Piero Bosio Social Web Site Personale

If you'd like to preview the #tutorial I'm writing on building a small #threadiverse software with #Fedify, here it is: https://pr-710.fedify.pages.dev/tutorial/threadiverse If you'd like to give feedback after reading it, please leave a comment on the following PR: https://github.com/fedify-dev/fedify/pull/710

We're working on a new #tutorial for #Fedify: Building a Federated Blog with Astro! It walks you through creating a hybrid blog—static Markdown posts powered by #Astro content collections, with #ActivityPub federation layered on top. By the end, your blog will be followable from Mastodon, send Create/Update/Delete activities when you publish or edit posts, and display #fediverse replies as comments. Preview the draft here: https://d180af62.fedify.pages.dev/tutorial/astro-blog. We'd love your feedback—especially if you spot anything incorrect, unclear, or missing. Please leave comments on the GitHub PR #695 or issue #691. #fedidev

Yup do as @trwnh@mastodon.social and @silverpill@mitra.social say and implement fb2a. It is supported by NodeBB and WordPress already.

@hongminhee@hollo.social ah yes, implements would be a good thing to support. It would allow you to cache the value temporarily (maybe a quick recheck every 7 days or so) so as to avoid needing a double knock at all. Caching based on first knock success also works. I wonder if sending HTTP 426 is doable too... 🤔 https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/426

👋 @hongminhee@hollo.social maybe @admin@spark.box464.social can provide an account? @mayel@sunbeam.city ​@_elena@mastodon.social

"Fedify 2.0.0 está aqui!Esta é a maior atualização da história do Fedify. Destaques:**Arquitetura modular** – O pacote monolítico `@fedify/fedify` foi dividido em pacotes independentes e focados: `@fedify/vocab`, `@fedify/vocab-runtime`, `@fedify/vocab-tools`, `@fedify/webfinger` e outros. Pacotes menores, imports mais limpos e a possibilidade de estender o ActivityPub com tipos de vocabulário personalizados.**Painel de depuração em tempo real** – O novo pacote `@fedify/debugger` oferece um dashboard ao vivo em `/__debug__/` que mostra todo o tráfego de federação: traces, detalhes das atividades, verificação de assinaturas e logs correlacionados. Basta envolver seu objeto `Federation` e pronto.**Suporte a relay do ActivityPub** – Suporte nativo a relays via `@fedify/relay` e o comando CLI `fedify relay`. Compatível com os protocolos Mastodon-style e LitePub-style (FEP-ae0c).**Entrega ordenada de mensagens** – A nova opção `orderingKey` resolve o problema do "post zumbi", quando um `Delete` chega antes do seu `Create`. Atividades com a mesma chave são entregues garantidamente na ordem FIFO.**Tratamento de falhas permanentes** – `setOutboxPermanentFailureHandler()` permite reagir quando uma inbox remota retorna 404 ou 410, possibilitando limpar seguidores inacessíveis em vez de tentar reenviar indefinidamente.Outras novidades incluem negociação de conteúdo no nível do middleware, `@fedify/lint` para regras compartilhadas de linting, `@fedify/create` para scaffolding rápido de projetos, arquivos de configuração para a CLI, suporte nativo à CLI em Node.js/Bun e diversos fixes de bugs.Esta versão conta com contribuições significativas de participantes do OSSCA da Coreia. Agradecemos imensamente a todos envolvidos!Trata-se de uma release major com breaking changes. Consulte o guia de migração antes de atualizar.Notas completas da release: https://github.com/fedify-dev/fedify/discussions/580#Fedify #ActivityPub #fediverso #fedidev #TypeScript"@fediverse @tecnologia @academicos @internet (pode seguir para acompanhar os assuntos ou marcar para amplificar a postagem até no #lemmy tb)@fedify https://hollo.social/@fedify/019c8521-92ef-7d5f-be4d-c50eae575742

@stefan@stefanbohacek.online Thanks!

According to @tchambers@indieweb.social's My 2026 Open Social Web Predictions: Fedify will power the federation layer for at least one mid-sized social platform (500K+ users) that adds ActivityPub support in 2026. The “build vs. buy” calculation for federation shifts decisively toward “just use Fedify.” We're honored by this recognition and will keep working hard to make #ActivityPub adoption easier for everyone. Thank you, Tim! #Fedify #fediverse #fedidev

🚨 Security Advisory: CVE-2025-68475 A ReDoS (Regular Expression Denial of Service) vulnerability has been discovered in Fedify's HTML parsing code. This vulnerability could allow a malicious federated server to cause denial of service by sending specially crafted HTML responses. CVE ID CVE-2025-68475 Severity High (CVSS 7.5) Affected versions ≤1.9.1 Patched versions 1.6.13, 1.7.14, 1.8.15, 1.9.2 If you're running Fedify in production, please upgrade to one of the patched versions immediately. For full details, see the security advisory: https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93 Thank you to Yue (Knox) Liu for responsibly reporting this vulnerability. #Fedify #ActivityPub #security #fediverse #fedidev

BotKitは、ActivityPubボットを作るためのTypeScriptフレームワークです。既存のMastodon/Misskeyボットとの違いは、ボット自体が独立したサーバーとして動作すること。プラットフォームのアカウントは不要です。 文字数制限もなければ、APIレート制限に悩まされることもありません。 bot.onMention = async (session, message) => { await message.reply(text`こんにちは、${message.actor}さん！`); }; フェデレーション、HTTP Signatures、配送キューといったActivityPub周りの処理はFedifyがすべて引き受けます。ボットのロジックを書くだけです。 DenoでもNode.jsでも動きます。 https://botkit.fedify.dev/ #BotKit #Fedify #ActivityPub #TypeScript #Deno #NodeJS

It's alive! 🧟After a bit of trial-error, got fediverse comments showing on a #nextjs site running #fedify. My personal fediverse-connected youtube mirror is now mostly feature complete. (The video post in the screenshot is over here: https://watch.hayes.software/video/16)#fediverse

@hongminhee It's a place where our loosey goosey style goes into nondeterminism. We should tighten it up in the next version. My main answer would be: publishers, don't do that.