Anyone else seeing these Cloudflare gatekeeper screens everywhere? Anyone else remember when the internet wasn’t mostly “accept my cookies,” “prove you’re a human,” and “sign up for my newsletter”?

#IAmAHuman #AI #Internet #Cloudflare #Bots

Anyone else seeing these Cloudflare gatekeeper screens everywhere? Anyone else remember when the internet wasn’t mostly “accept my cookies,” “prove you’re a human,” and “sign up for my newsletter”?

#IAmAHuman #AI #Internet #Cloudflare #Bots

Anyone else seeing these Cloudflare gatekeeper screens everywhere? Anyone else remember when the internet wasn’t mostly “accept my cookies,” “prove you’re a human,” and “sign up for my newsletter”?

#IAmAHuman #AI #Internet #Cloudflare #Bots

Moment of Gratitude: CloudFlare

CloudFlare saved the Internet Archive servers from DDOS attack yesterday

The max rate of this DDOS attack was 525 Gbps (44.93 Mpps) of a "TCP flood."

The Internet Archive does not have enough bandwidth to fend off that kind of attack.

Thank you #cloudflare or we would have had a very bad Saturday at the @internetarchive

DDOS attacks are coming more frequently.

Moment of Gratitude: CloudFlare

CloudFlare saved the Internet Archive servers from DDOS attack yesterday

The max rate of this DDOS attack was 525 Gbps (44.93 Mpps) of a "TCP flood."

The Internet Archive does not have enough bandwidth to fend off that kind of attack.

Thank you #cloudflare or we would have had a very bad Saturday at the @internetarchive

DDOS attacks are coming more frequently.

Moment of Gratitude: CloudFlare

CloudFlare saved the Internet Archive servers from DDOS attack yesterday

The max rate of this DDOS attack was 525 Gbps (44.93 Mpps) of a "TCP flood."

The Internet Archive does not have enough bandwidth to fend off that kind of attack.

Thank you #cloudflare or we would have had a very bad Saturday at the @internetarchive

DDOS attacks are coming more frequently.

Moment of Gratitude: CloudFlare

CloudFlare saved the Internet Archive servers from DDOS attack yesterday

The max rate of this DDOS attack was 525 Gbps (44.93 Mpps) of a "TCP flood."

The Internet Archive does not have enough bandwidth to fend off that kind of attack.

Thank you #cloudflare or we would have had a very bad Saturday at the @internetarchive

DDOS attacks are coming more frequently.

Une panne Google Cloud fait tomber Cloudflare et bon nombre de ses clients - https://next.ink/brief_article/une-panne-google-cloud-fait-tomber-cloudflare-et-bon-nombre-de-ses-clients/

> Belle illustration de l'effet domino : jeudi soir, bon nombre de services populaires, de Spotify à Discord en passant par Gmail se sont trouvés très ralentis, voire totalement inaccessibles.

#google #cloudflare #gcp

Une panne Google Cloud fait tomber Cloudflare et bon nombre de ses clients - https://next.ink/brief_article/une-panne-google-cloud-fait-tomber-cloudflare-et-bon-nombre-de-ses-clients/

> Belle illustration de l'effet domino : jeudi soir, bon nombre de services populaires, de Spotify à Discord en passant par Gmail se sont trouvés très ralentis, voire totalement inaccessibles.

#google #cloudflare #gcp

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

We're excited to announce the release of #Fedify 1.6.1, which marks the beginning of the 1.6 series following the retraction of version 1.6.0. This release introduces significant new capabilities that expand Fedify's deployment options and enhance security compatibility across the #fediverse.

🌐 Cloudflare Workers support

Fedify 1.6 introduces first-class support for Cloudflare Workers, enabling #serverless deployment of #ActivityPub applications at the edge.

New components

• WorkersKvStore: A key–value store implementation using Cloudflare's KV API for persistent storage in Workers environments
• WorkersMessageQueue: A message queue implementation leveraging Cloudflare Queues for reliable message processing

Key features

• Seamless integration with #Cloudflare's serverless runtime
• Automatic handling of queue message processing through Workers' queue() method
• Support for Node.js compatibility flag required for Fedify's cryptographic operations
• Manual queue processing via Federation.processQueuedTask() method

For a complete working example, see the Cloudflare Workers example in the Fedify repository.

