Commit graph

491 commits

Author SHA1 Message Date
523d366ca3
refactor: remove unnecessary array map 2022-08-25 00:10:54 +02:00
4f2a9f8911
refactor: adjust HTML mention microformat
Adjust the federated HTML microformat to the one that is documented
at <https://docs.joinmastodon.org/spec/microformats/>, namely adding
the missing surrounding tag with the class `h-card`.
2022-08-25 00:06:11 +02:00
f119914b98
refactor: use optional chaining and nullish coalescing 2022-08-25 00:06:11 +02:00
8e5a350f1b Simplify fetching object in resolver.ts
this.user will always be true, so we aren't doing unsigned fetches.
2022-08-21 13:13:34 -04:00
77bfc2450d Remove signToActivityPubGet option
Makes it so that all requests are signed, equivalent to
signToActivityPubGet always being true.
2022-08-21 12:38:43 -04:00
0965d3cbd9
merge: simplify pages
FoundKeyGang/FoundKey#49
2022-08-19 09:16:49 +02:00
27c56a4dcc Merge pull request 'security: update multer to 1.4.5-lts.1' (#69) from fix/multer-security into main
Reviewed-on: FoundKeyGang/FoundKey#69
2022-08-18 17:39:33 +00:00
5d41384708
fix: await promises in migration 2022-08-18 18:26:17 +02:00
7ae5d6b1b8
backend: fix packing pages 2022-08-18 17:34:20 +02:00
c0b0720ede
add best effort migration for pages 2022-08-18 17:34:20 +02:00
90d35b951f
adjust types & api for pages 2022-08-18 17:32:01 +02:00
b137a39160
merge: remove promo notes
FoundKeyGang/FoundKey#62
2022-08-18 14:26:48 +02:00
f30e02dc73 security: update multer to 1.4.5-lts.1
This version of multer contains a fix for
CVE-2022-24434 which affects a transitive dependency.

> This affects all versions of package dicer. A malicious attacker can
> send a modified form to server, and crash the nodejs service. An
> attacker could sent the payload again and again so that the service
> continuously crashes.

Ref: https://nvd.nist.gov/vuln/detail/CVE-2022-24434
2022-08-18 01:37:39 -04:00
f0bdd9666f
remove empty import statements 2022-08-14 12:26:18 +02:00
c8afce6b2c
fix blocking of remote accounts
The property name was misspelled.
2022-08-14 11:33:08 +02:00
e028a852f6
remove more code referencing promo notes 2022-08-12 19:39:48 +02:00
c7bf29fd49 Remove promo entities and endpoints 2022-08-11 23:13:09 +02:00
6ce4b3fe2f
fix some lints
Many of these were fixed automatically with eslint --fix.

Some of them (e.g. adding return types to functions) were done manually.
2022-08-11 00:09:29 +02:00
961fb0d2df
fix: use correct variable
Fixes an error introduced in commit 7a80015225.
2022-08-10 23:59:35 +02:00
7a80015225
fix lint "no-param-reassign" 2022-08-10 16:36:54 +02:00
09a7eabda1
backend: fix lint "no-throw-literal" 2022-08-04 11:00:02 +02:00
e2bf2715a6
fix spelling error 2022-08-04 10:20:48 +02:00
a3a3cb7258
remove --quiet flag from eslint
This flag means to hide warnings which is not generally desirable.
Even if warnings do not affect the end result of running CI it would
still be nice to be able to see the warnings when running the lints
normally or in CI.
2022-08-04 00:20:59 +02:00
c8f49bae76
fix lint "object-shorthand" 2022-08-03 14:58:24 +02:00
37e47a257e
fix lints "import/order" and "import/no-duplicate"
Also simplified some import paths by replacing relative with absolute paths.
2022-08-03 14:05:50 +02:00
bc1c66e16e
remove admin/drive/cleanup API
This API endpoint is not working correctly and can cause unintended data loss:
It may remove emojis that have been imported from other instances.

See also https://github.com/misskey-dev/misskey/issues/8222
2022-08-03 11:00:48 +02:00
2fa90e7f43
fix lints in backend boot 2022-08-03 00:18:31 +02:00
a6df127d3b
fix lint "quotes" 2022-08-02 23:25:36 +02:00
fbcea23ef6
fix ReferenceError in renote.ts 2022-08-02 21:23:16 +02:00
ec4fe55acf
refactor: reusable function for pure renote detection
There was some code to detect if a note is a quote renote. However this
code was unused and it seems the kind of reversed detection of checking
if something is a pure renote is more useful.
2022-08-01 00:05:10 +02:00
b7c0e26da9
fix: lint error in create.ts 2022-07-28 13:19:47 -04:00
40d9aa6219
API: visiblity cannot be less restrictive
Removed a now unnecessary provision from services/note/create as well.
2022-07-28 15:23:08 +02:00
bf16b3699e
fix: packing app includes description 2022-07-28 11:59:10 +02:00
233c39dbad
fix lints 2022-07-27 08:16:52 +02:00
Chloe Kudryavtsev
0f6d94f1e7 backend: improve mutes and blocks
Mutes and blocks now also apply recursively to replies and renotes.
Furthermore, any mentioned user being muted or blocked will also apply.
2022-07-26 08:12:49 -04:00
63c8992cb8
Add semicolon to children.ts 2022-07-25 22:07:23 -04:00
4bc9610d8b
remove unnecessary joins
These joins are no longer necessary as of commit
c35372a20d. It seems they are bad enough
for performance to break installs.
2022-07-25 21:46:45 +02:00
9ee609d700
Merge: enhance privacy of notes
FoundKeyGang/FoundKey#14
2022-07-25 18:15:21 +02:00
c35372a20d
pack children without detail 2022-07-25 16:41:47 +02:00
aca724e0bf
enable to fetch replies recursively 2022-07-25 16:41:46 +02:00
aba5b27159
remove legacy permission parsing 2022-07-24 11:45:37 +02:00
3fe351df6d
fix: catch errors from packing with detail
Packing with detail can cause an error if the reply or renote
are not visible to the user, even though the original note is
visible to the user.
2022-07-23 22:28:41 +02:00
b630cd7eac
refactor: add NoteReactions.packMany 2022-07-23 22:28:40 +02:00
6775028b1e
adjust tests 2022-07-23 22:28:40 +02:00
128d0f0d4e
remove isHidden and its uses
The `isHidden` attribute is not being set any more and is thus removed.
Handling in the client is no longer necessary.
2022-07-23 22:28:39 +02:00
cfa371b52b
refactor: remove note re-packing in streaming API
Instead of packing the note for public user before passing it to
streams, the note is now either packed for the user the respective
stream belongs to (`mainStream`) or not packed at all and then packed
later (`notesStream`).

Because this is a new common task between different channels, a shared
implementation of packing a note from notesStream is created. This
implementation will simply skip a note if it is not visible to the user
that the channel belongs to.
2022-07-23 22:27:29 +02:00
c6192ac95a
fix: handle exception in note favorites 2022-07-23 22:27:29 +02:00
2486eff747
packing notes not visible to user raises an error
Instead of just hiding specific fields, the entire note is hidden. This means
that metadata of the note such as who is the author, when was it sent are
completely hidden.
2022-07-23 22:27:29 +02:00
3c6d9cc8ab
use getNote instead of Notes.find
If a note is not visible to the requesting user, an error will be raised.
2022-07-23 22:27:28 +02:00
97edaca351
getNote checks visibility
Raise an error When a note is not visible to the requesting user.
2022-07-23 22:27:14 +02:00