2FA has been restored for all LW users that had it enabled before and didn’t reactivate it on their own since.
There will be an announcement posted later on explaining what happened.
edit: announcement is out: https://lemmy.world/post/18503967
this is a separate issue unrelated to the 0.19 update.
this was not a Lemmy bug.
Hi,
this was unfortunately an error on our end.
Please bear with us while we work on resolving this situation.
Us not upgrading has nothing to do with making a point.
We’re aiming to run a stable instance, which can come at the cost of delayed updates.
We didn’t update to 0.19.4, and a few weeks later 0.19.5 was released with a number of critical bugfixes.
0.19.6 will have several more fixes for issues introduced in 0.19.4+, such as a fix for remote moderators updating local communities, allowing admins to filter modlog entries by moderator, as well as some performance issues reported by other instances.
We usually wait for other instances to run the latest version for some time to allow bug reports to surface before we update ourselves.
we’ve switched from using multiple federation sending containers (which are supposed to split receiving instances across workers) to just using a single one.
fwiw, it does not appear to be triggerable from within lemmy at this time.
I’ve just tried this on another instance and lemmy complains
The webfinger object did not contain any link to an activitypub item
I suspect this currently can only be triggered from threads.
it’s not just this community getting hit.
it’s mostly !asklemmy@lemmy.ml, !asklemmy@lemmy.world, !opensource@lemmy.ml and !selfhosted@lemmy.world, though some of the latest spam also started arriving in !warframe@dormi.zone
Most of these are unfortunately limited to local instance moderation, which means all instances that don’t run these bots don’t benefit from them.
The posts have already been modified in ways that they aren’t as easy to reliably filter anymore, though still possible with fairly low false positive rate.
To add to this, depending on how content is removed, removal may or may not federate properly. on Lemmy.World, we’ve been removing content in a way that reliably federates, so while a lot of this spam does arrive in !asklemmy@lemmy.world and !selfhosted@lemmy.world, the removals on Lemmy.World should federate to all other instances (0.18.5+).
The other portion of the spam is mostly on Lemmy.ml, in !asklemmy@lemmy.ml and !opensource@lemmy.ml, and not all of their removals have been done in a way that federates.
they appear to be advertising their “criminal organization”, listing some of the illegal activities they do and where to find them.
posting and commenting.
voting should work: https://lemmy.world/post/11967676
you may have been thinking of https://poliverso.org/objects/0477a01e-1166-c773-5a67-70e129601762, which was neither lemmy devs, mastodon devs nor lemmy.world admins