This dependency was unused in the client.
The use of it in the server can be replaced entirely by the
secureRndstr function, with some slight modifications.
That function could probably be refactored a bit more as well.
They did not really fit into the DbResolver because they may fetch data
from remote instances even though DbResolver is only supposed to access
the database.
The table that is affected here was not properly purged of old entries. It only holds
data that is needed while a 3rd party authorization is in progress but not finished.
The code that typeorm generated for this migration is a bit wonky because it should
probably have dropped one column and created another one. But if we clear out all entries
it should work regardless and I'm feeling lazy right now. :P
This also simplifies API authentication a bit by not having to fetch
the App that is related to a token.
The restriction of 1 token per app is also lifted. This was not a
constraint in the database but it was enforced by the code and
kinda wrong schema the auth_session table had.
This also includes better rendering when no permissions are requested.
Also removed the app's id from the page as it makes no sense to show
this to a user.
Changelog: Fixed
This is basically a shim on top of the existing API.
Instead of the 3rd party, the web UI generates the authorization session.
The data that the API returns is slightly adjusted so that only one
API call is necessary instead of two.
This reverts commit e446a11bb7.
Turns out this wasn't really the source of the referenced issue and
someone was able to run with the original commit fine, so adding this
back for now.
Some hashtags sent from Mastodon were erroneously displayed as links.
This is because Mastodon seems to mangle hashtags containing non-ASCII
codepoints (such as e.g. umlauts). This lead to the previous code which
depended on the list of hashtags to not recognize a hashtag. Instead,
the `rel="tag"` microformat is recognized instead.
This makes the `htmlToMfm` wrapper function unnecessary so it was removed.
Changelog: Fixed
This corrects the gender-specific variants in general, adds a few
missing ones, replaces names that are just Unicode codepoints with
actual names, and makes the keywords more consistent.
Some data for this was taken from the annotations in the Unicode
CLDR version 42.
Reviewed-on: FoundKeyGang/FoundKey#262
This adds in wildcard matching. For instance:
- `*.bad.tld` will match: `very.bad.tld`
- `bad.*` will match: `bad.something`
- `*.bad.*` will match: `very.bad.evil`
Changelog: Changed
This setting is unnecessary because DeepL free keys can be detected
easily according to <https://www.deepl.com/docs-api/api-access/authentication/>:
> DeepL API Free authentication keys can be identified easily by the suffix ":fx"
Changelog: Removed
There are now separate web and queue workers.
The configuration entry `clusterLimit` has been replaced by
`clusterLimits` which allows separate configuration of web and
queue workers.
Changelog: Changed
Now that Node 18 is the new LTS version of Node, it should be safe to
support ES2022 features. The install docs have already been updated to
recommend Node 18.x in 41a710854e.
This will break support on Node 16.x and earlier.
Also update TypeScript to 4.9 which contains various typechecking
improvements: https://devblogs.microsoft.com/typescript/announcing-typescript-4-9/
Ref: FoundKeyGang/FoundKey#238
Changelog: Changed
The thing that previously presumably hindered this was that the VAPID
keys had to be set up. Previously admins had to do this, but this is a bad
idea for multiple reasons:
1) The meaning of "public key" and "private key" was not well documented
in the settings.
2) Giving out a private key over the API, even just for admins, sounds
like a bad idea.
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
* Fixed association between dropEffect and effectAllowed as well as the submission form
* Fixed that strings can be dropped
Reviewed-on: https://github.com/misskey-dev/misskey/pull/9114
Changelog: Fixed
This adds a new "Translation Settings" page to the admin interface where
the admin can configure the instance's translation settings. The
existing settigns for DeepL translation settings will now be located in
that page alongside the new LibreTranslate stuff.
Also made the translation service settings localizable, which funnily
enough was not already the case.
Copy over the MONTH constant from the client code and the time constants
for active{Halfyear,Month}.
Also instead of adding and deleting `respository` from the nodeinfo for
version 2.0, only add in the repository URL in the 2.1 endpoint.
Use the distinct query thingy so we don't have to make the Set work
so hard. This is also uniform code with the "everyone" above so should
hopefully be easier to understand.
Long hostnames can obscure the username being entered. And the hostname
should already be known to the user anyway or they can find out by
looking at the current URL.
fixes <FoundKeyGang/FoundKey#231>
Changelog: Changed
This fixes a few type errors like removing `software.respository` in
NodeInfo 2.0 and updating `metadata.repositoryUrl` to not use the
now removed meta `repositoryUrl` field.
