jdev - 2026-01-06

jjj333_p (any pronouns), resource parts as a nickname is the single most annoying thing I've encountered when making bridges

exciting!

https://codeberg.org/slidge/slidge/src/branch/main/slidge/group/participant.py#L561 this is what I do in slidge, which looks weird but seems to work so I have not touched it in a while xD

for now ive settled for replacing non-ascii with `_` however that means i cant use the matrix library's native thing to append the mxid for duplicate usernames because it could converge

ill look at that

basically, if slixmpp does not validate, I punycode the nick

and include a <nick> element with the proper nick in the presences

which is something cheogram supports <https://wiki.soprani.ca/CheogramApp/Nickname>

and gajim may one day if I manage to finish that <https://dev.gajim.org/gajim/gajim/-/merge_requests/999>

alright good to know

now I just had reports yesterday that whatsapp seems to allow newlines in nicknames, which crashes slidge-whatsapp, so I need to add at least one more thing in there xD

my hope was to essentially strip everything over unicode 3.2 and replace it with like the unicode escape sequence or something, however that seems to still not pass stringprep so im unsure

> now I just had reports yesterday that whatsapp seems to allow newlines in nicknames, which crashes slidge-whatsapp, so I need to add at least one more thing in there xD oh boy! im bridging matrix (room to muc bridge) which iirc allows practically freeform nicks which could very easily cause issues ↺

it would suck for ux, but i almost wonder if maybe if the displayname doesnt pass stringprep i should just fallback to some hash or maybe display the mxid (since matrix has no semianon anyways)

some server implementations (synapse) let you have any chars in your localpart if you modify the validation, however other instances will reject it and the spec is unclear so i feel like it would be safe to just display an error in such cases (this was a cause of many state diverges back when i was a lot more in matrix)

I think the cheogram approach is fine, punycoded nick in other clients look a bit weird but it's still readable.

> my hope was to essentially strip everything over unicode 3.2 and replace it with like the unicode escape sequence or something, however that seems to still not pass stringprep so im unsure you can try this first, then revalidate, and if it does not pass maybe you fallback to the mxid? ↺

> I think the cheogram approach is fine, punycoded nick in other clients look a bit weird but it's still readable. yesyes, but still need some unique resourcepart ↺

my worry with punnycode is that it wouldnt be unique, but i dont really know what punny code is tbh 😅

i more worry about matrix displaynames can be any length such that it doesnt go over the event size limit iirc

in slidge, after escaping, I check whether the escaped nick is available or not, if it isn't, I add the matrix ID (the nice looking one) in brackets after the nick

> in slidge, after escaping, I check whether the escaped nick is available or not, if it isn't, I add the matrix ID (the nice looking one) in brackets after the nick thats kinda what the matrix library im using rn does, however i still need to set up a matrix server and use a proper appservice library ↺

i suppose i could do that manually

then ultimate fallback is some uuid in brackets, but I don't think this is ever reached, I just let it because PTSD of making it work xD

which would work with the collisions after sanitization

> thats kinda what the matrix library im using rn does, however i still need to set up a matrix server and use a proper appservice library I have not cleaned and pushed it but I managed to set up a containerised local only matrix server at some point for matridge ↺

> I have not cleaned and pushed it but I managed to set up a containerised local only matrix server at some point for matridge i used to host dendrite, currently im testing in prod on a public room i have lol. im creating this bridge out of a need that i have so already what half functioning pre-alpha there is, is better than nothing ↺

then you know better than me :)

i do know two people who have offered to let me use their server, however idr if appservices like being run from not localhost (i.e. can it be set to use https for the internal back and forth?)

no idea 🤷‍♀️

I also should re-evaluate what im doing for matrix -> xmpp media. Currently im acting as a blind proxy but thats proven to be buggy, laggy, and probably not a good long term or short term solution. I dont like the idea of storing media much either though perhaps it expires after a certain amount of time after the last request and then it can be redownloaded if needed?

(xmpp -> matrix was quite easy, i just blindly redirect the media federation request as per the matrix spec to the xmpp media url which i store in the db) ✏

> my worry with punnycode is that it wouldnt be unique, but i dont really know what punny code is tbh 😅 oh now that i looked it up, this concern is gone ↺

> I also should re-evaluate what im doing for matrix -> xmpp media. Currently im acting as a blind proxy but thats proven to be buggy, laggy, and probably not a good long term or short term solution. I dont like the idea of storing media much either though perhaps it expires after a certain amount of time after the last request and then it can be redownloaded if needed? in matridge, media is fetched and stored, unless a specific setting is set and the media is not encrypted (then slidge just attaches the original URL in <oob>) ↺

fetching on demand + caching + some expiration rules and limits would be nicer IMHO, I may implement it at some point, although it's not on high on my priority list since it's not an issue for me in practice, current behaviour is good enough

it would be nice to have for huge attachments though, which exist in telegram because some people use that to sail the high seas

