loweel/Aktor-2
loweel/Aktor-2
1
0
Fork 0
Code Issues Pull requests Projects Releases 5 Packages Wiki Activity Actions
5 releases 6 tags
  • beta-0.990 3b0e3c4998

    beta-0.990 Pre-release

    loweel released this 2026-06-06 00:16:57 +02:00 | 4 commits to main since this release

    Release notes for beta-0.990

    This release covers the work after beta-0.920 and marks the last beta line
    before the project moves from "large fork cleanup" into a more regular Aktor
    development rhythm.

    Human-readable highlights

    The big result of this beta is that Aktor now feels like its own server instead
    of a lightly reskinned GoToSocial fork. The public UI, Settings UI, moderation
    surfaces, runtime artefacts, documentation, and smoke coverage now consistently
    present Aktor as the active product while keeping the inherited Mastodon and
    ActivityPub API contracts intact.

    Administrator-managed Lua filters are the largest moderation feature in this
    line. Filters are stored in the database, edited from Settings, and evaluated
    with status metadata exposed to the Lua runtime. This gives an instance operator
    a precise programmable policy layer without changing the C2S or S2S API shape.

    Moderation work also became more practical in the UI. Timeline cards expose
    report, block, and mute actions for remote content. Settings reports are easier
    to inspect and resolve. Domain-block management was simplified, and the public
    /about page now shows instance statistics, federation counts, report counts,
    and banned instances in separate, readable cards. The Settings People list now
    combines followers, following, and mutual relationships, provides direct account
    actions, and opens remote profiles from account avatars.

    Posting and reading workflows also improved. The composer can enrich link posts
    with SEO metadata while avoiding referrer leaks, pasted images can be turned
    into photo posts, timelines can load older pages, and timeline cards gained a
    direct "Show thread" action. Follow counts are now refreshed from database state
    instead of drifting through stale cache entries.

    The IPFS work from the previous beta was hardened: Aktor keeps IPFS scoped to
    local media while remote media and emoji remain origin-owned. This keeps the
    operator-facing CDN experiment useful without pretending remote media belongs to
    the local instance.

    Deployment list since beta-0.920

    • Rebranded runtime artefacts to Aktor, including the default build version for
      this line: 0.9.990-beta.
    • Added administrator-managed Lua content filters stored in the database.
    • Exposed status metadata to Lua filters and documented the Lua runtime
      variables available to filter code.
    • Removed deleted example Lua filters from the active runtime set.
    • Added Settings UI support to list, create, edit, rename, and delete Lua
      filters through the admin API.
    • Added timeline moderation actions for reporting, blocking, and muting remote
      accounts and statuses.
    • Improved Settings report handling, including focused report loading and report
      resolution from the Aktor UI.
    • Simplified admin domain moderation UI and fixed contrast for domain block and
      custom emoji action buttons.
    • Added link composer SEO enrichment and omitted referrers when fetching link
      metadata.
    • Added pasted-image handling for the photo composer.
    • Added web push alerts for unfollow notifications.
    • Preserved remote profile media fallbacks and kept remote post media and remote
      emoji media owned by their origin instances.
    • Kept IPFS scoped to locally uploaded media.
    • Counted follow statistics directly from the database and fixed follow-count
      cache invalidation.
    • Stabilized follow counts in the UI after relationship changes.
    • Added timeline "Show thread" and older-page loading.
    • Moved thread navigation out of the timeline actions menu for quicker access.
    • Removed the unused interaction-requests Settings UI.
    • Completed the public /about page with description, registration/contact
      details, local user/post statistics, federated instance count, moderation
      report counts, and a separate banned-instances card.
    • Added People avatar links to canonical remote profile URLs for faster
      moderation review.
    • Updated INSTALL.md with the public /about page, Lua filters, Settings
      People behavior, and related deployment notes.
    • Added and updated smoke coverage for the public About page, Lua filters,
      timeline moderation, link enrichment, photo paste handling, report handling,
      People actions, People avatar profile links, federation identity, and the
      container build path.
    Downloads
  • beta-0.911 6ee678e351

    beta-0.911
    All checks were successful
    continuous-integration/drone Build is passing
    Details
    Pre-release

    loweel released this 2026-05-25 22:35:13 +02:00 | 37 commits to main since this release

    This is a fix of beta-0.910 , due to some flaws in the IPFS images management.
    Now is fixed, please use this , over beta-0.910

    Downloads
  • beta-0.910 0fd492852c

    beta-0.910 Pre-release

    loweel released this 2026-05-25 11:57:51 +02:00 | 41 commits to main since this release

    Release notes for beta-0.910

    This release covers the changes after beta-0.902, up to commit
    0f7e7b4b.

