c05cc63e24
look inside url when checking activity origin - #512
...
The previous assertion that:
> if it's a complicated thing and the `activity.id` doesn't match, I
> think we're fine rejecting the activity
was wrong: at least peertube sends activities that have `url` as an
array of objects.
Notice that this does *not*, in fact, fix #512 : the peertube activity
does not contain its short URL (`https://example.com/w/someid `), so
there's no way to confirm that it is the activity we requested.
2024-05-18 16:48:10 +01:00
89f412c696
merge: Send default reactions as Like activities to Iceshrimp.NET instances ( !505 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/505
Approved-by: dakkar <dakkar@thenautilus.net >
Approved-by: Marie <marie@kaifa.ch >
2024-05-09 07:59:46 +00:00
ed91663672
merge: don't count "system" local accounts in user chart - fixes #451 ( !500 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/500
Closes #451
Approved-by: Ember <acomputerdog@gmail.com >
Approved-by: Marie <marie@kaifa.ch >
2024-05-07 20:17:54 +00:00
89f4f0e5f4
don't count "system" local accounts in user chart - fixes #451
2024-05-07 20:17:53 +00:00
58ff225c4e
merge: really edit notes in more cases - fixes #424 ( !504 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/504
Closes #424
Approved-by: Leah <kevinlukej@gmail.com >
Approved-by: Ember <acomputerdog@gmail.com >
2024-05-07 20:16:39 +00:00
eab690a5e3
really edit notes in more cases - fixes #424
2024-05-07 20:16:38 +00:00
5e20de45d7
merge: Compact LD-signed activities against well-known context ( !503 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/503
Approved-by: Marie <marie@kaifa.ch >
Approved-by: Tess K <me@thvxl.se >
2024-05-04 17:19:42 +00:00
f843bf6c17
fix: Add unicode flag to custom emoji regexes
2024-05-03 11:48:00 -05:00
d0a2708f91
merge: handle non-ASCII emoji names ( !464 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/464
Approved-by: Leah <kevinlukej@gmail.com >
Approved-by: Ember <acomputerdog@gmail.com >
Approved-by: Marie <marie@kaifa.ch >
2024-05-02 21:06:10 +00:00
e333283905
Send default reactions as Like activities to Iceshrimp.NET instances
2024-05-02 02:37:59 +03:00
45182c17e2
fix imports
2024-05-01 17:41:33 +01:00
6ae01e28aa
Compact LD-signed activities against well-known context
...
This should defend against some spoofing attacks, see also
https://nvd.nist.gov/vuln/detail/CVE-2022-24307 for Mastodon,
https://iceshrimp.dev/iceshrimp/iceshrimp/commit/febb499fcb5fe3d56ca79025e4b5851464660c38
from Iceshrimp and
https://firefish.dev/firefish/firefish/-/commit/e790d6be90dfd5dc6471b650a54520761bb9d745
for Firefish
Thanks to @tesaguri@fedibird.com for reporting and providing the patch.
2024-04-30 10:16:57 +01:00
0f3764ff71
teach ReactionService about non-ASCII emoji names
2024-04-23 14:42:02 +01:00
074de82bf7
some validation fixes
2024-03-30 11:05:58 +00:00
ff0117a1a5
check prohibited words when creating notes
...
some small differences (between Misskey and us) inside the `create`
method made `git` put all the changes inside the `import` method… I
thought I had copied them all, but I had missed one, and it's a pretty
important one: prohibited words were not being checked!
