8e5a350f1b
Simplify fetching object in resolver.ts
...
this.user will always be true, so we aren't doing unsigned fetches.
2022-08-21 13:13:34 -04:00
77bfc2450d
Remove signToActivityPubGet option
...
Makes it so that all requests are signed, equivalent to
signToActivityPubGet always being true.
2022-08-21 12:38:43 -04:00
0965d3cbd9
merge: simplify pages
...
FoundKeyGang/FoundKey#49
2022-08-19 09:16:49 +02:00
27c56a4dcc
Merge pull request 'security: update multer to 1.4.5-lts.1' ( #69 ) from fix/multer-security into main
...
Reviewed-on: FoundKeyGang/FoundKey#69
2022-08-18 17:39:33 +00:00
5d41384708
fix: await promises in migration
2022-08-18 18:26:17 +02:00
7ae5d6b1b8
backend: fix packing pages
2022-08-18 17:34:20 +02:00
c0b0720ede
add best effort migration for pages
2022-08-18 17:34:20 +02:00
90d35b951f
adjust types & api for pages
2022-08-18 17:32:01 +02:00
b137a39160
merge: remove promo notes
...
FoundKeyGang/FoundKey#62
2022-08-18 14:26:48 +02:00
f30e02dc73
security: update multer to 1.4.5-lts.1
...
This version of multer contains a fix for
CVE-2022-24434 which affects a transitive dependency.
> This affects all versions of package dicer. A malicious attacker can
> send a modified form to server, and crash the nodejs service. An
> attacker could sent the payload again and again so that the service
> continuously crashes.
Ref: https://nvd.nist.gov/vuln/detail/CVE-2022-24434
2022-08-18 01:37:39 -04:00
f0bdd9666f
remove empty import statements
2022-08-14 12:26:18 +02:00
c8afce6b2c
fix blocking of remote accounts
...
The property name was misspelled.
2022-08-14 11:33:08 +02:00
e028a852f6
remove more code referencing promo notes
2022-08-12 19:39:48 +02:00
c7bf29fd49
Remove promo entities and endpoints
2022-08-11 23:13:09 +02:00
6ce4b3fe2f
fix some lints
...
Many of these were fixed automatically with eslint --fix.
Some of them (e.g. adding return types to functions) were done manually.
2022-08-11 00:09:29 +02:00
961fb0d2df
fix: use correct variable
...
Fixes an error introduced in commit 7a80015225
.
2022-08-10 23:59:35 +02:00
7a80015225
fix lint "no-param-reassign"
2022-08-10 16:36:54 +02:00
09a7eabda1
backend: fix lint "no-throw-literal"
2022-08-04 11:00:02 +02:00
e2bf2715a6
fix spelling error
2022-08-04 10:20:48 +02:00
a3a3cb7258
remove --quiet flag from eslint
...
This flag means to hide warnings which is not generally desirable.
Even if warnings do not affect the end result of running CI it would
still be nice to be able to see the warnings when running the lints
normally or in CI.
2022-08-04 00:20:59 +02:00
c8f49bae76
fix lint "object-shorthand"
2022-08-03 14:58:24 +02:00
37e47a257e
fix lints "import/order" and "import/no-duplicate"
...
Also simplified some import paths by replacing relative with absolute paths.
2022-08-03 14:05:50 +02:00
bc1c66e16e
remove admin/drive/cleanup API
...
This API endpoint is not working correctly and can cause unintended data loss:
It may remove emojis that have been imported from other instances.
See also https://github.com/misskey-dev/misskey/issues/8222
2022-08-03 11:00:48 +02:00
2fa90e7f43
fix lints in backend boot
2022-08-03 00:18:31 +02:00
a6df127d3b
fix lint "quotes"
2022-08-02 23:25:36 +02:00
fbcea23ef6
fix ReferenceError in renote.ts
2022-08-02 21:23:16 +02:00
ec4fe55acf
refactor: reusable function for pure renote detection
...
