Fedify, an ActivityPub framework, has finally released its first stable version, 1.0.0! Here are key changes:
Deprecation of the term handle
From this version, the term handle across Fedify will only be used to refer to fediverse handles (e.g., @hongminhee@fosstodon.org). An actor's internal unique ID (e.g., b379dbdc-3b4f-4ef4-88c2-fc25632d1c22) is referred to as an identifier, and the WebFinger name (e.g., hongminhee) is referred to as a username.
The term handle in the API will be maintained for a while for backward compatibility, but deprecation warnings will be logged, and it is planned to be removed in the future.
For more details, please refer to the related documentation.
Linked Data Signatures
Linked Data Signatures is an outdated standard, but it's still relied upon by major fediverse implementations such as Mastodon.
In addition to HTTP Signatures and Object Integrity Proofs, Fedify now supports Linked Data Signatures from this version, thus supporting all types of signature methods used in the fediverse. This makes Fedify an ActivityPub implementation with the best interoperability.
However, Fedify users don't need to do anything special to use Linked Data Signatures. If an incoming activity has Linked Data Signatures, it automatically verifies the signature, and all outgoing activities will have signatures in three formats: HTTP Signatures, Linked Data Signatures, and Object Integrity Proofs.
For more details, please refer to the related documentation.
Activity forwarding
From this version, you can forward activities received in the inbox to other actors using the InboxContext.forwardActivity() method.
At first glance, you might think that you could just resend an activity received in the inbox using the Context.sendActivity() method. However, if you do this, the original signature is removed before the activity is delivered to the inbox, and when sending it, the signature of the forwarding actor is attached instead, causing the receiving side of the forwarded activity to not trust it.
On the other hand, when using the InboxContext.forwardActivity() method, the activity is forwarded with the original signature preserved, avoiding this problem. (Of course, the original activity itself must be signed with Linked Data Signatures or Object Integrity Proofs.)
For more details, please refer to the related documentation.
Sending Delete(Application) on fedify inbox termination
From this version, fedify inbox will send a Delete(Application) activity to all peer servers it encountered when terminated. This is typically an activity sent when deleting an account, which will help prevent residual data related to temporary actors from remaining on other servers.
PostgreSQL drivers
The @fedify/postgres package, which implements PostgreSQL drivers for the KvStore and MessageQueue interfaces, has been released alongside this version.
The PostgreSQL driver is a backend that can be sufficiently used in production, especially recommended for projects already using PostgreSQL.
Additionally, an option to select the PostgreSQL driver has been added to the fedify init command.
Celebrating Fedify 1.0.0
With the release of version 1.0.0, Fedify will now maintain API backward compatibility as much as possible. (Of course, in the long term, there may be a 2.0.0 that breaks backward compatibility.) This should be good news for those who have been hesitant to use Fedify because there hasn't been a stable version until now!
So, hoping that more services will support ActivityPub in the future, I conclude this post!
#Fedify #ActivityPub #fedidev
Fedify: an ActivityPub server framework /
npub14m…0rx6j
2024-09-25 15:57:58
Author Public Key
npub14m5mtm90njtvnfethdhsy4svharvsyr7kep4dws6y9kvdn8sj96sg0rx6jPublished at
2024-09-25 15:57:58Event JSON
{
"id": "65e7b933635a85e460d1241cd1098fc60a07329a8cfae8275c211740fba83681",
"pubkey": "aee9b5ecaf9c96c9a72bbb6f02560cbf46c8107eb64356ba1a216cc6ccf09175",
"created_at": 1727279878,
"kind": 1,
"tags": [
[
"proxy",
"https://hollo.social/@fedify/019229e7-4fdc-7a46-a0ec-d383566a49cc",
"activitypub"
]
],
"content": "Fedify, an ActivityPub framework, has finally released its first stable version, 1.0.0! Here are key changes:\nDeprecation of the term handle\nFrom this version, the term handle across Fedify will only be used to refer to fediverse handles (e.g., @hongminhee@fosstodon.org). An actor's internal unique ID (e.g., b379dbdc-3b4f-4ef4-88c2-fc25632d1c22) is referred to as an identifier, and the WebFinger name (e.g., hongminhee) is referred to as a username.\nThe term handle in the API will be maintained for a while for backward compatibility, but deprecation warnings will be logged, and it is planned to be removed in the future.\nFor more details, please refer to the related documentation.\nLinked Data Signatures\nLinked Data Signatures is an outdated standard, but it's still relied upon by major fediverse implementations such as Mastodon.\nIn addition to HTTP Signatures and Object Integrity Proofs, Fedify now supports Linked Data Signatures from this version, thus supporting all types of signature methods used in the fediverse. This makes Fedify an ActivityPub implementation with the best interoperability.\nHowever, Fedify users don't need to do anything special to use Linked Data Signatures. If an incoming activity has Linked Data Signatures, it automatically verifies the signature, and all outgoing activities will have signatures in three formats: HTTP Signatures, Linked Data Signatures, and Object Integrity Proofs.\nFor more details, please refer to the related documentation.\nActivity forwarding\nFrom this version, you can forward activities received in the inbox to other actors using the InboxContext.forwardActivity() method.\nAt first glance, you might think that you could just resend an activity received in the inbox using the Context.sendActivity() method. However, if you do this, the original signature is removed before the activity is delivered to the inbox, and when sending it, the signature of the forwarding actor is attached instead, causing the receiving side of the forwarded activity to not trust it.\nOn the other hand, when using the InboxContext.forwardActivity() method, the activity is forwarded with the original signature preserved, avoiding this problem. (Of course, the original activity itself must be signed with Linked Data Signatures or Object Integrity Proofs.)\nFor more details, please refer to the related documentation.\nSending Delete(Application) on fedify inbox termination\nFrom this version, fedify inbox will send a Delete(Application) activity to all peer servers it encountered when terminated. This is typically an activity sent when deleting an account, which will help prevent residual data related to temporary actors from remaining on other servers.\nPostgreSQL drivers\nThe @fedify/postgres package, which implements PostgreSQL drivers for the KvStore and MessageQueue interfaces, has been released alongside this version.\nThe PostgreSQL driver is a backend that can be sufficiently used in production, especially recommended for projects already using PostgreSQL.\nAdditionally, an option to select the PostgreSQL driver has been added to the fedify init command.\nCelebrating Fedify 1.0.0\nWith the release of version 1.0.0, Fedify will now maintain API backward compatibility as much as possible. (Of course, in the long term, there may be a 2.0.0 that breaks backward compatibility.) This should be good news for those who have been hesitant to use Fedify because there hasn't been a stable version until now!\nSo, hoping that more services will support ActivityPub in the future, I conclude this post!\n#Fedify #ActivityPub #fedidev\n",
"sig": "2c3072eff481e9d661c207ec0f8e2a02c94c55301cc046996e8b17fa362e6b1fff3441aa709705dfe0ba04c665fc3bb0dbc3254499dfef885233b096e0d249f6"
}