I know your software boffins have been plugging injection vulnerabilities in your website, but here's something they missed. When the subtitle for a project contains an apostrophe, the website converts it to the HTML entity ' but this is not rendered correctly when the project is viewed. For an example, see #Ancient 12 hour display where the subtitle is shown as "Old LEDs don't die, they just shine away"

Will take a look thanks.

I am getting personal messages, but there is no a content in. Instead of the message's text there is the "loading bar" (circle) and no animation. All what I can se the quantity of messages. My browser is the most recent firefox.

Does anyone know how to change the language of this website? I can't find a "Language" option anywhere that might exist.

When I tried to upload a tarball to hackaday.io I got the following error message: "An error occurred uploading zeptoforth-1.8.0.1.tar.gz. This file type may currently be unsupported."

seems like I don't get any notifications anymore

May we be allowed to display SVG images?

Can this website please stop automatically adding liked projects and people followed to new joiners' home pages?
Project creators want to know what people genuinely like, so they can judge which projects to invest more time on.

The only project that a new user follows is the Hackaday project itself. Many of those "followers" are spammers who try to make their accounts look "active" by following random projects.

My young friend asked why he was following 22 people when he'd only just joined.

Could be a HaD glitch, not unknown. When I joined, I just got the basics.

I think as part of the on-boarding you are asked what projects that are shown are sparking your interest, which then leads to you follwing those.

It is definitely not part of on-boarding, because it happens before any declarations of interest.

What are you guys doing about making it harder for spammers to post their "projects"? It seems there are more spam postings than genuine projects. Is it a good idea to piggyback on Github authentication? Do you require mail address verification before enabling an account? Do you screen posts that have a huge proportion of links? Can you filter out certain languages, particularly the one that casino spam is posted in? They probably have slave workers forced to post their spam.

I also see that testers (I assume your own) are still discovering holes with Javascript injection. One popped up windows when viewing the page. Another created a form to be filled in.

Hello, I'm having a problem with adding images to my project log. When I drag them in or upload them it results in "Unknown error".
The image is 200kB PNG. I tried chrome and firefox, in firefox it added the images but after page refresh the images werent there.

Did you already try using the upload button instead of drag and drop?

on https://hackaday.io/projects page while not logged in. Clicked "next" to see next page. Suddenly the site was translated in corean or japanese IDK. Unusable and I don't see any reason to this on my computer.

I joined the website and created a profile to be able to post here. The page where you click on tiles to select your interests is absolute nightmare. You click, nothing happens. Click 5 times, eventually something happens, sometimes impossible to remove a tile... Probably from latency for searching compatible projects. Simply unusable.

The dates on website are in American format MM/DD/YYYY. There are many devs here, how can you use anything different from ISO8601 YYYY/MM/DD which is unambiguous ?

Agreed. International websites should use international date format.

I think if you blocked all postings in one particular language, you would get rid of most of the casino spam.

Bagaimana caranya memakai ini

Good question 

Is the hackaday.io Add Project function down?  I get a partial page drawn but no way to upload a file and then it just times out.

Check now

Yup!  Works.  Thank you.

My global feed is overloaded with Chinese fake certificate contents again. Many duplicated postings.  I see others here have posted before about it..

I reported the account "a48"

I also often experience a lot of 500 response gateway timeout errors when I attempt to view anything on the site.

It's becoming so bad for me, that the site is becoming near unusable for me.  ☹️

What's happening?  What measures are being undertaken to filter and block such spamming?

Hello??

Is it just me? - the site was offline for more than 24hours yesterday.  I only have a bit of time over the weekend to update my project's progress - so when its completely offline - Well as I mentioned above, this site is becoming unworkable for me.  Dont want to post links to my project on other social media --- if the site is 'mostly' offline.

I really don't want to move my project to another site - but if its always overloaded with spam and generating 500 errors for extended days - I literally have no choice.

Please don't let the bad operators win!

Dean.

I see the spam account "a48" is still in the global feed!  And the account is followed by "Hackaday the machine Official Hackaday Projects Robot"

Charming....

I am experiencing the same.  Seems the site is online now, but for how long?  It worries me!  This is an important community.

Yep.  Will miss this community.  I have started to explore setting up a project site on GitHub Pages.  But won't be the same.  

And also noticed that the latest posting in the "stack" section has a cross site injection script.  Not sure what it achieve, but it certainly not safe.  This site might be a serious vector for malware and such.

I think I shall be moving away.

It's important, and we're working on the recent stability issues.

I see the response from Richard Hogben, but not able to directly reply.

Thanks for the response Richard.  I guess you are part of a small team - and I do understand the stress and challenging task of working through something like this - been there myself.  

But I would expect a more expansive response.  I have raisd a number of issues, the site is mostly offline -- I think your team needs a more professional communication process, to explain what it understand is happening, and what you are, at a high level , doing to address the immediate issues and the fixes required to prevent it on going.

I mentioned in a previous post you have what appears to be cross-site vulnerability that is being actively exploited.  That can be quite serious and perhaps a potential way for people to take over other accounts - and maybe access linked Tindie accounts!

Perhaps i am wrong but why did the stack entry contain html code and when viewing, appear to be a google search page?

I do hope you sort it out.  I truely do..  But I have made the decision to move my content and leave hackaday.io.  I am only a very small contributor, joined during the pandemic.  I found this place help me a lot through that time.  I have no wish to leave.  But what else can I do? the site seems to be severely compromised.

As I said, I hope it all gets sorted and I wish you the best of luck

It seems the views counter on the project pages has been reset. Now showing numbers *way* small....

I noticed the same. Seems something has gone wrong.

+1.

My low-view projects show view counts that look plausible; others show no view count at all.

It doesn't seem to affect all projects.@Paul McClay 

Checking into this...

Should be back on track again!

I reckon that if your site devs implemented countermeasures against automated pasting of pages you would be able to throttle a lot of the casino and SEO spam. For sure they are not typing their stuff in by hand but pasting with a script. Bona fide users generally do type pages in by hand. And what about rate limiting on posting? Surely no genuine user needs to post more that once per hour on average.

"notifications" has disappeared from my hamburger menu lately. is that a bug or new normal?

Same here, but still in mobile site menu

For me it's gone from mobile also

Making some behind the scenes updates to notifications, they'll be back soon.

Still waiting patiently :) 

Please do not advertise "popular bits" when the project has nothing in it. I received a link to https://hackaday.io/project/195912-custom-car-display and the project Details says "[Details writeup in progress]".