🎥 🏴‍☠️

my main priority is trying to store message ids alongside media urls/paths and bridging moderation actions so that way illicit media can be removed automatically

since both matrix and xmpp have issues with message removal not always working, and matrix has a pretty large csam issue currently

🤢

part of why im so hesitant to store media at all

the more i can claim "blind proxy" the better, and then still shut down links quickly

fortunately I have not received or seen such horrors through my matridge instance, I guess I would have stopped it until I make it possible for slidge to remove media, which it currently doesn't

I have a cronjob to delete media > 3 days on my tiny tiny VPS though

I've also been hesitant to figure out bridging avatars as well for this reason

I should not have read this channel this morning now I want to pass a CSAM detection thing on my slidge cached avatars 😬

fwiw csam in the avatar isnt super common, however general nsfw is

lol punnycode doesnt even fix the sample username im trying to bridge

https://downloadable.pain.agency/file_share/019b91fb-9058-7ec7-b58b-cca23c1fbc60/6bcc0d83-5c3a-4100-b170-baad0dac8dad.png

doesn't look punycoded? I use `escaped = unescaped.encode("punycode").decode()`

<https://codeberg.org/slidge/slidge/src/branch/main/slidge/group/participant.py#L569>

my bad i was using a different library

https://pypi.org/project/pyunycode/

huh. I think stdlib got it covered

https://downloadable.pain.agency/file_share/019b91ff-4391-7d5b-91cc-08bd529110ac/d00571cc-c30a-4389-8e79-577f4c88e581.png

really strange encoding, but works well enough

mb, i always forget to look in stdlib first

that's more like it. ugly, but allowed to stop losing hair on those resource parts and keep on working on other more fun stuff xD

https://downloadable.pain.agency/file_share/019b9200-684c-7938-ae75-a01d3354489b/041fbe20-9037-4458-8d87-e1f660fa6826.png

yep it works for the original displayname

my only remaining concern is with the mod_muc_limits i have set to limit resourceparts to 100 chars, but i suppose thats an edge case its fine to just have the bridge display an error

interesting, this displayname gets a - appended to the end of it ```json "content": { "avatar_url": "mxc://maunium.net/zsYtNqavupxLVmLwmjwuPBCW", "displayname": "XKCD", "membership": "join" } ```

oh all nicknames do 🤔

punycode only if it does not pass validation in the first place

oh, thats a good point. i just did a .removesuffix

i'll just lift what youve done in slidge atp lol

Dears, it's easy to make a very naïve login page for a Converse.js chat (as normal fullscreen client for a small private XMPP server). Just a login form, and on submit pass jid and password to `initialize()`, done. But when I reload the page, I'm on the login form again. Does someone has a kind of "minimal example" for a custom login page? Thank you for any link! ✏

Hi, I’m Mehedi Hasan Palash. I’m interested in the Memberbot modernization GSoC idea (Secret ballot #14). is anyone here interested in mentoring this project, or could point me to the right person? I’d love to start contributing and discuss next steps.

Hi revonloch! Welcome. I guess that you found this task in the GitHub repository? https://github.com/xsf/memberbot/issues/14

I'm not sure if this was intended as a GSoC idea. What does make you think it is?

On first glance, I see two issues: a) I'm not sure who'd be an appropriate mentor, b) I'm not sure if the amount of work that's involved would be sufficient for an entire GSoC project.

Hello Guus, Yes, this is the issue. I have found this here: https://wiki.xmpp.org/web/Google_Summer_of_Code_2026 actually.

On top of that: I'm not sure where this feature request comes from. I do not recognize the author of that issue, and I've not witnessed this being discussed. Although additional features that improve trust and auditability are typically desirable, they also add to the complexity and maintainability of the project.

Ah, that page is helpful, thanks. It appears that Benson Muite added that idea to the page. I would talk to them first to find out more about this!

You can find his contact information on https://wiki.xmpp.org/web/Benson_Muite_Application_2025

Oww, thank you. I am checking out the info. Also can I add issue in this project to continue like a read me file or something like this?

I am not sure what you mean.

I mean, can I improve the readme file of the Memberbot repo as a starter task? ✏

It's an open source project that will gladly accept any improvement.

Thank you.

Good luck!

Btw. I absolutely *love* the page design: https://kichakatokizito.solutions/

You're not supposed to have `<ul>` as a child of `<p>` I think?

Only 18 lines of pure HTML and it's not valid, so sad :'(

there are no rules anymore in html5 ;)

not true

Joke flew over your head and landed in JFK

well, rather there is an algorithm that says what to do in all cases making everything have a well defined result. which is not quite no rules but yeah

ATTICA ATTICA