Lemmy Developer AMA and Dev Update, 2024-01-26, 1500 CEDT

This is a chance for any users, admins, or developers to ask anything they’d like to myself, @nutomic , SleeplessOne , or @phiresky about Lemmy, its future, and wider issues about the social media landscape today.

NLNet Funding

First of all some good news: We are currently applying for new funding from NLnet and have reached the second round. If it gets approved then @phiresky and SleeplessOne will work on the paid milestones, while @dessalines and @nutomic will keep being funded by direct user donations. This will increase the number of paid Lemmy developers to four and allow for faster development.

You can see a preliminary draft for the milestones. This can give you a general idea what the development priorities will be over the next year or so. However the exact details will almost certainly change until the application process is finalized.

Development Update

@ismailkarsli added a community statistic for number of local subscribers.

@jmcharter added a view for denied Registration Applications.

@dullbananas made various improvements to database code, like batching insertions for better performance, SQL comments and support for backwards pagination.

@SleeplessOne1917 made a change that besides admins also allows community moderators to see who voted on posts. Additionally he made improvements to the 2FA modal and made it more obvious when a community is locked.

@nutomic completed the implementation of local only communities, which don’t federate and can only be seen by authenticated users. Additionally he finished the image proxy feature, which user IPs being exposed to external servers via embedded images. Admin purges of content are now federated. He also made a change which reduces the problem of instances being marked as dead.

@dessalines has been adding moderation abilities to Jerboa, including bans, locks, removes, featured posts, and vote viewing.

In other news there will soon be a security audit of the Lemmy federation code, thanks to Radically Open Security and NLnet.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. Recurring donations are ideal because they allow for long-term planning. But also one-time donations of any amount help us.

toastal, (edited )

Will the source code ever move off of proprietary Microsoft GitHub where users need to have an account to contribute & search code—or certain users are blocked due to US sanctions? If the idea is wanting to stand up against centralized US-corpo-controlled social media for forums, why use that US-megacorpate-controlled code forge / social media platform?

1984, (edited )
@1984@lemmy.today avatar

I think it’s fine. You won’t influence anything about US by using a worse collaboration platform. If Lemmy becomes more and more popular, it may eventually become a real alternative for the masses. That’s what the goal should be - not avoiding github.

It’s better to be smart here.

toastal,

Some alternative forges offer better features (or less social cruft) & are faster (some are not even limited to Git!)… what you will get is the ability to own the code & community along with set the terms instead of letting Microsoft set them for your community & be the gatekeeper for who gets to have access. If you wanted a corporate, centralized, proprietary forum go back to Reddit/Twitter; if you think that’s a terrible recommendation, in the same spirit you should leave behind corporate, centralized, proprietary code forges.

nutomic,
@nutomic@lemmy.ml avatar

So far these problems are mostly theoretical, in practice Github works fine. But once Forgejo gets federation working we will probably migrate to a selfhosted instance.

dessalines,

I’d also be in favor of moving to Forgejo once federation gets fully functioning, and reliable.

phiresky,

I agree that it’s not ideal to be hosted on a platform controlled by Microsoft, but it’s just a fact that you lose 90+% of contributors if you are anywhere else (there’s an article where someone compared, can’t find it right now). It’s not great that that’s how it is, but you need to choose your battles.

I’m not really very concerned, since git itself is decentralized, and if Github starts causing visible problems moving somewhere else is not a huge problem. Also VPNs exist.

OsrsNeedsF2P,

I’ve seen projects shed significant numbers of contributors by moving off GitHub. RIP

aeharding, (edited )
@aeharding@lemmy.world avatar

Yeah, tbh the worst vendor lock-in part of Github (edit: other than the aformentioned social aspect) is Github Releases. And Lemmy doesn’t really use them.

dessalines,

Its unfortunate that we (and it seems like 99% of other Rust projects), do their issue tracking on github. We have multiple mirrors set up for Lemmy, so the code is safe from takedowns, but the issue tracker is a concern.

The main issue I’ve had is: if we migrate, I want that migration to be permanent, and for me a requirement for that is federated collaboration. I’ve had codeberg remove a torrent project of mine to comply with German law, and gitlab has most of the same problems of github. Self-hosted gitea instances work, but many people just don’t contribute to them when they have to make an account on each one.

