洪 民憙 (Hong Minhee) :nonbinary:'s avatar

洪 民憙 (Hong Minhee) :nonbinary:

@hongminhee@hollo.social

1,096 following1,869 followers

An intersectionalist, feminist, and socialist living in Seoul (UTC+09:00). @tokolovesme's spouse. Who's behind @fedify, @hollo, and @botkit. Write some free software in , , , & . They/them.

서울에 사는 交叉女性主義者이자 社會主義者. 金剛兔(@tokolovesme)의 配偶者. @fedify, @hollo, @botkit 메인테이너. , , , 等으로 自由 소프트웨어 만듦.

()

Pinned

@hongminhee@hollo.social

Hello! I'm Hong Minhee (洪 民憙), an open source software engineer in my late 30s, living in Seoul, Korea. I'm bisexual and non-binary (they/them), and an enthusiastic advocate of free/open source software and the fediverse.

I work full-time on @fedify, an ActivityPub server framework in TypeScript, funded by @sovtechfund. I'm also the creator of @hollo, a single-user ActivityPub microblog; @botkit, an ActivityPub bot framework; Hackers' Pub, a fediverse platform for software developers; and LogTape, a logging library for JavaScript and TypeScript.

I have a long interest in East Asian languages (CJK) and Unicode. I post mostly in English here, though occasionally in Japanese or in mixed-script Korean (國漢文混用體), a traditional writing style that interleaves Chinese characters with the native Korean alphabet. Wanting to write in that style was actually one of the reasons I joined the fediverse. Feel free to talk to me in English, Korean, Japanese, or even Literary Chinese!

en.wikipedia.org

Korean mixed script - Wikipedia

Pinned

はじめまして!ソウル在住の30代後半のオープンソースソフトウェアエンジニア、洪 民憙ホン・ミンヒと申します。バイセクシュアル(bisexual)・ノンバイナリー(non-binary)で、自由・オープンソースソフトウェア(F/OSS)とフェディバース(fediverse)の熱烈な支持者です。

STF(@sovtechfund)の支援を受け、TypeScript用ActivityPubサーバーフレームワーク「@fedify」の開発に専念しています。他にも、おひとり様向けのActivityPubマイクロブログ「@hollo」、ActivityPubボットフレームワーク「@botkit」、ソフトウェア開発者向けフェディバースプラットフォームHackers' Pub、JavaScript・TypeScript用ロギングライブラリLogTapeなどの制作者でもあります。

東アジア言語(いわゆるCJK)とUnicodeにも興味があります。このアカウントでは主に英語で投稿していますが、時々日本語や国漢文混用体(漢字ハングル混じり文)の韓国語でも書いています。実はこの文体で書きたくてフェディバースを始めた、という経緯もあります。日本語、英語、韓国語、漢文でも気軽に話しかけてください!

speakerdeck.com

国漢文混用体からHolloまで

本発表では、韓国語の「国漢文混用体」(漢字ハングル混じり文)を自分のフェディバース投稿に実装したいという小さな目標から始まった旅路を共有します。 この目標を達成するために、ActivityPubのJSON-LDの複雑さやHTTP Signatures、WebFingerなどの仕様を理解する必要性に…

Pinned

安寧(안녕)하세요! 저는 서울에 살고 있는 30() 後半(후반)의 오픈 소스 소프트웨어 엔지니어 洪民憙(홍민희)입니다. 兩性愛者(양성애자)(bisexual)이자 논바이너리(non-binary)이며, 自由(자유)·오픈 소스 소프트웨어(F/OSS)와 聯合宇宙(연합우주)(fediverse)의 熱烈(열렬)支持者(지지자)이기도 합니다.

STF(@sovtechfund)의 支援(지원)을 받아 TypeScript() ActivityPub 서버 프레임워크 @fedify 開發(개발)專業(전업)으로 ()하고 있습니다. 그 ()에도 싱글 유저() ActivityPub 마이크로블로그 @hollo, ActivityPub 봇 프레임워크 @botkit, 소프트웨어 開發者(개발자)를 위한 聯合宇宙(연합우주) 플랫폼 Hackers' Pub, JavaScript·TypeScript() 로깅 라이브러리 LogTape ()製作者(제작자)이기도 합니다.

