Reconciling ActivityPub Deletes with NodeBB deletion

For a lot of things in ActivityPub, there are almost direct parallels in NodeBB. An as:Note object pairs well with a NodeBB post, an as:Person is a NodeBB user, etc.

One thing that didn't map 1:1 was the Delete activity, which at surface level, seems rather straightforward — just delete the object! However, once you dig in, there are some additional considerations:

  • in NodeBB, we have two separate states for content removal.
    • A delete, where the post is still present (but its content unavailable to non-privileged users), and a
    • A purge, where the post is scrubbed from the database entirely, and all references to it, removed
  • in ActivityPub, there is a single activity, as:Delete
  • Implementors may opt to replace the object representation with an as:Tombstone (how quaint!), but they may also just opt to use a 404

So there are some nuances that are left intentionally vague.

Kaniini on SocialHub makes the argument that a Delete should be treated like a cache invalidation, which has its own merits.

This is how NodeBB will interpret the protocol specification, and how we will align it with our own dual-state post deletion mechanic (delete & purge):

  1. When a local post is deleted, we will federate out an Update(Tombstone) referencing the id
  2. Afterwards, if the content is retrieved, an as:Tombstone will be served.
    • Deleted posts in NodeBB still maintain their place in the topic, so when the context is retrieved, the note will still be present in the collection.
  3. If we receive an Update(Tombstone), we will delete the local representation of the post
  4. When a local post is purged, we will federate out a Delete(Note)
  5. Afterwards, if the content is retrieved, we will serve a 404
    • The note will no longer exist in the context collection
  6. If we receive a Delete(Note) (or Article, or Question, etc.) we will not delete it immediately. Instead, as kaniini advises, we will attempt to retrieve the object from the origin:
    • If we see an as:Tombstone, we will delete the post (soft delete)
    • If we encounter a 404 or 410, we will purge the post (hard delete)

I'm writing this out less as a guideline for myself, but to solicit opinions and to give others a chance to point out if I've interpreted the spec incorrectly.

1 Like

I don't know how it works at ActivityPub level, but would it make sense to represent a soft delete as an update to the visibility of the object? Like as a Mastodon user, if I changed a post to private? — interesting idea, but my gut feeling is no, because post visibility (which at present, NodeBB doesn't even support at all) and deletion are two separate properties in ActivityPub.

One is defined in the object itself (to, cc, etc.), whereas if a post is deleted, it simply ceases to exist or becomes a Tombstone.

Just my thought, but the whole Delete then Purge has always irritated me.
Delete should just be Delete.
If a Mod wants to temporarily hide something they could move post, or delete and keep a copy.
The only thing Delete then Purge does is add extra step to removing something!

@eeeee said in Reconciling ActivityPub Deletes with NodeBB deletion:

The only thing Delete then Purge does is add extra step to removing something!

Technically they needn't be two steps. You could just go straight to purge.

We toyed with the idea of removing deletes altogether... not sure where we landed haha @baris?

@julian I don't know ActivityPub well enough to have a detailed set of comments but this seems sensible. In particular, using Tombstone would seem to enable good handling of cases like a deleted post with replies to it.