What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

This release fixes a problem with federation of moderation actions performed by admin accounts. Specifically there is an check when receiving remote federation actions, which is incorrectly rejecting them in some cases. The problem is fixed by this release.

There are no other changes, and no updated lemmy-ui version.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they’ve proven to be the only way that open-source software like Lemmy can stay independent and alive.

• Liberapay (preferred option)
• Open Collective
• Patreon
• Cryptocurrency (scroll to bottom of page)

Upgrade instructions

Follow the upgrade instructions for ansible or docker. There are no config or API changes with this release.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

Changes

Lemmy

• Fix federation of admin actions (#3988)

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

This version fixes the problem of comment context not loading properly. It also fixes a couple other bugs.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they’ve proven to be the only way that open-source software like Lemmy can stay independent and alive.

• Liberapay (preferred option)
• Open Collective
• Patreon
• Cryptocurrency (scroll to bottom of page)

Upgrade instructions

Follow the upgrade instructions for ansible or docker. There are no config or API changes with this release.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @nutomic@lemmy.ml and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @nutomic@lemmy.ml and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

This version brings major optimizations to the database queries, which significantly reduces CPU usage. There is also a change to the way federation activities are stored, which reduces database size by around 80%. Special thanks to @phiresky for their work on DB optimizations.

The federation code now includes a check for dead instances which is used when sending activities. This helps to reduce the amount of outgoing POST requests, and also reduce server load.

In terms of security, Lemmy now performs HTML sanitization on all messages which are submitted through the API or received via federation. Together with the tightened content-security-policy from 0.18.2, cross-site scripting attacks are now much more difficult.

Other than that, there are numerous bug fixes and minor enhancements.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they’ve proven to be the only way that open-source software like Lemmy can stay independent and alive.

• Liberapay (preferred option)
• Open Collective
• Patreon
• Cryptocurrency (scroll to bottom of page)

Upgrade instructions

Follow the upgrade instructions for ansible or docker. There are no config or API changes with this release.

This upgrade takes ~5 minutes for the database migrations to complete.

You may need to run sudo chown 1000:1000 lemmy.hjson if you have any permissions errors.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

This release includes major improvements to performance, specifically optimizations of database queries. Special thanks to @phiresky, @ruud, @sunaurus and many others for investigating these. Additionally this version includes a fix for another cross-site scripting vulnerability. For these reasons instance admins should upgrade as soon as possible.

As promised, captchas are supported again. And as usual there are countless bug fixes and minor improvements, many of them contributed by community members.

Upgrade instructions

Follow the upgrade instructions for ansible or docker.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

Support development

We (@dessalines and @nutomic) have been working full-time on Lemmy for almost three years. This is largely thanks to support from NLnet foundation.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they've proven to be the only way that open-source software like Lemmy can stay independent and alive.

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

HTTP API instead of Websocket

Until now Lemmy-UI used websocket for all API requests. This has many disadvantages, like making the code harder to maintain, and causing live updates to the site which many users dislike. Most importantly, it requires keeping a connection open between server and client at all times, which causes increased load and makes scaling difficult. That's why we decided to rip out websocket entirely, and switch to HTTP instead. This change was made much more urgent by the sudden influx of new users. @CannotSleep420 and @dessalines have been working hard for the past weeks to implement this change in lemmy-ui.

HTTP on its own is already more lightweight than websocket. Additionally it also allows for caching of server responses which can decrease load on the database. Here is an experimental nginx config which enables response caching. Note that Lemmy doesn't send any cache-control headers yet, so there is a chance that private data gets cached and served to other users. Test carefully and use at your own risk.

Two-Factor Authentication

New support for two-factor authentication. Use an app like andOTP or Authenticator Pro to store a secret for your account. This secret needs to be entered every time you login. It ensures that an attacker can't access your account with the password alone.

Custom Emojis

Instance admins can add different images as emojis which can be referenced by users when posting.

Other changes

Progressive Web App

Lemmy's web client can now be installed on browsers that support PWAs, both on desktop and mobile. It will use an instance's icon and name for the app if they are set, making it look like a given instance is an app.

Note for desktop Firefox users: the desktop version of Firefox does not have built in support for PWAs. If you would like to use a Lemmy instance as a PWA, use use this extension.

Error Pages

Lemmy's web client now has error pages that include resources to use if the problem persists. This should be much less jarring for users than displaying a white screen with the text "404 error message here".

