“All a ‘true ActivityPub server’ is for is storing data, fanning out subscriptions and collecting incoming data for you to view.
General Discussion
12
Post
8
Autori
10
Visualizzazioni
-
“All a ‘true ActivityPub server’ is for is storing data, fanning out subscriptions and collecting incoming data for you to view. #ActivityPub was originally designed so that all of the data presentation layers—Mastodon, PeerTube, Pixelfed—would be specialized clients communicating with the generic server. But the first popular apps cut out the client-to-server part of the protocol, so people think you need a separate identity for every client application. https://news.ycombinator.com/item?id=45396517
-
“All a ‘true ActivityPub server’ is for is storing data, fanning out subscriptions and collecting incoming data for you to view. #ActivityPub was originally designed so that all of the data presentation layers—Mastodon, PeerTube, Pixelfed—would be specialized clients communicating with the generic server. But the first popular apps cut out the client-to-server part of the protocol, so people think you need a separate identity for every client application. https://news.ycombinator.com/item?id=45396517
@zoul this is an important point and one I've been thinking about too. In the #XMPP world, we have generic servers and let the clients do whatever they want on top of it, which means the same account can be used for various purposes. I was wondering why this wasn't so in the #ActivityPub world, so it's good to know there's no particular reason for it and it can be that way if we want it to be!
It'd also reduce work for new projects as they "just" have to implement a client, not a server
-
@zoul this is an important point and one I've been thinking about too. In the #XMPP world, we have generic servers and let the clients do whatever they want on top of it, which means the same account can be used for various purposes. I was wondering why this wasn't so in the #ActivityPub world, so it's good to know there's no particular reason for it and it can be that way if we want it to be!
It'd also reduce work for new projects as they "just" have to implement a client, not a server
There are good reasons for the work being on the servers. They are just not explained / ignored in the ActivityPub specification documents.
The reason is roughly: The data model of ActivityPub has no integrity mechanism. This is patched by requiring users to trust their origin server and servers communicating through signed messages.
-
There are good reasons for the work being on the servers. They are just not explained / ignored in the ActivityPub specification documents.
The reason is roughly: The data model of ActivityPub has no integrity mechanism. This is patched by requiring users to trust their origin server and servers communicating through signed messages.
@helge interesting: this is a little over my head so could you tell me a bit more? Do you mean at the level of "the server can impersonate any of its users and make them say whatever it wants" or also at the schema level somehow?
I suppose the server impersonation thing is a potential issue and would need some kind of keys/signing to solve, but I can''t see how that relates to tighter or looser coupling between client and server 👀
-
@helge interesting: this is a little over my head so could you tell me a bit more? Do you mean at the level of "the server can impersonate any of its users and make them say whatever it wants" or also at the schema level somehow?
I suppose the server impersonation thing is a potential issue and would need some kind of keys/signing to solve, but I can''t see how that relates to tighter or looser coupling between client and server 👀
I'm talking here about the Fediverse and my experience with it (including ActivityPub).
Due to the data model: A server needs to store / understand all the data owned by the server. This is due to
- the nature of ActivityPub objects being fetchable by their id (a HTTPS uri).
- people often expecting a HTML version if they click on the object
This means all outgoing stuff needs to be tracked and understood by the server! Due to the desire of coordinating replies / like counts / etc ... the server also needs to understand the incoming traffic.
-
I'm talking here about the Fediverse and my experience with it (including ActivityPub).
Due to the data model: A server needs to store / understand all the data owned by the server. This is due to
- the nature of ActivityPub objects being fetchable by their id (a HTTPS uri).
- people often expecting a HTML version if they click on the object
This means all outgoing stuff needs to be tracked and understood by the server! Due to the desire of coordinating replies / like counts / etc ... the server also needs to understand the incoming traffic.
@helge @badrihippo Having tried to build a generic ActivityPub server, I can confirm: this is very difficult, maybe impossible. The server needs to understand the payloads -- in order to generate collections, for example. And security implications of allowing arbitrary activities are not quite clear.
However, I think a modified version of ActivityPub protocol could support generic servers.
-
@helge @badrihippo Having tried to build a generic ActivityPub server, I can confirm: this is very difficult, maybe impossible. The server needs to understand the payloads -- in order to generate collections, for example. And security implications of allowing arbitrary activities are not quite clear.
However, I think a modified version of ActivityPub protocol could support generic servers.
silverpill@mitra.social helge@mymath.rocks theoretically it is possible to reduce down any activities your software doesn't understand into a "generic" presentation — it likely needn't be user facing. Though I do think at that point you'd need to save the original AS payload for future processing, potentially.
Realistically I would probably expect implementors to support only their subset of activities and objects. It falls short of the ideal, though the ideal is well worth shooting for.
-
@helge @badrihippo Having tried to build a generic ActivityPub server, I can confirm: this is very difficult, maybe impossible. The server needs to understand the payloads -- in order to generate collections, for example. And security implications of allowing arbitrary activities are not quite clear.
