nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub12haw8lqt6g57r8zk9vc7w32cezuu2d5tcqpsarquntgfl5n0wrjq8nxxk6 >Pleroma is full of security vulnerabilities because OnlyFans paid people on Upwork to implement a bunch of features nobody wants.

Also there's nobody auditing it. As jank as Mastodon is, they have processes for dealing with this too and a bug bounty.

https://arstechnica.com/security/2023/07/mastodon-fixes-critical-tootroot-vulnerability-allowing-node-hijacking/

https://docs.joinmastodon.org/dev/disclosure/

nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 Wait... Is OF based on Pleroma?

> to implement a bunch of features nobody wants.

come on man, that's not fair. When federated instance emojis were first happening people wanted an easy way to download entire emoji packs from other servers. Don't rewrite history.

Lots of times users request features that nobody ever uses. That's the problem with having users. They always think they know what they want.

also Elixir is memory/thread safe, so no it's not "full of vulnerabilities".

nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub12haw8lqt6g57r8zk9vc7w32cezuu2d5tcqpsarquntgfl5n0wrjq8nxxk6 >Have you ever tried downloading an emoji pack from a server?

Yes I use it to sync emoji between sgsgb and ebinclub. It's also broken.

nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub12haw8lqt6g57r8zk9vc7w32cezuu2d5tcqpsarquntgfl5n0wrjq8nxxk6 Nigger you flip-flop between begging for Pleroma commit access and calling Pleroma out for not adhering to your wife's blog. No wonder everyone ghosts you.