We'll now throw errors when doing POST /api/v1/push/subscription if the endpoint is an invalid URL, or if the keys values can't be used to encrypt a message.
That prevents you from registering a push subscription that just wouldn't work. We previously lacked input validation here.
Display any notes I might have taken about a user under their follow request in the notifications tab, and let me add new notes.
That would make it much more easy to deal with larger amounts of follow requests right as they come in, see if they follow requested before, and let me write notes for later (i.e. what context they f-req'd in) so I don't lose track of my follow requests.
It would be so cool if there was an official mastodontext library so projects don't have to copy that slightly modified twittertext into their source. #tuskydev#mastodev
If you've ever tried to implement an OAuth Application for Mastodon, and butted into the “unknown client_id / application” error, where the Mastodon server has silently deleted your OAuth Application….
I'm adding new profile fields to #Smithereen, so I would like to ask the fediverse about what kinds of contact info one would expect to be able to add to their profile. So far I've seen:
Personal website/blog
Matrix
XMPP
Telegram
Signal
Phone number
Twitter
Email
I've not yet seen these in fediverse profiles but they are mainstream enough that won't hurt to add:
I'm just a humble country chicken admin, but I've been thinking a lot about the cost of the fediverse and how we can improve it for all of the instances... in a coop kind of way
The cost of handing all of the media is THE major problem for me atm.
So, #Smithereen no longer requires a username when signing up. You instead get assigned one automatically, of the form "idXXX" where XXX is the ID for your user record. You can change it later in settings if you wish. Current Mastodon versions handle this change no problem.
The username is only visible in two places:
The URL of your profile
When someone mentions you
So it's not very important. Definitely not important enough to be a required field when you register.
We just published our first Trunk & Tidbits post! This will hopefuly be a monthly update where we showcase what we worked on last month, and what's coming next.
I hope this will bring more visibility to all the efforts and love that put on Mastodon
In case someone wants possibly the longest thread on the fediverse for testing purposes, here you go: https://mastodon.social/@brownpau/112322747861701800
With the way I store replies in #Smithereen, this will soon exceed my limit of 256 levels ¯_(ツ)_/¯
So, creating a block to refuse media doesn't affect the blocked domain's ability to create Preview Cards?
I created several media blocks for instances, esp bot instances that I want to come across posts or follow a few accounts, hoping to control my media storage and stop unnecessary media downloads and SideKiq jobs on posts that will only be stored in my search database from the federated timeline, but the preview cards are still being created. #MastoAdmin#MastoDev
*Use /search for search (/search?query=something)
*Move account secrets to a dedicated table (and encrypt it?)
*Add a way for the user to select which languages they understand
*Allow admins to configure instance favicon and logo
*Allow searching for hashtags in admin UI
*Convert Redux state to Typescript #MastoAdmin#devops#Programmers#dev.
I would like to add my Mastodon instance to my browsers search engines list. Interestingly, Miskey and Sharkey and some other federated platforms I've been to are already added.
I'm getting great results for content from my Mastodon search than Google and Bing, + no ads, and tracking.
Is anyone else getting traffic from 216.106.86.232 ?
I will open a report with the ISP
=======================
I'm putting this under #FediBlock because I've noticed that since 12 PM EDT yesterday (30-Apr-2024), API requests coming in from 216.106.86.232 have been returning 500 errors constantly from my server. No other 500 errors were being returned.
I blocked the IP at the Cloudflare firewall and now the 500 errors have stopped. There were more than 93K 500 return codes in total until now!
I have no idea what the requests are, and it's too late at night to do more research, but I'm passing this along to other Admins as a warning and to see if anyone else is seeing similar behavior.
@Gargron
Here's what I see in Cloudflare for the last one hour before blocking the IP address. Notice all the requests returning 500 are from this single IP. There are no page views. It's all API requests. And 500 errors stopped after I blocked it.
Is anyone else getting traffic from 216.106.86.232 ?
I will open a report with the ISP
=======================
I'm putting this under #FediBlock because I've noticed that since 12 PM EDT yesterday (30-Apr-2024), API requests coming in from 216.106.86.232 have been returning 500 errors constantly from my server. No other 500 errors were being returned.
I blocked the IP at the Cloudflare firewall and now the 500 errors have stopped. There were more than 93K 500 return codes in total until now!
I have no idea what the requests are, and it's too late at night to do more research, but I'm passing this along to other Admins as a warning and to see if anyone else is seeing similar behavior.
Here's what I see in Cloudflare for the last one hour before blocking the IP address. Notice all the requests returning 500 are from this single IP. There are no page views. It's all API requests. And 500 errors stopped after I blocked it.
The amount of Mastodon forks that mostly just change the UI, and the amount of UI bullshit Gargron creates, increasingly make me think that what's needed is to separate UI and AP more.
Adopt an API (ideally: not the Mastodon API, realistically: probably the Mastodon API) that as many projects as possible agree on and build separate projects, for handling ActivityPub and for handling web UI.
A lot of users never see Mastodon's web UI anyway, they use mobile clients, many of them third-party clients. The next logical step is to decouple UI and core development entirely.
Reposts are now done in #Smithereen. You can only make "quote-posts", not Announce reposts because Announce is too confusing and doesn't fit my vision. However, Announce reposts are no longer this half-assed thing like they were before. They now show up in people's profiles and use a different icon from my native reposts.
Is there a more efficient way to check if two accounts follow each other via Mastodon's API, other than fetching followers of both accounts and finding a match?