In anticipation of Lemmy’s upcoming 0.19
release, and to work out any final issues, we’re going to deploy a test release on lemmy.ml within the next few days.
We’re doing this testing on lemmy.ml only, so that we can encounter any issues before the release, and to make sure the upgrade process is smooth for other production servers.
Some of the following will happen during the process:
- Apps will likely break (only for lemmy.ml)
- Lemmy.ml may experience some downtime for the upgrade to complete (ideally no more than an hour).
- If anything goes wrong, we may have to restore from a database backup, meaning content made in between backups may be lost.
If all goes well, we’ll have an official announcement for the release after this testing period.
I apologize for the difficulties this might cause. At most this will be a week of hair-pulling, but its vital that we catch any issues before telling other servers to upgrade.
I seem to have been screwed over by TOTP.
Hearing that this update was supposed to make borking your account harder to do when setting it up, I enabled it. Put the secret in my authenticator app, got my six digit code, and away I went.
Now, a few days later, having changed nothing on my end, Lemmy.ml won’t accept my TOTP code. My session token on desktop is expired so I can’t remove it now.
Currently my only lifeline to this account is my logged in session in Voyager, which, as far as I can tell, cannot access the TOTP setting. (Or any profile setting, for that matter… am I just stupid?)
No email to recover from, either. That’s on me, I guess. Ugh.
Not sure what my recourse is, if I even have any.
Have you tried logging in through other apps to see if they’ll take your TOTP?
Connect, Sync, and Boost all told me to go kick rocks.
Evidently, whatever happened, it doesn’t seem to be an issue with your platform.
Ok, and you’re getting a new 6-digit code from your authenticator app every time you attempt to log in?
Yes.
I noticed my authenticator app (KeePassXC) offers the ability to customize the TOTP parameters (SHA function, time step, code size). But no combination of settings seems to produce a valid code.
I assume Lemmy uses the suggested defaults in the RFC 6238 standard?
I think using an authenticator app capable of generating codes using SHA256 might do the trick if you have any possibility to try that.
Is there an update on the state of the update?
Speedily trying to get things merged and more release candidates out… sry its taking longer than expected.
we love you dw!!
Thx for the answer.
<3
I was just wondering: Instead of testing these potentially disruptive changes on the main website, why wouldn’t you make some testing instances where people can try everything out, like voyager, enterprise, and ds9 were back in the day?
I don’t think this is a bad suggestion, but it’s worth noting that
lemmy.ml
is explicitly intended not to be the “main” Lemmy, or even a major one: What is lemmy.ml?Yep, I’ve been enraged by this decision from day one. This is depressingly amateur. Let people join, let other developers make very cool apps, and then introduce a deeply breaking change in a minor version, and deploy it on the most active instance, with mere days of warning. Or “How to destroy all the progress made by Lemmy, in one small change”.
I get it if the devs and admins of Lemmy.ml are paying too much out of their own pocket, and if they want users to literally go away, to mitigate that cost.
But doing it in such an in such an insidious, demoralizing way, as opposed to being transparent with the costs and announcing (drastic) measures to mitigate that cost, is literally destroying most of the progress made so far, and driving most users back to reddit.
As of today, the list of most active servers of the fediverse has only one Lemmy server (Lemmy.world), in ninth position, and that is the only Lemmy server in that list, over four pages… The Lemmy instances used to be in the middle of the first first 10 instances, with Lemmy.ml leading the way.
Now, I guess the devs didn’t want to take those drastic measures, and tell people to they would be closing down their accounts, ordered by creation date, until the costs become bearable again. Because that would mean “admitting the Lemmy.ml experiment to show the world that people are, when given the opportunity, rising to the challenge, and putting in the effort, in true communist fashion, is actually a failure”. People aren’t ready for communism. Communism requires education, intelligence, and empathy/compassion. Our western societies are fostering the opposite traits. When we become educated, intelligent, and empathic or compassionate, it is in spite of our societies, not thanks to them.
Now, a few people opened instances, but it wasn’t enough, and fast enough, when the “reddit migration” happened, to absorb the insane influx of users to Lemmy.ml.
