Fedify: an ActivityPub server framework's avatar

Fedify: an ActivityPub server framework

@[email protected] · 3 following · 129 followers

Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards, so-called fediverse. It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

WebsiteGitHubMatrixJSR

https://fedify.dev/

https://github.com/dahlia/fedify

https://matrix.to/#/#fedify:matrix.org

https://jsr.io/@fedify/fedify

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Fedify is an server framework in & . It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

The key features it provides currently are:

If you're curious, take a look at the website! There's comprehensive docs, a demo, a tutorial, example code, and more:

https://fedify.dev/

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Hello, ! It's the official fedi account of the Fedify, an server framework!

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

Working on the `fedify init` command, the project setup wizard for

A demo of the `fedify init` command. The JavaScript runtime choices are Deno, Node.js, and Bun, of which Deno is selected. The web framework choices are Bare-bones, Astro, Fresh, and Hono, with Hono selected. The key-value store options are No cache, Redis, and Deno KV, with Deno KV selected. The message queue options are No background jobs, Redis, Deno KV, and Deno KV is selected. Finally, an Hono project integrated with Fedify is created and the server is started by running the `deno task dev` command.
A demo of the `fedify init` command. The JavaScript runtime choices are Deno, Node.js, and Bun, of which Deno is selected. The web framework choices are Bare-bones, Astro, Fresh, and Hono, with Hono selected. The key-value store options are No cache, Redis, and Deno KV, with Deno KV selected. The message queue options are No background jobs, Redis, Deno KV, and Deno KV is selected. Finally, an Hono project integrated with Fedify is created and the server is started by running the `deno task dev` command.
Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

The fedify command is now available on ! You can install it using the following command:

npm install -g @fedify/cli

Or if you use :

bun install -g @fedify/cli

https://www.npmjs.com/package/@fedify/cli

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Matthias Bohlen's post

@admin They are fixed in the unstable docs. For now, could you please use them instead? The stable docs will be fixed in the next release. Thanks!

https://unstable.fedify.dev/manual/federation

dansup's avatar
dansup

@[email protected]

I wrote a laravel package to add federation support to various internal @pixelfed projects like FediDB and PubKit

I might just polish this up and ship it, so laravel devs can add federation support with a few lines of code

the fedify of php ✨

fedicat's avatar
fedicat

@[email protected]

finally getting to the part of my deno-fedify experiment, first thing working is the nodeinfo support

screenshot of web browser showing a debug view of JSON showing server info
screenshot of web browser showing a debug view of JSON showing server info
Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

offers robust logging capabilities through integration with LogTape. This feature allows you to easily debug and monitor your Fedify app!

To enable , simply install the @logtape/logtape package and configure it in your app's entry point:

import { configure, getConsoleSink } from "@logtape/logtape";

await configure({
  sinks: { console: getConsoleSink() },
  filters: {},
  loggers: [
    { category: "your-app", sinks: ["console"], level: "debug" },
    { category: "fedify",   sinks: ["console"], level: "info" },
  ],
});

Fedify uses hierarchical categories for fine-grained control over log output. Key categories include ["fedify", "federation", "http"] for HTTP requests/responses and ["fedify", "federation", "inbox"]/["fedify", "federation", "outbox"] for incoming/outgoing activities. (There are more categories.)

With integration, you gain valuable insights into your Fedify app's behavior, making troubleshooting and optimization much more straightforward!

https://fedify.dev/manual/log

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected] · Reply to 洪 民憙 (Hong Minhee)'s post

's security policy is just written!

github.com/dahlia/fedify/secur

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

I want to create good first issues for @fedify, but I don't have a good idea of appropriate tasks for first-time contributors. Any ideas?

ShadeOW's avatar
ShadeOW

@[email protected]

Je viens de voir @fedify est disponible sur NodeJS !!!!!!
Je vais (peut être) pouvoir mener à bien la fédération de 😍

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

Ready to simplify your ? Check out !

