Ivan Vilata i Balaguer | 2 Jan 12:33 2016
Picon
Gravatar

Ann: Colaua, Integrate GNU social conversations in static HTML pages

Hi everyone and a happy new 2016!

I've been developing a small toy project/proof of concept to show GNU
social conversations in static HTML pages by using browser-side
JavaScript.  This is similar to Las Indias' WP-GNU social plugin for
WordPress, with the difference that it applies to completely static HTML
pages and the fetching and rendering of the conversation is left up to
the browser.  Since no server-side code is required at all, HTML pages
may remain static, which makes them amenable to store in distributed or
immutable storage systems like IPFS, ZeroNet or Camlistore.

The project is called [Colaua][] and it's intended as a plugin for the
[Nikola][] static site generator.  The Nikola side isn't developed yet
though, but the JavaScript side can be used on any HTML page regardless
of how it's generated, just by adding three elements and a couple of JS
files, so you may already use it on your pages.

Introductory post:
<https://elvil.net/drupal/en/post/colaua-gnu-social-conversations-in-static-html-pages>

Colaua is released under the public domain and hosted in a [Fossil][]
repository, you may download the code by running:

    $ fossil clone https://elvil.net/fossil/colaua.fossil
    $ mkdir colaua
    $ cd colaua
    $ fossil open ../colaua.fossil

Please test and report any suggestions, thanks!

(Continue reading)

Evert Meulie | 18 Dec 07:59 2015
Picon
Gravatar

insert code into header/footer?

Hi,

How do I add a little piece of code to the header or footer on all pages?

--
Greetings,
    Evert
Michael Vogel | 16 Dec 08:18 2015
Picon
Gravatar

Salmon notifications sometimes return error 400

Hi!

I'm working at the OStatus implementation of Friendica. This
implementation was improved very much in the last versions. But still
there are some problems.

We are sending salmon notifications when we are commenting in a thread.
Mostly they are accepted, but sometimes - especially with quitter.se -
our notifications are answered with the HTTP error 400.

It seems as if this error is generated when the server thinks that we
aren't mention a user on that server or maybe when we are referring to a
post that isn't available on that server.

Is there a difference if we mention a user with an SSL or an non-SSL
link? Or is is normalized before the check?

Can someone tell me how the checks work?

Thanks!

Michael

Stephen Paul Weber | 2 Nov 14:44 2015
Picon
Gravatar

Mailing list must be subscribed to in order to post

Contrary to what is implied by <https://gnu.io/social/resources/> which 
says:

> or send an email to social-discuss@...

--

-- 
Stephen Paul Weber,  <at> singpolyma
See <http://singpolyma.net> for how I prefer to be contacted
edition right joseph

Stephen Paul Weber | 2 Nov 14:42 2015
Picon
Gravatar

Proposal: Federating attachments

After a bunch of testing and code reading, I have discovered that by default 
GNU Social does not federate attachments.  They get added to Atom packets as 
rel="enclosure" links and these links are parsed out by receivers, but they 
do not get added as attachments unless 
$config['attachment']['process_links'] = true;  This config additionally 
controls if URLs in a notice should be scanned for attachment and if URLs in 
a notice should be expanded before being linkified.

Furthermore, they are unlikely to be displayed as attachments unless 
addPlugin('StoreRemoteMedia');

I would like to propose changing the way these things work (I am willing to 
do the code, but would like some feedback before I dig in and write 
something no one wants).

1) I would like to have URLs in notices *always* expanded when linkified.  
     If this is really too much of a burden on some servers I would then 
propose a new config be made seperately to control this, since it has 
nothing to do with attachments.
2) I would like to have explicit enclosures picked up from feeds always 
     processed as attachments.  They are not "maybe attachments", the source 
has intentionally marked them as such and they should be processed as such.
3) In all cases I would like the stored "final url" for a File object to be 
     the last target of a 301 redirect.  302, 303, and 307 can be followed to 
get the headers, but the URL recorded should be up the chain from them 
(since they are temporary redirects and subject to future change).
4) This leaves $config['attachment']['process_links'] = true; controlling 
     only if URLs in locally-posted notices should be scanned for possible 
attachments.  This seems like its intended purpose and the default-off seems 
appropriate.
5) When scanning notice body URLs for attachments, we should define some 
     media types (I propose at least: image/*, audio/*, video/*) to be treated 
as attachments, and use a new Event to allow plugins to determine that any 
given URL they might be able to help handle should be treated as an 
attachment.  All other URLs should *not* be treated as attachments and no 
File object should be saved for them.  Links to random webpages are *not* 
attachments and the data model should not treat them as such.
6) Thumbnails should be generated for attachments we find when doing the 
     process_links step and for rel="enclosure" attachments where possible.
7) All attachments should be shown.  If they do not have a title, show using 
     their URL.  Currently plugins have to hack useless titles in to the data 
model to force attachments to show.  This is because most attachments are 
*not* attachments but are just links from the notice to some webpage.  But 
the above parts should fix this, and thus allow us to show all marked 
attachments as such.
8) The TwitterBridge should import photo tweets as photo attachments, if it 
     does not already.  Thumbnails should be generated for the photo tweets.  
This should not depend on any config.

