I definitely did read it.

This idea is so bad that I’m not even going to bother elaborating.

This will just lead to more requests being made.

Also anonymous requests, like those done by Mastodon to generate previews should be cached at the CDN or web server level, making them inexpensive to serve.

etckeeper can keep track of changes you make to your config. I’ve never used it but there have been many times I wish I had.

https://wiki.archlinux.org/title/Etckeeper

I love the faux-naive boldness of everything. It all says “I’m here, this is how I look, fuck you” even though obviously nothing looks like that.

The thing about doing age verification at the OS level is the user could just install a crack that rewrites the necessary code. It’ll take some heavy DRM type stuff to block that. Possibly hardware support, like a specialised TPM.

No way can that be standardised and then rolled out quickly. If they rush it then it’ll be some proprietary power grab.

The alternative is each website and app does it separately which will be spotty and provide endless security breaches.

It’ll be a shitshow either way.

18% is nowhere near high enough to be throwing around accusations like that. Seems like the teachers don’t know how to interpret the results.

I recommend you set the Content-Security-Policy http header so that inline javascript (commonly used for XSS attacks) cannot be executed.

https://web.dev/articles/strict-csp

CSP being off is not exactly a security hole but it makes security holes much more likely. By using a strict CSP configuration you close off the possibility of a whole class of holes.

Also think about setting the Access-Control-Allow-Origin header and enable CORS on your REST endpoints.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Allow-Origin

Again, kind of a pain in the ass but gets rid of a bunch of potential problems before they start.

F-Droid has Drip, Bluemoon and Periodical.

Yeah there are other signs too. Look at those commit messages, all vague, all perfectly capitalized. All with a nice long description with bullet points.

No one does that in a project they’re building for themselves.

I was going to recommend this to someone I know but when I realised your readme.md is entirely AI-generated, I guess the whole project is probably vibe-coded. I can’t in good conscience recommend someone trust their health data to a vide-coded app because they tend to have security problems.

Also all ai-generated code is public domain so your AGPL license is kinda empty. Might as well use MIT.

The sycopathy is because to make the chat bot (trained on Reddit posts, etc) to respond helpfully (instead of “well ackshually…”) and in a prosocial manner they’ve skewed it. What we’re interacting with is a very small subset of the personalities it can exhibit because a lot of them are extremely nasty or just unhelpful. To reduce the chance of them popping up to an acceptable level they’ve had to skew the weights so much that they become like this.

There’s no easy way around that, afaik.

PieFed has this in the admin area:

So admins don’t need to stay on top of the latest defederation drama, just choose who to outsource that work to. From that baseline you can add more defederations manually.

Sorry, there’s a bug in PieFed’s activity tracking which threw me off.

None of this community’s mods have been active in the last month. This community is effectively unmoderated so there’s no one to set the rules.

If you’d like to moderate it, you could contact the lemmy.world admins and ask to be appointed. I bet a community like this would be almost no work to maintain as it’s not news or politics.

You can just about feel the warmth of the sun on the bark!

That’s a choice you made which can be changed at any time.

Good question!

PieFed sends delete requests to every known server, including defederated ones. I’ve seen a ton of delete requests from Mastodon too, for accounts that don’t exist on PieFed so it looks like Mastodon does that too. No idea about other fedi platforms.

PieFed and Mbin both let you block domains. So if you never want to see any post that links to scienceslop.ai you can block that.

It is a basic feature and it does work. Except in rare cases.

You are technically correct but the fact is that 99.9% of federated activities, including delete requests, are processed normally and in the expected way. That is not “impossible to delete” that is “will be deleted except in exceptional circumstances”.