“hongminhee” — Fediverse search results on home.social

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-24 · 07:28 UTC

A couple days ago, I got a DM from a #Bonfire user. I happily replied and sent a follow request—but the Accept never came back, even though they hadn't enabled manuallyApprovesFollowers. My DM reply probably never arrived either. Classic interop bug.

I checked out the Bonfire source and dug in. Turns out Bonfire hasn't implemented RFC 9421 yet, so it was silently discarding any activity signed with it. That alone would be workable, except for one more issue: Bonfire was responding 200 OK even when signature verification failed, instead of 401 Unauthorized.

This matters because Fedify implements a double-knocking mechanism—if a request signed with RFC 9421 fails, it retries with the older draft cavage signature. But since Bonfire returned 200 OK on the failed first knock, #Fedify had no reason to send a second one.

I filed two issues on the Bonfire #ActivityPub repo—one requesting RFC 9421 support, and one about returning 401 on invalid signatures. For the latter, I also sent a PR, which got merged pretty quickly: bonfire-networks/activity_pub#9.

That said, individual Bonfire instances won't pick up the fix until they actually deploy it. So in the meantime, I patched Hollo and Hackers' Pub to use draft-cavage-http-signatures-12 as the firstKnock, so Bonfire instances can at least understand the first request.

One last thing: Fedify caches whether a given server supports RFC 9421, and the Bonfire servers I'd already talked to were cached as “supports RFC 9421”—because they'd been returning 200 OK. I had to manually clear that cache on both hollo.social and hackers.pub before everything finally worked.

After all that, the mutual follow went through and my DM reply landed. Worth it.

#fedidev #fediverse #Hollo #HackersPub

#hollo #fedify #bonfire #fedidev #fediverse #hackerspub

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-22 · 19:51 UTC

Hi #fediverse and #ActivityPub developers!

I'm currently working on interoperability testing for #Hollo and #Fedify, and I need a #Bonfire account to test federation with their implementation.

Since there aren't many open public Bonfire instances available, I was wondering if any Bonfire instance admins out there would be willing to grant me a test account? It would be a huge help for improving interop! Let me know if you can help. Thanks!

#fedidev #BonfireNetworks

#hollo #fedify #bonfire #fedidev #fediverse #activitypub

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-09 · 22:26 UTC

Did you know there's a community space for #Fedify, #Hollo, #BotKit, and other Fedify ecosystem projects?

Whether you have questions, want to share what you're building, or just want to hang out with fellow fediverse developers—come join us!

Matrix: #fedify:matrix.org
Discord

#hollo #botkit #fedify

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-09 · 22:26 UTC

Did you know there's a community space for #Fedify, #Hollo, #BotKit, and other Fedify ecosystem projects?

Whether you have questions, want to share what you're building, or just want to hang out with fellow fediverse developers—come join us!

Matrix: #fedify:matrix.org
Discord

#hollo #botkit #fedify

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-09 · 22:26 UTC

Did you know there's a community space for #Fedify, #Hollo, #BotKit, and other Fedify ecosystem projects?

Whether you have questions, want to share what you're building, or just want to hang out with fellow fediverse developers—come join us!

Matrix: #fedify:matrix.org
Discord

#hollo #botkit #fedify

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-09 · 22:26 UTC

Did you know there's a community space for #Fedify, #Hollo, #BotKit, and other Fedify ecosystem projects?

Whether you have questions, want to share what you're building, or just want to hang out with fellow fediverse developers—come join us!

Matrix: #fedify:matrix.org
Discord

#fedify #botkit #hollo

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-09 · 22:26 UTC

Did you know there's a community space for #Fedify, #Hollo, #BotKit, and other Fedify ecosystem projects?

Whether you have questions, want to share what you're building, or just want to hang out with fellow fediverse developers—come join us!

Matrix: #fedify:matrix.org
Discord

#hollo #botkit #fedify

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-07 · 16:07 UTC

I have deeply mixed feelings about #ActivityPub's adoption of JSON-LD, as someone who's spent way too long dealing with it while building #Fedify.

Part of me wishes it had never happened. A lot of developers jump into ActivityPub development without really understanding JSON-LD, and honestly, can you blame them? The result is a growing number of implementations producing technically invalid JSON-LD. It works, sort of, because everyone's just pattern-matching against what Mastodon does, but it's not correct. And even developers who do take the time to understand JSON-LD often end up hardcoding their documents anyway, because proper JSON-LD processor libraries simply don't exist for many languages. No safety net, no validation, just vibes and hoping you got the @context right. Naturally, mistakes creep in.

But then the other part of me thinks: well, we're stuck with JSON-LD now. There's no going back. So wouldn't it be nice if people actually used it properly? Process the documents, normalize them, do the compaction and expansion dance the way the spec intended. That's what Fedify does.

Here's the part that really gets to me, though. Because Fedify actually processes JSON-LD correctly, it's more likely to break when talking to implementations that produce malformed documents. From the end user's perspective, Fedify looks like the fragile one. “Why can't I follow this person?” Well, because their server is emitting garbage JSON-LD that happens to work with implementations that just treat it as a regular JSON blob. Every time I get one of these bug reports, I feel a certain injustice. Like being the only person in the group project who actually read the assignment.

To be fair, there are real practical reasons why most people don't bother with proper JSON-LD processing. Implementing a full processor is genuinely a lot of work. It leans on the entire Linked Data stack, which is bigger than most people expect going in. And the performance cost isn't trivial either. Fedify uses some tricks to keep things fast, and I'll be honest, that code isn't my proudest work.

Anyway, none of this is going anywhere. Just me grumbling into the void. If you're building an ActivityPub implementation, maybe consider using a JSON-LD processor if one's available for your language. And if you're not going to, at least test your output against implementations that do.

#JSONLD #fedidev

#fedify #jsonld #fedidev #activitypub

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-02-05 · 15:25 UTC

@reiver, is #FediCon going to be held in #Vancouver again this year?

#fedicon #vancouver

洪民憙 (Hong Minhee) :nonbinary: @[email protected] · 2026-01-06 · 03:03 UTC

Why #Markdown's emphasis syntax (**) fails outside of Western languages: A deep dive into #CommonMark's “delimiter run” flaws and their impact on #CJK users.