nutomic

nutomic, 4 days ago

I’m surprised that there are still instances out there running 0.18.2-rc2 or 0.17.0. Those versions are full of bugs and miss so many features.

nutomic, 3 days ago

They refuse to upgrade and then complain that mod tools are insufficient (which have improved a lot in the meantime). You really can’t make this up.

nutomic, 5 days ago

It would be interesting to investigate why Lemmy has high CPU usage. In principle it should be quite efficient as its written in Rust. Its also not doing anything particularly performance intensive, unless you are subscribed to lots of communities or have lots of users.

nutomic, 1 month ago

This, particularly reports are not fully federated.

nutomic, 1 month ago

I just opened an issue about it: github.com/LemmyNet/lemmy/issues/4744

nutomic, 1 month ago

Alright Ive added @kevincox, @CrypticCoffee and @Lettuceeatlettuce as mods and removed the inactive ones.

nutomic, 2 months ago

Well written, it would deserve a separate post.

nutomic, 2 months ago

What is this “stance on mod features” that you are talking about?

nutomic, 2 months ago

I dont have time to read all that. The problem with Beehaw is that the admins are extremely entitled, as if we had some obligation to work for them for free. Similar to what is described in OP.

However we are consistently improving the mod tools, and accept contributions in that area. You can see in the dev updates.

nutomic, 2 months ago (edited 2 months ago)

Im a former contributor to F-Droid with various merged pull requests. Looking at the indicated pull request I really doubt that it was an intentional attack. First of all its easy to forget for a new developer to escape SQL parameters, and the docs dont even mention a risk of SQL injection attacks. And of the users pushing for the PR to be merged, one is a long-time F-Droid contributor, and the other also looks like a real human with many contributions in other repos, so no sockpuppets in sight.

It simply looks like standard open source behaviour, for better or for worse. A new user makes a contribution for a highly demanded feature, and users want it to get merged as soon as possible. Maintainers are discussing the big picture of the change and want to avoid breaking changes, without getting into code review yet. The new contributor seems unwilling to make any design changes to his PR, and gets frustrated that it doesnt get merged as is. The potential vulnerability is only noticed half a year after the PR was opened, at which point it was already de facto abandoned. So not an attack, but simply a developer who is new to open source and doesnt understand how the process works.

nutomic, 2 months ago

One of the comments mentions that another app can trigger search through an Android intent. So its better to be safe and close any potential vulnerabilities, but this doesnt seem particularly useful for an attacker.

nutomic, 2 months ago

We applied for funding last August, but unfortunately we are still waiting for it to be finalized. Seems like NLnet is quite overloaded these days.

nutomic, 8 months ago

That instance list is built completely automatically by a crawler, no one approves instances before they are listed. In this case it was removed as soon as we became aware of it. Next time please make a pull request like that one, its much more effective than complaining.

nutomic, 1 year ago

Wow this is a great idea. You can make a pull request to link this in the Lemmy docs. Once its a bit more mature we could even merge it directly into Lemmy.

nutomic, 4 years ago

So much for “Microsoft ❤️ open source”

github.com/dotnet/maui/issues/35