Join us in building a more connected and decentralized web! 🌐

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

also focuses on the practical side of . Its docs includes guidance on using the vocabulary API in line with de facto norms set by popular implementations like . Build more interoperable apps with less headache! 🤝

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

Debugging interactions can be tricky, but 's got your back! It includes a CLI toolchain for testing and debugging, making development and troubleshooting a breeze. Spend less time scratching your head and more time building awesome features! 🔍

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

Out of the box, comes packed with features crucial for development:

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

Flexibility is key! isn't a full-stack solution—it's designed to work alongside your favorite web frameworks. Whether you're using , , , or others, Fedify has got you covered with easy integration options. Build your app, your way! 🛠️

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

One of 's strongest features is its type-safe vocabulary objects. These represent the Activity Vocabulary and vendor-specific extensions, ensuring robust and safe code when working with ActivityPub objects and activities. Say goodbye to runtime errors and hello to confident coding! 💪🏼

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Introducing : A powerful library for building server apps in the ! 🚀

Fedify aims to simplify the complex world of federated apps, allowing developers to focus on what matters most—their unique features and user experience. Let's explore what makes Fedify stand out! 🧵

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

In 's next release, v0.12.0, we'll be adding support for integration with Astro, a web framework for content-driven websites.

https://unstable.fedify.dev/manual/integration#astro

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

We released 0.9.2, 0.10.1, and 0.11.1, which patched the last reported , CVE-2024-39687, but the vulnerability of SSRF attacks via DNS rebinding still exists, so we released Fedify 0.9.3, 0.10.2, and 0.11.2, which fixes it.

If you are using an earlier version, please update as soon as possible.

Thanks to @benaryorg for reporting the vulnerability!

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Mitex Leo's post

@ml Apparently they (Ghost) have a bug. We'll inform them!

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

We're releasing @fedify/h3! Now you can integrate with h3, an HTTP server framework behind Nitro, Analog, Vinxi, SolidStart, TanStack Start, and other many web frameworks.

https://github.com/dahlia/fedify-h3

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Mitex Leo's post

@ml What Mastodon client app do you use?

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to silverpill's post

@silverpill Yeah, they apparently missed to wrap it with Image object! See their code:

https://github.com/TryGhost/ActivityPub/blob/c82715db4529f9a71de8853d159ae26d576c385f/src/dispatchers.ts#L40

It should be changed as like below (from @hollo):

https://github.com/dahlia/hollo/blob/7b51666bfdfd6efea511c03cd305432643e423b7/src/federation/index.ts#L86-L88

Alejandro Baez's avatar
Alejandro Baez

@[email protected]

Woah, is now live in the with @index.

Absolutely outstanding progress! definitely deserves a great deal of recognition for making this possible. 😎

Feeling like we now have tooling in place to fediverse all things. 😅

Ayo Ayco's avatar
Ayo Ayco

@[email protected]

looks like there will be lighter-weight alternatives to mastodon, thanks to @fedify — maybe I’ll hack together a simple one? 🙃

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Finally, @ghost has open sourced their implementation powered by ! For Fedify users, this means another production-grade example code.

If you'd like to follow updates on 's ActivityPub implementation, you can do so by following @index!

https://github.com/TryGhost/ActivityPub

Anuj Ahooja's avatar
Anuj Ahooja

@[email protected]

Two big pieces of news in Ghost's progress on ActivtyPub integration:

1. You can now follow their newsletter from the Fediverse at this address: @index
2. They've open sourced their ActivityPub work!

We're many steps closer to being able to follow Ghost newsletters on the rather than cluttering up your email inbox 🙏🏻

activitypub.ghost.org/lets-fix

Emelia 👸🏻's avatar
Emelia 👸🏻

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

@fedify users of Fedify still need to keep potential for SSRF in mind when requesting any URLs in Activities/Objects not through these APIs, e.g., when downloading media from a remote server for caching

technicat's avatar
technicat

@[email protected]

I was planning to play around with but got sidetracked into learning ...

