This post continues the discussion about how to implement repo push activities. My current implementation does the following:
- You run
- The server authors a
Pushactivity and publishes it, with you as the actor
- The repo itself isn’t one of the recipients yet, but in my docs I decided it should be, I’ll fix that soon
This works fine so far, assuming you like the idea that the Push activity is authored on the server while you’re the actor of the activity and not the repo. But there’s a complication: What happens when you push to a repo hosted on a different server, not the one where your account is? In that case, the server can’t publish the Push activity for you!
So I’d like to ask the following:
- Where is the
Pushactivity authored? On the computer of the person? On the person’s home instance? On the repo’s home instance?
- Who is the activity’s actor? The person or the repo? (the spec says the AP actor is the entity that did the activity, so in that sense it should be the person, not the repo, and that’s how I’ve implemented it so far)
The answer also needs to make sure that those Push activities are authentic and honest and match the actual repo commits, otherwise anyone can claim pushing some fake arbitrary commit to any arbitrary repo.
Idea, maybe instead of a Push activity we could have a Receive activity in which the repo is the actor?