hollo
#Hollo finally has #Misskey/#Threads-style quotes! It's easy to use. Just paste the link to the post you want to quote into your post! It will automatically recognize a link to an ActivityPub post (supports Article, Note, and Question) and turn it into a quote.
FYI, if you're using #Phanpy, you can use the Quote button that appears when you press the boost icon!
https://hollo.social/@fedify/0191d67c-a300-786e-8395-2020ac47ebc7
The next version of #Hollo's administration dashboard will have a Federation menu instead of a Data menu, and will allow you to force refresh posts as well as accounts.
#Hollo is currently testing #Node.js instead of #Bun. (In fact, the hollo.social server is already running on Node.js!) If this test is successful, starting with the next release, Hollo will be powered by Node.js instead of Bun.
The main reason for switching to Node.js is to optimize memory usage. As you can see in the graph image below, Node.js uses significantly less memory than Bun. With this switch, Hollo is expected to be even more lightweight than before!
Are you interested in trying out the Node.js version of Hollo early? Try to pull ghcr.io/dahlia/hollo:0.4.0-dev.290!
If you'd like to support the development of @fedify or @hollo or @botkit, you can sponsor me on GitHub!
Just released #Hollo 0.5.4 (ghcr.io/fedify-dev/hollo:0.5.4), 0.4.10 (ghcr.io/fedify-dev/hollo:0.4.10), and 0.3.9 (ghcr.io/fedify-dev/hollo:0.3.9), which fix interoperability issues with some software including @mitra. (Thanks for @silverpill's bug report.)
We'd like to introduce the #Fedify project family—a set of related tools that make building #ActivityPub applications more accessible:
@Fedify (@fedify) is a #TypeScript library for building federated server applications powered by ActivityPub and other #fediverse standards. It provides type-safe objects for Activity Vocabulary, WebFinger client/server, HTTP Signatures, and more—eliminating boilerplate code so you can focus on your application logic.
@Hollo (@hollo) is a single-user microblogging server powered by Fedify. While designed for individual users, it's fully federated through ActivityPub, allowing interaction with users across the fediverse. #Hollo implements Mastodon-compatible APIs, making it compatible with most Mastodon clients without needing its own web interface.
Hollo also serves as our testing ground for bleeding-edge Fedify features before they're officially released.
@BotKit (@botkit) is our newest family member—a framework specifically designed for creating ActivityPub bots. Unlike traditional Mastodon bots, #BotKit creates standalone ActivityPub servers that aren't constrained by platform-specific limitations (like character counts).
BotKit's API is intentionally simple—you can create a complete bot in a single TypeScript file!
All three projects are open source and hosted under the @fedify-dev GitHub organization. While they serve different purposes, they share common goals: making ActivityPub development more accessible and expanding the fediverse ecosystem.
If you're interested in trying any of these projects or contributing to their development, check out:
Fedify: https://fedify.dev/
Hollo: https://docs.hollo.social/
BotKit: https://botkit.fedify.dev/
#Hollo v0.6.0, the next minor release, will have theme colors on your profile pages. Powered by Pico CSS, see the list of all available colors in the Colors section from their docs.
Want to give it a try in advance? Try v0.6.0-dev.397, an unstable release, at your own risk.
If you ever happen to see a hosted offer for #Hollo, please let us know!
Had some fun today installing @hollo because you can never have enough fediverse accounts, right? I'm definitely not avoiding the real world with this distraction. 👀
Hollo is a single / low user platform for the fediverse. It runs on the @fedify framework and supports quote posts, markdown, and emoji reactions.
I went off the beaten path a bit and customized the composer file. Here's my notes on the install process.
I just discovered why some of my followers from larger #Mastodon instances (like mastodon.social) would mysteriously unfollow me after a while!
Turns out Mastodon implements the FEP-8fcf specification (Followers collection synchronization across servers), but it expected all followers to be in a single page collection. When followers were split across multiple pages, it would only see the first page and incorrectly remove all followers from subsequent pages!
This explains so much about the strange behavior I've been seeing with #Hollo and other #Fedify-based servers over the past few months. Some people would follow me from large instances, then mysteriously unfollow later without any action on their part.