Route Changes

Pages that took arguments in the route now take query parameters instead. For example, a link to lemmy.ml's home page with a few options used to look like this:

https://lemmy.ml/home/data_type/Post/listing_type/All/sort/Active/page/1

The new route would look like this:

https://lemmy.ml?listingType=All

Note that you now only have to specify parameters you want instead of all of them.

Searchable select redesign

The searchable selects, such as those used on the search page, have a new look and feel. No more inexplicable green selects when using the lightly themes!

Share button

Posts on the web client now have a share button on supported browsers. This can be used to share posts to other applications quickly and easily.

Lemmy-UI Overall look and feel

lemmy-ui is now upgraded to bootstrap 5, and every component is now much cleaner.

Special thanks to sleepless, alectrocute, jsit, and many others for their great work on improving and re-organizing lemmy-ui.

Database optimizations

Special thanks to johanndt, for suggesting improvements to Lemmy's database queries. Some of these suggestions have already been implemented, and more are on the way.

Query speed is Lemmy's main performance bottleneck, so we really appreciate any help database experts can provide.

Captchas

Captchas are not available in this version, as they need to be reimplemented in a different way. They will be back in 0.18.1, so wait with upgrading if you rely on them.

Upgrade instructions

Follow the upgrade instructions for ansible or docker.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

Support development

We (@dessalines and @nutomic) have been working full-time on Lemmy for almost three years. This is largely thanks to support from NLnet foundation.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they've proven to be the only way that open-source software like Lemmy can stay independent and alive.

The new major version of Lemmy is now ready, and we need your help with testing. Most importantly it uses HTTP for API requests now, which is much more efficient than websocket. Additionally Two-factor-auth is supported. There are also countless other improvements and bug fixes.

You can register on any of the following servers to start testing, no approval required. You can post to your hearts content to find out if anything is broken. The test instances only federate with each other to avoid affecting production instances with spam.

• Enterprise
• Voyager
• DS

If you encounter any bugs that aren't present in 0.17, open an issue and mention in the title that it happened with a release candicate version. Over the next days we will publish new RC versions to fix bugs that will invariably pop up.

Instance admins can try the new version by using Docker images dessalines/lemmy-ui:0.18.0-rc.2 and dessalines/lemmy:0.18.0-rc.1. Make sure that working backups are in place. For production instances its better to wait at least some days for the major issues to be fixed.

This is my personal opinion, it is not the collective opinion of all lemmy.ml admins nor the broader Lemmy network as a whole. But I feel like no one is talking about this side of things, hence this post.

It seems that a major point of friction lately has been the registration screening questions that most large instances have, and the fact that instances which do not are being blocked. People are complaining about not knowing when they will be allowed to use their new accounts, if they will at all, as well as their instance being blocked by larger instances. While I empathize with the frustration this is causing, and I do agree that the registration screening system is far from perfect, I really feel the need to defend my fellow instance admins here, on all the major instances, and defend their decision to have registration screening.

We are all unpaid volunteers, and are running and/or moderating Lemmy instances because we are interested in doing so. In fact we have regular jobs and responsibilities that we juggle with moderating Lemmy. At the same time, we want to provide high quality spaces where users can interact and engage in meaningful discussion, and that requires that the threads be mostly free of trolls, abusive users, and spam. We have no automoderator, no automated content screening or spam/abuse detection in general, nor do we generally have enough people to even cover all 24 hours of the day (especially since instances tend to be run by people in the same or similar time zone). Registration screening goes a long, long way toward easing our workload and actually allowing our instances to function without getting overrun by undesirable content.

Lemmy, especially the larger instances, has been the target of many raids and brigades from places like 4chan. They were, I kid you not and you can find plenty of discussion about this if you go far back enough, posting anything from Nazi/fascist propaganda, to scat and gore porn, and rendered instances completely unusable for a time. Based on my experiences with lemmy.ml getting brigaded, enabling registration screening brought the number of abuse posts from tens or well over a hundred per hour to almost none, because just having to put that bit of work in to make a troll account is enough to discourage most people who have no interest in actually participating meaningfully, and it also makes it much more difficult to create multiple accounts for ban evasion, or to automate the creation of accounts in the form of a bot.

