fedicat@fedicat@pc.cafe

Home | Notifications | New Note | Local | Federated | Search | Logout

fedicat@fedicat@pc.cafe

The official account for the Fedicat fediverse iOS client available on TestFlight. I try to include other fediverse stuff to keep it interesting.

the website: https://fedicat.com/
daily builds on tesflight: https://testflight.apple.com/join/b6GatWTY
some code on codeberg: https://codeberg.org/technicat/fedicat
me, myself, and I: https://technicat.com/
Joined: 2026-04-16 05:05:56
116 notes, 1 following, 1 followers


fedicat@fedicat@pc.cafe boosted:
@xz@ebadf.port0.org (2026-05-21 18:09:00)
One annoyance with my small #snac instance - or any small Fediverse island regardless of the software - is the missing visibility of the rest of the network. For followed hashtags, I am missing out on most posts as I am not federating with most instances.

The usual solution is to use an ActivityPub relay. This, however, resulted in receiving looots of posts, hitting file size and inode limits on this small VM. Thus, I gave up this experiment a while ago.

Now, I just stumbled about https://relay.fedi.buzz/ from @astro@c3d2.social, which allows to only follow certain hashtags, which is kinda exactly what I wanted &#10084;&#65039;

After following the Subscribing to Fediverse Relays section from snac(8), I came up with the following jq(1) command to subscribe each hashtag I am already following on my #snac instance. And yes, this would be way faster to do by hand for those six hashtags in total.

$ # Create multiple snac follow commands for each hashtag the &#34;xz&#34;
$ # user follows. The &#34;data&#34; directory is the $SNAC_BASEDIR.
$ jq -j \
  '.followed_hashtags.[] | &#34;snac follow data relay https://relay.fedi.buzz/tag/&#34;,.[1:],&#34;; &#34;' \
  &#60; data/user/xz/user.json
snac follow data relay https://relay.fedi.buzz/tag/openbsd; snac follow data relay https://relay.fedi.buzz/tag/snac; [ . . . ]

If the generated commands are looking not suspicious enough, rerun the command within $() or execute the output manually.

Finally, I am able to doomscroll #biketooter for weird and ridiculously expensive bikes from my instance; yay!


fedicat@fedicat@pc.cafe boosted:
@dansup@mastodon.social (2026-05-20 23:08:34)
Loops Roadmap ⚡️

https://joinloops.org/roadmap


fedicat@fedicat@pc.cafe boosted:
@erictapen@chaos.social (2026-05-20 23:14:39)
If you are working on Fediverse software, you might have heard about FEP-8a8e, which is an upcoming standard to unitize how events (as in gatherings of people) are shared via ActivityPub.

I'm currently working on a cool new validation tool that is supposed to help developers write correct implementations of this standard:

https://validate.event-federation.eu/

🧵1/7
---Attachments---
image: https://assets.chaos.social/media_attachments/files/116/607/312/809/662/750/original/0727a2b20d3e0967.png


fedicat@fedicat@pc.cafe boosted:
@dhitchenor@fe.disroot.org (2026-05-21 19:59:24)
Hello all,

My apologies for my tardiness; life does get in the way sometimes.

On a good note, Hubzilla was updated to 11.2.1 about a day ago, and the docker image is about an hour or so away from being released. I want to personally thank you for your patience; the runners are busy crunching the code, and building as we speak.

Special thanks goes out to the Hubzilla devs, and contributors for their fine work. If you are curious, you can find their work at:
https://framagit.org/hubzilla/core

The release is available for review at:
https://framagit.org/hubzilla/core/-/releases

And of course, when it drops, the docker image will be available at:
https://hub.docker.com/r/dhitchenor/hubzilla

I hope this finds you all well; please stay safe, and I'll see you on the fediverse.

fedicat@fedicat@pc.cafe boosted:
@info@hubzilla.org (2026-05-22 11:52:42)
The appearance and functionality of Hubzilla, a Fediverse software which has been continuously developed for 16 years now, are highly customizable. A key element for that are themes.

