<p><img src="https://neodb.social/media/emoji/hollo.social/botkit.png" class="emoji" alt=":botkit:" title=":botkit:"> Introducing <a href="/tags/botkit/" rel="tag">#BotKit</a>: A <a href="/tags/typescript/" rel="tag">#TypeScript</a> framework for creating truly standalone <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> bots!</p><p>Unlike traditional Mastodon bots, BotKit lets you build fully independent <a href="/tags/fediverse/" rel="tag">#fediverse</a> bots that aren't constrained by platform limits. Create your entire bot in a single TypeScript file using our simple, expressive API.</p><p>Currently <a href="/tags/deno/" rel="tag">#Deno</a>-only, with Node.js & Bun support planned. Built on the robust <a href="/tags/fedify/" rel="tag">#Fedify</a> foundation.</p><p><a href="https://bokit.fedify.dev/" rel="nofollow"><span class="invisible">https://</span>bokit.fedify.dev/</a></p>
fedify
<p>Made a little bit of progress on my <a href="/tags/fedify/" rel="tag">#Fedify</a> project yesterday. Spun my wheels testing a few <a href="/tags/typescript/" rel="tag">#TypeScript</a> ORMs and running into compatibility problems with each of them. By the time I went to bed, the preferences page was capable of storing and loading account-local form data for the first time. 🥳</p><p>For this project, when progress looks slow from the outside, it's because I'm learning the ecosystem pretty much from scratch. Not letting myself get discouraged. 🙂</p>
<p>We're excited to announce the release of <a href="https://github.com/fedify-dev/fedify/releases/tag/1.4.0" rel="nofollow">Fedify 1.4.0</a>! This release brings significant improvements to enhance compatibility and flexibility in <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> federation.</p><p>Key Highlights</p><p><a href="https://fedify.dev/manual/send#activity-transformers" rel="nofollow">Activity transformers</a></p><p>Introduced a new system to adjust outgoing activities for better compatibility with various ActivityPub implementations. This includes <a href="https://fedify.dev/manual/send#autoidassigner" rel="nofollow">automatic ID assignment for activities</a> and <a href="https://fedify.dev/manual/send#actordehydrator" rel="nofollow">actor dehydration</a> to satisfy implementation quirks (looking at you, Threads!).</p><p>WebFinger customization</p><p>Added the ability to customize WebFinger responses through the new <a href="https://fedify.dev/manual/actor#actor-aliases" rel="nofollow">mapAlias()</a> API, giving you more control over how your actors are discovered.</p><p>New interaction collections</p><p>Added support for shares, likes, and emojiReactions properties to the Object class, making it easier to access and traverse these interaction collections.</p><p>More flexible document/context loader</p><p><a href="https://fedify.dev/manual/federation#documentloaderfactory" rel="nofollow">Document loader</a> and <a href="https://fedify.dev/manual/federation#contextloaderfactory" rel="nofollow">context loader</a> are now configurable through factory functions, giving you more control over how your application handles JSON-LD documents.</p><p>CLI improvements</p><p>The <a href="https://fedify.dev/cli#fedify-lookup-looking-up-an-activitypub-object" rel="nofollow">fedify lookup</a> command now supports two new options:</p><p><a href="https://fedify.dev/cli#t-traverse-traverse-the-collection" rel="nofollow">-t/--traverse</a>: Traverse through collection objects<br><a href="https://fedify.dev/cli#s-suppress-errors-suppress-partial-errors-during-traversal" rel="nofollow">-S/--suppress-errors</a>: Continue operation even when encountering errors during traversal</p><p>Other enhancements</p><p>Added <a href="https://fedify.dev/manual/nodeinfo#nodeinfo-client" rel="nofollow">Context.getNodeInfo()</a> method for easier NodeInfo access<br>Improved error handling in collection traversal and JSON-LD processing<br>Added support for private network access control in WebFinger lookups<br>User-Agent headers now automatically include your instance URL, making it easier for other servers to identify your instance</p><p>For the complete list of changes and bugfixes, please visit our <a href="https://github.com/fedify-dev/fedify/releases/tag/1.4.0" rel="nofollow">changelog</a>.