You’ll see below that Lemmy’s two main devs are in favor of migrating our issue tracking to forgejo, once federation gets reliably up and running.

possiblylinux127,

Will Lemmy ever become more of an organization? I’m slightly concerned about hostile take overs and or major changes that could be driven by personal views or bias.

Also a organization could facilitate cooperation and organize events.

pingveno,

If Lemmy does become more of an organization, it would be nice to have a level of public assurance over any control exerted by the organization. A lot of people see that the lead developers of Lemmy are communist and shy away from it based merely on that. I have one of the oldest accounts on Lemmy, I’ve seen plenty of them, and my impression is that they have conducted themselves with only the utmost ethics. However, it can still help newcomers who don’t want to feel like someone might be breathing down their neck.

phiresky, (edited )

Lemmy is somewhat protected by being an AGPL-licensed project, preventing proprietarization. If there’s ever a relicensing effort, ba fearful.

I’m not sure what exactly becoming a organization would entail, but so far I’d say the development part is not really large enough? For me I would start being suspicious when a significant amount of dev power came from compan(ies), but so far no company has shown any interest afaik.

There’s already been a few forks, for example lemmynsfw has made some changes on their side, which nutomic is now looking to integrate back into lemmy.

dessalines,

As a multi-national open source dev team, it would only complicate our lives to try to set up a more formal legal structure.

I wouldn’t be too afraid of hostile takeovers: this is a dev-run-and-controlled project. People will go where the development is, and the federated nature of lemmy protects against the kind of attacks its possible to make against centralized entities.

SovietReporter,

Could the imperialist power take down lemmy if they really wanted to?

Alsephina,

Assuming this isn’t a bit they would most definitely try and probably succeed in taking down any platform that poses a real threat to Capital^TM^

But I doubt lemmy will get that massive anytime soon as cool as that would be lol

OsrsNeedsF2P, (edited )

Any words for Zuck and Threads?

Edit: on a more serious note, has Meta reached out to the Lemmy developers at all?

possiblylinux127,

I think Lemmy is a tiny blip size wise.

nutomic,
@nutomic@lemmy.ml avatar

No, I guess they only care about Mastodon. I will just wait and see how that goes.

phiresky,

So far it doesn’t seem like any company actually wants to compete in this space (longer-form somewhat text-focused communities). Even reddit is trying to become more twitter and less reddit.

dessalines,

We also blocked threats here already, and encourage other servers to do the same. FB is a rabid wolf that would love to be let inside the fediverse.

silas,
@silas@programming.dev avatar

As developers, what can we do (or not do) to best support Lemmy’s vision and goals right now?

dessalines,

First, thx for working on LemmyNade! The ecosystem of apps growing up around lemmy, learning from and benefitting each other, is really great to see.

The main thing would be to get involved with lemmy’s back-end code. Even if you’re not a back-end developer, its still useful to us to learn from devs about wanted features, API improvements, and bugs. Many app devs have suggested features that I’ve tried to implement based on their usefulness, because it used to be just myself who was the one requesting and adding things on both sides.

nutomic,
@nutomic@lemmy.ml avatar

Go through the issue tracker for lemmy or lemmy-ui and look for some simple bug or minor feature that you care about. Then look for the relevant part of the code and try to fix it. You can also make a comment or post in the dev chat on matrix if you need help. Honestly there are so many issues which could be solved in less than an hour, especially in lemmy-ui. That way you can make Lemmy better and also get familiar with the code to make larger changes in the future.

OsrsNeedsF2P,

A long time ago, @Dessalines made Jerboa as an Android Native client for Lemmy as an alternative to Boost for Reddit. How happy are you that the OG Boost developer came and made a Lemmy client?

WanderingVentra,

He did? That’s awesome. I’ve been using Jerboa and Sync mostly. How does the Boost app compare to those? Sorry if too unrelated lol.