--

-- 
Stephen Paul Weber,  <at> singpolyma
See <http://singpolyma.net> for how I prefer to be contacted
edition right joseph

Marc Jones | 22 Oct 03:24 2015

FreedomBox Halloween Hack-a-thon

Dear Gnu Social,

The Freedombox development team would like to invite you to our
Halloween Hackathon on October 31st in New York City. We want to make
the Freedombox more social. We would love to talk to you guys about how
to do it right. Plus we have candy.

-Marc

FreedomBox Halloween Hack-a-thon

The FreedomBox Foundation [1][2] is hosting a Halloween hack-a-thon on
Saturday October 31st at the offices of the Software Freedom Law Center
[3] from 10 am to 6 pm, near Lincoln Center in New York City. New and
existing contributors will be getting together to work on our
Debian-based privacy-respecting self-hosting software suite and wireless
router.

Members of the FreedomBox core development team will be on hand to help
new contributors get involved and to get some actual work done! We are
going to be talking about:
* how to use a FreedomBox as a secure home router;
* using existing Debian packages to integrate them into FreedomBoxes;
* integrating in a secure decentralized social network;
* replacing passwords with an integrated authentication system based on PGP;

We live in a world where our use of the network is mediated by
organizations that often do not have our best interests at heart. To
regain control of our privacy, the FreedomBox
(https://wiki.debian.org/FreedomBox/) project is building an integrated
suite of software that does not rely on centralized services. Of course
much of this software already exists. We are hacking, tweaking, and
molding it into a easy to use software suite so everyone can regain
control of their privacy by running a FreedomBox at home.

Bring yourselves, your ideas, your PGP keys, and your Raspberry Pis (or
other device you want to try FreedomBox on!) We will bring the pizza,
over-caffeinated soda, and Halloween candy.

Time: 10:00 am to 6:00 pm, October 31st, 2015
Location: Software Freedom Law Center,
 1995 Broadway, 17th Floor, New York, NY

To let us know you are coming so we can be sure to order enough food and
caffeine email <hackathon at freedomboxfoundation.org>.

[1] FreedomBox Project: https://wiki.debian.org/FreedomBox/
[2] FreedomBox Foundation: http://freedomboxfoundation.org/
[3] Software Freedom Law Center: http://softwarefreedom.org/

--

-- 
Marc Jones
Counsel
Software Freedom Law Center
1995 Broadway, 17th Floor
New York, NY 10023
Tel: 212-461-1919
Fax: 212-580-0898
Email: mjones@...
www.softwarefreedom.org

Attachment (0xAC9364C7.asc): application/pgp-keys, 6439 bytes
Matt Lee | 8 Oct 16:04 2015
Gravatar

Re: status.net

I believe it has been removed when Status.net stopped their operations.

On Thu, Oct 8, 2015 at 9:03 AM,  <raphael.camus@...> wrote:
> Hello,
>
> I had an account https://raphaelcamus.status.net on status.net
> What happened to it ? I no longer need it, so if it has been removed then it
> is fine.
> If not, how can I delete it or at least change my password ?
>
> Thanks
> Raphael Camus

--

-- 
Matt Lee

* Orang-U: An Ape Goes To College <http://orangumovie.com>
* Libre.fm -- a music platform for sharing <http://libre.fm>
* GNU -- a free operating system <http://gnu.org>
* GNU social -- federated social networking <https://gnu.io/social>

Not on vacation, or ignoring you. If you don't hear from me for a few
days, please email me again. See <https://keybase.io/mattl> for
sending me secret cookie recipes.

Ivan Vilata i Balaguer | 5 Oct 13:18 2015
Picon
Gravatar

Security improvement for NginX (and bug tracker registration)

Hi everyone,

I'm attaching a small patch to the sample NginX configuration file to
strengthen it a little bit against PHP files uploaded to
application-writable directories, to avoid e.g. a user attaching a PHP
file which could be run with installation user permissions.  Maybe GNU
social already has some built-in checks for this, I don't know.

