Open levlaz opened 4 months ago
Hey, @levlaz, thank you for reaching out to me about this!
Fedidevs does create an app with more permissions than it currently needs. I implemented it this way because, as far as I can tell from reading the Mastodon API docs, Mastodon doesn't have an API to update the app once it is created.
Here's a PR that limits the permissions to what's currently needed: https://github.com/anze3db/fedidevs/pull/51. This works, but when I add a new feature that might require additional permission, I'll have to create a brand-new app on every instance.
When I initially implemented this, my judgment call was that it's better to have one app with more permissions than potentially creating multiple apps on every server. If this was the wrong call, let me know and I'll fix it by merging the PR.
PS: I don't have a lobste.rs account, so I can't respond to that thread, but I would really appreciate hearing bkhl's feedback on my dilemma of potentially creating multiple apps on every instance.
I’m happy to invite you, I think it’s worth joining because that’s where a lot of people who care about this kind of stuff hang out :)
should I use the email from your personal site?
Lev Lazinskiy m: 415.470.2142 e: @.*** linkedin icon download 16x16 - square ( https://www.linkedin.com/in/levlaz/ )
On Mon, Jun 17 2024 at 19:23, Anže Pečar < @.*** > wrote:
Hey, @levlaz ( https://github.com/levlaz ) , thank you for reaching out to me about this!
Fedidevs does create an app with more permissions than it currently needs. I implemented it this way because, as far as I can tell from reading the Mastodon API docs ( https://docs.joinmastodon.org/methods/apps/ ) , Mastodon doesn't have an API to update the app once it is created.
Here's a PR that limits the permissions to what's currently needed: #51 ( https://github.com/anze3db/fedidevs/pull/51 ). This works, but when I add a new feature that might require additional permission, I'll have to create a brand-new app on every instance.
When I initially implemented this, my judgment call was that it's better to have one app with more permissions than potentially creating multiple apps on every server. If this was the wrong call, let me know and I'll fix it by merging the PR.
PS: I don't have a lobste.rs account, so I can't respond to that thread, but I would really appreciate hearing bkhl ( https://lobste.rs/~bkhl ) 's feedback on my dilemma of potentially creating multiple apps on every instance.
— Reply to this email directly, view it on GitHub ( https://github.com/anze3db/fedidevs/issues/50#issuecomment-2174610656 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/AB44P2CYNXKHLZ5ZFR4BSN3ZH5VYTAVCNFSM6AAAAABJOXA2DOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNZUGYYTANRVGY ). You are receiving this because you were mentioned. Message ID: <anze3db/fedidevs/issues/50/2174610656 @ github. com>
Oh, yeah, please send the invite to my personal email: anze AT pecar DOT me. Thanks! ❤️
Just sent the invite!
Conversation happening here https://lobste.rs/s/qp7idv/easy_way_find_other_developers_at_tech#c_xqi3yp
User reports that there is a discrepancy between the permissions that an instance asks for and the ones that it gets when someone authorizes with Fedidevs.