This is a recent talk that captures the main goal of why we are developing Commonshub. The world needs and wants a healthy alternative to toxic centralized social media and it exists but not enough people know about it. That will change if more organizations and or individual creators setup up their own communities and invite people to join. Exactly what Commonshub is designed for...

https://watch.2mr.social/w/k3ngQ8Xr3ANRXe6D8YGP4Y

https://thecommonshub.com

#mastodon #fediverse #activitypub #opensocialweb

As I migrate away from big tech and towards independent solutions and in particular services powered by OpenStreetMaps and ActivityPub, I often find that the biggest missing piece remaining is that of a social element allowing for user reviews and feedback to locations on the map—in the intersection between the two services.

I have been playing with the idea of how this could be implemented, and decided would share my thoughts on a technically minimal and entirely federated standard for OSM reviews. The idea is to have a very basic ActivityPub integration that can work with even simple (microblog style) messages, allowing users to contribute reviews without having to sign up for additional services or necessarily install custom software.

The standard: Hashtags and OSM IDs

I propose a standard review format for microblogs based on a simple format:

[free_text] [optional_score] #OSMR #[OSM_ID]  

For example, a review of a café could look as follows:

Café In has delicious coffee and friendly staff. I would recommend it to anyone! 10/10 #OSMR #13042772401

The content that shows up first is free text, and could be anything. The score does not necessarily have to be standardized, as long as it takes the form of a fraction: It would be easy for any client to parse valid fractions and calculate average scores along any given scale. The hashtags enable the scores to be federated to any service seeking to make use of the reviews.

Federation of reviews

On the receiving end, platforms seeking to aggregate reviews would observe the #OSMR hashtag (OpenStreetMapsReviews - anything else would of course work as well) and parse posts containing a single valid OSM ID in a separate hashtag. Users should be encouraged to enable tags.pub in able to facilitate federation of their reviewss, and the receiving server of course also needs to make use of this service.

A challenge with Mastodon-style federation would be that reviews would not be retroactively collected: While this system would allow any service to collect federated reviews, I am not aware of any useful way of filling any existing backlog of reviews.

Once an ActivityPub instance is set up, subscribed to tags.pub, and receiving incoming reviews, it should however be relatively achievable to collect these reviews and connect them to nodes in various mapping applications. At least it seems to me this would be the least complicated way to implement federated reviews into OSM, and it would allow for a lot of flexibility for different implementations along every step of the way.

Moderation would be a challenge, as servers gathering user reviews would have to be able to provide some sort of guarantee against abusive or broken content. Mastodons upcoming shared block lists could be beneficial in this regard.

The types of posts visible - ranging from microblogs to pictures, blog posts, and peertube videos, would of course be up to the implementation in each app choosing to draw on these reviews.

Enabling user reviews

One challenge is for maps and apps to be able to display reviews, another is of course enabling people to write them in the standardized format. Writing these reviews would not currently be an intuitive process as OSM IDs tend to be hidden from users.

Ideally, map apps such that would benefit from showing reviews, such as CoMaps, OsmAnd, OrganicMaps, and MagicEarth, would allow users to sign in using Fediverse accounts and post reviews directly from these apps. A less ambitious implementation would be some sort of “share on the Fediverse” functionality, copying the two necessary hash-tags to the clipboard with a set of instructions for leaving federated reviews.

Establishments would be able to encourage customers to leave reviews on Mastodon directly using the share button, for example:

Leave us a review on Mastodon!

UX facing users on the fediverse

A shortcoming I see with this approach is that the hashtag for the OSM ID would not mean much (or anything at all) for the average fediverse user. In the best case scenario it would lead to posts reviewing the same establishment, in the worst case scenario it would be completely confusing for human readers. Perhaps if the standard caught on these posts could be recognized by federated clients to display OSM metadata for the relevant node, but this might be in poor taste vis-a-vis the implementation of ActivityPub. Some form of attachment providing node information would solve this problem, but would make the solution more technically complex and possibly break with the decentralized nature of this proposal.

