@Bitrot @linux interesting, thank you for that information: I had been under the impression they did do manual verification of authors.

I did some checking: the closest I found to verification was this (so you’re right- no need to be the original author, but a bit of vetting does seem involved).

https://forum.snapcraft.io/t/manual-review-of-all-new-snap-name-registrations/39440

My takeaway here is to use whatever the software authors recommend ( on their website… assuming trusted authors)!

@pastermil @linux the attack surface for something that isn’t officially maintained by the developers, and that doesn’t have more vetting (e.g. distribution packages) opens up room for malicious actors.

e.g. #arch / #aur recommends verifying scripts manually before installing, and malicious scripts have been found and removed.

There are actors like #jiatan out there. An unofficial #flatpak needs manual verification before install - that’s why I just go with #snap if the flatpak isn’t official

@pastermil @linux I use both. There are packages where the website officially lists snap packages, no flatpaks.

Unless the project website has a link/install instruction recommending flatpak, I prefer either the distribution package where available, or snap otherwise - this is more from a supply-chain perspective - since snap requires the original developers of the package to package snaps.

If the developers have officially listed flatpak on their site, that however, is good enough for me.

@JackFromWisconsin
@firefox the upvotes don’t look like favorites either - they just don’t register.

I’ll share a mastodon screenshot, then edit my post so you can see it on Lemmy too.

Note how there are 34 upvotes on Lemmy, but no favorites on mastodon.

https://cdn.fosstodon.org/media_attachments/files/112/122/170/166/407/713/original/fdd13cdf619f5d64.jpg

https://cdn.fosstodon.org/media_attachments/files/112/122/170/941/069/975/original/5d713ef897059efc.jpg
Edit: markdown format embedding doesn’t get to Lemmy for some reason, so here are direct links to the images instead.

@otter @firefox
I noticed that the boost seems independent of upvote, though I don’t have enough experimental data (aka spam) to verify my hypothesis.

Even better - you can see the whole thread from both #lemmy and from #Mastodon . However, you only see the conversation, not upvotes/downvotes in mastodon, while you see votes too in Lemmy.

Edit: I tried to not tag @firefox this time to see if my reply showed up on Lemmy. It didn’t.

Tagging so the Lemmy thread also shows the reply and pictures.

Edit++: so retroactive tagging doesn’t work ☹️…nvm, it just took a bit of time to update!

++Edit++: pictures only show in the top post 😔

@mozilla @firefox I see multiple upvotes, but only one boost.

Further, the boost only seems to apply to the top post, not to the replies.

#curiosity solved by #experimentation . Feel free to add more #observations .

To #science 🥂

@mozilla @firefox
Answer found: it is a reply to the original post!

Further, an upvote on #lemmy is a boost on #mastodon.

What’s weird is that the boost seems to come from the community it was posted to, not the Lemmy user that upvoted it.

I wonder what happens when there are multiple upvotes … Multiple boosts by the and community (e.g. @firefox)?

@mozilla @firefox

Just confirmed it does! Now does a #Mastodon reply create a new post, or is it a reply to the original? I will find out soon!