Increasing the Mastodon (4.2) post character limit

Mastodon has a default character limit of 500 characters. The ActivityPub protocol however, which Mastodon is built against, does not specify a maximum character length. This means that in order to be compatibel, Mastodon does support posts with more than 500 characters, but it keeps users from actually posting longer posts. This is simply enforced by the server software. If you happen to run your own Mastodon instance, you can just set this limit to whatever you want - it does require a few source code changes though.

But wait, I hear you say, the limit is there for a reason, right? A Twitter1-style service lives from short postings, and long postings ruin it all. Well, in my experience 500 characters is sometimes just not enough. Sure, 80% or so of my posts will fit into that amount of characters, but sometimes I have more to say. And then I need to create a thread, which is both cumbersome to write as it is to read. Mastodon clients support long character posts. Some display it all at once, but most - like Ivory, for example - hide everything longer than 500 characters behind a “Read more” link. Which is totally fine by me and I have never received any complaints over postings that are too long.

To change these source files, you need access to the server, obviously. I am also going to assume that your server is up and running, and that you are using the non-Docker installation. It is probably similar or the same for the Docker installation, but I am not using it so I cannot confirm.

These instructions are for Mastodon 4.2. I am using nano in these example as the text editor, but you can of course use whatever you want. I am changing the default to 2500 chars. You can change it to any other value, but for most people 1000-3000 should be more than enough.

And please keep in mind, these instructions are provided “as is”. Please think before following them. There is no guarantee that they work, and they may cause errors or unexpected behaviour. It is not my fault if you break your instance applying them. That said, I have been using an increased character limit on my instance for close to a year, and never had an issue with it.

1. Switch to your Mastodon user

su - mastodon

and switch to your Mastodon installation directory. For most people, this should be /home/mastodon.

2. Edit the file compose_form.jsx

nano -w live/app/javascript/mastodon/features/compose/components/compose_form.jsx

Look for the number 500 (in Nano, you can search using Ctrl-W) and change it to 2500. There should be two instances.

3. Edit the file instance_serializer.rb

nano -w live/app/serializers/rest/instance_serializer.rb

On the top of the file, there is a definition of attributes:

attributes :domain, :title, :version, :source_url, :description,
             :usage, :thumbnail, :languages, :configuration,
             :registrations

You need add your own attribute to this. You could call it max_post_chars:

attributes :domain, :title, :version, :source_url, :description,
           :usage, :thumbnail, :languages, :configuration,
           :registrations, :max_post_chars

Afterwards, at the bottom half of the file, you will find private. Above this, add the definition for that attribute you have specified above:

  def max_post_chars
    2500
  end

Make sure to put it above the private, otherwise it will not be accessible.

4. Edit the file status_length_validator.rb

nano -w live/app/validators/status_length_validator.rb b/app/validators/status_length_validator.rb

Look for MAX_CHARS = 500 and change it to MAX_CHARS = 2500

5. Edit the file note_length_validator_spec

nano -w live/spec/validators/note_length_validator_spec.rb

There are two instances of the number 500 in this file. Change both to 2500.

6. Rebuild assets and restart services

You are now done editing and can rebuild the live assets. Do so with the following commands:

cd live
RAILS_ENV=production bundle exec rails assets:precompile

Afterwards, exit the mastodon user, and restart the Mastodon services as root:

systemctl restart mastodon-sidekiq
systemctl reload mastodon-web
systemctl restart mastodon-streaming

Congratulations, you should now have an increased character limit on your instance. Have fun posting!

  1. No, I am not going to call it “X”. 

So long, Twitter

I joined Twitter in early 2009, and, for most of the over 13 years, enjoyed it tremendously. While I never had a huge follower base (a couple of hundreds at most), it was my preferred social network.

And today, I am leaving. For good. There is really not much for me to add to this excellent piece of Nilay Patel at the Verge. Elon Musk is going to run this company to the ground, and destroy the social network in the process. He already started to lay off half its staff and introduced questionable feature plans with comical deadlines, all while spreading right-wing conspiracy theories. Regardless whether or not he will be successful making Twitter profitable enough to withstand the financial pressure of his own acquisition, and somehow keep Twitter from becoming a right-wing hellhole, I do not want to be a part of this. It can only go downhill for Twitter from here on out.

Last week, I set up my own Mastodon instance. It has one user–me–and it is my window into the Fediverse. This is not the first time I am using Mastodon, I have been on and off the service (on mastodon.social) for a few years, but I never had an incentive to stay there permanently; Twitter always had a larger pulling force. For me, it is different this time. And judging from my Mastodon timeline, I am not alone.

Of course it remains to be seen if Mastodon will be a successful replacement for Twitter–that really depends on whether or not all the users that recently “migrated” from Twitter will stay and be active there–but even if it is not, I am no longer subject to the mood swings of a billionaire wanna-be genius.

