- patch-ap-inbox-delivery-debug: two fixes for diagnosing missing inbound
AP interactions (likes, boosts, replies not appearing in notifications)
Fix A (federation-setup.js): change ["fedify","federation","inbox"] log
category from lowestLevel "fatal" → "error" so HTTP Signature verification
failures are now visible in server logs instead of being silently swallowed.
The original "fatal" level was hiding real delivery rejections (401s) that
cause remote servers to stop retrying.
Fix B (federation-bridge.js): add a pre-signature-check console.info for
every inbox POST when AP_DEBUG=1 or AP_LOG_LEVEL=debug. Confirms whether
remote servers are reaching our inbox at all (nginx/routing check).
- memory/project_activitypub.md: document full inbound activity pipeline,
_publicationUrl dependency, body buffering, and how to use new diagnostics
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
When a post is deleted from the web backend (Micropub action=delete),
call each registered syndicator's delete() method so the post is also
removed from the Fediverse (AP Delete/Tombstone) and Bluesky
(com.atproto.repo.deleteRecord).
- patch-bluesky-syndicator-delete: adds Bluesky#deletePost(bskyUrl) to
lib/bluesky.js and BlueskySyndicator#delete(url, syndication) to
index.js; the bsky.app URL is resolved from the syndication array
that postData.delete() preserves in _deletedProperties
- patch-micropub-delete-propagation: patches action.js case "delete"
to iterate publication.syndicationTargets after postContent.delete()
and fire syndicator.delete() fire-and-forget for any syndicator that
exposes the method (errors logged, never break the 200 response)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
collections._publicationUrl was never set, so every pubUrl guard in
handleCreate/handleAnnounce evaluated to undefined:
- Reply notifications were never created (if pubUrl && ...) always false
- Boost notifications for our content never created
- Replies from non-followed accounts never stored in ap_timeline
Fix A: set collections._publicationUrl = publicationUrl before
registerInboxListeners() in federation-setup.js.
Fix B: in handleCreate, add an else-if branch that stores replies to
our own posts in ap_timeline even when the sender is not in ap_following,
so they appear in Mastodon client conversation/notification views.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- status.js: in_reply_to_id was always null (both branches of ternary
returned null — TODO left unfilled). Changed to item.inReplyToId || null.
- statuses.js POST handler: timeline insert now stores inReplyToId from
the in_reply_to_id cursor the client already sent, so own replies are
threaded correctly in Phanpy/Elk.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Gitea Contents API DELETE commits fire on:push CI; POST/PUT do not.
delete was triggering both on:push and workflow_dispatch → 2 CI runs.
Now dispatch is skipped for delete; on:push handles the rebuild.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
GitHub API infers JSON without Content-Type; Gitea requires it explicitly.
Without the header, Gitea cannot parse the POST/PUT body and returns 422
Unprocessable Entity on all content write operations.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Gitea's Contents API differs from GitHub's:
POST /contents/{path} = create new file (no SHA)
PUT /contents/{path} = update existing file (SHA required)
store-github used PUT for createFile() because GitHub accepts PUT for
both — Gitea's PUT without SHA returns 422. Also updates the
update-fallback patch to bail to createFile() instead of falling through
to PUT-without-SHA when the file doesn't exist in the store.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Posts that exist in MongoDB but not in Gitea (e.g. due to a previous
failed write) caused HTTP 500 on re-publish: updateFile() tried to read
the file's SHA, got 404, and threw instead of creating. Now detects
Not Found and falls through to a create-style PUT (no sha field).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Gitea Contents API commits don't trigger on:push CI workflows.
Patches action.js to fire a workflow_dispatch to giersig.eu/indiekit-blog
after every create/update/delete/undelete so the Eleventy build runs
immediately after a post is published.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
npm fetches git deps before node_modules exist, so git URL rewriting
must happen in preinstall. Detects jail env via INDIEKIT_BIND_HOST /
INTERNAL_FETCH_URL — no-ops on local dev.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Two bugs caused replies-to-replies to be posted as 'note' type without
ActivityPub federation:
1. patch-ap-compose-default-checked: The AP reader compose form had
defaultChecked hardcoded to '@rick@rmendes.net' (original dev's handle),
so the AP syndication checkbox was never pre-checked. Fixed to use
target.checked from the Micropub q=config response, which already
carries checked: true for the AP syndicator.
2. patch-ap-mastodon-reply-threading: POST /api/v1/statuses deferred
ap_timeline insertion until the Eleventy build webhook fired (30–120 s).
If the user replied to their own new post before the build finished,
findTimelineItemById returned null → inReplyTo = null → no in-reply-to
in JF2 → post-type-discovery returned 'note' → reply saved at /notes/
and sent without inReplyTo in the AP activity, breaking thread display
on remote servers. Fixed by eagerly inserting the provisional timeline
item immediately after postContent.create() ($setOnInsert — idempotent;
syndicator upsert later is a no-op).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
uploadMedia() had no content-type check, so an HTML login-redirect response
from an auth-protected internal endpoint was uploaded to Bluesky as a blob
with encoding "text/html". uploadBlob() accepts it, but record validation
rejects the post with 'Expected "image/*" (got "text/html")'.