()아시아 言語(언어)(이른바 CJK)와 Unicode에도 關心(관심)이 많습니다. 이 計定(계정)에서는 ()英語(영어)로 포스팅하지만, 때때로 日本語(일본어)國漢文混用體(국한문 혼용체) 韓國語(한국어)로도 씁니다. 聯合宇宙(연합우주)에 오게 된 動機(동기) () 하나가 바로 國漢文混用體(국한문 혼용체)로 글을 쓰고 싶었기 때문이기도 하고요. 韓國語(한국어), 英語(영어), 日本語(일본어), 아니면 漢文(한문)으로도 말을 걸어주세요!

logtape.org

LogTape

Unobtrusive logging library with zero dependencies—library-first design for Deno, Node.js, Bun, browsers, and edge functions

@hongminhee@hollo.social

I wish more free/open source software developers got paid for their work.

@mechko@chaos.social
@hongminhee@hollo.social

Hi, new followers! Seems like a good time for a re-introduction.

I'm Hong Minhee (洪 民憙), a software engineer based in Seoul. My pronouns are they/them.

I build tools for the fediverse. Fedify is an ActivityPub server framework in TypeScript, Hollo is a single-user microblogging server (what you're reading this on), and BotKit is a framework for making ActivityPub bots. I care a lot about making federation more accessible to developers, which, as my recent JSON-LD rant probably made clear, sometimes means wrestling with parts of the spec I have complicated feelings about.

I'm a free/open source software person through and through, and a socialist, which informs how I think about tech. Lately I've been thinking a lot about LLMs. My position is probably not what you'd expect from either camp: I think the problem isn't the technology itself but the enclosure of the commons. I wrote about this at length here if you're curious: Histomat of F/OSS: We should reclaim LLMs, not reject them.

Outside of software, I have a long-running interest in CJK languages and writing systems. I'm always happy to talk about Chinese characters, Korean orthography, or the weird corners of Unicode where these things intersect.

Nice to meet you all, and thanks for following.

writings.hongminhee.org

Histomat of F/OSS: We should reclaim LLMs, not reject them

A few days ago, I came across a blog post titled On FLOSS and training LLMs that articulates a growing frustration within the free and open source software…

The Internationalization Working Group @webi18n has published the first draft of a Group Note titled "Text-to-Speech Rendering of Electronic Documents Containing Ruby: User Requirements". This document describes user requirements related to text-to-speech rendering of electronic documents containing ruby annotations.

w3.org/news/2026/group-note-dr

 Double-sided ruby example 2
Figure 2 織田信長 features an upper-side ruby annotation "1534〜82" and a lower-side ruby annotation おだのぶなが
ALT text

Double-sided ruby example 2 Figure 2 織田信長 features an upper-side ruby annotation "1534〜82" and a lower-side ruby annotation おだのぶなが

@hongminhee@hollo.social

Es bedarf Zeit und Erfahrung, bevor der Arbeiter die Maschinerie von ihrer kapitalistischen Anwendung unterscheiden und daher seine Angriffe vom materiellen Produktionsmittel selbst auf dessen gesellschaftliche Exploitationsform übertragen lernt.

—Karl Marx, Das Kapital, Bd. I, Kap. 13, Abschn. 5

zeno.org

Marx, Karl, Das Kapital, I. Band: Der Produktionsprozeß des Kapitals, IV. Die Produktion des relativen Mehrwerts, 13. Maschinerie und große Industrie, 5. Kampf zwischen Arbeiter und Maschine

Volltext Philosophie: Karl Marx, Friedrich Engels: Werke. Berlin 1962, Band 23, S. 450-461.: 5. Kampf zwischen Arbeiter und Maschine

