Worked on improving the "about" page, with an automatically generated table of contents, better styles for headings and other elements, and integrating the "public domain blocks" (by @Thib) feature into it instead of a separate page

How about automatic table of contents generation for Mastodon's about pages?

Worked on adding extra security steps around 2FA settings: Sending e-mail notifications when 2FA is enabled/disabled, when recovery codes are reset, requiring password input before enabling 2FA and requiring password input before resetting recovery codes

Doesn't help if the password is compromised, but should help against, say, somebody sneaking onto your open desktop while you're away from the computer

Brainstorming with @Thib how the account migration feature could be safeguarded against someone who's unrightfully gained access to your account, like with those people who didn't have 2FA on and re-used passwords.

Since attackers usually just try e-mail/password combinations from data dumps, they may not actually have access to the e-mail inbox, so requiring an e-mail confirmation for such an action (as well as account deletion) would probably be a good step.

As requested, I added Norwegian Nynorsk and Breton to Mastodon's locales:

A while ago I shared a link to that old article about how someone hijacked the author's Twitter username, and one thing mentioned in the article was how the author was constantly getting bombarded with password reset e-mails. That kind of reinforces my opinion that Mastodon shouldn't allow login-by-username and stick to login-by-email only.

Worked on a --concurrency option for tootctl commands as well as replacing the dot-output with real progress bars throughout

I wouldn't want to keep 3 different execution patterns in tootctl so I need to know if people would prefer to parallelize inline execution instead of relying on Sidekiq. This could be faster than sequential execution but would require keeping the terminal open until the work is done.

Mastodon's tootctl utility provides a --background option for some tasks, which queues work into Sidekiq and allows the utility to exit quickly. This is primarily intended to allow a fire-and-forget use that doesn't require admins to keep an open terminal or screen/tmux for long periods of time. However, it has some downsides as it can overload Sidekiq and Sidekiq can overload other services.

Okay, here are some changes based on the feedback. Easier to find "resend confirmation e-mail" function, and more helpful tips on the account deletion page, along with some bugfixes.

In my opinion, if the profile directory were to keep the hashtags functionality, the hashtags should be sourced from the "featured hashtags" feature instead of hashtags used in the bio text. Does that make sense?

Anyone mind if I remove the hashtags from the profile directory sidebar at least temporarily?

I don't feel like they're intuitive and not super widely used as a result.

It's missing a play button, but is there something to this approach..?

Worked on a way for mods to include relevant toots in the e-mail notifications about moderator actions

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!