FoundKey

Author	SHA1	Message	Date
Francis Dinh	f30e02dc73	security: update multer to 1.4.5-lts.1 This version of multer contains a fix for CVE-2022-24434 which affects a transitive dependency. > This affects all versions of package dicer. A malicious attacker can > send a modified form to server, and crash the nodejs service. An > attacker could sent the payload again and again so that the service > continuously crashes. Ref: https://nvd.nist.gov/vuln/detail/CVE-2022-24434	2022-08-18 01:37:39 -04:00
Chloe Kudryavtsev	390a5efb59	update package name, packages We are FoundKey now. Use semver pinning for "serious" packages. Update eslint, typescript, vite and surroundings. Bump yarn.lock.	2022-07-18 06:41:58 -04:00
syuilo	573dd770bf	feat(server): add fetch-rss api to reduce dependency of external apis	2022-07-16 11:22:47 -04:00
MeiMei	6c330a1343	migrate parse5 to 7.0.0 (#8916 ) * migrate parse5 to 7.0.0 * fix	2022-07-15 10:14:36 +02:00
syuilo	b6a31bdfcb	use parse5 6.0.1 Fix #8914	2022-07-15 10:14:36 +02:00
syuilo	ffa86c1d76	update deps	2022-07-15 10:09:44 +02:00
Johann150	ff1c5167b6	update backend lockfile	2022-07-14 23:32:34 +02:00
dependabot[bot]	b269ab709b	chore(deps): bump jsrsasign from 10.5.24 to 10.5.25 in /packages/backend (#8889 ) Bumps [jsrsasign](https://github.com/kjur/jsrsasign) from 10.5.24 to 10.5.25. - [Release notes](https://github.com/kjur/jsrsasign/releases) - [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt) - [Commits](https://github.com/kjur/jsrsasign/compare/10.5.24...10.5.25) --- updated-dependencies: - dependency-name: jsrsasign dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-13 11:23:15 +02:00
dependabot[bot]	30aa91bb94	chore(deps): bump jpeg-js from 0.4.1 to 0.4.4 in /packages/backend (#8843 ) Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.1 to 0.4.4. - [Release notes](https://github.com/eugeneware/jpeg-js/releases) - [Commits](https://github.com/eugeneware/jpeg-js/compare/v0.4.1...v0.4.4) --- updated-dependencies: - dependency-name: jpeg-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-13 11:23:14 +02:00
dependabot[bot]	893ed309bf	chore(deps): bump undici from 5.4.0 to 5.5.1 in /packages/backend (#8842 ) Bumps [undici](https://github.com/nodejs/undici) from 5.4.0 to 5.5.1. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.4.0...v5.5.1) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-13 11:23:14 +02:00
MeiMei	d4ac71593b	enhance: use ioredis everywhere, fix IPv6 support for redis fixes https://github.com/misskey-dev/misskey/pull/8869 see also https://github.com/misskey-dev/misskey/pull/8869 Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>	2022-07-13 10:40:39 +02:00
MeiMei	a8f7514d0d	enhance: Improve player detection in URL preview (#8849 ) * enhance: Improve player detection in URL preview * CHANGELOG	2022-07-09 05:42:36 -04:00
syuilo	ec6b418a23	update deps	2022-06-10 15:06:42 +09:00
syuilo	abcd5bc951	update summaly	2022-06-04 17:24:41 +09:00
Johann150	9c80403072	use http-signature module that supports hs2019 (#8635 )	2022-05-26 09:12:17 +09:00
syuilo	b3ad04fcb0	update deps	2022-05-25 23:28:56 +09:00
MeiMei	6b44fe165b	Supports Unicode Emoji 14.0 (#8699 ) * Unicode 14.0 Emoji * mfm-js@0.22.0 * CHANGELOG Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>	2022-05-25 16:35:30 +09:00
dependabot[bot]	13b275773b	chore(deps): bump async from 3.2.0 to 3.2.3 in /packages/backend (#8706 ) Bumps [async](https://github.com/caolan/async) from 3.2.0 to 3.2.3. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](https://github.com/caolan/async/compare/v3.2.0...v3.2.3) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-05-19 11:49:59 +09:00
MeiMei	b6794b614b	enhance: Perform port diagnosis at startup only when Listen fails (#8698 ) * Change port check * Comment: disableClustering * CHANGELOG * Smart message	2022-05-19 11:49:07 +09:00
syuilo	6de40cf789	fix(server): prevent crash when processing certain PNGs Fix #8605	2022-05-15 01:16:12 +09:00
syuilo	e161b71651	update deps	2022-05-14 14:57:51 +09:00
dependabot[bot]	1c6d5ddf81	chore(deps): bump ejs from 3.1.6 to 3.1.7 in /packages/backend (#8560 ) Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 3.1.7. - [Release notes](https://github.com/mde/ejs/releases) - [Changelog](https://github.com/mde/ejs/blob/main/CHANGELOG.md) - [Commits](https://github.com/mde/ejs/compare/v3.1.6...v3.1.7) --- updated-dependencies: - dependency-name: ejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-30 00:16:40 +09:00
syuilo	fd13173eaf	bump jsrsasign	2022-04-23 12:48:26 +09:00
