Commit graph

788 commits

Author SHA1 Message Date
66d7b69377
server: refactor API handler and returning errors
This refactors the API handler to not use default exports, be async
instead of constructing a promise and modify how errors are returned.
2022-10-26 23:15:31 +02:00
c3c7164dfb
fix merge of #213 2022-10-26 22:53:06 +02:00
a991740e00
server: improve API definition for messaging/messages/create 2022-10-26 22:21:28 +02:00
4dc97d5b65
server: enhance reset-password endpoint
- Add a rate limit analogous to request-reset-password.
  See also a0ef32f4f6.
- Delete an expired reset request if found.
- Return a proper error.
- Use time constants.

Changelog: Changed
2022-10-26 22:12:38 +02:00
384e8c49b7
server: allow to like own gallery posts
Since you are also allowed to react to your own notes, it seems sensible
that you should be allowed to like your own gallery posts.

Analogous to commit 4c5aa9e538.

Changelog: Changed
2022-10-25 17:13:48 +02:00
Atsuko Karagi
c5e1c42d0a backend: require authentification for fetch-rss
Changelog: Changed
2022-10-25 08:56:34 -04:00
Atsuko Karagi
f74395c386 backend: remove unused endpoints
Changelog: Removed
2022-10-25 08:56:31 -04:00
Atsuko Karagi
b2c483faf5 backend: tweak endpoint permissions
Changelog: Changed
2022-10-25 08:36:39 -04:00
Atsuko Karagi
5bf1e5ad71 backend: federation information requires auth
Changelog: Changed
2022-10-25 08:36:37 -04:00
a0ef32f4f6
server: properly delete expired password reset requests
Changelog: Fixed
2022-10-23 23:09:11 +02:00
7ec8729d90
backend: fix lint error in remove-note.ts 2022-10-21 17:52:15 -04:00
43644494d3
translate remaining comments 2022-10-21 13:33:03 -04:00
923c93da12
use await for notes.countBy 2022-10-20 21:22:52 -04:00
aa1e4d0fbc
change null assertion ternaries to use optional chaining 2022-10-20 21:22:52 -04:00
bfba54524d
backend: fix various type lints in services/note
`createdAt` in `insertNote` now will default to the current date.

Also refactor poll insert:
Instead of testing hasPoll, just do a null check on data.poll since it's
a more reliable indicator for whether a poll exists (and also tsc won't
complain about data.poll being possibly null).
2022-10-20 21:22:24 -04:00
d83c1c3851
backend: use named exports for services/note 2022-10-20 21:16:34 -04:00
3da7221eec
backend: mark elasticsearch as optional 2022-10-20 21:15:48 -04:00
9544cd69d2
fix typo 2022-10-20 21:26:12 +02:00
b359b01700
improve docs 2022-10-20 21:22:34 +02:00
cfb8723618
fix API definitions 2022-10-20 20:40:48 +02:00
ee70ad52fc
server: error when trying to unclip note that is not clipped
When a note is not added to a clip and an API call tries to remove the note
from that clip, the API will now raise an error.

Changelog: Changed
2022-10-19 21:54:37 +02:00
4c5aa9e538
server: allow to like own pages
Since you are also allowed to react to your own notes, it seems sensible
that you should be allowed to like your own pages.