🏗️ Federation builder pattern

Fedify 1.6 introduces the FederationBuilder class and createFederationBuilder() function to support deferred federation instantiation. This pattern provides several benefits:

• Deferred instantiation: Set up dispatchers and listeners before creating the federation object
• Better code organization: Avoid circular dependencies and improve project structure
• Cloudflare #Workers compatibility: Accommodates binding-based architectures where resources are passed as arguments rather than globals
• Modular setup: Build complex federations piece by piece before instantiation

The builder pattern is particularly useful for large applications and environments like Cloudflare Workers where configuration data is only available at runtime.

🔐 HTTP Message Signatures (RFC 9421)

Fedify 1.6 implements the official HTTP Message Signatures standard (RFC 9421) specification, the final revision of the HTTP Signatures specification.

Double-knocking mechanism

To ensure maximum compatibility across the fediverse, Fedify 1.6 introduces an intelligent double-knocking mechanism:

1. Primary attempt: RFC 9421 (HTTP Message Signatures) for modern implementations
2. Fallback: Draft cavage version for legacy compatibility
3. Adaptive caching: The system remembers which version each server supports to optimize future requests

This approach ensures seamless communication with both modern and legacy ActivityPub implementations while positioning Fedify at the forefront of security standards.

Interoperability testing

The RFC 9421 implementation has been thoroughly tested for interoperability with existing ActivityPub implementations that support RFC 9421 signature verification:

• Mitra 4.4.0: Successfully verified Fedify-generated RFC 9421 signatures
• Mastodon 4.4.0 development version: Tested RFC 9421 signature verification against Fedify's implementation (refer to Mastodon PR #34814, though Mastodon 4.4.0 has not yet been released)

These tests confirm that other ActivityPub implementations can successfully verify RFC 9421 signatures generated by Fedify, ensuring proper federation as the ecosystem gradually adopts the official specification. While these implementations currently support verification of RFC 9421 signatures, they do not yet generate RFC 9421 signatures themselves—making Fedify one of the first ActivityPub implementations to support both generation and verification of the modern standard.

🔍 WebFinger enhancements

Dedicated WebFinger lookup

The new Context.lookupWebFinger() method provides direct access to WebFinger data, offering developers more granular control over account discovery and resource resolution beyond the higher-level Context.lookupObject() method.

🛠 Context API improvements

Context data replacement

The new Context.clone() method enables dynamic context data replacement, providing greater flexibility in request processing and data flow management. This is particularly useful for middleware implementations and complex request routing scenarios.

🚀 Migration considerations

Backward compatibility

Fedify 1.6 maintains full backward compatibility with existing applications. The new HTTP Message Signatures and double-knocking mechanisms work transparently without requiring any code changes.

Node.js version requirement

Important: Fedify 1.6 requires Node.js 22.0.0 or later for Node.js environments. This change does not affect applications using Deno or Bun runtimes. If you're currently using Node.js, please ensure your environment meets this requirement before upgrading.

New deployment options

For new deployments, consider leveraging Cloudflare Workers support for:

• Global edge deployment with low latency
• Serverless scaling and automatic resource management
• Integration with Cloudflare's ecosystem of services

🎯 Looking forward

Fedify 1.6 represents a significant expansion of deployment possibilities while maintaining the framework's commitment to broad compatibility across the fediverse. The addition of Cloudflare Workers support opens new architectural patterns for federated applications, while the RFC 9421 implementation ensures Fedify stays current with emerging ActivityPub security standards.

For detailed migration guides, API documentation, and examples, please visit the Fedify documentation. Join our community on Matrix or Discord for support and discussions.

#fedidev #RFC9421 #HTTPSignatures #HTTPMessageSignatures #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

🎉 #Cloudflare #Workers support is now complete! After implementing the test infrastructure, core module, examples, and comprehensive documentation, #Fedify can now run on Cloudflare Workers.

What's included:

• @fedify/fedify/x/cfworkers module with WorkersKvStore and WorkersMessageQueue
• Complete documentation covering Workers-specific patterns and constraints
• Working example deployed to production
• Integration with Cloudflare KV and Queues

Try it now: Available in the development release v1.6.1-dev.876+7b07d213:

• JSR: https://jsr.io/@fedify/fedify@1.6.1-dev.876+7b07d213
• npm: https://www.npmjs.com/package/@fedify/fedify/v/1.6.1-dev.876

This will be included in the upcoming Fedify 1.6 stable release. Thank you to everyone who requested this feature and provided feedback throughout the implementation!

