53°F

Aaron Parecki

  • jk https://api.twitter.com/1/geo/id/c4933ad176bf4057on   •   Aug 9
    No, thereโ€™s a trash folder, same as calendar
    Aaron Parecki
    There's no "sort by date deleted" in the trash tho ๐Ÿ˜‰
    Portland, Oregon 93°F
    5 replies
  • Matt Haughey https://mastodon.cloud/@mathowie   •   Aug 9

    years later it's still fucking wild yahoo bought tumblr

    Aaron Parecki
    whoa I had this exact thought this morning
    Portland, Oregon 92°F
  • David Celis https://xoxo.zone/@davidcelis   •   Aug 9

    i put potato chips in some scrambled eggs this morning and it gave me life

    Aaron Parecki
    i've been adding crushed up corn chips into grilled cheese sandwiches and it's amazing
    Portland, Oregon 82°F
    likes 1 reply
  • Aaron Parecki

    As of a few weeks ago, Quill now supports this extension. If the server returns a list of supported vocabulary, Quill disables the links to any interfaces that use unsupported vocabularies. This should help reduce the confusion when micro.blog users use Quill, since now they won't end up on an interface that fails to make a micro.blog post.

    Portland, Oregon 76°F
  • Darius Kazemi https://social.tinysubversions.com/@darius   •   Aug 9

    @aaronpk Yeah I am working off those, currently at the IRC/Discord stage. I got the stuff in the blog posts working but weirdly I'm having problems where Mastodon likes my keypair signing for most things except for an "Accept" follow message. Even though it's the same keypair and code. (Messy reference code would be great, even if you just emailed me a zip or something)

    Aaron Parecki
    haha okay! I will unapologetically send you a pile of code, with the only documentation being the inline comments! ๐Ÿ˜†
    Portland, Oregon 72°F
    like 1 reply
  • Darius Kazemi https://social.tinysubversions.com/@darius   •   Aug 9

    @aaronpk oh awesome. Can you share the code with me? I am writing my own extremely stripped down server that is meant for bots *only*, so it lets you create new accounts, make/delete posts, and it accepts follow requests, and that's basically it! (also allows the creation of new accounts via API because bots) Anyway, another dirt-simple reference implementation would be a huge help since there are not good "here is what ActivityPub messages should look like" resources I can find

    Aaron Parecki
    My site's source code isn't public, but I might be able to throw the files up just as samples.

    I started off by reading this post https://blog.joinmastodon.org/2018/06/how-to-implement-a-basic-activitypub-server/ as well as the followup, https://blog.joinmastodon.org/2018/07/how-to-make-friends-and-verify-requests/

    But ultimately those only got me so far, I had to eventually hop in the IRC channel and ask Mastodon and other developers about some of the details. Even the ActivityPub spec doesn't tell you enough to make it work right now. I wish it was simpler!
    Portland, Oregon 66°F
    1 reply
  • Darius Kazemi https://social.tinysubversions.com/@darius   •   Aug 9

    @aaronpk Ah nice. Are you using something homegrown or Pleroma or is there another ActivityPub compliant thing out there I haven't encountered?

    Aaron Parecki
    Totally homegrown, I decided to see what it would take to write as little code as possible to interoperate.

    There are a few other alternatives out there right now. This is a fun site that tracks instances and different projects: https://the-federation.info
    Portland, Oregon 66°F
    like 1 repost 1 reply
  • Darius Kazemi https://social.tinysubversions.com/@darius   •   Aug 9

    @aaronpk Haha so says another self-hosted instance-of-one user :)

    As an aside, do you experience weird caching things? I do think most beginners should join a populated server because otherwise they are going to be seeing a lot of seemingly-blank profile pages when they click through to profiles of people who are mentioned that their instance hasn't interacted with before

    Aaron Parecki
    Yeah that's definitely a Mastodon caching issue. If Mastodon went and fetched a few posts from someone's profile it would fix it. I'm not actually sure why they haven't done that yet.

    My software isn't even Mastodon, I made my site interact with the protocol directly. So when I click on someone I just visit their profile page on their instance directly, so that avoids the issue for me.
    Portland, Oregon 63°F
    1 reply
  • Darius Kazemi https://social.tinysubversions.com/@darius   •   Aug 4

    I think the idea that a new Mastodon user is supposed to pick an instance based on affinity/interest is the number one thing that prevents people from joining. I think there needs to be a retooling of the messaging to make it about trust.

    People don't join email services because of affinity. They do because they trust. They trust Google will be around for a long time. Or that hushmail won't sell their data. Or that Hotmail is easy to use. Etc etc.

