FediConform is an open-source conformance testing and evidence-reporting tool designed for already deployed Fediversity-compatible services. It is intended to help self-hosters, small providers, SMEs and community operators check whether their running federated services follow a clear operational baseline, without replacing deployment tools, monitoring platforms, migration toolkits, backup systems or security audits.
Many open and federated services can now be installed by technically capable organisations and community operators. However, after deployment, it is often difficult to verify in a repeatable way whether an instance exposes the expected interfaces, uses sound TLS and HTTP behaviour, presents appropriate federation endpoints, avoids avoidable administrative exposure, and provides enough operational evidence for the operator to understand its current state.
FediConform addresses this gap through a reusable validation layer. The project will provide machine-readable conformance profiles, a CLI-based check runner, evidence collection logic and human-readable and machine-readable reports. The aim is to make operational review more consistent, transparent and practical for small hosters and community-run infrastructure.
The project focuses on practical conformance testing rather than on service deployment or infrastructure management. FediConform will not deploy, move, restore, continuously monitor or modify services. Instead, it will inspect already running services from an operational perspective and generate structured evidence that helps operators identify configuration gaps, exposed surfaces and areas requiring review.
Why FediConform matters
Fediversity-compatible services and Fediverse platforms are becoming important alternatives to centralised digital infrastructure. They support decentralisation, local control, community governance and greater autonomy. However, their long-term reliability depends not only on installation, but also on sound day-to-day operation.
Small hosters and community operators often lack lightweight tools to assess whether their services follow a consistent operational baseline. General-purpose security scanners, monitoring systems and deployment tools can be useful, but they usually do not provide a Fediversity-oriented conformance workflow combining service reachability, federation endpoint checks, HTTP/TLS behaviour, exposed administrative surfaces, version signals, configuration hygiene and evidence reporting.
FediConform is intended to make this operational layer easier to inspect and improve. By producing clear pass, warning and fail results, together with supporting evidence, the project will help operators understand whether their running services expose expected operational signals and where attention may be needed.
What the project will deliver
FediConform is expected to deliver:
- A reusable open-source CLI conformance testing tool
- Machine-readable conformance profiles for selected Fediversity-compatible services
- Generic checks for service reachability, TLS/HTTP behaviour, endpoint availability and configuration hygiene
- Initial service-specific profiles for services such as Mastodon, Lemmy, PeerTube or Owncast
- Evidence collection logic supporting pass, warning and fail results
- Human-readable reports for operators and administrators
- Machine-readable reports for future automation, comparison and integration
- Documentation, usage examples and extension guidance
- A demonstrator showing end-to-end conformance assessment of running services
How it works
FediConform is designed to sit outside the running service as an independent validation layer. The operator provides a target service endpoint and selects a relevant conformance profile. The CLI tool loads the profile, runs the check engine, collects evidence from the running service and generates reports.
In simple terms, the intended model is:
Hoster / Operator -> FediConform CLI -> Conformance checks -> Running Fediversity-compatible service -> Evidence reports
The tool does not take over the service or modify its configuration. It checks observable operational signals, classifies results and explains the evidence behind each finding. This allows hosters to review the state of their services in a repeatable way and compare results over time or after configuration changes.
Expected outcomes
The expected outcomes of the project are:
- Better visibility of operational conformance for self-hosted federated services
- More repeatable assessment of running Fediversity-compatible deployments
- Clearer evidence for service reachability, federation endpoints, TLS/HTTP behaviour and exposed surfaces
- Reduced dependence on ad hoc manual checks by small hosters and community operators
- Reusable conformance profiles that can be extended to additional services
- Human-readable and machine-readable reports that support review, documentation and future integration
- A reusable digital commons component that others can inspect, adapt, deploy and improve
Open source and repository
FediConform is intended as an open-source project. The source code, conformance profiles, documentation, example reports and related technical materials will be published in a public repository.
GitHub repository: soon to be available
Project status
FediConform is currently presented as a proposed open-source effort. The project page will be updated as technical materials, implementation outputs, documentation, demonstrator results and public repository links become available.
Planned work includes:
- Operational conformance baseline and check taxonomy
- CLI architecture and implementation
- Machine-readable conformance profile format
- Generic operational checks
- Service-specific profiles for selected Fediversity-compatible services
- Evidence collection and report generation
- Demonstrator scenarios
- Documentation, packaging and public release
Organisation
FediConform is developed by Xilbi Sistemas de Informacion SL, a software engineering SME active in web-based systems, backend services, integration work, internet-facing digital platforms and practical software components for operational environments. XILBI’s role in the project is to design, implement, validate, document and release FediConform as a reusable open-source tool for the Fediversity and wider open hosting ecosystem.