#fedidev #ActivityPub #CloudflareWorkers

#Cloudflare Tunnel... 확실히 포트, 인증서와 방화벽을 관리하는 수고와는 비교할 수 없을 정도로 편리하다. 또, 지식이 충분치 않은 나같은 사람도 웹 서비스를 안전하게 운영하도록 돕는다는 점에서 선도적이다. 더구나 엔드포인트에서 상위 노드로 터널을 열어 서비스를 가능케 한다는 아이디어가 창의적으로 느껴지기까지 한다.

아니 #Cloudflare Tunnel 진짜 편하네...
@enbay 님 말씀처럼 장차 의존성을 걱정해야 할 지경이다. 물론 그 때 쯤이면 해당 컨셉트의 FOSS 프로젝트가 어딘가에 있거나 생겨날 것이라 생각한다.

#신변정리: 중간 정리

- 도메인: 2개를 #Cloudflare-에 물려서 블로그, 마스토돈 인스턴스 등을 연결했다. 만료일은 10년 쯤 남았으므로 당분간 잊고 지내도 되겠다.

- 홈서버: #M1_Mac_Mini-에 #Asahi_Ubuntu-를 깔아서 DNS 서버 겸 프록시 처리용 웹서버로 가동 중. 디비가 필요한 서비스는 굴리지 않을 생각이라 이대로 좋다.

- NAS: i3-4160 데스크톱에 #Unraid-를 깔아서 남는 HDD(500G, 3T)를 붙였다. 클라우드에 저장 중이던 미디어 자료 일부를 서빙 중. 아직 백업 루틴은 없다.

- 작업컴: 맞춘 지 5년 쯤 된 3700x 데스크톱. #Unity 작업만 하니까 오래 갈 줄 알았는데, 슬슬 무거워지고 있다. 하필 #Nvidia 드라이버도 요새 메롱하고... 몇 개월 안에 #iPhone 빌드를 위해 #Mac_OS 기반으로 옮길 가능성이 있어 별다른 조치 없이 사용 중.

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

Good news! We've officially added #Cloudflare #Workers support to the #Fedify roadmap. We've created a detailed issue to track our implementation plan: https://github.com/fedify-dev/fedify/issues/233.

The effort will be tackled in phases, including compatibility assessment, core adaptations for Workers' environment, KV store and message queue implementations, and finally integration with Cloudflare's ecosystem. This will be a substantial project that we'll break down into several sub-issues.

If you're interested in contributing to any specific aspect of Workers support, please comment on the main issue to coordinate efforts.

#CloudflareWorkers

“When looking at where the DDoS attacks originate from, specifically HTTP DDoS attacks, there are a few autonomous systems that stand out. In 2025 Q1, the German-based Hetzner (AS24940) retained its position as the largest source of HTTP DDoS attacks. It was followed by the French-based OVH (AS16276) in second, the US-based DigitalOcean (AS14061) in third, and another German-based provider, Contabo (AS51167), in fourth.”

Yikes! Sounds like a who is who of our favourite hosting providers 😬

https://blog.cloudflare.com/ddos-threat-report-for-2025-q1/

#hetzner #cloudflare #ddos

“When surveying Cloudflare customers […] 11% reported that they mistakenly inflicted the DDoS attack on themselves (self-DDoS)”

😂 😂 😂

#cloudflare #ddos

“When surveying Cloudflare customers […] 11% reported that they mistakenly inflicted the DDoS attack on themselves (self-DDoS)”

😂 😂 😂

#cloudflare #ddos

“When looking at where the DDoS attacks originate from, specifically HTTP DDoS attacks, there are a few autonomous systems that stand out. In 2025 Q1, the German-based Hetzner (AS24940) retained its position as the largest source of HTTP DDoS attacks. It was followed by the French-based OVH (AS16276) in second, the US-based DigitalOcean (AS14061) in third, and another German-based provider, Contabo (AS51167), in fourth.”

