this post was submitted on 23 Jun 2023
142 points (98.0% liked)

Lemmy

12572 readers
8 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
top 40 comments
sorted by: hot top controversial new old
[–] fishcharlie@eventfrontier.com 29 points 1 year ago (1 children)

@dessalines@lemmy.ml Thanks for the information here and all the hard work you have put into this release.

Gotta say tho, as the maintainer of Lemmy-Swift-Client, breaking API changes like this without an API version bump, make API development within the community incredibly difficult.

So my question to you would be, what is the purpose of having v3 in the API path, if the true test of API compatibility is the GetServerResponse version field? And breaking changes will occur in GetServerResponse version changes as opposed to the version in the API path? That doesn't quite make sense to me.

Would love your perspective so I can figure out how to best design the package API to accommodate client developers who might have to contend with multiple server versions.

[–] dessalines@lemmy.ml 1 points 1 year ago

The lemmy API still hasn't hit a version 1.0, and should very much be considered beta, with a lot of active and breaking changes. When we do stabilize it, then we can start to make these breaking API changes more solid. The v3 should probably just go away at this point, because we have too much active development and API changes to justify it.

What we do on lemmy-js-client, which has its types auto-generated from rust, is use tags that match our lemmy release semver version.

I'm not sure how you built lemmy-swift-client ( I hope its auto-generated from either the rust or lemmy-js-client types), but you could do the same thing: use tags to version it, then applications could use those tagged versions.

[–] binwiederhier@discuss.ntfy.sh 17 points 1 year ago* (last edited 1 year ago) (2 children)

WebSockets ... causing live updates to the site which many users dislike

I appreciate all the work in this release. It's insane how much you packed into one release. Well done. I am most excited about the live updates going away. It was quite disruptive. Thanks for that.

That said, WebSockets can be implemented very efficiently. I run an open source notification service called ntfy, and the public instance ntfy.sh currently keeps 6-8k WebSocket connections and thousands more HTTP stream (long polling HTTP) open, all on a 2 core machine with 4GB of RAM. My point being that WebSockets can be implemented very efficiently. Though in Lemmy's case it's likely not necessary.

-- Another thing I wanted to notice is that I am missing mentions of security issues in the release notes. There are some tickets that sound really really really bad, like this one: https://github.com/LemmyNet/lemmy/issues/3060

Isn't that more important than anything else?

[–] dessalines@lemmy.ml 10 points 1 year ago

We're very busy but we'll get to it when we can.

[–] cmeerw@programming.dev 4 points 1 year ago

That said, WebSockets can be implemented very efficiently.

I agree, the main issue I was actually seeing with Lemmy's use of WebSockets was that when opening the main page it was continuously streaming all posts from the server (including posts in communities not subscribed to) to the browser client.

[–] bdonvr@thelemmy.club 11 points 1 year ago (1 children)
[–] gabriele97@lemmy.g97.top -1 points 1 year ago

I laughed a lot on it 🤣

[–] AlmightySnoo@lemmy.world 9 points 1 year ago* (last edited 1 year ago) (3 children)

I really appreciate the work that you're doing but...

Captchas are not available in this version, as they need to be reimplemented in a different way. They will be back in 0.18.1, so wait with upgrading if you rely on them.

What the hell? Another bad default where newbies will continue to launch instances attracting 10k+ bot signups per day and new users will keep getting disgusted by Lemmy if they land on one of those spammy instances. Making captchas a default should have been a priority and I'm sure no one would have complained if the 0.18 release was postponed to make that happen.

[–] Dr_Cog@lemmy.ml 15 points 1 year ago

The feed desperately needed a fix, so I'm glad they pushed it out. But agreed, they should be prioritizing methods to reduce spam and bots in the next release, even if they need to push out a relatively feature-sparse version first

[–] necropola@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

I was tracking the Race for Captchas in 0.18.0 and I'm pretty surprised how it went in the end.

https://lemmy.world/comment/451026

[–] vriska@l.60228.dev 0 points 1 year ago

I definitely would've... it was basically impossible to subscribe to communities on lemmy.world and lemmy.ml from smaller instances before 0.18.0, and after lemmy.ml updated that's no longer an issue.

[–] eoli3n@lemmy.ml 5 points 1 year ago

The piece of content in the feed is great and much more fun to browse ! That specific change makes me feel that I can jump from reddit to lemmy definitly.

Good work dudes <3

[–] keiko@fedia.io 5 points 1 year ago* (last edited 1 year ago) (1 children)

All Lemmy instances on v0.18.0 are inaccessible with javascript disabled. The only way to privately browse Lemmy instances now is via kbin. I was hoping that Lemmy was going to focus more on privacy with the coming updates. Maybe this will be fixed in v0.18.1?