Hollo's avatar
Hollo

@[email protected]

To users: please update your to 0.1.0-dev.46, a patch which addresses @fedify's CVE-2024-39687, as soon as possible!

https://hollo.social/@fedify/019080c7-c784-755d-a6f2-d1f91f2c5709

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

To users: please update your Fedify as soon as possible!

hollo.social/@fedify/019080c7-

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

CVE-2024-39687, a vulnerability that could potentially allow a Server Side Request Forgery (SSRF) attack, was discovered in and a security patch has been applied to fix it. The patched versions are 0.9.2, 0.10.1, and 0.11.1, respectively. If you are using an earlier version, please update as soon as possible.

Thanks to @thisismissem for reporting the vulnerability!

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Hooray, 's GitHub repository just hit 300 stars!

Fedify's GitHub repository, which has over 300 stars.
Fedify's GitHub repository, which has over 300 stars.
Anuj Ahooja's avatar
Anuj Ahooja

@[email protected] · Reply to Tim Chambers's post

I've been using fedify for the last few months and I'm absolutely loving it. It makes it really easy to prototype new ideas.

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

I jsut wrote a detailed post on my blog about @ghost's for @fedify! (Both English and Korean available.)

writings.hongminhee.org/2024/0

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected] · Reply to 洪 民憙 (Hong Minhee)'s post

now has a queue for incoming activities and they are automatically retried when they fail. The default retry strategy is good enough (exponential backoff + decorrelated jitter), and it's even fully customizable. Updated also the docs:

unstable.fedify.dev/manual/inb

You can give it a try by installing 0.12.0-dev.265+cb851932, the latest unstable release:

jsr.io/@fedify/[email protected]
npmjs.com/package/@fedify/fedi

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

In the next version of , the type is introduced to let you fully customize the retry policy of the task queue for incoming and outgoing activities. Of course, you can also simply adjust the parameters of the built-in exponential backoff + decorrelated jitter policy.

outboxRetryPolicy

This API is available since Fedify 0.12.0.

The retry policy for sending activities to recipients' inboxes.

By default, this uses an exponential backoff strategy with a maximum of 10 attempts and a maximum delay of 12 hours.

You can fully customize the retry policy by providing a custom function that satisfies the RetryPolicy type. Or you can adjust the parameters of the createExponentialBackoffRetryPolicy() function, which is a default implementation of the retry policy.
outboxRetryPolicy This API is available since Fedify 0.12.0. The retry policy for sending activities to recipients' inboxes. By default, this uses an exponential backoff strategy with a maximum of 10 attempts and a maximum delay of 12 hours. You can fully customize the retry policy by providing a custom function that satisfies the RetryPolicy type. Or you can adjust the parameters of the createExponentialBackoffRetryPolicy() function, which is a default implementation of the retry policy.
洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

Basic implementation of the inbox queue is complete and documentation is being worked on.

hollo.social/@fedify/0190687b-

Making inbox listeners non-blocking

This API is available since Fedify 0.12.0.

Usually, processes inside an inbox listener should be non-blocking because they may involve long-running tasks. Fortunately, you can easily turn inbox listeners into non-blocking by providing a queue option to createFederation() function. If it is not present, incoming activities are processed immediately and block the response to the sender until the processing is done.

While the queue option is not mandatory, it is highly recommended to use it in production environments to prevent the server from being overwhelmed by incoming activities.

Note: Activities with invalid signatures/proofs are silently ignored and not queued.
Making inbox listeners non-blocking This API is available since Fedify 0.12.0. Usually, processes inside an inbox listener should be non-blocking because they may involve long-running tasks. Fortunately, you can easily turn inbox listeners into non-blocking by providing a queue option to createFederation() function. If it is not present, incoming activities are processed immediately and block the response to the sender until the processing is done. While the queue option is not mandatory, it is highly recommended to use it in production environments to prevent the server from being overwhelmed by incoming activities. Note: Activities with invalid signatures/proofs are silently ignored and not queued.
Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

In the next version of , the Context.hostname, Context.host, and Context.origin properties will be added for better multitenancy/virtual hosting support.

https://github.com/dahlia/fedify/issues/66#issuecomment-2198967566

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

has always been queuing outgoing activities, but not incoming activities. Thanks to @ghost's sponsorship, we are now implementing queues for incoming activities!

https://github.com/dahlia/fedify/issues/70

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected] · Reply to 洪 民憙 (Hong Minhee)'s post

It was trivial than I expected; now supports type!

