with the actual ActivityStreams object. Today, someone at Ghost gave us a cool term for this: #hydration.

#fedidev #ActivityPub

The `fedify inbox` command, which is shipped with @fedify/cli, is a tool that creates an ephemeral #ActivityPub server so that you can debug and test the activities you send.

Here's a demo of it.

https://fedify.dev/cli#fedify-inbox-ephemeral-inbox-server

#fedidev

Fedify, an #ActivityPub server framework, has released v0.15.0! The key changes include:

• There's a new tutorial for creating a microblog.
• Actors, collections, and object dispatchers can now have URIs that do not include a WebFinger username, meaning actors can now change their fediverse handles.
• Article, ChatMessage, Note, and Question classes now have a quoteUrl property. This property corresponds to three properties at once: as:quoteUrl, misskey:_misskey_quote, and fedibird:quoteUri.
• Changed the element type of the liked collection from Like to Object | URL.
• Added Context.lookupObject() method.
• The default document loaders can now recognize ActivityStream objects from the Link header or the <link>/<a> tag in HTML.
• Added -r/--raw option to the fedify lookup command.

It is now available in JSR and npm.

#Fedify #fedidev

@silverpill FEP-e232 should be implemented in an application code. @hollo will implement it later!

In the next version of #Fedify, the Article, ChatMessage, Note, and Question classes will have a quoteUrl property. This property corresponds to the following three JSON-LD properties all at once:

• as:quoteUrl
• misskey:_misskey_quote
• fedibird:quoteUri

Available for preview in version 0.15.0-dev.384+6c39741b (JSR & npm).

Today, thanks to @ellemedit, we've added two more example projects to #Fedify!

• Express integration example
• Next.js integration example

If you're interested in Fedify and these two frameworks, take a look!

#ExpressJS #NextJS

As a trilingual, I've written the #Fedify's tutorial in three languages:

• English: https://unstable.fedify.dev/tutorial/microblog
• Korean: https://hackmd.io/@hongminhee/fedify-tutorial-ko
• Japanese: https://zenn.dev/hongminhee/books/4a38b6358a027b

In the next version of #Fedify, it will allow you to decouple actor URIs from WebFinger usernames with the mapHandle() method. For example, you can use UUIDs for actor URIs but let users use their own username of choice for their fediverse handle.

You can preview it in v0.15.0-dev.382+a8a9b73b: JSR & npm.

#ActivityPub #fedidev

In the next version of #Fedify, it will allow you to decouple actor URIs from WebFinger usernames with the mapHandle() method. For example, you can use UUIDs for actor URIs but let users use their own username of choice for their fediverse handle.

You can preview it in v0.15.0-dev.382+a8a9b73b: JSR & npm.

#ActivityPub #fedidev

@antolius Glad you enjoyed reading this!

@fedify this is incredibly helpful! I went into it with some beforehand knowledge & it was still useful.

The structure & flow are great, it's telling a story & leading the reader through it. The tips alone make it worth a read. I love how detailed it is, covering everything from database to frontend. On the other hand, every lib/tool is well & succinctly explained which makes it easy to swap out with an alternative. The prompts for improvements at the end are great.

⭐⭐⭐⭐⭐, will read again.

Thank you for your advice. As you mentioned, Fedify currently has actor URIs consisting of handles. This limitation is due to the early design of Fedify and will be fixed before we release v1.0!

한국어판 Fedify 튜토리얼 《나만의 연합우주 마이크로블로그 만들기》를 공개합니다! Fedify나 ActivityPub을 몰라도 차근차근 따라할 수 있게 되어 있으니, ActivityPub 구현에 관심이 있으신 분들은 부디 읽어 주시기 바랍니다. (대신, 조금 깁니다. 😅)

https://hackmd.io/@hongminhee/fedify-tutorial-ko

#Fedify #ActivityPub

日本語版Fedifyチュートリアル『自分だけのフェディバースのマイクロブログを作ろう！』をZennで公開しました！ActivityPubの実装に興味の有る方々は是非ご覧ください！

https://zenn.dev/hongminhee/books/4a38b6358a027b

#Fedify #ActivityPub

We just finished drafting a new tutorial for #Fedify! This tutorial will walk you through the steps of creating your own federated #microblog. It's pretty long, though.