2024-03-05 16:52:05 +00:00
af548d05ca
merge upstream for 2024.2.1
2024-03-02 16:36:49 +00:00
1b65c06d60
merge: fix: delete old follow request (if exists) before creating new ( !440 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/440
Approved-by: dakkar <dakkar@thenautilus.net >
Approved-by: Marie <marie@kaifa.ch >
2024-02-24 18:16:16 +00:00
def2e8dff0
Merge remote-tracking branch 'origin/develop' into fix/failed-follow
2024-02-24 05:05:25 +00:00
ea948ccadc
fix: delete old follow request (if exists) before creating new
2024-02-24 04:38:01 +00:00
d1b787192a
fix: align note edit errors with note create errors
2024-02-23 17:01:35 +01:00
15d2319011
merge: upstream
2024-02-23 13:42:52 +01:00
c0156b740b
enhance?: DeleteAccountServiceでユーザーを削除する際にuserChangeDeletedStateを発行する ( #13382 )
2024-02-23 18:15:39 +09:00
600d91beda
enhance: リモートのフォロワーから再度Followが来た場合、acceptを返してあげる ( #13388 )
...
* enhance: リモートのフォロワーから再度Followが来た場合、acceptを返してあげる
* nanka meccha kaeta
* ブロックチェックの後にフォロー関係の存在チェックをする
2024-02-23 18:04:30 +09:00
b8d8b359bc
fix: プッシュ通知の変更が1時間ほど反映されない問題を修正 ( #13407 )
...
* fix: プッシュ通知の変更が1時間ほど反映されない問題を修正
* 410 to refresh
* refreshCache
2024-02-23 17:19:08 +09:00
64953fadc9
refactor(backend): Array.prototype.filterでの非null確認ではisNotNull関数を使うように ( #13442 )
...
* `Array.prototype.filter`での非null確認では`isNotNull`関数を使うように
* `{}` -> `NonNullable<unknown>`
2024-02-23 14:12:57 +09:00
d20542c495
enhance: metaをSSR HTMLに埋め込む ( #13436 )
...
* enhance: `meta`をSSR HTMLに埋め込む
* HTML Metaの有効時間を指定
* 1時間
* MetaEntityService
* JSONをPackするように
* ✌️
---------
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com >
2024-02-23 10:47:17 +09:00
4afbf3b91e
some fixes for note edits
2024-02-22 18:23:46 +00:00
4d6fab06de
refactor: Refactor NoteReadService.read ( #13429 )
...
* refactor: Refactor NoteReadService.read
* clean up
* Update packages/backend/src/core/NoteReadService.ts
---------
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com >
2024-02-22 21:10:28 +09:00
2bd9f05a92
Merge branch 'develop' of https://github.com/misskey-dev/misskey into develop
2024-02-22 20:59:57 +09:00
26c8b53f70
enhance: サーバーごとにモデレーションノートを残せるように
2024-02-22 20:59:52 +09:00
b36e6b1a77
fix: 禁止キーワードを含むノートがDelayed Queueに追加されて再処理される問題 ( #13428 )
...
* refactor: use IdentifiableError instead of NoteCreateService.ContainsProhibitedWordsError
* fix: notes with prohibited words are reprocessed with delay
* docs(changelog): 禁止キーワードを含むノートがDelayed Queueに追加されて再処理される問題
* lint: fix lint errors
* fix: rethrowするべきなのにrethrowし忘れていたのを修正
2024-02-22 00:59:59 +09:00
ae27085f69
fix: Bump sharp to 0.33.2 ( #13391 )
2024-02-21 14:42:37 +09:00
750d262604
refactor(backend): ReactionService.prototype.convertLegacyReactions ( #13375 )
...
* add unit tests
* cleanup unnecessary type assertions
* `convertedReaction`変数の定義と変換表に対する存在確認処理の整理
* `count`変数の定義とループ処理での`Object.entries()`の活用
* 条件式の整理
* `Array.prototype.reduce`を使うように
* `Array.prototype.reduce`を使うように
* 配列操作を1つのメソッドチェーンに整理
これまでの実装では、`decodeReaction`の返り値が同一になる異なる入力値が同時に複数個存在した場合、後ろのもので上書きされてしまっていたはず。
これからの実装では、後ろのものは前のものに加算される。
(実際にこの挙動の変更が問題になるシチュエーションはまずないはず。)
* add unit test
* ドキュメントコメントの追加と型定義の調整
2024-02-21 14:31:50 +09:00
4a13508da0
Note Edited notification type
2024-02-20 15:10:41 +00:00
6931f50af5
merge: check prohibited words when editing note ( !429 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/429
Approved-by: Marie <marie@kaifa.ch >
Approved-by: Amelia Yukii <amelia.yukii@shourai.de >
2024-02-19 19:19:27 +00:00
9c1437bdf9
check prohibited words when editing note
2024-02-19 14:27:10 +00:00
10bfc61670
merge: upstream
2024-02-19 10:47:42 +01:00
7562d233c5
fix of 9a70ce8f5e
...