</p><p>Whether you're building a new federated application or maintaining an existing one, <a href="/tags/fedify/" rel="tag">#Fedify</a> 1.4.0 provides the tools you need for robust ActivityPub federation.</p><p>Supporting us</p><p>We're grateful to all our sponsors who make this project possible. Check out our new <a href="https://fedify.dev/sponsors" rel="nofollow">sponsors showcase page</a> to see the amazing individuals and organizations supporting Fedify's development. If you'd like to support Fedify's development, please consider <a href="https://opencollective.com/fedify" rel="nofollow">becoming a sponsor</a>!</p><p>Upgrade now</p><p>You can install Fedify 1.4.0 from <a href="https://jsr.io/@fedify/[email protected]" rel="nofollow">JSR</a> or <a href="https://www.npmjs.com/package/@fedify/fedify/v/1.4.0" rel="nofollow">npm</a>. Upgrade today and let us know what you think!</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>10月26日(土)に開催されるOSC 2024 Tokyo/Fallに<a href="https://fedify.dev/" rel="nofollow">Fedify</a>/<a href="https://hollo.social/" rel="nofollow">Hollo</a>合同で出展します!可愛いFedifyのロゴのシールと『<a href="https://github.com/dahlia/fedify-microblog-tutorial-ja" rel="nofollow">自分だけのフェディバースのマイクロブログを作ろう!</a>』日本語版の紙の本を持って行く予定です。よろしくお願いします。</p><p><a href="https://event.ospn.jp/osc2024-fall/" rel="nofollow"><span class="invisible">https://</span>event.ospn.jp/osc2024-fall/</a></p><p><a href="/tags/fedify/" rel="tag">#Fedify</a> <a href="/tags/hollo/" rel="tag">#Hollo</a> <a href="/tags/osc24tk/" rel="tag">#osc24tk</a></p>
<p><a href="/tags/fedify/" rel="tag">#Fedify</a> 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native <a href="/tags/cloudflare/" rel="tag">#Cloudflare</a> <a href="/tags/workers/" rel="tag">#Workers</a> support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀</p><p><a href="/tags/activitypub/" rel="tag">#ActivityPub</a> <a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/fediverse/" rel="tag">#fediverse</a> <a href="/tags/rfc9421/" rel="tag">#RFC9421</a> <a href="/tags/cloudflareworkers/" rel="tag">#CloudflareWorkers</a></p>
<p>Okay, I'm about to release <a href="/tags/fedify/" rel="tag">#Fedify</a> 1.4.0. Probably today or tomorrow?</p>
<p>I have deeply mixed feelings about <a href="/tags/activitypub/" rel="tag">#ActivityPub</a>'s adoption of JSON-LD, as someone who's spent way too long dealing with it while building <a href="/tags/fedify/" rel="tag">#Fedify</a>.</p><p>Part of me wishes it had never happened. A lot of developers jump into ActivityPub development without really understanding JSON-LD, and honestly, can you blame them? The result is a growing number of implementations producing technically invalid JSON-LD. It works, sort of, because everyone's just pattern-matching against what Mastodon does, but it's not correct. And even developers who do take the time to understand JSON-LD often end up hardcoding their documents anyway, because proper JSON-LD processor libraries simply don't exist for many languages. No safety net, no validation, just vibes and hoping you got the @context right. Naturally, mistakes creep in.</p><p>But then the other part of me thinks: well, we're stuck with JSON-LD now. There's no going back. So wouldn't it be nice if people actually used it properly? Process the documents, normalize them, do the compaction and expansion dance the way the spec intended. That's what Fedify does.</p><p>Here's the part that really gets to me, though. Because Fedify actually processes JSON-LD correctly, it's more likely to break when talking to implementations that produce malformed documents. From the end user's perspective, Fedify looks like the fragile one. “Why can't I follow this person?” Well, because their server is emitting garbage JSON-LD that happens to work with implementations that just treat it as a regular JSON blob. Every time I get one of these bug reports, I feel a certain injustice. Like being the only person in the group project who actually read the assignment.