Blaze,
@Blaze@discuss.online avatar

Feel free to have a look at all the others: lemmyapps.netlify.app

dessalines,

Its a great thing, and its exciting to have @rmayayo creating an app for Lemmy.

shootwhatsmyname,
@shootwhatsmyname@lemm.ee avatar

In your opinion, what are the top strengths and weaknesses of Lemmy at this point in time?

nutomic,
@nutomic@lemmy.ml avatar

Strengths: Its open source, decentralized and working quite reliably

Weaknesses: Theres not enough funding/developers to keep up with all the issues

dessalines,

Strengths are federation, comment threads, mod tools, app ecosystem.

Weaknesses are lack of notifications, DB code, and lack of funding / donations. We need to support much more that just one or two devs if we want to take on reddit, which is a multi-billion dollar company with hundreds of employees.

I discuss more things I’m going to work on this year in this comment

jawa21,

I post a fair amount of video edits. I’ve had quite a few people say that video playback is far from ideal for not just Lemmy, but the Fediverse as a whole. Is this mostly a 3rd party app thing, or a backend issue? I haven’t had much issue myself, but enough people have mentioned it that there is likely an issue somewhere down the line.

simple,

but the Fediverse as a whole.

FWIW video playback on Mastodon has been seamless for me.

nutomic,
@nutomic@lemmy.ml avatar

It works pretty well on Peertube, only lacks users and quality content.

jawa21,

I’m sure. However, I am not in a position to self host and videos are huge unless you post them as webm which some people might even report you for.

dessalines, (edited )

I have ambitious plans about how to turn lemmy into a true Youtube / Spotify killer. But that might not be what you’re asking, which might just be simple browser / app video support (IE mp4s, webm, etc).

If that app / web UI has trouble with videos, you might need to open up an issue there.

OsrsNeedsF2P, (edited )

How do you feel about extreme right-wing instances like the late Wolfballs using Lemmy to promote and spread hate?

WanderingVentra,

I hope they’re not too against it. I know they’re extremely left wing, which scared a lot of the centrists on Reddit. If they allow even right wing instances, then it emphasizes the project’s lakc of political bent, and encourages more mainstream people to join. The politics can be up to each individual instance to decide whether to defederate with those other instances or not.

But that’s just my opinion, I’m also curious how the devs will answer.

bdonvr,

I’m sure they’re probably not okay with it but also there’s not much they can do about it other than defederate .ml - such is the nature of open source software.

calavera,

Not that I’m suggesting it, but they could hardcode the defederation of those instances on the code and most admins wouldn’t bother to fork lemmy to remove it. Like in the past they had a hardcoded slur filter, but I think they disabled it because many slurs in English were regular words in other languages

possiblylinux127,

Yeah that’s a very slippery slope

Kaboom,

Wolfballs? Was it straight up hate or just run of the mill GOP talking points?

Moonguide,

Wasn’t here back when it happened, but from what I know, it was straight up white supremacy shit. It got defed to death.

possiblylinux127,

I think you should be careful with political hate. Its a slippery slope and should not be handled by a developer.

Maybe we could simply focus on having clear rules for each community.

nutomic,
@nutomic@lemmy.ml avatar

They were posting spicy memes but thats how the internet works. If you dont like it then dont visit there, just like you wouldnt visit 4chan. Lemmy is open source so anyone can use it for any purpose.

dessalines, (edited )

I very much dislike it obviously, and I’m happy that one shut down. There have been others, but for the most part they’ve stayed away from Lemmy as “that software made by tankies.”

Outside of making sure that we don’t platform them anywhere, there isn’t much we can do. Lemmy is open-source software after all, and a tool can be used for good or ill. As @CannotSleep420 mentioned, coordinating on adding them to our blocklists and isolating them is the best option.

threelonmusketeers, (edited )

Will private messages ever be displayed in a threaded or grouped manner?

Please correct me if I’m wrong, but the current web interface is just a reverse chronological list of all sent and received messages. This can be confusing to follow if one is messaging multiple users over an extended period of time. I think the ability to group messages by user would be useful.