Yikes! Sounds like a who is who of our favourite hosting providers 😬

https://blog.cloudflare.com/ddos-threat-report-for-2025-q1/

#hetzner #cloudflare #ddos

„Das liegt auch an einer Eigenheit der taz. Sie versucht, so viel Infrastruktur wie möglich unter eigener Kontrolle zu halten. Weltweit arbeiten viele andere Firmen dauerhaft mit US-amerikanischen Unternehmen zusammen, die Webseiten relativ zuverlässig vor DDoS-Angriffen schützen. Für die EDV-Abteilung der taz kommt das aus Gründen des Datenschutzes nicht infrage, weil sie befürchtet, dass solche Firmen mitlesen könnten, wer taz.de besucht und welche Daten und auch Passwörter verwendet werden.“

Danke @tazgetroete! Das macht Ihr genau richtig. Großen Dank in die EDV, dafür, dass sie solche Attacken abwehren.

#Cloudflare #DoS #DDoS

https://www.taz.de/!6081815

„Das liegt auch an einer Eigenheit der taz. Sie versucht, so viel Infrastruktur wie möglich unter eigener Kontrolle zu halten. Weltweit arbeiten viele andere Firmen dauerhaft mit US-amerikanischen Unternehmen zusammen, die Webseiten relativ zuverlässig vor DDoS-Angriffen schützen. Für die EDV-Abteilung der taz kommt das aus Gründen des Datenschutzes nicht infrage, weil sie befürchtet, dass solche Firmen mitlesen könnten, wer taz.de besucht und welche Daten und auch Passwörter verwendet werden.“

Danke @tazgetroete! Das macht Ihr genau richtig. Großen Dank in die EDV, dafür, dass sie solche Attacken abwehren.

#Cloudflare #DoS #DDoS

https://www.taz.de/!6081815

@osma it doesn't matter how federated you are. Rogue governments will allow indiscriminate internet blocks, like what's happening in #Spain, where all major ISP are blocking some major CDN and cloud providers like #Cloudflare, #Vercel, Quic or CDN77 (affecting millions of legitimate websites) just because some of their users are using them to host illegal IPTV streaming of sports (!) #LaLiga #LaLigaGate
https://vercel.com/blog/update-on-spain-and-laliga-blocks-of-the-internet

#Proton VPN は #macOS にも #Android にももともとインストールはしてあったし、もともと無料プランで使ってたから、自分できることは実はあまり変わってはいないんだよな…
あと #Cloudflare の #WARP も VPN 的な気持ちインストールしていて使ってる

Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention. Some of the responses I got suggested that my post was misleading or blowing this way out of proportion. I assure you that neither of these are true.

Don't focus so much on the idea that #cloudflare has access to passwords that come through their systems. In better times I'd welcome such an effort. At least they didn't chastize someone who really loved a silly movie, like Netflix did long ago. Instead, focus on the fact that they are a company based in the United States meaning they are subject to the whim of a fascist regime that is proving it doesn't care about the letter of the law.

I'm not concerned about my password security for the sites that transit their service. I am a cishet middle class white male. I'm pretty low on the target list.

*** I AM concerned about the password security for at risk populations who access sites crucial for them, that transit through cloudflare. I'm concerned about the LGBTQIA+ population in the United States. I'm concerned about pregnant women. I'm concerned about Jews, and Muslims, and Bhuddists, and everyone else who doesn't fit into the narrow worldview of the fascist reich that is the republican party and their bootlickers. The FBI, Justice Department, State Department, etc no longer serve the american people. They serve an emperor. This is a time of great danger any website or service that attracts at risk populations should seriously consider if using some of cloudflare's features is worth it, or if they should take their business elsewhere.

#ally #uspol

Recently I boosted a couple of links about cloudflare doing some sort of password re-use analysis on passwords they saw through their WAF. This was not a technical post. It was a call to attention. Some of the responses I got suggested that my post was misleading or blowing this way out of proportion. I assure you that neither of these are true.

Don't focus so much on the idea that #cloudflare has access to passwords that come through their systems. In better times I'd welcome such an effort. At least they didn't chastize someone who really loved a silly movie, like Netflix did long ago. Instead, focus on the fact that they are a company based in the United States meaning they are subject to the whim of a fascist regime that is proving it doesn't care about the letter of the law.

I'm not concerned about my password security for the sites that transit their service. I am a cishet middle class white male. I'm pretty low on the target list.

