A fork of glitch-soc.
 
 
 
 
 
 
Go to file
aschmitz 669fe9ee06 Change IDs to strings rather than numbers in API JSON output (#5019)
* Fix JavaScript interface with long IDs

Somewhat predictably, the JS interface handled IDs as numbers, which in
JS are IEEE double-precision floats. This loses some precision when
working with numbers as large as those generated by the new ID scheme,
so we instead handle them here as strings. This is relatively simple,
and doesn't appear to have caused any problems, but should definitely
be tested more thoroughly than the built-in tests. Several days of use
appear to support this working properly.

BREAKING CHANGE:

The major(!) change here is that IDs are now returned as strings by the
REST endpoints, rather than as integers. In practice, relatively few
changes were required to make the existing JS UI work with this change,
but it will likely hit API clients pretty hard: it's an entirely
different type to consume. (The one API client I tested, Tusky, handles
this with no problems, however.)

Twitter ran into this issue when introducing Snowflake IDs, and decided
to instead introduce an `id_str` field in JSON responses. I have opted
to *not* do that, and instead force all IDs to 64-bit integers
represented by strings in one go. (I believe Twitter exacerbated their
problem by rolling out the changes three times: once for statuses, once
for DMs, and once for user IDs, as well as by leaving an integer ID
value in JSON. As they said, "If you’re using the `id` field with JSON
in a Javascript-related language, there is a very high likelihood that
the integers will be silently munged by Javascript interpreters. In most
cases, this will result in behavior such as being unable to load or
delete a specific direct message, because the ID you're sending to the
API is different than the actual identifier associated with the
message." [1]) However, given that this is a significant change for API
users, alternatives or a transition time may be appropriate.

1: https://blog.twitter.com/developer/en_us/a/2011/direct-messages-going-snowflake-on-sep-30-2011.html

* Additional fixes for stringified IDs in JSON

These should be the last two. These were identified using eslint to try
to identify any plain casts to JavaScript numbers. (Some such casts are
legitimate, but these were not.)

Adding the following to .eslintrc.yml will identify casts to numbers:

~~~
  no-restricted-syntax:
  - warn
  - selector: UnaryExpression[operator='+'] > :not(Literal)
    message: Avoid the use of unary +
  - selector: CallExpression[callee.name='Number']
    message: Casting with Number() may coerce string IDs to numbers
~~~

The remaining three casts appear legitimate: two casts to array indices,
one in a server to turn an environment variable into a number.

* Back out RelationshipsController Change

This was made to make a test a bit less flakey, but has nothing to
do with this branch.

