The 0.18 version of Lemmy was announced. This will solve many issues.

But we can’t upgrade yet because the captcha was removed, and captcha relied on Websockets, which are removed in 0.18 so despite the devs agreeing on my request to add captcha back, this will not be until 0.18.1. Without captcha we will be overrun by bots.

Hopefully this 0.18.1 will be released soon, because another issue is that the newest version of the Jerboa app won’t work with servers older than 0.18. So if you’re on Lemmy.world, please (temporarily) use another app or the web version.

  • Kabe@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    edit-2
    1 year ago

    The Dev’s stubbornness about captchas is a little baffling. Yes, they’re not 100% foolproof but they help.

    It’s like arguing that we shouldn’t have locks on or our doors because a skilled lock picker can get past them.

    • OsrsNeedsF2P@lemmy.ml
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      The devs aren’t pushing back against captchas, but they’re desperately trying to get 0.18 out to resolve a ton of issues. Captchas need to be redone in the code level and no one has done it yet.

    • ilovededyoupiggy@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      edit-2
      1 year ago

      My very first post on Lemmy was a (admittedly out-of-date) rant about the devs stubbornness about the hardcoded bad words filter and their behavior in the relevant GitHub issues. And I had people jumping in the comments defending them, telling me that it was fixed years ago, they’re better now, surely that couldn’t possibly happen again.

      I am Jack’s complete lack of surprise.

      ETA: and yeah, I know about kbin, I’ve tried both, kinda waiting to see all the new Android native apps before completely moving over there. Seeing how all this shakes out.

        • danielton@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Agreed. This is the main thing preventing me from using kbin more. There is a developer trying to write an app (Artemis), but she said it’s difficult without an API.

      • Kabe@lemmy.world
        link
        fedilink
        arrow-up
        5
        arrow-down
        2
        ·
        1 year ago

        That only happened recently, though. For weeks they were replying to instance admins requests to reinstate captchas with things like “bots have beaten captchas, so they’re useless.”

          • Kabe@lemmy.world
            link
            fedilink
            arrow-up
            0
            arrow-down
            8
            ·
            edit-2
            1 year ago

            My mistake, I understood admins had been asking for the return of captchas as soon as they were removed.

            Still, it took a few days for the devs to agree to reinstate them, which, combined with the general tone seem in that second link, is what gave me the impression that they were reluctant to do so.

            • fubo@lemmy.world
              link
              fedilink
              arrow-up
              3
              ·
              edit-2
              1 year ago

              In open-source projects and communities, it’s often a bad idea to go around looking for (or inventing) conflicts among contributors. It can come across as drama-seeking or trolling.

              In software engineering in general, a common reason that a desirable feature has not been written yet is that the people who know & work on the code only have so many hands, and so many hours in the day, and there are other things that also need doing.

              This service is undergoing rapid development. Spam & abuse problems are things that folks who have run Internet services before are well aware of. It’s not like anyone is going to give up and let spam bots ruin the thing they’re building.

              I doubt anyone wants to build a service that becomes 95+% spam & abuse, ya know?

  • OnkelCannabia@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    1 year ago

    Biggest concern for me is the broken auto scrolling/updating. I can’t use this site properly as long as the list of topics doesn’t stay in place long enough for me to finish reading the headline.

    Hopefully after this is fixed I’ll start contributing.

    • 𝕭𝖚𝖑𝖚 𝕺𝖓𝖙𝖆@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      edit-2
      1 year ago

      there’s a couple of points here

      1. current website is version 0.17.4 (you can check this at the very bottom)
      2. version 0.18 is ready, but there’s no captcha yet (the thing where you have to identify objects on squares, or click a box that’ll turn into checkmark)
      3. without captcha, bot accounts (not real users) can register to the site too easily
      4. so we’re gonna wait for version 0.18.1, the one with captcha active.
      5. the Jerboa app, the android app for browsing Lemmy has also recently updated, and will only work for Lemmy version 0.18 up, thus it’s advised to use another app or just the web for now

      note : the site version 0.18 is already out for the main Lemmy instance, which is lemmy.ml, but lemmy.world (where we are now) is gonna wait for version 0.18.1

      • Kwaker76@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        I’m using Jerboa and everything seems to be working fine. Edit: Jerboa started playing up mainly crashing on opening it. Binned it off and now using Connect

        • Vanon@lemmy.world
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          I first thought my Jerboa was fine (despite the popup warning about version), since I could browse a bit without it obviously exploding. But no, it crashes regularly now (closes, no warning or messages).