Aurelius, (edited )
@Aurelius@lemmy.world avatar

This is already possible in many Lemmy apps. I built the Quiblr web app and messages are more similar to a messaging app. Many Lemmy apps probably do similar as it’s just a front-end change.

threelonmusketeers, (edited )

Cool! I haven’t tried out web apps, but many mobile apps have this feature as well. Would be nice to see this feature merged into the native web interface.

nutomic,
@nutomic@lemmy.ml avatar

Maybe, if someone implements it. Basically the same answer as all other low-priority feature requests.

dessalines, (edited )

There can definitely be improvements, but I agree that they’re low priority. I’m hesitant to put too much work into Lemmy’s private messages or its interface, as they’re inherently insecure and not E2EE (we even have warnings in the lemmy-ui interface about this).

Its best to rely on messaging apps like matrix and xmpp that were made for that job, which you can add to your profile. We also added a specific matrix_id field to your user settings, which enables a “Send secure message” button.

hendrik, (edited )

When do we get advanced moderation features? And for example the ability to block all users from a single instance to prevent for example brigading? I mean for the user, so we don’t have to rely on defederation so much.

Are you planning to revamp defederation? I mean it’s rather complicated the way it works and the triangle that is the user’s instance, the other user’s instance and the instance the community is located.

What about features like automatically kicking of moderators / revoking their ownership. In the early days of the Reddit exodus, some people reserved lots of communities just so they’d be the owner of the community, but they don’t do anything with it. I think admins mostly already dealt with that. But there are ideas floating around to migitate for things like that and other common annoyances. I think good moderation is key (and the tools that go with that and the whole architecture of the platform should favor a good atmosphere.)

nutomic, (edited )
@nutomic@lemmy.ml avatar

When do we get advanced moderation features? And for example the ability to block all users from a single instance to prevent for example brigading? I mean for the user, so we don’t have to rely on defederation so much.

This could be added to the existing instance block feature, but so far no one has even bothered to open an issue I think.

Are you planning to revamp defederation? I mean it’s rather complicated the way it works and the triangle that is the user’s instance, the other user’s instance and the instance the community is located.

Its very simple and effective in that in prevents all network connections to the blocked instance. So I dont think it makes sense to change that, but other tools can be added on top for more fine-grained restrictions (eg user-level instance blocks in 0.19).

SorteKanin, (edited )
@SorteKanin@feddit.dk avatar

There was a big time gap between 0.18.5 and 0.19. Have you considered adopting a release train model, similar to what Rust does? The Bevy game engine has also adopted the idea.

More frequent but smaller releases would probably cause less friction and make upgrading less of a “big thing” and “big things” are always where things go wrong.

1984, (edited )
@1984@lemmy.today avatar

They normally do have smaller releases (18.1, 18.2, 18.3, 18.4, 18.5) but going from 18 to 19 was a big update that also required a database upgrade. Rust releases don’t have database upgrades or anything that is not backwards compatible, so it’s not really comparable.

phiresky,

0.19 was a bit of a special case because there was a set of breaking updates that had to be done at some point, and trickle releasing breaking changes isn’t really great either. Usually hopefully the breaking changes are rare, so releases can be more frequent.

nutomic,
@nutomic@lemmy.ml avatar

Yes once we reach 1.0 there will be way fewer breaking changes and then it will be easier to do more frequent releases.

dessalines,

For sure. Releasing breaking changes frequently would be much worse for stability than increased time between releases.

pocketman_stuck, (edited )

This is for all Lemmy devs:

Talk a bit about yourself, likes and dislikes.

Musical taste, movies, whatever, just willing to know a lil more about you as persons

nutomic,
@nutomic@lemmy.ml avatar

I mainly like Hip-hop, but also good music from other genres. I like all sorts of movies if they are well made, but especially adventure and comedy. Since the quality of Hollywood movies has gone steeply downhill, I mainly watch movies from different countries across the world, and older movies from the 70s or so. I also like video games, at the moment Im playing Baldurs Gate 3 as everyone was praising it on Lemmy (and they were right its a great game).

OsrsNeedsF2P,

First, I want to say thank you for the incredible job you already have done in this area. However, do you have any thoughts on further improving some fundamental Lemmy UX painpoints? Examples such as:

  • Migrating accounts between instances
  • Tagging users across instances
  • Linking communities across instances
  • Finding communities across instances
Blaze,
@Blaze@discuss.online avatar

Migrating accounts between instances

Isn’t that implemented in the 19.2 and later versions? I just migrated using that feature a few days back, worked quite well

WanderingVentra, (edited )

That would be awesome if true. It’s progressing faster than I thought. I’m still just learning about the scaled sort and enjoying that new feature lol.