Also based on my own experiences, I can tell you that any instance with open registration is very quickly overrun by spam and abuse posts, to the point where it can make other, larger instances unusable if that influx of content is federated over, as well as generally massively increasing the workload of the admins on the other instances as now they have to pick up the slack and moderate what content from the open instance is actually real content that is allowed on their own instances. This would be happening in a time where those instance admins are already being swamped with new registrations and moderating the huge influx of content being generated from their own instance. Until a Lemmy instance gets large enough to actually hire full time admins to catch and remove abusive content ASAP, and/or implements reasonably accurate spam and abuse content screening that is resistant to evasion tactics, I don't see instances reasonably being able to go without registration screening because the trolls will seize on that opportunity every time.

Admins of larger instances see it all the time:

1. New instance pops up, yay! And most instances automatically federate with new instances!

2. It doesn't have registration screening, this is quickly discovered by trolls and adbots and the instance gets filled with rule breaking content.

3. Large instances start blocking it because by federating with an instance that is being used in this way degrades the quality of your own instance and adds a ton of workload to your (unpaid) mods and admins. They specifically do this because they know that posting in small, brand new instances will also get their content forwarded to the large instances, because they have a harder time directly posting abuse on the larger instances. (We don't block instances because "how dare they not have registration screening?!" We only really block instances when we start getting flooded with reports from our own users flagging the incoming abuse posts.)

4. The instance eventually enables registration screening, and other instances start unblocking it.

5. Repeat with the next new instance that pops up.

It's happened with plenty of instances before and will probably keep happening as long as spam and trolling exist.

Most instances' registration questions are fairly simple, and all we really want is for you to spend a minute of your time to write a few sentences, maybe a paragraph at most. You doing that reduces the workload for us, as well as contribute to a nicer environment for you and your fellow users.

Its been a hectic week everyone, so I apologize that I haven't been as responsive as usual. We realized that we could either spend all our day answering questions, or coding to make lemmy better, so we're prioritizing the latter.

Reddit caught us right in the middle of one of our larger performance improvements, so I apologize for the instability of instances like this one. But I'm confident that lemmy will improve, especially due to all the new contributors helping out with performance, security fixes, and stability.

Please use our the issue trackers for the various lemmy projects to report issues, otherwise they will likely get lost.

Call for testers

• You can help us test patch releases like this one at https://enterprise.lemmy.ml
• We're readying the 0.18.0 release soon, you can help us test at https://voyager.lemmy.ml , and https://ds9.lemmy.ml
  • App devs should use voyager.lemmy.ml to test and prepare for 0.18.0, which should come in the next few weeks. The API changes and new types can be seen here.
  • 0.18.0 should give servers a big performance boost by removing websockets and switching entirely to HTTP. It also will add a lot of features like 2fa / TOTP.

Been reviewing account applications and noticed that a lot of them just have the person's actual name in the username, complete with them saying that it's their real name in the registration questions.

I just want to comment that I don't think it's good to be doing that, especially if you have certain political affiliations that Western governments might not like (communism, socialism, not going to dance around it). I have still approved your accounts if you did this as it doesn't break the rules, but frankly I recommend you make a new account with a more anonymous username and don't post under your real name. Keep the account with your real name if you want but don't make it your main. Lemmy, just like Reddit, is meant to be pseudoanonymous, and especially considering all the controversy and friction that the influx of new users are causing and the presence of people who seem to be here just to pick a fight, I just think it's a bad idea to put any sort of personal information on here that other people, trolls and assholes included, can exploit. I certainly haven't put my personal information on here and I'm an admin.

This goes double for profile pictures of your face or anyone you know. Though I haven't seen much of that.

Mostly bugfixes.

Changelog

Its been a long time coming 🥳 .

Excerpt from the link:

Major Changes

Language Tags

Content can now be tagged to indicate the language it is written in. These tags can be used to filter content, so that you only see posts in languages which you actually understand. Instances and communities can also specify which languages are allowed, and prevent posting in other languages.

In the future this will also allow for integrated translation tools.

Comment trees

Lemmy has changed the way it stores comments, in order to be able to properly limit the comments shown to a maximum depth.

Included are proper comment links (/comment/id), where you can see its children, a count of its hidden children, and a context button to view its parents, or the post.

Featured posts

Admins and mods can now "feature" (this used to be called "sticky" ala reddit) posts to the top of either a community, or the top of the front page. This makes possible announcement and bulletin-type posts.

Special thanks to @makotech for adding this feature.

Federation

Lemmy users can now be followed. Just visit a user profile from another platform like Mastodon, and click the follow button, then you will receive new posts and comments in the timeline.

