tl;dr โ you can now send me DMs. I blatently and unforgivingly abused the NodeBB chat system to make this work.
Ever since I started this project at the start of 2024, I knew that posts with limited visibility were going to be a sore spot. ActivityPub has the concept of "addressing", with the following valid entries:
- An actor (
as:Person
or similar) uri
- A followers collection (?!?!?!)
- The public collection
However, posts and topics in NodeBB have their privileges and access scoped to the category, which meant that while it is able to restrict visibility/posting/etc. to specific users, the system was not flexible enough to handle individual posts with different user visibilities.
Given that limitation, up until this week, if your object did not contain the public collection https://www.w3.org/ns/activitystreams#Public
, it was automatically and unceremoniously dropped because there was no way NodeBB could display it to the targeted user without leaking it to other users.
I had gone through a couple iterations to try to figure out a way to make this work, but none stuck (see the follow-up technical post for more details), and I had just about relegated it to the "think on this for awhile" pile until a recent post by @[email protected] got me thinking outside of the box:
and your forums, direct messages, and inbox can have different feature sets.
Emphasis mine.
Unlike topics and posts, NodeBB's chat system is not constrained by the privilege system, and each chat room has its own collection of members, which in many ways made it a better fit!
I put together a proof-of-concept in a couple days, and we're test driving it now. So my apologies if in the past year you tried to DM me, and I didn't respond. I wasn't ignoring you, NodeBB just didn't know how to handle it, promise!
It would be nice if Direct Messages (DMs) or Private Messages (PMs) were treated like email and only sent to the people you are sending it to.
But generally, on most platforms, if you mention someone in the top level post, they are assumed to be on the recipient list. (Note, some platforms, like Mastodon, treat every post as if it were a top level post.)
Hubzilla has more privacy features, which prevents your messages from leaking to others, but part of that is because we use the Zot protocol between Hubzilla instances, and can set privacy at the thread level (i.e. the permissions of the top level post is the permissions for the entire thread).
When the same conversation is sent via ActivityPub, we lose a lot of control over the privacy of that post. We can and do address it to specific recipients, but other platforms don't have the same types of access controls, which means we can't enforce the access control list for that conversation on those platforms.