    Features

    • Added optional IPFS-backed media distribution. Local storage remains
      authoritative, while public local media can also be added to a configured Kubo
      node and exposed with the Aktor-specific AKT_IPFS_CID URL hint.
    • Added remote IPFS media import for federated Aktor instances. When an incoming
      attachment URL contains AKT_IPFS_CID, Aktor can fetch the bytes through its
      configured Kubo API, validate them through the normal media pipeline, store
      them locally, and then serve the attachment from the local fileserver.
    • Introduced a modular remote media hint layer so IPFS is only the first backend
      implementation. The same structure can later support other content-addressed
      or remote distribution systems such as torrent-style hashes or Syncthing-like
      backends.
    • Added generic remote media hint metadata to attachment storage while retaining
      compatibility with the IPFS-specific fields used by this release.
    • Added explicit IPFS runtime observability. When IPFS mode is configured,
      startup logs now report Kubo RPC probe success or failure, and each local
      media processing job logs whether it was added to IPFS and which CID was
      produced.
    • Added plain-text editor surfaces for post composition and administrative text
      fields, including terms and conditions, instance description, and profile bio
      editing. These editors preserve plain text, newlines, and blank lines without
      converting user text into HTML.
    • Added EAL5+-style function and test preambles across several Go source
      batches, documenting function purpose, preconditions, postconditions,
      invariants, and test assertions to make the inherited GoToSocial code easier
      to audit and maintain.

    Fixes

    • Fixed local follow lookup for newly approved local accounts by accepting local
      account handles in the follow lookup path. This keeps local follows from
      failing with a spurious 404 when the target account exists locally.
    • Tightened signup approval so approval notifications and admin approval flow
      are gated on email confirmation. Unconfirmed accounts remain pending and can be
      cleaned up by the inactive-account cleanup task instead of becoming approved
      users too early.
    • Improved public profile rendering so long post bodies are constrained by their
      frame instead of overflowing the containing layout.
    • Improved public-page color contrast, including cases where red text on blue,
      white text on white, or similarly low-contrast combinations made public pages
      and blocked-server pages hard to read.
    • Unified Settings people-list rendering to avoid inconsistent account/admin
      list behavior between panels.
    • Rejected malicious remote media hints whose CID bytes do not validate as
      supported media. A URL that looks like an image but resolves to non-media or
      executable-like bytes now fails the normal media processing path instead of
      becoming a usable local attachment.

    Documentation

    • Documented the IPFS/Kubo deployment model in IPFS.md, including a ready to
      use Docker Compose example, required Aktor environment variables, Kubo ports,
      and which ports must remain private.
    • Documented the IPFS federation behavior: AKT_IPFS_CID is a fetch hint only;
      after a successful remote fetch, the receiving Aktor instance stores and
      serves the media locally.
    • Documented the IPFS privacy/performance tradeoff. IPFS can behave like a
      distributed CDN for public media while reducing repeated origin-server
      downloads, but it is not anonymity; IPFS logs may reveal interest in a CID at
      the node/network level without reliably identifying the final user or the
      original publisher.
    • Updated INSTALL.md and IPFS.md with the optional IPFS media mode, remote
      media hint configuration, local-storage authority model, and greppable IPFS:
      operational log markers.

    Tests and quality

    • Added IPFS media contract smoke coverage for the happy path and failure path.
    • Added regression coverage for non-media bytes fetched through a remote media
      hint.
    • Added an end-to-end IPFS runtime smoke test that starts a real Kubo container,
      uploads media through Aktor, creates a public post, verifies that the
      serialized media URL contains AKT_IPFS_CID, and verifies that the server logs
      contain the IPFS: startup/add markers.
    • Re-ran the full smoke suite during the IPFS implementation work and verified
    Downloads
  • beta-0.902 6c502a13ba

    beta-0.902 Pre-release

    loweel released this 2026-05-23 03:08:28 +02:00 | 62 commits to main since this release

    Release notes for beta-0.902

    This release covers the changes after beta-0.901, which was based on commit
    f04ef015ee, up to commit 0c6af8831b17aa9909e812dbd44a3f65cf29dc0d.

