

It’s nice that these things are open source


It’s nice that these things are open source


Well, they do have that fruit basket, so…
I’ve got a second deployment of immich that also got stuck somewhere on v1.x. May I ask how you upgraded to the most recent version? Did you just go for 3.0, or did you do “baby steps” in between? (e.g. 1.138 > 2.0 > 3.0)
I do still read the changelogs and compare compose files thoroughly on every major update. With that in place, Immich has not once broken down on me, and I’ve been here from almost the very start.


Like showing up to the bank heist in a neon pink monster truck.
unless you rip the movie out into a single file first
I don’t see the problem with that. It’s what I’ve done with every single disk I own. Why would I bother with badly-written menus, pointless extra content and tons of ads and copyright warnings I need to sit through before I can watch what I paid for?


You patched the annoying “crash-on-start” bug! 😍 I was collecting diagnostics to help nail it down, but you guys were faster. Keep up the great work! 👍👍👍


Leave the poor Russian bot alone. Shilling fossile tech and vilifying Europe for responding to Russia’s aggression is hard enough as it is.


Qwant is nice, but it keeps blocking my VPN and locks me out if I happen to use a non-European exit node. And I’m not pulling down my mask for a fucking search engine.
If you’re willing to put up with Duckduckgo but hate AI search, there’s https://noai.duckduckgo.com/
Thank you! While that does allay most security concerns, it does beg the question how useful such a vulnerability tracker is if it doesn’t actually show any relevant vulnerabilies and you constantly have to second-guess what it says. Warning signs that aren’t actually warnings because it’s “just a false alarm” quickly teach personell to not take warnings seriously - unti, onel day, it’s not a false alarm…
Thanks for your detailed reply!
To make that happen, the attacker must […] already have access to the server to upload and process the file, which means that security has already failed.
Do I correctly assume that by axis you mean shell or even root level access? If not, any of my regular users (turned rogue…) could upload a poisoned raw file which nextcloud would process to, for instance, generate a thumbnail.
It feels like nitpicking, but there’s a relevant difference here. If you can only access the weights (and not the training data and the learning algorithms used), it’s hard to get (say) a Chinese model to freely talk about Tiananmen Square Massacre. (Just tried it locally on Deepseek R1; it’s doable, but takes some prompt hacking.) The models may be freely available, but there’s bias and censorship baked into them.