Leaving 1Password for iCloud Keychain

I have been using 1Password as my primary secrets manager since 2008. I used it store pretty much all information that should not be stored unencrypted, like passwords, credit card and banking information, and even software licenses. For a long time, it was the most important app on both my Macs as well as on my iOS devices. 1Password has been serving me exceptionally well, its features aligned perfectly with my needs and the UI was incredibly well done. The app was a model for how native apps should behave on a platform and I have recommended it on numerous occasions.

Until last year. Or rather until 2019, when the company announced it would accept $200 million in venture capital. But at that time the product remained unchanged, and the feared upcoming focus on business customers was just a threat looming in the distance. Unfortunately, in August of 2021, 1Password announced a new major version of its macOS client–version 8–and after a bit of digging it turned out that it was no longer a native app, but rather built using a cross-platform solution called Electron. Electron apps have a terrible reputation–they are slow, use ridiculous amounts of resources and do not adhere the platform’s user interface standards. In most respects, they are the very opposite of what 1Password used to be. The move caused widespread criticism among their long time users. For the first time in years, I wondered if I should switch to an alternative.

The problem was–and in a way, still is–that the alternatives are not that great, or terrible altogether. There are about as many password managers as there are Twitter clients, but in all respects, 1Password was the best one. Its most prolific competitors, Enpass, Bitwarden, Dashlane, Lastpass, among others, are not native clients either. I tried them all–in all cases the UI was terrible, both on macOS as well as iOS. And so I kept using 1Password.

Fast forward to February 23rd of this year. 1Password announced it would partner with Phantom, which is a cryptocurrency wallet (basically a data store). In their accompanying blog post, they write:

This is the first of many partnerships that we’ve been working on in the cryptocurrency space.

There is not much need to sugarcoat it: that is an outrageously stupid decision. cryptocurrency is a ponzi scheme. But even worse, it is a major ecological disaster, contributing to the destruction of the planet. Regardless if the crypto integration in 1Password is limited to saving passwords for crypto wallets or more sophisticated integrations–this partnership and their blog posts shows that the company is steering into a very worrying direction. I simply cannot support this.

Thankfully, there has been some movement in the area of password management. Apple has realized that passwords are a problem that requires solving, and has slowly but steadily improved their iCloud Keychain access and feature set. iOS 15 and macOS 12 have an improved interface for passwords management and even OTP support. In the current beta releases, they also added secure notes to passwords. Thanks to the tight integration across all Apple platforms, this is an ideal solution for anyone who is invested in their ecosystem–like I am. Security-wise, iCloud Keychain is end-to-end encrypted, and the passwords interface offers an export function that creates a CSV file.

Exporting my passwords from 1Password to iCloud Keychain was actually quite easy. Jonathan Wight created a Python script that helps with the process. It takes the CSV export of 1Password (8) and filters all values that do not have a username, password or url, because those are unsupported by iCloud Keychain. It then creates two files: a “clean” file that can be imported, and one that lists all the entries with missing values. After about two hours of cleaning up and consolidating data, I was able to import all passwords from 1Password to iCloud Keychain.

iCloud Keychain covers passwords, but what about all the other secrets that 1Password kept, like secure notes, credit cards and banking information, and software licenses? Safari already has a feature to safely store credit card information for auto completion, so this is covered. I had forty or so secure notes in 1Password, but after cleaning out over ten years worth of information, I was left with only six secure notes that I still need. The Apple Notes app has support for “locked” notes which are end-to-end encrypted notes with a user password. So I created a “secure notes” folder in the Notes app. I hope that Apple will further improve the password manager in iOS and macOS, making this only a temporary solution. As for software licenses–these are not an actual secret, and I only used 1Password to collect them in one place. But this is not really necessary, looking them up in my Email account works just fine for me.

Password management is a feature, not a product. I suppose 1Password knows this too. The password mangement feature of iOS and macOS is likely good enough for most people, thus requiring 1Password to concentrate on business and edge cases–like the cryptocurrency wallet cooperation. Thankfully, I do not need to be a part in this anymore.

App List removed from sale...for now.

Unfortunately I had to remove App List from sale today. This means that the app will remain working and downloadable for existing users, but it is no longer listed on the App Store and it will not receive updates in the foreseeable future. It was not an easy decision for me, but in the end I had no choice. There are a couple of reasons why:

  • I simply cannot keep up with the changing App Store. App List only partly relied on the iTunes Search API. For extended information I had to parse the App Store manually. This was tedious, error prone and - obviously - frowned upon by Apple.

  • Apple recently changed the iTunes Search API and reduced the maximum amount of Ids to an arbitrary number (it seems dynamic, but it is much lower than it used to be), forcing me to rewrite large parts of the API functions.

  • I receive a massive amount of support email for this app. It was quite popular, and people used in the very odd ways (my favorite one was the guy who had 5000 apps on his iPad and used App List to keep track of them all). I am not a company, I am a sole developer who wrote App List in his free time. I had to declare support email bankruptcy a while ago.1

  • There are crashes in iOS 15 which I would have to fix quickly. I currently have no time to work on this app though.

  • Sync is wonky at best and would require a complete re-write of the syncing engine. People also still had issues with price change notifications not showing up. This also requires attention.

