freamon

Exactly that, yeah. Thank you for the link.

It's straight-forward enough to do in back-end code, to just reject a query if parameters are missing, but I don't think there's a way to define a schema that then gets used to auto-generate the documentation and validate the requests. If the request isn't validated, then the back-end never sees it.

For something like https://freamon.github.io/piefed-api/#/Misc/get_api_alpha_search, the docs show that 'q' and 'type_' are required, and everything else is optional. The schema definition looks like:

/api/alpha/search:
    get:
      parameters:
        - in: query
          name: q
          schema:
            type: string
          required: true
        - in: query
          name: type_
          schema:
            type: string
            enum:
              - Communities
              - Posts
              - Users
              - Url
          required: true
        - in: query
          name: limit
          schema:
            type: integer
          required: false

required is a simple boolean for each individual field - you can say every field is required, or no fields are required, but I haven't come across a way to say that at least one field is required.

PieFed has a similar API endpoint. It used to be scoped, but was changed at the request of app developers. It's how people browse sites by 'New Comments', and - for a GET request - it's not really possible to document and validate that an endpoint needs to have at least one of something (i.e. that none of 'post_id' or 'user_id' or 'community_id' or 'user_id' are individually required, but there needs to be one of them).

It's unlikely that these crawlers will discover PieFed's API, but I guess it's no surprise that they've moved on from basic HTML crawling to probing APIs. In the meantime, I've added some basic protection to the back-end for anonymous, unscoped requests to PieFed's endpoint.

This is the kind of thing that apps handle well - I viewed your post from Voyager, and just had to click the sopuli.xyz link to get is resolved to my instance.

For the web browser experience: that link used to be a bit more visible (you can currently also get it from community sidebars, but it used to also be in post sidebars too). Someone complained though, and it was removed from post sidebars, so I assume they'd have the same complaint if it was re-surfaced again. You could just bookmark it, of course.

The page itself shouldn't be slow to load (it's a very lightweight page that's not doing anything until you click 'Retrieve'). It doesn't immediately redirect you to the post because the assumption was that you might want to retrieve more than one post at a time.

That said, if you're already viewing a page on the 'wrong' instance, then being able to change 'https' to 'web+pf' and have it work sounds cool (although it looks like Chrome makes highlighting 'https' into a 2-click experience).

There's definitely something about the experience. I have a projector at home, and it's not the latest model, and it's far from the ideal set-up, but I was watching The Martian recently, and found myself wondering if it was the greatest movie ever made, and then had to remind myself that no, it's just that I was projecting it.

There are some api rate limits (look for RateLimitExceeded in routes), but the settings are generous enough that a normal user (and not a bot) isn't going to get caught by them.

It's also available from the Options drop-down.

No, I was suggesting that peertube.wtf should have asked piefed.zip for the details of the comment. That would be the most authoritative place to ask, and that's what PieFed, MBIN, and Friendica do.

For the comment that you made, piefed.zip would've signed it with your private key, and sent out 2 copies - one to technics.de and one to tilvids.com. After receiving it, technics.de is no longer involved, but tilvids.com would've sent to comment out to all the subscribers of 'The Linux Experiment'. We can tell they did in fact do that, because the comment you made on piefed.zip is visible on piefed.social.

It doesn't have your private key though, and it additionally doesn't sign it with the channel's private key, so the question is then not 'was the data sent out?', but rather 'how do remote instances know to trust that this comment was actually made by this person?'. If the author was also on tilvids.com, then it has access to the private key, so it can be signed when it's sent out. If the author was from Mastodon, their comments include a cryptographic hash inside the JSON, so that can be used. For all other authors, the best thing to do - I would think - is grab it from the source.

I don't actually know what other PeerTube instances do in this circumstance though. Comparing the amount of comments on the host instance, vs. other PeerTube instances, vs. PieFed, reveals no discernible pattern. For 'The Linux Experiment', piefed.social has comments from misskey, from piefed, and from mbin that are absent from remote PeerTube instances. Hopefully, someone who's familiar with their code can shed more light on their internal federation - if there's something we can do to guarantee comment visibility on remote PeerTube instances, then we'll do it if it's feasible.

EDIT: just been digging through my server logs for requests of comments I made from PeerTube instances, and discovered tube.alphonso.fr - they have your comment: https://tube.alphonso.fr/w/eSYuduJSbZ9s7K4pFT3Ncd - so how fully PeerTube instances federate comments might be a policy decision that admins set, or it might just be buggy behaviour.

It appears to be specific to replies to replies - this video on peertube.wtf has a top-level comment from PieFed.

PeerTube's federation model is different from Lemmy's - they don't sign remote comments when they federate them out again, so it's often up to other instances to fetch them from the source. It might be that PieFed has to do something to help the likes of peertube.wtf successfully retrieve a comment when it's a reply to another reply.

Bah, I knew I'd think of one after submitting my list: "It's a sin", of course. Oh well, too late now.

1. Andor
2. Taskmaster UK
3. Mr. Robot
4. Ghosts UK
5. Rome
6. DEVS
7. Fargo
8. The Expanse
9. Sort Of
10. The Eastern Gate

For this particular case, it's more an instance of the software not interacting (in the sense of not changing things they don't understand).

If Lemmy doesn't implement flairs, then community updates from them won't over-write flairs set on PieFed's copy of those comms. Also, when a PieFed user sends a comment to a Lemmy community, it will just attach an 'Announce' header to it and send it out to all followers. It would be against their own spec to change the content of anything they're Announcing, so followers who receive the comment and happen to be on PieFed instances will interpret it fully, whereas Lemmy will just ignore any fields in the JSON that it doesn't have a use for.