*** I AM concerned about the password security for at risk populations who access sites crucial for them, that transit through cloudflare. I'm concerned about the LGBTQIA+ population in the United States. I'm concerned about pregnant women. I'm concerned about Jews, and Muslims, and Bhuddists, and everyone else who doesn't fit into the narrow worldview of the fascist reich that is the republican party and their bootlickers. The FBI, Justice Department, State Department, etc no longer serve the american people. They serve an emperor. This is a time of great danger any website or service that attracts at risk populations should seriously consider if using some of cloudflare's features is worth it, or if they should take their business elsewhere.

#ally #uspol

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity

I've been trying to de-corporate where I can but like. There's not really an alternative to #Cloudflare, right...? Aside from "a shit load of my own hardware"? Feels like an okay "no ethical consumption" write off for now

Cloudflare is the worst.

Banning people under 18 without warning, even when they want to use parental consent, is anti-youth entrepreneurship.

You build projects, buy domains, verify your identity, and they delete your whole account just for being young. ☠️

No second chance, no future. This affects many developers, and even Cloudflare themselves.

I'll never recommend Cloudflare, and I never will.

#Cloudflare #web #domain #www #youth

Based on Cloudflare’s Speed Test tool, my Internet connection download speed is 31Mbps. Detailed analytics help me better understand our user experience. Try it yourself at https://speed.cloudflare.com/ #speedtest #cloudflare

🌍 Something new is coming.

The way we build, secure, and scale in the cloud is evolving faster than ever. That’s why we’re bringing together top industry leaders to explore what’s next.

Real stories. Practical insights. A fresh perspective on the future of AI, security, and cloud innovation.

Stay tuned. 👀

#Cloudflare #Innovation #AI #CyberSecurity

odio decir esto, pero lo de cloudflare y movistar se arregla con una vpn como NORDVPN, EL ESPONSOR DE ESTE VIDEO

#Cloudflare #WARP の #macOS アプリ、マシンの再起動とかするとまた IPC Error という表示になっちゃうな

#Cloudflare #WARP アプリ繋がらなかったの、 #macOS アップデートしたからか。
再インストールしたら繋がるようになった

Anyone Can Push Updates to the DOGE.gov Website:
"These 'experts' left their database open."
https://www.404media.co/anyone-can-push-updates-to-the-doge-gov-website-2/

"The doge.gov website... is insecure & pulls from a database that can be edited by anyone...

doge.gov is seemingly built on a #Cloudflare Pages site that is not currently hosted on government servers...

#DOGE has secured administrator access to the codebases at various #government agencies, including the Dept of Treasury."

#Musk #Coup #Tech #Data #Politics #News #USA #Press

Help Needed with Cloudflare Zero Trust, Pages, and Workers for ReactFlux + MiniFlux Setup

Hi everyone,

I'm new to #Cloudflare and have been trying to set up a #SelfHosted project on my #RaspberryPi 500. I'm mostly self-taught, so I apologize if I misunderstand anything or miss important details. Here's my situation:

Current Setup

• I'm running the self-hosted #RSS feed reader #MiniFlux on my Raspberry Pi 500 (#ArchLinuxARM, installed via Pacman).
  
• The setup uses #Caddy as a reverse proxy, a #CloudflareZeroTrust tunnel, and Cloudflare Access for SSO.
  
• My #CloudflareAccess application is configured to allow all origins, methods, and headers. It has a policy that allows specific emails or login methods (e.g., GitHub).
  

What I'm Trying to Do

• I want to deploy ReactFlux, an alternative frontend for MiniFlux, on #CloudflarePages.
  
• Before setting it up fully, I tested the ReactFlux demo with my MiniFlux instance at https://rss.laniecarmelo.tech. However, ReactFlux couldn't log in.
  

Suspected Issue

I believe the issue is caused by Cloudflare Access protection blocking ReactFlux from accessing the MiniFlux API (https://rss.laniecarmelo.tech/v1/*).

What I've Tried So Far

1. I added another hostname (rss.laniecarmelo.tech/v1/*) to my tunnel configuration and created a new Cloudflare Access application with a policy set to "Bypass" for everyone. However, this didn't work—when testing the API endpoint in a private browser window, I'm still asked to sign into Cloudflare.
   
2. I also tried setting up the hostname with "Protect with Access" turned off but got the same results.
   
3. Next, I attempted to use a #CloudflareWorker written in JavaScript to bypass authentication for /v1/*, but it doesn't seem to be doing anything (or isn't being triggered).
   

What I Need Help With

• How can I properly configure Cloudflare so ReactFlux can access the MiniFlux API (/v1/*) while keeping the rest of my MiniFlux instance protected by Cloudflare Access?
  
