- Filter isContext items and private/direct posts from main timeline, new post count, and unread count
- Post detail: query local replies from ap_timeline before remote fetch, deduplicate, sort chronologically
- Add visibility badge (unlisted/private/direct) on item cards next to timestamp
Confab-Link: http://localhost:8080/sessions/af5f8b45-6b8d-442d-8f25-78c326190709
Add full feature documentation for federation resilience (v2.14.0) and
Hollo-inspired patterns (v2.15.0). Add credits to Hollo, Fedify, and Wafrn.
Update architecture tree, collections table, routes, and gotchas in CLAUDE.md.
Confab-Link: http://localhost:8080/sessions/af5f8b45-6b8d-442d-8f25-78c326190709
federation-bridge.js:
- Buffer application/activity+json and ld+json bodies that Express
doesn't parse (inbox POSTs from Mastodon, PeerTube, etc.)
- Store original bytes in req._rawBody and pass them verbatim to Fedify
so HTTP Signature Digest verification passes; JSON.stringify reorders
keys which caused every Mastodon Like/Announce/Create to be silently
rejected
- Short-circuit PeerTube View (WatchAction) activities with 200 before
Fedify's JSON-LD parser throws on Schema.org extensions
federation-setup.js:
- Accept signatures up to 12 hours old (Mastodon retries with the
original signature hours after a failed delivery)
- Look up AP object URLs with $in [url, url+"/"] to tolerate trailing
slash differences between stored posts and AP object URLs
inbox-listeners.js:
- Register a no-op .on(View) handler so Fedify doesn't log noisy
"Unsupported activity type" errors for PeerTube watch events
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Integrates upstream features (visibility/CW compose controls, @mention
support, federation management page, layout fix) while preserving
svemagie DM support. Visibility and syndication controls are hidden
for direct messages.
Upstream v2.10.0 adds: outbound Delete, visibility addressing (unlisted/
followers-only), Content Warning (sensitive flag + summary), inbound poll
rendering, Flag/report handler, DM support files.
Conflict resolution — all four conflicts were additive (no code removed):
lib/controllers/reader.js: union of validTabs — fork added "mention",
upstream added "dm" and "report"; result keeps all five additions.
lib/storage/notifications.js: union of count keys — fork added mention:0,
upstream added dm:0 and report:0; result keeps the fork's mention split
logic alongside the new upstream keys.
views/partials/ap-notification-card.njk: fork kept isDirect 🔒 badge for
direct mentions; upstream added ✉ for dm and ⚑ for report; result keeps
the isDirect branch and appends the two new type badges.
package.json: upstream bumped to 2.10.0; we bump to 2.10.1 to reflect our
own Alpine.js and publication-aware docloader bug fixes on top.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- views/layouts/ap-reader.njk: Replace incorrect comment "Alpine.js
loaded by default.njk" with an actual Alpine.js CDN script tag.
Without this, all Alpine directives on the remote-profile page
(x-data, @click, x-text, :class) were dead — Follow/Mute/Block
buttons showed no label and clicks did nothing.
- lib/resolve-author.js: Add createPublicationAwareDocumentLoader()
which wraps the authenticated Fedify document loader to opt in to
allowPrivateAddress for requests to the publication's own hostname.
Fedify blocks private IP ranges by default; self-hosted instances
(localhost / private IPs) were failing author resolution for their
own posts with a private-address error. All three lookupObject calls
in resolveAuthor() now use the wrapped loader.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Outbound Delete: broadcastDelete() + POST /admin/federation/delete route
- Visibility: unlisted + followers-only addressing via defaultVisibility config
- Content Warning: outbound sensitive flag + summary as CW text
- Polls: inbound Question/poll parsing with progress bar rendering
- Flag: inbound report handler with ap_reports collection + Reports tab
- Includes DM support files from v2.9.x (messages controller, storage, templates)
- Includes coverage audit and high-impact gaps implementation plan
Confab-Link: http://localhost:8080/sessions/cc343b15-8d10-43cd-a48f-ca912eb79b83
The reply context on the compose page rendered raw Mastodon HTML in a
bare <blockquote>, causing hashtag links to display as block elements
(each on its own line with # separated from the tag name). Wrapping
the content in a <div class="ap-card__content"> applies the same
inline hashtag/mention/invisible-span CSS rules used in the timeline.