As an instance Administrator, you can create or install multiple themes, and make one or more of them available to your instance Users.

As a User, you can select any of the themes that your instance Administrator has made available.

If you are a Developer, you can create your own themes. Unlike some other theming systems, you can change more than the colors and images. You can change the entire HTML structure if you want using our templating system. You can mix and match the default code with your custom code, allowing you to selectively override the default templates. See the Tutorial for creating a derived theme.

A Hubzilla theme itself can contain predefined variants/flavours, called schemes. See AdminLTE and LCARS for examples of themes containing schemes.

Hubzilla themes have a light and a dark mode. The interface allows to switch between them at any time.

Some Hubzilla themes allow to define parameters on the instance level, which can again be overwritten on the user level. There are hardly any limits for such parameters. Examples of customizable parameters are "default to dark mode"; the background color and the background image (separately for the light and the dark mode); if the background image should be tiled or not; or if a collapsable sidebar should be collapsed or not.

An example for a customized functionality is the HQ tour, which is part of the AdminLTE theme.

Some of the existing Hubzilla themes are listed here. Everybody is invited to develop their own themes. We would be happy to hear from your achievements. A big shout-out goes to @Utsukta Themes, who lead the way in modern Hubzilla theme developping.

(Ping @Third spruce tree on the left and @R F who dream here and here of Mastodon being more customizable. We hope that your wish will come true one day.


fedicat@fedicat@pc.cafe boosted:
@mike@flipboard.social (2026-05-22 08:45:01)
Hello fediverse!
---Attachments---
image: https://m-cdn.flipboard.social/media_attachments/files/116/615/220/562/101/686/original/a9dc99f61d12d5af.png


fedicat@fedicat@pc.cafe (2026-05-22 09:26:48)
reviving some code that displays neodb media graphics
---Attachments---
image: https://cdn.masto.host/pccafe/media_attachments/files/116/615/388/037/040/872/original/4c2af174b2825706.jpeg


fedicat@fedicat@pc.cafe boosted:
@Gargron@mastodon.social (2026-05-22 04:27:04)
When I was growing up, we had operating systems that exposed a lot of the technical details about their inner workings, and websites that let us use code to customize them, like MySpace and Geocities. UX designers in tech have since optimized away most of the stuff that allowed and encouraged people to learn to use technology and now people get confused by files and browser tabs. And as the knowledge shrinks, more and more things have to be simplified away. I only ever see it as a one way road.


fedicat@fedicat@pc.cafe (2026-05-22 08:30:22)
now that I no longer display link preview images that have no alt text on the assumption they're mostly utterly useless anyway, I realize they are pretty nice in neodb posts


fedicat@fedicat@pc.cafe boosted:
@julian@activitypub.space (2026-05-22 05:20:21)
Started working on bringing ActivityPub Polls to NodeBB :clipboard:


First step is adding in separate handling of the Question object. Right now NodeBB treats it as a "Note-like" and renders it like a post :smile:  50% of the way there... will need to link it to nodebb-plugin-poll...


One complication... the plugin ties votes to users. This data isn't reflected over-the-wire in AP, only the aggregate voter counts are shared :thinking_face: [...]


https://github.com/NodeBB/nodebb-plugin-poll/pull/157


fedicat@fedicat@pc.cafe boosted:
@grishka@mastodon.social (2026-05-22 07:15:27)
I did it. #Smithereen 1.0 is officially out now. Only took me 6.5 years from an idea to something I can proudly call a stable release.
---Attachments---
image: https://files.mastodon.social/media_attachments/files/116/614/866/422/305/225/original/00a9a8be3d4227b3.png


fedicat@fedicat@pc.cafe (2026-05-22 06:02:01)
my filters are more like an automatic labeling system, and a warning to myself that I'm posting too much about AI


fedicat@fedicat@pc.cafe boosted:
@Thayer@mastodon.social (2026-05-21 20:39:05)
☆☆☆RECRUITING!☆☆☆ 

Mastofam: I'm the exclusive recruiting partner for Oxford University's Bennett Institute for Applied Data Science led by Ben Goldacre and I'm hiring a few roles. I'm keen to hear from Head of Engineering candidates in the £90-95k zone, and senior developers (Python/JS and or devops/infra) in the £80-85k zone. 