The patch mirrors the guard already present in uploadImageFromUrl() and also
wraps per-photo uploads in try/catch so one bad photo doesn't abort the
entire syndication — other photos and the post text are still published.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Without nginx forwarding Host/X-Forwarded-Proto headers, fromExpressRequest()
builds a wrong URL (e.g. http://127.0.0.1:3000/...) that Fedify doesn't
recognise as its own base URL — so it calls next() and requests fall through
to auth middleware, returning 302 to the login page. This breaks webfinger,
actor lookups, and AP inbox delivery.
The patch overrides the URL construction in createFedifyMiddleware() and
fromExpressRequest() to use the configured publicationUrl as the base,
bypassing the dependency on proxy headers entirely.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The Gitea conflict resolution kept main's prom-client/metrics-shim/microsub
changes but dropped our two new AP patch registrations. Re-add them to both
postinstall and serve.
https://claude.ai/code/session_0124D41vdLYE3DkJxhPqYthX
Preloads metrics-shim.cjs via `node --require` into the Indiekit process
so heap, GC, event loop lag, CPU and handle metrics are exposed at
:9209/metrics for Prometheus scraping. Uses prom-client collectDefaultMetrics.
- Add metrics-shim.cjs (prom-client HTTP server, port 9209)
- Add prom-client ^15.1.3 to dependencies
- Wire --require ./metrics-shim.cjs into start.example.sh and npm serve script
- Grafana: NodeJS Application Dashboard (11159) at console.giersig.eu
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
`getEndpointUrls()` resolved relative endpoint paths (e.g. `/media`) using
`getUrl(request)`, which returns `http://` because Express sees HTTP from nginx
without trust proxy. This produced `http://blog.giersig.eu/media` as the
endpoint attribute in the file-input component, causing Safari to block the
fetch as mixed content ('Load failed').
Fix: prefer `application.url` (the configured HTTPS base URL) over
`getUrl(request)` when resolving relative endpoint paths.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
All of the following are now native in svemagie/indiekit-endpoint-activitypub:
- patch-ap-url-lookup-api (AP URL lookup endpoint)
- patch-ap-allow-private-address (allowPrivateAddress in federation-setup)
- patch-ap-like-note-dispatcher (fake-Note revert)
- patch-ap-like-activity-id (canonical Like activity id URI)
- patch-ap-like-activity-dispatcher (Like setObjectDispatcher)
- patch-ap-url-lookup-api-like (likeOf URL in /api/ap-url)
- patch-ap-remove-federation-diag (inbox diagnostic log removed)
- patch-ap-og-image (orphan, not in package.json)
- patch-ap-normalize-nested-tags (orphan, no-op)
- patch-ap-object-url-trailing-slash (orphan, no-op)
patch-ap-skip-draft-syndication kept — draft guard in syndicate() not yet in fork.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Repost commentary changes are now native in svemagie/indiekit-endpoint-activitypub.
Patch is no longer needed and was causing a duplicate repost block on every deploy.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add two new patches:
- patch-ap-skip-draft-syndication: guards the AP syndicator's syndicate()
method against draft posts (mirrors existing unlisted visibility check)
- patch-microsub-compose-draft-guard: forwards post-status from microsub
compose to Micropub and suppresses mp-syndicate-to targets for drafts
The syndicate endpoint DB queries already filter post-status != draft
(patch-federation-unlisted-guards). These patches add defence in depth
at the AP syndicator and at the microsub compose submission layer.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace the semantically incorrect fake-Note approach with strict AP protocol compliance:
- patch-ap-like-note-dispatcher: rewritten to revert the fake-Note block
- patch-ap-like-activity-id: adds canonical id URI to Like activities (AP §6.2.1)
- patch-ap-like-activity-dispatcher: registers setObjectDispatcher(Like, ...) so
/activitypub/activities/like/{id} is dereferenceable (AP §3.1)
- patch-ap-url-lookup-api-like: /api/ap-url now returns the likeOf URL for AP-likes
so the "Also on: Fediverse" widget's authorize_interaction flow opens the
original Mastodon post on the remote instance
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Micropub's replaceEntries() stores single-value arrays as plain strings
(JF2 normalization). Spreading a string into [...str] gives individual
characters, so hasSyndicationUrl() never matches existing syndication URLs
and alreadySyndicated is always false — causing re-syndication on every
webhook trigger.
Fix: use [].concat() which safely handles both string and array values.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Remove patch-preset-eleventy-ai-frontmatter: upstream now writes AI
frontmatter natively using hyphenated keys (ai-text-level etc.)