Johann150	92d249210d	chore(lint): fix type definitions for jsrsasign (#8528 ) * fix type definitions for jsrsasign The @types/jsrsasign is not available in exactly the same version as the jsrsa package misskey uses, so i used an earlier patch version of the same package. * update yarn.lock	2022-04-23 12:45:36 +09:00
dependabot[bot]	29b9d8998a	chore(deps): bump moment from 2.24.0 to 2.29.3 in /packages/backend (#8531 ) Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.3. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/2.29.3/CHANGELOG.md) - [Commits](https://github.com/moment/moment/compare/2.24.0...2.29.3) --- updated-dependencies: - dependency-name: moment dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-23 12:39:44 +09:00
syuilo	9f3650b0ef	update deps	2022-04-23 12:29:26 +09:00
syuilo	31e5c5f69a	refactor Resolve #8467	2022-04-17 20:58:37 +09:00
syuilo	31b216f667	refactor: fix type	2022-04-17 14:42:13 +09:00
syuilo	fd4ec81bcb	update deps	2022-04-11 22:48:04 +09:00
syuilo	11ccb98c93	update deps	2022-04-01 19:13:40 +09:00
dependabot[bot]	7ccb9226ef	chore(deps): bump follow-redirects in /packages/backend (#8314 ) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-27 16:42:05 +09:00
dependabot[bot]	122d5ea529	Bump nanoid from 3.1.30 to 3.3.1 in /packages/backend (#8426 ) Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.30 to 3.3.1. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](https://github.com/ai/nanoid/compare/3.1.30...3.3.1) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-27 16:41:26 +09:00
syuilo	d113aae217	update deps	2022-03-27 15:34:34 +09:00
dependabot[bot]	7a4c3bab7e	chore(deps): bump minimist from 1.2.5 to 1.2.6 in /packages/backend (#8447 ) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-26 15:35:10 +09:00
syuilo	1c67c26bd8	refactor: migrate to typeorm 3.0 (#8443 ) * wip * wip * wip * Update following.ts * wip * wip * wip * Update resolve-user.ts * maxQueryExecutionTime * wip * wip	2022-03-26 15:34:00 +09:00
syuilo	889a890ac5	update deps	2022-03-25 16:32:10 +09:00
Kainoa Kanter	f68b646878	Fix: warn about outdated NodeJS fixed (#8388 ) * Fix #8387 * update changelog Co-authored-by: Johann150 <johann.galle@protonmail.com> Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>	2022-03-20 01:34:45 +09:00
syuilo	815c8bf4c8	update deps	2022-03-19 19:22:58 +09:00
syuilo	19ff9a3b4d	fix(server): HTMLが正しくレンダリングされない問題を修正 Fix #8392	2022-03-12 15:21:07 +09:00
syuilo	b9027e1b57	update deps	2022-03-09 22:43:41 +09:00
syuilo	45c5f0c60a	update deps	2022-03-07 23:51:34 +09:00
syuilo	a8e8b2e2cf	fix migrations Fix #8363	2022-03-01 00:07:03 +09:00
syuilo	d071d18dd7	refactor: Use ESM (#8358 ) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip	2022-02-27 11:07:39 +09:00
syuilo	0a882471f3	fix: better language settings Fix #8359 Fix #7968	2022-02-26 15:13:44 +09:00
syuilo	9952418b3a	update deps	2022-02-23 21:31:48 +09:00
syuilo	510de87607	refactor: use ajv instead of cafy (#8324 ) * wip * wip * Update abuse-user-reports.ts * Update files.ts * Update list-remote.ts * Update list.ts * Update show-users.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update update.ts * Update search.ts * Update reactions.ts * Update search.ts * wip * wip * wip * wip * Update update.ts * Update relation.ts * Update available.ts * wip * wip * wip * Update packages/backend/src/server/api/define.ts Co-authored-by: Johann150 <johann.galle@protonmail.com> * Update define.ts * Update define.ts * typo * wip * wip * wip * wip * wip * wip * wip * wip * Update update.ts * wip * Update signup.ts * Update call.ts * minimum for limit * type * remove needless annotation * wip * Update signup.ts * wip * wip * fix * Update create.ts Co-authored-by: Johann150 <johann.galle@protonmail.com>	2022-02-19 14:05:32 +09:00
syuilo	59785ea04c	update deps	2022-02-19 00:48:04 +09:00
dependabot[bot]	871f1e90d6	chore(deps): bump glob-parent from 5.1.1 to 5.1.2 in /packages/backend (#8303 ) Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-11 17:57:02 +09:00
dependabot[bot]	6df063fb0b	chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /packages/backend (#8302 ) Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/sindresorhus/normalize-url/releases) - [Commits](https://github.com/sindresorhus/normalize-url/commits) --- updated-dependencies: - dependency-name: normalize-url dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-11 17:56:00 +09:00
dependabot[bot]	b005dc45ec	chore(deps): bump path-parse from 1.0.6 to 1.0.7 in /packages/backend (#8301 ) Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-11 17:23:43 +09:00

1 2

72 commits