There was some code to detect if a note is a quote renote. However this
code was unused and it seems the kind of reversed detection of checking
if something is a pure renote is more useful.
2022-08-01 00:05:10 +02:00
b7c0e26da9
fix: lint error in create.ts
2022-07-28 13:19:47 -04:00
40d9aa6219
API: visiblity cannot be less restrictive
...
Removed a now unnecessary provision from services/note/create as well.
2022-07-28 15:23:08 +02:00
bf16b3699e
fix: packing app includes description
2022-07-28 11:59:10 +02:00
233c39dbad
fix lints
2022-07-27 08:16:52 +02:00
Chloe Kudryavtsev
0f6d94f1e7
backend: improve mutes and blocks
...
Mutes and blocks now also apply recursively to replies and renotes.
Furthermore, any mentioned user being muted or blocked will also apply.
2022-07-26 08:12:49 -04:00
63c8992cb8
Add semicolon to children.ts
2022-07-25 22:07:23 -04:00
4bc9610d8b
remove unnecessary joins
...
These joins are no longer necessary as of commit
c35372a20d
. It seems they are bad enough
for performance to break installs.
2022-07-25 21:46:45 +02:00
9ee609d700
Merge: enhance privacy of notes
...
FoundKeyGang/FoundKey#14
2022-07-25 18:15:21 +02:00
c35372a20d
pack children without detail
2022-07-25 16:41:47 +02:00
aca724e0bf
enable to fetch replies recursively
2022-07-25 16:41:46 +02:00
aba5b27159
remove legacy permission parsing
2022-07-24 11:45:37 +02:00
3fe351df6d
fix: catch errors from packing with detail
...
Packing with detail can cause an error if the reply or renote
are not visible to the user, even though the original note is
visible to the user.
2022-07-23 22:28:41 +02:00
b630cd7eac
refactor: add NoteReactions.packMany
2022-07-23 22:28:40 +02:00
6775028b1e
adjust tests
2022-07-23 22:28:40 +02:00
128d0f0d4e
remove isHidden and its uses
...
The `isHidden` attribute is not being set any more and is thus removed.
Handling in the client is no longer necessary.
2022-07-23 22:28:39 +02:00
cfa371b52b
refactor: remove note re-packing in streaming API
...
Instead of packing the note for public user before passing it to
streams, the note is now either packed for the user the respective
stream belongs to (`mainStream`) or not packed at all and then packed
later (`notesStream`).
Because this is a new common task between different channels, a shared
implementation of packing a note from notesStream is created. This
implementation will simply skip a note if it is not visible to the user
that the channel belongs to.
2022-07-23 22:27:29 +02:00
c6192ac95a
fix: handle exception in note favorites
2022-07-23 22:27:29 +02:00
2486eff747
packing notes not visible to user raises an error
...
Instead of just hiding specific fields, the entire note is hidden. This means
that metadata of the note such as who is the author, when was it sent are
completely hidden.
2022-07-23 22:27:29 +02:00
3c6d9cc8ab
use getNote instead of Notes.find
...
If a note is not visible to the requesting user, an error will be raised.
2022-07-23 22:27:28 +02:00
97edaca351
getNote checks visibility
...
Raise an error When a note is not visible to the requesting user.
2022-07-23 22:27:14 +02:00
f3e196528f
Merge bearer-authentication
...
foundKeyGang/foundKey#15
2022-07-20 15:10:47 +02:00
6060e7d220
enhance: better rendering of reports
...
Passing the report object reduces the number of parameters to be passed.
2022-07-19 17:18:19 +02:00
fc51ac17b1
fix: remove unnecessary null check
...
Because `findOneByOrFail` is used above, the null check is unnecessary.
2022-07-19 17:18:19 +02:00
d92d389cda
extract note URLs from Activity
2022-07-19 17:18:18 +02:00
9ca504784a
keep URL of reported object separate
...
Instead of putting the URL in the report text, it is stored separately
so that users do not accidentally change or remove it.
This way it can easily be used when forwarding reports to different
instances to tell them what exactly was reported.