* Change internal streaming payloads to stringified IDs as well

Per
https://github.com/tootsuite/mastodon/pull/5019#issuecomment-330736452
we need these changes to send deleted status IDs as strings, not
integers.
2017-09-20 14:53:48 +02:00
app Change IDs to strings rather than numbers in API JSON output (#5019) 2017-09-20 14:53:48 +02:00
bin Fix webpack-dev-server on Windows (#4000) 2017-06-30 13:43:26 +02:00
config i18n: Update Polish translation (#5015) 2017-09-19 23:25:17 +02:00
db Custom emoji (#4988) 2017-09-19 02:42:40 +02:00
docs
lib Bump to 1.6.1 2017-09-16 03:08:29 +02:00
log
nanobox [nanobox] Allow Full-size Uploads (#4123) 2017-07-09 02:52:36 +02:00
public Add script to make embedded iframes autosize (#4853) 2017-09-09 16:23:44 +02:00
spec Change IDs to strings rather than numbers in API JSON output (#5019) 2017-09-20 14:53:48 +02:00
streaming Fix streaming url to lowercase (#4804) 2017-09-04 12:52:06 +02:00
vendor/assets
.babelrc 🎄🔨 Force tree shake emojione (#4202) 2017-07-14 20:30:12 +02:00
.buildpacks Add heroku APT buildpack for scalingo. (#3051) 2017-05-14 12:57:13 +02:00
.codeclimate.yml Enable CodeClimate SCSS Lint checks (#2886) 2017-05-07 20:47:31 +02:00
.dockerignore Remove Storybook (#4397) 2017-07-27 22:30:27 +02:00
.editorconfig Add final newline to locale files (#2890) 2017-05-07 19:55:47 +02:00
.env.nanobox [nanobox] Add Automated Backups (#4023) 2017-07-07 00:46:45 +02:00
.env.production.sample Add OpenStack Keystone V3 support (#4889) 2017-09-11 15:11:13 +02:00
.env.test
.env.vagrant
.eslintignore
.eslintrc.yml Remove eslint-disable comments (#4681) 2017-08-24 12:15:36 +02:00
.foreman Replace sprockets/browserify with Webpack (#2617) 2017-05-03 02:04:16 +02:00
.gitattributes Add .gitattributes file to avoid unwanted CRLF (#3954) 2017-06-26 13:15:24 +02:00
.gitignore fix #4356 : place sw.js to assets/sw.js (#4357) 2017-07-28 01:55:52 +02:00
.haml-lint.yml Added haml-lint and fix warnings (#2773) 2017-05-08 03:35:25 +02:00
.nanoignore Remove Storybook (#4397) 2017-07-27 22:30:27 +02:00
.nvmrc
.postcssrc.yml Add object-fit polyfill for Edge (#4182) 2017-07-14 01:59:34 +02:00
.profile Add ffmpeg and dependent packages as well as LD_LIBRARY_PATHs (#3276) 2017-05-24 17:57:33 +02:00
.rspec
.rubocop.yml Add handling of Linked Data Signatures in payloads (#4687) 2017-08-26 13:47:38 +02:00
.ruby-version Bump ruby version to 2.4.2 (#4958) 2017-09-18 04:55:57 +02:00
.scss-lint.yml Enable CodeClimate SCSS Lint checks (#2886) 2017-05-07 20:47:31 +02:00
.slugignore Remove Storybook (#4397) 2017-07-27 22:30:27 +02:00
.travis.yml Remove ubuntu-toolchain-r-test (#5005) 2017-09-19 05:06:27 +02:00
Aptfile Specify libicu explicitly in Aptfile (#4920) 2017-09-13 09:30:13 +02:00
CODEOWNERS Introduce CODEOWNERS file (#4670) 2017-08-23 15:21:00 +02:00
CONTRIBUTING.md
Capfile remove capistrano/faster_assets from Capfile (#2737) 2017-05-03 12:14:52 +02:00
Dockerfile Bump ruby version to 2.4.2 (#4958) 2017-09-18 04:55:57 +02:00
Gemfile Fix filterable_languages method of SettingsHelper (#4966) 2017-09-16 14:59:41 +02:00
Gemfile.lock Bump ruby version to 2.4.2 (#4958) 2017-09-18 04:55:57 +02:00
ISSUE_TEMPLATE.md
LICENSE
Procfile More robust PuSH subscription refreshes (#2799) 2017-05-05 02:23:01 +02:00
Procfile.dev Fix sidekiq "port" being wrong (#3014) 2017-05-12 17:46:14 +02:00
README.md s/PubSubHubbub/WebSub/g (#4372) 2017-07-26 13:47:41 +02:00
Rakefile
Vagrantfile Install libidn11-dev in Vagrant (#4238) 2017-07-18 00:31:43 +02:00
app.json Change logo URL for Heroku and Scalingo (#4476) 2017-08-01 05:59:11 +02:00
boxfile.yml [nanobox] Minor tweaks for 1.5 (#4395) 2017-07-27 15:13:32 +02:00
config.ru
docker-compose.yml Switch docker-compose to version 3. (#2747) 2017-05-04 15:56:05 +02:00
docker_entrypoint.sh Some Dockerfile improvements (#3182) 2017-05-20 20:01:05 +02:00
package.json Update react-intl to version 2.4.0 (#4820) 2017-09-06 16:25:19 +02:00
scalingo.json Change logo URL for Heroku and Scalingo (#4476) 2017-08-01 05:59:11 +02:00
yarn.lock Update react-intl to version 2.4.0 (#4820) 2017-09-06 16:25:19 +02:00

README.md

Mastodon

Build Status Code Climate

Mastodon is a free, open-source social network server. A decentralized solution to commercial platforms, it avoids the risks of a single company monopolizing your communication. Anyone can run Mastodon and participate in the social network seamlessly.

An alternative implementation of the GNU social project. Based on ActivityStreams, Webfinger, WebSub and Salmon.

Click on the screenshot to watch a demo of the UI:

Screenshot

The project focus is a clean REST API and a good user interface. Ruby on Rails is used for the back-end, while React.js and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.

If you would like, you can support the development of this project on Patreon. Alternatively, you can donate to this BTC address: 17j2g7vpgHhLuXhN4bueZFCvdxxieyRVWd

Resources

Features

  • Fully interoperable with GNU social and any OStatus platform Whatever implements Atom feeds, ActivityStreams, Salmon, WebSub and Webfinger is part of the network
  • Real-time timeline updates See the updates of people you're following appear in real-time in the UI via WebSockets
  • Federated thread resolving If someone you follow replies to a user unknown to the server, the server fetches the full thread so you can view it without leaving the UI
  • Media attachments like images and WebM Upload and view images and WebM videos attached to the updates
  • OAuth2 and a straightforward REST API Mastodon acts as an OAuth2 provider so 3rd party apps can use the API, which is RESTful and simple
  • Background processing for long-running tasks Mastodon tries to be as fast and responsive as possible, so all long-running tasks that can be delegated to background processing, are
  • Deployable via Docker You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy

Development

Please follow the development guide from the documentation repository.

Deployment

There are guides in the documentation repository for deploying on various platforms.

Contributing

You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository. Here are the guidelines for code contributions

IRC channel: #mastodon on irc.freenode.net

Extra credits

  • The Emoji One pack has been used for the emojis
  • The error page image courtesy of Dopatwo

Mastodon error image