Changelog: Changed
2022-10-19 21:52:43 +02:00
4b6c3b2f37
properly await promise 2022-10-19 15:26:37 +02:00
fbf7ea07c9
server refactor: centrally load locale
To reduce code duplication, the locales are loaded in @/misc/i18n.ts
directly instead of importing it in each file using it separately.
2022-10-19 12:30:23 +02:00
507dede6da
default to english instead of japanese 2022-10-19 09:25:38 +02:00
7257338077 backend: make max note length configurable (#210)
Changelog: Added
Closes: FoundKeyGang/FoundKey#208
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
Reviewed-on: FoundKeyGang/FoundKey#210
2022-10-18 17:33:00 +00:00
3aa1d3bf97
backend: update DB_MAX_IMAGE_COMMENT_LENGTH
This was increased to 2048 characters in
186d693385.
2022-10-17 17:49:48 -04:00
04d4dd323f
backend: use time constant in services/chart/index.ts 2022-10-16 18:22:18 -04:00
e814fdc7d1
backend: fix lints in services/drive 2022-10-16 18:20:20 -04:00
f2f547172e
backend: improve documentation of pin/update functions 2022-10-16 18:06:22 -04:00
f17485d8a2
backend: add type annotations to delete.ts 2022-10-16 17:14:30 -04:00
70eec26b74
bump versions in all package.json files 2022-10-16 11:46:12 -04:00
811d5cd0d7 Merge pull request 'deliver Delete activities to all known instances' (#198) from deliver-delete-everyone into main
Reviewed-on: FoundKeyGang/FoundKey#198
2022-10-16 13:46:23 +00:00
d762143b89 backend: fixup missing deadTime and incorrect import 2022-10-16 09:32:01 -04:00
21c1e5c06c backend: simplify suspended and dead queries
This should also have better latency due to being a single query.
Furthermore, it's no longer a linear scan, since host is indexed.
Would be cool to simplify it further to a single query for blocks also...
Why exactly are blocks not in the db?
2022-10-16 09:22:05 -04:00
91a4f38871 backend: add automatic dead instance detection
It works by having a day-long cache of
"when did we last successfully communicate with this instance?"
Anything over a specified threshold (1 month) will act as though the instance
is suspended - all outgoing jobs are dropped on processing.
The day-long cache is in place because the ordering is necessarily a
linear scan.
Once an instance comes back online, we will detect that is the case as soon as
we receive an activity from them (which will update the "last communicated at")
field.

Potential future TODOs:
* Improve the caching system, it's actually pretty inefficient as it is.
  CacheBox with a call override?
* Think of ways to make it not-a-linear-scan, since the instances table can get
  pretty big. It's around 4500 on toast cafe.

ChangeLog: Added
2022-10-16 12:16:04 +00:00
756ecbb1f7
fix type error 2022-10-16 04:20:11 +02:00
cb0b14ba2d
backend: allow to export only specific emoji 2022-10-12 01:49:53 +02:00
7cd11e7afd
fix function name 2022-10-11 21:26:20 +02:00
0b8fa2665c
use DISTINCT instead of GROUP BY
This should have better performance for large recordsets.

Ref: FoundKeyGang/FoundKey#198 (comment)
2022-10-11 20:15:59 +02:00
421b42d07d
backend: send delete activity to all known instances
closes FoundKeyGang/FoundKey#190

Changelog: Added
2022-10-11 19:32:26 +02:00
9a503273fb Merge pull request 'refactor meta API endpoint' (#196) from refactor/api/meta into main 2022-10-11 17:20:51 +00:00
20a6140e9a Merge pull request 'backend: Cleanup prelude directory' (#199) from backend-cleanup-prelude into main
Reviewed-on: FoundKeyGang/FoundKey#199
2022-10-11 14:47:40 +00:00
6d58d5ed3b fixup: muted-renotes review round 1 2022-10-11 10:42:39 +00:00
897658c188 import publishUserEvent in mute renote APIs 2022-10-11 10:42:39 +00:00
590a8b98d9 fixup renoteMuting stream filter being overzealous 2022-10-11 10:42:39 +00:00
dd5100d124 add streaming events for renotemuting and blocking 2022-10-11 10:42:39 +00:00
3d9df839a5 add down-migration for renote mutes 2022-10-11 10:42:39 +00:00
c414f24a2c feat: per-user renote muting
Changelog: Added
2022-10-11 10:42:39 +00:00
60600729df
backend: Fix import of sanitize-html
I'm not sure how it managed to work so far, but the function is the default
export, using the namespace like a function should not have worked,
maybe something under the hood was correcting it back
2022-10-11 10:41:50 +02:00
683b0cfa82
backend: remove unused prelude modules
Much of these modules are no longer used in the backend. They seem to be
from before the code was organized in packages.
2022-10-11 01:53:34 -04:00
c65559872b
backend: add missing return type annotation in array.ts 2022-10-11 01:51:17 -04:00
13a3581817
Merge branch 'refactor/use-null-coalesce-etc'
Reviewed-on: FoundKeyGang/FoundKey#195
2022-10-10 18:44:19 -04:00
808c43377e
refactor: use nullish coalescing & optional chaining
Changes several places to use the afforementioned constructs in favour of
ternary expressions.
2022-10-11 00:39:27 +02:00
8920eeb86a
ActivityPub: allow all known shared inboxes to be addressed
This is oriented on this paragraph from the AP spec:

