That’s so on-character for .ml
this post was submitted on 11 Jul 2025
637 points (95.8% liked)
You Should Know
39738 readers
616 users here now
YSK - for all the things that can make your life easier!
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must begin with YSK.
All posts must begin with YSK. If you're a Mastodon user, then include YSK after @youshouldknow. This is a community to share tips and tricks that will help you improve your life.
Rule 2- Your post body text must include the reason "Why" YSK:
**In your post's text body, you must include the reason "Why" YSK: It’s helpful for readability, and informs readers about the importance of the content. **
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding non-YSK posts.
Provided it is about the community itself, you may post non-YSK posts using the [META] tag on your post title.
Rule 7- You can't harass or disturb other members.
If you harass or discriminate against any individual member, you will be removed.
If you are a member, sympathizer or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people and you were provably vocal about your hate, then you will be banned on sight.
For further explanation, clarification and feedback about this rule, you may follow this link.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- The majority of bots aren't allowed to participate here.
Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.
Rule 11- Posts must actually be true: Disiniformation, trolling, and being misleading will not be tolerated. Repeated or egregious attempts will earn you a ban. This also applies to filing reports: If you continually file false reports YOU WILL BE BANNED! We can see who reports what, and shenanigans will not be tolerated.
If you file a report, include what specific rule is being violated and how.
Partnered Communities:
You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.
Community Moderation
For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.
Credits
Our icon(masterpiece) was made by @clen15!
founded 2 years ago
MODERATORS
The longer I look at it the more suspicious I am of it, to be honest. I'm just kind of generally a paranoid and accusatory person, so take that into account, but... the files are pretty carefully set up. They have variable substitutions for everything, including a bunch of places where there's a template substitution to change a string around when setting cache keys so that it'll still work out-of-the-box right away, even in complex configurations like multiple domains on a single server. It all works out-of-the-box right away, they've clearly been attentive to making sure it's all set up right and keeps working cleanly as things have been evolving forward. Except for that one place.
this is how those Marxist Leninst nation state actors work
Im loving that there are ml users coming in and defending it lol
Yeah, don't they realize they could have just spent that time productively by making a pull request, instead?
Honestly, you found the fault. I agree that you should put the request in.
I mean probably I should. There are a bunch of people accusing me of being dick headed and petty and they're not completely wrong. Honestly, I just don't feel like helping the Lemmy devs. Dessalines, at least, is totally unapologetic about being a dickhead to people he has power over. That puts me in a mindset where, mostly, I want to talk to other people about potential harm he's in a position to do, and not really in a mindset where I want to do even a small amount of extra work on his behalf.
I'm going to tell other people that he's in a position to take their passwords. If he wants to see that and put himself not in that position anymore? Great, I think he should. If he gets his feelings hurt because I'm not being super friendly about it? Well.. okay. I'm not trying to be malicious about it or do anything other than clearly communicate the problem. But it seems like the lemmy.ml "in charge" crew in general has a lot of a mentality that's kind of like, "Well, I'm in charge, and you're not, so fuck what you think and fuck your rights. Ban." (or whatever). The way I operate is that really makes me not want to be extra friendly or courteous to people. I used to have a regular donation to Lemmy development set up, I used to take it seriously the idea of getting involved in contributing to the code, and then I observed how they operate, and ... like I say I'm mostly talking to the other people involved who I think should be aware of this. If the devs want to react, fix it, or get involved in the conversation, then sure, sounds good.
The fix is in the comments below, if someone else wants to contribute it and do the very small amount of work of getting it in.
It sounds like a pull request would have been much more helpful, with much less effort. But you want it fixed less than you want it publicized, so you chose this option (even though you could have done both).
In other words, you cared less about the people impacted by this problem, and more about your own opportunity to put the author(s) on blast like this.
And you care about that opportunity so much, that it's even worth it to show this dark side of yourself publicly.
Am I understanding that right?
Or OP is spreading the word to get it out there. Now it's got eyes on it thanks to OPs work.
Jesus. Some of you people just want to shit on someone for doing a good thing for no reason. Have you put in a pull request yet or are you just showing your dark side on top of being a dick to OP who did something good?
One of the .ml users down below volunteered to put in the PR later tonight if no one else has, so it sounds like both bases are covered now.
load more comments
(3 replies)
Let's not get carried away. Shared software systems are about more than the software. If you're looking only at the software, and that was literally 100% of what is important here and nothing else, then yes, you're right.
But you want it fixed less than you want it publicized
100%. Yes. Correct. I also want it fixed, but that's completely trivial, with or without the pull request.
load more comments
(2 replies)
load more comments
(3 replies)
Was just gonna say. Exactly what some authoritarian boot lickers would do.
“Of course the Central Committee would have access to your instance. Why is that a problem? Are you doing something counter-revolutionary?!”
We are using their tools though...
