fedi for pleroma and mastodon
fedi is open-source client for pleroma and mastodon social networks written using flutter.
pleroma and mastodon are parts of fediverse (decentralized social network). the main idea of fediverse – nobody owns fediverse. anybody can run their server instance and use it to communicate with other people.
so fedi is an open-source mobile client for social networks and has features similar to twitter.
follow us on fediverse [email protected]
features
- pleroma and mastodon support
- offline mode. access to cached data even without network
- custom emojis. with emoji reactions support on pleroma
- customizable home timelines
- multi-account support
- push notifications via pushrelayfcm and fcm
- supports receive and send share intends
- scheduled and draft statuses
- filters
- instance details, announcements, trends, activity history, limits
- day & night theme
- bookmarks, hashtags, lists, featured tags, suggestions
- messenger-like ui for conversations(dm) and pleroma chats
- customizable real-time notifications & timeline updates via websockets and push notifications
- fetch data from remote instances via public api. so you can access full data on remote instance if currently logged instance hasn’t synchronized all data yet
- a lot of settings options(global or per-instance). for example:
always show nsfw
orauto-load media content
- threads & polls
- special ui for media-only timelines
- mutes & blocks
- editing profile
- sign up support
coming soon
- admin api;
- support other fediverse instances: pixelfed, misskey, peertube, gnu social, friendica and others;
- pleroma: scrobbles, mascot and recently added new features;
- mastodon: recently added new features.
- adopt ui for large screens;
- display timelines from different instances on single home page(currently you should switch instances to see related data);
- remember timeline position via markers api;
- onboarding & tutorial. popular instances suggestions;
- a lot of minor ux improvements in backlog.
feel free to open issues if you have suggestions
known issues
- text is not selectable, but you can copy or share whole statuses
- instances with special chars like
ü
are not supported
data gathering
fedi doesn’t use any special analytics service to track users.
however fedi uses firebase services for pushnotifications(optional) and crashreporting(optional).
you can completely remove firebase via manual building from source.
crash reports via firebase crashlytics
fedi gathers crashes and non-fatal errors to make app more stable.
- you can build app from source and remove crashlytics library via .env config(details below)
- you can disable gathering via settings inside app(option is disabled by default)
push notifications
push notifications are implemented via pushrelayfcm server
pushrelayfcm is ruby on rails server which handles web pushes and relays them to fcm.
from 2.5.0
version fedi uses pushrelayfcm mode without decryption on server-side. so all private data is safe.
pushrelayfcm and fedi can work in two modes:
- without server-side decryption (
2.5.0
and newer) – relay simple proxy encrypted messages - with server-side decryption (before
2.5.0
) -decrypt messages and have access to notification content and useraccess_token
. it is not used from2.5.0
version, but is still supported in fedi(see below why you still may want to use it).
without server-side decryption way
(used in appstore/googleplay versions from 2.5.0
)
- fedi subscribes to
/api/v1/push/subscription
withsubscription[endpoint]
set to relay server url - instances send web push notifications to relay server
- pushrelayfcm doesn’t decrypt message
- pushrelayfcm proxies notifications to fedi app via fcm
- fedi doesn’t decrypt message and use fcm message with encrypted data as simple trigger to load latest notification via rest api (this will be improved in future releases)
- fedi displays notification
since pushrelayserver doesn’t know private decryption keys, it can’t access any private data.
pros
- doesn’t have access to user private data
- uses rich notifications layouts and actions provided by
awesome_notifications
cons
- delivery may be delayed. because pushrelayfcm sends fcm push message without
notification
(fcm calls it data message). readawesome_notifications
andfirebase_messaging
documentation for details. fedi uses:mutable_content=>true,
:content_available=>true,
:priority=>"high",
to increase delivery priority
why fedi doesn’t decrypt message on client-side?
because it is hard to implement with flutter. there are no 3rd party flutter libraries to decrypt ecdh
p256v1
by now.
it is possible to decrypt it in kotlin/swift and it will be done in the future.
with server-side decryption way
(it is not used in appstore/googleplay versions from 2.5.0
)
- fedi subscribes to
/api/v1/push/subscription
withsubscription[endpoint]
set to relay server url - instances send web push notifications to relay server
- pushrelayfcm decrypts notifications
- pushrelayfcm relays notifications to fedi app via fcm
- fedi displays notification
- pushrelayfcm has access to
title
,body
andaccess_token
access_token
is sensitive data. it is possible to login into your account if someone knowsaccess_token
pros
- faster push delivery. fcm message(notification type) with
notification.title
andnotification.body
, which has higher priority than message withoutnotification.title
¬ification.body
fields. actually it is more affects ios, than android. readawesome_notifications
andfirebase_messaging
documentation for details.
cons
- private data access is main reason why fedi moved to
without server-side decryption way
- doesn’t use rich notifications layouts and actions provided by
awesome_notifications
localization
app uses flutter_localization
api bundle with flutter sdk.
it uses .arb
files located in lib/l10n
and generates .dart
classes in /lib/generated/
folder.
after you make changes in .arb
files you should do additional actions to regenerate dart classes
- automatically via
flutter intl
plugin - manually via
flutter intl
package
completed
- english, russian
help translate fedi
- help translate fedi with weblate
- it is easy to suggest fixes even without registering
Comments are closed.