> Additionally, if an object is addressed to the Public special collection,
> a server MAY deliver that object to all known sharedInbox endpoints
> on the network.
2022-10-11 00:27:43 +02:00
91c043689b Merge pull request 'backend: Fix imports from weird paths' (#192) from Michcio/FoundKey-0x7f:extensionless-imports into main
Reviewed-on: FoundKeyGang/FoundKey#192
2022-10-10 18:58:54 +00:00
30faeb73d2 backend: Fix type errors in genId
I checked on NodeJS locally and `Math.min` was coercing the Dates to numbers,
I'm just making it more obvious (to the typechecker as well)
2022-10-10 20:50:04 +02:00
dc510c6834 Fix imports from weird paths
These imports were breaking in TS error checking and VS Code, because
imports need to have an extension to be valid, apparently
2022-10-10 20:45:45 +02:00
a91bbed34e
Make it impossible to start initializing Vue before DOM exists 2022-10-10 14:22:48 -04:00
9022ab9f2a
backend: ignore detail parameter on meta endpoint
Also allow meta endpoint to be fetched via GET.

Changelog: Removed
2022-10-10 17:36:13 +02:00
c20352b22e
backend: update THRESHOLD constants to use time constants 2022-10-05 00:54:16 -04:00
9084864b34
backend: translate comments in const.ts 2022-10-05 00:52:52 -04:00
a6d1284423 backend: change Misskey -> FoundKey and use absolute import in index.ts 2022-10-03 20:04:06 +00:00
8ccc22bb35 Merge pull request 'refactor expiring data and expire signins after 60 days' (#180) from expire-data into main
Reviewed-on: FoundKeyGang/FoundKey#180
2022-10-03 18:27:13 +00:00
ffcb840e06
Fix type in thread muting 2022-10-03 13:24:27 -04:00
a7f9e244f3
merge: allow redis family to be specified as a string
Reviewed-on: FoundKeyGang/FoundKey#165
2022-10-02 18:46:34 +02:00
5b7a06675f
refactor expiring data and expire signins after 60 days
closes FoundKeyGang/FoundKey#176

Changelog: Added
2022-10-02 00:18:07 +02:00
36a0e48e49
bacakend: prefer absolute over relative imports
There are still many places where import paths with `..` are used and
maybe should use absolute paths also.
2022-10-01 14:40:30 +02:00
8ca544c45d
remove outgoingAddressFamily 2022-09-30 11:05:50 -04:00
29164740b9
fix warning message 2022-09-30 11:05:50 -04:00
508748ac0d
backend: refactor Redis option loading 2022-09-30 11:05:49 -04:00
5a52532c99
allow redis family to be specified as a string
This makes it consistent with `outgoingAddressFamily`, reducing
potential confusion.

For compatibility reasons, numbers are still permitted for `redis.family`
with the following mapping:
- `dual` = `0`
- `ipv4` = `4`
- `ipv6` = `6`