Confab-Link: http://localhost:8080/sessions/cc343b15-8d10-43cd-a48f-ca912eb79b83
Without https://, jsonld rejects the value as a relative object
reference during signature verification, breaking Mastodon migration.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Groups ap_notifications with isDirect:true by peer actor and returns
them as conversation objects shaped for the DM reader tab template.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
federation-setup.js:
- Suppress fedify docloader logs below fatal level to reduce noise from
deleted remote actors (404/410)
- Add visibility:unlisted guard to outbox dispatcher, counter, and
resolvePost object dispatcher
controllers/migrate.js:
- Allow clearing alsoKnownAs by detecting submitted empty aliasUrl field
via hasOwnProperty check (previously only set when non-empty)
index.js:
- Add resolveAuthor import
- Skip federation for unlisted posts in syndicate()
- Add likePost(postUrl, collections) — sends AP Like activity to author
- Add boostPost(postUrl, collections) — sends AP Announce to followers
and directly to the post author's inbox
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Returning a bare Like/Announce activity breaks Mastodon's
authorize_interaction flow because it expects a content object
(Note/Article). Serve as Note with emoji + linked URL instead.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Detect incoming DM visibility in inbox listener by checking absence of
the public collection URL in object.toIds/ccIds; store isDirect and
senderActorUrl on mention notifications
- Add native AP reply path in compose controller: when is-direct=true,
build Create(Note) addressed only to the sender and deliver via
ctx.sendActivity() instead of posting a public Micropub blog reply
- Add dedicated "Direct" tab to notifications view (separate from Replies)
with its own count; update storage query so mention tab filters only
mention type, reply tab filters only reply type
- Show lock badge (🔒) on direct mention notification cards and add
ap-notification--direct CSS class
- Compose view: show DM notice banner, hide syndication targets, and
change submit label when replying to a direct message
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Gallery photos: 220px → 280px height, 180px on mobile (≤480px)
- Link preview cards: full CSS for horizontal card layout (text left, image right)
- Lightbox: touch/swipe support for mobile (50px threshold)
- URL linkification: bare URLs in content auto-wrapped in <a> tags before AP delivery
Confab-Link: http://localhost:8080/sessions/c5b1471e-b046-44d9-b94f-ab5e68fae7cc
Reply links were using the AP internal object ID (e.g.
/ap/users/{id}/statuses/{id}) which returns 404 on Mastodon for
browsers. Now uses the human-readable URL (/@username/{id}) for
replyTo params in item cards and notification cards.
- Store url field on reply/mention notifications (inbox-listeners)
- Prefer item.url over item.uid for compose replyTo links
- Falls back to uid for existing notifications without url field
Confab-Link: http://localhost:8080/sessions/d116ad5b-ef8a-424e-9ebe-76c06bef1df6
Remove the quick-reply code path entirely — all replies now go through
Micropub as blog posts. Quick replies created orphan URLs that served
raw JSON-LD to browsers and caused unreadable links in conversations.
- Delete quick-reply controller (note-object.js) and route
- Remove ap_notes collection registration
- Simplify compose form: no mode toggle, no character counter
- Remove quick-reply CSS and locale strings
Confab-Link: http://localhost:8080/sessions/d116ad5b-ef8a-424e-9ebe-76c06bef1df6
Shorten long URLs in post content (30 char display limit with tooltip).
Collapse hashtag-heavy paragraphs into expandable <details> toggle.
Show BOT badge for Service/Application actors. Show pencil icon for
edited posts with hover tooltip showing edit timestamp.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Animated card-shaped placeholders with shimmer effect shown during
content loading instead of plain "Loading..." text. Applied to reader,
tag timeline, and explore tabs (both first-load and load-more states).
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Extract reply/boost/like counts from AP Collections (getReplies,
getLikes, getShares) and Mastodon API (replies_count, reblogs_count,
favourites_count). Display counts next to interaction buttons with
optimistic updates on like/boost actions.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Change photo storage from bare URL strings to objects with url, alt,
width, height (AP) plus blurhash and focus (Mastodon API). Templates
handle both old string and new object format for backward compat.
Add ALT text badges on gallery images — click to expand the full
alt text in an overlay. Renders in both reader and explore views.
Also pass alt text through to lightbox and quote embed photos.
Bump version to 2.5.3.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Add Alpine.js directive x-relative-time that converts absolute dates
to human-friendly relative strings: just now, 5m, 3h, 2d, Mar 3.
Updates every 60s for posts less than 24h old. Server-rendered absolute
time stays as no-JS fallback and hover tooltip.
Applied to item cards, quote embeds, and notification cards.
Bump version to 2.5.2.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Extract custom emoji from ActivityPub objects (Fedify Emoji tags) and
Mastodon API (status.emojis, account.emojis). Replace :shortcode:
patterns with <img> tags in the unified processing pipeline.
Emoji rendering applies to post content, author display names, boost
attribution, and quote embed authors. Uses the shared postProcessItems()
pipeline so both reader and explore views get emoji automatically.
Bump version to 2.5.1.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Document unified item processing pipeline (gotcha #23), parameterized
infinite scroll component (gotcha #24), quote embeds (gotcha #25).
Update architecture tree with new modules and controllers. Expand
route table and admin UI pages with explore, tag timeline, post detail,
and API endpoints. Add reader features (explore, hashtags, quotes,
link previews, read tracking, infinite scroll) to README.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
Extract shared item-processing.js module with postProcessItems(),
applyModerationFilters(), buildInteractionMap(), applyTabFilter(),
renderItemCards(), and loadModerationData(). All controllers (reader,
api-timeline, explore, hashtag-explore, tag-timeline) now flow through
the same pipeline.
Unify Alpine.js infinite scroll into single parameterized
apInfiniteScroll component configured via data attributes, replacing
the separate apExploreScroll component.
Also adds fetchAndStoreQuote() for quote enrichment and on-demand
quote fetching in post-detail controller.
Bump version to 2.5.0.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
The non-async init() fired dropIndex and createIndex concurrently,
causing MongoDB to abort the index build (IndexBuildAborted error 276).
Chain createIndex via .then() so it runs after the drop completes.
Confab-Link: http://localhost:8080/sessions/e9d666ac-3c90-4298-9e92-9ac9d142bc06