Please read it, give us feedback, and have fun!

https://unstable.fedify.dev/tutorial/microblog

#fedidev #ActivityPub

We just finished drafting a new tutorial for #Fedify! This tutorial will walk you through the steps of creating your own federated #microblog. It's pretty long, though.

Please read it, give us feedback, and have fun!

https://unstable.fedify.dev/tutorial/microblog

#fedidev #ActivityPub

The next version of #Fedify will add the Context.lookupObject() method, which is preferred over the global lookupObject() function.

Are there any features you'd like to see in #Fedify?

#fedidev #ActivityPub

Fedifyは、TypeScriptとJavaScriptで書かれたActivityPubサーバーフレームワークです。分散型のソーシャルネットワークを構築するためのサーバーアプリケーションを作る際の複雑さと冗長なコードを排除し、ビジネスロジックとユーザー体験の開発に集中できるようにすることを目指しています。

現在提供している主な機能は以下の通りです：

• Activity Vocabularyのための型安全なオブジェクト（一部のベンダー固有の拡張機能を含む）
• WebFingerクライアントとサーバー
• HTTP SignaturesとObject Integrity Proofs
• ウェブフックを処理するためのミドルウェア
• NodeInfoプロトコル
• Node.js、Deno、Bunのサポート
• テストとデバッグのためのCLIツールチェーン

興味がある方は、Fedifyのウェブサイトをご覧ください！包括的なドキュメント、デモ、チュートリアル、サンプルコードなどが用意されています：

https://fedify.dev/

#Fedify #TypeScript #JavaScript #ActivityPub #NodeInfo #Node #Deno #Bun #fedidev

Question for those who have followed the #Fedify tutorial: How long did it take you to follow the tutorial?

#fedidev

I finally finished the first draft of the new #Fedify tutorial, but it's still in Korean. Now I just need to polish it up and translate it into English.

#fedidev

Did you know? #Fedify offers the markdown-it plugins for parsing #Mastodon-style mentions and hashtags syntax:

• @fedify/markdown-it-mention: JSR & npm
• @fedify/markdown-it-hashtag: JSR & npm

Check it out!

#fedidev

Today, thanks to @ellemedit, we've added two more example projects to #Fedify!

• Express integration example
• Next.js integration example

If you're interested in Fedify and these two frameworks, take a look!

#ExpressJS #NextJS

Released #Fedify 0.14.2 & 0.13.3, which fix an incompatibility issue with Meta's Threads where sent activities had not been verified by their inbox.

• Fedify 0.14.2: JSR & npm
• Fedify 0.13.3: JSR & npm

Released Fedify 0.14.1 & 0.13.2, which fix a few bugs in the fedify inbox command:

• Fedify 0.14.1: JSR & npm
• Fedify 0.13.2: JSR & npm

If you'd like to support the development of #Fedify or #Hollo, you can sponsor me on GitHub!

https://github.com/sponsors/dahlia

#fedidev

This frustration later became the impetus for creating @fedify:

https://todon.eu/@hongminhee/110971265294250919

We've released v0.14.0 of #Fedify, the #ActivityPub server framework, with the following key changes:

• It is now possible to set the recipient of the sendActivity() method to "followers" in just the Context instead of the RequestContext.
• Improved performance of the Object.toJsonLd() method by about 3,000 times.
• Added source property to Object.
• Added aliases property to Actor, corresponding to ActivityPub's alsoKnownAs property.
• fedify init command now adds default compilerOptions settings to tsconfig.json and deno.json.

Fedify v0.14.0 is available from JSR and npm. See also the full changelog for details.

Happy #fedidev!

We've added the Inspecting ActivityPub objects section to the #Fedify docs, introducing BrowserPub and the fedify lookup command!

https://unstable.fedify.dev/manual/test#inspecting-activitypub-objects

#ActivityPub #BrowserPub #fedidev

We've added the Inspecting ActivityPub objects section to the #Fedify docs, introducing BrowserPub and the fedify lookup command!

https://unstable.fedify.dev/manual/test#inspecting-activitypub-objects

#ActivityPub #BrowserPub #fedidev

Do you know that? Some of the properties in Activity Vocabulary have been renamed in #Fedify's JavaScript APIs. Below are some examples:

• alsoKnownAs → aliases
• publicKeyPem → publicKey
• hreflang → language
• publicKeyMultibase → publicKey
• orderedItems → items
• oneOf → exclusiveOptions
• anyOf → inclusiveOptions
• votersCount → voters
• attributedTo → attributions
• inReplyTo → replyTargets

#ActivityPub #fedidev

I'm sharing a prototype of #Fedify written in #Python, codenamed “FediKit.” Many of the ideas for Fedify were already implemented in this prototype, albeit in a different language.

https://github.com/dahlia/fedikit

@cybertailor @oleg_ru

Касаясь систем управления контентом с поддержкой #ActivityPub, хотелось бы отметить и библиотеку для построения собственного федеративного сервера @fedify. Отлично подходит, когда "все эти ваши вордпрессы мне нафиг не сдались". :blobcatmeltthumbsup:

#Fedify

For educational purpose, I've created a federated microblog example using #Fedify, with a total of about 30 commits, which you can follow step by step.

Now, I'm starting to write a hands-on Fedify tutorial based on this example code. I'll make it public when I'm done!

https://github.com/dahlia/microblog

#fedidev #ActivityPub

I've rewritten #Fedify several times and in several languages. The first time it was written in #TypeScript, then #Python, then C#, then back to TypeScript. (It was codenamed FediKit at the time of development.) I settled on TypeScript for the following reasons:

• It has a decent JSON-LD implementation.
• Lots of people use it. (I wanted Fedify to be widely used.)
• It's type-safe enough.

Even if I were to build Fedify again, I would choose TypeScript.

#fedidev #CSharp #dotnet #JavaScript

Did you know? #Fedify not only fully supports #Node.js, but also #Deno and #Bun!

Security alert for Fedify users

We've patched a vulnerability in the getActorHandle() function. Versions prior to 0.13.1 and 0.12.3 are affected.

Upgrade immediately:

• npm: 0.13.1 & 0.12.3
• JSR: 0.13.1 & 0.12.3

#Fedify #securityupdate #fediverse #fedidev #ActivityPub

In the next version (v0.14.0) of #Fedify, the performance of the Object.toJsonLd() method will be dramatically (~3k ×) faster. This is expected to improve the overall performance of Fedify apps!

#fedidev #JSONLD #ActivityPub

Oh, and in the template for Deno, compilerOptions is added to the deno.json file (if needed).

The next version of fedify init will also generate a tsconfig.json file with decent default settings.

I feel that the current abstraction level of #Fedify is not high enough which makes the tutorial lengthy, so I'm considering adding a higher-level API. One way would be to add a façade to the @fedify/fedify package, and another way would be to create a sort of metaframework as a separate package (e.g., @fedify/start?). Which way would be better?

#fedidev

Fedify, the #ActivityPub server framework, has released v0.13.0. Key changes include:

• Added fedify tunnel command to expose the local server to the public internet.
• Added Express and Nitro integration templates to the fedify init command.
• Added option to skip HTTP Signatures validation for easier testing.
• Added Question.closed property.
• Added Question.voters property.
• Removed several deprecated APIs.

#Fedify v0.13.0 is available now from JSR and npm.

https://github.com/dahlia/fedify/releases/tag/0.13.0

#fedidev

What other web frameworks would you like to see #Fedify integrate with more?

#fedidev

What other web frameworks would you like to see #Fedify integrate with more?

#fedidev

Introducing @fedify/express, a package that integrates Express, a popular web framework in Node.js, with Fedify. You can install it with the following command:

npm add @fedify/express

This package provides a middleware called integrateFederation() that allows you to integrate #Fedify with #Express:

import express from "express";
import { integrateFederation } from "@fedify/express";
import { federation } from "./federation";  // Your `Federation` instance

export const app = express();

app.set("trust proxy", true);

app.use(integrateFederation(federation, (req) => "context data goes here"));

https://github.com/dahlia/fedify-express

#fedidev #ExpressJS

I'm unsure whether to adopt an emerging JavaScript runtime like #Bun or #Deno for #Fedify's tutorial, or stick with traditional #Node.js. 🤔

If I choose Bun/Deno, it comes with built-in #TypeScript support, hot reloading, and a fetch-style HTTP server, so I don't have to explain much about it, but I need to deal with installing Bun/Deno itself.