- Remove patch-endpoint-posts-ai-cleanup: upstream beta.44 natively
removes empty ai-text-level/ai-code-level/ai-tools/ai-description fields
- Remove patch-endpoint-posts-ai-fields: upstream beta.44 has AI form UI
inline in post-form.njk; our separate templates would have duplicated fields
- Remove patch-micropub-ai-block-resync: one-time stale-block migration,
no longer relevant
- Remove patch-endpoint-posts-prefill-url: upstream beta.44 has native
prefill from query params; our patch would have conflicted
- Remove patch-endpoint-posts-search-tags: upstream beta.44 has native
search/filter/sort UI; patch already detected this and was a no-op
- Bump @rmdes/indiekit-endpoint-posts beta.25→beta.44,
override beta.41→beta.44
- Update indiekit.config.mjs: remove camelCase ai field names from
all postTypes.fields (ai-* fields now rendered inline by upstream)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Reposts with a body (commentary) were silently broken in two ways:
1. jf2ToAS2Activity() always emitted a bare Announce pointing at the
external URL (e.g. fromjason.xyz). That URL doesn't serve AP JSON,
so Mastodon couldn't fetch the object and dropped the activity from
followers' timelines — the post only appeared when explicitly searched.
2. jf2ToActivityStreams() (content negotiation / search) hard-coded the
Note content to just '🔁 <url>', completely ignoring properties.content.
Fix via patch-ap-repost-commentary.mjs (4 targeted replacements):
- jf2ToAS2Activity(): skip the Announce early-return when commentary is
present and fall through to the existing Create(Note) path instead.
Pure reposts (no body) keep the Announce behaviour unchanged.
- jf2ToAS2Activity() content block: add a repost branch that formats
the Note as '<commentary><br><br>🔁 <url>' (mirrors bookmark/like).
- jf2ToActivityStreams(): extract commentary and prepend it to the Note
content when present.
Patch registered in both postinstall and serve chains.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds patch-webmention-sender-hentry-syntax.mjs to fix a typo in
@rmdes/indiekit-endpoint-webmention-sender@1.0.8 that prevents the
module from loading:
_html.includes("h-entry"") → _html.includes("h-entry")
The extra closing quote causes a SyntaxError at startup, which means
the webmention sender never runs and the background sync never starts.
Patch runs before the other webmention-sender patches in both
postinstall and serve so the file is valid JS before further transforms.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Like and Announce activities were missing the followers collection in
their to/cc addressing. Mastodon shared inboxes silently drop activities
without cc:followers, so likes and reposts were delivered but never
appeared on remote instances.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Switch @rmdes/indiekit-endpoint-youtube to forked repo with OAuth 2.0
liked-videos sync. Add OAuth client config and likes sync settings.
Also document outgoing webmentions architecture in README.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The signatureTimeWindow patch was deleted in e52e98c5c (assumed fixed
in fork), but the lockfile still pins the fork to v2.10.1 which lacks
it. This broke the patch-ap-allow-private-address patch chain: it
expected signatureTimeWindow in its OLD_SNIPPET, never matched, and
silently skipped — leaving the server without both signatureTimeWindow
AND allowPrivateAddress. Without allowPrivateAddress, Fedify's SSRF
guard blocks own-site URL resolution (blog.giersig.eu → 10.100.0.10),
breaking federation delivery.
- Fix patch-ap-allow-private-address to handle fresh v2.10.1 (adds
both signatureTimeWindow and allowPrivateAddress in one step)
- Restore patch-ap-object-url-trailing-slash (also lost in e52e98c5c)
- Add both patches to postinstall and serve scripts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Retry behavior is already covered by the livefetch patch, but keeping
this patch ensures the skip-on-failure guard applies even if livefetch
is removed or the upstream code changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a post was processed but had no discoverable external links, the
expanded detail row rendered completely blank — result.details was
truthy ({}) so the 'noDetails' fallback never fired, but all three
arrays were empty so no tables rendered either.
Adds a patch script for the template that shows "No external links
discovered in this post." in that case, and wires it into both
postinstall and serve scripts.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
uploadMedia, uploadImageFromUrl, and fetchOpenGraphData all fetch from
the blog's public URL which is unreachable behind the nginx jail. Rewrite
own-domain URLs to http://localhost:PORT, same as micropub-fetch-internal-url.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The webmention sender was using stored post content (just the body text)
instead of the live page, missing template-rendered links like
u-in-reply-to, u-like-of, u-bookmark-of. This caused reply/like/bookmark
posts to be marked as sent with 0 webmentions. Bump reset-stale migration
to v4 so affected posts are retried.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Node can't reach its own public HTTPS URL (ECONNREFUSED 127.0.0.1:443)
because port 443 only exists on the nginx jail. Rewrite self-referential
fetch URLs to http://localhost:3000 in endpoint-posts, endpoint-syndicate,
and endpoint-share.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Re-add PeerTube View activity patches that were prematurely removed in
e52e98c5c — the upstream fork doesn't reliably include these fixes on
all server deployments, causing noisy "Unsupported activity type" errors.
Also add fetch diagnostic patch to surface the real cause of
"TypeError: fetch failed" when posting articles via the form controller.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tags like `on/art/music` are reduced to their last segment (`#music`)
in both buildPlainTags and buildFedifyTags so ActivityPub hashtags are
valid on Mastodon and other platforms.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
