Yep.

it doesn’t save my settings or my favorites and multi-communities.

It should save/persist the favorites to your browser’s local storage. If you’re using a browser that clears site data on close or something, then they’ll reset. But it also wouldn’t persist your profile and you’d have to log in every time, so…🤔 It doesn’t, however, save any settings beyond your device. I’m working on a way to securely save those to whatever Tesseract server you use but don’t have it implemented yet.

This version (1.4.42) also changes where and how the favorites, community groups, and filters are stored in addition to not storing useless data like the community sidebar info, etc. They’re also no longer stored inside your profile in a single local storage object. Since these save to the browser’s local storage, there’s a hard 5 MB limit per object (everything gets written to a JSON string), so maybe your profile exceeded that somehow? If so, there should be browser console logs to that effect. Regardless, this version splits those all up into separate storage objects to address that problem.

Not sure what you mean by multi-communities, though. There was a feature to create custom feeds (which is kind-of similar to multi-community) but I took that out a long time ago because API changes in 0.19.3+ made it untenable. I think that was removed in 1.4.40 or thereabouts, so if you’re on a version older than that, then maybe that feature is still present. That feature was pretty broken for a long time which is why I finally removed it and put it out of its misery.

To be, like, super and needlessly pedantic, lol, Linus looks like her since she’s older.

No, she’s much wittier than I am. Though I did try to write it in her style.

Have you heard it in Spanish? Lol

https://www.youtube.com/watch?v=JSDB7TH0ULA&start=36

deleted by creator

…yeah. I added a filter in Tesseract to automatically hide “drive-by” posts for accounts that are less than a week old who self-delete themselves. Can’t stand that.

Not that that isn’t good advice to make mods’ lives easier in general, but for the ban evader I think you’re talking about, it’s usually pretty apparent if you look at the profile of the user being reported:

1. Minutes old, 10+ posts and no comments or maybe 1 boilerplate-looking one.
2. Usually cycles through c/Politics, c/News, c/Health, c/UK, c/Ohio, c/Television and a few others
3. Here lately, spams out 10+ posts rapid-fire and then deletes the account (not all UIs indicate a user is deleted, but that info is often helpful).

Granted, I’m really good at pattern matching. It’s like my one neurodivergent superpower lol.

Very nice!

Unfortunately, there’s many many reasons that could be the case. I’m just putting this out there since it’s easy to check for and mitigate against.

No, that’s just /api/v3/user which returns both posts and comments.

Good idea with the f2b integration.

I thought about that before just blocking unscoped requests to that endpoint in Nginx.

That was my thought, but also wasn’t sure since there might be a use-case I’m unfamiliar with. I vaguely recall seeing a feature request for Photon a while back to be able to just browse comments, so I assume that would be how it worked.

But yeah as it is now, it can be abused.

That’s my normal go-to, but more than once I’ve accidentally blocked locations that Let’s Encrypt uses for secondary validation, so I’ve had to be more precise with my firewall blocks

Lemmy. I added a comment above since LW wouldn’t let me edit the post.

Mine’s only extended with some WAF rules and I’ve got a massive laundry list of bot user agents that it blocks, but otherwise it’s pretty bog standard.

If instances have Anubis setup correctly (i.e. not in front of /api/...) then that might not help them since this is calling the API endpoint.

Can’t edit the post (Thanks Cloudflare! /s) but additional info:

• I truncated the log excerpts in the post. The user agent string in these requests isn’t shown here, but it is blank in the actual logs.
• This is for Lemmy admins only. It might apply to others in some form, but this seems to be specifically exploiting a Lemmy API endpoint
• My Nginx solution may have room for improvement; I was just trying to block that behavior without breaking comments in posts and move on with my day. Suggestions for improvement are welcome.

Seems more like a genuine feature to me.

I don’t know how many requests I’ve seen for Lemmy apps to be able to swipe between posts in the feed.

Seems that’s basically what they’re doing here.

But also, gesture navigation is terrible, I hate it, and always turn on 3-button navigation when I get a new phone anyway.

I shouldn’t say this, but whatever: It’s a “troll” tactic to do that since mods/admins can’t ban with content removal if the account is deleted (unless that’s fixed in .13?) . Admins can remove the deleted flag in the DB for the user and then do so, but mods can only remove items individually. Not that any of these necessarily warrant removal on their own, but not doing so in this case encourages this kind of “hit it and quit it” behavior, and this user is clearly ban evading.

I’m not saying this as an instruction manual but merely as a statement of fact about how stupid Lemmy’s behavior is with regard to deleted accounts.

They’ve had many, many alts over the last 6+ months with the same posting pattern. Not one has been marked as a bot.

Ok, I just gotta ask: what is your motive here?

You get banned every other day for spamming out a massive number of posts. And you just make a new account the next day, start the exact same thing again like…you’ve learned nothing?

I’m tired of my feed being an entire page of just you, and I’m tired of blocking you. Can you not just post things at a normal rate?

but I send you a PM

Oh, sorry. One of the new features in this dev branch is the ability to disable PMs and mentions. I’ve been running with those turned off. Seems like that feature is working lol.

I turned DMs back on and found the message - will try to join here when I’m back on desktop. Dunno how active I can be right now, but I am eventually going to start on Piefed so would be nice to have a sounding board.

Some of the devs are already working on shared logic/libraries between apps.

Nice!