On the other hand, Node.js can be assumed to be already installed on the reader's system, but they will need to set up TypeScript, hot reloading, etc.

Starting with the next release, v0.13.0, the fedify tunnel command will be added. The following command exposes a local HTTP server running on port 3000 to the public internet:

fedify tunnel 3000

https://unstable.fedify.dev/cli#fedify-tunnel-exposing-a-local-http-server-to-the-public-internet

#Fedify #localtunnel

I ended up implementing the `fedify tunnel` command to eliminate the ngrok installation and sign-up part of the #Fedify tutorial. 😂

https://unstable.fedify.dev/cli#fedify-tunnel-exposing-a-local-http-server-to-the-public-internet

#연합우주 (#fediverse) 개발을 단순화할 준비가 되셨나요? #Fedify 프레임워크를 확인해보세요!

• 튜토리얼
• API 레퍼런스
• 예제들

더욱 연결된, 더욱 분산된 웹을 만드는 데 동참해주세요! 🌐 #ActivityPub

#Fedify 프레임워크는 #ActivityPub의 실제 쓰임에 집중하고 있습니다. 문서에는 #Mastodon 같은 주요 구현체들이 만든 사실상의 표준에 맞춘 어휘 API 사용법에 대한 가이드가 포함되어 있습니다. 더 적은 고민으로 상호 운용 가능한 앱을 만드세요! 🤝

#ActivityPub 인터랙션 디버깅은 꽤 까다롭죠. 그렇지만 #Fedify 툴체인이 도와드립니다! 테스트와 디버깅을 위한 CLI 툴체인을 포함하고 있어 개발과 트러블슈팅이 쉬워집니다. 머리 싸매는 시간을 줄이고 멋진 기능을 만드는 데 더 많은 시간을 쓰세요! 🔍

#Fedify 프레임워크는 #연합우주 (#fediverse) 개발에 중요한 기능들을 기본으로 내장하고 있습니다:

• #WebFinger 클라이언트와 서버
• HTTP 서명 (HTTP Signatures)
• 객체 무결성 증명 (Object Integrity Proofs)
• NodeInfo 프로토콜
• 바퀴를 재발명할 필요 없어요—#ActivityPub 표준을 위한 핵심 기능을 갖추고 있습니다! 📦

유연성은 중요하죠! #Fedify 프레임워크는 풀 스택 솔루션이 아닙니다—여러분이 좋아하는 웹 프레임워크와 함께 작동하도록 설계되었죠. #Hono 및 #Fresh 등, Fedify는 여러 웹 프레임워크와의 쉬운 통합 옵션을 제공합니다. 여러분만의 방식으로 #연합우주 (#fediverse) 앱을 만드세요! 🛠️

Fedify의 가장 강력한 기능 중 하나는 타입 안전한 어휘 객체입니다. 이는 Activity Vocabulary와 벤더 별 확장을 표현하는데, ActivityPub 객체와 액티비티를 다룰 때 견고하고 안전한 코드를 보장합니다. 런타임 오류와 작별하고 자신 있는 코딩을 시작하세요! 💪🏼

#Fedify 소개: #연합우주 (#fediverse) 상에 #ActivityPub 서버 앱을 만들기 위한 강력한 #TypeScript 라이브러리! 🚀

Fedify는 연합형 앱의 복잡함을 단순화하여 개발자가 가장 중요한 것—고유한 기능과 사용자 경험—에 집중할 수 있게 해줍니다. Fedify의 특징을 살펴볼까요? 🧵

#Fedify offers robust logging capabilities through integration with LogTape. This feature allows you to easily debug and monitor your Fedify app!

To enable #logging, simply install the @logtape/logtape package and configure it in your app's entry point:

import { configure, getConsoleSink } from "@logtape/logtape";

await configure({
  sinks: { console: getConsoleSink() },
  filters: {},
  loggers: [
    { category: "your-app", sinks: ["console"], level: "debug" },
    { category: "fedify",   sinks: ["console"], level: "info" },
  ],
});

Fedify uses hierarchical categories for fine-grained control over log output. Key categories include ["fedify", "federation", "http"] for HTTP requests/responses and ["fedify", "federation", "inbox"]/["fedify", "federation", "outbox"] for incoming/outgoing activities. (There are more categories.)

