Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Poll: how many of you use /statuses/friends_timeline/user.format?

35 views
Skip to first unread message

Alex Payne

unread,
May 24, 2008, 8:23:57 PM5/24/08
to twitter-deve...@googlegroups.com
We're looking to trim up a few parts of the Twitter that cause our
database pain in an effort to maintain stability over the coming
weeks. It's been often been said on this list that developers
wouldn't mind suffering some API changes if it meant more reliability.
One of the methods that hurts us the most is what we call the
"profile with friends". Via the API, you'd access it via this URL if
you wanted the timeline of updates by bob's friends:

http://twitter.com/statuses/friends_timeline/bob.xml

We'd still allow you to retrieve your friends_timeline for the
authenticating user, just not the authenticating user looking at
another user's timeline. This latter method forces us to do a fairly
complex query that, when not cached, can be pretty painful.

How many of you actually make use of this method? Should it stay or
should it go? I can say that the equivalent view on the web is going
away in all likelihood. You'll still be able to see who another user
follows, but not in timeline format.

--
Alex Payne
http://twitter.com/al3x

Ed Finkler

unread,
May 24, 2008, 8:39:26 PM5/24/08
to twitter-deve...@googlegroups.com
I do not use this method except to grab the authenticating user's own
friends timeline. I don't personally have much use for it otherwise.

--
Ed Finkler
http://funkatron.com
AIM: funka7ron
ICQ: 3922133
Skype: funka7ron

Michael T. Barrett

unread,
May 24, 2008, 8:45:07 PM5/24/08
to twitter-deve...@googlegroups.com
I use that format with Stuffr, but only for the authenticating user.

Cameron Kaiser

unread,
May 24, 2008, 8:50:14 PM5/24/08
to twitter-deve...@googlegroups.com
> We're looking to trim up a few parts of the Twitter that cause our
> database pain in an effort to maintain stability over the coming
> weeks. It's been often been said on this list that developers
> wouldn't mind suffering some API changes if it meant more reliability.
> One of the methods that hurts us the most is what we call the
> "profile with friends". Via the API, you'd access it via this URL if
> you wanted the timeline of updates by bob's friends:
>
> http://twitter.com/statuses/friends_timeline/bob.xml

TTYtter does not use this at all.

--
------------------------------------ personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Systems * www.floodgap.com * cka...@floodgap.com
-- If there was a hole, I would jump into it. -- Gackt Camui ------------------

Julio Biason

unread,
May 24, 2008, 9:39:37 PM5/24/08
to twitter-deve...@googlegroups.com
Miter uses just

http://twitter.com/statuses/friends_timeline.json (for the authenticated user).

--
Julio Biason <julio....@gmail.com>
Twitter: http://twitter.com/juliobiason

sugree

unread,
May 24, 2008, 11:02:25 PM5/24/08
to Twitter Development Talk
jibjib doesn't use it and if jibjib uses, it will authenticate the
user by the way.

Kee Hinckley

unread,
May 24, 2008, 11:06:46 PM5/24/08
to twitter-deve...@googlegroups.com
On May 24, 2008, at 8:23 PM, Alex Payne wrote:
> One of the methods that hurts us the most is what we call the
> "profile with friends". Via the API, you'd access it via this URL if
> you wanted the timeline of updates by bob's friends:

I always thought it was an odd, but interesting, feature. I can
definitely imagine the performance hit though. Not worth keeping in my
mind.

dean.j.robinson

unread,
May 25, 2008, 12:09:08 AM5/25/08
to Twitter Development Talk
I do provide a link to the friends_timeline for other users within
Hahlo.

Over the last months the "friends_timeline" on Hahlo has been visited
about 280,000 times, of those around 60,000 were other peoples
timelines (ie. not the authenticating user's) I must say thats a
larger percentage that I expected.

IF you are going to remove it on the web, then I guess there's not a
problem removing it from the API too, so long as its communicated
appropriately to users. I personally don't have a huge problem with
it, but us developers will need to know if its going to be removed in
advance so that we can update our code accordingly.

Is this intended to be a permanent removal? Or temporary? (but not
"temporary" like paging). Seems a shame if the only solution to the
current issues is to remove functionality.

cheers

Dean

Evan Weaver

unread,
May 25, 2008, 1:37:37 AM5/25/08
to twitter-deve...@googlegroups.com
It will be semi-permanently removed. It may eventually reappear in
modified form, but don't hold your breath.

