I’ve just read about ClubsAll in the Fediverse Report and did some digging. It seems to be another Threadiverse service federating with Lemmy and others.

While I always welcome new platforms into the fediverse, there are some weird things with this one.

  • It isn’t open source, but the developer mentioned on ProductHunt that they want to open source it in the future.
  • You can’t run your own ClubsAll instance at the moment
  • They want you to join their Discord, but wouldn’t it be better to have the conversation around it on ClubsAll itself? I’ve found a ClubsAll Community on ClubsAll but it only has two posts from 10 months ago without any comments or upvotes.
  • Their main search bar is just a Google search
  • They want to finance it through paid accounts, awards and donations according to their about page.
  • According to their privacy policy they collect interactions with the content, like voting, bookmarking and reporting to improve and personalize the website and to develop new products and services and for marketing and promotional purposes.
  • I haven’t found content that originated on ClubsAll yet, apart from c/ClubsAll. All I’m seeing is content federated from Lemmy communities.

For me there are some red flags in there, like closed source code, paid accounts and data collection for marketing. But, correct me if I’m wrong.

  • @vinay_clubsall
    link
    English
    21 month ago

    Do you have any idea of the timeframe when you’ll be able to open source the project?

    I replied in the other thread, copy pasting here: Open sourcing is not time dependent. I just need

    1. security review by someone experienced to make sure we do not instantly get hacked as soon as we open
    2. and some commitment to fix critical bugs and hacks that will kill ClubsAll or steal resources

    what are the languages used to develop ClubsAll Ah, good question. It is typescript, next, React, Cloudflare

    • Blaze (he/him)
      link
      fedilink
      English
      31 month ago

      Thank you for coming back

      security review by someone experienced to make sure we do not instantly get hacked as soon as we open

      The source not being open will not prevent attackers from trying to hack your website as it currently online.

      If you need help with having a look at the code, you can probably reach out to people here. You might want to shut the website down during the review so that if an issue is discovered it won’t be exploited.

      It is typescript, next, React, Cloudflare

      Interesting, those are all front-end languages. Do you know which one was used for the back-end?