I don't want to start some mass panic about Sign-in with Mastodon, but I figure it's best you hear it from me first.

It was developed in only 12 days and has some rough edges, but transparency is pivotal to trust IMO so that is why I'm letting y'all know.

I will fix the Mastodon token issue with revocation later today and make an announcement

Thank you for supporting me and my weird ass ways, and pushing me to be ethical & transparent, it's my pleasure to provide a good home for your pixels!

3
Share
Share on Mastodon
Share on Twitter
Share on Facebook
Share on Linkedin
dansup

Context: When you Sign-in with Mastodon, the Pixelfed server has a copy of your Masto token and *could* use it to read account info, but they cannot post or do any other actions. This will be fixed soon

mastodon.social/@dansup/110735

1
1y
Tansy Hoskins

@dansup I love pixelfed - thank you :)

0
1y
Celinho

@dansup I'm already using. Because it's open source and you provide the community, I trust you.

0
1y
Replies