</p><p>To be fair, there are real practical reasons why most people don't bother with proper JSON-LD processing. Implementing a full processor is genuinely a lot of work. It leans on the entire Linked Data stack, which is bigger than most people expect going in. And the performance cost isn't trivial either. Fedify uses some tricks to keep things fast, and I'll be honest, that code isn't my proudest work.</p><p>Anyway, none of this is going anywhere. Just me grumbling into the void. If you're building an ActivityPub implementation, maybe consider using a JSON-LD processor if one's available for your language. And if you're not going to, at least test your output against implementations that do.</p><p><a href="/tags/jsonld/" rel="tag">#JSONLD</a> <a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>We have released <a href="/tags/security/" rel="tag">#security</a> updates (<a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow">1.0.14</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow">1.1.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow">1.2.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow">1.3.4</a>) to address <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow">CVE-2025-23221</a>, a <a href="/tags/vulnerability/" rel="tag">#vulnerability</a> in <a href="/tags/fedify/" rel="tag">#Fedify</a>'s <a href="/tags/webfinger/" rel="tag">#WebFinger</a> implementation. We recommend all users update to the latest version of their respective release series immediately.</p><p>The Vulnerability</p><p>A security researcher identified multiple security issues in Fedify's lookupWebFinger() function that could be exploited to:</p><p>Perform denial of service attacks through infinite redirect loops<br>Execute server-side request forgery (<a href="/tags/ssrf/" rel="tag">#SSRF</a>) attacks via redirects to private network addresses<br>Access unintended URL schemes through redirect manipulation</p><p>Fixed Versions</p><p>1.3.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow">1.3.4</a><br>1.2.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow">1.2.11</a><br>1.1.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow">1.1.11</a><br>1.0.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow">1.0.14</a></p><p>Changes</p><p>The security updates implement the following fixes:</p><p>Added a maximum redirect limit (5) to prevent infinite redirect loops<br>Restricted redirects to only follow the same scheme as the original request (HTTP/HTTPS)<br>Blocked redirects to private network addresses to prevent SSRF attacks</p><p>How to Update</p><p>To update to the latest secure version:</p><p># For npm usersnpm update @fedify/fedify# For Deno usersdeno add jsr:@fedify/fedify</p><p>We thank the security researcher who responsibly disclosed this vulnerability, allowing us to address these issues promptly.</p><p>For more details about this vulnerability, please refer to our <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow">security advisory</a>.</p><p>If you have any questions or concerns, please don't hesitate to reach out through our <a href="https://github.com/dahlia/fedify/discussions" rel="nofollow">GitHub Discussions</a>, join our <a href="https://matrix.to/#/#fedify:matrix.org" rel="nofollow">Matrix chat space</a>, or our <a href="https://discord.gg/bhtwpzURwd" rel="nofollow">Discord server</a>.</p>
<p>If you are a <a href="/tags/fediverse/" rel="tag">#fediverse</a> admin running libraries on <a href="/tags/fedify/" rel="tag">#Fedify</a> keep an eye on this: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-23221" rel="nofollow" class="ellipsis" title="nvd.nist.gov/vuln/detail/CVE-2025-23221"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/CVE-2</span><span class="invisible">025-23221</span></a></p>
<p><a href="/tags/fedify/" rel="tag">#Fedify</a> already uses the <a href="/tags/temporal/" rel="tag">#Temporal</a> API exclusively for representing temporal data.</p><p><a href="https://developer.mozilla.org/en-US/blog/javascript-temporal-is-coming/" rel="nofollow" class="ellipsis" title="developer.mozilla.org/en-US/blog/javascript-temporal-is-coming/"><span class="invisible">https://</span><span class="ellipsis">developer.mozilla.org/en-US/bl</span><span class="invisible">og/javascript-temporal-is-coming/</span></a></p>
