Commit graph

502 commits

Author SHA1 Message Date
97b9a00105
security: update dependencies
- file-type: 17.1.2 -> 18.0.0
- got: 12.1.0 -> 12.3.1
- sharp: 0.29.3 -> 0.30.7
2022-08-29 20:33:40 -04:00
41414b4576
chore: remove s-age dependency
This isn't being used anymore since
4e41fa8767.
In any case, age calculation really doesn't need to involve a 3rd party
library.

Ref: FoundKeyGang/FoundKey#90
2022-08-28 11:35:18 -04:00
dd9dc497fb
fix some deps 2022-08-26 18:04:53 -04:00
bc0f0bf08f
add foundkey-js to each workspace package.json 2022-08-26 16:38:41 -04:00
247a01dfe6
remove subproject yarn.locks 2022-08-26 16:05:11 -04:00
6bb3f39c36
migrate to Yarn 3.2.3 2022-08-26 15:24:29 -04:00
6bccbc0d6d
switch to yarn for scripts and move start to backend 2022-08-26 12:48:55 -04:00
237c29a4b8
backend: move to foundkey-js 2022-08-26 01:34:22 -04:00
33146ffa5e
Fix paths for twemoji and font-awesome 2022-08-26 00:31:17 -04:00
b230dc98a9
fix import path for TreeAdapter 2022-08-26 00:15:21 -04:00
c1242cfde2
Fix build errors 2022-08-25 23:36:08 -04:00
523d366ca3
refactor: remove unnecessary array map 2022-08-25 00:10:54 +02:00
4f2a9f8911
refactor: adjust HTML mention microformat
Adjust the federated HTML microformat to the one that is documented
at <https://docs.joinmastodon.org/spec/microformats/>, namely adding
the missing surrounding tag with the class `h-card`.
2022-08-25 00:06:11 +02:00
f119914b98
refactor: use optional chaining and nullish coalescing 2022-08-25 00:06:11 +02:00
8e5a350f1b Simplify fetching object in resolver.ts
this.user will always be true, so we aren't doing unsigned fetches.
2022-08-21 13:13:34 -04:00
77bfc2450d Remove signToActivityPubGet option
Makes it so that all requests are signed, equivalent to
signToActivityPubGet always being true.
2022-08-21 12:38:43 -04:00
0965d3cbd9
merge: simplify pages
FoundKeyGang/FoundKey#49
2022-08-19 09:16:49 +02:00
27c56a4dcc Merge pull request 'security: update multer to 1.4.5-lts.1' (#69) from fix/multer-security into main
Reviewed-on: FoundKeyGang/FoundKey#69
2022-08-18 17:39:33 +00:00
5d41384708
fix: await promises in migration 2022-08-18 18:26:17 +02:00
7ae5d6b1b8
backend: fix packing pages 2022-08-18 17:34:20 +02:00
c0b0720ede
add best effort migration for pages 2022-08-18 17:34:20 +02:00
90d35b951f
adjust types & api for pages 2022-08-18 17:32:01 +02:00
b137a39160
merge: remove promo notes
FoundKeyGang/FoundKey#62
2022-08-18 14:26:48 +02:00
f30e02dc73 security: update multer to 1.4.5-lts.1
This version of multer contains a fix for
CVE-2022-24434 which affects a transitive dependency.

> This affects all versions of package dicer. A malicious attacker can
> send a modified form to server, and crash the nodejs service. An
> attacker could sent the payload again and again so that the service
> continuously crashes.

Ref: https://nvd.nist.gov/vuln/detail/CVE-2022-24434
2022-08-18 01:37:39 -04:00
f0bdd9666f
remove empty import statements 2022-08-14 12:26:18 +02:00
c8afce6b2c
fix blocking of remote accounts
The property name was misspelled.
2022-08-14 11:33:08 +02:00
e028a852f6
remove more code referencing promo notes 2022-08-12 19:39:48 +02:00
c7bf29fd49 Remove promo entities and endpoints 2022-08-11 23:13:09 +02:00
6ce4b3fe2f
fix some lints
Many of these were fixed automatically with eslint --fix.

Some of them (e.g. adding return types to functions) were done manually.
2022-08-11 00:09:29 +02:00
961fb0d2df
fix: use correct variable
Fixes an error introduced in commit 7a80015225.
2022-08-10 23:59:35 +02:00
7a80015225
fix lint "no-param-reassign" 2022-08-10 16:36:54 +02:00
09a7eabda1
backend: fix lint "no-throw-literal" 2022-08-04 11:00:02 +02:00
e2bf2715a6
fix spelling error 2022-08-04 10:20:48 +02:00
a3a3cb7258
remove --quiet flag from eslint
This flag means to hide warnings which is not generally desirable.
Even if warnings do not affect the end result of running CI it would
still be nice to be able to see the warnings when running the lints
normally or in CI.
2022-08-04 00:20:59 +02:00
c8f49bae76
fix lint "object-shorthand" 2022-08-03 14:58:24 +02:00
37e47a257e
fix lints "import/order" and "import/no-duplicate"
Also simplified some import paths by replacing relative with absolute paths.
2022-08-03 14:05:50 +02:00
bc1c66e16e
remove admin/drive/cleanup API
This API endpoint is not working correctly and can cause unintended data loss:
It may remove emojis that have been imported from other instances.

See also https://github.com/misskey-dev/misskey/issues/8222
2022-08-03 11:00:48 +02:00
2fa90e7f43
fix lints in backend boot 2022-08-03 00:18:31 +02:00
a6df127d3b
fix lint "quotes" 2022-08-02 23:25:36 +02:00
fbcea23ef6
fix ReferenceError in renote.ts 2022-08-02 21:23:16 +02:00
ec4fe55acf
refactor: reusable function for pure renote detection
There was some code to detect if a note is a quote renote. However this
code was unused and it seems the kind of reversed detection of checking
if something is a pure renote is more useful.
2022-08-01 00:05:10 +02:00
b7c0e26da9
fix: lint error in create.ts 2022-07-28 13:19:47 -04:00
40d9aa6219
API: visiblity cannot be less restrictive
Removed a now unnecessary provision from services/note/create as well.
2022-07-28 15:23:08 +02:00
bf16b3699e
fix: packing app includes description 2022-07-28 11:59:10 +02:00
233c39dbad
fix lints 2022-07-27 08:16:52 +02:00
Chloe Kudryavtsev
0f6d94f1e7 backend: improve mutes and blocks
Mutes and blocks now also apply recursively to replies and renotes.
Furthermore, any mentioned user being muted or blocked will also apply.
2022-07-26 08:12:49 -04:00
63c8992cb8
Add semicolon to children.ts 2022-07-25 22:07:23 -04:00
4bc9610d8b
remove unnecessary joins
These joins are no longer necessary as of commit
c35372a20d. It seems they are bad enough
for performance to break installs.
2022-07-25 21:46:45 +02:00
9ee609d700
Merge: enhance privacy of notes
FoundKeyGang/FoundKey#14
2022-07-25 18:15:21 +02:00
c35372a20d
pack children without detail 2022-07-25 16:41:47 +02:00