Co-Authored-By: RyotaK <49341894+Ry0taK@users.noreply.github.com >
2024-02-17 13:09:16 +00:00
0a8ffd9cfa
Merge pull request from GHSA-qqrm-9grj-6v32
...
* maybe ok
* fix
* test wip
* ✌️
* fix
* if (res.ok)
* validateContentTypeSetAsJsonLD
* 条件を考慮し直す
* その他の+json接尾辞が付いているメディアタイプも受け容れる
* https://github.com/misskey-dev/misskey-ghsa-qqrm-9grj-6v32/pull/1#discussion_r1490999009
* add `; profile="https://www.w3.org/ns/activitystreams "`
* application/ld+json;
2024-02-17 13:09:08 +00:00
01de1519dd
fix of 9a70ce8f5e
...
Co-Authored-By: RyotaK <49341894+Ry0taK@users.noreply.github.com >
2024-02-17 14:26:48 +09:00
9a70ce8f5e
Merge pull request from GHSA-qqrm-9grj-6v32
...
* maybe ok
* fix
* test wip
* ✌️
* fix
* if (res.ok)
* validateContentTypeSetAsJsonLD
* 条件を考慮し直す
* その他の+json接尾辞が付いているメディアタイプも受け容れる
* https://github.com/misskey-dev/misskey-ghsa-qqrm-9grj-6v32/pull/1#discussion_r1490999009
* add `; profile="https://www.w3.org/ns/activitystreams "`
* application/ld+json;
2024-02-17 12:41:19 +09:00
37959bab1d
refactor(backend): remove/replace deprecated type deps ( #13252 )
2024-02-16 20:09:07 +09:00
7cfe7da73d
fix
2024-02-16 15:09:05 +09:00
f55e1ee138
refactor(backend): misc/cacheをシンプルな実装に戻した
2024-02-16 15:07:12 +09:00
cfa573a3a1
リモートユーザーが復活してもキャッシュにより該当ユーザーのActivityが受け入れられないのを修正 Fix #13273 ( #13275 )
...
* リモートユーザーが復活してもキャッシュにより該当ユーザーのActivityが受け入れられないのを修正 Fix #13273
* CHAGELOG
* Use Redis event
---------
Co-authored-by: tamaina <tamaina@hotmail.co.jp >
2024-02-16 14:30:53 +09:00
147e8f1e3e
feat(backend): likeOnlyなどでハートにフォールバックする際異体字セレクタがない方に揃える ( #13299 )
...
* feat(backend): likeOnlyなどでハートにフォールバックする際異体字セレクタがない方に揃える
close #13298
* Update ReactionService.ts
* chore(backend): prefer single quote for string literal
2024-02-16 14:25:48 +09:00
be36a793cd
merge: Fix Note Edits being federated incorrectly ( !417 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/417
Approved-by: Amelia Yukii <amelia.yukii@shourai.de >
Approved-by: dakkar <dakkar@thenautilus.net >
2024-02-15 22:18:58 +00:00
8b90c6c045
merge: Never return broken notifications #409 ( !415 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/415
Approved-by: Marie <marie@kaifa.ch >
Approved-by: Amelia Yukii <amelia.yukii@shourai.de >
2024-02-13 18:23:37 +00:00
c1514ce91d
(re) update SPDX-FileCopyrightText
...
Fix #13290
2024-02-13 15:59:27 +00:00
311c2172d7
Revert "update SPDX-FileCopyrightText"
...
This reverts commit 9b5aeb76d8
2024-02-13 15:50:11 +00:00
dakkar