vinay_clubsall

joined 1 month ago
[–] vinay_clubsall@lemmy.world 4 points 1 month ago (1 children)

Update on this request: A developer approached me and is not only helping me with review and fix security issues. We found quite concerning security issues, so I think the decision to have another person look at this was right one.

We discussed and found that we need to do following work

  1. Redo backend/api so it is more robust, while doing that it will also become Lemmy API compatible
  2. Fix client so it adapt to any API changes
  3. Move from cloudflare workers to docker, so it can be self hosted
  4. Move from D1 to postgres (D1 has 10GB limit, ClubsAll db is already 5GB), so it is scalable
  5. Move production to a VM or k8s cluster so we can host our own DB, backend and frontend instead of CF workers

We have some work to do but will have a good product at the end of it. We will update further once we get this work done. Thanks to everyone to your thoughts and offers to help.

[–] vinay_clubsall@lemmy.world 0 points 1 month ago (4 children)

Typescript, Next, Cloudflare

[–] vinay_clubsall@lemmy.world 5 points 1 month ago

I think lemmy left a lot to be desired.

 

Hello everyone, We built clubsall, a frontend for federated content. Since the goal is to help build a reddit competitor, open sourcing is the logical next step.

However, without a review, I am afraid website could get hacked quickly.

Does someone with experience in scanning code for security issues or white hat hacking wants to help increase confidence so I can open source it?

[–] vinay_clubsall@lemmy.world 2 points 1 month ago (1 children)

Question for everyone here, how is everyone paying for hosting and development costs? While profit is not my motive, break even is needed for long term sustainability.

[–] vinay_clubsall@lemmy.world 2 points 1 month ago (1 children)

Do you have any idea of the timeframe when you’ll be able to open source the project?

I replied in the other thread, copy pasting here: Open sourcing is not time dependent. I just need

  1. security review by someone experienced to make sure we do not instantly get hacked as soon as we open
  2. and some commitment to fix critical bugs and hacks that will kill ClubsAll or steal resources

what are the languages used to develop ClubsAll Ah, good question. It is typescript, next, React, Cloudflare

[–] vinay_clubsall@lemmy.world 4 points 1 month ago (3 children)

Hi everyone, I’m Vinay, the founder of ClubsAll. I’ve noticed some negative sentiment, and I can understand why. I’ll do my best to clarify all the questions raised here.

https://clubsall.com/c/fediverse gives a 404, hiding posts such as the one we’re in. Very early censorship? Their approach to combining similar communities into one club could be the cause, and maybe they just haven’t set up the c/fediverse club yet.

Lemmy is too big to show everything. To keep costs low and due to some technical constraints with hosting, we had to prioritize what would be most useful to the broader community. If we show everything, the database won't be able to handle it, and I won't be able to afford the hosting costs.

There is no mention that this is content from lemmy.world. This is intentional. For federated servers to really compete, complexity needs to be eliminated. One of the goals of ClubsAll is to simplify everything, so we hide servers, instances, multiple logins etc that can be confusing and overwhelming for a new user. We're innovating and trying something different to help the Fediverse succeed. However, if we’re violating any community guidelines or site policies, please let us know.

This looks like a clear monetization attempt. We just launched. Please give us time to survive and implement features before jumping to conclusions.

They’re not contributing, and we don’t need proprietary cancer in the Fediverse.

Sorry you feel that way. Keep in mind that we built everything from scratch. Federation is not currently implemented, and we’ll need time.

Personally, I hope they open source, because the interface is visually appealing and quite fast. What I expect is most instances defederating from them soon, killing the product in the process.

Thank you for the compliment! I do intend to open source ClubsAll once I get some help. I truly appreciate the feedback and hope we are not defederated.

Being a single site, it might draw the wrong crowd and end up having serious moderation problems.

This is insightful and another reason for us to prioritize federation.

Seems to bring us back to the current Reddit situation with extra steps.

That’s a valid concern. However, I’ll open source the project once I get some assistance, which should alleviate some of these fears.

If you query it like a federated platform would, it returns HTML rather than the required JSON.

Keep in mind, ClubsAll was built from scratch and is funded entirely out of pocket. We’ve done as much as we can with what’s currently online (and a couple of new features are coming soon that I’m testing).

It seems to be a project where missing features are likely due to it still being at an early stage.

That’s exactly right. This is the main reason. Unfortunately, our developer recently left, so we’re at a bit of a feature freeze for now, aside from a couple of things coming soon.

Lack of details on how they implement federation.

We built federation from scratch, so many features are still missing. Currently, we don't federate, so it’s not possible to follow from elsewhere at this time.