• I've been stuck on this for a couple of days and would really appreciate any guidance or suggestions!
  

Thanks in advance for your help!

#SelfHosting #ArchLinux #Linux #RSSReader #tech #technology #RaspberryPi #RPi #RPi500 #RaspberryPi500
@selfhosting @selfhost @selfhosted

最新技術を音声で学ぶ！AIラジオ「Tech Post Cast」で情報収集を効率化
https://qiita.com/sumihiro3/items/105c0b74ef080ba05a5d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #cloudflare #個人開発 #OpenAI #GoogleCloud

Not a single week passes, without me writing an email to a website owner that need to unhook their site's RSS endpoint from Cloudflare's claws.

Do it for the sake of preserving your reader's audience!

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users

---
#rss #blogging #cloudflare

@torproject I see nothing there to address the elephant in the room -- the top problem from our top adversary:

#Cloudflare

Of course there needs to be a campaign against oppressive regimes but all Tor users worldwide are under DoS attack by Cloudflare. We have lost access to ½ the web and no 2024 efforts counter the loss of availability.

Also in 2024: archive.org went down for a day or so, at which moment all Tor users also lost access to archived Cloudflare sites.

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Valtteri Laitinen (@valtlai) managed to get #Fedify running on #Cloudflare Workers!

#CloudflareWorkers #fedidev #ActivityPub

https://fedi.valtlai.fi/@valtlai/113906145660141267

Not a single week passes, without me writing an email to a website owner that need to unhook their site's RSS endpoint from Cloudflare's claws.

Do it for the sake of preserving your reader's audience!

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users

---
#rss #blogging #cloudflare

@rysiek This is downplaying it way too much for my taste. Let me explain:

The rough location information is usually only available to servers. Now, even though I prefer zero trust, I would argue that trusting a messenger's server to not give away my rough location is way more reasonable than trusting the person that uploaded the data I'm downloading from the server.

**But in this case, the person that uploaded the data can extract the location I'm downloading it from.** This is big. It takes metadata to a whole different level.

I also want to quickly respond to the arguments:

That very rough radius could actually a pretty big deal in less populated areas.

The second argument is whataboutism. (And there are definitely apps that are not affected.)

Kinda agree with the third one though.

---

If I were #Signal, I would turn off the caching mechanism for now and urge #Cloudflare to rethink their statement. The privacy protection mechanisms are clearly lacking. Cloudflares position is simply not acceptable.

@08956495 @mykter Here are a few links that cover the cons of #Cloudflare:

* https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/rap_sheets/cloudflare.md

* https://thefreeworld.noblogs.org/post/2024/03/20/comparison-of-the-human-disempowerment-severity-of-3-walled-gardens-facebook-google-and-cloudflare/

* https://thefreeworld.noblogs.org/post/2024/03/18/cloudflare-has-created-the-largest-most-rigidly-exclusive-walled-garden-in-the-world/

Not sure what generic advice on alternatives you will find. The best approach obviously depends on a number of factors like what you think you need CF to do for you and what your threat model looks like.

@mykter Yet another reason to laugh in the face of those who ignored the warnings about #Signal from years past:
https://github.com/privacytools/privacytools.io/issues/779

And WTF.. Signal thought it was wise to use #Cloudflare as a proxy. Fucking morons. Anyone who read the above thread years ago knows Signal makes foolish decisions and does not steer clear of mass surveillance risks.

And still today the Signal die-hard loyal patrons continue to pimp Signal. Just yesterday I saw some Signal promoting posts.

Question to signal users: do you use Orbot to route Signal over Tor? Does that work? If yes, this why I actually prefer Cloudflare hosts to block tor -- to do me the favor of not having to block at the firewall.

I would like to get my security house more in order by having an egress firewall that blocks all attempts to reach Cloudflare sites.

#Cloudflare’s #VPN app among half-dozen pulled from Indian app stores

https://techcrunch.com/2025/01/02/cloudflares-vpn-app-among-half-dozen-pulled-from-indian-app-stores/

#India #privacy #cybersecurity #censorship

Cloudflare Registrar でドメイン取得する #cloudflare - Qiita
https://qiita.com/khayama/items/fdda7884033b519aa1fe

ほう

Just installed a private Jellyfin server that I expose using #Cloudflare tunnels and privately using #Tailscale

https://github.com/gbraad-homelab/private-jellyfin

For example, storage is shared over the local network using webdav via Tailscale drive shares:

https://github.com/gbraad-homelab/private-jellyfin/issues/2

/cc: @jellyfin

For the first time in two weeks, all services are back online, and the #dashboard is glowing green again. The experiment of integrating #Tailscale and #Headscale with #Cloudflare has been shelved, and everything has been rolled back to its original state.

