Open bovergaauw opened 1 year ago
Why is the Mastodon app calling api.joinmastodon.org?
This is the server catalog.
Would it be possible to change the Mastodon app to make such calls optional, preferably opt-in, or allow the user to define another server that would allow the removal of the anti-feature (even though that may not make much sense)?
This app is intended for new, non-technical users for whom the entire concept of a decentralized social media platform is new. Unleashing this on them would just alienate them. There are more advanced apps for more advanced users.
Can anyone tell me how to get in contact with the person(s) maintaining the code that's being used on api.joinmastodon.org to handle the Mastodon app's calls?
I believe what you're looking for is here: https://github.com/mastodon/joinmastodon-api
And actually, I believe that anti-feature was initially added because the app supports push notifications via FCM. Sure, it only does that on devices that have Google services or their substitute like microG, but that was enough for them. It's first time I'm hearing about API calls to joinmastodon.org being related to that.
Considering it in the best interest of both the Mastodon app and F-Droid to eliminate this label
It is not.
Thanks for your rapid response.
This app is intended for new, non-technical users for whom the entire concept of a decentralized social media platform is new. Unleashing this on them would just alienate them. There are more advanced apps for more advanced users.
Does this mean that the app never calls api.joinmastodon.org if the user goes directly to "Log In"?
I believe what you're looking for is here: https://github.com/mastodon/joinmastodon-api
Thanks, I'll check.
And actually, I believe that anti-feature was initially added because the app supports push notifications via FCM. Sure, it only does that on devices that have Google services or their substitute like microG, but that was enough for them. It's first time I'm hearing about API calls to joinmastodon.org being related to that.
I'll raise the issue with them, and will keep you informed if you like
Considering it in the best interest of both the Mastodon app and F-Droid to eliminate this label
It is not.
You lost me there... Can you develop a bit more please?
Seems like https://github.com/mastodon/joinmastodon-api leads to a 404 :thinking:
Does this mean that the app never calls api.joinmastodon.org if the user goes directly to "Log In"?
It does still call it to obtain the list of servers for suggestions that appear as you type so you won't have to type the complete domain of the server if it's on that list. I don't see any issue with that.
You lost me there... Can you develop a bit more please?
We don't care about F-Droid much. Being on there falls into nice to have category, but there will be no engineering effort spent on F-Droid-related issues specifically. The primary distribution channel for the app is Google Play, the secondary is the releases section in this repo (those builds come with self-update functionality).
Seems like https://github.com/mastodon/joinmastodon-api leads to a 404 🤔
Oops, I didn't notice that it's a private repository. I have no idea why it is private.
Thanks for your responses.
Seems like https://github.com/mastodon/joinmastodon-api leads to a 404 🤔
Oops, I didn't notice that it's a private repository. I have no idea why it is private.
Can you tell me who to contact?
@grishka
It's first time I'm hearing about API calls to joinmastodon.org being related to that.
My brother, you were part of the discussion actively for months, why lie about that?
Ref: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/10909
Ref: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/11874
It was explained multiple times:
since you can't avoid connecting to api.joinmastodon.org and the Terms&Policies of this site are not available for the user to read and reject
The antifeature has clear terms: https://f-droid.org/docs/Anti-Features/#NonFreeNet
"This antifeature would not apply, if there is a simple configuration option that allows pointing the app to a running instance of an alternative, publicly available, self-hostable, free software server solution."
We don't care about F-Droid much.
Finally some truth
My brother, you were part of the discussion actively for months, why lie about that?
I re-read it and I assumed that case was closed because
server.tld_userID
. That wasn't very good privacy-wise. I changed them to random strings. So now joinmastodon.org only sees the user's IP address (obviously) and their server's domain (that's where the notifications come from).The Google connections were part of it, true.
But the elephant mastodon in the room is the ever connecting, proprietary, ToS less, Privacy Policy less, hard-coded server named api dot blahblah
Why does there need to be ToS and a privacy policy for a read-only API? I'm genuinely curious.
Cookies? The OkHttp library I'm using for HTTP client doesn't even support them out of the box.
I'm trying to look at all sides, and am starting to re-pose myself some of these questions, in particular: What harm can it do to contact a non-free read-only API? I thought about tracking, but even if the target page itself would be FOSS and doesn't process any request data, other software on the server could still process the httpd log data. Cookies might be an issue, but wouldn't any (harmful) processing be visible in the app's source code? I don't have the answers, so I'm genuinely looking for information to make up my mind.
The Mastodon app is labeled on F-Droid as having the anti-feature " "This app promotes or depends entirely on a non-free network service". After some discussion with the people on the F-Droid forum I found out that this is due to the fact that the app automatically calls a hard-coded address on api.joinmastodon.org. Considering it in the best interest of both the Mastodon app and F-Droid to eliminate this label, I have several questions:
For more information of the discussion leading me to open this issue, you can read the following topic on theF-Droid forum: https://forum.f-droid.org/t/mastodon-anti-features/22327