Votes are now federated as private. This prevents other platforms from showing who voted on a given post, and it also means that Lemmy now counts votes from Mastodon.

This release also improves compatibility with Pleroma. If you previously had trouble interacting between Pleroma and Lemmy, give it another try.

We've extracted the main federation logic into its own library, activitypub-federation-rust. It is open source and can be used by other projects to implement Activitypub federation, without having to reinvent the wheel. The library helps with handling HTTP signatures, sending and receiving activities, fetching remote objects and more.

Other changes

• Admins can now purge content and pictures from the database.
• Mods can distinguish a comment, "stickying" it to the top of a post. Useful for mod messages and announcements.
• Number of new / unread comments are now shown for each post.
• Lemmy now automatically embeds videos from Peertube, Youtube and other sites which provide an embed link via Opengraph attribute.
• You can give your site "taglines", short markdown messages, which are shown at the top of your front page. Thanks to @makotech for adding this.
• You can now report private messages.
• Most settings have been moved from the config file into the database. This means they can be updated much easier, and apply immediately without a restart.
• When setting up a new Lemmy instance, it doesn't create a default community anymore. Instead this needs to be done manually.
• Admins can choose to receive emails for new registration applications.
• An upgrade of diesel to v2.0, our rust -> postgres layer.

We're getting ready to release a new version of Lemmy, which will require a database upgrade, so we'll have a few hours of downtime.

All the old pictures are restored from a backup, and should be working now. We've bought more hard drive space too, so we should be okay for a while.

A few bug fixes:

• Fix missing auth on new post refresh. (#764)
• Change CSP rule for connect-src (websocket) to wildcard (fixes #730) (#737)
• Increase default search rate limit. (#2424)
• Rejected federated pm from blocked users (fixes #2398) (#2408)
• Handle Like, Undo/Like activities from Mastodon, add tests (fixes #2378) (#2380)
• Revert "Handle Like, Undo/Like activities from Mastodon, add tests (fixes #2378) (#2380)"
• Handle Like, Undo/Like activities from Mastodon, add tests (fixes #2378) (#2380)
• Dont allow login if account is banned or deleted (fixes #2372) (#2374)
• Fix panics in search_by_apub_id() (fixes #2371) (#2373)

Insulting or attacking other users, even so much saying "fuck you", "fuck [this group of people]", "you're an idiot" or anything like that while debating IS against the rules of Lemmy.ml. This goes for every political view, you DO NOT get free passes no matter if you're leftist, rightist, communist, anarchist, liberal, etc. If you're confident of your position you should be able to debate in a civil manner without cursing someone else out. I understand that debates can get heated and frustrating, hell I've debated with a good bunch of users, but you can still express that without resorting to name calling or insults.

Check the modlog, we HAVE removed replies of this nature from every political view, and even if we don't say it every time, we DO keep track of both removals per user and general behaviour even if it doesn't get removed, and too many infractions WILL result in a ban.

That said, it is NOT against the rules to present countering facts or opinions, or to have political opinions in general. Don't report comments for "being pro communist" or "being pro China" unless they have broken an actual rule, namely the ones about being civil. Don't attack or insult people from Lemmygrad just because they're from Lemmygrad or they're arguing for Marxism-Leninism or supporting a country you don't. If they're presenting their points in a civil manner (which had been the case for almost everyone from Lemmygrad), you can either read it and respond in kind with your questions or counterpoints, or just move on. People coming over from other instances is not brigading if they're mostly being civil, that's the whole point of federation.

Things people disagree with getting down voted is also acceptable, it's not considered an attack on you if your comment has a negative score, and it doesn't even significantly affect the ranking because of the relatively low comment volumes currently on Lemmy. It's just imaginary internet points, relax.

https://lemmy.ml/c/horror

A community for all things related to the horror genre, from big name franchises to indie works to creepypasta. Come over and be afraid with us!

Sry for not announcing sooner.

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

Theming

Customizing Lemmy is now much easier than before. Instance admins can select a default instance theme under /admin which applies to all users who are not logged in, and those who haven't explicitly picked a theme.

It is also possible now to add custom themes to an instance, without having to recompile lemmy-ui. When running with Docker, make sure that these lines are present in docker-compose.yml (Ansible will add them automatically if you updated the repo). Then put your .css file into ./volumes/lemmy-ui/extra_themes. The new theme can then be selected by users, or set as instance default.