So I guess it is what it is, but it’s still sad and depressing…
Thought I’d mention a problem (re: Apps will likely break (only for lemmy.ml)) I am developing an app and this one request stopped working:
https://lemmy.ml/api/v3/community/list?type_=Subscribed&auth=[MY_AUTH]&username=[MY_USERNAME]&limit=50
Any other
type_
works. This one used to return only a users Subscribed communities but it just returns an empty array{"communities":[]}
. When you load it up in a browser it works. I’m driving myself crazyDoes it work after logging in again?
The auth method has changed. Check the posts stickied to !lemmy@lemmy.ml
Ah that’s great news thank you. Guess I’ll need to change my comments 🤡
I have two accounts, one on feddit.de which runs stable all the time. But my older account here on lemmy.ml seems broken in the last week:
I can’t see my own new posts in profile, comments work.- post and comment upvote-count is at zero.
log in with jerboa let the app crash.
Edit: last one got fixed with new jerboa update
I keep getting the “failed to verify JWT token” and am using a mobile browser to log in/post.
can anyone tldr all big features coming in the new release?
Some that come to mind:
- Scaled sort, which takes community size into consideration when looking for top posts
- User will be able to block instances without the need for their home instance to defederate
- The new flow for enabling 2FA makes it harder for users to accidentally lock themselves out of their accounts
- There will be a feed option to just see posts in communities you moderate (as opposed to subscribed, local, and all)
- Controversial sort
- You can import and export account settings as JSON, making switching instances easier
User will be able to block instances without the need for their home instance to defederate
Ooohhhhh so good. I have been wanting that.
Controversial sort
this one sounds like an awful idea ngl
I think scaled sort and instance blocking are the biggest new features, lots of little tweaks and bug fixes too
What’s scaled sort?
Scaled: Like hot, but gives a boost to less active communities
“Upcoming”? Are we talking hours, days, or weeks?
The release? 🤞 not more than a week, as long as we don’t run into major issues.
I got randomly signed out this morning, maybe this has something to do with that.
v0.19 still doesnt have the “subreddit” name in URLs?
also, I keep getting logged off
The community names? What do you mean?
Yeah I guess… I.e. /r/worldnews on reddit
But the community names are in the URLs. E.g. https://lemmy.ml/c/technology. Am I understanding your comment correctly?
Screw community names, I want instance agnostic URLs for posts and comments.
Right now
lemmy.ml/comment/123456
andlemmy.ml/comment/123456
are two different comments, and there is no simple way to find one comment on another instance (so you can interact with it from your logged in account). What we should have islemmy.ml/comment/123456 .world
to point to a comment made on another instance, then you can just change the instance name after theto find the comment (or post) on any other instance.
Comment IDs are not unique between instances so you simply cannot change just the part after the
to link to the same comment but accessing it from another instance.
You can always take the comment’s full URL and put in in the search field of your instance, this will show that particular comment in your instance so you can interact with it from there.
How can two urls that are exactly the same point to different content?
Perhaps they meant something like lemmy.world for the second URL.
Perhaps
This upgrade disabled 2FA for new logins
Ever since the upgrade, lemmy feels dead
It introduces a bug that hides some posts
I can sign in with a web browser, but this broke Jerboa for me
That’s expected. Jerboa has an open PR for v0.19 support, and it’ll be deployed with the official release.
Yes yes yes yes yes yes yes yes I can finally make those shitty instances go bye-bye
Wait where is the changelog for 0.19?
Instance blocking, baybeeeee!
What is it, per user? Configurable in account settings?
Yeah the latest update gives you the ability to block instances outright, so if you’re an antifascist you can block all the .de instances and not have to deal with weird posts constantly showing up from there whenever you talk about the nazis.
deleted
There will be a lot of instance purging, it seems! ╰(▔∀▔)╯
EDIT: all good, I worked it out, I found some other api docs.
Is the ModeratorView listing type in this release? If so what feed view is it available in? I can’t see it in the lemmy.ml webUI at the moment, nor in the API docs, but the code is merged.
The update has broken a bunch of things for me…
On my desktop using firefox, I cannot get images to display & everything is slow to load. On my android phone, boost was showing me a ton of stuff that I do not follow & wasn’t showing me any info about my profile (profile tab would not load or something). Boost eventually logged me out & I have been unable to log back in…Images were temporarily broken due to authentication problems, but thats fixed now. If you encounter problems in apps, please them to the developers so they can fix them.