@kopper@not-brain.d.on-t.work
i was a bit curious about the actual transfer size impact of json-ld, and what would happen if you replaced json-ld with simply explicitly repeating the namespaces. so i threw a few payloads, both compacted and expanded, into lynn.github.io/flateview/ at gzip level 6

my actor, compacted - 1855 bytes gzip'd
my actor, expanded - 1877 bytes gzip'd
my actor, compacted with no context - 1793 bytes gzip'd

quoted post, compacted - 2024 bytes gzip'd
quoted post, expanded - 2033 bytes gzip'd
quoted post, compacted with no context - 1985 bytes gzip'd

mastodon.social instance actor, compacted - 2761 bytes gzip'd
mastodon.social instance actor, compacted, with unused context values removed - 644 bytes gzip'd
mastodon.social instance actor, expanded - 707 bytes gzip'd
mastodon.social instance actor, compacted, with no context - 667 bytes gzip'd

RE:
not-brain.d.on-t.work/notes/aihcsxrs45sw0wbq

not-brain.d.on-t.work

kopper :colon_three: (@kopper)

@hongminhee@hollo.social from the point of view of someone who is "maintaining" a JSON-LD processing fedi software and has implemented [their own JSON-LD processing library](https://iceshrimp.dev/iceshrimp/linkeddata.net) (which is, to my knowledge, [the fastest in it's progra...

@kopper@not-brain.d.on-t.work · Reply to 洪 民憙 (Hong Minhee) :nonbinary:
@hongminhee from the point of view of someone who is "maintaining" a JSON-LD processing fedi software and has implemented their own JSON-LD processing library (which is, to my knowledge, the fastest in it's programming language), JSON-LD is pure overhead. there is nothing it allows for that can't be done with

1. making fields which take multiple values explicit
2. always using namespaces and letting HTTP compression take care of minimizing the transfer

without JSON-LD, fedi software could use zero-ish-copy deserialization for a majority of their objects (when strings aren't escaped) through tools like serde_json and Cow<str>, or
System.Text.Json.JsonDocument. JSON-LD processing effectively mandates a JSON node DOM (in the algorithms standardized, you may be able to get rid of it with Clever Programming)

additionally, due to JSON-LD 1.1 features like @type:@json, you can not even fetch contexts ahead of time of running JSON DOM transformations, meaning all JSON-LD code has to be async (in the languages which has the concept), potentially losing out on significant optimizations that can't be done in coroutines due to various reasons (e.g. C# async methods can't have ref structs, Rust async functions usually require thread safety due to tokio's prevalence, even if they're ran in a single-threaded runtime)

this is
after context processing introducing network dependency to the deserialization of data, wasting time and data on non-server cases (e.g. activitypub C2S). sure you can cache individual contexts, but then the context can change underneath you, desynchronizing your cached context and, in the worst case, opening you up to security vulnerabilities

json-ld is not my favorite part of this protocol

socialhub.activitypub.rocks

Potential security vulnerability: Remote JSON-LD contexts may be used to bypass restrictions when arbitrary objects are allowed to be created

Assumption: Remote instance software adhere to the origin based security model and expand JSON-LD with support for fetching remote @context entries (not all do JSON-LD obviously, but in an ideal world (as expected by the spec anyway) they would). Therefore, if a user can create an actor-like object with private keys in their control, they can impersonate any other actor on their instance. There are several ways this can be done that can be checked for and blocked by the C2S server implementati...

@kopper@not-brain.d.on-t.work · Reply to kopper :colon_three:
@hongminhee if i can give one piece of advice to devs who want to process JSON-LD: dont bother compacting. you already know the schema you output (or you're just passing through what the user gives and it doesn't matter to you), serialize directly to the compacted representation, and only run expansion on incoming data

expansion is the cheapest JSON-LD operation (since all other operations depend on it and run it internally anyhow), and this will get you all the compatibility benefits of JSON-LD with little downsides (beyond more annoying deserialization code, as you have to map the expanded representation to your internal structure which will likely be modeled after the compacted one)
@kopper@not-brain.d.on-t.work · Reply to kopper :colon_three:
@kopper@not-brain.d.on-t.work · Reply to 洪 民憙 (Hong Minhee) :nonbinary:
@hongminhee from the point of view of someone who is "maintaining" a JSON-LD processing fedi software and has implemented their own JSON-LD processing library (which is, to my knowledge, the fastest in it's programming language), JSON-LD is pure overhead. there is nothing it allows for that can't be done with