<p>📢 Important announcement! <a href="/tags/botkit/" rel="tag">#BotKit</a>'s <a href="/tags/github/" rel="tag">#GitHub</a> repository has moved to a new home! 🏠</p><p>The repository is now located at <a href="https://github.com/fedify-dev/botkit" rel="nofollow">@fedify-dev/botkit</a> (previously <a href="https://github.com/dahlia/botkit" rel="nofollow">@dahlia/botkit</a>). All future development will continue at the new location.</p><p>Don't worry—everything's the same, just a new address! Please update your bookmarks and project references. Thanks for being part of our community! <img src="https://neodb.social/media/emoji/hollo.social/botkit.png" class="emoji" alt=":botkit:" title=":botkit:"></p><p><a href="/tags/fedify/" rel="tag">#Fedify</a> <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> <a href="/tags/fediverse/" rel="tag">#fediverse</a> <a href="/tags/fedidev/" rel="tag">#fedidev</a></p><p><a href="https://hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14" rel="nofollow" class="ellipsis" title="hollo.social/@fedify/0194a851-581d-779c-b777-dc39e753ef14"><span class="invisible">https://</span><span class="ellipsis">hollo.social/@fedify/0194a851-</span><span class="invisible">581d-779c-b777-dc39e753ef14</span></a></p>
<p>Valtteri Laitinen (<a href="https://fedi.valtlai.fi/@valtlai" rel="nofollow">@valtlai</a>) managed to get <a href="/tags/fedify/" rel="tag">#Fedify</a> running on <a href="/tags/cloudflare/" rel="tag">#Cloudflare</a> Workers!</p><p><a href="/tags/cloudflareworkers/" rel="tag">#CloudflareWorkers</a> <a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/activitypub/" rel="tag">#ActivityPub</a></p><p><a href="https://fedi.valtlai.fi/@valtlai/113906145660141267" rel="nofollow" class="ellipsis" title="fedi.valtlai.fi/@valtlai/113906145660141267"><span class="invisible">https://</span><span class="ellipsis">fedi.valtlai.fi/@valtlai/11390</span><span class="invisible">6145660141267</span></a></p>
<p>Did you know? <a href="/tags/fedify/" rel="tag">#Fedify</a> provides <a href="/tags/documentation/" rel="tag">#documentation</a> optimized for LLMs through the <a href="https://llmstxt.org/" rel="nofollow">llms.txt standard</a>.</p><p>Available endpoints:</p><p><a href="https://fedify.dev/llms.txt" rel="nofollow"><span class="invisible">https://</span>fedify.dev/llms.txt</a> — Core documentation overview<br><a href="https://fedify.dev/llms-full.txt" rel="nofollow"><span class="invisible">https://</span>fedify.dev/llms-full.txt</a> — Complete documentation dump</p><p>Useful for training <a href="/tags/ai/" rel="tag">#AI</a> assistants on <a href="/tags/activitypub/" rel="tag">#ActivityPub</a>/<a href="/tags/fediverse/" rel="tag">#fediverse</a> development, building documentation chatbots, or <a href="/tags/llm/" rel="tag">#LLM</a>-powered dev tools.</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>As the maintainer of <a href="/tags/fedify/" rel="tag">#Fedify</a>, I'd be grateful for your support to help keep the project sustainable! <img src="https://neodb.social/media/emoji/hollo.social/fedify.png" class="emoji" alt=":fedify:" title=":fedify:"></p><p><a href="https://hollo.social/@fedify/0194b112-b604-7d03-84e0-4faaf4ab46cd" rel="nofollow" class="ellipsis" title="hollo.social/@fedify/0194b112-b604-7d03-84e0-4faaf4ab46cd"><span class="invisible">https://</span><span class="ellipsis">hollo.social/@fedify/0194b112-</span><span class="invisible">b604-7d03-84e0-4faaf4ab46cd</span></a></p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/sponsor/" rel="tag">#sponsor</a> <a href="/tags/backer/" rel="tag">#backer</a> <a href="/tags/donation/" rel="tag">#donation</a></p>