Conserns raised in the comments

• “One Problem I see with using the OSM ID is that this is not necessary stable over time. For example switching the representation from a node to a way will change the OSM ID and also the OSM Ids are reused when objects are deleted so you could end up with reviews from other places mixed in.” — @felixcremer@fediscience.org (direct link)

As I am not a developer I don’t have the opportunity to implement this myself, and I realize this might be unhelpful day dreaming. On the other hand I believe this is one of the key missing elements of the Fediverse at the moment, and I think a standard along the lines of what is proposed here would be a powerful tool for both users and app developers. Sometimes I just miss having a way of recommending a great restaurant in a way people online could possibly benefit from without having to use big tech services. Even a minimal recognition of a standard such as this would provide a fruitful starting point to that effect.

I would love to hear opinions whether this would be feasible, whether alternative approaches are being explored already, and just general thoughts and comments!

Run your own decentralized social platform on shared hosting or a tiny VPS WITHOUT Redis, PostgreSQL, or complex infrastructure.

What it makes so special to me? It looks awesome, comes with a great admin web interface and does not require a VPS instance where it can also be operated on a cheap shared hosting systems. By the given requirements, it also easily runs on a #RaspberryPI and all kind of systems, including #FreeBSD, #OpenBSD, #Illumos and more!

This all makes it perfect to everyone and even beginners to run their own instance. With relay support (e.g., fedi-relay.gyptazy.com) it even can consume and post content over non-directly connected instances in the #fediworld!

Kudos to the author of Starling: @df@s.dfaria.eu

More information:
GitHub project: https://github.com/dfaria-eu/Starling
My blog post: https://gyptazy.com/blog/starling-simple-fediverse-server/

#fedi #fediwall #opensource #decentralized #social #socialmedia #alternatives #mastodon

Alt...

Starling as a Fediverse/ActivityPub Server

It sucks to love #matrix and #ActivityPub so much but struggle so hard to get people to use them.

The first is the solution for messaging, voice and video chats and groups. The latter solves our struggles with social media, and ultimately the democratization of all media attention.

Please just use and help develop them.

Most people know about messages, photos and videos on the #Fediverse. But the #ActivityPub protocol actually defines several object types, each one distinct and more or less compatible across apps:

- Note: short post (Mastodon)
- Article / Page: long text or shared link (WriteFreely, Lemmy)
- Image (Pixelfed)
- Video (PeerTube)
- Audio (Funkwhale)
- Event with date and place (Mobilizon)

(1/4)

#Fedilab #HolosSocial

Multi-device support is progressing well for #HolosSocial. The tricky part: each device runs its own #ActivityPub server, with its own local data, signing its own activities. Keeping several servers in sync both ways, without duplicating everything, without losing actions on the way, and without two of them handling the same activity at the same time, was the main problem to solve. It also had to stay reliable when a device goes offline for hours or days.
(1/3)

Plusieurs ajouts importants dans la dernière mise à jour

- 📅 Les flux ics par profil sont en place, permettant de synchroniser son compte #mobilizon pour poursuivre la collaboration entre les deux projets (prochaine étape: alimenter son profil avec #mobilizon

- 📅 Les évènements peuvent être partagés par email, avec ICS en attachement pour ajouter au calendrier

Objectif: augmenter la portée de vos évènements, offrir de nouveaux outils de #diffusion, et supporter #activitypub 🔥🔥🔥

#Loops Beta 12 is the biggest release yet, featuring #StarterKits compatible with #Mastodon, Curated #Onboarding for community moderation, and Studio #Analytics for #creators. It also includes #multiaccount support, video embeds, and several other new features and improvements. https://blog.joinloops.org/loops-beta-12-is-here/ https://blog.joinloops.org/loops-beta-12-is-here/?eicker.media #media #socialmedia #fediverse #activitypub

»Loops Beta 12 Is Here« https://blog.joinloops.org/loops-beta-12-is-here/?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News

The Fediverse is so cool. The interoperability of ActivityPub rewards you from browsing other instances, creating server-side and personal connections differently from how we were taught to browse the social web.
At the moment I'm trying to figure out the most optimal way share content around the Fediverse, from Peertube to Mastodon in particular. How it works is kind of weird.