1. making fields which take multiple values explicit
2. always using namespaces and letting HTTP compression take care of minimizing the transfer

without JSON-LD, fedi software could use zero-ish-copy deserialization for a majority of their objects (when strings aren't escaped) through tools like serde_json and Cow<str>, or
System.Text.Json.JsonDocument. JSON-LD processing effectively mandates a JSON node DOM (in the algorithms standardized, you may be able to get rid of it with Clever Programming)

additionally, due to JSON-LD 1.1 features like @type:@json, you can not even fetch contexts ahead of time of running JSON DOM transformations, meaning all JSON-LD code has to be async (in the languages which has the concept), potentially losing out on significant optimizations that can't be done in coroutines due to various reasons (e.g. C# async methods can't have ref structs, Rust async functions usually require thread safety due to tokio's prevalence, even if they're ran in a single-threaded runtime)

this is
after context processing introducing network dependency to the deserialization of data, wasting time and data on non-server cases (e.g. activitypub C2S). sure you can cache individual contexts, but then the context can change underneath you, desynchronizing your cached context and, in the worst case, opening you up to security vulnerabilities

json-ld is not my favorite part of this protocol

socialhub.activitypub.rocks

Potential security vulnerability: Remote JSON-LD contexts may be used to bypass restrictions when arbitrary objects are allowed to be created

Assumption: Remote instance software adhere to the origin based security model and expand JSON-LD with support for fetching remote @context entries (not all do JSON-LD obviously, but in an ideal world (as expected by the spec anyway) they would). Therefore, if a user can create an actor-like object with private keys in their control, they can impersonate any other actor on their instance. There are several ways this can be done that can be checked for and blocked by the C2S server implementati...

@douginamug@mastodon.xyz · Reply to 洪 民憙 (Hong Minhee) :nonbinary:

@hongminhee I'm reading this thread as a relative noob, but what I see again and again: almost no one "properly" implents largely because is hard but also because the spec itself is unclear. Most people who get stuff done have to go off-spec to actually ship.

This seems a fundamental weakness of the - and that disregarding the limitations coming from base architecture. Seems to pose a mid/long-term existential threat.

What can we do to help improve things?

@linear@hackers.pub

‘급진적으로 존재하기’에서 시각장애인 천문학자가 음향화 기술을 활용해 다시 연구에 복귀한 이야기를 읽으면서 문득 장애인들에게 최근의 AI 기술은 어떤 영향을 미치고 있을까 궁금해졌다. 삶에 변화가 생겼다고 느낄지. 이조차도 장애인들은 피해 갔다고 느낄지.

@hongminhee@hollo.social · Reply to near

@computersandblues Actually, this question came up when my acquaintance, @kodingwarrior, mentioned wanting to use a fediverse-based event hosting service for an event he's organizing, which is when we started talking about Mobilizon. The main scenario we envisioned was allowing only those who have paid the participation fee to RSVP. And, of course, they would need to be refunded if they cancel.

@kodingwarrior, are there any other requirements besides this?

어떤 ()들을 어필할 수 있을까?

  • 聯合宇宙(연합우주)를 이루는 소프트웨어 自體(자체)大部分(대부분) 오픈 소스이다?
  • 海外(해외)의 많은 오픈 소스 소프트웨어 開發者(개발자)들이 聯合宇宙(연합우주)를 쓰고 있다?

또 뭐가 있을까…?

@hongminhee@hollo.social

早晩間(조만간) 소프트웨어 엔지니어 커뮤니티로서의 聯合宇宙(연합우주)를 어필하는 韓國語(한국어) 글을 하나 써 봐야겠다.

@hongminhee@hollo.social · Reply to Evan Prodromou

@evan I don't remember exactly, but I think I came across it while doing research before developing Fedify. I probably didn't use it because the TypeScript type definitions were missing. In the end, I ended up making something similar in Fedify anyway.

fedify.dev

Vocabulary | Fedify

The Activity Vocabulary is a collection of type-safe objects that represent the Activity Vocabulary and the vendor-specific extensions. This section explains the key features of the objects.