Changelog: Changed
2022-09-30 11:05:49 -04:00
465b72ab53 Merge pull request 'increase image description limit to 2048 characters' (#174) from bigger-image-description into main
Reviewed-on: FoundKeyGang/FoundKey#174
2022-09-29 07:28:00 +00:00
186d693385
increase image description limit to 2048 characters
Changelog: Changed
2022-09-24 14:32:07 -04:00
f35b856dfa
backend: fix quotes lint in thread-muting/create.ts 2022-09-23 23:02:39 -04:00
2bb8642a2c backend: Fix thread muting queries
findOne != findOneBy
2022-09-25 15:08:12 +02:00
9470e12424 Merge pull request 'Revert "Use native shell commands for clean/clean-all"' (#170) from revert-native-clean into main
Reviewed-on: FoundKeyGang/FoundKey#170
2022-09-23 22:15:29 +00:00
dba63e4000 Merge pull request 'mute notifications in muted threads' (#119) from mute-notifications into main
Reviewed-on: FoundKeyGang/FoundKey#119
Changelog: Changed
Fixes: #12
2022-09-22 19:52:32 +00:00
d9a64d0a22 Revert "Use native shell commands for clean/clean-all"
This reverts commit 5fb294e7d7.

This will allow the clean/clean-all command to work on Windows once again.
2022-09-22 13:48:06 -04:00
1b92f580cb
backend: fix imports in queue/types.ts 2022-09-21 13:18:17 -04:00
0022a7befb
backend: proper error messages for creating accounts
Admins will now get proper error messages when they try to create a
new user account and an error occurs.

Changelog: Fixed
2022-09-21 17:58:42 +02:00
cc5a197785
do not create muted notification types in respective threads 2022-09-21 17:54:36 +02:00
87411a6ed8
enhance: more descriptive info message 2022-09-21 17:54:36 +02:00
7ea052aa25
backend: set moduleResolution to Node16 in tsconfig
This lets us catch any import errors in the backend as it now lines up
with Node's ESM module resolution.
2022-09-21 11:33:57 -04:00
321bd24b98
api: handle muting notification types 2022-09-21 15:52:34 +02:00
58aa7d36aa
refactor: use noteNotificationTypes 2022-09-21 15:52:34 +02:00
35fd970c4a
add column: muted types in thread 2022-09-21 15:52:14 +02:00
26449d4944
backend: fix ApiError lints 2022-09-21 13:34:36 +02:00
78fd2ee38b
Merge branch 'backend-translate-source-lang'
Reviewed-on: FoundKeyGang/FoundKey#160
2022-09-20 23:55:21 -04:00
8446fa4fca
backend: fixup foundkey ascii logo formatting in base template 2022-09-19 22:53:39 -04:00
d5d8affc33 backend: allow for source lang to be overridden in note/translate
This adds a new optional `sourceLang` parameter to the `notes/translate`
endpoint. If not set, the old behaviour is used, else this sets the
`source_lang` parameter to the DeepL API call which makes it use the
source language specified instead of using autodetection.

Changelog: Changed
Ref: FoundKeyGang/FoundKey#33
2022-09-19 14:57:20 +00:00
7b7d4f5467
Allow files storage path to be set explicitly
Also added to the example config file - Johann150

Co-authored-by: Johann150 <johann.galle@protonmail.com>
Changelog: Added
2022-09-19 11:54:24 +02:00
f0b91a62c9
fix HTTP GET parameters in OpenAPI docs
HTTP GET parameters are not to be specified in the requestBody but in
the parameters. This commit fixes that although admittedly it is kind
of a bodge and not perfect, but it is a start.

Changelog: Fixed
2022-09-19 10:54:23 +02:00
4d01ece286
refactor: fix remaining lints in backend daemons 2022-09-14 10:40:04 -04:00
3cbdac7621 Merge pull request 'chore: Change Misskey references to Foundkey' (#142)
Reviewed-on: FoundKeyGang/FoundKey#142
Changelog: Changed
2022-09-13 21:20:12 +00:00
e507b1b888 backend: localize strings for service integrations
Currently only the 'connected' and 'disconnected' strings are translated.
2022-09-13 17:18:18 -04:00
57f4312a27
chore: Change Misskey references to Foundkey
Also remove the contributors list from about-foundkey (renamed from
about-misskey).

Some comments that referenced Misskey were also translated to English.