While this setup might work perfectly for some, I’ve decided to stick with native #WireGuard. This way, I maintain full control over my data and keep things simple and secure.

Gemini API + Cloudflare + Astro で作るアイスブレイクジェネレーター
https://qiita.com/yug1224/items/daab3ab50a74df57971d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #cloudflare #AI #astro #AdventCalendar2024

Installed a private instance of Home Assistant, connected using #Cloudflare tunnels and #Tailscale

https://github.com/gbraad-homelab/private-homeassistant

I have played around with this before, but it is still daunting and confusing.

#homeassistant

【個人開発】嘘のポケポケのカードを作れるサービスを作った【コード全公開】
https://qiita.com/retoruto_carry/items/66725ea6fdd899d8f210?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #cloudflare #Remix #個人開発 #クソアプリ #Supabase

📝 DNS records and a Cloudflare security violation #Development #Webdev #Cloudflare

This site (was) hosted on Cloudflare Pages. In an effort to make scheduling more convenient for my mentee from Underdog Devs, I set up SavvyCal. Without giving it any thought, I added an easy to remember CNAME and pointed it at SavvyCal.

https://coryd.dev/posts/2024/dns-records-and-a-cloudflare-security-violation

Thanks everyone who responded to my question about finding an #AWS alternative. I've investigated everyone's suggestions and crunched the numbers. #Cloudflare R2 looks to be the cheapest option (cheaper than S3 even) but I'm uncomfortable with them hosting hate speech and terror organizations.

#FlyIO/ #Tigris is the second cheapest and they seem to be on the up-and-up so I am currently evaluating them. Thanks @titociuro for the suggestion, the onboarding process has been smooth so far!

#DevOps

#Development #Explorations
Understanding Round Robin DNS · How browsers and CDNs select which server to use https://ilo.im/160kw0

“It's an amazingly simple and elegant solution that avoids using load balancers.”

_____
#RoundRobin #DNS #CDN #Cloudflare #Browser #Chrome #Firefox #Safari #WebDev #Backend

Die #Telekom betreibt digitale Wegelagerei durch ihre #Peering-Politik. Seit Monaten leiden Millionen Kunden durch kaum nutzbare Geschwindigkeit beim Verbindungsaufbau zu #Cloudflare, EA, Netflix, etc. Stell dir vor du zahlst 60€/Monat um dann deine Spiele mit 120 kB/s zu laden. Die Foren sind voll davon aber medial erregt das irgendwie sehr wenig Aufmerksamkeit. Wieso berichtet kaum jemand darüber? Wieso ist das kein Fall für die Verbraucherzentralen? #AS3320

Using Cloudflare on your website could be blocking RSS users

#cloudflare #feed #rss

https://openrss.org/blog/using-cloudflare-on-your-website-could-be-blocking-rss-users?utm_medium=erik.in&utm_source=mastodon

We’re all set for GITEX GLOBAL – the world’s largest tech and startup event! 🌍💡 Get ready for a week full of insightful conversations, cutting-edge innovation, and transformative ideas.

The Cloudflare team will be there to share tech talks, AI experiences, and so much more! Don’t miss out on this incredible opportunity to connect and explore the future of technology. Visit us at Hall 8 Booth B40.

Stay tuned and come join us.

#GITEX2024 #Cloudflare #AI #TechInnovation #FutureOfTech

We are at GHC! Meet us at Booth 432 and learn all about our internship and new grad opportunities and how we can help build a #BetterInternet together!

#ghc24 #WomenInTech #LifeAtCloudflare #Cloudflare

#Cloudflare has demonstrated they do not care if they knowingly serve malware distributors as their customers.

Some how they think being a "pass through " cdn means they dont actually serve the traffic they do.

FTC should look at them

Happy 2nd anniversary to this tweet about Cloudflare booting Kiwi Farms.

Stripe HR investigated me for potential employee social media misconduct because an executive thought I was posting about Stripe willfully working with anti-trans, white supremacy, and antisemitic groups.

