In anticipation of Lemmy’s upcoming 0.19 release, and to work out any final issues, we’re going to deploy a test release on lemmy.ml within the next few days.

We’re doing this testing on lemmy.ml only, so that we can encounter any issues before the release, and to make sure the upgrade process is smooth for other production servers.

Some of the following will happen during the process:

  • Apps will likely break (only for lemmy.ml)
  • Lemmy.ml may experience some downtime for the upgrade to complete (ideally no more than an hour).
  • If anything goes wrong, we may have to restore from a database backup, meaning content made in between backups may be lost.

If all goes well, we’ll have an official announcement for the release after this testing period.

I apologize for the difficulties this might cause. At most this will be a week of hair-pulling, but its vital that we catch any issues before telling other servers to upgrade.

  • pixelscript
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I seem to have been screwed over by TOTP.

    Hearing that this update was supposed to make borking your account harder to do when setting it up, I enabled it. Put the secret in my authenticator app, got my six digit code, and away I went.

    Now, a few days later, having changed nothing on my end, Lemmy.ml won’t accept my TOTP code. My session token on desktop is expired so I can’t remove it now.

    Currently my only lifeline to this account is my logged in session in Voyager, which, as far as I can tell, cannot access the TOTP setting. (Or any profile setting, for that matter… am I just stupid?)

    No email to recover from, either. That’s on me, I guess. Ugh.

    Not sure what my recourse is, if I even have any.

      • pixelscript
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Connect, Sync, and Boost all told me to go kick rocks.

        Evidently, whatever happened, it doesn’t seem to be an issue with your platform.

        • silas@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Ok, and you’re getting a new 6-digit code from your authenticator app every time you attempt to log in?

          • pixelscript
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Yes.

            I noticed my authenticator app (KeePassXC) offers the ability to customize the TOTP parameters (SHA function, time step, code size). But no combination of settings seems to produce a valid code.

            I assume Lemmy uses the suggested defaults in the RFC 6238 standard?

    • Nooz3
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I think using an authenticator app capable of generating codes using SHA256 might do the trick if you have any possibility to try that.