Thankfully this fix has been marked for backporting, so it should appear in an upcoming patch release rather than waiting for the next major version. Great news for all of us building on #ActivityPub!
This is why I love open source—we can identify, understand, and fix these kinds of interoperability issues together. 😊
#Hollo 0.5.0 has been released! This update brings several improvements to make your Hollo experience even better.
We've enhanced the accuracy of sharing and liking counts, giving you a clearer picture of post engagement. Posts now maintain precise counts of shares and likes, which persist even when shared across different servers.
Thanks to contributions from @yamanoku, the profile page has received several enhancements:
You can now navigate to newer posts with backward pagination
Images are more accessible with improved alt text handling
Custom fields display better on smaller screens
The favicon now automatically adapts to your light/dark mode preference, and you can enable raw HTML in Markdown using the new ALLOW_HTML environment variable (with secure limitations on allowed HTML elements).
We've also expanded our Mastodon API compatibility by adding endpoints for muted and blocked accounts, making it easier to manage your social boundaries.
Important note for S3 users: The S3_REGION environment variable is now required when using S3 storage.
To update to 0.5.0:
Docker users: docker pull ghcr.io/fedify-dev/hollo:0.5.0
Manual installation: git pull origin stable and pnpm install
Railway users: Redeploy your service from the Railway dashboard
Full changelog: https://github.com/fedify-dev/hollo/releases/tag/0.5.0.
We're pleased to announce that #Hollo has been included in the Nivenly Fediverse Security Fund program!
The @nivenly Foundation has launched a security bounty fund to support contributors who identify and help fix #security vulnerabilities in popular #fediverse software. Both Hollo and @fedify are among the selected projects that meet their responsible security disclosure requirements.
This program will run from April–September 2025, with bounties of $250–$500 USD for high and critical security vulnerabilities.
We're honored to be recognized alongside other established fediverse projects like Mastodon, Misskey, and Lemmy. This further encourages our commitment to maintaining strong security practices.
If you're interested in contributing to Hollo's security, please follow our responsible disclosure process outlined in our SECURITY.md file.
Learn more about the program:
https://nivenly.org/blog/2025/04/01/nivenly-fediverse-security-fund/
#Hollo 0.6.0 is coming soon!
We're putting the finishing touches on our biggest security and feature update yet. Here's what's coming:
RFC 8414 (OAuth metadata discovery)
RFC 7636 (#PKCE support)
Improved authorization flows following RFC 9700 best practices
New features
Extended character limit (4K → 10K)
Code syntax highlighting
Customizable profile themes
EXIF metadata stripping for privacy
Important notes for update
Node.js 24+ required
Updated environment variables for asset storage
Stronger SECRET_KEY requirements (44+ chars)
Special thanks to @thisismissem for the extensive OAuth improvements that help keep the #fediverse secure and compatible! 🙏
Full changelog and upgrade guide coming with the release.
Exciting news for the #Hollo project! We're thrilled to announce that Emelia Smith (@thisismissem) has joined as a co-maintainer alongside Hong Minhee (@hongminhee).
Emelia brings extensive experience in the #fediverse ecosystem, having been a long-time contributor to Mastodon and a leading expert in trust & safety tooling for decentralized social networks. She's dedicated years to improving moderation systems and security across #ActivityPub platforms.
Her recent contributions to Hollo have been substantial—implementing the reporting/flagging system and making significant improvements to OAuth and security features. These valuable contributions naturally led to her joining as a co-maintainer.
This collaboration marks an important milestone for Hollo as we continue building better single-user microblogging software for the fediverse. Welcome aboard, Emelia! 🚀
🚨 Security Update: Hollo 0.6.5 Released
We've released #Hollo 0.6.5 with a critical #security fix for CVE-2025-53941, addressing an HTML injection vulnerability in federated posts.
Please #update immediately to protect your instance from potential phishing and XSS attacks.
How to update:
Railway: Go to deployments → click three dots → Redeploy
Docker: docker pull ghcr.io/fedify-dev/hollo:latest and restart
Manual: git pull origin stable && pnpm install and restart server