For native installation (without Docker), themes are loaded by lemmy-ui from ./extra_themes folder. A different path can be specified with LEMMY_UI_EXTRA_THEMES_FOLDER environment variable.

For instructions how to create a new theme, have a look at the documentation.

Federation

@nutomic made many changes to federation to increase compatibility with other software. Lemmy can now receive deletions from [Pleroma], comments from [Friendica] and communities from lotide. Other actions were already compatible before. Mastodon can now display communities even when a user with identical name exists (but the user can't be viewed in that case). There were no breaking changes necessary, so federation is fully compatible with 0.15. If you notice something in another project that doesn't federate but should, please open an issue.

Multiple users have pointed out that posts, comments and votes don't federate reliably. We first attempted to fix this in Lemmy 0.15.4 a few days ago, but that didn't help much. Later @nutomic noticed that Lemmy was only sending out activities with 4 worker threads, which is not enough for a big instance like lemmy.ml. At the same time, many of those workers were taken up by sending to broken instances, trying to connect for a minute or more. This version adds a timeout and increases the number of workers.

Federated bans

Until now, only community bans were federated, and the "Remove content" option didn't work over federation. The new version fixes this behaviour, so that both site bans and community bans federate, including "Remove content" option and expiry. Note that this change only affects new bans, those which were issued before upgrading to 0.16 will not be federated.

Hide communities

@dayinjing implemented a funcionality for instance admins to hide controversial communities. A hidden community is only visible to those users who subscribe to it. This represents a milder alternative to removing a community. This functionality is not implemented in lemmy-ui yet, but admins can hide a community like this via command line:

curl -X PUT https://example.com/api/v3/community/hide \   
    -H "Content-Type: application/json" \
    -d \
    '{"community_id":3,"hidden":true,"reason":"*reason for mod log*","auth":"*admin jwt token*"}'

Jerboa: a new android app

To help adoption, and since most people use social media through their smartphones nowadays, @dessalines has been working on a native android app for Lemmy called Jerboa, which is now on F-Droid and Google Play.

It is still at an alpha level, but is very usable. We'd love to have experienced android developers contribute to it.

This now makes three smartphone apps for Lemmy: Lemmur and Jerboa for Android, and Remmel for iOS.

Upgrade notes

Follow the Docker or Ansible upgrade instructions here.

There are three lemmy.hjson config changes. See defaults.hjson for comments and default values.

• changed boolean email.use_tls to email.tls_type
• added setup.default_theme
• added federation.worker_count

Support development

We (@dessalines and @nutomic) have been working full-time on Lemmy for almost two years. This is largely thanks to support from NLnet foundation. If you would like to support our efforts, please consider donating.

If you'd like to support development, and make sure that we will always be available to work full time on Lemmy, consider donating to support its development. We've spent hundreds of hours on Lemmy, and would like to be able to add more developers to our little open-source co-op as time goes on.

Changes

API

• A full list of the API changes can be seen on this diff of lemmy-js-client: 0.15.0 -> 0.16.0 .

Config

• The config changes are here.

This should help us cut down on the trolls. We recommend other instances do the same, because they will likely be targeted also.

I apologize for all their gore-posts as well, no one should have to see that. We'll try to look for more admins from different time-zones as well to get them faster.

The two other possibilities we have currently as options, are turning on required email verification, and as a last resort, closing signups. I personally would rather not do either, but they are options.

Many thanks to @k_o_t@lemmy.ml and @AgreeableLandscape@lemmy.ml for banning those trolls.

Lemmy now has private instances, optional registration applications, optional email verification, and temporary bans! These are described in detail below.

Special thanks to @asonix for adding tokio-console and Jaeger + opentelemetry to our dev setups, so we can better identify performance bottlenecks.

What is Lemmy?

Lemmy is similar to sites like Reddit, Lobste.rs, or Hacker News: you subscribe to communities you're interested in, post links and discussions, then vote and comment on them. Lemmy isn't just a reddit alternative; its a network of interconnected communities ran by different people and organizations, all combining to create a single, personalized front page of your favorite news, articles, and memes.

Major Changes

Required email verification

Admins can turn this on, and new users will need to verify their emails. Current users will not have to do this.

Registration applications

Admins can now optionally make new users fill out an application to join your server. There is a new panel in their top bar where they can approve or deny pending applications.

This works in conjunction with the require_email field. If that is also turned on, the application will only be shown after their email has been verified. The user will receive an email when they have been accepted.