    Feature

    • Added timeline status editing: a user's own posts now expose an actions menu
      with Edit, an inline form, API save handling, and immediate refresh of the
      displayed content.
    • Completed the UI for deleting a user's own posts from the timeline, including
      confirmation, API call, and immediate card removal after deletion.
    • Completed the Aktor-styled OAuth /oauth/authorize UI while keeping the flow
      compatible with GoToSocial.
    • Added public and local timeline navigation to the Aktor dashboard.
    • Added explicit visibility choices to the timeline reply form.
    • Replies now prefill mentions from the parent status, avoiding duplicates and
      including the relevant mentioned accounts.
    • Account links in timelines, replies, and notifications now point to the
      correct public profiles: local profile URLs for local accounts and remote
      WebFinger/profile URLs for remote accounts.
    • Wired many Settings panels to existing GoToSocial endpoints: account,
      export/import, tokens, OAuth applications, interaction requests, reports,
      domain allow/block, custom emoji, header allow/block, admin actions, and
      instance configuration.
    • Added Group account management from Settings, documented in INSTALL.md.
    • Added unfollow notifications for local users when another account stops
      following them, including API exposure and notification UI rendering.
    • Added daily cleanup for inactive local non-admin accounts, controlled by
      AKT_ACCOUNTS_INACTIVE_DAYS.
    • Made bootstrap/runtime sizing env vars mandatory where needed:
      AKT_ADMIN_USER, AKT_ADMIN_EMAIL, AKT_ADMIN_PASSWD,
      AKT_ACCOUNTS_REGISTRATION_MAX_USERS, and AKT_ACCOUNTS_INACTIVE_DAYS.

    Fix

    • Fixed the web registration flow: /register now goes through signup
      availability logic, and the form uses the intended endpoint correctly.
    • Fixed the public profile identity layout, with more stable centering and
      spacing for the avatar and header.
    • Fixed group reposts on the local timeline while preserving compatible
      federation behavior and adding regression coverage.
    • Made remote poll voting idempotent, avoiding errors or duplicate effects when
      federated votes are received more than once.
    • Sanitized profile bio text on save to prevent unwanted markup from appearing
      in plain text content.
    • Fixed the notifications dashboard layout: cards no longer slide under the
      sidebar and long content is handled better.
    • Constrained Settings gutters and panel widths to avoid horizontal overflow and
      keep the layout consistent with the profile page.
    • Fixed Settings sidebar/panel behavior, including side navigation and hash
      based panel opening.

    Tests and quality

    • Added UI smoke tests for the public timeline, OAuth authorize, deleting a
      user's own post, refusing deletion of someone else's post, and media links in
      the local timeline.
    • Added smoke tests for registration, mandatory env vars, startup lifecycle,
      login, and Postgres/VAPID contracts.
    • Expanded the browser UI suite for the dashboard, reply visibility, post
      edit/delete, unfollow notifications, notification layout, Settings panels,
    Downloads
  • beta-0.901 f04ef015ee

    beta-0.901
    All checks were successful
    continuous-integration/drone Build is passing
    Details
    Pre-release

    loweel released this 2026-05-17 16:27:47 +02:00 | 83 commits to main since this release

    Aktor beta 0.901 is out.

    After several attempts at implementing everything from scratch, I realized that, unless I made some very brutal and reductive design choices, implementing a full ActivityPub server on my own would simply take too long. I am impatient to implement what really matters, IMHO, in the fediverse. A distributed CDN , AKA IPFS.

    So I forked GoToSocial, since I love golang.

    Please read the License and Legal.md files carefully.

    Current status

    • Aktor federates.

    • Aktor works through its own web UI, which is completely new and inspired by Tumblr.

    • Aktor works with Tusky — tested.

    • Aktor works with Pinafore — tested.

    • A Python smoke-test suite has been implemented. It starts a Docker container and then tests the exposed APIs.

    What is new

    These are mostly small changes. At this stage, I mainly wanted to become more familiar with the codebase.

    • On startup, if no users exist, Aktor automatically creates the first user with admin privileges. The credentials are taken from dedicated environment variables.

    • There is no longer a simple option to say whether registrations are open or closed. Instead, you can set the maximum number of users. Since one user is automatically created at startup, setting the limit to 1 effectively disables new registrations. Setting it to 0 means there is no limit. Any other natural number sets the maximum allowed number of users.

    This also prevents bots from playing tricks with open registrations.

    • I have implemented groups. The admin user can “promote” a normal user to a group. In that case, post distribution follows a behaviour inspired by gup.pe.

    Bugs fixed

    • Fixed a federation bug observed in the logs when interacting with Friendica.

    • No more Yarn.

    #TODO

    • There are still too many placeholders in the UI. I am not a frontend developer, so connecting everything properly to the endpoints will take some time.

    • There are also still too many UI bugs. Again, frontend work is not my main area, so this will take time.

    I will keep implementing small features in order to become even more familiar with the codebase. The next one will probably be giving bot users some RSS capabilities.

    I also want to move the whole codebase toward something close to EAL5+, meaning explicit contracts documented in the code comments: preconditions, postconditions, invariants, function goals, and clearly defined expected behaviour.

    Other notes

    Downloads