Fediverse Development
just small circles 🕊
Fediverse Development and 1 other boosted

We're excited to announce the release of BotKit 0.3.0! This release marks a significant milestone as #BotKit now supports #Node.js alongside #Deno, making it accessible to a wider audience. The minimum required Node.js version is 22.0.0. This dual-runtime support means you can now choose your preferred #JavaScript runtime while building #ActivityPub #bots with the same powerful BotKit APIs.

One of the most requested features has landed: poll support! You can now create interactive polls in your #bot messages, allowing followers to vote on questions with single or multiple-choice options. Polls are represented as ActivityPub Question objects with proper expiration times, and your bot can react to votes through the new onVote event handler. This feature enhances engagement possibilities and brings BotKit to feature parity with major #fediverse platforms like Mastodon and Misskey.

// Create a poll with multiple choicesawait session.publish(textWhat&#39;s your favorite programming language?, { class: Question, poll: { multiple: true, // Allow multiple selections options: ["JavaScript", "TypeScript", "Python", "Rust"], endTime: Temporal.Now.instant().add({ hours: 24 }), },});// Handle votesbot.onVote = async (session, vote) => { console.log(</span><span>${</span><span>vote</span><span>.</span><span>actor</span><span>}</span><span> voted for &quot;</span><span>${</span><span>vote</span><span>.</span><span>option</span><span>}</span><span>&quot;);};

The web frontend has been enhanced with a new followers page, thanks to the contribution from Hyeonseo Kim (@gaebalgom)! The /followers route now displays a paginated list of your bot's followers, and the follower count on the main profile page is now clickable, providing better visibility into your bot's audience. This improvement makes the web interface more complete and user-friendly.

For developers looking for alternative storage backends, we've introduced the SqliteRepository through the new @fedify/botkit-sqlite package. This provides a production-ready SQLite-based storage solution with ACID compliance, write-ahead logging (WAL) for optimal performance, and proper indexing. Additionally, the new @fedify/botkit/repository module offers MemoryCachedRepository for adding an in-memory cache layer on top of any repository implementation, improving read performance for frequently accessed data.

This release also includes an important security update: we've upgraded to #Fedify 1.8.8, ensuring your bots stay secure and compatible with the latest ActivityPub standards. The repository pattern has been expanded with new interfaces and types like RepositoryGetMessagesOptions, RepositoryGetFollowersOptions, and proper support for polls storage through the KvStoreRepositoryPrefixes.polls option, providing more flexibility for custom implementations.

#fedidev

We're excited to announce the release of BotKit 0.3.0! This release marks a significant milestone as #BotKit now supports #Node.js alongside #Deno, making it accessible to a wider audience. The minimum required Node.js version is 22.0.0. This dual-runtime support means you can now choose your preferred #JavaScript runtime while building #ActivityPub #bots with the same powerful BotKit APIs.

One of the most requested features has landed: poll support! You can now create interactive polls in your #bot messages, allowing followers to vote on questions with single or multiple-choice options. Polls are represented as ActivityPub Question objects with proper expiration times, and your bot can react to votes through the new onVote event handler. This feature enhances engagement possibilities and brings BotKit to feature parity with major #fediverse platforms like Mastodon and Misskey.

// Create a poll with multiple choicesawait session.publish(textWhat&#39;s your favorite programming language?, { class: Question, poll: { multiple: true, // Allow multiple selections options: ["JavaScript", "TypeScript", "Python", "Rust"], endTime: Temporal.Now.instant().add({ hours: 24 }), },});// Handle votesbot.onVote = async (session, vote) => { console.log(</span><span>${</span><span>vote</span><span>.</span><span>actor</span><span>}</span><span> voted for &quot;</span><span>${</span><span>vote</span><span>.</span><span>option</span><span>}</span><span>&quot;);};

The web frontend has been enhanced with a new followers page, thanks to the contribution from Hyeonseo Kim (@gaebalgom)! The /followers route now displays a paginated list of your bot's followers, and the follower count on the main profile page is now clickable, providing better visibility into your bot's audience. This improvement makes the web interface more complete and user-friendly.

For developers looking for alternative storage backends, we've introduced the SqliteRepository through the new @fedify/botkit-sqlite package. This provides a production-ready SQLite-based storage solution with ACID compliance, write-ahead logging (WAL) for optimal performance, and proper indexing. Additionally, the new @fedify/botkit/repository module offers MemoryCachedRepository for adding an in-memory cache layer on top of any repository implementation, improving read performance for frequently accessed data.