<p>Following <a href="https://github.com/mastodon/mastodon/issues/29905#issuecomment-2624340545" rel="nofollow">Mastodon's plan</a> to adopt HTTP Message Signatures (<a href="https://www.rfc-editor.org/rfc/rfc9421" rel="nofollow">RFC 9421</a>), we will <a href="https://github.com/fedify-dev/fedify/issues/208" rel="nofollow">implement the same standard</a> in <a href="/tags/fedify/" rel="tag">#Fedify</a>. We'll use “<a href="https://swicg.github.io/activitypub-http-signature/#how-to-upgrade-supported-versions" rel="nofollow">double-knocking</a>” to maintain compatibility with servers using older signature versions (<a href="https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12" rel="nofollow">draft-cavage-http-signatures-12</a>).</p>
<p>A milestone worth celebrating—<a href="/tags/fedify/" rel="tag">#Fedify</a> just hit <a href="https://github.com/fedify-dev/fedify/releases" rel="nofollow">100+ releases</a>! From day one, we've been committed to building a robust <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> framework, and each release has brought us closer to that goal. Here's to many more releases as we continue growing the <a href="/tags/fediverse/" rel="tag">#fediverse</a> together! <img src="https://neodb.social/media/emoji/hollo.social/fedify.png" class="emoji" alt=":fedify:" title=":fedify:"> <a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>Build your own <a href="/tags/fediverse/" rel="tag">#fediverse</a> server with <a href="/tags/fedify/" rel="tag">#Fedify</a>!</p><p><a href="https://fedify.dev/" rel="nofollow">Fedify</a> is a <a href="/tags/typescript/" rel="tag">#TypeScript</a> framework that simplifies <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> implementation. Want to build a federated server without the complexity? Fedify has got you covered!</p><p>✨ Key features</p><p>Complete protocol support including <a href="https://fedify.dev/manual/actor" rel="nofollow">WebFinger</a>, <a href="https://fedify.dev/manual/send#http-signatures" rel="nofollow">HTTP Signatures</a>, and <a href="https://fedify.dev/manual/nodeinfo" rel="nofollow">NodeInfo</a><br>Enhanced interoperability with <a href="https://fedify.dev/manual/send#object-integrity-proofs" rel="nofollow">Object Integrity Proofs</a> and <a href="https://fedify.dev/manual/send#linked-data-signatures" rel="nofollow">Linked Data Signatures</a><br>Type-safe <a href="https://fedify.dev/manual/vocab" rel="nofollow">Activity Vocabulary API</a> to prevent development mistakes<br>Reliable delivery with <a href="https://fedify.dev/manual/send#enqueuing-an-outgoing-activity" rel="nofollow">automatic retries and message queues</a><br>Full observability through <a href="https://fedify.dev/manual/opentelemetry" rel="nofollow">OpenTelemetry integration</a><br>Multiple backend support: <a href="https://fedify.dev/manual/mq#redismessagequeue" rel="nofollow">Redis</a>, <a href="https://fedify.dev/manual/mq#postgresmessagequeue" rel="nofollow">PostgreSQL</a>, <a href="https://fedify.dev/manual/mq#amqpmessagequeue" rel="nofollow">AMQP</a><br>Seamless integration with popular web frameworks: <a href="https://fedify.dev/manual/integration#express" rel="nofollow">Express</a>, <a href="https://fedify.dev/manual/integration#hono" rel="nofollow">Hono</a>, <a href="https://fedify.dev/manual/integration#fresh" rel="nofollow">Fresh</a>, <a href="https://fedify.dev/manual/integration#sveltekit" rel="nofollow">SvelteKit</a><br>Comprehensive <a href="https://fedify.dev/manual/log" rel="nofollow">logging and tracing</a></p><p>🔧 <a href="https://fedify.dev/cli" rel="nofollow">CLI toolchain</a></p><p>Debug ActivityPub in real-time with <a href="https://fedify.dev/cli#fedify-inbox-ephemeral-inbox-server" rel="nofollow">ephemeral inbox server</a><br>Inspect ActivityPub objects and actors with <a href="https://fedify.dev/cli#fedify-lookup-looking-up-an-activitypub-object" rel="nofollow">lookup tool</a><br><a href="https://fedify.dev/cli#fedify-tunnel-exposing-a-local-http-server-to-the-public-internet" rel="nofollow">Tunnel your local server</a> for development</p><p>🚀 Runtime support</p><p><a href="https://deno.com/" rel="nofollow">Deno</a><br><a href="https://nodejs.org/" rel="nofollow">Node.js</a><br><a href="https://bun.sh/" rel="nofollow">Bun</a></p><p>📚 Easy to learn</p><p><a href="https://fedify.dev/" rel="nofollow">Extensive docs</a><br><a href="https://fedify.dev/tutorial/microblog" rel="nofollow">Step-by-step tutorials</a><br>Community support via <a href="https://matrix.to/#/#fedify:matrix.org" rel="nofollow">Matrix</a> & <a href="https://discord.gg/bhtwpzURwd" rel="nofollow">Discord</a></p><p>Available under the <a href="/tags/mit/" rel="tag">#MIT</a> license—free and open source!