Closes: FoundKeyGang/FoundKey#141
2022-09-13 13:19:36 -04:00
2c24f8a9ef backend: make toHtml tests async
PRs #84, #134, and #136 changed toHtml to be async, but the test was not
updated to reflect that.
2022-09-13 15:20:25 +00:00
677c1df597
rename foundkey-js imports to foundkey 2022-09-13 17:17:46 +02:00
7ceb96b148
limit id length of all incoming activities 2022-09-12 18:30:53 +02:00
1120b6959d
backend: increase requestId max size for GNU Social
GNU Social's follow request IDs are larger than the 128 character limit
of the follow_request.requestId column. This prevents follow requests
from GNU Social instances from being handled by Foundkey instances.

The solution is to make the requestId column larger.

Fixes FoundKeyGang/FoundKey#146
2022-09-12 11:38:55 -04:00
515957ee74
render HTML mentions correctly
Reviewed-on: FoundKeyGang/FoundKey#145
Changelog: Fixed
2022-09-11 21:39:49 +02:00
a2fad7ce61
backend: fix mentionedUsers and userInfo queries
Turns out `getMany` doesn't work with the specific query used, so use
`getRawMany` instead.

Also fixup the predicate used in userInfo to use the correct field
names.
2022-09-11 15:28:35 -04:00
syuilo
4b3cf7834b
server: ensure only own notifications can be marked as read
Exploiting this before should already have been rather difficult because you
would need to know or guess the notification's ID. It is also of relatively
low security impact.

Changelog: Fixed
2022-09-11 20:52:38 +02:00
c926b4fbcc Merge pull request 'backend: Fix appendChildren TypeError' (#136) from fix/backend-to-html-typeerror into main
Reviewed-on: FoundKeyGang/FoundKey#136
Changelog: Fixed
2022-09-11 18:31:22 +00:00
9bcc247421
backend: Fix appendChildren TypeError
In #134, the mention `MfmNode` handler was made async to allow the
mentionedUsers query to be used there. This however changed the return
type of that handler to be a `Promise`, causing a `TypeError` in
`appendChildren`.

This fixes the `TypeError` by making every handler and the `appendChildren`
function also async and awaiting on the processed children.

This also attempts to fix the types issue with handlers by casting to
the newly defined `HandlerFunc` type instead of to `any`.
2022-09-11 14:29:37 -04:00
8d5966c0bc
backend: add return types to load.ts functions 2022-09-10 13:52:23 -04:00
70c12158f7 Merge pull request 'backend: add types and use named exports for daemons' (#127) from fix/backend-daemons-types into main
Reviewed-on: FoundKeyGang/FoundKey#127
2022-09-10 14:23:30 +00:00
9a34e0b2b1
build: update typescript and related packages 2022-09-08 23:00:36 -04:00
f50b31b847 Merge pull request 'backend: move mentionedUsers query to mention handler' (#134) from fix/backend-toHtml-mentionedUsers into main
Reviewed-on: FoundKeyGang/FoundKey#134
2022-09-08 22:07:45 +00:00
199622b415
add check if ids.length > 0 before executing query 2022-09-08 17:47:23 -04:00
714ce60980 Merge pull request 'backend: fix types in boot/{master, worker}.ts' (#128) from fix/backend-boot-types into main
Reviewed-on: FoundKeyGang/FoundKey#128
2022-09-08 21:29:01 +00:00
29c7e7e859
backend: fix types in boot/{master, worker}.ts 2022-09-08 17:28:15 -04:00
42132963cf
refactor(backend): remove types.ts in favour of foundkey-js 2022-09-08 23:27:25 +02:00
aa62c1d7a7
refactor(backend): use foundkey-js constants 2022-09-08 22:27:27 +02:00
19e29c3465
backend: move mentionedUsers query to mention handler
The mentionedUsers query was being run on every post, regardless of
whether a mention was in it or not.

This resulted in an SQL query ending in `WHERE userId IN ()` which is
not allowed in PostgreSQL.

