Commit graph

2286 commits

Author SHA1 Message Date
d293fc1dc7
activitypub: fix parsing users without sharedInbox
Some checks failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-04-01 12:03:13 +02:00
e2779befe6
remove duplicated cache
Some checks failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
A cache for instances already exists and is exported there. Also the
type annotation here seemed wrong anyway because there did not seem to
be a way for that fetcher to actually ever return `null` as a value.
2024-03-30 23:31:47 +01:00
2218936af3
server: better performace for mass delivery
Some checks failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
This should hopefully relieve some of the massive hammering on the
database when mass delivery jobs are running.

However, this also means that instance blocks are applied with a
slight delay on delivery queue. Since the settings page in the
native frontend already warns about this, I think it should be fine.
And the maximum time an instance block would be delayed would be
somewhere around 5min which IMO is also tolerable.

Changelog: Changed
2024-03-30 16:41:55 +01:00
b8b69f825a
activitypub: strict id check
TBH I'm still not quite convinced that this is really necessary but also
since treating an id mismatch like a redirect, I also don't think it
should break anything.
2024-03-30 16:40:57 +01:00
01f8c5d7da
activitypub: disallow cross-origin redirects
Changelog: Security
2024-03-30 16:12:26 +01:00
7e37a8fd88
use decrementing amount of redirects
This makes `redirects` contain the number of remaining redirects, which
makes it easier to limit the number of further redirects that should be
allowed.
2024-03-30 16:12:26 +01:00
e2311a6f4b
refactor function placement 2024-03-30 16:12:22 +01:00
ac1ef641f5
server: fix cache expiring
Some checks failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
2024-03-30 08:39:47 +01:00
1af0687423
server: refactor fetching private key
Especially in the case where the private key is used in an "array deliver",
it makes sense to only get the private key once instead of having the overhead
of fetching the key for each HTTP request.
2024-03-27 21:22:25 +01:00
09ff7f0c7d
client: add button to delete all shown notes in clip
This makes use of the API functionality in the backend which was introduced in
commit 89761c86ab .
2024-03-27 21:12:38 +01:00
f285281b5a
fixup! server: properly expire public key cache 2024-03-26 21:06:21 +01:00
624157f03e
server: forbid activitypub requests on unexpected routes
ActivityPub requests on routes which do not support activitypub
are now replying with HTTP status code 406 "Not Acceptable".

ActivityPub clients are required by the W3C TR to set the `Accept`
header. If this accept header is detected on an unexpected route,
the whole request will be aborted with the status code above.

This is an additional measure for clients who might not be aware of
having to check the content-type header of the reply.

Ref: https://github.com/w3c/activitypub/issues/432
Changelog: Security
2024-03-26 21:05:13 +01:00
e366116ac1
add/translate comments 2024-03-22 09:41:45 +01:00
2b5a35147a
activitypub: stop accepting collections in inbox
Changelog: Removed
2024-03-20 06:27:01 +01:00
1098b3a038
activitypub: remove sending read receipts for chat
Changelog: Removed
2024-03-20 06:10:51 +01:00
6501c542b2
server: only cache public keys for 15min
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-03-19 19:16:07 +01:00
ab22a1afa0
more compact notifications
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/test Pipeline failed
Don't show the entire renoted note in notifications and some other places.

Changelog: Changed
2024-03-19 19:09:34 +01:00
5f09a44dbb
more tracking removal
Some checks failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-03-19 18:50:57 +01:00
2c55f8968c
fixup! server: return report id when reporting
Some checks failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-03-19 18:46:00 +01:00
fc733a4a86
server: properly expire public key cache
Changelog: Fixed
2024-03-19 18:40:34 +01:00
5636534d03
server: fix user deletes being stuck in queue
Some checks failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
The user was already deleted from the user cache, so requesting the
user returned null. Because the key was not null, there was a non-null
return, in turn making further code think, fetching the user was
successful.
2024-03-19 18:07:41 +01:00
4b121e7615
format package.json, update lockfile
Some checks failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-03-17 17:31:36 +01:00
5664c9fdf7
fixup! remove unused hashtag chart
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
Apparently the sequence is automatically deleted.
2024-03-17 17:21:02 +01:00
d82c72a111
remove unused hashtag chart
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
Changelog: Removed
2024-03-17 16:48:36 +01:00
f751941a30
client: moderators can immmediately forward reports
Some checks failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-foundkey-js Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
Changelog: Added
2024-02-23 14:22:09 +01:00
76aef3de74
client: update URL tracking removal
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-backend Pipeline failed
2024-02-23 12:32:15 +01:00
dbdb2b70f1
client: refactor API calling 2024-02-22 22:26:32 +01:00
d4a5ed29db
server: return report id when reporting
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-backend Pipeline failed
This can be useful when adding a feature for admins and moderators
where they will be able to immediately deal with their own report,
i.e. forwarding it to the other instance.