</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>We're excited to announce two major features coming in <a href="/tags/fedify/" rel="tag">#Fedify</a> 1.5.0, focused on giving you more control over domain names in your federated apps:</p><p><a href="https://unstable.fedify.dev/manual/federation#separating-webfinger-host-from-the-server-origin" rel="nofollow">Separate WebFinger Host from Server Origin</a></p><p>Want different domains for your WebFinger handles and server URIs? Fedify 1.5.0 will let you use domains like @[email protected] as fediverse handles while serving content from <a href="https://ap.example.com" rel="nofollow"><span class="invisible">https://</span>ap.example.com</a>. This gives you more flexibility in how you structure your federated services.</p><p><a href="https://unstable.fedify.dev/manual/federation#explicitly-setting-the-canonical-origin" rel="nofollow">Canonical Origin Support</a></p><p>Need to ensure consistent URLs across your infrastructure? The new canonical origin support lets you explicitly set your server's authoritative domain. This is particularly useful when running behind reverse proxies or load balancers—no more unexpected URLs generated from internal hostnames.</p><p>These features represent our ongoing commitment to making Fedify more flexible and production-ready.</p><p>Can't wait to try these features? You can experiment with them today using our unstable release v1.5.0-dev.680+562e3dc0 (<a href="https://jsr.io/@fedify/[email protected]+562e3dc0" rel="nofollow">JSR</a> & <a href="https://www.npmjs.com/package/@fedify/fedify/v/1.5.0-dev.680" rel="nofollow">npm</a>). Keep in mind that this is an unstable release intended for testing—use it in production at your own risk.</p><p>Otherwise, stay tuned for the stable Fedify 1.5.0 release!</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/activitypub/" rel="tag">#ActivityPub</a></p>
<p>Two new features are coming to <a href="/tags/fedify/" rel="tag">#Fedify</a>! Both have to do with controls over domain names:</p><p>Different domains for WebFinger handles and server URIs.<br>Canonical origin support to explicitly set your server’s authoritative domain</p><p><a href="https://hollo.social/@fedify/01953693-1afd-7430-988a-23d649099e1c" rel="nofollow" class="ellipsis" title="hollo.social/@fedify/01953693-1afd-7430-988a-23d649099e1c"><span class="invisible">https://</span><span class="ellipsis">hollo.social/@fedify/01953693-</span><span class="invisible">1afd-7430-988a-23d649099e1c</span></a></p><p><span class="h-card"><a href="https://piefed.social/c/fediversenews" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fediversenews</span></a></span></p>
<p>We're pleased to share that <a href="https://fedify.dev/why#encyclia-bridging-academic-research-to-the-fediverse" rel="nofollow">Encyclia has joined our success stories.</a></p><p><span class="h-card"><a href="https://fietkau.social/@encyclia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>encyclia</span></a></span> bridges academic research to the <a href="/tags/fediverse/" rel="tag">#fediverse</a> by making <a href="/tags/orcid/" rel="tag">#ORCID</a> researcher profiles and publications discoverable through <a href="/tags/activitypub/" rel="tag">#ActivityPub</a>—built with <a href="/tags/fedify/" rel="tag">#Fedify</a> for seamless interoperability across Mastodon and other fediverse platforms.</p><p>This demonstrates Fedify's versatility beyond traditional social networking, helping specialized domains connect to the federated web.</p><p>We're also grateful for <a href="/tags/encyclia/" rel="tag">#Encyclia</a>'s sponsorship support, which helps make Fedify's development possible.</p><p>Learn more about Encyclia at <a href="https://encyclia.pub/" rel="nofollow"><span class="invisible">https://</span>encyclia.pub/</a>. 📚</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/openscience/" rel="tag">#openscience</a></p>