#Lemmy

[–] poVoq@slrpnk.net 4 points 1 year ago* (last edited 1 year ago)

JavaScript itself has nothing to do with privacy. I assume you think so because you are using Tor Browser at the higest security setting that disables JavaScript entirely?

IMHO just stop using that broken-by-design browser and use a browser extension with a JavaScript allow-list.

[–] dvdnet90@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

wow TOTP support is always welcome!!

[–] death916@lemmy.death916.xyz 4 points 1 year ago (1 children)

I thought captcha were re enabled on the rc For this but the notes say it's gone again. Adding one completely stopped botted sign ups for me

[–] necropola@lemmy.world 6 points 1 year ago* (last edited 1 year ago) (1 children)

Captchas have been restored by a PR shortly before release and almost immediately been removed again by reverting the PR. The PR author has been asked to re-create his PR and then 0.18.0 got released without Captchas.

[–] death916@lemmy.death916.xyz 4 points 1 year ago (1 children)
[–] vriska@l.60228.dev -2 points 1 year ago (1 children)

The PR hadn't been reviewed and was merged by mistake, from my understanding.

[–] xlsigned@feddit.de 3 points 1 year ago* (last edited 1 year ago)

PR #3249 got reviewed, approved and then merged by Nutomic and then reverted by dessalines because ...

@TKilFree This got wrongly merged without a PR from me. You'll need to re-open it.

Whatever that means ...

[–] Wander@yiffit.net 4 points 1 year ago (2 children)

Is it safe to update via ansible?

[–] dessalines@lemmy.ml 4 points 1 year ago (1 children)

Yes. We have one issue open having to do with site icons, but everything else is smooth.

[–] Wander@yiffit.net 2 points 1 year ago

Good to know. Thank you for your work!

[–] tugg@lemmyverse.org 0 points 1 year ago* (last edited 1 year ago) (1 children)

I tried to upgrade via the instructions doing a git pull and then running ansible again and it totally broke my site with a server error message. I ended up reverting back to 0.17.4.

EDIT: It looks like they added some extra NGINX proxy stuff in there. All that broke my instance and I had previously just deployed via ansible following the instructions on their page. I would stay away for now.

[–] Wander@yiffit.net 1 points 1 year ago

Yeah, I'll better wait for now.

[–] sudneo@lemmy.world 4 points 1 year ago

That's a LOT of changes. Kudos to all the people involved.

[–] hawkwind@lemmy.management 4 points 1 year ago

Great work!

[–] Hagarashi8@sh.itjust.works 4 points 1 year ago

Man, i appreciate updates, but lemmy_api_common is now broken.

[–] fox@lemmy.fakecake.org 3 points 1 year ago

very nice, updated with zero issues.

[–] Icarus@lemmy.ml 3 points 1 year ago (1 children)

is the bug with "active" sorting fixed ?

[–] qtie314@sh.itjust.works 2 points 1 year ago

It seems to!

[–] underscorner@feddit.it 1 points 1 year ago (1 children)

are there any plan to integrate lemmybb as optional web interface ?

@nutomic@lemmy.ml

[–] nutomic@lemmy.ml 1 points 1 year ago

Not with the default installation if thats what you mean. You can already install it manually alongside lemmy-ui.

[–] ledditor@leddit.minnal.icu 1 points 1 year ago

Great job... Waiting for ARM docker images to get updated

[–] briongloid@aussie.zone 1 points 1 year ago

The community linking is great, is there a way to share posts natively?

[–] Vulnicura@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (2 children)

I don't know how this works but I think I read somewhere that this version fixes the new post spam on browser, I checked and it's still the same, when will that be fixed? Is it an instance thing?

[–] JCreazy@midwest.social 2 points 1 year ago

The instance has to be running the updated version.

[–] dessalines@lemmy.ml 1 points 1 year ago (1 children)

What does new post spam mean?

[–] SkyNTP@lemmy.ml 1 points 1 year ago (1 children)

I noticed in the web client used on mobile, there would often be new posts flooding in at the top of the page. Maybe a page's worth at a time. I'm still using web client on mobile on lemmy.ml and haven't noticed this since the deployment of 0.18 yesterday.

[–] usernotfound@lemmy.ml 1 points 1 year ago

Yeah, that's been addressed.

HTTP API instead of Websocket

Until now Lemmy-UI used websocket for all API requests. This has many disadvantages, like making the code harder to maintain, and causing live updates to the site which many users dislike.

load more comments
view more: next ›