This release also includes an important security update: we've upgraded to #Fedify 1.8.8, ensuring your bots stay secure and compatible with the latest ActivityPub standards. The repository pattern has been expanded with new interfaces and types like RepositoryGetMessagesOptions, RepositoryGetFollowersOptions, and proper support for polls storage through the KvStoreRepositoryPrefixes.polls option, providing more flexibility for custom implementations.

#fedidev

botsin.space, and bot hosting on Glitch (thanks Fastly);

botwiki.org/blog/a-decade-of-b

I discovered botwiki through a web search, after finding the tombstone on botsin.space. Thanks to @stefan for the blog posts there about all this, and the link to the detailed postmortem by the founder and admin of botsin.space;
muffinlabs.com/posts/2024/12/2

Lots to think about in there.

Julio J.
Julio J. boosted

No sé muy bien cómo comenzó mi afición por hacer #bots. Es verdad que son un buen ejercicio de #programación, y hay pocas cosas que me gusten más que programar. Además, sirven para divulgar las cosas que me gustan y denunciar las que no.
Cuando hablo de bots, me refiero a cuentas automatizadas que postean regularmente sobre un tema en concreto. Algunos también responden cuando se les menciona.
Voy a hacer un hilo repasando todos mis bots, ordenados según el número de seguidores.
¡Dentro hilo! 👇

No sé muy bien cómo comenzó mi afición por hacer #bots. Es verdad que son un buen ejercicio de #programación, y hay pocas cosas que me gusten más que programar. Además, sirven para divulgar las cosas que me gustan y denunciar las que no.
Cuando hablo de bots, me refiero a cuentas automatizadas que postean regularmente sobre un tema en concreto. Algunos también responden cuando se les menciona.
Voy a hacer un hilo repasando todos mis bots, ordenados según el número de seguidores.
¡Dentro hilo! 👇

And it's not like people and espechally businesses are unwilling to pay for good tools, cuz not only is HootSuite still around, but @tapbots, who made the excellent TweetBot nowadays make @ivory, an excellent #ActivityPub client with focus on #Mastodon that people are willing to pay a #subscription for!

  • And from what I could see from users who pay for it, they are not just happy, but it also looks and feels better than #TweetDeck in it's golden days...

https://tapbots.com/ivory/

Like: There's not much of a technical reason something similar to @zulip 's #TUI - based client could exit.

If people can build #bots for shite like #discord, #Telegram, etc. then why not make an actually good client ???

Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:

20.171.207.41 GPTBot/1.2
85.208.96.211 SemrushBot/7~bl
54.36.148.64 AhrefsBot/7.0
114.119.139.53 PetalBot

With GPTBot and SemrushBot attacking hardest blobcatscared

They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack blobcatfearful Well, in a sense it is one blobcatnotlikethis

Watch out - it seems corporate AI techbros learned to scrape forgejo content and starts doing it on a massive scale blobcatoutage Remember when @Codeberg was (and repeatedly is) hit?

For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough blobcatumm

Please boost for visibility and be prepared!

#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos

🫠 Brave new goo

「 Google is essentially training bots to communicate with each other and execute tasks, including financial transactions. As Semafor notes, that protocol will likely be the first step in building a brave new ad industry where AI agents become the consumer, since humans have delegated such menial tasks like "buying stuff" to them 」

https://futurism.com/ai-ads-targeting-bots

#ai #bots #advertising

Attention server admins! Yesterday I've read a post by @simon_brooke how nasty AI scraper bots are attacking his self-hosted @forgejo instance. Soon after I'm seeing unusual, periodic traffic spikes on mine and again - dominated by OpenAI, but some other freeloaders too:

20.171.207.41 GPTBot/1.2
85.208.96.211 SemrushBot/7~bl
54.36.148.64 AhrefsBot/7.0
114.119.139.53 PetalBot

With GPTBot and SemrushBot attacking hardest blobcatscared

They've been hammering my little server periodically today as well, slowing down my instance dramatically as if I was experiencing malicious DDoS attack blobcatfearful Well, in a sense it is one blobcatnotlikethis

Watch out - it seems corporate AI techbros learned to scrape forgejo content and starts doing it on a massive scale blobcatoutage Remember when @Codeberg was (and repeatedly is) hit?

For now blocked IP ranges and User-Agent combinations, not sure for how long that will be enough blobcatumm

Please boost for visibility and be prepared!

#forgejo #developerlife #coding #attack #techbros #aislop #openai #bots #ddos

I noticed that a lot of the crawlers/bots we see on www.bbc.co.uk & www.bbc.com are spoofed e.g. a "Meta" crawler coming from 10s of different small ISPs across the world (the real one comes from a Meta ASN).
I deployed a change this morning which adds source ASN validation (alongside user-agent string analysis) to our "known crawlers/bots" classifier & well, the results speak for themselves. Attached graphs show RPS from "known crawlers/bots" to www.bbc.co.uk & www.bbc.com.
#WebDev#BBC#Bots

There's a lot that could still be improved in #swad, but I don't get that "proof of work" idea out of my mind, so I started a branch to work on it:

https://github.com/Zirias/swad/pull/1

I really think it makes sense when you want some publicly known "guest login" which is still protected against #bots. Not sure yet whether this will succeed, we will see!