#Fediverse #ActivityPub #Peertube #Mastodon #Interoperability #SocialWeb #Federation #Federated #FederatedSocialWeb

This is cool as hell! https://ieeexplore.ieee.org/document/10361296 #ActivityPub #IOT #UPOD

#HolosSocial isn't bringing something new to the #Fediverse, especially not to #ActivityPub. It builds on what exists, without mimicking any platform.
Every social network has been given its fediverse clone. Asking people to hold a separate account on each is taking the problem backwards.
If the fediverse keeps mirroring the GAFAM, it loses. The point was never to rebuild their world, but to offer something else: one identity across every content.
HolosSocial is simply a try. But we can do it.

FEP-fe34 (Origin-based security model) update : https://codeberg.org/fediverse/fep/pulls/849

I tried to better explain the assumptions on which the model is based, and clarified how exactly origins should enforce boundaries between actors:

Servers MUST ensure that activities published by a client do not represent unauthorized actions. This includes activities embedded within other activities and objects.

Servers MUST NOT allow clients to publish activities where embedded objects are owned by another actor.

Lemmy API and Mastodon API implementers don't have to worry about this, but one needs to be very careful when accepting arbitrary payloads from clients, for example, when implementing ActivityPub C2S API or FEP-ae97 API. Unfortunately, these security issues are completely ignored by people who push for wide deployment of ActivityPub C2S API.

Another addition is the recommendation to not use partially embedded objects, because that might lead to cache poisoning:

Embedded non-anonymous objects SHOULD NOT be partial representations. A server that relies on embedding for authentication might save a partial representation of an object to the cache, replacing the full object.

(see this issue for details: https://codeberg.org/silverpill/feps/issues/21)

#fep_fe34 #activitypub

#Starling is a lightweight #PHP #fediverse server you can install by just copying files over FTP to a shared host. No PostgreSQL, no workers, no DevOps. Owning your data with #ActivityPub can be much simpler than with #ATProtocol. Have you tried it?
https://github.com/dfaria-eu/Starling

Week in Fediverse 2026-05-22

Servers

- Gush! v0.0.37
- Stegodon v1.8.5
- Iceshrimp.NET v2026.1.1-beta
- Iceshrimp v2026.5.1
- Hollo v0.9.0
- Mastodon v4.5.10
- PeerTube v8.1.6
- Sharkey v2025.4.7
- Hubzilla v11.2.1
- Friendica v2026.05
- Ktistec v3.3.9
- Smithereen v1.0.0
- Vernissage Server v1.38.0
- ActivityPub for WordPress v8.3.0
- Misskey v2026.5.4
- tootik v0.22.2
- NeoDB v0.14.4
- Open beta testing for Lemmy 1.0.0
- Trunk & Tidbits, April 2026
- XMPP/ActivityPub Bridge: Chat between XMPP and the Fediverse
- Cookifed: A free and federated recipes management app and cooking social network

Clients

- Nicolium v0.3.0
- Fedilab v3.40.1
- Aria v1.5.1
- Blorp v1.14.0
- Impressia v3.2.0
- Holos v1.6.0

Tools and Plugins

- Analytodon: Analytics for Mastodon

For developers

- Fedify v2.2.3
- BotKit v0.4.2

Protocol

- Basic Profile for Social API Servers
- FEP-baf5: Administrator Collection

Articles

- the may 2026 fedi software vulnerability
- Never Lose a Toot Again: Full-Text Search for Your Mastodon Feed

-----

#WeekInFediverse #Fediverse #ActivityPub

Previous edition: https://mitra.social/objects/019e2d21-c15d-7653-a6d5-f476dcc0559d

Technically Good continues a series: Alternatives Pt. II - Social Networking. https://technically-good.ca/blog/alternatives-pt-ii-social-networking/ #fediverse #atmosphere #ActivityPub #ATProto
A good one to share with a newbie or a friend you want to free from Techno Feudalism.