Reference: FoundKeyGang/FoundKey#132
Changelog: Fixed
2022-09-08 16:17:35 -04:00
c33655bc4f backend: fix table name used in toHtml 2022-09-08 17:14:23 +00:00
55d20a72b7
backend: add types and use named exports for daemons 2022-09-08 01:33:47 -04:00
4ad53f232a
backend: move @types/pg to devDependencies 2022-09-07 14:20:22 -04:00
0e49c726ec
backend: add @types/pg for pg type definitions 2022-09-07 14:19:03 -04:00
f21e1afaa4
backend: fix query for mentionedUsers 2022-09-07 13:34:38 -04:00
7a981de883
refactor: remove note.mentionedRemoteUsers column
The column mentionedRemoteUsers on the note table in the database is
firstly in the wrong type since it contains JSON data but is typed as
text. Secondly it seems redundant, since that data can be acquired by
using the note.mentions column to fetch the respective data instead.

Co-authored-by: Francis Dinh <normandy@biribiri.dev>
2022-09-07 14:43:04 +02:00
3bdbbcadd9
adjust MFM to HTML conversion
Removed the misc/get-note-html module which was only used in one place.
Instead of it, the general MFM to HTML functionality has been improved to
take care of the use cases of that module as well.

Co-authored-by: Francis Dinh <normandy@biribiri.dev>
2022-09-07 14:42:39 +02:00
7b4ebd2715 backend: remove room data from user
Rooms were remove a while back in upstream Misskey. This removes the
associated data left over in the database.

Changelog: Removed
2022-09-07 08:30:28 +00:00
abef030a24 build: Move resolutions sections to workspace package.json
Yarn throws a warning on every `yarn install` that the resolutions
from respective packages' manifests are ignored.
2022-09-06 23:18:15 +02:00
5939c90b84
update eslint plugins 2022-09-06 11:19:34 -04:00
5fb294e7d7
Use native shell commands for clean/clean-all 2022-09-05 04:43:40 -04:00
40683b0e10
update tsc-alias 2022-09-05 04:28:08 -04:00
892ea5e2bf
upgrade eslint and typescript-related dependencies
Changelog: Changed
2022-09-05 03:15:16 -04:00
13ce1f0d4e backend: Fix async types in boot 2022-09-04 11:24:04 +02:00
e1ebd1f75f
revert tsconfig declaration to false 2022-09-03 17:50:33 -04:00
c04b34ba67
Enable incremental builds 2022-09-03 15:37:54 -04:00
2ed46aaebb
fix: check visibility when serving Like activity 2022-09-02 14:34:32 +02:00
375323bc25
update parameter type and docs 2022-09-02 14:28:55 +02:00
0c5869805a
fix type typo 2022-09-02 09:36:31 +02:00
2669fc4380
pin dependencies 2022-08-29 20:36:01 -04:00
97b9a00105
security: update dependencies
- file-type: 17.1.2 -> 18.0.0
- got: 12.1.0 -> 12.3.1
- sharp: 0.29.3 -> 0.30.7
2022-08-29 20:33:40 -04:00
41414b4576
chore: remove s-age dependency
This isn't being used anymore since
4e41fa8767.
In any case, age calculation really doesn't need to involve a 3rd party
library.