2022-07-19 17:18:18 +02:00
1ec756519e
fix: move forwarded attribute to output
2022-07-19 17:18:15 +02:00
ff75382af3
handle authentication errors in stream API
2022-07-18 23:32:03 +02:00
660f6dba30
update openapi spec generator
2022-07-18 23:11:48 +02:00
edac21e8f7
improve authentication errors
2022-07-18 23:11:48 +02:00
91bdab1a9d
add OAuth 2.0 Bearer Token authentication
2022-07-18 23:11:39 +02:00
a0940c49a2
refactor: remove repositoryUrl & feedbackUrl from meta
...
These two URLs are static so there is no reason to keep them in the
database. They are also not even used anywhere by the API, so they can
also be removed from there.
Where they are used is in the nodeinfo, where they are now hardcoded.
While editing the nodeinfo, also uncommented nodeinfo version 2.1.
2022-07-18 14:39:27 +02:00
Chloe Kudryavtsev
390a5efb59
update package name, packages
...
We are FoundKey now.
Use semver pinning for "serious" packages.
Update eslint, typescript, vite and surroundings.
Bump yarn.lock.
2022-07-18 06:41:58 -04:00
Chloe Kudryavtsev
db2bf0ac16
chore(lint): fix lint commands
...
setups like src/**/*.{ext1,ext2}
are not guaranteed to affect top level files
such as src/a.ext1
this should also be slightly more performant
2022-07-18 06:17:51 -04:00
98198dd5fe
fix: use correct variable names
2022-07-17 23:44:13 +02:00
0fec6e1047
remove ms dependency
2022-07-16 16:54:11 +00:00
syuilo
ddab9eafee
perf: allow get for notes/reactions
2022-07-16 12:02:10 -04:00
syuilo
ac9ef2beba
rename: BIOS -> Repair Tool
2022-07-16 12:01:34 -04:00
Kainoa Kanter
e3d4d6d5b2
feat: styled error screen ( #8930 )
...
* Styled error screen
* Make details margin auto
* Update boot.css
* Replace fontawesome with tabler svg
* Remove hr
* Add new style to flush screen
* Rename to `error.css`
2022-07-16 12:01:22 -04:00
MeiMei
68a9415766
fix: streamingテストおそい ( #8912 )
2022-07-16 11:49:45 -04:00
syuilo
573dd770bf
feat(server): add fetch-rss api to reduce dependency of external apis
2022-07-16 11:22:47 -04:00
syuilo
791063078d
enhance(server): アンケートを新しい順にソート
2022-07-16 11:14:24 -04:00
MeiMei
6c330a1343
migrate parse5 to 7.0.0 ( #8916 )
...
* migrate parse5 to 7.0.0
* fix
2022-07-15 10:14:36 +02:00
syuilo
b6a31bdfcb
use parse5 6.0.1
...
Fix #8914
2022-07-15 10:14:36 +02:00
fcefeebca8
fix typo
...
Co-authored-by: mei23 <m@m544.net>
2022-07-15 10:13:53 +02:00
syuilo
ffa86c1d76
update deps
2022-07-15 10:09:44 +02:00
ff1c5167b6
update backend lockfile
2022-07-14 23:32:34 +02:00
tamaina
95ea2485c1
fix(sw, notification): Don't issue an event if there is no affect ( #8979 )
...
* test
* ]v]
2022-07-14 10:32:04 +02:00
mei23
0c5f8579d5
Fix massive update notification parameters
2022-07-14 10:31:26 +02:00
5ca93223c6
fix: remove even more ad stuff
2022-07-14 08:29:30 +02:00
e9b11231ff
detect outdated ID generation configuration
2022-07-13 21:30:21 +00:00
f476d149a6
remove alternative ID generation
...
Although these are configurable, there seems to be no benefit of being
able to configure these. The expected use of configuration methods other
than "aid" is expected to be low.
