230
Honestly, is the problem that they need extra hands to fix these issues?
Thank you for this list. We are aware of quite a few, but for reasons of backwards compatibility they've never been fixed. We'd definitely like to but doing so in a non-disruptive way is the hard part.
While I'm sure that some of the answer is in not having dev time to fix it... Their response makes it seem like they're not fully interested in fixing it for other reasons... In the case of this response, "Backwards compatibility".
~~Many of these have already been fixed FWIW, it's not a collection of open issues.~~ Nevermind, they have only been closed, not fixed. Yikes.
No. None of the items are closed. Click the "closed" items. All of them are "Not planned. Duplicate, see 5415".
Edit: The biggest issue of unauthenticated streaming of content... https://github.com/jellyfin/jellyfin/issues/13777
Last opened last week. closed as duplicate. it's unaddressed completely.
That's really sad. Damn, how disappointing.
I mean it was closed as a duplicate of the collection, not closed.
PluginsController only requires user privileges for potentially sensitive actions
- Includes, but is not limited to: Listing all plugins on the server without being admin, changing plugin settings, listing plugin settings without being admin. This includes the possibility of retrieving LDAP access credentials without admin privileges.
Outch
I remember when they were arguing that you don't need a VPN or proxy basic authentication in front of it because their team knows how to write secure code...
There's a bug (closed as won't fix) where proxy basic authentication breaks jellyfin. You can't use it.
I'm not sure who needs to hear this, but unless you work as a security engineer or in another security-focused tech field, you really shouldn't be exposing your homelab to the open internet anyway
Most people access their homelabs via VPN - i don't see anything here that's a problem for that use-case.
load more comments
(8 replies)
For those unaware, it's a good idea to be using a service like tailscale (self hosted=headscale if you don't want to make your login credentials tied to apple, google, or Microsoft). It's a VPN but a lot simpler to use.
load more comments
(4 replies)
view more: next ›
this post was submitted on 02 Apr 2025
230 points (100.0% liked)
Technology
38453 readers
670 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 3 years ago
MODERATORS