With #LogTape integration, you gain valuable insights into your Fedify app's behavior, making troubleshooting and optimization much more straightforward!

https://fedify.dev/manual/log

#fedidev

As a potential #Fedify user, which of the following technologies are you familiar with?

If you read a #Fedify #tutorial, what #ActivityPub software would you like to see as an #example in the tutorial?

#fedidev

If you read a #Fedify #tutorial, what #ActivityPub software would you like to see as an #example in the tutorial?

#fedidev

A good issue to contribute to #Fedify for the first time. Anybody interested?

https://github.com/dahlia/fedify/issues/109

#fedidev

#Fedify, an #ActivityPub server framework, has released v0.12.0. It's a minor release in about a month, so there's quite a few changes:

• The fedify command can now also be installed with npm. It can be installed with npm i -g @fedify/cli in Node.js and bun i -g @fedify/cli in Bun.
• Added the fedify init command to help set up a new Fedify project.
• Incoming activities are now also queued and inbox listeners are now processed in the background worker. If you were already queuing outgoing activities, this will just take effect with a simple upgrade to v0.12.0.
• Retry policy for failed tasks processed in the background worker is now customizable and defaults to backoff with decorrelated jitter.
• Added ChatMessage, Move, Read, Travel, View, TentativeAccept, and TentativeReject classes. (Thanks to @moreal!)
• Improved multitenancy (virtual hosting) support: You can now easily determine the host of the current request via the hostname, host, and origin properties of the Context.
• When validating HTTP Signatures and Object Integrity Proofs, once fetched public keys are now cached.

It's available on JSR and npm now, and you can upgrade it using the deno add command on Deno:

deno add @fedify/fedify@^0.12.0

Or using the bun add command on Bun:

bun add @fedify/fedify@^0.12.0

Or using the npm add command on Bun:

npm add @fedify/fedify@^0.12.0

#fedidev

I'm very excited to be successfully following our Ghost newsletter about building ActivityPub support, on Mastodon!

More slow tinkering with #fedify, now have the actor dispatcher working and serving up my profile as seen from #phanpy.

@admin Now fixed the stable docs too!

#Fedify, an #ActivityPub server framework, has released v0.12.0. It's a minor release in about a month, so there's quite a few changes:

• The fedify command can now also be installed with npm. It can be installed with npm i -g @fedify/cli in Node.js and bun i -g @fedify/cli in Bun.
• Added the fedify init command to help set up a new Fedify project.
• Incoming activities are now also queued and inbox listeners are now processed in the background worker. If you were already queuing outgoing activities, this will just take effect with a simple upgrade to v0.12.0.
• Retry policy for failed tasks processed in the background worker is now customizable and defaults to backoff with decorrelated jitter.
• Added ChatMessage, Move, Read, Travel, View, TentativeAccept, and TentativeReject classes. (Thanks to @moreal!)
• Improved multitenancy (virtual hosting) support: You can now easily determine the host of the current request via the hostname, host, and origin properties of the Context.
• When validating HTTP Signatures and Object Integrity Proofs, once fetched public keys are now cached.

It's available on JSR and npm now, and you can upgrade it using the deno add command on Deno:

deno add @fedify/fedify@^0.12.0

Or using the bun add command on Bun:

bun add @fedify/fedify@^0.12.0

Or using the npm add command on Bun:

npm add @fedify/fedify@^0.12.0

#fedidev

The Astro integration code has been reverted. It will come back in at some point once the blockers are resolved.

Since #Fedify v0.12.0, when verifying HTTP Signatures or Object Integrity Proofs, it will cache the public keys once fetched. It is okay even if a cached key becomes outdated because a verification failure due to a cached key will invalidate the cache and force a verification retry.

This feature is available for preview in v0.12.0-dev.307+235629d5 (JSR or npm).