As I wrote before, App List was just a hobby project on the side. I did not anticipate its popularity. Since its inception, App List had more than half a million regular users, and many more downloads.

Thanks to everyone who enjoyed App List and gave me a tip. Maybe I will be able to continue working on it later in the year.

  1. On a side note, many people really need to work on their manners. The amount of entitlement seeping from those emails is staggering. It was a free app, yet some people acted as if they payed inordinate amounts of money for it, or as if I was their personal developer implementing features just for them. At some point I really had to stop reading those support emails because it was seriously affecting my mood. 

Cryptical 4.0...and a look back

Today I released a new major version of Cryptical, my little password generator for iOS. Cryptical 4.0 (re-)adds1 the ability to exclude specific characters from selected character sets. I modernized the interface a bit, using a more consistent look over all screens that fit the current version of iOS, completely overhauled the Batch Generation screen and also replaced all of the icons with newer, better designed alternatives. Additionally there are plenty of other improvements and bug fixes. So all in all, it is a solid new version.

Cryptical is now over 10 years old. I released version 1.0 in August of 2010–today it is the oldest app of mine still available on the App Store. Of course it did not remain unchanged over time; it received plenty of updates. Back in 2010, “Lite” and “Pro” version were a common thing–there was a free “lite” version with a reduced feature set, and the paid-upfront “pro” version with all the features and without ads. For ads on the free version I initially used AdMob, but quickly replaced it when iAd2 became available. It was the early times in the App Store and business models were still sorted out. Cryptical featured a pixel-perfect custom interface, made by myself in Photoshop. This is what we did, back then, and honestly it did not look bad.

Cryptical 1.0 vs. Cryptical 4.0. Remember skeuomorphic interfaces?

I quickly realized though that I was cannibalizing sales of the pro version with my own light version. The feature set of the light version was “good enough” for most users, and they did not seem to mind the ads. This left me with little choice. If I wanted to have any meaningful revenue with the version paid upfront, I had to remove the free version–which I did in 2011.

The app remained largely unchanged until 2015, when a bug occurring in iOS 8 forced me to either remove the app from sale, or supply an update. For some reason the launch screen animation did not start3, which meant users could not use the app at all on iOS 8. I received some angry emails about it. For a short time I thought about simply removing the app from sale, but I actually liked it. I loved the name, the concept and used it myself all the time. Browsing the App Store for competitors, I quickly realized that nothing like Cryptical existed–most of them were badly designed and/or lacked features. Given the age of the code base, however, just fixing the bug would have been impossible. I had to rewrite it. I just had switched to a new job, writing Swift full-time. And so I rewrote it in Swift. I redesigned the interface to get rid of the skeuomorphic design and matched the “flat” look of iOS. And since I no longer saw much of a point of charging for a small app like that, I made Cryptical free, with all its “pro” features.

Over the years Cryptical received a few more updates, mostly bug fixes and changes to adapt to new iOS devices. The last update was in 2018. And then, in December of 2020, I received an Email vom Apple:

“Action Needed: Your app’s compatibility with iOS and iPadOS - We noticed that your app, Cryptical, was built using the iOS 8.4 SDK or earlier. As a result, your app cannot be signed with our latest App Store code signing certificate, which will be required for apps to launch in upcoming releases of iOS 14 and iPadOS 14.”

Once again, this forced my hand. iOS now actively started to warn users when they launched the app, telling them in a system alert that “the developer” had to update the app, or it would no longer work with future versions of the OS. Over a very short period of time, I received many, many emails from concerned Cryptical users, all of them asking me to supply an update. As it turns out, Cryptical had quite a fan base, especially in the US. Without me noticing, it had accumulated 1120 5-Star-Reviews, a surprisingly large number for such a niche app. People who used Cryptical loved it. And so I once again checked out the source repository, and began work.

I first considered only building it with a newer SDK. There was a problem though: I was now using an M1 MacBook Pro, and the code base and most of its dependencies were written in Swift 3. Xcode 12 on macOS Big Sur could no longer convert this version of Swift to the current Swift version, and the last version which could - Xcode 10 - did not run on Big Sur (or my M1 Mac). I had to manually update the code and its dependencies to compile on the new machine. In the end, I rewrote large parts of the app, did a few interface refreshments and prepared Cryptical for future updates.

There is one more addition to Cryptical that I have not mentioned before: it now contains a Tip Jar. Over the years, people often asked me how they could support the development of the app, and I usually told them to buy my other apps. You can now do that directly, in Cryptical, if you wish. Tipping is optional, of course - all features remain free.

So what does the future hold for Cryptical? I have a few feature ideas in the pipeline. While it still remains a hobby project (do not expect weekly updates), I will not let it remain unchanged for two years anymore though. Promised.

  1. It actually used to have this feature back in the first versions, but I removed it for some reason in a later rewrite of the app. 

  2. The fact that Apple once had its own mobile advertising framework seems inconceivable in today’s world. Ads have the dirty stain of customer tracking and privacy violation, so it is not surprising that iAd shut down in 2016. 

  3. It had a snazzy animation, because, well…that is how we rolled back in 2010.