You must log in or # to comment.
Never post online something you don’t want to be public.
This one seems weird to me. If the posts are private, why are they federated? If they’re intended to be federated, why indicate any expectation of privacy?
People’s expectation of twitter level service doesn’t match up with the reality of federation. Devs tried to make it work anyways, with predictable results.
It’s sent to all servers where there is at least one user who should be able to see it. And then that server is trusted to only actually show it to the users who are supposed to see it.
In this case, Pixelfed is messing up by showing it to all users who tried to follow a hidden profile, as long as at least one Pixelfed user has been approved to view the profile.
