this post was submitted on 23 Jun 2023
13 points (100.0% liked)

Lemmy.nz Support

345 readers
1 users here now

Ask your questions here

founded 1 year ago
MODERATORS
Dave
13
Lemmy 0.18 released (join-lemmy.org)
submitted 1 year ago by sylverstream to c/support
19 comments fedilink hide all child comments
 

This may impact lemmy.nz as well as it's a breaking change.

you are viewing a single comment's thread
view the rest of the comments
[–] Dave 2 points 1 year ago (1 children)

Yeah, definitely. But the lack of capcha and the fact there's a bug where a remote user can cause an admin account to be un-admined (locking admins out of those settings), well I'm definitely considering waiting for 0.18.1

[–] z2k_ 2 points 1 year ago (1 children)

Didn’t know about the admin lockout bug, that sounds serious.

[–] Dave 1 points 1 year ago* (last edited 1 year ago) (1 children)

The steps to reproduce don't seem to have been tested but the current theory is that if a user is federated to a server that has an admin with the same name, and then that user is banned, then it may cause the admin to be un-admined I guess due to an update that doesn't correctly distinguish the local and remote users.

Honestly, it's annoying but may not be a showstopper for upgrading to 0.18

You can fix it by changing the flag in the database, and it's not giving the admin permissions to another user which would be a big security problem.

[–] sylverstream 2 points 1 year ago (1 children)

Hi @Dave@lemmy.nz my Jerboa app (Android) has auto updated overnight and now I can no longer log in that way as it requires 0.18. Guess I'm not the only one. Did you decide yet if you want to upgrade to 0.18?

[–] Dave 2 points 1 year ago (1 children)

I did not know that! Thanks for letting me know. I will make upgrading a priority, though we will probably need to turn on registration applications as the cloudflare bot detection doesn't seem to be working

[–] sylverstream 2 points 1 year ago (1 children)

Yeah it's a bit annoying that they didn't deprecate it instead of just ripping it out. Anyway, I see you've updated it to 0.18 :) Hopefully all goes well!

[–] Dave 2 points 1 year ago* (last edited 1 year ago)

There was a technical reason. This version removes websockets, which has performance improvements and solves a lot of outstanding issues.

Unfortunately the current captcha relies on websockets. The option is actually still there, it just causes an error on the registration page, stops registration from showing, and still doesn't actually show a captcha.

Long story short, it's just broken rather than deliberately removed (though originally they planned on dropping it which is why no effort went into solving the issues.