Evan

--
Evan Weaver

dean.j.robinson

unread,
May 25, 2008, 4:58:49 AM5/25/08
to Twitter Development Talk
Thanks Evan, and I shall not hold my breath for I fear that may be bad
for me :)

Marco Kaiser

unread,
May 25, 2008, 5:35:57 AM5/25/08
to twitter-deve...@googlegroups.com
twhirl doesn't make use of this method, it only fetches the "with friends" timeline for the authenticating user.

--
Marco Kaiser



David Håsäther

unread,
May 25, 2008, 7:21:22 AM5/25/08
to Twitter Development Talk
On May 25, 2:23 am, "Alex Payne" <a...@twitter.com> wrote:

> How many of you actually make use of this method?

The Opera widget doesn't use this method either, and there are no
plans to do so.

Akira Ueda

unread,
May 25, 2008, 8:32:48 AM5/25/08
to twitter-deve...@googlegroups.com
NatsuLion doesn't use this method without authentication.

--
Akira Ueda (@akr)

CHEEBOW

unread,
May 25, 2008, 9:04:35 AM5/25/08
to Twitter Development Talk
Twit dosen't use this method.

Abraham Williams

unread,
May 25, 2008, 12:05:32 PM5/25/08
to twitter-deve...@googlegroups.com
My super secret twitter project does not use this method.

Abraham


--
| Abraham Williams | Web Developer | Lothlórien Coop | Madison WI
| http://abrah.am | http://lothwiki.org | http://web608.org
| This email is: [] blogable [x] ask first [] private

Damon Clinkscales

unread,
May 25, 2008, 1:54:24 PM5/25/08
to twitter-deve...@googlegroups.com
On Sat, May 24, 2008 at 7:23 PM, Alex Payne <al...@twitter.com> wrote:

> http://twitter.com/statuses/friends_timeline/bob.xml

Neither of my apps use that method:
- http://snaptweet.com
- http://doesfollow.com

Best,
-damon
--
http://twitter.com/damon

Jesse Stay

unread,
May 25, 2008, 7:03:53 PM5/25/08
to twitter-deve...@googlegroups.com
socialtoo.com doesn't use this method.

--Jesse

lyn...@gmail.com

unread,
May 25, 2008, 10:21:11 PM5/25/08
to Twitter Development Talk
P3:PeraPeraPrv doesn't use this method without authentication.

Kee Hinckley

unread,
May 26, 2008, 1:29:30 AM5/26/08
to twitter-deve...@googlegroups.com
Amusingly, I just realized that I *was* using that form of the call.
But I was using it as a temporary way of getting messages for a user
without logging in--thus avoiding the rate limit. :-) It wouldn't get
protected users, but I could fetch it more often, and then back off
and use the authorized mechanism less frequently.

So yeah, you probably don't want to keep it around.

Richard

unread,
May 26, 2008, 12:59:57 PM5/26/08
to Twitter Development Talk
Friendbinder is not using it, but instead I am using
http://twitter.com/statuses/user_timeline/<username>.xml
for each user so is that better or worse?

It seems that people are reluctant to give their username/password to
a web app. so I can see using
http://twitter.com/statuses/friends_timeline.xml
as bit of a problem and it's not page-able.

What methods does everyone use here?

Jorge Handl

unread,
May 26, 2008, 1:26:21 PM5/26/08
to twitter-deve...@googlegroups.com
Twist is not using it.

Colby Palmer

unread,
May 26, 2008, 3:33:41 PM5/26/08
to Twitter Development Talk
The current version of http://itweet.net does not use this method.

I am using it heavily in some new interfaces I'm working on, so I
wouldn't mind keeping it... however if its removal meant a really
tangible improvement to Twitter's stability, I would vote to kill it.

Colby
http://twitter.com/colbypalmer

Shannon Whitley

unread,
May 26, 2008, 3:33:46 PM5/26/08
to Twitter Development Talk
I don't use it.

If we ax that feature can we get the "page" querystring variable
back? :)

Joel Longtine

unread,
May 26, 2008, 6:09:55 PM5/26/08
to Twitter Development Talk
Socialthing.com does not use this feature, either, we only care about
the authenticated user and their friends. I can't see how we would
take advantage of that feature, either, so I vote to kill it,
especially if it is degrading performance so severely.

