Himmel
@himmel.app
Offline feeds for Bluesky.
Built with #Flutter and https://atprotodart.com
Built by @peter.lundkvist.info
Built with #Flutter and https://atprotodart.com
Built by @peter.lundkvist.info
Great, looks pretty straightforward!
October 25, 2025 at 7:37 PM
Great, looks pretty straightforward!
Very cool! How can a third-party Bluesky client show community notes? Can they be fetched from somewhere?
October 25, 2025 at 3:17 PM
Very cool! How can a third-party Bluesky client show community notes? Can they be fetched from somewhere?
Tested it on my PDS (Bluesky PDS 0.4.169) and it works. Very easy way to make a confidential native client but only if you set the app type to "web". The Bluesky PDS implementation does not allow confidential native clients. Source code comments indicate that could change in the future though.
October 13, 2025 at 7:40 AM
Tested it on my PDS (Bluesky PDS 0.4.169) and it works. Very easy way to make a confidential native client but only if you set the app type to "web". The Bluesky PDS implementation does not allow confidential native clients. Source code comments indicate that could change in the future though.
Using the "dynamic client id" approach may avoid some of the DCR drawbacks since only the public key originates from the client. OTOH different issues would likely arise, such as the fact that the client id will always return an "in use" public key even though it may not be in use anymore.
October 11, 2025 at 9:19 AM
Using the "dynamic client id" approach may avoid some of the DCR drawbacks since only the public key originates from the client. OTOH different issues would likely arise, such as the fact that the client id will always return an "in use" public key even though it may not be in use anymore.
The DCR proposal could accomplish the same thing and looks a lot cleaner. I hope it's being considered for atproto.
blog.smokesignal.events/posts/3lvtim...
blog.smokesignal.events/posts/3lvtim...
Dynamic Client Registration is the Missing Piece for Mobile and CLI Applications
Dynamic Client Registration is the Missing Piece for Mobile and CLI Applications posted by @smokesignal.events on 2025-08-07 19:45 UTC
blog.smokesignal.events
October 10, 2025 at 8:12 PM
The DCR proposal could accomplish the same thing and looks a lot cleaner. I hope it's being considered for atproto.
blog.smokesignal.events/posts/3lvtim...
blog.smokesignal.events/posts/3lvtim...
Yes, it should be doable. Just wondering if it would be seen as abusing the system. In the docs, confidential clients seem to always reside on a web server.
October 10, 2025 at 7:06 PM
Yes, it should be doable. Just wondering if it would be seen as abusing the system. In the docs, confidential clients seem to always reside on a web server.
Hmm, I guess I can let every device register their public key on the app server and then serve dynamic client_id documents to let the device authenticate as a confidential client. Sounds a bit dodgy though.
October 10, 2025 at 6:54 PM
Hmm, I guess I can let every device register their public key on the app server and then serve dynamic client_id documents to let the device authenticate as a confidential client. Sounds a bit dodgy though.
Why can’t a native client generate a private key on first run and then be a confidential client with nice long token lifetimes?
October 8, 2025 at 9:29 PM
Why can’t a native client generate a private key on first run and then be a confidential client with nice long token lifetimes?
Good suggestion! I'll put it on the todo list.
September 29, 2025 at 10:13 AM
Good suggestion! I'll put it on the todo list.
Interesting! Will this approach let the mobile client act as a confidential client and benefit from longer lived tokens?
September 14, 2025 at 10:13 PM
Interesting! Will this approach let the mobile client act as a confidential client and benefit from longer lived tokens?
This is very good advice!
Sign in screen updated, user experience improved.
Sign in screen updated, user experience improved.
Version 0.1.7 has been released for beta testing and should be available shortly.
New in this version:
- Your PDS is now determined automatically when signing in using a handle.
New in this version:
- Your PDS is now determined automatically when signing in using a handle.
August 26, 2025 at 9:42 PM
This is very good advice!
Sign in screen updated, user experience improved.
Sign in screen updated, user experience improved.
Is this from Monkey Island?
August 25, 2025 at 9:37 PM
Is this from Monkey Island?
You should be able to tell the browser that you don’t want autocomplete and similar features on the text field. Hopefully the browser will listen 😁
August 21, 2025 at 7:47 AM
You should be able to tell the browser that you don’t want autocomplete and similar features on the text field. Hopefully the browser will listen 😁
Looks amazing! A pet peeve of mine is that autocomplete and capitalization are enabled on the text field when inputting your handle on the sign in screen.
August 20, 2025 at 4:07 PM
Looks amazing! A pet peeve of mine is that autocomplete and capitalization are enabled on the text field when inputting your handle on the sign in screen.