Location: remote UK only (+ no visa sponsorship)
Salary: as above, non negotiable

Full details via email >  thayer@team-prime.com


fedicat@fedicat@pc.cafe boosted:
@HolosSocial@mastodon.social (2026-05-22 02:56:36)
I built #HolosSocial for Linux (AppImage and deb files), and it works just fine on my Raspberry Pi.


fedicat@fedicat@pc.cafe boosted:
@ffuentes@mastodon.sdf.org (2026-05-22 02:11:50)
Does anyone’s else use #takesama as client? it works pretty well with this #mastodon instance and #snac


fedicat@fedicat@pc.cafe boosted:
@SymfonyStation@drupal.community (2026-05-21 20:38:55)
Hollo announces: Hollo 0.9.0 is out. https://hollo.social/@hollo/019e451e-f368-70e2-b993-77d01a14a677 #hollo #fediverse #ActivityPub


fedicat@fedicat@pc.cafe boosted:
@smrms@toot.community (2026-05-20 01:58:54)
Anyone else in the fediverse who does fieldwork in #linguistics ? #languages #language #indigenouslanguages #minoritylanguages (if you have suggestions for hashtags that will help me find other field linguists, please add them in a comment to this toot)


fedicat@fedicat@pc.cafe boosted:
@toddsundsted@epiktistes.com (2026-05-21 19:50:48)
Release v3.3.9 of Ktistec continues the security hardening work from recent releases, with further progress on the Mastodon-compatible API.

Of note: all network connections now go through a new Ktistec::Network module. This allows Ktistec to limit the size of HTTP bodies it reads, on both inbound and outbound requests, and ensures it only opens connections to valid remote IP addresses.

Here's the full changelog:

Added

New Mastodon-compatible APIs.
Fixed

Close DNS rebinding window for outbound HTTP requests.
Limit the size of HTTP bodies the server reads.
Sanitize RSS feed output to prevent CDATA breakout.
Destroy all sessions and access tokens on account termination.
Changed

Ensure all GET and POST requests utilize Ktistec::Network.
Process local recipients in-process in inbox/outbox activity processors.
As always, it's worth upgrading for the security fixes!

#ktistec #crystallang #activitypub #fediverse


fedicat@fedicat@pc.cafe boosted:
@atomicpoet@atomicpoet.org (2026-05-20 08:23:04)
This Saturday, I’m speaking at @vanlug about the #Fediverse.

It will be held at Burnaby Public Library during 2PM-4PM.

Want to attend? Here’s where to register:

https://luma.com/ahm1hi2s

#VanLUG


fedicat@fedicat@pc.cafe boosted:
@grunfink@comam.es (2026-05-21 21:00:31)
If what 'split domains' mean is "running #snac in subdomain.example.com but identify as accounts from example.com" then no, it's not supported.

But, you can have snac running from a subdirectory of your main domain (which, as far as I know, no other fediverse implementation does). I.e. you can have your snac root in example.com/social and then you can identify as you@example.com . So you have no unnecessary subdomain just to be you.

Which is what I do for this very domain.

CC: @mms@bsd.cafe


fedicat@fedicat@pc.cafe boosted:
@linguistgoneforeign@mastodon.social (2026-05-12 02:12:05)
I'm very happy to see how my 3-year journey replacing big tech with privacy-oriented, humane platforms is shaping:

Gmail: Tuta and Proton

Google Calendar: Fossify

Google Maps: Organic Maps

Twitter: Mastodon

Facebook, Instagram: Pixelfed

WhatsApp, Telegram: Signal

Android: GrapheneOS

Windows: Linux Mint

It was overwhelming, it took time and research. But I can tell you that another digital experience is possible.