Started working on bringing ActivityPub Polls to NodeBB

First step is adding in separate handling of the Question object. Right now NodeBB treats it as a "Note-like" and renders it like a post 50% of the way there... will need to link it to nodebb-plugin-poll...

One complication... the plugin ties votes to users. This data isn't reflected over-the-wire in AP, only the aggregate voter counts are shared [...]

https://github.com/NodeBB/nodebb-plugin-poll/pull/157

In a few days — perhaps in about a week — you’ll hear how all these Mastodon sites were hacked.

Why?

Because they didn’t update.

Some of you are running copies of Mastodon from two years ago or more, and you’ll still wonder why. 🤦

#Mastodon #Fediverse #ActivityPub

Hollo announces: Hollo 0.9.0 is out. https://hollo.social/@hollo/019e451e-f368-70e2-b993-77d01a14a677 #hollo #fediverse #ActivityPub

#Wanderer is a very nice project, but it is currently too raw to use. The last two releases just broke everything, and even a clean setup doesn't help. I'll follow the repository, but shut down my instance for now.

https://github.com/open-wanderer/wanderer

#SelfHosted #SelfHosting #SelfHost #homelab #ActivityPub #hiking

My Hollo instance has been updated to 0.9.1 if you wanna take a peek. It's shaking off the early UI look and feel for something more professional.

A lot of extra configurations that I didn't have time to review or enable, but some of it looks interesting, like more efficient handling of remote media.

https://hollo.box464.social/@hollo464

#FediDev #Hollo #ActivityPub

#Fediverse #ActivityPub #Snac2 #snac

- https://github.com/mastodon/mastodon/releases/tag/v4.5.10
- https://hollo.social/@fedify/019e4675-05bc-7725-bcf4-aa51d6af70a0
- https://shrimp.meow.company/notes/amhmis327j0wve4w
- https://shrimp.meow.company/notes/amhmiqtsbwgmt158
- https://activitypub.software/TransFem-org/Sharkey/-/releases/2025.4.7
- https://hubzilla.org/item/53f3509f-d63d-494c-a431-ac84df9c6a57
- https://w.on-t.work/activitypub/may-2026-vulnerability

>Fix Linked-Data Signature bypass through JSON-LD graph restructuring features

JSON-LD adds nothing to Fediverse except bugs and security vulnerabilities.

Of course, there is an alternative to Linked Data signatures that doesn't require Linked Data, much simpler and more secure:

FEP-8b32: Object Integrity Proofs

#activityPub #fedidev

Here is my work-in-progress FEP for using JSON Resume with ActivityPub:

FEP-6158: ActivityPub 'Resume' Object: JSON Resume expressed as JSON-LD

https://codeberg.org/reiver/fep/src/branch/fep-6158/fep/6158/fep-6158.md

I prefer to write for clarity, so it still needs work.

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD #JSONResume #fep6158 #fep_6158

@hollo releases a new major version update, 0.90. Too many changes to hit in a single post! Skimming, the most notable to users will be the switch from Pico CSS (my weekend hobbyist fave) to Uno CSS. At least in screenshots, the new UI is taking on a polished look.

Planning to upgrade, but need to review this a bit more before flipping the switch.

https://github.com/fedify-dev/hollo/discussions/496

#FediDev #ActivityPub

My personal desire would be to create a format from scratch (because you are in control, you get something bespoke to your needs, and it is personally satisfying), but —

I think there is probably an advantage to using something (such as JSON resume) that already has wide adoption.

I guess that makes me inclined towards the latter.

...

So, if I go that way, I would have to decide: plain JSON or JSON-LD.

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD #JSONresume

I may have written a JSON-LD schema for JSON Resume.

It is defined in terms of ActivityPub.
For example:

'Resume' is a sub-type of an ActivityPub 'Object'. There are some new fields defined. Etc.

