tbh it’s probably not going to be too complicated to switch to 1.0. the current api is generated from lemmy-js-client, but 1.0 api has an official openapi file. if there is a decently usable openapi generator for go that would probably not be too complicated to swap in instead and adjust the api calls in mlmym code.

reports don’t federate in all cases.

currently, only accounts on the community instance get 100% report coverage, as they are sent only to the reporter’s instance, the reported user’s instance and the community instance currently. afaik this is supposed to get better with lemmy 1.0 eventually, but this is what we have to work with for now. resolving reports on another instance won’t resolve them on LW, unless you remove the associated post/comment. this should however not impact visibility when you do check on your LW account.

report counts will show next to the shield icon in the top right, to the right of the PM/mention bell icon, if there are any.

there is a small possibility that our logic for sending these messages is incorrect, but you’re the first person i see mentioning this while we’ve had this for a pretty long time already.

that’s odd, the query for those unresolved reports should be finding the same things you’d see in the reports view on the website or jerboa.

do you have a specific example where you can’t find a report? i can take a look at that and probably find the reports.

you can also both in jerboa and also on lemmy-ui select to show all reports, not just resolved ones, which might help identifying them?

already did. it’s the same person running the infrastructure, although moderation of mstdn.party and mstdn.plus is handled by someone else.

we’ve since been in contact with the person running these services and the material has been taken down on lemmy.one, as well as lemmy.one closing down in three months.

we’re still discussing in our team how we will deal with this going forward and will be posting a new announcement about this in the coming days.

you can read https://lemmy.world/post/29550945 for our previous writeup about this.

it’s a combination of multiple issues.

lemmy federation has improved significantly over the past years, so if this was happening with lemmy instances today, especially online ones involved, this would be much less of an issue.

the original user posting this stuff was on a kbin instance. kbin/mbin still do not support federating bans of users. kbin is basically dead, mbin is tracking that here. when this was originally removed on kbin this never federated out to other platforms.

the next problem is that the original instance is no longer there, so attempting to address this with community bans from lemmys side is not working anymore if the user isn’t known to the instance anymore, as it can’t be refetched from the source. if the instances that the related communities are hosted on purged this user in the past they wouldn’t be able to federate out a community ban anymore.

another problem is that lemmy is typically configured in a way where it creates a local copy of thumbnails if no thumbnail url is provided by the source, which is what lead to a local copy of this material. in the end i consider this only a secondary issue, as while most people would rather not have this stored on their servers at all, if you allow media uploads you can never be 100% sure about the content uploaded to your server. this is therefore typically something where providers are expected to take action once they become aware of it. some providers are also taking preventative measures like scanning uploads, comparing to hash databases of known csam, etc. had the original instance ban or community bans been performed properly this would at least have removed public access to the stuff, as the media filenames are randomly generated and not guessable.

it’s generally not impossible to prevent stuff from returning to your instance once you have taken it down properly, but in cases where federation didn’t work, which could be for a wide range of reasons, including your instance being misconfigured during maintenance, your instance being defederated from an instance involved in the removal, and others, it may require local action. if i ban a user then no new content form that user is going to come to LW until they are unbanned again. this includes manually fetching posts or other content, so if i purge an old post of theirs the post wouldn’t be able to come back until the user gets unbanned.

the problem isn’t being able to see them in the thread but that you can’t open the user profile, so you don’t see if there are any comments.

essentially start by identifying the accounts posting links to the domain in question, then analyze the voting behavior of the accounts upvoting these posts. you can start by sorting out accounts that have legitimate activity and then narrow it down further and find common patterns that only apply to these accounts.

most of them were also created in similar time frames.

edit:

to extend on this, once you have something to go on with it’s fairly easy. the hard part is finding something that applies in a more generic way to identify this happening before someone else discovers unusual voting patterns and reports them.

thanks for flagging this, i just banned 346 accounts involved in this scheme from lemmy.world :|

(unbanned at the time of creating the report) accounts posting links to the same domain:

• 4x sh.itjust.works
• 2x ani.social
• 1x thelemmy.club
• 1x lemmy.ca

accounts i’m highly confident were involved in vote manipulation here:

• 172x sh.itjust.works
• 22x ttrpg.network
• 21x lemmings.world
• 20x discuss.online (banned by me)
• 19x lemmy.wtf
• 18x lemmy.myserv.one
• 18x leminal.space
• 18x ani.social
• 16x endlesstalk.org
• 7x lemmy.ca
• 4x lemy.lol
• 1x toast.ooo
• 1x startrek.website
• 1x lemm.ee

certainly not something i’m willing to risk. defederated them now.

the stuff is still up on lemmy.one, months from the original report, with zero indication that they care about it in the slightest.

i’m tempted to add their domains to our automod (only removal), but i’ll discuss this in our team before doing so.

even if there are multiple people involved in the operation of this discourse forum, even this announcement is by jonah, who as far as i can tell is the head of these projects and also owner of the associated US companies. if this was something ran by a different team and they’d be able to separate themselves from jonah’s (in)actions then it might be a different story, but as it is right now, it seems that all these services related to PrivacyGuides are operated by the same entity.

Now for the other weird bit. If I enable secret mode, the website works fine.

most likely the bad 404 response was also cached in your web browser. try clearing your cache or doing a reload with ctrl+f5 or cmd+shift+r.

we had an issue related to incorrectly caching 404 responses earlier but that was a few hours before your post. it should already have been resolved when you posted this.

as this has since been clarified by @[email protected], i have updated my comment above and can confirm that it is in fact 0% of lemmy.world/fedihosting foundation donations that go towards the lemmy.ml instance rather than 0.05%.

i believe they were confused by the topic of this comment chain, as the main post is about donations towards lemmy development.

lemmy development accepts cryptocurrency donations: https://join-lemmy.org/crypto

lemmy.world/fedihosting foundation does not currently have an option for cryptocurrency donations.

i’ve banned all the accounts i could identify as part of this scheme from lemmy.world now.

i originally sent them a warning before i was aware of the scale of this involving a bunch of alts with different usernames. if i had known that when i sent the warning it would’ve been a ban straight away.

they replied to my warning pretending they didn’t know about any recent vote manipulation, so they’re clearly not interested in acting in good faith going forward.

yes, we have a matrix room for coordinated efforts against spam and other types of abuse, which admins are welcome to join.

once lemmy allows reporting user profiles directly this will probably become more likely to reach the instances admins of instances that are less actively maintained as well.

I’ve sent out warnings to 10 other users in the past few days about similar behavior already and also banned two users for this type of behavior. one of them appealed and is unbanned again.

I also had this account in my list of such accounts, but I hadn’t followed up on it yet, as I figured I’d just deal with the top n users and then review it again at a later point in time.

i’ve sent them a warning about this as well now that they’ll get banned from our instance if they continue engaging in this behavior.

and just now there has been a PR merged in the upstream repo after i spent some time to get a fork properly set up…

@[email protected] @[email protected] @[email protected] are you still reading on any of these accounts? are you planning to return to maintaining mlmym?

if people want to contribute code, they can check out the various repositories in the LemmyNet GitHub org to see which issues are looking for someone to pick them up.

the main repositories, by language, are:

• Rust
  • lemmy - backend of the application
  • activitypub-federation-rust - federation library
  • lemmy-ui-leptos - work in progress rewrite of lemmy-ui in Rust
• TypeScript/Inferno
  • lemmy-ui - the default lemmy web interface
• Kotlin
  • jerboa - the official Android app

additionally, there is a range of open source alternative web interfaces and apps that wouldn’t mind contributions. some of them are listed here: https://github.com/dbeley/awesome-lemmy?tab=readme-ov-file#alternative-front-ends

ethical ads are virtually non-existent. when limiting ads to ethical ads it’s unlikely you’re getting even remotely close to bringing in the necessary funds.

people promoting ads are typically those who expect others to suffer while they themselves are using ad blockers. there are some people who honestly turn off ad blockers, but i wouldn’t recommend anyone to do that for any site, as i don’t consider the majority of ads ethical and it’s also often used as a malware/phishing/scam distribution mechanism.

this is also a vicious cycle of more people blocking ads -> ads getting worse to offset the lost ad revenue -> more people blocking ads. this is what lead to the internet today, where the majority of the internet is basically unusable if you don’t use ublock origin or a comparable solution.