#Hollo 0.6.0 is coming soon!

We're putting the finishing touches on our biggest security and feature update yet. Here's what's coming:

Enhanced #OAuth #security

• RFC 8414 (OAuth metadata discovery)
• RFC 7636 (#PKCE support)
• Improved authorization flows following RFC 9700 best practices

New features

• Extended character limit (4K → 10K)
• Code syntax highlighting
• Customizable profile themes
• EXIF metadata stripping for privacy

Important notes for update

• Node.js 24+ required
• Updated environment variables for asset storage
• Stronger SECRET_KEY requirements (44+ chars)

Special thanks to @thisismissem for the extensive OAuth improvements that help keep the #fediverse secure and compatible! 🙏

Full changelog and upgrade guide coming with the release.

#ActivityPub

@hollo @hongminhee Does Hollo support Fedify's split-domain configuration yet? https://unstable.fedify.dev/manual/federation#separating-webfinger-host-from-the-server-origin

I'm waiting for that before I set up a Hollo instance for @encyclia so it can have its bare domain in its handle. 🙂

@hollo Recommendation: If you write about your open source software, please include just one sentence, what it does in general.

Such messages are always an opportunity because they end up in non-users streams. Use it by just telling them, what your software does.

In this case something like "Hollo - A federated single-user microblogging software" would be more than enough.