          I don’t understand why a Lemmy update would be considered for release that removes security features like captcha support. (Especially during this time of high rates of signups, and well known bot wave in some instances.)

          Combined with Jerboa update that needs the Lemmy update, and popularity of instances that need captcha, it’s unfortunately causing a mess for many users.

          • jose1324@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            1 year ago

            yeah i agree. This setup is really dumb. I just joined and this took way too much fiddling already for new ‘simple’ reddit users. Helps i’m used to linux.

    • jcg@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Lemmy.world is running Lemmy version 0.17.4 right now (check the bottom of any Lemmy instance and it’ll tell you what version is running). The new version fixes a lot of things, but lemmy.world can’t upgrade to that new version yet because it’ll be overrun by bot accounts. We have to wait for the next version and skip this update because that has the protections for bot accounts.

  • figaro@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    Ok so guys, I appreciate the devs of Jerboa for doing what they do, but I am absolutely switching to another app immediately when something else decent shows up.

    • visualfeast@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      How does it compare to wefwef.app ? I’ve been using it a couple of days and it’s been pretty sweet so far. Found it on r/apolloapp.

      • figaro@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I just checked this out. Until a better native app is created, I feel like this is by far the best choice for using the site on mobile. Good find 👍

        • AnonLordo@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Connect is great, but take a look at Liftoff. It’s even better. I think we’ll see better apps than reddit ever had soon.

          Edit: Releases since it’ not on F-Droid or Playstore yet.

          • RiotRick@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Liftoff has no way to change font size yet. I find the text too small for easy reading. Trying all the apps at moment. Jerboa is fine, but currently cannot login until lemmy.world is updated. Connect seems to work ok. Basically they are all still a work in progress, but usable.

          • notExactlyI20@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Been using it for a while now. Feels great for being a WIP app but there are still some hiccups (can’t suscribe to communities that aren’t on the same instance as my account as an example). Prob will use both Jerboa and Liftoff

  • Rick@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    I just updated and it gave me an error on jerboa but it still seems to be working fine

  • Deathstalkr1@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    For now i made a shortcut on my phone’s home screen to this lemmy instance to act as a quasi lemmy client, works pretty well for the time being.

    • Restaldt@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Lemmy is a progressive web app and can be installed directly

      Heres a link to the instructions to install pwas from google Install pwa

      … so i read the instructions and its not too helpful. Open lemmy in chrome on android then hit the 3 dots in the top right and near/above the option to open the desktop site you should see an install lemmy button

  • LimitedWard@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I know these are early-adopter pain points, but I think if Lemmy is really gonna take off, the devs need to get serious about backward compatibility and ensuring backend upgrades don’t completely break major instances/clients. IMO switching from websocket to HTTP should have been treated as a breaking change with a new major version release and a more controlled rollout period for this exact reason.

    • barsoap@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Quoth semver 2.0.0:

      Major version zero (0.y.z) is for initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.

      “Semver proper” only starts at version 1.0.0:

      Version 1.0.0 defines the public API. The way in which the version number is incremented after this release is dependent on this public API and how it changes.

      • impulse@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        This is important. Many people (and news outlets for that matter) consider Lemmy a product, when it really is very much an on-going early stage development effort.

        It’s amazing how well everything works already, but nothing should be considered stable at this point.

  • wit@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Damn, that sucks. Is manual approving + email not enough for the time being?

    EDIT: I see that in the GitHub issue you linked, you answer this question. TLDR: No, it is not enough it seems.

  • Synapse@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Alternatively to Jerboa, it’s possible to use the web site as a contained web-app, using Firefox on Android.

    Firefox - Open in app

  • KazuyaDarklight@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    @ruud@lemmy.world Dodged bullet anyway, v18 2FA doesn’t make people confirm that their app is configured correctly by asking for a code, as is tradition. It just gives them their QR/Key and locks them into 2FA immediately. If they botch adding it to their app they are locked out. And I hear the code currently being generated is silently incompatible with Authy, so those people end up SOL even if they do everything right.

    https://github.com/LemmyNet/lemmy/issues/3309 / https://github.com/LemmyNet/lemmy/issues/3325

  • bquinlan@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Ouch. I understand exactly how things like that happen, but it is unfortunate. Hope it’s resolved quickly.

    There is a tremendous amount of pressure on everyone in the development/admin chain right now because of the insane influx of new users. (I’m one of them.) It amazes me how well everyone has been handling it. And I am grateful to all of you!