Cam
Scott Hanselman โ
๐ธ๐ฝ๐๐ฎIf you make a README.me for your GitHub profile, you canโt use it yet as #verification here because Github removes the REL=ME attributes. However, if you edit your actual profile on GitHub, and put your #Mastodon site as your homepage (thatโs the one with the chain link) it will use REL=ME for that link, which means you can verify your GitHub. See my about profile for all three of my verified links!
Laura Langdon@shanselman Thanks! Iโd wondered how folks were getting their GitHub verified. ๐
Adam
Michael Craig ๐ป๐บ๐ฆ@shanselman Thanks, Scott -- super useful to me and folks, generally.
Keith โ ๐ณ๐ฟ ๐ค@shanselman also, it seems once verified, you don't need to leave the link there, so if you have a website you'd prefer to link to you can put it back. Not 100% sure if there is a trigger in mastodon to retrigger the verify though.
Elan ๐ฆ@keith @shanselman my understanding is other servers will attempt to verify and won't be able to.
Sergi@elanhasson @keith @shanselman that's quite a bummer if you want your GitHub profile to be pointing to a different site ๐
@sergi @elanhasson @keith definitely, I think itโs a stopgap until they update their README functionality to support this
@keith itโs very likely like keybase and gets checked every couple days, or every few months
David Stosik@keith @shanselman AFAIK, unfortunately, Mastodon will re-verify links every time you submit the "edit profile" form.
Greg Petrites@shanselman
You can use Github Pages to create a user site. A Readme.md there retains the rel. That's how I got myself verified.
@shanselman
Luck. I knew about github pages. I didn't know about the profile readme
Luck. I knew about github pages. I didn't know about the profile readme
August@gpetrites @shanselman I was about to say, my first thought on what to do - and what I ended up doing - was the GH Pages thing (and buying a custom domain name, setting up CNAME, etc, just to be extra).
Being able to just add the link to my profile would've been the real lifehack here.
@4U6U57 @shanselman
You don't need a custom domain. I'm using the default url:
๐ด๐๐๐๐๐ ๐ผ๐๐๐๐@shanselman how long does it take for the verification to take place after you publish the rel=me? minutes/hours/etc
Ryan Peters@elijahmanor @shanselman I think I had to change the site URL, then change it back to the correct one in order for it to re-evaluate the site verification. Not sure if it's part of a cron job, and maybe I was just growing impatient.
Christof Schwiening@ryan @elijahmanor @shanselman Yes, editing the link forces the reverification process.
I have inserted rel tags into almost all of my sites. The most authoritative is the official UK athletics listings of my race performances. I guess only runners know how important the validity of that data is!
Proving identity is important for me. Having been trolled on #Strava by anonymous accounts I think verification is a requirement for wider discourse. We must be accountable.
Joris de Gruyter@shanselman That's cool! I hope LinkedIn will do this as well.
@jorisdg definitely, I literally just brought that up to them this week
@shanselman he says casually. You realize you're setting impossible standards for us Microsofties? ๐
People are like: "can't you just ask the Xbox people?"
Me: I'm not frikkin' Scott Hanselman!
People are like: "can't you just ask the Xbox people?"
Me: I'm not frikkin' Scott Hanselman!
eckes@shanselman good to know but GH needs to catch up, I donโt want my fedrigeres handle as my profile link
@shanselman *fediverse
@eckes totally agree, if they fix read me functionality then that solves this issue
John Ryan ๐จ๐ปโ๐ปโธ๏ธ๐พ ๐
Olivia Appleton@shanselman do you happen to know if one can make it work on OpenStreetMap profiles?
Jason Coon
Zack M@shanselman This also works for your Stack Overflow profile if you put it in your "Website link"! Check it on my profile ๐
fuzzface@shanselman Thank you for the tip!
Dan Hon@shanselman um, it worked on my readme.md at about.Danhon.com --- but that may also be because I edited the Jekyll template?
@danhon GitHub strips rel= and adds rel=nofollow in their readme.md. Jekyll is different and works fine, GHpages are ok. Readme on the main profile are not
mrbretticus ๐คทโโ๏ธ@shanselman yep that is what I did, however I noticed that @simon had it verified even though his profile link pointed to his own website (which was also verified). Does Mastodon follow links?
Simon Willison@mrbretticus @shanselman I verified my GitHub profile and then edited it to point back to my personal site
@simon @shanselman ah, neat trick ๐
Niel Thiart@simon @mrbretticus @shanselman
I don't think the verification persists on your mirrored profile on remote instances.
So when my instance processes your account, it tries to reverify links in your profile fields:
https://github.com/mastodon/mastodon/blob/e37e8deb0ff207d36bb359ce395e2888dacc216d/app/services/activitypub/process_account_service.rb#L43
@simon @niel @mrbretticus ya that makes sense. So it is zero trust. Each instance does its own verification.
@shanselman @simon @mrbretticus
It would be interesting to see how much traffic is generated by instances reverifying profile links for popular profiles. I imagine this could keep growing with the network.
Probably not a problem if most users are on public instances, but still.
For domain verification, DNS based verification makes sense. There's a recent issue suggesting DNS TXT record based verification, which should be simpler and more scalable:
https://github.com/mastodon/mastodon/issues/20030
Enable DNS verification of web links on Mastodon profiles ยท Issue #20030 ยท mastodon/mastodon
Pitch Let users verify the web links on their Mastodon profiles by adding DNS records. Motivation People who are unable to update the HTML code on their websites very easily may find updating DNS r...
funkypenguin@shanselman mm, not working for me :(
@shanselman oh. I'm a dumbass. nvm.
Andrea Grandi ๐ฆ@shanselman it would be much better if GitHub added a custom field (in addition to website and Twitter). I really want my GitHub to have my website linked, not my Mastodon profile.
The Linux Legend@shanselman Y'all need to use GPG digital signature sometime. 
The Seven Voyages Of Steve@shanselman really looking forward to this being supported in ReadMe instead, because Iโd rather keep my main GitHub link pointing at my blog
Vito Botta@shanselman I tried it but it still shows my GitHub as unverified. What am I missing?
@vito itโs verified. Look again
@shanselman Yep it worked after I added the https:// prefix
@shanselman nvm it works after adding the https:// prefix
John Mifsud@shanselman Thank you, this helped me! ๐๐ป
Jesse Liberty@shanselman Thanks! How do I see my about profile from the view of anyone else?
Chris Child@shanselman Very helpful! I thought I was doing something wrong.
Boby Tanev@shanselman That's a great tip! Thanks!
Just wondering how did you find it? Experimenting out of hacker's curiosity or called the team at GitHub directly :)
Just wondering how did you find it? Experimenting out of hacker's curiosity or called the team at GitHub directly :)
@btanev experimenting
W3This is cool but overall a very not-intuitive way to know someone is legit.
Instead of a name tag, it's more like wearing a QR code that I have to scan and cross reference with Google to make sure it's not just a cloned site.
Doable, just not ideal.
Good tip.
Bennett Gould@shanselman do you know any tricks for notion?
@bpgould I don't use notion
@shanselman fair enough
Tony Agudo โ
@shanselman this explains why I wasn't getting verified when I put the link in my README.md. But when I go edit the file, the rel attribute is still there.
@antoniusmisfit yes itโs removed at runtime.
@shanselman ah, that makes sense.