Alex Payne

unread,
May 29, 2008, 10:25:35 PM5/29/08
to twitter-deve...@googlegroups.com
An update: we'll be deprecating the usage of this method that,
apparently, hardly anyone but us uses. Most likely, the deploy that
deprecates this will go out tomorrow, and the documentation will be
updated at that time. URLs that specify an alternate user for whom to
fetch a friends_timeline will continue to work, but will return
statuses for the authenticating user.

--
Alex Payne
http://twitter.com/al3x

dean.j.robinson

unread,
May 30, 2008, 6:09:08 AM5/30/08
to Twitter Development Talk
Well, looks like Hahlo will get its 3.1 update a couple of days early
then....

Thanks for letting us know Alex.

On May 30, 12:25 pm, "Alex Payne" <a...@twitter.com> wrote:
> An update: we'll be deprecating the usage of this method that,
> apparently, hardly anyone but us uses. Most likely, the deploy that
> deprecates this will go out tomorrow, and the documentation will be
> updated at that time. URLs that specify an alternate user for whom to
> fetch a friends_timeline will continue to work, but will return
> statuses for the authenticating user.
>

dean.j.robinson

unread,
May 30, 2008, 6:50:49 AM5/30/08
to Twitter Development Talk
Also I should add that although I would have like to have seen it
stay, its removal is going to drastically simplify a good sized
section of Hahlo's code. :)

On May 30, 8:09 pm, "dean.j.robinson" <Dean.J.Robin...@gmail.com>
wrote:

Alex Payne

unread,
May 30, 2008, 3:01:00 PM5/30/08
to twitter-deve...@googlegroups.com
Thanks for being so flexible about keeping up with our API changes, Dean.

--
Alex Payne
http://twitter.com/al3x

Ray Grieselhuber

unread,
May 31, 2008, 8:11:40 AM5/31/08
to Twitter Development Talk
Sorry I'm late to this thread. Gridjit uses this method extensively
and is currently not able to function without it. Future enhancements
will provide a means for authenticating users to get their
information, but it currently does not.

So is support for this functionality permanently gone??

Thanks,

Ray

On May 30, 11:25 am, "Alex Payne" <a...@twitter.com> wrote:
> An update: we'll be deprecating the usage of this method that,
> apparently, hardly anyone but us uses.  Most likely, the deploy that
> deprecates this will go out tomorrow, and the documentation will be
> updated at that time.  URLs that specify an alternate user for whom to
> fetch afriends_timelinewill continue to work, but will return
> statuses for the authenticating user.
>

twibble

unread,
May 31, 2008, 9:27:25 AM5/31/08
to Twitter Development Talk
I'd also like to get it back. I use it to display the locations of an
user's friends in Google Maps in the twibble client. That doesn't work
any more :(

Thanks,
@twibble

RoelandP

unread,
May 31, 2008, 10:51:38 AM5/31/08
to Twitter Development Talk
@alex we are currently running on the 'with_friends-timeline' here at
the pinkpop festival (see for yourself @ http://pinkpopmashup.vpro.nl),
I mailed you about it the day before yesterday.

If you are now shutting down the service,please add @3voor12 to the
API whitelist , so that we can hang on there untill sunday evening!

thank you on behalf of 200 happy backchannel festival go-ers!

all best, greetings from the pinkpop festival,

Roeland

On 30 mei, 04:25, "Alex Payne" <a...@twitter.com> wrote:
> An update: we'll be deprecating the usage of this method that,
> apparently, hardly anyone but us uses. Most likely, the deploy that
> deprecates this will go out tomorrow, and the documentation will be
> updated at that time. URLs that specify an alternate user for whom to
> fetch a friends_timeline will continue to work, but will return
> statuses for the authenticating user.
>

Kent Brewster

unread,
May 31, 2008, 10:59:10 AM5/31/08
to Twitter Development Talk
Arrgh, this broke Twitterati, Alex. (http://kentbrewster.com/
twitterati) While I think I understand the reasoning, there are an
unknown but potentially high number of sites using it, and I'm going
to have to figure out a way to fix it for them.

If you're going to remove this, don't send back the login prompt.
Having the login box pop up instead of the expected response is
potentially very bad from a security standpoint, if the JSON is being
included as a SCRIPT tag. Nobody should ever see a Twitter login
prompt anywhere outside twitter.com.