2022-07-13 21:30:21 +00:00
29284eca75
remove more ads stuff from client
2022-07-13 23:20:18 +02:00
a717fcc70c
remove ads from database
2022-07-13 23:20:18 +02:00
402d4e866e
remove ads from API endpoints
2022-07-13 23:20:17 +02:00
0e3a9d1e0d
refactor: use nullish coalescing / optional chaining
...
This seems to be more readable than ternary expressions.
2022-07-13 19:08:22 +02:00
syuilo
b003e24af4
chore(client): tweak ui
...
cherry-picked from ed41d542bb
2022-07-13 17:35:25 +02:00
syuilo
6a7e016a8e
fix(server): cannot show users
2022-07-13 17:16:51 +02:00
syuilo
f95f74f96e
allow non-mods to show instance-info page
2022-07-13 16:16:35 +02:00
syuilo
a7cc45fa98
fix(api): fix instance schema
2022-07-13 12:55:43 +02:00
syuilo
3579ebf03d
feat(api): add federation/stats endpoint
2022-07-13 12:55:09 +02:00
syuilo
591a0bf1b3
fix(api): add missing themeColor property of instance
2022-07-13 12:54:56 +02:00
syuilo
fbe210a39d
feat: make possible to delete an account by admin
...
Resolve #8830
2022-07-13 12:52:45 +02:00
9b008b9684
refactor: remove duplicate code ( #8895 )
2022-07-13 12:52:45 +02:00
MeiMei
5ac94cc268
fix broken mocha tests v2
...
see also https://github.com/misskey-dev/misskey/pull/8892
2022-07-13 12:49:58 +02:00
syuilo
45b36e8059
fix #8894
2022-07-13 12:45:24 +02:00
tamaina
f109de9ebb
enhance(client): Enhance boot error display ( #8879 )
...
* Change boot error message
* fix
* ✌️
* fix
2022-07-13 12:37:34 +02:00
dependabot[bot]
b269ab709b
chore(deps): bump jsrsasign from 10.5.24 to 10.5.25 in /packages/backend ( #8889 )
...
Bumps [jsrsasign](https://github.com/kjur/jsrsasign ) from 10.5.24 to 10.5.25.
- [Release notes](https://github.com/kjur/jsrsasign/releases )
- [Changelog](https://github.com/kjur/jsrsasign/blob/master/ChangeLog.txt )
- [Commits](https://github.com/kjur/jsrsasign/compare/10.5.24...10.5.25 )
---
updated-dependencies:
- dependency-name: jsrsasign
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-13 11:23:15 +02:00
syuilo
4d8d9936f1
feat: allow GET for some endpoints
...
Resolve #8263
2022-07-13 11:23:15 +02:00
e45624855f
fix: always respect instance mutes ( #8854 )
...
* fix: muted user query also checks instances
This way it can be ensured that the instance mute is used everywhere it
is required without checking the whole codebase again. Muted users and
muted instances should be used together anyways.
* fix lint
2022-07-13 11:23:14 +02:00
dependabot[bot]
30aa91bb94
chore(deps): bump jpeg-js from 0.4.1 to 0.4.4 in /packages/backend ( #8843 )
...
Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js ) from 0.4.1 to 0.4.4.
- [Release notes](https://github.com/eugeneware/jpeg-js/releases )
- [Commits](https://github.com/eugeneware/jpeg-js/compare/v0.4.1...v0.4.4 )
---
updated-dependencies:
- dependency-name: jpeg-js
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-13 11:23:14 +02:00
dependabot[bot]
893ed309bf
chore(deps): bump undici from 5.4.0 to 5.5.1 in /packages/backend ( #8842 )
...
Bumps [undici](https://github.com/nodejs/undici ) from 5.4.0 to 5.5.1.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v5.4.0...v5.5.1 )
---
updated-dependencies:
- dependency-name: undici
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-13 11:23:14 +02:00
syuilo
f30214b006
feat(admin): show list of files of a user
2022-07-13 10:44:48 +02:00
912c19222e
fix lints
2022-07-13 10:42:16 +02:00