Ref: FoundKeyGang/FoundKey#90
2022-08-28 11:35:18 -04:00
dd9dc497fb
fix some deps 2022-08-26 18:04:53 -04:00
bc0f0bf08f
add foundkey-js to each workspace package.json 2022-08-26 16:38:41 -04:00
247a01dfe6
remove subproject yarn.locks 2022-08-26 16:05:11 -04:00
6bb3f39c36
migrate to Yarn 3.2.3 2022-08-26 15:24:29 -04:00
6bccbc0d6d
switch to yarn for scripts and move start to backend 2022-08-26 12:48:55 -04:00
237c29a4b8
backend: move to foundkey-js 2022-08-26 01:34:22 -04:00
33146ffa5e
Fix paths for twemoji and font-awesome 2022-08-26 00:31:17 -04:00
b230dc98a9
fix import path for TreeAdapter 2022-08-26 00:15:21 -04:00
c1242cfde2
Fix build errors 2022-08-25 23:36:08 -04:00
523d366ca3
refactor: remove unnecessary array map 2022-08-25 00:10:54 +02:00
4f2a9f8911
refactor: adjust HTML mention microformat
Adjust the federated HTML microformat to the one that is documented
at <https://docs.joinmastodon.org/spec/microformats/>, namely adding
the missing surrounding tag with the class `h-card`.
2022-08-25 00:06:11 +02:00
f119914b98
refactor: use optional chaining and nullish coalescing 2022-08-25 00:06:11 +02:00
8e5a350f1b Simplify fetching object in resolver.ts
this.user will always be true, so we aren't doing unsigned fetches.
2022-08-21 13:13:34 -04:00
77bfc2450d Remove signToActivityPubGet option
Makes it so that all requests are signed, equivalent to
signToActivityPubGet always being true.
2022-08-21 12:38:43 -04:00
0965d3cbd9
merge: simplify pages
FoundKeyGang/FoundKey#49
2022-08-19 09:16:49 +02:00
27c56a4dcc Merge pull request 'security: update multer to 1.4.5-lts.1' (#69) from fix/multer-security into main
Reviewed-on: FoundKeyGang/FoundKey#69
2022-08-18 17:39:33 +00:00
5d41384708
fix: await promises in migration 2022-08-18 18:26:17 +02:00
7ae5d6b1b8
backend: fix packing pages 2022-08-18 17:34:20 +02:00
c0b0720ede
add best effort migration for pages 2022-08-18 17:34:20 +02:00
90d35b951f
adjust types & api for pages 2022-08-18 17:32:01 +02:00
b137a39160
merge: remove promo notes
FoundKeyGang/FoundKey#62
2022-08-18 14:26:48 +02:00
f30e02dc73 security: update multer to 1.4.5-lts.1
This version of multer contains a fix for
CVE-2022-24434 which affects a transitive dependency.

> This affects all versions of package dicer. A malicious attacker can
> send a modified form to server, and crash the nodejs service. An
> attacker could sent the payload again and again so that the service
> continuously crashes.

Ref: https://nvd.nist.gov/vuln/detail/CVE-2022-24434
2022-08-18 01:37:39 -04:00
f0bdd9666f
remove empty import statements 2022-08-14 12:26:18 +02:00
c8afce6b2c
fix blocking of remote accounts
The property name was misspelled.
2022-08-14 11:33:08 +02:00
e028a852f6
remove more code referencing promo notes 2022-08-12 19:39:48 +02:00
c7bf29fd49 Remove promo entities and endpoints 2022-08-11 23:13:09 +02:00
6ce4b3fe2f
fix some lints
Many of these were fixed automatically with eslint --fix.

Some of them (e.g. adding return types to functions) were done manually.
2022-08-11 00:09:29 +02:00
961fb0d2df
fix: use correct variable
Fixes an error introduced in commit 7a80015225.
2022-08-10 23:59:35 +02:00
7a80015225
fix lint "no-param-reassign" 2022-08-10 16:36:54 +02:00
09a7eabda1
backend: fix lint "no-throw-literal" 2022-08-04 11:00:02 +02:00
e2bf2715a6
fix spelling error 2022-08-04 10:20:48 +02:00
a3a3cb7258
remove --quiet flag from eslint
This flag means to hide warnings which is not generally desirable.
Even if warnings do not affect the end result of running CI it would
still be nice to be able to see the warnings when running the lints
normally or in CI.
2022-08-04 00:20:59 +02:00
c8f49bae76
fix lint "object-shorthand" 2022-08-03 14:58:24 +02:00
37e47a257e
fix lints "import/order" and "import/no-duplicate"
Also simplified some import paths by replacing relative with absolute paths.
2022-08-03 14:05:50 +02:00
bc1c66e16e
remove admin/drive/cleanup API
This API endpoint is not working correctly and can cause unintended data loss:
It may remove emojis that have been imported from other instances.