It certainly won't be as "fancy" as #anubis, but do the same thing functionally: Require the client to find a #nonce that, combined with a server-provided #challenge, hashes to something with 'n' leading zeros using #sha256. In contrast to anubis, swad won't have to proxy everything (but rely on nginx' auth_request), and no challenge will be issued when the user logs in with credentials some other credentials checker accepts.

I want you to meet Anubis
This is a wonderful tool, a powerful program designed against artificial intelligence large language models theft of resources.

It's not perfect, it's not finished this is an ongoing onslaught by the LLM Bots

https://anubis.techaro.lol/

#DDoS#LLM #bots #infosec#OpenAI#Linux#KDE#GitHub#GitLab #sh#AI
🖋️ #bash#MX #mxLinux #sh #zsh #ksh #csh #tksh #fish   #distro#Linux#POSIX   #fresh #programming

The screencap shows a CAPTCHA screen with a black background. At the top, there is a message in yellow text that reads "Making sure you're not a bot!" Below this, there is an illustration of a cartoon character with brown hair, cat-like ears, and a white nurse's hat with a red cross (Anime). The character is holding a magnifying glass and making a thumbs-up gesture. The text below the illustration states "Calculating... Difficulty: 4, Speed: 8.829kH/s." A progress bar is shown, indicating the CAPTCHA is being processed. At the bottom, there is a link to the website "anubis.techaro.lol" with a note that the site is protected by Anubis from Techaro, made with love in Canada. The time on the device is 00:40, and the battery is at 84%.

 Ovis2-8B

🌱 Energy used: 0.221 Wh
The screencap shows a CAPTCHA screen with a black background. At the top, there is a message in yellow text that reads "Making sure you're not a bot!" Below this, there is an illustration of a cartoon character with brown hair, cat-like ears, and a white nurse's hat with a red cross (Anime). The character is holding a magnifying glass and making a thumbs-up gesture. The text below the illustration states "Calculating... Difficulty: 4, Speed: 8.829kH/s." A progress bar is shown, indicating the CAPTCHA is being processed. At the bottom, there is a link to the website "anubis.techaro.lol" with a note that the site is protected by Anubis from Techaro, made with love in Canada. The time on the device is 00:40, and the battery is at 84%. Ovis2-8B 🌱 Energy used: 0.221 Wh
The screencap shows a  a blog post on an Android
The post is titled "Amazon's AI crawler is making my git server unstable" and is published on January 17, 2025, with 361 words and an estimated reading time of 2 minutes. The author requests that the crawler stops. Below the title, there is an edit note dated March 26, 2025, at 14:27 UTC, stating that Anubis has become a full-fledged project with a documentation site. The author asks for donations to their Patreon account to support their work, specifically for "not having to do my dayjob fund." The blog post is displayed on a dark background with white text, and the navigation bar at the top includes options such as "Blog," "Contact," "Resume," "Talks," "Xecast," and "Signalboost." The author's name, "Xe," is highlighted in pink. The status bar at the top of the screen shows the time as 00:53, the battery level at 83%, and the network signal strength.

 Ovis2-8B

🌱 Energy used: 0.272 Wh
The screencap shows a a blog post on an Android The post is titled "Amazon's AI crawler is making my git server unstable" and is published on January 17, 2025, with 361 words and an estimated reading time of 2 minutes. The author requests that the crawler stops. Below the title, there is an edit note dated March 26, 2025, at 14:27 UTC, stating that Anubis has become a full-fledged project with a documentation site. The author asks for donations to their Patreon account to support their work, specifically for "not having to do my dayjob fund." The blog post is displayed on a dark background with white text, and the navigation bar at the top includes options such as "Blog," "Contact," "Resume," "Talks," "Xecast," and "Signalboost." The author's name, "Xe," is highlighted in pink. The status bar at the top of the screen shows the time as 00:53, the battery level at 83%, and the network signal strength. Ovis2-8B 🌱 Energy used: 0.272 Wh

I want you to meet Anubis
This is a wonderful tool, a powerful program designed against artificial intelligence large language models theft of resources.