...

Now the question is — where do I put it?

Do I create a pull-request to the JSON Resume resume-schema repo?

Do I create a FEP?

Do I put it somewhere else?

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD #JSONresume

Loops Playlists will soon federate!

They will likely only be compatible with other Loops servers as we're using a new type of OrderedCollection.

#Loops #ActivityPub #LoopsPlaylists

Alt...

Loops Playlists feature

How to Host Your Own #Mastodon Server on a #VPS (5 Minute Quick-Start Guide)

This article provides a guide for how to host your own Mastodon server on a VPS.

Running your own Mastodon server on a VPS is an excellent way to enjoy an efficient and secure Mastodon experience.
What is Mastodon?
Mastodon is a #decentralized social media platform that enables users to post ...
Continued 👉 https://blog.radwebhosting.com/how-to-host-your-own-mastodon-server-on-a-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #selfhosting #activitypub #installguide #rubygems #selfhosted #rubyonrails

RE: https://mastodon.social/@reiver/116597879302607072

More on a resume / CV on the Fediverse on Social Web.

Another option could be to use something like "JSON resume":

https://jsonresume.org/

https://github.com/jsonresume/resume-schema/blob/master/job-schema.json

It seems to be popular.

It isn't JSON-LD. Although I think it would be straightforward to translate it to JSON-LD, if that was desired.

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD #JSONresume

fedicat boosted

@reiver ⊼ (Charles) » 🌐 2026-05-18
@reiver@mastodon.social

RE: https://mastodon.social/@reiver/116597841178183282

There is also the other question of — would the resume / CV be JSON-LD.

On one hand, if it was in JSON-LD, it would make it machine-legible similar to ActivityPub.

On the other hand, I don't think anyone is going to write JSON-LD (especially HTML embedded in a JSON string value) by hand. But, I do think some people will want to write their resume by hand.

It feels like user-experience is fighting with JSON-LD based machine-legibility.

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD

RE: https://mastodon.social/@reiver/116597841178183282

There is also the other question of — would the resume / CV be JSON-LD.

On one hand, if it was in JSON-LD, it would make it machine-legible similar to ActivityPub.

On the other hand, I don't think anyone is going to write JSON-LD (especially HTML embedded in a JSON string value) by hand. But, I do think some people will want to write their resume by hand.

It feels like user-experience is fighting with JSON-LD based machine-legibility.

#ActivityPub #ActivityStreams #FediDev #ProToGo #JSONLD

For the #ActivityPubAPI, we need a profile of OAuth to use for accessing the actor's data. There's a suggested flow here:

https://github.com/swicg/activitypub-api/blob/main/OAuth%202.0%20for%20ActivityPub%20Activity%20Diagram.png

There's an example client here:

https://swicg.github.io/activitypub-api/examples/oauth/index.html

It tries discovery via RFC 8414 or getting the endpoints straight from the actor.

It then provisions a client ID using CIMD, FEP d8c2, or DCR (in that order).

It then tries to do an authorization code flow.

I'm interested in seeing it tested with more ActivityPub API servers.

#ActivityPub

I've been working on improving Loops federation in preparation to reuse it and it's powerful builder/handler/validation pattern for Pixelfed!

This will solve many federation issues in Pixelfed, like missing comment threading, mentions, blocks and unblocks and much more.

Then I will abstract it into a reusable Laravel package, so any laravel project can easily add federation support in minutes

I also submitted a NLnet grant application for this 🤞

https://github.com/dansup/laravel-activitypub

#ActivityPub #Laravel

@publicspaces will have a pre-conference unconference on June 4th.

This unconference is an open invitation to discuss & forge relationships between people involved with the #OpenSocialWeb. From app builder & protocol architects to advocates, sysadmins, moderators, community organisers & more. Let's forge bonds across cultures, protocols & apps!