#fedidev #ActivityPub

Due to the details of the behavior of Astro's middleware, it looks like the next #Fedify release (v0.12.0) may not be able to ship with the #Astro integration. 😅

Working on the `fedify init` command, the project setup wizard for #Fedify…

#fedidev

The fedify command is now available on #npm! You can install it using the following command:

npm install -g @fedify/cli

Or if you use #Bun:

bun install -g @fedify/cli

https://www.npmjs.com/package/@fedify/cli

#Fedify

@admin They are fixed in the unstable docs. For now, could you please use them instead? The stable docs will be fixed in the next release. Thanks!

https://unstable.fedify.dev/manual/federation

I wrote a laravel package to add federation support to various internal @pixelfed projects like FediDB and PubKit

I might just polish this up and ship it, so laravel devs can add federation support with a few lines of code

the fedify of php ✨

#activitypub #laravel #fedify #php

finally getting to the #fedify part of my deno-fedify experiment, first thing working is the nodeinfo support

#Fedify offers robust logging capabilities through integration with LogTape. This feature allows you to easily debug and monitor your Fedify app!

To enable #logging, simply install the @logtape/logtape package and configure it in your app's entry point:

import { configure, getConsoleSink } from "@logtape/logtape";

await configure({
  sinks: { console: getConsoleSink() },
  filters: {},
  loggers: [
    { category: "your-app", sinks: ["console"], level: "debug" },
    { category: "fedify",   sinks: ["console"], level: "info" },
  ],
});

Fedify uses hierarchical categories for fine-grained control over log output. Key categories include ["fedify", "federation", "http"] for HTTP requests/responses and ["fedify", "federation", "inbox"]/["fedify", "federation", "outbox"] for incoming/outgoing activities. (There are more categories.)

With #LogTape integration, you gain valuable insights into your Fedify app's behavior, making troubleshooting and optimization much more straightforward!

https://fedify.dev/manual/log

#fedidev

#Fedify's security policy is just written!

https://github.com/dahlia/fedify/security

I want to create good first issues for @fedify, but I don't have a good idea of appropriate tasks for first-time contributors. Any ideas?

#Fedify #fedidev #opensource

Ready to simplify your #fedidev? Check out #Fedify!

• Tutorial
• API reference
• Examples

Join us in building a more connected and decentralized web! 🌐 #ActivityPub

#Fedify also focuses on the practical side of #ActivityPub. Its docs includes guidance on using the vocabulary API in line with de facto norms set by popular implementations like #Mastodon. Build more interoperable apps with less headache! 🤝

Debugging #ActivityPub interactions can be tricky, but #Fedify's got your back! It includes a CLI toolchain for testing and debugging, making development and troubleshooting a breeze. Spend less time scratching your head and more time building awesome features! 🔍

Out of the box, #Fedify comes packed with features crucial for #fediverse development:

• #WebFinger client and server
• HTTP Signatures
• Object Integrity Proofs
• NodeInfo protocol
• No need to reinvent the wheel—Fedify has you covered for core #ActivityPub standards! 📦

Flexibility is key! #Fedify isn't a full-stack solution—it's designed to work alongside your favorite web frameworks. Whether you're using #Astro, #Hono, #Fresh, or others, Fedify has got you covered with easy integration options. Build your #fediverse app, your way! 🛠️

One of #Fedify's strongest features is its type-safe vocabulary objects. These represent the Activity Vocabulary and vendor-specific extensions, ensuring robust and safe code when working with ActivityPub objects and activities. Say goodbye to runtime errors and hello to confident coding! 💪🏼

Introducing #Fedify: A powerful #TypeScript library for building #ActivityPub server apps in the #fediverse! 🚀

Fedify aims to simplify the complex world of federated apps, allowing developers to focus on what matters most—their unique features and user experience. Let's explore what makes Fedify stand out! 🧵

In #Fedify's next release, v0.12.0, we'll be adding support for integration with Astro, a web framework for content-driven websites.

https://unstable.fedify.dev/manual/integration#astro

#Astro #fedidev

We released #Fedify 0.9.2, 0.10.1, and 0.11.1, which patched the last reported #vulnerability, CVE-2024-39687, but the vulnerability of SSRF attacks via DNS rebinding still exists, so we released Fedify 0.9.3, 0.10.2, and 0.11.2, which fixes it.

If you are using an earlier version, please update as soon as possible.

Thanks to @benaryorg for reporting the vulnerability!

#SSRF #security #fedidev

@ml Apparently they (Ghost) have a bug. We'll inform them!

We're releasing @fedify/h3! Now you can integrate #Fedify with h3, an HTTP server framework behind Nitro, Analog, Vinxi, SolidStart, TanStack Start, and other many web frameworks.

https://github.com/dahlia/fedify-h3

#fedidev #h3

@ml What Mastodon client app do you use?

