@pixelfed Let's call me a killjoy, but here is an idea of a security posture: letting fellow developers and infosec folks have a look at your code and software in small and/or testing environments before you organize a much hyped upgrade event and have the same unreviewed code handle pictures and data for thousands of users.
Still unhappy that you are not releasing a single line of the code I guess.
The repo (https://github.com/pixelfed/pixelfed/blob/dev/README.md) clearly states
*** do not use this software until there is a stable release ***
And (thousands? really?) users sign up for the pixelfed **beta** and they know this.
Since when is the developer of an open source project not allowed to test their new code before they release it?
(Really, do not try to impose rules upon ppl who devote their time to making things you can pick up for free.)
I am not in a position to impose anything but simply to suggest, and state what makes me unhappy when using and/or trying to contribute to the project.
@kaiyou We have released a lot of federation code already, I understand where you are coming from and we will only tag a release after a week or so of bug fixes!
On « Tweet » sur Twitter ; on « Toot » sur Mastodon. Sur ce réseau social plein de libertés, TeDomum met à disposition une modeste instance. N'hésitez pas à nous solliciter pour la modération ou des ajustements de configuration.