Comment by franga2000
1 year ago
It's a shame "federation" these days basically just means "implement activitpub". So many projects get caught up in the complicated mess of mapping their data model onto AP, debating about how exactly to map things and writing standard extension proposals....
Useful federation between Forgejo instances could be solved with little more than OIDC and a few webhooks (cross-instance collaboration, forking, and PRs). Nobody needs federation between Forgejo and Mastodon - what would that even mean??
> So many projects get caught up in the complicated mess of mapping their data model onto AP, debating about how exactly to map things and writing standard extension proposals....
Well, you either use an existing standard so you can federate with existing implementations, or you come up with a new standard and ask others to implement that. Seems they chose the simpler way, thankfully.
> Useful federation between Forgejo instances could be solved with little more than OIDC and a few webhooks (cross-instance collaboration, forking, and PRs).
What about federation between more software than just your own? Once you've done those things, you basically end up with another spec (but informal instead of formal) that others also need to implement. So instead of going the informal way, they aim for the formal one. That does sound appropriate to me.
Slightly besides the point, but for someone who dealt more with decentralized/distributed systems than bloated authentication systems, it seems both simpler and easier to map+implement ActivityPub than implement OIDC+"a few webhooks", but that might just be because of my familiarity.
I'll say that ActivityPub is a pretty simple standard though, compared to what's out there.
When I saw “federated github”, sharing activity feeds is not what I had in mind. I thought maybe making pull requests across instances or things like that.
Forgejo is implementing ForgeFed [1], which is an AP extension that supports creating PRs, issues, etc. across instances.
[1] https://forgefed.org/
I tend to agree that ActivityPub seems pretty horrifying to work with (as an outsider). At least it works, though, and is implemented by a large amount of different projects and not owned by any single one.
> seems pretty horrifying to work with (as an outsider).
As someone who both made my own implementation + hacked on others, what was/seemed to be the horrible parts? It's a pretty simple standard that is basically RSS with some added stuff (very simplified of course, before I got jumped) for facilitating the federation parts.
> Useful federation between Forgejo instances could be solved with little more than OIDC and a few webhooks (cross-instance collaboration, forking, and PRs).
That would only solve the problem of "I don't have an account on this forge yet". The much more relevant problem is identity + reputation. With ActivityPub-based federation you can use your domain-bound identifier to contribute to various projects across servers and gain reputation and trust. If we use OIDC, then it is a lot less clear if the server, you authenticate with, is hosting the real franga2000.
It's already awkward just between Lemmy and Mastodon.
I guess Lemmy could be in the form of issues on the repo and Mastodon would be thumbs up emojis and/or "starring" the repo.
Yeah I wish there was a different protocol if we are jamming everything on top of it.