Now I'm thrilled to have devices that belong to ME, like in the old days.

fedicat@fedicat@pc.cafe boosted:
@botkit@hollo.social (2026-05-21 22:20:24)
BotKit security updates: 0.3.3 and 0.4.2
If you use BotKit, update to a patched release now. CVE-2026-42462 affects Fedify's Linked Data Signature handling, and BotKit inherits the exposure through its dependency on Fedify.

The vulnerability allows an attacker to use JSON-LD graph-restructuring features—specifically @graph, @included, and @reverse—to reshape a signed ActivityPub activity without invalidating its Linked Data Signature. This can cause BotKit (via Fedify) to interpret a different ActivityPub object shape than was originally signed. The fix normalizes Linked Data Signature-verified activities against Fedify's local JSON-LD context before interpreting them, and rejects the JSON-LD constructs that enable the attack.

All versions of BotKit up to 0.3.2 (in the 0.3.x branch) and 0.4.1 (in the 0.4.x branch) are affected. Patched releases are 0.3.3 and 0.4.2.

For BotKit 0.4.x, update @fedify/botkit:

npm update @fedify/botkit
yarn upgrade @fedify/botkit
pnpm update @fedify/botkit
bun update @fedify/botkit
deno update @fedify/botkit
For BotKit 0.3.x, update @fedify/botkit:

npm update @fedify/botkit@0.3.3
yarn upgrade @fedify/botkit@0.3.3
pnpm update @fedify/botkit@0.3.3
bun update @fedify/botkit@0.3.3
deno update @fedify/botkit@0.3.3
If you use other BotKit-related packages (e.g., @fedify/botkit-postgres), update them as well. After updating, redeploy.

The CVE ID is CVE-2026-42462. See also fedify-dev/fedify#773 for Fedify's own announcement.

Thanks to @Claire for the report and responsible disclosure.

If anything is unclear, feel free to ask on GitHub Discussions or Matrix.


fedicat@fedicat@pc.cafe boosted:
@jerry@infosec.exchange (2026-05-21 11:06:26)
If you run a mastodon instance, it's time to patch.  Some high severity security 🐜 🐞 🐝 got fixed today.


fedicat@fedicat@pc.cafe boosted:
@impressia@mastodon.social (2026-05-21 13:36:58)
🚀 A new version of Impressia has been released today!

This update fixes the icon color of the delete action and a French wording typo, improves the display of comment counts, introduces the ability to edit statuses, enables triggering place searches by submitting the text field, and enhances the accessibility of the instances page.

All changes were implemented by @pylapp - huge thanks for the great work 🤩


fedicat@fedicat@pc.cafe boosted:
@admin@listodon.com (2026-05-21 11:38:43)
Mastodon updated to 4.5.10! :catodon_silly: 

#MastoAdmin


fedicat@fedicat@pc.cafe boosted:
@box464@mastodon.social (2026-05-21 11:42:48)
My Hollo instance has been updated to 0.9.1 if you wanna take a peek. It's shaking off the early UI look and feel for something more professional. 

A lot of extra configurations that I didn't have time to review or enable, but some of it looks interesting, like more efficient handling of remote media.

https://hollo.box464.social/@hollo464

#FediDev #Hollo #ActivityPub


fedicat@fedicat@pc.cafe boosted:
@hollo464@hollo.box464.social (2026-05-21 11:36:05)
#Hollo updated to 0.9.1 successfully!  :hollo:

https://hollo.box464.social/@hollo464


Reply to @siliconsjang@siliconbeest.sjang.dev
fedicat@fedicat@pc.cafe (2026-05-21 09:34:28)
@siliconsjang I don't think it has a mastodon api?


fedicat@fedicat@pc.cafe (2026-05-21 09:20:47)
I don't know why you'd throw in anti-semitism but not islamophobia

https://joinmastodon.org/covenant


fedicat@fedicat@pc.cafe (2026-05-21 09:10:10)
interesting instance
---Attachments---
image: https://cdn.masto.host/pccafe/media_attachments/files/116/609/660/309/293/119/original/89b86a95c528a698.jpeg

Older Notes