Changelog: Added
2024-02-19 08:19:23 +01:00
fba8536743
stop retries after wrong content-type
It does not make sense to re-request the same resource with the same
parameters and expect a different content-type to be returned. Also
this makes the error message more sensible and understandable.
2024-02-19 07:50:19 +01:00
4b3154c22c
streamline reporting window
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
2024-02-19 07:46:55 +01:00
47b3277201
check content-type header on AP requests
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
Changelog: Security
Ref: GHSA-jhrq-qvrm-qr36
2024-02-17 09:04:36 +01:00
Laura Hausmann
c8f8e4c01d
activitypub: fix typo in audience.ts isPublic check
Some checks failed
ci/woodpecker/push/build Pipeline failed
ci/woodpecker/push/test unknown status
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
2024-02-11 13:12:43 +01:00
6ee8a369b3
remove private-ip
Matching IP addresses against Regex does not seem like a smart idea.
Also it depends on ipaddr.js so that is already in the dependency
tree for us anyway.
2024-02-03 12:49:04 +01:00
c504091c61
server: AbortError at lower log level
Some checks failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
AbortErrors happen when a connection times out, which is a quite
common occurrence and not worthy of a warning level log message.
2024-01-24 01:16:30 +01:00
aac1c40657
server: only decrement deletion ref count on final fail
Changelog: Fixed
2024-01-24 01:15:47 +01:00
83bce62672
server: prefer IPv6
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
> wild, it seems they had a bug about A/AAAA fallback a while ago but the
> way they fixed it is "v6 if v4 fails", not the other way around
>
> https://github.com/szmarczak/cacheable-lookup/issues/27
> b2348d5aed
>
> javascript community pls
-- @sn0w@cofe.rocks
2024-01-23 19:57:37 +01:00
6fd422f2b0
server: use AbortSignal.timeout
Using AbortSignal.timeout is a cleaner solution that using an
AbortController and triggering it ourselves with setTimeout.
2024-01-23 19:46:11 +01:00
b94aeb2df2
server: try to fix link parsing from wafrn.net
Some checks failed
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
Changelog: Fixed
2024-01-05 14:15:53 +01:00
ada577bde6
server: fix/document strange requirements for emoji packs
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
The change in the emoji export logic should fix the case where emoji
packs exported with Foundkey should be used in any other Misskey fork.

I've opted not to change the import logic and instead document the
strange behaviour because it would also not be accepted by Misskey.
2024-01-04 21:31:04 +01:00
3968a6ca07
server: fix wrong emoji regex in backend
Some checks failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
Changelog: Fixed
2024-01-04 17:43:05 +01:00
86565cd25b
client: link to update vote count
Some checks failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/test Pipeline failed
2024-01-03 17:41:20 +01:00
24f6177b94
server: endpoint to fetch votes count
Changelog: Added
2024-01-03 17:29:46 +01:00
78359daac6
server: remove denormalized note visibility field
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
Changelog: Fixed
2024-01-03 16:13:13 +01:00
2cf80a8ccf
remove pinned users
Changelog: Removed
2024-01-03 16:01:56 +01:00
6bd42ab3f9
client: remove explore page
Changelog: Removed
2024-01-03 16:01:55 +01:00
5d60ba6c50
client: remove initial tutorial
Foundkey is not really intended for new users, so it seems to me harmless
to remove this therefore unnecessary tutorial.

Changelog: Removed
2024-01-03 16:01:29 +01:00
66560f9977 Add missing else in log level checking
Some checks failed
ci/woodpecker/pr/build Pipeline was successful
ci/woodpecker/pr/lint-client Pipeline was successful
ci/woodpecker/pr/lint-backend Pipeline was successful
ci/woodpecker/pr/lint-sw Pipeline was successful
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline failed
I was getting confused for a good while on why this message showed up
even though I set the environment properly
2023-12-18 05:26:44 +02:00
c67ff44207
make webfinger server stuff more readable
Some checks failed
ci/woodpecker/push/lint-backend Pipeline failed
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/lint-sw Pipeline failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
ci/woodpecker/push/lint-client Pipeline failed
ci/woodpecker/push/test Pipeline failed
2023-12-16 09:59:51 +01:00
bed6a1e2d8
redirect webfinger of domain to instance actor
(Johann150 yells at cloud)
2023-12-16 09:59:17 +01:00
89761c86ab
server: add endpoint to delete multiple notes
Changelog: Added
2023-12-03 14:37:11 +01:00