洪 民憙 (Hong Minhee) 🤏🏼's avatar
洪 民憙 (Hong Minhee) 🤏🏼

@[email protected]

Did you know? offers the markdown-it plugins for parsing -style mentions and hashtags syntax.

• @fedify/markdown-it-mention: github.com/dahlia/markdown-it-
• @fedify/markdown-it-hashtag: github.com/dahlia/markdown-it-

Check it out!

Week in Fediverse's avatar
Week in Fediverse

@[email protected]

Week in Fediverse 2024-06-28

Servers

- Sharkey v2024.5.1
- Gancio v1.18.0
- Mitra v2.23.0
- neodb v0.10.2.3
- Castopod v1.12.0
- NodeBB v4.0.0-alpha (aka ActivityPub alpha release)
- Hollo: Federated single-user microblogging software powered by Fedify

Clients

- IceCubesApp v1.10.43
- Tuba v0.8.1
- Pachli v2.6.0
- mlmym v0.0.46
- P2Play v0.8.1
- Phanpy changelog

Tools and Plugins

- FediFetcher v7.1.1
- Granary v7.0
- Fedify v0.11.0
- Betulon: A simple utility to add Mastodon bookmarks to Betula

Articles

- Meta is connecting Threads more deeply with the fediverse

-----

#WeekInFediverse #Fediverse #ActivityPub

Previous edition: https://mitra.social/objects/01903bb6-c8eb-3a66-3305-460bf5a946d1

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Version 0.11.0 of Fedify, an ActivityPub server framework, has been released! Here are the key changes:

https://github.com/dahlia/fedify/releases/tag/0.11.0

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected] · Reply to Fedify: an ActivityPub server framework's post

If you want a message queue backend for as well, please upvote this issue!

Hollo's avatar
Hollo

@[email protected]

is using this @fedify/redis package for caching and queuing. Battle tested!

https://hollo.social/@fedify/01905e6b-deec-785a-9bda-b72883031f8f

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

has supported optional queuing for outgoing activities, with two built-in message queue backends: InProcessMessageQueue, which is suitable for development, and DenoKvMessageQueue, which is only available in Deno.

Fedify has also had two built-in cache backends, MemoryKvStore, which is suitable for development, and DenoKvStore, which is only available in Deno.

Now, however, by installing the @fedify/redis package, you can use as both a message queue backend and a cache backend! Unlike DenoKvMessageQueue and DenoKvStore, it's also available for .js and .

This feature was made possible with the support of @ghost.

https://github.com/dahlia/fedify-redis

洪 民憙 (Hong Minhee) 🤏🏼's avatar
洪 民憙 (Hong Minhee) 🤏🏼

@[email protected]

We have a space on for the community, so if you have any questions, feel free to join us and ask!

matrix.to/#/#fedify:matrix.org

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

If you'd like to support the development of or , you can sponsor me on GitHub!

github.com/sponsors/dahlia

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Fedify is an server framework in & . It aims to eliminate the complexity and redundant boilerplate code when building a federated server app, so that you can focus on your business logic and user experience.

The key features it provides currently are:

If you're curious, take a look at the website! There's comprehensive docs, a demo, a tutorial, example code, and more:

https://fedify.dev/

洪 民憙 (Hong Minhee)'s avatar
洪 民憙 (Hong Minhee)

@[email protected]

now has the official account! Please follow @fedify!

hollo.social/@fedify/01905d6a-

Fedify: an ActivityPub server framework's avatar
Fedify: an ActivityPub server framework

@[email protected]

Hello, ! It's the official fedi account of the Fedify, an server framework!