Blaze,
@Blaze@discuss.online avatar

I’m pretty sure it is there, you can export and import your subscriptions in the settings

can,

It’s only subscriptions, blocks, and user settings iirc. Your posts and comments don’t migrate for example.

WanderingVentra, (edited )

Still that’s not bad. Wish they could get saved posts to transfer, too. That would be useful.

Blaze,
@Blaze@discuss.online avatar

Importing posts and comments could cause a security risk if someone would to abuse that function.

Even Mastodon doesn’t support it

Mastodon currently does not support importing posts or media due to technical limitations, but your archive can be viewed by any software that understands how to parse Activity Streams 2.0 documents.

docs.joinmastodon.org/user/moving/

nutomic,
@nutomic@lemmy.ml avatar

More importantly it would make exports extremely large and would cause a lot of server load to import/export. Plus you would end up with duplicate posts and comments which seems like a bad idea.

Blaze,
@Blaze@discuss.online avatar

Yes, that’s what I meant by security risk, that’s like a DoS feature.

JackbyDev,

Can you add one to your list? Linking posts across instances? Like you can do !community@instance and the community will open viewed through your instance. But for linking posts there is no such equivalent. Like if I make an HTTP link it will be through my instance or possibly the one the community is hosted on which would be annoying for users of other instances.

Also, linking communities across instances is possible already, but you can leave it up since it’s confusing. I still see a lot of folks try to do the reddit approach if c/community

spaduf, (edited )

Turning the fediverse button into an “open on my instance” with similar functionality to subscribing may also be a solution here. Bonus points if it’ll also open a comment on mastodon.

Die4Ever,

github.com/LemmyNet/lemmy-ui/issues/2318

spaduf,

Yup that’d be sick

Die4Ever,

github.com/LemmyNet/lemmy/issues/2987

spaduf, (edited )

Really like your protocol handlers contribution here. Seems tough to square with multiple accounts though.

phiresky, (edited )

For migration we recently added a feature to export your user data. But “real” migrating accounts is something I put on our “todo” list, though it probably also first needs a proposal to define how it should work exactly (should it still work when the original instance is down?) As soon as we start giving users more control over their private key issues start appearing like not having any infrastructure for key rotation / revocation. Without that it will only work when the original instance still exists.

I’m not sure if by tagging users you mean linking / mentioning them? Or adding tags to them like you can tag posts / users on other platform. For tagging in general there’s a pending proposal github.com/LemmyNet/rfcs/pull/4 . So far it focuses on post tagging though to reduce the scope. I think the goal is going to be to start with one kind of tagging and add more kinds of tagging later.

For improving cross-instance linking (both communities, posts, and users) we also have a open milestone. There’s a few spitballing issues about it, but no real concrete proposal on how to build it yet.

dessalines,

As @phiresky mentioned we have improvements coming down the pipe for linking content across instances.

Community linking and user linking do work currently (for example I just linked phiresky above), and a community example would be !risa , but we could improve this by extending it to posts and comments, as well as creating a url link standard that would work across apps.

OsrsNeedsF2P, (edited )

What are some cool “Lemmy Adjacent” projects you know of and want to share? (Things like LemmySchedule or Toast.ooo’s Canvas)

dessalines,

One that I can think of rn, is @CannotSleep420 's lemmy-bot, as well as ridoukousage’s TLDR bot.

With the web being so ad-infested and completely owned by google, people have noted how the TLDR bot means they often don’t have to leave their lemmy app at all, and can stay behind its privacy shield.

While of course I do think we can code a lot of functionality directly in to lemmy in a way that we couldn’t with reddit, there’s undeniably a lot of potential with bots that can do different things for us.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • announcements@lemmy.ml
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #

    Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 18878464 bytes) in /var/www/kbin/kbin/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php on line 171

    Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10502144 bytes) in /var/www/kbin/kbin/vendor/symfony/error-handler/Resources/views/logs.html.php on line 33