Well, you are, while I am on PieFed:-P If you do not like what you've heard here, then consider switching to Piefed.World (Lemmy.World's recently-announced PieFed replacement for Lemmy)
Oh, that's interesting. Didn't know about that.
I don't think that there's a way to list instances that a PieFed instance has defederated from, unlike Lemmy; while both have a list of instances at /instances, only Lemmy indicates which ones have been defederated from. It was a helpful tool to help me guess the sort of content an instance had.
Like:
https://lemmy.world/instances (under "Blocked Instances")
https://piefed.world/instances
EDIT: It does show the last time that the instance sent data, and I guess you could sort of guess that if a large instance that probably has activity hasn't sent data to the PieFed instance recently
like lemmygrad.ml and hexbear.net on piefed.world
then they're probably defederated. But it doesn't clearly indicate that this is the case, either.
Try asking in !piefed_meta@piefed.social , !piefed_help@piefed.social or https://codeberg.org/rimu/pyfedi/issues
I've only been on PieFed a month or so and they've already dealt with half a dozen things I've mentioned, from bugs to feature requests.
You should edit your post with link to this PR - it's fixed now
Edited.
Thanks
Thank you for discovering this, and creating awareness around it.
Seems like a genuine miss, contrary to what the comments here would have one believe, given that the compose file (and rest of the docs) were mostly derived from whatever worked for the developers themselves.
Seems like a genuine miss, contrary to what the comments here would have one believe,
You might be right. I looked at the history and the way it came in, and it's not as wildly anomalous to the rest of the file when looked at in context. Maybe it's just a mistake.
load more comments
(3 replies)
Why make a Lemmy post about this and not just a GitHub issue?
I think it should be more public knowledge than just people who peruse the github issues. Also, it's so trivial to fix that it will save them some time if they don't have to close the issue after they spend literally 10-15 seconds fixing it.
load more comments
(3 replies)
load more comments
(4 replies)
This is fixed now.
Bruh
Now I have trust issues with open source programs.
points glock at VLC Media Player
"WHO THE FUCK DO YOU WORK FOR? TRYING TO JUMPSCARE ME?"
💥🔫
💥🔫
💥🔫
💥🔫
💥🔫
💥🔫
I'm reminded of stories I've heard of graduate students hiding a note and some cash in the pages of their theses that they submit to the university, just to see if anyone bothers reading it and takes the cash. They return years later to find it still there.
With open source, the code is all there ready for review by anyone, as long as you have the technical knowhow and patience to review the code you use. But like reading the terms and conditions for everything we use, how many people actually take the time to go through all that code?
Some people do and at least you can, which makes it much better than proprietary software, where it is impossible to find out, if they didn't include a direct pipeline to whatever three letter agency asked them to do it.
Quick, Louis Rossmann next! Who knows who that off the rail New Yarker will do next!
Good catch, seems like an oversight.
Can you point to a repository somewhere?
***
a/docker-compose.yml 2025-07-12 00:17:33.050443300 +0000
+++ b/docker-compose.yml 2025-07-12 00:18:21.038972526 +0000
@@ -37,7 +37,7 @@
image: dessalines/lemmy-ui:0.19.12
environment:
- LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
- - LEMMY_UI_LEMMY_EXTERNAL_HOST=lemmy.ml
+ - LEMMY_UI_LEMMY_EXTERNAL_HOST={{ domain }}
- LEMMY_UI_HTTPS=true
volumes:
- ./volumes/lemmy-ui/extra_themes:/app/extra_themes
Edit: From https://github.com/LemmyNet/lemmy-docs/tree/main/assets
load more comments
(1 replies)
ope, just gonna squeeze on through this minefield, dont mind me
Yeah this hit me as well and it was very confusing until I found that lemmy.ml
I can't find it on the main branch so I didn't raise am issue
Did you use a different admin password when you did the new setup after fixing it? If not, I think you should change your admin password.
load more comments
(1 replies)
load more comments
(9 replies)
I really wish there was a way to enforce transparency of docker env vars.
I get that it's impossible to make it a part of docker, env vars get parsed by code and turned into variables. There is no way that docker can enforce it, cause a null/undefined check with a default value is all that would be needed to subvert checks by docker, and every language uses a different way to check env vars (eg .env files, environment init scripts, whatever).
And even then, the env var value could be passed through a ridiculous chain of assignments and checks.
And, some of those 'get env var' routines could be conditional. Not all projects capture all env vars during some initial routine.
I've spent hours (maybe days) trawling through undocumented env vars trying to figure out their purpose, in order to leverage them in docker/k8s stacks.
I wish there was something.
Thankfully, a bit of time spent with a FOSS project and reviewing the code does shed light on hidden env vars.
And a PR or 2 gets comments and documentation updated.
Open source is awesome
load more comments
(3 replies)
rise up against dockers and the evil empire of containerization! reproducibility! microservices! middle management! security!
/j
load more comments
(7 replies)
view more: next ›