ResPublicae.eu admin @praetor@respublicae.eu

#ResPublicae has been upgraded to Mastodon v3.5.9, a security release.
https://github.com/mastodon/mastodon/releases?q=v3.5&expanded=true

The upgrade was painless. Thank you #MastoDev and especially @Claire[@]sitedethib.com for offering backports to pre-v4 releases and for the clear instructions.

While the details of CVE-2023-36459 have not been published yet, the title suggests the vulnerability may be exploitable even on an instance like ours where no third party can directly post anything.
https://github.com/mastodon/mastodon/releases?q=v3.5&expanded=true

To reduce truncation errors, we caved and increased the character limit for posts to 2000 characters.

It's easy to tell the server was a bit busier.

#ResPublicae mirrors are catching up on the recent posts, using RSS input for the ever-wonderful #PleromaBot.

We're only able to get the 20 most recent posts from #RSSHub, so any account which posted more than that in the past ~2 weeks will have some posts missing. Some posts also get a bit messed up in the data conversion, so please be patient. (Most issues are already reported upstream.)

Please send patches or donations at https://pleromabot.robertoszek.xyz/pleroma-bot/!

So it finally happened. The #TwitterAPI access used to update #ResPublicae was cut off, all requests get an HTTP 401 response. Some discussion at
https://github.com/robertoszek/pleroma-bot/issues/120#issuecomment-1593688412

Due to the growth of the #fediverse, which may have passed 10 million registered users depending how you count, we had to update our #DigitalServicesAct (#DSA) disclosures.
https://respublicae.eu/about/more

Other possibilities exist. The principle of least astonishment could be a guiding factor:
https://en.wikipedia.org/wiki/Principle_of_least_astonishment

We could mark posts from certain accounts unlisted if they regularly post to hashtags in ways which don't belong.

We could also forcefully add CWs to posts, but so far we don't. It's hard to come up with a CW which would be applicable for all accounts, or for entire classes of accounts equally. A catch-all CW like "From birdsite 🐦" is broadly correct but also potentially unhelpful.

Some accounts with no followers are sometimes considered problematic too, even though they're hard to find. Someone may accidentally stumble on something they were not prepared for.

I've surveyed a few accounts from known-controversial quarters and I've marked a few as forced-sensitive. I've also disabled mirroring RTs where they're mostly not about EU policy.

The #EuropeanParliament has a page on "Appropriate behaviour rules":
https://www.europarl.europa.eu/at-your-service/en/transparency/appropriate-behaviour

The Rules of Procedure, at Rule 10(1), state that:

«The conduct of Members shall be characterised by mutual respect and shall be based on the values and principles laid down in the Treaties, and particularly in the Charter of Fundamental Rights. Members shall respect Parliament’s dignity and shall not harm its reputation.»

https://www.europarl.europa.eu/doceo/document/RULES-9-2019-07-02-RULE-010_EN.html

Rule 176 deals with sanctions.
https://www.europarl.europa.eu/doceo/document/RULES-9-2019-07-02-RULE-176_EN.html

Another account seems to convey generic anti-establishment messaging. Its videos were not reported but I've made them forced sensitive.

Reports with specific clarifications on why a post is problematic are very welcome. (Often posts walk a fine line on topics like immigration, promotion of diversity.)

It's less helpful to send reports with no comments, about no specific posts or about generic policy disagreements (such as reporting anti-renewables posts, generic snipes against other parties).

I've reviewed incoming reports about a couple accounts, possibly triggered by one of them getting one (1) follower on troet.cafe.

The most serious report was about a probably transphobic post. On the fediverse it would at least need a CW for offensive content, discussion of state violence. The account is now limited.

To understand better, I'd like a private discussion with someone (preferably trans) who knows German and is up to date with current trans policy discussions in Germany.

An alternative list of #ResPublicae accounts is now also linked, with the names of national parties and citizenships.
https://w.wiki/6eaK

People sometimes have strong opinions about specific national parties but not necessarily about the European Parliament groups.

Easier lists should make it easier also for moderators of other instances to apply account-level blocks as needed according to their rules (which sometimes don't map easily to EU-level concepts).

Currently going through a backlog of about one week. No wonder activity was lower than usual as of late!

Amid long-delayed changes at #Twitter, it seems our mirroring bot no longer works correctly from its usual location, though it seems to work from another machine. It could be that our #TwitterAPI key was revoked and/or our IP address blacklisted. Or maybe something weirder.

More #MastoAdmin trivia/transparency for #ResPublicae.

The main operating cost for this instance is arguably RAM. 4 GB is more than enough, but it's nice to have some buffer. A DB crashing for lack of memory is not fun.

CPU usage varies a lot (but predictably) with traffic. We're on cheap shared CPUs, and 40 % steal CPU at the peak doesn't sound great, but the min idle CPU is over 10 %, so we never really run out of CPU due to bad neighbours. #Scaleway seems to be good enough at scheduling.

Ah. The date has been moved.
https://betweenthelions.link/@ne1for23/109861011947999276