Screenshot source: https://twitter.com/JeremiahLee/status/1574839650438582308

#Cloudflare #Stripe #NoHateForProfit

Strong recommendation for keeping up with the cloudflare blog updates this week!

Some highlights:
* Image transformations on the free tier
* More models in workers AI
* A new hosted sqlite service where code is run right next to the db
* A new, persistent logging service for Workers
* CI for Workers
* Increased nodejs compatibility for Workers
* An upcoming container platform with GPU support next year 🤯

#cloudflare #dev

https://x.com/ValdikSS/status/1834368742278496677

#cloudflare #EncryptedClientHello

I'm not officially boycotting #Cloudflare, but boy am I tired of seeing this #captcha screen using #lynx over #tor.

Today, I received an email from a client with a "60 Day Domain Renewal Notice" from Cloudflare.
I love getting these emails because it means I get to plan yet another domain transfer away from these vultures.

In case you haven't noticed, Cloudflare operates as a domain registrar, offering cheap domain prices, but there's a catch that isn’t even mentioned in the fine print, at least not that I could find last time I checked.

Unlike other registrars, they automatically link your domain to their "free plan services," which forces you to use only their Nameservers as your sole authoritative DNS.

That's right, you can't change your authoritative DNS unless you upgrade to a "USD400/month business plan.

Feel free to check it yourself; it should be a scandal.

There are many reasons not to use Cloudflare, and this is just another one: Keep your clients/friends away.

#cloudflare #domains #dns

I cancelled #cloudflare pro subscription in May.

I got confirmation e-mails.

I got charged in June and July.

I created two tickets about it (first was auto-closed). I can not see the tickets in the interface (it is completely empty).

I only got an automated response explaining how to cancel a subscription (...).

Anyone else having this kind of problem? Obviously I want a refund. I'm not touching it (cancelling again) in the interface so they can have a look at it...

@cloudflare

🔒 Exciting times ahead! Today, I officially rejoin the team at Cloudflare, ready to dive deep into the latest in cybersecurity and cloud innovations. Looking forward to contributing to pioneering projects and tackling the evolving challenges in internet security. Let's make the digital world a safer place together! 🌐

#Cybersecurity #Cloudflare #TechForGood

Hetzner is the most admired cloud platform (75% want to continue working with it), but is only used by 5% of developers. Cloudflare admired by 68% (used by 15%), AWS admired by 63% (used by 48%), Azure admired by 60% (used by 28%), GCP admired by 56% (used by 25%).

#developer #survey #DevOps #cloud #hetzner #cloudflare #aws #azure #gcp

#Cloudflare reports almost 7% of internet traffic is malicious

https://www.zdnet.com/article/cloudflare-reports-almost-7-percent-of-internet-traffic-is-malicious/

#cybersecurity #bot

Released v0.4.2 of #LogTape, which is a zero-dependency #logging library for #TypeScript & #JavaScript! Since this version, it work well on #Cloudflare Workers out of box!

• JSR: https://jsr.io/@logtape/logtape@0.4.2
• npm: https://www.npmjs.com/package/@logtape/logtape/v/0.4.2

#CloudflareWorkers #log #logger

Wow, #Cloudflare added an option to block #AI #bots from scraping the website they host.

I wasn't expecting this level of pushback from a major Internet company
https://blog.cloudflare.com/declaring-your-aindependence-block-ai-bots-scrapers-and-crawlers-with-a-single-click

Yo, cloudflare, you're sales contact number in germany.. isn't you??!

Legit just called this number and it didn't work, tried swapping +49 for 0 and it took me to someone that was definitely not Cloudflare.

#cloudflare

Ni #cloudflare es invencible.

<b>Warning</b>: Undefined array key "ip" in <b>/var/www/uplo.ad/public_html/index.php</b> on line <b>20</b><br />

Average response time of my static (Jekyll) website as reported by Googlebot, after migrating from OVH to Cloudflare Pages.

#cloudflare #jekyll #webdev #infrastructure #cloud #data #google

I guess it’s time for an #introduction

I do #TrustAndSafety stuff at #cloudflare

Making bad people sad makes me happy. There’s a T-shirt for that. Ask me.

In my (limited) free time I find data leaks and sometimes share them at https://rainbowtabl.es

Not gonna lie - I’m sad to see the #birdsite die.