fsebugoutzone.org:9999

       Post 9xiZP0dA2LCizk6kPg by sandrockcstm@elekk.xyz
 (DIR) More posts by sandrockcstm@elekk.xyz
 (DIR) Post #9xiZOyuoPk8RfuLoeG by wxcafe@social.wxcafe.net
       2020-08-01T15:17:10Z
       
       0 likes, 1 repeats
       
       So there&#39;s a bug related to &quot;followers only&quot; toots:- a post that&#39;s &quot;followers only&quot; can be seen by people who don&#39;t follow you as of now- it&#39;s a known bug, there&#39;s a fix coming https://github.com/tootsuite/mastodon/pull/14479- I&#39;ll post an Announcement when the instance is up to date- the problem is on the receiving side so it won&#39;t be fully fixed until other instances are up to date- even once the fix is deployed everwhere, all the issues still won&#39;t be entirely corrected.
       
 (DIR) Post #9xiZP0dA2LCizk6kPg by sandrockcstm@elekk.xyz
       2020-08-01T15:33:07Z
       
       0 likes, 0 repeats
       
       @wxcafe Holy crap, this is a huge deal. What amazes me is that this has been going on for a year and nobody caught it.Has there been any discussion about how this happened and what changes need to be made to QA to avoid this kind of thing from happening again?
       
 (DIR) Post #9xiZP16EIGSMRthxiq by Thib@social.sitedethib.com
       2020-08-01T18:03:23Z
       
       1 likes, 0 repeats
       
       @sandrockcstm @wxcafe there has been no discussion about that yetwhat i did as soon as i understood what was going on was to add tests. in retrospect i probably shouldn&#39;t have accepted the original PR without tests to cover the new behaviorsfundamentally, delivery of followers-only toots relies on both instances knowing who follows whom, but this may get out of sync for various reasons (bugs, like here, someone unfollowing or force-unfollowing someone else during a prolonged downtime, an instance rolling back a backup, etc.) and we currently have no way of synchronizing followers info. that&#39;s something that&#39;s completely lacking from the protocol and which i&#39;m now trying to push, but it will take a while, as, well, such mechanisms really aren&#39;t in the spirit of the protocolfinally, a safer way to handle followers-only is to send those toots explicitly to a list of people, but while we could do that, this wouldn&#39;t be fully compatible with current and older Mastodon versions (random followers-only posts would show up as DMs), and it has complex performance implications, in addition to changing the exact meanings of followers-only (new followers wouldn&#39;t have access to old toots, for instance, which may be a good thing or a bad thing depending on who you ask, but would be an unexpected change in behavior either way)
       
 (DIR) Post #9xm6qRBF3D7uxyRaMK by 444.koyu@koyu.space
       2020-08-04T09:49:13Z
       
       0 likes, 0 repeats
       
       @wxcafe looks like my instance is patched ;)(at least i can see this commit merged into the code and an image with that code running on the production machine)