@silverpill Yeah, they apparently missed to wrap it with Image object! See their code:

https://github.com/TryGhost/ActivityPub/blob/c82715db4529f9a71de8853d159ae26d576c385f/src/dispatchers.ts#L40

It should be changed as like below (from @hollo):

https://github.com/dahlia/hollo/blob/7b51666bfdfd6efea511c03cd305432643e423b7/src/federation/index.ts#L86-L88

Woah, #ghost is now live in the #fediverse with @index.

Absolutely outstanding progress! #fedify definitely deserves a great deal of recognition for making this possible. 😎

Feeling like we now have tooling in place to fediverse all things. 😅

looks like there will be lighter-weight alternatives to mastodon, thanks to @fedify — maybe I’ll hack together a simple one? 🙃

Finally, @ghost has open sourced their #ActivityPub implementation powered by #Fedify! For Fedify users, this means another production-grade example code.

If you'd like to follow updates on #Ghost's ActivityPub implementation, you can do so by following @index!

https://github.com/TryGhost/ActivityPub

#fedidev

Two big pieces of news in Ghost's progress on ActivtyPub integration:

1. You can now follow their newsletter from the Fediverse at this address: @index
2. They've open sourced their ActivityPub work!

We're many steps closer to being able to follow Ghost newsletters on the #Fediverse rather than cluttering up your email inbox 🙏🏻

https://activitypub.ghost.org/lets-fix-it-in-production/?ref=build-log-newsletter

@fedify users of Fedify still need to keep potential for SSRF in mind when requesting any URLs in Activities/Objects not through these APIs, e.g., when downloading media from a remote server for caching

I was planning to play around with #fedify but got sidetracked into learning #deno #fresh #preact #tailwindcss ...

To #Hollo users: please update your #Hollo to 0.1.0-dev.46, a #security patch which addresses @fedify's #vulnerability CVE-2024-39687, as soon as possible!

https://hollo.social/@fedify/019080c7-c784-755d-a6f2-d1f91f2c5709

To #Fedify users: please update your Fedify as soon as possible!

https://hollo.social/@fedify/019080c7-c784-755d-a6f2-d1f91f2c5709

CVE-2024-39687, a vulnerability that could potentially allow a Server Side Request Forgery (SSRF) attack, was discovered in #Fedify and a security patch has been applied to fix it. The patched versions are 0.9.2, 0.10.1, and 0.11.1, respectively. If you are using an earlier version, please update as soon as possible.

Thanks to @thisismissem for reporting the vulnerability!

Hooray, #Fedify's GitHub repository just hit 300 stars!

I've been using fedify for the last few months and I'm absolutely loving it. It makes it really easy to prototype new ideas.

I jsut wrote a detailed post on my blog about @ghost's #funding for @fedify! (Both English and Korean available.)

https://writings.hongminhee.org/2024/07/ghost-funds-fedify/

#Fedify #fedidev

#Fedify now has a queue for incoming activities and they are automatically retried when they fail. The default retry strategy is good enough (exponential backoff + decorrelated jitter), and it's even fully customizable. Updated also the docs:

https://unstable.fedify.dev/manual/inbox#making-inbox-listeners-non-blocking

You can give it a try by installing 0.12.0-dev.265+cb851932, the latest unstable release:

https://jsr.io/@fedify/[email protected]ev.265+cb851932
https://www.npmjs.com/package/@fedify/fedify/v/0.12.0-dev.265

#fedidev #ActivityPub

In the next version of #Fedify, the #RetryPolicy type is introduced to let you fully customize the retry policy of the task queue for incoming and outgoing activities. Of course, you can also simply adjust the parameters of the built-in exponential backoff + decorrelated jitter policy.

#fedidev #ActivityPub

Basic implementation of the inbox queue is complete and documentation is being worked on.

https://hollo.social/@fedify/0190687b-1a09-728b-8a0d-bcbd4dca54cd

#Fedify #fedidev

In the next version of #Fedify, the Context.hostname, Context.host, and Context.origin properties will be added for better multitenancy/virtual hosting support.

https://github.com/dahlia/fedify/issues/66#issuecomment-2198967566

#fedidev #ActivityPub

#Fedify has always been queuing outgoing activities, but not incoming activities. Thanks to @ghost's sponsorship, we are now implementing queues for incoming activities!

https://github.com/dahlia/fedify/issues/70

#fedidev #ActivityPub

It was trivial than I expected; #Fedify now supports #ChatMessage type!

