Sadly, that would have to be one huge island.

This filter was very controversial, especially because at first it was hardcoded into Lemmy itself, and the devs initially were insistent in keeping it that way. Fortunately they eventually allowed it to be configurable by instance, which is a much more sensible approach. Especially considering other languages and even some english variants. And while most people like you and me appreciate the intent, many are still unsure if this is a good approach to fight the problem. It does seem hard to avoid a lot of silly false positives. I remember someone mentioning being really confused by this “Sremovedew Valley” mentioned everywhere, until they realized it was just Stardew Valley being mangled by the filter.

Lemmy has a slur filter regex. In case you’re curious, you can see an instance’s regex using this url (replacing the domain as needed):

https://lemmy.ml/api/v3/site

CTRL+F “slur_filter”

A random deployment is certainly risky, but no riskier than a random apk. I’d argue the random deployment is less risky because it’s easier to inspect it in the browser and see what it’s doing with your password. But of course both are to avoid. Self-hosting or compiling your own clients if you can, official deployments or releases otherwise.

Sure. Both compiling your own apk or self-hosting are ideal. If you’re not doing either though, the web app is more easily inspectable.

Its less dumb than entering it into a regular app compiled into an apk, which is more opaque (even if it’s also FOSS). Voyager you can host it yourself.

Closed source ones.

Voyager (formerly wefwef) is a self-hostable web app, so it doesn’t have this problem. Of course this only means you can inspect the code you’re running. You still have to able to understand the code to be sure it’s not doing anything malicious.