This issue is already quite widely publicized and quite frankly “we’re handling it and removing this” is a much more harmful response than I would hope to see. Especially as the admins of that instance have not yet upgraded the frontend version to apply the urgent fix.

It’s not like this was a confidential bug fix, this is a zero day being actively exploited. Please be more cooperative and open regarding these issues in your own administration if you’re hosting an instance. 🙏

    • andrewOP
      link
      fedilink
      English
      21
      edit-2
      1 year ago

      There are, via dessalines’ repo. It’s for lemmy-ui only, at 0.18.2-rc.1.

      I have it running already on my instance, and have for 93min now.

      • @[email protected]
        link
        fedilink
        English
        21 year ago

        thanks, I guess I missed it. gonna update ASAP just in case, even though I’m the only user of my instance.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        Excuse my ignorance, but where can I find details to this issueand does it affect only 0.18.1, or also 0.18.0?

    • Netto Hikari
      link
      fedilink
      English
      31 year ago

      For amd64, Lemmy dev Dessalines pushes images to his Docker Hub repo usually right after a new version comes out.

      Since they don’t release arm64 builds anymore, I build them regularly and push them to my repo, which can be found here.

    • @[email protected]
      link
      fedilink
      English
      -231 year ago

      Which leads me to ask: why are we still using Docker images as a MAJOR part of our infrastructure when superior alternatives exist? The Docker aspect made me realize how hacked together the codebase actually is.

      • @[email protected]
        link
        fedilink
        English
        111 year ago

        Just because it’s not using your personal preference of containerization doesn’t qualify it as being “hacked together”. Docker is a perfectly acceptable solution for what Lemmy is.

      • @[email protected]
        link
        fedilink
        English
        91 year ago

        I will always espouse containers for critical workloads as they provide much better orchestration, especially during deployment. If your complaint is specifically against docker, I agree, we should be using k8s

          • andrewOP
            link
            fedilink
            English
            121 year ago

            When someone says docker in the context of images today, they’re already talking about the OCI format.

          • The Quuuuuill
            link
            fedilink
            English
            21 year ago

            OCI uses Dockerfiles and runs Docker images as docker images are just KVM image, which is what OCI runs. Nix is absolute overkill for the orchestration of a web server workload and would be better for managing the container host (whatever you’re running kubernetes or docker swarm on).

            I don’t really know how to put this, but nearly every single web service you encounter and interact with is built using a dockerfile just like how Lemmy is doing. If you’re going to disqualify Lemmy as a viable platform based on it having a dockerfile, I got bad news

            • @[email protected]
              link
              fedilink
              English
              11 year ago

              I thought KVM was virtualisation, as in separate kernels.
              And I thought containers shared the hosts kernel. Essentially an “overlay os”.

              So, a KVM could virtualise different hardware and CPU architectures.
              Whereas a container can only use what the host has

      • @mcmxciA
        link
        English
        81 year ago

        What are these ‘superior’ alternatives?