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
Reviewed-on: FoundKeyGang/FoundKey#221
Remove the several filter functions in different places by filtering
directly in the database.
Instead of a QueryBuilder, use the plain find function.
Refactor a for loop awaiting several promises individually, use
Array.map and await Promise.all to make better use of promises.
If a user on a remote instances changes their profile to manually accept
follow requests, this change may not immediately be federated. Because of
this, a user may get stuck seeing "processing".
This should reduce the performance hit when adding large numbers of
instances to the deliver queue by making the check for suspended and
dead instances a bulk operation.
Changelog: Changed
Reviewed-on: FoundKeyGang/FoundKey#215
The UUIDs are no longer used for errors and all errors should now have
a descriptive message attached to them. Also, all errors should now have
the proper HTTP status code for a reply instead of the generic 400 and 500
response codes. Because the errors all have more specific error codes, the
"kind" of client or server is also abolished.
- Add a rate limit analogous to request-reset-password.
See also a0ef32f4f6.
- Delete an expired reset request if found.
- Return a proper error.
- Use time constants.
Changelog: Changed
Since you are also allowed to react to your own notes, it seems sensible
that you should be allowed to like your own gallery posts.
Analogous to commit 4c5aa9e538.
Changelog: Changed
`createdAt` in `insertNote` now will default to the current date.
Also refactor poll insert:
Instead of testing hasPoll, just do a null check on data.poll since it's
a more reliable indicator for whether a poll exists (and also tsc won't
complain about data.poll being possibly null).
Refactor to use $ref sugar.
Also forego the API call to fetch endpoint information if the endpoint
name is not in the list of available endpoints that has already been
fetched.
Squashed commit of the following:
commit 8636adab6455bea29659a6799a7f3aad9e7cc10d
Author: Johann150 <johann.galle@protonmail.com>
Date: Mon Oct 17 22:53:24 2022 +0200
fix: remove comment
commit 7ff8d45bfa2ed5c07c9a053e817604ef2eb115ad
Author: Johann150 <johann.galle@protonmail.com>
Date: Mon Oct 17 21:55:48 2022 +0200
fix paginations reloading
The Pagination type actually specifies that just the params property
should be a Ref.
commit 55fe9210c15785611603e3a7a2535ebf8008ea64
Author: Johann150 <johann.galle@protonmail.com>
Date: Mon Oct 17 18:55:54 2022 +0200
fix variable name
commit a464d1363bc8c62606a4d2acc148ce269973bede
Author: Johann150 <johann.galle@protonmail.com>
Date: Sun Oct 16 22:36:11 2022 +0200
fix: don't display empty drive message while loading
commit 52905b398f683ff3c71c2d5592851b2d2a428550
Author: Johann150 <johann.galle@protonmail.com>
Date: Fri Oct 14 22:19:13 2022 +0200
remove unavailable i18n strings
commit d491a71cbec05f991864a06b8e0001d40da006a3
Author: Johann150 <johann.galle@protonmail.com>
Date: Fri Oct 14 22:18:42 2022 +0200
client refactor: use pagination in drive component
This majorly refactors the drive component to use the proper pagination
component instead of reimplementing pagination.
The drive component is also refactored to use ref sugar (i.e. $ref).
This should also have better latency due to being a single query.
Furthermore, it's no longer a linear scan, since host is indexed.
Would be cool to simplify it further to a single query for blocks also...
Why exactly are blocks not in the db?
It works by having a day-long cache of
"when did we last successfully communicate with this instance?"
Anything over a specified threshold (1 month) will act as though the instance
is suspended - all outgoing jobs are dropped on processing.
The day-long cache is in place because the ordering is necessarily a
linear scan.
Once an instance comes back online, we will detect that is the case as soon as
we receive an activity from them (which will update the "last communicated at")
field.
Potential future TODOs:
* Improve the caching system, it's actually pretty inefficient as it is.
CacheBox with a call override?
* Think of ways to make it not-a-linear-scan, since the instances table can get
pretty big. It's around 4500 on toast cafe.
ChangeLog: Added
I'm not sure how it managed to work so far, but the function is the default
export, using the namespace like a function should not have worked,
maybe something under the hood was correcting it back
This is oriented on this paragraph from the AP spec:
> Additionally, if an object is addressed to the Public special collection,
> a server MAY deliver that object to all known sharedInbox endpoints
> on the network.