bretton.dev
code
Clone this repository
https://tangled.org/bretton.dev/coves
git@knot.bretton.dev:bretton.dev/coves
For self-hosted knots, clone URLs may differ based on your setup.
Per atProto style guide: endpoint descriptions should mention if
authentication is required and whether responses are personalized.
Changes:
- create.json: Added "Requires authentication."
- update.json: Added "Requires authentication and moderator/admin permissions."
- subscribe.json: Added "Requires authentication."
- unsubscribe.json: Added "Requires authentication."
- get.json: Added "Authentication optional; viewer state will be included if authenticated."
- list.json: Added "Authentication optional; viewer state will be included if authenticated."
This improves developer experience by making auth requirements
explicit without requiring documentation lookup.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
BREAKING: This is a pre-alpha schema fix. Must be applied before any
moderator records are created.
Changes to social.coves.community.moderator:
- Change role from enum to knownValues (enables future role types)
- Change permissions from enum to knownValues (enables new permissions)
- Add maxLength: 64 to both fields per atProto style guide
Future extensibility examples:
- Roles: "owner", "trainee", "emeritus"
- Permissions: "manage_bots", "manage_flairs", "manage_automoderator"
Documented in PRD_GOVERNANCE.md:
- Technical decision rationale
- atProto style guide reference
- Future beta phase extensibility plan
- Security considerations
This enables Beta Phase 2 (Moderator Tiers & Permissions) without
requiring V2 schema migration or breaking existing records.
Per atProto style guide (bluesky-social/atproto#4245): enum sets
cannot be extended without breaking schema evolution rules.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change sort from closed enum to knownValues
- Add maxLength: 64 per atProto style guide
This enables future sort algorithms without breaking changes:
- "trending" - Recent activity spike detection
- "recommended" - Personalized AI recommendations
- "nearby" - Geo-based sorting
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change visibility from closed enum to knownValues
- Apply to community.profile (record), create, and update endpoints
- Add maxLength: 64 per atProto style guide
This enables future visibility modes without breaking changes:
- "followers-only" - Only subscribers can see
- "instance-only" - Only same-instance users
- "invite-only" - Requires invite code
Files changed:
- community/profile.json (record schema)
- community/create.json (procedure)
- community/update.json (procedure)
Per atProto style guide: closed enums block schema evolution.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change moderationType from closed enum to knownValues
- Add to required fields (critical before alpha - can't add required later)
- Add default value "moderator" for alpha simplicity
- Add maxLength constraint per atProto style guide
This enables future moderation types without schema migration:
- "sortition" - Community tribunal (Beta Phase 1)
- "instance-labeler" - Instance moderation service
- "third-party-labeler" - External moderation DID
Per atProto style guide: enum sets cannot be extended without breaking
schema evolution. knownValues provides flexible alternative.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Implements Phase 1 did:web domain verification to prevent domain
impersonation attacks in the Coves federated community system.
This PR addresses all code review feedback across 3 rounds:
Round 1 - Performance & Security:
✅ P0: Multi-part TLD support (fixes .co.uk, .com.au blocking)
✅ HTTP client connection pooling
✅ Bounded LRU cache implementation
✅ Rate limiting for DoS protection
Round 2 - Critical Bug Fixes:
✅ Memory leak (unbounded cache → bounded LRU)
✅ Deadlock (manual locks → thread-safe LRU)
✅ Missing timeout (added 15s overall timeout)
Round 3 - Optimizations:
✅ Cache TTL cleanup (removes expired entries)
✅ Struct field alignment (performance)
✅ All linter issues resolved
Security Impact:
- Prevents malicious instances from claiming communities for domains
they don't control (e.g., evil.com claiming @gaming@nintendo.com)
- Verifies hostedBy domain matches community handle domain
- Optional .well-known/did.json verification for cryptographic proof
- Soft-fail on network errors (resilience)
Test Coverage:
- 13 new security test cases (all passing)
- 42+ total tests (all passing)
- Multi-part TLD support verified (.co.uk, .com.au, .org.uk, .ac.uk)
Code Quality:
✅ All linter checks passing
✅ All code properly formatted
✅ Clean build (no warnings)
✅ Production-ready
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>