DrWeevilJammer

“The customer is always right” mindset, except that doesn’t work with open source when they’re using something they downloaded for free.

You’ve put your finger on the thing that was bothering me about the tone of the original post - it’s very similar to a Nextdoor post.

We had a good solution…

Did we? Do you know why it was removed in the first place?

Someone has already submitted a PR with the changes the dev recommended. The captcha stuff is in a new db table instead of in-memory at the websocket server.

However, from one of the devs:

One note, is that captchas (and all signup blocking methods) being optional, it still won’t prevent people from creating bot-only instances. The only effective way being to block them, or switch to allow-only federation.

Once people discover the lemmy-bots that have been made that can bypass the previous captcha method, it also won’t help (unless a new captcha method like the suggested ones above are implemented).

The root of the issue seems to be that they’ve removed websockets, for the following reasons:

Huge burden to maintain, both on the server and in lemmy-ui. Possible memory leaks. Not scalable.

I can understand them wanting to make their lives a bit easier (see "huge burden to maintain) - Lemmy has exploded recently (see “not scalable”) and there are far bigger issues to fix, and an even larger number of bad actors (see “possible memory leaks”) who have learned about Lemmy at the same time as everyone else and want to exploit or break it.

Is this a collective undertaking by a community of multiple stakeholders or is this the Dev’s individual project and they don’t have to listen to anyone?

Devs, especially extremely busy ones “listen” via pull requests. Instead of badgering the devs, put together some devs of your own, get some code working, and submit it as a PR.

If they don’t accept it, you now have code that does what you want, and it would be easy to create your own fork.