<p>We are pleased to announce the release of <a href="/tags/fedify/" rel="tag">#Fedify</a> 1.7.0. This release was expedited at the request of the Ghost team, who are actively using Fedify for their <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> implementation. As a result, several features originally planned for this version have been moved to Fedify 1.8.0 to ensure timely delivery of the most critical improvements.</p><p>This release focuses on enhancing message queue functionality and improving compatibility with ActivityPub servers through refined HTTP signature handling.</p><p>Native retry mechanism support</p><p>This release introduces support for native retry mechanisms in message queue backends. The new <a href="https://fedify.dev/manual/mq#native-retry-mechanisms" rel="nofollow">MessageQueue.nativeRetrial</a> property allows queue implementations to indicate whether they provide built-in retry functionality, enabling Fedify to optimize its retry behavior accordingly.</p><p>When nativeRetrial is set to true, Fedify will delegate retry handling to the queue backend rather than implementing its own retry logic. This approach reduces overhead and leverages the proven retry mechanisms of established queue systems.</p><p>Current implementations with native retry support include:</p><p><a href="https://fedify.dev/manual/mq#denokvmessagequeue-deno-only" rel="nofollow">DenoKvMessageQueue</a> — utilizes Deno KV's automatic retry with exponential backoff<br><a href="https://fedify.dev/manual/mq#workersmessagequeue-cloudflare-workers-only" rel="nofollow">WorkersMessageQueue</a> — leverages Cloudflare Queues' automatic retry and dead-letter queue features<br><a href="https://fedify.dev/manual/mq#amqpmessagequeue" rel="nofollow">AmqpMessageQueue</a> — can now be configured to use AMQP broker's native retry mechanisms</p><p>The <a href="https://fedify.dev/manual/mq#inprocessmessagequeue" rel="nofollow">InProcessMessageQueue</a> continues to use Fedify's internal retry mechanism, while <a href="https://fedify.dev/manual/mq#parallel-message-processing" rel="nofollow">ParallelMessageQueue</a> inherits the retry behavior from its wrapped queue.</p><p>AMQP message queue improvements</p><p>Alongside Fedify 1.7.0, we have also released <a href="https://github.com/fedify-dev/amqp" rel="nofollow">@fedify/amqp</a> 0.3.0. This release adds the nativeRetrial option to AmqpMessageQueueOptions, enabling you to leverage your AMQP broker's built-in retry mechanisms. When enabled, this option allows the AMQP broker to handle message retries according to its configured policies, rather than relying on Fedify's internal retry logic.</p><p>Configurable double-knocking</p><p>The new <a href="https://fedify.dev/manual/federation#firstknock" rel="nofollow">FederationOptions.firstKnock</a> option provides control over the HTTP Signatures specification used for the initial signature attempt when communicating with previously unknown servers.</p><p>Previously, the first knock for newly encountered servers always used <a href="https://datatracker.ietf.org/doc/html/rfc9421" rel="nofollow">RFC 9421</a> (HTTP Message Signatures), falling back to <a href="https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12" rel="nofollow">draft-cavage-http-signatures-12</a> if needed. With this release, you can now configure which specification to use for the first knock when communicating with unknown servers, with RFC 9421 remaining the default.</p><p>Summary</p><p>This release maintains Fedify's commitment to reliability and compatibility while laying the groundwork for more efficient message processing. The native retry mechanism support will particularly benefit applications using queue backends with sophisticated retry capabilities, while the double-knocking mechanism addresses real-world compatibility challenges in the ActivityPub ecosystem.</p><p>For detailed technical information about these changes, please refer to the <a href="https://github.com/fedify-dev/fedify/blob/1.7.0/CHANGES.md#version-170" rel="nofollow">changelog</a> in the repository.</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a> <a href="/tags/fediverse/" rel="tag">#fediverse</a></p>
