We just published our first Trunk & Tidbits post! This will hopefuly be a monthly update where we showcase what we worked on last month, and what's coming next.
I hope this will bring more visibility to all the efforts and love that put on Mastodon
Coincidentally, this seems to expose a gap in #Fediverse security—since right now there's no way for me to continue posting to a hashtag I use frequently and avoid this user, who openly admits that they use .social to browse hashtags and then quote posts.
The only way I can use a hashtag on this federated network is to make my post publicly visible. Doesn't that make all hashtag-based communities here vulnerable to surveillance and potential abuse?
@adnan Maybe the #Fediverse would benefit from some kind of "listed and fediverse-public but not external-public" level of post visibility that would allow people to have their posts on hashtags propagated across the fediverse and visible internally within the federated timeline but not visible via pages like the non-authenticated external search on most instances to people who are not logged in 🤔
In case someone wants possibly the longest thread on the fediverse for testing purposes, here you go: https://mastodon.social/@brownpau/112322747861701800
With the way I store replies in #Smithereen, this will soon exceed my limit of 256 levels ¯_(ツ)_/¯
So, creating a block to refuse media doesn't affect the blocked domain's ability to create Preview Cards?
I created several media blocks for instances, esp bot instances that I want to come across posts or follow a few accounts, hoping to control my media storage and stop unnecessary media downloads and SideKiq jobs on posts that will only be stored in my search database from the federated timeline, but the preview cards are still being created. #MastoAdmin#MastoDev
*Use /search for search (/search?query=something)
*Move account secrets to a dedicated table (and encrypt it?)
*Add a way for the user to select which languages they understand
*Allow admins to configure instance favicon and logo
*Allow searching for hashtags in admin UI
*Convert Redux state to Typescript #MastoAdmin#devops#Programmers#dev.
I would like to add my Mastodon instance to my browsers search engines list. Interestingly, Miskey and Sharkey and some other federated platforms I've been to are already added.
I'm getting great results for content from my Mastodon search than Google and Bing, + no ads, and tracking.
Is anyone else getting traffic from 216.106.86.232 ?
I will open a report with the ISP
=======================
I'm putting this under #FediBlock because I've noticed that since 12 PM EDT yesterday (30-Apr-2024), API requests coming in from 216.106.86.232 have been returning 500 errors constantly from my server. No other 500 errors were being returned.
I blocked the IP at the Cloudflare firewall and now the 500 errors have stopped. There were more than 93K 500 return codes in total until now!
I have no idea what the requests are, and it's too late at night to do more research, but I'm passing this along to other Admins as a warning and to see if anyone else is seeing similar behavior.
@Gargron
Here's what I see in Cloudflare for the last one hour before blocking the IP address. Notice all the requests returning 500 are from this single IP. There are no page views. It's all API requests. And 500 errors stopped after I blocked it.
Is anyone else getting traffic from 216.106.86.232 ?
I will open a report with the ISP
=======================
I'm putting this under #FediBlock because I've noticed that since 12 PM EDT yesterday (30-Apr-2024), API requests coming in from 216.106.86.232 have been returning 500 errors constantly from my server. No other 500 errors were being returned.
I blocked the IP at the Cloudflare firewall and now the 500 errors have stopped. There were more than 93K 500 return codes in total until now!
I have no idea what the requests are, and it's too late at night to do more research, but I'm passing this along to other Admins as a warning and to see if anyone else is seeing similar behavior.
Here's what I see in Cloudflare for the last one hour before blocking the IP address. Notice all the requests returning 500 are from this single IP. There are no page views. It's all API requests. And 500 errors stopped after I blocked it.
The amount of Mastodon forks that mostly just change the UI, and the amount of UI bullshit Gargron creates, increasingly make me think that what's needed is to separate UI and AP more.
Adopt an API (ideally: not the Mastodon API, realistically: probably the Mastodon API) that as many projects as possible agree on and build separate projects, for handling ActivityPub and for handling web UI.
A lot of users never see Mastodon's web UI anyway, they use mobile clients, many of them third-party clients. The next logical step is to decouple UI and core development entirely.
Reposts are now done in #Smithereen. You can only make "quote-posts", not Announce reposts because Announce is too confusing and doesn't fit my vision. However, Announce reposts are no longer this half-assed thing like they were before. They now show up in people's profiles and use a different icon from my native reposts.
Is there a more efficient way to check if two accounts follow each other via Mastodon's API, other than fetching followers of both accounts and finding a match?
Mastodon fetching all replies to a post you're viewing would hugely improve user experience on small and one-person instances. If you know a bit about Ruby and/or Mastodon, please spend a moment reviewing this work in progress:
Another masto patch i take for granted on neuromatchstodon that actually makes for a lovely local tl:
glitch allows us to include boosts in the local TL, which makes it so people can "boost in" to the TL: you see not only what ppl are posting, but what they are looking at. boosting shares horizontally within small instances. That gets annoying tho, because you end up seeing the same boost a zillion times sometimes, so we added a filter that makes it so you only see the most recent one.
Just nice quality of life things for small fedi instances <3
Hello fedi. i am trying to solve the "fetch all replies" problem once and for all that makes the fedi feel a lot more desolate and with a lot more reply guys in it than it should be. this is take two, where before i had it triggered by a button, but now i think it should happen on the server-side whenever you expand a post. can anyone help me out figure out how to make this more efficient by only fetching posts that the server doesn't already have? i am not sure what the best strategy would be, and if anyone with experience doing efficient rails and SQL stuff could give me some pointers that would be gr8. the patch is actually extremely simple it just needs a few nice things to make it not DDoS everyone.
Scheduler::VacuumScheduler and Scheduler::UserCleanupScheduler run at the time I am most active. I am sure that is why I have some weird issues when I am surfing my timeline, like when it goes blank. Is there any way to alter the time that they run in SideKiq? If they could run at like noon instead of midnight that would be great.
But never thought that I would be coding it this way, and it works ✨ Don't have to wait for next/newer versions of masto.js when there are API endpoints/parameter/method changes. It lacks types but fine for me.
Now deployed on #PhanpySocialDev (dev.phanpy.social). Media-first UI experience only kicks in for #Pixelfed account log-ins. Basic features work, except:
Local and Federated timeline show the same thing
Trending, Bookmarks, Reply, Lists, and Filters don't work