However, I think a modified version of ActivityPub protocol could support generic servers.
@silverpill @helge @badrihippo
Do you have a sense of what you feel would need to be modified with ActivityPub to make it work?
-
@silverpill @helge @badrihippo
Do you have a sense of what you feel would need to be modified with ActivityPub to make it work?
@reiver @silverpill @helge @badrihippo
@zoul I really want a generic server. In that case I would have to start developing one of my own?
A generic server that has support to Mastodon, Lemmy and Peertube API would be awesome
-
Sistema ha condiviso questa discussione
-
@silverpill @helge @badrihippo
Do you have a sense of what you feel would need to be modified with ActivityPub to make it work?
@reiver @silverpill @helge @badrihippo
@julian@activitypub.space @julian@community.nodebb.org
@by_caballerofull ack.
We are working heavily towards a generic server and in deed it is super important what Helge decribes but anyway, we need to come together.original:
„the client APIs necessary to make this a reality haven't seen much development“But many people want this.
We should change that now and meet.
After organizing the first official Confs https://conf.tube/c/apconf_channel/videos (tons of videos) I advised the EU for DMA and DSA and then Client To Server was eye-opening for them.My last Talks (e.g. together with funder at fediday) and those after had been in German but when we showed the AP Client2Server boardgame at Public Spaces it was english https://video.publicspaces.net/w/9USsJ37cHVy4tY9Pn7DX2X :)
So, if anyone is interested in a nice dev. meeting about this topic apart from the new taskforces, please comment here !
-
@reiver @silverpill @helge @badrihippo
@julian@activitypub.space @julian@community.nodebb.org
@by_caballerofull ack.
We are working heavily towards a generic server and in deed it is super important what Helge decribes but anyway, we need to come together.original:
„the client APIs necessary to make this a reality haven't seen much development“But many people want this.
We should change that now and meet.
After organizing the first official Confs https://conf.tube/c/apconf_channel/videos (tons of videos) I advised the EU for DMA and DSA and then Client To Server was eye-opening for them.My last Talks (e.g. together with funder at fediday) and those after had been in German but when we showed the AP Client2Server boardgame at Public Spaces it was english https://video.publicspaces.net/w/9USsJ37cHVy4tY9Pn7DX2X :)
So, if anyone is interested in a nice dev. meeting about this topic apart from the new taskforces, please comment here !
I am happy to do a video call with anyone interested. (Assuming that is what you were suggesting.)
We would just need to figure out a day and time for it.
cc: @silverpill @helge @badrihippo @julian@activitypub.space @julian@community.nodebb.org @by_caballero
-
I am happy to do a video call with anyone interested. (Assuming that is what you were suggesting.)
We would just need to figure out a day and time for it.
cc: @silverpill @helge @badrihippo @julian@activitypub.space @julian@community.nodebb.org @by_caballero
@reiver @silverpill @helge @badrihippo @julian@activitypub.space @julian@community.nodebb.org @by_caballero
very nice, that was my suggestion.
I am just coding all day and so I'm very flexible.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@reiver @silverpill @helge @badrihippo @julian@activitypub.space @julian@community.nodebb.org @by_caballero
very nice, that was my suggestion.
I am just coding all day and so I'm very flexible.
-
I am happy to do a video call with anyone interested. (Assuming that is what you were suggesting.)
We would just need to figure out a day and time for it.
cc: @silverpill @helge @badrihippo @julian@activitypub.space @julian@community.nodebb.org @by_caballero
-
I've started work on an experimental project called ActivityPDS, the initial goal was to prove reusing the same OAuth profile as AT Protocol for ActivityPub, but I don't have much time to work on it
-
@OpinionatedGeek litjs has an idiomatic way of achieving this kind of logic.
It has an `until(promise, fallback)` function which waits for the promise to resolve and display fallback until then.
Even with this simple setup I still get issues. :D
It's definitely a "me" problem. I'm holding it wrong somehow, but I haven't seen any examples in the wild of "holding it right".
-
@mariusor FWIW, I'm working on a similar thing, and I've settled into a pattern like this - the component has a spinner, a viewer, and a no-data message, then have a dataBind() method like:
```
dataBind(data, binder) {
if (data) {
this.#spinner.style.display = 'none';
this.#viewer.style.display = null;
this.#noData.style.display = 'none';
} else {
this.#spinner.style.display = 'none';
this.#viewer.style.display = 'none';
this.#noData.style.display = null;
}
}
```
-
@heiglandreas there is an auto-approve, but in the current version it can take some time to be synced with all platforms.
-
Congratulations! It looks really nice on Mastodon, hopefully I can add support to NodeBB soon :)
-
@pfefferle I am just not sure this is really worth the effort TBH....
When the originla author needs to approve the embedding that can take quite some time and when it is done, it's already out of my timeline....
Perhaps it'd be better to show the link to the post until it is approved?