Closed / Private instances

The instance settings now includes a private instance option, which if turned on, will only let logged in users view your site. Private instances was one of our first issues, and it was a large effort, so its great to finally have this completed.

Temporary Bans

When banning users from your site or community, moderators can now optionally give a number of days for the ban to last.

Allow comment replies from blocked users

It used to be that if a user blocked you, you couldn't respond to their public posts and comments. This is now fixed. They won't see your content, but others can.

Upgrade notes

Follow the Docker or Ansible upgrade instructions here.

Support development

If you'd like to support development, and make sure that we will always be available to work full time on Lemmy, consider donating to support its development. We've spent hundreds of hours on Lemmy, and would like to be able to add more developers to our little open-source co-op as time goes on.

Changes

API

We've removed a list of banned users from GetSite, added a few endpoints related to registration applications, made a few changes allowing temporary bans, site settings, made a few changes to the login response. These are non-destructive and current clients should work with this release.

• A full list of the API changes can be seen on this diff of lemmy-js-client: 0.14.0 -> 0.15.0 .

Config

There is a new rate limit for creating new comments in the config.hjson.

Lemmy Server

• Adding temporary bans. Fixes #1423 (#1999)
• Add console-subscriber (#2003)
• Opentelemetry (#1992)
• Use correct encoding when fetching non-UTF-8 site metadata (#2015)
• Adding a banned endpoint for admins. Removing it from GetSite. Fixes #1806
• Prevent panic on InboxRequestGuard
• Case-insensitive webfinger response. Fixes #1955 & #1986 (#2005)
• First pass at invite-only migration. (#1949)
• Upgrading pictrs. (#1996)
• Trying out an upgraded version of html5ever. #1964 (#1991)
• Adding min setup password length to the docs. Fixes #1989 (#1990)
• Test pleroma follow (#1988)
• Remove awc (#1979)
• Consolidate reqwest clients, use reqwest-middleware for tracing
• Don't drop error context when adding a message to errors (#1958)
• Change lemmur repo links (#1977)
• added deps - git and ca-certificates (for federation to work) and changed adduser to useradd so that user can be added non-interactively (#1976)
• Allow comment replies from blocked users. Fixes #1793 (#1969)
• Fix retry infinite loops. Fixes #1964 (#1967)
• Add lotide activities to tests
• Allow single item for to, cc, and @context
• Adding a captcha rate limit. Fixes #1755 (#1941)
• Dont send email notifications for edited comments (fixes #1925)
• Fix API dupes query. #1878
• Fixing duped report view for admins. Fixes #1933 (#1945)
• Adding a GetComment endpoint. Fixes #1919 (#1944)
• Fix min title char count for post titles. Fixes #1854 (#1940)
• Adding MarkPostAsRead to API. Fixes #1784 (#1946)
• background-jobs 0.11 (#1943)
• Add tracing (#1942)
• Remove pointless community follower sort. (#1939)
• Use once_cell instead of lazy_static
• Adding unique constraint for activity ap_id. Fixes #1878 (#1935)
• Making public key required. Fixes #1934
• Change NodeInfo links to an array
• Fixing fuzzy_search to escape like chars.
• Fix build error in #1914
• Fix login ilike bug. Fixes #1920
• Fix Smithereen webfinger, remove duplicate webfinger impl (fixes #1916)
• Dont announce comments, edited posts to Pleroma/Mastodon followers
• Community outbox should only contain activities sent by community (fixes #1916)
• Remove HTTP signature compatibility mode (its not necessary)
• Implement rate limits on comments

Lemmy UI

• Fixed an issue with post embeds not being pushed to a new line #544
• Adding as and lt languages, Updating translations.
• Temp bans (#524)
• Fix banner. Fixes #466 (#534)
• Making the modlog badge stand out more. Fixes #531 (#539)
• Add some fallback properties for display in older browsers (#535)
• Private instances (#523)
• Add nord theme. Fixes #520 (#527)
• Dont receive post room comments from blocked users. (#516)
• Using console.error for error logs. (#517)
• Fix issue with websocket buffer.
• Switching to websocket-ts. #247 (#515)
• Fix native language issue. (zh_Hant) (#513)
• Fix tippy on component mount. Fixes #509 (#511)
• Fix docker latest (#510)
• Enabling html tags in markdown. Fixes #498
• Fix comment scroll bug. Fixes #492
• Fixing error for null person_block. Fixes #491
• Trying to catch promise and json parse errors. #489 (#490)