--Kent

tdr...@gmail.com

unread,
May 31, 2008, 11:42:01 AM5/31/08
to Twitter Development Talk
I have a google gadget which is now broken as it uses this api call:
http://www.google.com/ig/directory?q=twitter&root=%2Fig&dpos=top&url=www.btinternet.com/~tdroza/gadgets/twitter/index.xml

The gadget imports the json feed by adding a script tag to the page to
make a cross-domain call to twitter. I can't authenticate because I
can only do a GET not a POST. As I understand it, the only way that I
can fix this would be to have a server-side proxy to the twitter API
that takes a user's credentials and makes an authenticated request. I
specifically do not want to to this (some of the other google gadgets
do) as this is really really bad from a security standpoint - a user
should never have to give their username/password for one site
(twitter) to another site (mine). Also the google gadget is a very
lightweight html/javascript page containing all the functionality so I
do not have a server-side app.

At the moment I can't see how I can work around this with the current
API which is a shame as the gadget has around 2000 users and has been
growing steadily. It's also a pity that this thread started just 1
week ago and you only confirmed that this would be changed yesterday
and the change was deployed 24hrs later.

Remy Sharp

unread,
May 31, 2008, 1:27:16 PM5/31/08
to Twitter Development Talk
I've obviously join this conversation too late (since the change has
been made) - but I'm another developer that *does* use the open
friends_timeline.

I published a blog/site plugin that allows users to add their tweets
via JS, but doesn't hang their site if Twitter is down/having trouble
(i.e. the official twitter badge takes down their page if twitter
hangs).

Is this feature being considered for adding back in, or at the very,
very least - please don't prompt for the auth details, just send back
an empty/error JSON object, it looks really bad on bloggers sites to
prompt for a twitter username + password.

Many thanks!

Alex Payne

unread,
May 31, 2008, 2:28:12 PM5/31/08
to twitter-deve...@googlegroups.com
I'll do what I can about the authentication, but it may take until
Tuesday to get it deployed. I'm sorry that this caught some of you
off-guard. When we made the decision to axe this feature from the
API, about 95% of everyone who responded to me publicly or privately
said they didn't make use of it.

--
Alex Payne
http://twitter.com/al3x

Kent Brewster

unread,
May 31, 2008, 3:10:21 PM5/31/08
to Twitter Development Talk
Next time you guys alter the API, please consider posting the poll/
warning on the developer blog, give us at least a week to digest and
discuss before making a decision, and then another week to prepare for
the shutdown. I'm not here very frequently, so I missed the poll and
discussion entirely.

Remy: giving back a warning that the client wasn't signed in to
Twitter would be a privacy leak. A curious site could quietly ping the
API on behalf of all of its users by using the script tag hack and
note who was signed in and who wasn't. Unless I'm off-base, this is
one of the reasons why the API login and the public site logins have
to be separate.

--Kent

Cameron Kaiser

unread,
May 31, 2008, 6:23:59 PM5/31/08
to twitter-deve...@googlegroups.com
> Next time you guys alter the API, please consider posting the poll/
> warning on the developer blog, give us at least a week to digest and
> discuss before making a decision, and then another week to prepare for
> the shutdown. I'm not here very frequently, so I missed the poll and
> discussion entirely.

I understand your frustration, but what's the point of subscribing to
this list if not for those kinds of announcements?

--
------------------------------------ personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Systems * www.floodgap.com * cka...@floodgap.com
-- Only death cures stupidity! -- "Cowboy Bebop: The Movie" -------------------

Alex Payne

unread,
May 31, 2008, 7:53:54 PM5/31/08
to twitter-deve...@googlegroups.com
Kent has a good point: we have plenty of other outlets to get the word
out about urgent changes, and we didn't make use of them in this case.
I'll correct that next time.

--
Alex Payne
http://twitter.com/al3x

Kee Hinckley

unread,
May 31, 2008, 11:29:31 PM5/31/08
to twitter-deve...@googlegroups.com
It looks like most of the uses of friends_timeline which are now
popping up were using it as a way of fetching user tweets without
authenticating. I assume they realize it wasn't a full feed (didn't
include protected users). But given that, it sounds like the long-
term solution is to provide OpenID or a similar mechanism for doing
cross-domain authentication.

jen...@gmail.com

unread,
Jun 1, 2008, 11:07:54 AM6/1/08
to Twitter Development Talk
I use it for a twitter community and absolutely CAN NOT have a pop up
message bar asking my public readership for an API login. This is
incredibly tacky.

Please, please give us anonymous access to /statuses/friends_timeline/
user.format and put it back the way it was.

Thank you.

http://twitter.com/yourpoker
http://twitteryourpoker.com/

Stut

unread,
Jun 1, 2008, 11:21:45 AM6/1/08