<p><a href="/tags/botkit/" rel="tag">#BotKit</a> is a <a href="/tags/typescript/" rel="tag">#TypeScript</a> framework for building <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> bots. The difference from typical Mastodon/Misskey bots? Your bot runs as its own independent server—no platform account needed.</p><p>This means no character limits, no rate limiting headaches, no API restrictions.</p><p>bot.onMention = async (session, message) => { await message.reply(text`Hi, ${message.actor}!`);};</p><p>The ActivityPub stuff (federation, HTTP Signatures, delivery queues) is handled by <a href="/tags/fedify/" rel="tag">#Fedify</a> under the hood. You just write your bot logic.</p><p>Works with both <a href="/tags/deno/" rel="tag">#Deno</a> and <a href="/tags/node/" rel="tag">#Node</a>.js.</p><p><a href="https://botkit.fedify.dev/" rel="nofollow"><span class="invisible">https://</span>botkit.fedify.dev/</a></p>
<p>Excited to share that I've joined <a href="/tags/ossca/" rel="tag">#OSSCA</a> (Open Source Software Contribution Academy) as a mentor for the <span class="h-card"><a href="https://hollo.social/@fedify" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fedify</span></a></span> project!</p><p>OSSCA is a national program run by South Korea's NIPA (National IT Industry Promotion Agency) through their Open Source Software Support Center, aimed at fostering the next generation of open source contributors.</p><p>We're currently in the process of selecting around 20 mentees who will start contributing to <a href="/tags/fedify/" rel="tag">#Fedify</a> once the selection is complete. I've been busy preparing good first issues to help them get started on their open source journey.</p><p>Looking forward to working with these new contributors and seeing what amazing things we can build together!</p><p><a href="/tags/opensource/" rel="tag">#opensource</a> <a href="/tags/mentoring/" rel="tag">#mentoring</a> <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> <a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>We're considering adding custom background task support to <a href="/tags/fedify/" rel="tag">#Fedify</a> 1.5.0.</p><p>Want to use Fedify's worker system for your own background tasks? We're exploring ways to let you register and process custom tasks alongside <a href="/tags/activitypub/" rel="tag">#ActivityPub</a> jobs.</p><p>Check out the proposal: <a href="https://github.com/fedify-dev/fedify/issues/206" rel="nofollow" class="ellipsis" title="github.com/fedify-dev/fedify/issues/206"><span class="invisible">https://</span><span class="ellipsis">github.com/fedify-dev/fedify/i</span><span class="invisible">ssues/206</span></a>.</p><p>Key considerations:</p><p>Should this be part of Fedify's scope?<br>Quick API extension vs complete worker architecture redesign<br>Integration with existing task queue systems</p><p>We'd love to hear your thoughts! Do you need this feature? How would you use it? Share your feedback in the issue thread.</p><p><a href="/tags/fedidev/" rel="tag">#fedidev</a></p>
<p>Is the world in need of a federated Craigslist/Kleinanzeigen platform? I am currently thinking about a project to dig into <a href="/tags/fediverse/" rel="tag">#fediverse</a> development and learning <a href="/tags/golang/" rel="tag">#golang</a> or stay with <a href="/tags/deno/" rel="tag">#deno</a> and using <a href="/tags/fedify/" rel="tag">#fedify</a>.</p><p>EDIT: There is already something like that on the fediverse! It's called Flohmarkt. Thanks for the comments mentioning that!<br><a href="https://codeberg.org/flohmarkt/flohmarkt" rel="nofollow" class="ellipsis" title="codeberg.org/flohmarkt/flohmarkt"><span class="invisible">https://</span><span class="ellipsis">codeberg.org/flohmarkt/flohmar</span><span class="invisible">kt</span></a></p>
Edited 1y ago