See also https://github.com/misskey-dev/misskey/issues/8222
2022-08-03 11:00:48 +02:00
2fa90e7f43
fix lints in backend boot 2022-08-03 00:18:31 +02:00
a6df127d3b
fix lint "quotes" 2022-08-02 23:25:36 +02:00
fbcea23ef6
fix ReferenceError in renote.ts 2022-08-02 21:23:16 +02:00
ec4fe55acf
refactor: reusable function for pure renote detection
There was some code to detect if a note is a quote renote. However this
code was unused and it seems the kind of reversed detection of checking
if something is a pure renote is more useful.
2022-08-01 00:05:10 +02:00
b7c0e26da9
fix: lint error in create.ts 2022-07-28 13:19:47 -04:00
40d9aa6219
API: visiblity cannot be less restrictive
Removed a now unnecessary provision from services/note/create as well.
2022-07-28 15:23:08 +02:00
bf16b3699e
fix: packing app includes description 2022-07-28 11:59:10 +02:00
233c39dbad
fix lints 2022-07-27 08:16:52 +02:00
Chloe Kudryavtsev
0f6d94f1e7 backend: improve mutes and blocks
Mutes and blocks now also apply recursively to replies and renotes.
Furthermore, any mentioned user being muted or blocked will also apply.
2022-07-26 08:12:49 -04:00
63c8992cb8
Add semicolon to children.ts 2022-07-25 22:07:23 -04:00
4bc9610d8b
remove unnecessary joins
These joins are no longer necessary as of commit
c35372a20d. It seems they are bad enough
for performance to break installs.
2022-07-25 21:46:45 +02:00
9ee609d700
Merge: enhance privacy of notes
FoundKeyGang/FoundKey#14
2022-07-25 18:15:21 +02:00
c35372a20d
pack children without detail 2022-07-25 16:41:47 +02:00
aca724e0bf
enable to fetch replies recursively 2022-07-25 16:41:46 +02:00
aba5b27159
remove legacy permission parsing 2022-07-24 11:45:37 +02:00
3fe351df6d
fix: catch errors from packing with detail
Packing with detail can cause an error if the reply or renote
are not visible to the user, even though the original note is
visible to the user.
2022-07-23 22:28:41 +02:00
b630cd7eac
refactor: add NoteReactions.packMany 2022-07-23 22:28:40 +02:00
6775028b1e
adjust tests 2022-07-23 22:28:40 +02:00
128d0f0d4e
remove isHidden and its uses
The `isHidden` attribute is not being set any more and is thus removed.
Handling in the client is no longer necessary.
2022-07-23 22:28:39 +02:00
cfa371b52b
refactor: remove note re-packing in streaming API
Instead of packing the note for public user before passing it to
streams, the note is now either packed for the user the respective
stream belongs to (`mainStream`) or not packed at all and then packed
later (`notesStream`).

Because this is a new common task between different channels, a shared
implementation of packing a note from notesStream is created. This
implementation will simply skip a note if it is not visible to the user
that the channel belongs to.
2022-07-23 22:27:29 +02:00
c6192ac95a
fix: handle exception in note favorites 2022-07-23 22:27:29 +02:00
2486eff747
packing notes not visible to user raises an error
Instead of just hiding specific fields, the entire note is hidden. This means
that metadata of the note such as who is the author, when was it sent are
completely hidden.
2022-07-23 22:27:29 +02:00
3c6d9cc8ab
use getNote instead of Notes.find
If a note is not visible to the requesting user, an error will be raised.
2022-07-23 22:27:28 +02:00
97edaca351
getNote checks visibility
Raise an error When a note is not visible to the requesting user.
2022-07-23 22:27:14 +02:00
f3e196528f
Merge bearer-authentication
foundKeyGang/foundKey#15
2022-07-20 15:10:47 +02:00
6060e7d220
enhance: better rendering of reports
Passing the report object reduces the number of parameters to be passed.
2022-07-19 17:18:19 +02:00
fc51ac17b1
fix: remove unnecessary null check
Because `findOneByOrFail` is used above, the null check is unnecessary.
2022-07-19 17:18:19 +02:00