Tavern 2.0 feedback thread

Welcome to a new incarnation of the classic dcss forum, the tavern! This thread is for feedback about this version as we open it up to the public.

  • This is a discourse instance, not a phpbb instance like the old one. This choice is primarily for maintainability and admin benefits, but we realize that some aspects of the design and behavior will be pretty different.
  • Any problems / bugs with the initial release?
  • Feature requests?
3 Thanks

it’s okay

edit: it’s telling me posts have to be at least 20 characters, what da heck

further edits: so under the “users” tab there are columns for “topics viewed”, “posts read”, “days visited”, are these actually necessary? i can’t even imagine what the use case would be even on some other forum. is it possible to cut those

I can adjust this if this is too many, I’ve already lowered the post title minimum.

I’m not sure how configurable this page is, though I can turn it off (for public viewing) altogether. Edit: aha, this was easy to do once I found the right button, I’ve disabled these columns. It does seem a bit intrusive for everyone to be able to see them.

1 Thank

I don’t seem to be able to post a new topic. Is there a limit on new accounts or something?

I get “An error occurred: You are not permitted to view the requested resource.”

Hm, this should work for new users. Where were you trying to post? I do have the general categories set to prevent that (e.g. don’t post in “the tavern”, post in one of the subcategories), but this may be a bit counterintuitive, we’ll see.

Ah, posting to The Tavern was exactly what I was trying to do. Mostly confusing because that was the default, but it’d be good to eliminate the option if it’s not actually an option.

Would you be able to post a screenshot of where this was the default? In the UI I’ve checked the buttons should be disabled or removed. Edit: Ah nevermind, I think I’ve found it

1 Thank

These stats are still publicly visible in user profiles.
https://tavern.dcss.io/u/[USERNAME]/summary

Thanks for pointing that out; the discourse devs seem very into optimizing engagement. I so far haven’t found a way to hide those stats globally, but there’s a per user setting, “Hide my public profile and presence features”, under Preferences → Interface that should do this. (It may do a bit more, not sure… Edit: I think this hides your entire profile.)

I’ve also, for now, disabled user profiles from being visible without logging in. This might be overkill though.

Edit 2: I ended up hiding this in the default theme just by css; it isn’t really gone (people can use the “hide” feature for that still), but it would be hard to find at least. I don’t think it can otherwise be removed without some plugin work.

Not being able to edit posts past a day (?) is pretty annoying, i’m not sure if its intentional or default settings or?

3 Thanks

This is the default setting for Discourse trust level 0 or 1, at trust level 2 the default setting is a month. I’m not opposed to changing this but what exactly is the use case for longer term editing (as opposed to just responding with an update, etc)?

The specific use case is for this post where there are things I want to fix. (not just things hellmonk wanted to mention, like death scarabs slowing)

There are also reasons to edit a post because you really want the OP to be edited. Like if you won/lost a CIP 2 days after you posted it, it would belong in the OP imo. There can also be cases like here where trunk updates a few days after and invalidates a post completely. (People are less likely to look below when reading, people read top to bottom)

I can’t think of much way to abuse the ability to edit for longer, at least not for something like here. Even default users can look at edit histories after all.

Alright, for now I’ve disabled editing time limits. I think the tl0/tl1 limit in particular is probably designed to curb certain kinds of spam, but this forum is too new to be getting that and also because it’s new most users are tl0/tl1, so I agree that a tight limit on that probably doesn’t make as much sense right now.

(If we do start getting some spam it could need to return in some form at least for low trust levels; this is the case where an innocuous-seeming comment from a new account is later stealth edited with a link, when it is less likely to be seen; old tavern did get this.)

2 Thanks

Minor thing: when you scroll down in a thread such as this one, the “dungeon crawl stone soup” logo that usually takes you to the home page becomes is replaced by the thread title, which takes you to the top of the thread. So, to get back to the home page you have click the thread title, wait for it to scroll up/load (this takes longer if you haven’t loaded the entire thread yet), then click the logo. Is there a way to always display a “back to home” button?

If you click on the image of the soup logo instead of the title, it still takes you to the home page.

1 Thank

Thank you! It wasn’t clear to me that that was a separate button. I take it back then!

1 Thank

Also, for some reason on mobile (but not desktop) if you scroll up, it switches back to the non-title banner. But given that there is something clickable, I wouldn’t want to remove the thread title from there, it’s kind of useful.

In the long run, it might be good if the two logo styles for tavern, essentially big/wide and small (which I have just pulled directly from dcss assets) were more visually related, so that stuff like this went a bit smoother.

I love it so far. Only problems I’ve had have been related to 3rd party stuff (extensions, permissions, etc.)

I’ve added a dartboard category: Dart Board - Tavern 2.0

The default stickied post has a few links for various competitions that exist or have existed, the past few tournaments, etc.

I want to throw a good word here. Just before signing up to this forum a few minutes ago, I analyzed this domain (tavern.dcss.io) in Qualys’s SSL Labs test and you get A+ for security. Well done. I’ve noticed there’s many DCSS game servers that don’t have HTTPS, or that have HTTPS but are vulnerable to serious security vulnerabilities (e.g. crawl.xtahua.com as far as I remember, a few months ago, and it was vulnerable for a really long time up to a few days or weeks ago I think). And in any case playing SSH securely is impossible because I was completely unable to find the fingerprint of the SSH host key of any of the servers. (I’m not talking about the private user key that can be installed to log in through SSH more smoothly, I’m talking about the key that the server uses to identify to the user, not the other way around. SSH authenticates in both directions.)

EDIT: There is also a widespread false belief that online DCSS accounts are server-agnostic. I’ve also read posts (here, in the r/dcss subreddit, or elsewhere) where players use silly explanations to conceptualize how their account “is” one single thing instead of server-specific. This is mainly driven, I think, from the fact that the two major ranking websites (on crawl.akrasiac.org and on dcss-stats.vercel.app) conflate different accounts (on different servers) with the same username as if they’re the same. Now I saw someone complaining that the tournament page discarded their streak because someone made an account with the same name on a different server and lost. I also forgot: The DCSS wiki (which, thanks to the DCSS developers’ terrific work, is mostly unnecessary) also doesn’t use HTTPS at all, which is terrible, considering also that registration is required to edit articles (and I’ve definitely catched errors there). Just goes to show the lack of basic security that’s widespread in this game’s community. There’s no HTTPS, there’s offering of insecure SSH with a special key that misleads players to think it’s secure, the wiki is insecure, and the stats/reputation of players can be ruined both accidentally and maliciously by others.