I don't think .ml should be ousted. I think they should stop being dickheads. It's a little tangential to this particular post (mostly only relevant in that it makes people suspicious of their motives when otherwise they would not be.)
Yeah, it’s crazy how we all have more or less the exact same opinions, and the leader bans anyone who doesn’t have those opinions, and we’re all fine with it and in fact justify it and claim it’s right, whenever it comes up.
It’s totally insane. I have no idea how or why anyone would decide to make an account in our stuff. In fact, it makes other people suspicious of our designated good leader, even in scenarios where there isn’t otherwise a ton of reason to assume any malice.
Pick a lane, .ml.
I know, we don’t want our software sending our secrets to the trusted good leader, and we don’t feel like participating in places where only the leader’s viewpoint is acceptable. Unlike the non-sheep, who are fine with both those things apparently, because who wouldn’t trust the good leader.
They didn’t acknowledge it. They just silently fixed it (or, someone did, at least).
They’re not obligated to come in here and get yelled at, of course, and what would it accomplish. But, on the other hand, it is relevant that they can’t handle being in any environment where people can just speak freely to them, and respect is earned rather than demanded by force. There’s a certain type of mentality that just can’t cope with being in any role other than “the boss” and being able to talk down to or punish whoever they want, with no one allowed to express anything other than respect and obedience in the other direction. That is, in fact, the exact mentality that makes people suspicious of this otherwise maybe innocent issue with the software.
The Iranians attacked an American base during Trump 1 and injured some soldiers, and Israel had been killing Americans periodically since the USS Liberty. No one’s going to give a shit, in any way that matters.
Seems like a genuine miss, contrary to what the comments here would have one believe,
You might be right. I looked at the history and the way it came in, and it's not as wildly anomalous to the rest of the file when looked at in context. Maybe it's just a mistake.
I think it would be very rare that people would put two and two together to realize that their password had been "stolen" by this event. Like I say, I have no real idea even if it is being stolen, just that it would be trivial for .ml to decide that they wanted to start keeping a little cache of everyone's admin email addresses and passwords.
Like someone else said, if it was anyplace other than lemmy.ml, I wouldn't give it a second thought, it would just be "whoa you gotta fix this." I sort of agree with you that there's not even really any strong indication that there's anything all that bad they could do with it. It's only because lemmy.ml moderation actions already have such a pattern of authoritarian dishonesty that I get to any degree paranoid or alarmed about it.
The longer I look at it the more suspicious I am of it, to be honest. I'm just kind of generally a paranoid and accusatory person, so take that into account, but... the files are pretty carefully set up. They have variable substitutions for everything, including a bunch of places where there's a template substitution to change a string around when setting cache keys so that it'll still work out-of-the-box right away, even in complex configurations like multiple domains on a single server. It all works out-of-the-box right away, they've clearly been attentive to making sure it's all set up right and keeps working cleanly as things have been evolving forward. Except for that one place.
I think it should be more public knowledge than just people who peruse the github issues. Also, it's so trivial to fix that it will save them some time if they don't have to close the issue after they spend literally 10-15 seconds fixing it.
Hm... definitely don't automatically do anything with ponder.cat going forward, this instance is just on the verge of shutting down because the .cat registrar caught me not being Catalan. I'm a little surprised it hasn't already happened.
So what the [email protected] bot does is, more or less, just grab
https://data.lemmyverse.net/data/community.full.json, sort by (MAU / number of subscribers), and then make a post of the highest-rated community with at least 100 subscribers that hasn't already been posted.I don't see [email protected] in that Lemmyverse list and I have no useful input for you as to why that might be... maybe something to do with Anubis? Is lemmyverse maybe trying to fetch the main page and crawl the .js instead of grabbing the list of communities from the API, something like that, so that it can't update slrpnk anymore now? I have no idea.