I tried to open a bug/feature request for this in the
[Phabricator](https://bugz.foocorp.net/), but registration address
validation emails seem to not be sent (I've tried several times on
different days, checked the spam folder and the receiving server mail
logs, but no trace).

Cheers,
--

-- 
Ivan Vilata i Balaguer -- https://elvil.net/
J.M. van Ham | 8 Jul 10:49 2015
Picon

confirmation

Hello there,
Letter of FSF of june 21st 2015 has been received on july 7th.
Enjoy,
Joep van Ham

W.Sadowski | 24 Jun 12:59 2015
Picon

unsubsribe



2015-06-24 12:45 GMT+02:00 Melvin Carvalho <melvincarvalho <at> gmail.com>:


On 10 June 2015 at 13:32, Wouter Miltenburg <wouter.miltenburg-B7ZOObYzTCQ@public.gmane.org> wrote:
Hi all,

I am a student and currently doing research in decentralised social
networks. For my research I've some questions about GNU social and I
hope the mailing list is the appropriate place for these questions.

You may be interested in :

https://linkeddata.github.io/SoLiD/

It's a new social decentralization protocol developed over 20 years at Tim Berners-Lee's lab at MIT.  It tries to invent very little, and just use existing web standards that are put together in a certain way to achieve decentralization.

I've run GNU social in the past, but now I've implemented this, and am very pleased with the results.

There is also a social web working group at the W3C which is hoping to standardize decentralized interaction between social networks.  GNU Social and SoLiD are two of the inputs, tho I think it is slightly behind on its deliverables.
 

The most important question about GNU-social is its current status. On
Wikipedia it is noted that 1.1.2 is still an Alpha release and that
1.1.1 is the stable release. Let's assume that 1.1.1 is the current
stable release and 1.1.2 is the "future" of GNU social. What will be the
aim for GNU-social and how is privacy dealt with? With other
implementations like Friendica/RedMatrix effort was put in the privacy
of the users. That's why I was wondering what GNU-social will provide
for it's users. Will private/direct messages be encrypted in some form
(or do we rely on SSL/TLS if supported by the other end)?

Will there be more advancements in federation support between different
nodes? As far as I can see you can only message someone directly, from
another node, when he/she is added to a group. Couldn't find the option
to directly post to someone's "wall" when I visited his/her profile.
More like the idea how Friendica/RedMatrix support seamless "roaming" of
the profiles across nodes.

What kind of advancements will be made to the user's profile? Will
support be added to share your photos and conveniently access it from
one place for example.

How is performance and scalability be dealt with? Do we currently queue
the messages and remove them if a node is considered "death" or when a
user's profile is removed? Do we synchronise information every once in a
while? How is consistency guaranteed when a node was down for
maintenance and we want to keep information synchronised. Is there some
kind of polling mechanism.

If this isn't the appropriate place to discuss this please let me know.
Although this information might be useful to be put in a document or
something (i.e. FAQ).

With kind regards,
Wouter Miltenburg.



Wouter Miltenburg | 10 Jun 13:32 2015
Picon

GNU-social features

Hi all,

I am a student and currently doing research in decentralised social
networks. For my research I've some questions about GNU social and I
hope the mailing list is the appropriate place for these questions.

The most important question about GNU-social is its current status. On
Wikipedia it is noted that 1.1.2 is still an Alpha release and that
1.1.1 is the stable release. Let's assume that 1.1.1 is the current
stable release and 1.1.2 is the "future" of GNU social. What will be the
aim for GNU-social and how is privacy dealt with? With other
implementations like Friendica/RedMatrix effort was put in the privacy
of the users. That's why I was wondering what GNU-social will provide
for it's users. Will private/direct messages be encrypted in some form
(or do we rely on SSL/TLS if supported by the other end)?

Will there be more advancements in federation support between different
nodes? As far as I can see you can only message someone directly, from
another node, when he/she is added to a group. Couldn't find the option
to directly post to someone's "wall" when I visited his/her profile.
More like the idea how Friendica/RedMatrix support seamless "roaming" of
the profiles across nodes.

What kind of advancements will be made to the user's profile? Will
support be added to share your photos and conveniently access it from
one place for example.

How is performance and scalability be dealt with? Do we currently queue
the messages and remove them if a node is considered "death" or when a
user's profile is removed? Do we synchronise information every once in a
while? How is consistency guaranteed when a node was down for
maintenance and we want to keep information synchronised. Is there some
kind of polling mechanism.

If this isn't the appropriate place to discuss this please let me know.
Although this information might be useful to be put in a document or
something (i.e. FAQ).

With kind regards,
Wouter Miltenburg.


Gmane