Update Log

Other Resources for Friend-Finding

Since there are so many new people on the fediverse looking for others to follow, I figured it would be worth pointing out there are other tools available to help with this. About 6 months ago I released this script which you can find here: https://gitlab.com/Practical.Apps/fedi.friend.rec that you can use to find users based on who you already follow. Of course you need to be following at least a few people already for it to be useful but I think it's still worth trying for most of you. Now, you do need to be comfortable running python scripts to use it but it's really quite a simple program, the code is heavily commented if you are unsure. I was offering to run it for people when it came out and I would be willing to do so again, but in the interest of saving myself some trouble I'd strongly encourage you to try it on your own or have a friend run it rather than ask me. If you know me or are truly without any friends with programming ability I may make an exception. If you are coming from twitter you may have already seen https://fedifinder.glitch.me/ but if you had not I would suggest you check it out. The naming is merely a coincidence as I did not code this utility but author Luca Hammer (@Luca@vis.social) seems like quite a nice guy and has been working very hard polishing up this project. It will scour your follows on twitter to see if any of them have linked a fediverse profile in their twitter bio. This has pushed Luca and his service plan on the server to it's limits so in addition to checking out his work I would encourage you to show him some support any way that you can. I would ask the same for myself but the situation with me and my own server resources seems much less dire. At least for the time being FF seems to be handling the influx of users quite well.

Fedifinder Now Open Source

At the beginning of the year I made a blog post to clarify that Fedifinder was not open source. This was not because I have anything against the open source software ethos, quite the opposite, virtually everything I have ever coded is now available online for anyone to use. My concern was with security, the possibility that people could be harmed by using my site bothered me a lot. A serious issue was that I wasn't even sure how that harm might happen, just that it could potentially happen put me off the idea of letting anyone see the code behind the site. As of yesterday I have resolved this issue. I have created a new version of Fedifinder and published it on Gitlab. You can find it here: https://gitlab.com/Practical.Apps/FediFinder This is a new version of my own development environment that anybody can use for themselves to see how the site works. There are several important differences between this and the live production version that I believe safeguard the security of the users. The most important thing, no data that you or anyone else has ever entered into this website is included, this new code comes with a fresh database. Further, the production Django secret key as well as the production instance application IDs and keys are not included. Instead there is a default Django key and several application IDs/keys that work locally, i.e. they redirect to localhost rather than fedifinder.com. I have taken out the bearer token for the fedifinder bot to prevent improper use. Finally, the true checksum algorithm for the search function was removed. The code itself includes comments which explain in detail why these things were done so I will not rehash it here. The bottom line is that I believe these measures sufficiently address my concerns regarding security vulnerabilities. As such the entire rest of the code is EXACTLY as it exists on the site and it is totally free for you to use as you wish. Your only constraints are those set out in the AGPLv3 regarding distribution of modified copies. A copy of this license is included in the code repository. Why now? Frankly, while I do care (because why else bother going through the trouble of covering security holes), I find myself caring less and less. My experience using free open source software has been great, however my experience developing FOSS has not been. I no longer expect anyone to ever so much as look at my code, let alone offer to contribute anything to it. Any suggested improvements are welcome but not expected. I suppose this is mostly a selfish endeavor, so that something I worked on for a long time can actually be pointed at and shown to others. It's certainly not for those people who complained to me about the open source issue but then offered zero help on how to go about it properly. You know who you are. Ultimately I suppose the hope is that the effort which went into producing Fedifinder does not go to waste, but who knows what the future holds. To those of you who care, enjoy.

Language Update

A feature I have been wanting to add for a long time is now available. Fedifinder can now be used for language exchange, that is the learning and teaching of different languages. I started learning a new language this year and have found that the platforms available for this are often lacking. I hope that my own implementation is simple but effective, in keeping with the rest of the site's design. If you go to the 'Edit' page you will see two new fields for what language(s) you know already and which you are trying to learn. As usual you don't have to put anything in these fields if you don't want to and you can use only one or the other if you'd like. When you go to the 'Browse' page you will see a new tab in the middle marked 'Language.' Under this category are four sub-categories with their own tabs. 'Same (Known)' and 'Same (Learn)' are self-explanatory. 'Teachers' would display people who know a language you are learning and 'Students' would be someone learning a language you know. Now keep in mind, not everyone who puts in what language(s) they know is volunteering to teach them to you, but I will. Put some languages on your profile, if we match on any I'll be happy to talk to you about them. Update: It's worth mentioning the fields are also available as criteria on the 'Search' page.

Fedifinder bot FIXED

I am happy to announce that there is a new fedifinder bot on the fediverse. Following the recent purge the doors of NoAgendaSocial are open again. You can now find the bot there under @FediFinder: https://noagendasocial.com/web/@FediFinder Functions that required the bot like the quiz response system and the request for instances to be included in the site should work now. If they do not work for you please report any bugs to @HLC@noagendasocial.com

Fedifinder bot broken

I regret to inform you that my personal server, happylittle.cloudns.cc, has died. With it goes the bot which sends messages for the questionnaire response system and the request for inclusion page. I will update the blog when this issue has been resolved but it may take some time. If you are an admin of a reliably online server and are willing to let me have a bot account please let me know. Otherwise it will not be until I have made a new server that these services will return. These are the only affected aspects of the site please feel free to continue using any and all of the other features.