    Aaron Parecki
    I completely agree. I think it's because of the convolution of the account and the instance timeline. If you could just as easily follow an instance timeline from any other instance then all of a sudden it doesn't matter which is your home instance.
    Portland, Oregon 64°F
    likes 2 replies
  • manton https://micro.blog/manton   •   Aug 8

    @aaronpk There is a tweet import! But I want to rethink it, because often importing thousands of tweets kind of overwhelms the normal blog posts. I may disable it until I can separate tweets out better.

    Aaron Parecki
    ah yeah, having everything in one list would definitely get overwhelmed with tweets! A simple way to start might be to have a separate page on the site that has a list of only articles.
    Portland, Oregon 91°F
  • Aug 8

    Expecting a lot of new Micro.blog users over the next few weeks. This week: Twitter mismanages how to deal with Alex Jones and Infowars. Next week: Twitter streaming API gets shut down for third-party developers.

    Aaron Parecki
    Seems like a good opportunity to make a tweet archive import for micro.blog! I'm seeing a lot of people deleting their tweets after downloading their archive.
    Portland, Oregon 91°F
  • Ben Balter http://Ben.Balter.com   •   Aug 8
    What do people use these days to plan complex, multi-stop personal travel? Are travel agents still a thing? Some fancy new app? Just internet a bunch and book it yourself?
    Aaron Parecki
    Google flight search + a cocktail + a few hours on the couch
    Portland, Oregon, USA 90°F
  • Andy Baio https://xoxo.zone/@andybaio   •   Aug 8

    Is there any way to post a message SOLELY to your local timeline? That would be pretty cool.

    Aaron Parecki
    I was actually just thinking the same thing but addressing a specific server. I wanted to say hi to all the xoxo.zone people but my account is on my own website!
    Portland, Oregon, USA 82°F
  • Khor https://twitter.com/neth_6   •   Aug 8
    The link you shared is for Implicit? Implicit does not use client secret. Does this mean IndieAuth is more similar to Implicit than Auth Code but is more secure as the client id has to be redirect uri?
    Aaron Parecki
    Regular OAuth 2.0 also supports the Authorization Code flow with no secret. In fact, many companies recommend Auth Code w/no secret instead of Implicit.

    IndieAuth is like taking Auth Code w/no secret and adding back some layers of security because of the client ID being a URL.
    Portland, Oregon, USA 64°F
    like 1 reply
  • Khor https://twitter.com/neth_6   •   Aug 8
    Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?
    Aaron Parecki
    But, most importantly, the fact that IndieAuth uses a URL for the client ID means that you *do* authenticate the client in the initial Auth Code request, since the redirect URL has to match the domain or be registered. That's an improvement over OAuth with no secret.
    Portland, Oregon, USA 64°F
    like 1 reply
  • Khor https://twitter.com/neth_6   •   Aug 8
    Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?
    Aaron Parecki
    Without the secret, there is no authentication of the client. PKCE solves this by using essentially an on-the-fly secret safe for use by mobile apps. IndieAuth *could* adopt the PKCE extension as well, tho afaik noone has done that yet.
    Portland, Oregon, USA 64°F
  • Khor https://twitter.com/neth_6   •   Aug 8
    Got a #IndieAuth question. Since there is no client pre-registration, there is no client secret. Thus during code/access token exchange no client secret is used. Less secure than Authorization Code and more like Implicit perhaps?
    Aaron Parecki
    Good question! The OAuth Authorization Code flow doesn't require a secret either. For example mobile apps can't use a secret, but still use the Auth Code flow. There are many benefits to the Auth Code flow over Implicit, I wrote some about that here https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type#when-to-use-the-implicit-grant-type
    Portland, Oregon, USA 64°F
    3 replies
  • Ricky Munroe https://twitter.com/rimunroe   •   Aug 6
    xantham gum is pretty much indispensable for folks with celiac disease. Thereโ€™s nothing wrong with using it
    Aaron Parecki
    it also thickens hot sauce nicely

    https://aaronparecki.com/2018/08/05/14/
    Portland, Oregon 87°F
  • Ben Garvey http://www.bengarvey.com   •   Aug 6
    And xanthan gum was one of their favorite foods
    Aaron Parecki
    I actually used xanthan gum in a recipe I made today
    Portland, Oregon, USA 91°F
    likes 3 replies
  • Aug 4

    We had a thrilling afternoon at the newly remodeled Space Needle. ๐Ÿคฉ

    The floor is glass! The walls are glass! The benches are glass too.

    45a3b14209.jpg

    Aaron Parecki
    oh that is very cool! It's been at least 15 years since I've been there so now I have a good excuse to visit again!
    Portland, Oregon 72°F