It's not perfect, it's not finished this is an ongoing onslaught by the LLM Bots

https://anubis.techaro.lol/

#DDoS#LLM #bots #infosec#OpenAI#Linux#KDE#GitHub#GitLab #sh#AI
🖋️ #bash#MX #mxLinux #sh #zsh #ksh #csh #tksh #fish   #distro#Linux#POSIX   #fresh #programming

The screencap shows a CAPTCHA screen with a black background. At the top, there is a message in yellow text that reads "Making sure you're not a bot!" Below this, there is an illustration of a cartoon character with brown hair, cat-like ears, and a white nurse's hat with a red cross (Anime). The character is holding a magnifying glass and making a thumbs-up gesture. The text below the illustration states "Calculating... Difficulty: 4, Speed: 8.829kH/s." A progress bar is shown, indicating the CAPTCHA is being processed. At the bottom, there is a link to the website "anubis.techaro.lol" with a note that the site is protected by Anubis from Techaro, made with love in Canada. The time on the device is 00:40, and the battery is at 84%.

 Ovis2-8B

🌱 Energy used: 0.221 Wh
The screencap shows a CAPTCHA screen with a black background. At the top, there is a message in yellow text that reads "Making sure you're not a bot!" Below this, there is an illustration of a cartoon character with brown hair, cat-like ears, and a white nurse's hat with a red cross (Anime). The character is holding a magnifying glass and making a thumbs-up gesture. The text below the illustration states "Calculating... Difficulty: 4, Speed: 8.829kH/s." A progress bar is shown, indicating the CAPTCHA is being processed. At the bottom, there is a link to the website "anubis.techaro.lol" with a note that the site is protected by Anubis from Techaro, made with love in Canada. The time on the device is 00:40, and the battery is at 84%. Ovis2-8B 🌱 Energy used: 0.221 Wh

I have just taken the time to thoroughly read the following article

This article has led me to the conclusion that an Open{source} War will have to be waged against LLM large language model abusers of data collection.

The work of these bots is pure DDoS denial of service. An interesting set of offensive tools have been programmed and are already implemented. They have proven to be quite effective and are being refined into sophistication to literally work to knock these networks of bots offline, in a DOT MMORPG approach.

It is unthinkable that LLM bots steal our Open Source resources servers bandwidth and financial cashflow without serious repercussions!

WTF are LLM companies thinking? Even Meta has waged war against us!

LLM has waged a brutal war.

The Open Source Community is responding; even those at The Dark Side of the internet are making tools to assist everyone against Artificial Intelligence LLM DDoS attacks, which knock whole Open Source Networks offline, as we speak.

It doesn't matter if in the end it looks like a Terminator landscape globally on the IT scale. Open source will win. LLM will disappear...

#DDoS#LLM #bots #infosec#OpenAI#Linux#KDE#GitHub#GitLab#Bash #sh #programming#AI

The composition is a screencap of a news article displayed on an Android  device. The article's headline reads, "Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries." Below the headline, a subheading states, "AI bots hungry for data are taking down FOSS sites by accident, but humans are fighting back." The author's name, Benj Edwards, and the publication date, March 25, 2025, are displayed, along with the time, 6:36 PM, and the number of comments, 147.

The article's first paragraph discusses a software developer named Xe laso, who reached a breaking point when aggressive AI crawler traffic from Amazon overwhelmed their Git repository service, causing instability and downtime. Despite configuring standard defensive measures, such as adjusting robots.txt and blocking known crawler user-agents, the issue persisted.

The image accompanying the article shows a person sitting on a floral-patterned couch, working on a laptop. The person is partially submerged in water, with their legs visible above the waterline. The background includes a bookshelf with books and a potted plant, and the person is wearing a dark top and blue jeans with rolled-up cuffs. The credit for the image is given to Henrik Sorensen via Getty Images.

 Ovis2-8B

🌱 Energy used: 0.299 Wh
The composition is a screencap of a news article displayed on an Android device. The article's headline reads, "Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries." Below the headline, a subheading states, "AI bots hungry for data are taking down FOSS sites by accident, but humans are fighting back." The author's name, Benj Edwards, and the publication date, March 25, 2025, are displayed, along with the time, 6:36 PM, and the number of comments, 147. The article's first paragraph discusses a software developer named Xe laso, who reached a breaking point when aggressive AI crawler traffic from Amazon overwhelmed their Git repository service, causing instability and downtime. Despite configuring standard defensive measures, such as adjusting robots.txt and blocking known crawler user-agents, the issue persisted. The image accompanying the article shows a person sitting on a floral-patterned couch, working on a laptop. The person is partially submerged in water, with their legs visible above the waterline. The background includes a bookshelf with books and a potted plant, and the person is wearing a dark top and blue jeans with rolled-up cuffs. The credit for the image is given to Henrik Sorensen via Getty Images. Ovis2-8B 🌱 Energy used: 0.299 Wh