Status of FediFinder software

I've been meaning to formally address the issue of FediFinder software accessibility but it has not been brought up much until now. As of right now and for the foreseeable future FediFinder is proprietary software. It is neither "free" nor "open source" in the sense that free software advocates mean. It is only "free as in beer," as they say. I will accept donations but I will never charge to use the site. FediFinder is a proof-of-concept project. It has been my desire to recreate this service as a plugin function for existing fediverse instance platforms like Pleroma. Unfortunately it's beyond my ability to do so by myself and the best people I know for the job are all very busy. I'm still open to work with anyone who is willing to collaborate on this but so far I have received no offers. In a future where the code I've written for FF is used in such a distributed model, the software would all be "free as in freedom" and open to anyone as a matter of course. As it exists now though, in a centralized directory model, it does not make sense to release the code publicly. I'm willing to add people on a case-by-case basis to the gitlab to help improve the site or audit the security. However, I am paranoid that leaving the code for the site open to anyone is inviting people to learn how to break it. While I've done what I can to limit the potential consequences of a hack, I still think it may be possible to do something that affects the users. I would like to avoid a situation where the people who trusted me enough to use this site have anything bad happen to them. To be clear, I support the free software movement. I even support Stallman despite his eccentricities. I have 7 software projects on my gitlab that are either under free licenses or not licensed at all. This is the only one that's not public. In short, FediFinder IS NOT FOSS, yet.

New Year, New Blog Post

Happy New Year FediFinders! We're at the end of the first week of 2022 and things are going well; the site has broken the 100 user milestone with the addition of new instances. If you are enjoying the service please tell your friends to try it out, the larger the user-base gets the more useful FediFinder becomes. I still welcome people to use the site without putting in any information about yourself, I would encourage those of you who are hesitant to try adding something though. Having anything, even just a single interest listed, should increase your chances of making a relevant connection with someone else. Finally I would like to clarify that there is (still) no formal application process for adding instances (yet). All you have to do is ask me in a message on the fedi, and that's open to anyone even if you are not the site admin. If it looks like the users there will follow the rules then your server will get added ASAP.

Updates to Log-in system

I've updated how logging in works on the site to accommodate the addition of other instances. For all it's other flaws, I will admit after working on this for some time that mastodon's handling of OAuth verification is better than Pleroma's. Pre-existing users will be prompted to agree to a new application just like you were when you logged in the very first time. It is functionally exactly the same for you, just different on the back-end, so this should be the last time you have to take that extra step. I hope you don't mind.

First Production Updates

I've just finished applying the first set of updates since the site went into full production. The most notable is the ability to update your avatar and header image if they have been changed on your instance profile. This will not happen automatically in case you want to keep using the old photos, but if not then look for the link under your avatar on the 'edit' page. Also worth mentioning is I've fixed escaped HTML characters in your bio if you had any. My filters worked well on tags but were missing things like ' or " so they have now been improved. I checked while fixing up the affected bios and I'm happy to say there are currently 45 NAS users on FF. I hope to see more when I repeat this announcement in a post tomorrow and even more later when I make a show donation and mention the site. I've attracted some attention from other fediverse admins which is good news for the future of the site when it is open to more instances than just NAS. For now though, enjoy your exclusive early access.

Last Minute Problems (Solved)

Naturally I didn't notice anything was wrong until the day I planned to open the site up. The questionnaire response, one of the stand-out features of the site, was not working. The instance bots.franssen.xyz which I had been using for the bot is down and seems likely to stay down, at least for the foreseeable future. I have stepped in and made a new bot on my own server https://happylittle.cloudns.cc/quizbot . Responses will go through that for the time being, there will be a longer delay after hitting the send button on those responses but they do seem to be working. The launch is back on.

DB Migrated

The application is now running with a postgres database. I've migrated over the blog posts but decided to leave the user data behind based on user feedback. Everyone who had a profile already will need to recreate theirs. Most people had not modified their profiles much so little has been lost. You will not have to agree to the app permissions on NAS again, also HTML formatting in the bio should now be automatically stripped out, so it should be even easier this time around. Everything seems to work the same based on my test with my own alt. The site may go down a few times in the next 12 hours for minor tweaks but the plan is to be live by showtime this afternoon so that the site can be plugged on NoAgenda social/IRC/jitsi for anyone around at the time to see.

End of Beta Testing

Nobody has reported any issues to me since the site has gone live, that's great to hear. I have made a few tweaks to issues I noticed myself, mostly concerning the layout of pages on mobile (vertically oriented screen). Those changes seem to make the site look much nicer, at least on *my* phone. I've also added what has been a low-priority, back-burner feature which was customized error messages for forms. With this done I'd say the site code is looking fairly compete. All that's left is to switch over to a real database as we're still using the default sqlite3 db that comes with every Django project. Once this is done the site will go up for public use.

Ready to Roll

The site is up and running, ready for testing. Please let me know if you find anything broken.

First Update

It has taken a while to get here but in that time significant fixes have happened while the site was up but not accessible. The last one was just made so that the site is now functional and accessible from the fedifinder.com domain. Once the SSL certificates have been set up and the new application created on NAS the site will be complete and ready for testing.

Very First Post

This is the very first post to the site. The domain name is not yet setup but the site is up and functioning. It shouldn't be long now before everybody can come and check it out for themselves.