Did you know? #Fedify offers the markdown-it plugins for parsing #Mastodon-style mentions and hashtags syntax.

• @fedify/markdown-it-mention: https://github.com/dahlia/markdown-it-mention
• @fedify/markdown-it-hashtag: https://github.com/dahlia/markdown-it-hashtag

Check it out!

Week in Fediverse 2024-06-28

Servers

- Sharkey v2024.5.1
- Gancio v1.18.0
- Mitra v2.23.0
- neodb v0.10.2.3
- Castopod v1.12.0
- NodeBB v4.0.0-alpha (aka ActivityPub alpha release)
- Hollo: Federated single-user microblogging software powered by Fedify

Clients

- IceCubesApp v1.10.43
- Tuba v0.8.1
- Pachli v2.6.0
- mlmym v0.0.46
- P2Play v0.8.1
- Phanpy changelog

Tools and Plugins

- FediFetcher v7.1.1
- Granary v7.0
- Fedify v0.11.0
- Betulon: A simple utility to add Mastodon bookmarks to Betula

Articles

- Meta is connecting Threads more deeply with the fediverse

-----

#WeekInFediverse #Fediverse #ActivityPub

Previous edition: https://mitra.social/objects/01903bb6-c8eb-3a66-3305-460bf5a946d1

Version 0.11.0 of Fedify, an ActivityPub server framework, has been released! Here are the key changes:

• Followed up changes in eddsa-jcs-2022 spec for Object Integrity Proofs.

• Frequently used JSON-LD contexts are now bundled with Fedify.

• Inbox, linked, featured, and featured tags collection dispatchers are introduced. (Thanks to @ghost!)

• Activity Vocabulary API now has better runtime type error messages.

• The items property of OrderedCollection and OrderedCollectionPage is now represented as orderedItems (was items) in JSON-LD.

• Added Invite, Join, Leave, Listen, Offer classes. (Thanks to Randy Wressell & @moreal!)

https://github.com/dahlia/fedify/releases/tag/0.11.0

If you want a message queue backend for #RabbitMQ as well, please upvote this issue!

#Fedify

#Hollo is using this @fedify/redis package for caching and queuing. Battle tested!

https://hollo.social/@fedify/01905e6b-deec-785a-9bda-b72883031f8f

#Fedify has supported optional queuing for outgoing activities, with two built-in message queue backends: InProcessMessageQueue, which is suitable for development, and DenoKvMessageQueue, which is only available in Deno.

Fedify has also had two built-in cache backends, MemoryKvStore, which is suitable for development, and DenoKvStore, which is only available in Deno.

Now, however, by installing the @fedify/redis package, you can use #Redis as both a message queue backend and a cache backend! Unlike DenoKvMessageQueue and DenoKvStore, it's also available for #Node.js and #Bun.

This feature was made possible with the support of @ghost.

https://github.com/dahlia/fedify-redis

#fedidev

We have a space on #Matrix for the #Fedify community, so if you have any questions, feel free to join us and ask!

https://matrix.to/#/#fedify:matrix.org

Fedify is an #ActivityPub server framework in #TypeScript & #JavaScript. It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

The key features it provides currently are:

• Type-safe objects for Activity Vocabulary (including some vendor-specific extensions)
• #WebFinger client and server
• HTTP Signatures & Linked Data Signatures & Object Integrity Proofs
• Middleware for handling webhooks
• #NodeInfo protocol
• #Node.js, #Deno, and #Bun support
• CLI toolchain for testing and debugging

If you're curious, take a look at the #Fedify website! There's comprehensive docs, a demo, a tutorial, example code, and more:

https://fedify.dev/

#Fedify now has the official #Hollo account! Please follow @fedify!

https://hollo.social/@fedify/01905d6a-5d70-75bc-881e-d6c155a5051c

#fedidev

Hello, #fediverse! It's the official fedi account of the Fedify, an #ActivityPub server framework!

#Fedify #fedidev