
Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
Bovine is a basic utility library for the Fediverse. It can be used both to build ActivityPub Client applications and ActivityPub Servers. In addition to ActivityPub support, it also provides utilities to deal with webfinger, nodeinfo, and HTTP Signatures.
The bovine library can just be installed via pip
pip install bovine
Documentation including tutorials is available at ReadTheDocs.
Using the bovine docker image, the following docker compose file, and a service such as ngrok allowing one to expose a local port to the internet, one can create a python shell that allows one to use bovine to interact with the Fediverse
services:
bovine:
image: helgekr/bovine
environment:
- "BOVINE_TEST_HOSTNAME=${NGROK_HOSTNAME}"
- "BOVINE_TEST_PROTOCOL=https"
volumes: ["bovine_shared:/bovine"]
ports: ["5000:80"]
command: python -mbovine.testing serve --port 80 --reload --save_config=/bovine/config.toml
repl:
image: helgekr/bovine
command: python -mbovine.testing shell --load_config=/bovine/config.toml
depends_on: [bovine]
profiles: ["repl"]
volumes: ["bovine_shared:/bovine"]
volumes:
bovine_shared:
When using ngrok with ngrok http 5000
, you can directly run the above file via
NGROK_HOSTNAME=$(curl --silent http://127.0.0.1:4040/api/tunnels | jq '.tunnels[0].public_url' | sed "s|https://||g" | sed 's|"||g') docker compose run repl
otherwise you will have to set the variable BOVINE_TEST_HOSTNAME
to the appropriate host.
By using
>>> helge = await webfinger("acct:helge@mymath.rocks")
>>> inbox = (await actor.get(helge))["inbox"]
>>> helge
"https://mymath.rocks/endpoints/SYn3cl_N4HAPfPHgo2x37XunLEmhV9LnxCggcYwyec0"
one can resolve an acct uri to the actor's uri and then record its inbox. Then one can create a message via
>>> mention = {"href": helge, "type": "Mention"}
>>> note = object_factory.note(to={helge}, content="Writing a README thus talking to myself", tag=[mention]).as_public().build()
>>> note
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Note",
"attributedTo": "https://8fc-2003-c1-c73c-a901-b426-f511-88e5-77e3.ngrok-free.app/buttercup",
"to": ["https://mymath.rocks/endpoints/SYn3cl_N4HAPfPHgo2x37XunLEmhV9LnxCggcYwyec0", "https://www.w3.org/ns/activitystreams#Public"],
"id": "https://8fc-2003-c1-c73c-a901-b426-f511-88e5-77e3.ngrok-free.app/HFL5hpzi",
"published": "2024-11-24T12:30:54Z",
"content": "Writing a README thus talking to myself",
}
By then running
>>> await actor.post(inbox, activity_factory.create(note).build())
<ClientResponse(https://mymath.rocks/endpoints/SYONtD8yAKPapRuifwDJ8P0OhcuB7ntjkHdxh_OkrWQ) [202 None]>
one can post the message. It should then appear in your Fedi client
One can view messages received in the inbox via
docker compose logs -f
Further information on the testing server can be found in Using bovine with the fediverse-pasture in the documentation.
Issues about bovine should be filed as an issue.
bovine uses the fediverse-features to provide BDD tests. These can be run by first downloading the feature files via
poetry run python -mfediverse_features
and then running behave
poetry run behave
If you want to contribute, you can start by working on issues labeled Good first issue. The tech stack is currently based on asynchronous python, using the following components:
FAQs
Core functionality of bovine needed to build fediverse applications
We found that bovine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
Research
Security News
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
Research
Security News
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.