Admission free, registration required:
https://tickets.publicspaces.net/publicspaces/pubconf2026/

#ActivityPub #Fediverse #ATProto #Matrix #OpenSource #PublicSpaces #PubConf2026

Week in Fediverse 2026-05-15

Servers

- PieFed v1.6.23
- Hollo v0.8.3
- Ktistec v3.3.8
- Wafrn v2026.05.01
- snac v2.92
- Mitra v5.3.0
- Iceshrimp v2026.4.2
- Hollo v0.8.4
- Vernissage v1.37.0
- Bonfire v1.0.3
- Hometown v1.2.1
- tootik v0.22.1
- NeoDB v0.14.2
- NodeBB v4.11.3
- PieFed v1.6.23
- Wanderer v0.19.0
- Aktor: A headless, Mastodon-compatible ActivityPub server

Clients

- FediLab v3.40.0
- tooi v0.25.0
- Holos v1.5.6
- Phanpy changelog
- lemmy-tray: Read lemmy posts in system tray

Tools and Plugins

- FediFetcher v7.1.18
- slurp v1.1.1

For developers

- BotKit v0.4.1
- APx v0.24.0

Articles

- There Are a Million Fediverses. Some of Them Are Louder than Others

-----

#WeekInFediverse #Fediverse #ActivityPub

Previous edition: https://mitra.social/objects/019e0915-d395-7e60-aad7-f2f1a354264a

So #Vine is coming back, this time as #DiVine!
Does anyone know anyone who can get me an invite code? I want in!
The App is coming back with no #AI allowed, and will allow people to own their own content.

For the geeks: it's built on the #OpenSocial protocol #Nostr, and apparently they're experimenting with integrating the #ATProtocol, future integration with #ActivityPub, the protocol behind #Mastodon and #Flipboard.
https://www.youtube.com/watch?v=zUGnNIh60-0

#Holos is a new social network working with #ActivityPub. This is not an app where you can connect your Mastodon, Pixelfed or PeerTube account.
There is no web version and no API because the ActivityPub server runs on the device itself. That's the whole challenge behind this project.
If there is more engagement, I plan to build a desktop version and even sync between different devices.

The official account for all announcements is @HolosSocial

More: https://holos.social/how-it-works

#HolosSocial

#snac2 #fediverse #frugalfediverse

#Loops has entered #beta with #ActivityPub support, allowing users to connect with creators across the #fediverse. This means users can follow and interact with creators on platforms like #Mastodon and #Pixelfed, and vice versa. Loops has implemented several technical features to ensure smooth federation, including a shared inbox, HTTP signatures, and smart content representation. https://blog.joinloops.org/loops-joins-the-fediverse/?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News

Hashtag following also allow URLs to RSS feeds of ActivityPub objects (like e.g. https://mastodon.social/tags/ThankYouTuesday).

Users can now configure a webhook to receive an HTTP POST for every notification. This can be useful for implementing bots that react to activities, like autorepliers, chatbots or interactive textual games (see snac(1) for more information).

The number of pending follow confirmations is shown next to the "people" link.

Faster performance metrics (contributed by dandelions).

Improved lowercasing in hashtags (contributed by postscriptum).

A search-by-url tweak for implementations that return 200 for invalid webfinger queries (e.g. piefed).

Mastodon API: added follow confirmation endpoints, fixed collisions in attachment file names.

Fixed potential crashes in attachment uploads.

https://comam.es/what-is-snac

If you find #snac useful, please consider buying grunfink a coffee or contributing via LiberaPay.

#snacAnnounces #FrugalFediverse

Notifications are now shown in a more compact way (i.e. all reactions are shown just above your post, instead of repeating the post ad nauseam for every reaction).

New command-line option unmute to, well, no-longer-mute an actor.

The private timeline now includes an approximate mark between new posts and "already seen" ones.

Fixed a spurious 404 error in the instance root URL for some configurations.

https://comam.es/what-is-snac

If you find #snac useful, please consider contributing via LiberaPay: https://liberapay.com/grunfink/

#snacAnnounces

This release has been inspired by the song The Answers to the Questions by #Christabell and #DavidLynch.