Hollo :hollo:'s avatar
Hollo :hollo:

@hollo@hollo.social

0.6.0 is coming soon!

We're putting the finishing touches on our biggest security and feature update yet. Here's what's coming:

Enhanced

  • RFC 8414 (OAuth metadata discovery)
  • RFC 7636 ( support)
  • Improved authorization flows following RFC 9700 best practices

New features

  • Extended character limit (4K โ†’ 10K)
  • Code syntax highlighting
  • Customizable profile themes
  • EXIF metadata stripping for privacy

Important notes for update

  • Node.js 24+ required
  • Updated environment variables for asset storage
  • Stronger SECRET_KEY requirements (44+ chars)

Special thanks to @thisismissem for the extensive OAuth improvements that help keep the secure and compatible! ๐Ÿ™

Full changelog and upgrade guide coming with the release.

Julian Fietkau's avatar
Julian Fietkau

@julian@fietkau.social ยท Reply to Hollo :hollo:'s post

@hollo @hongminhee Does Hollo support Fedify's split-domain configuration yet? unstable.fedify.dev/manual/fed

I'm waiting for that before I set up a Hollo instance for @encyclia so it can have its bare domain in its handle. ๐Ÿ™‚

Martin Seeger's avatar
Martin Seeger

@masek@infosec.exchange ยท Reply to Hollo :hollo:'s post

@hollo Recommendation: If you write about your open source software, please include just one sentence, what it does in general.

Such messages are always an opportunity because they end up in non-users streams. Use it by just telling them, what your software does.

In this case something like "Hollo - A federated single-user microblogging software" would be more than enough.