Commit graph

3732 commits

Author SHA1 Message Date
おさむのひと
426940bea7
2025.2.1-beta.0のlintがコケているのを修正 (#15546) 2025-02-23 21:21:58 +09:00
饺子w (Yumechi)
25052164c0
Merge commit from fork
* fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.

[GHSA-6w2c-vf6f-xf26](https://github.com/misskey-dev/misskey/security/advisories/GHSA-6w2c-vf6f-xf26)

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* Enhance: Add configuration option to disable all external redirects when responding to an ActivityPub lookup (config.disallowExternalApRedirect)

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* fixup! fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.

* docs & one edge case

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* apply suggestions

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* remove stale frontend reference to _responseInvalidIdHostNotMatch

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* apply suggestions

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

---------

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
2025-02-23 19:21:34 +09:00
Hazelnoot
3642ea022b disable inline note previews from users with quotes disabled 2025-02-20 21:34:09 -05:00
Hazelnoot
f39f47aade include rejectQuotes on all packed User entities 2025-02-20 21:12:12 -05:00
Hazelnoot
bb0bc68927 cover more retryable errors for quote resolution 2025-02-20 09:58:22 -05:00
Hazelnoot
ca7d8b5bff fix logging for quote errors 2025-02-20 09:58:22 -05:00
Hazelnoot
b9b339fd48 add admin/reject-quotes to new endpoints list 2025-02-20 09:58:19 -05:00
Hazelnoot
784290186f fix type errors in is-renote unit tests 2025-02-20 09:58:06 -05:00
Hazelnoot
b100249a34 fix type errors in NoteCreateService unit tests 2025-02-20 09:58:06 -05:00
Hazelnoot
0e2e77e346 fix type errors in WebhookTestService.ts 2025-02-20 09:58:04 -05:00
Hazelnoot
292d3b9229 add "reject quotes" toggle at user and instance level
+ improve, cleanup, and de-duplicate quote resolution
+ add warning message when quote cannot be loaded
+ add "process error" framework to display warnings when a note cannot be correctly loaded from another instance
2025-02-20 09:57:48 -05:00
dakkar
93ffd4611c merge: TSVector based search provider (!910)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/910

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-20 10:27:18 +00:00
dakkar
534c35cca2 merge: Add "force content warning" setting for user moderation (resolves #905) (!876)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/876

Closes #905

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-20 10:20:49 +00:00
PrivateGER
285bbcb81f
fix linter... 2025-02-19 16:46:59 +01:00
PrivateGER
691a9a6be2
Rename tsvector to sqlTsvector 2025-02-19 16:34:48 +01:00
PrivateGER
e6464906e6
change to sqlTsvector 2025-02-19 16:32:11 +01:00
PrivateGER
b5208c2ad0
simplify tsvector implementation, remove cover density 2025-02-19 16:26:02 +01:00
PrivateGER
4fde14d1cc
fix wrong column name 2025-02-19 15:12:16 +01:00
PrivateGER
d82c8e8e97
Implement tsvector search support 2025-02-19 14:55:50 +01:00
Marie
d67eefaaf5 merge: Add separate redis for rate limit (!908)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/908

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-18 23:27:56 +00:00
dakkar
9e3667b2a3 fix names that annoy @dakkar 2025-02-18 20:57:55 +00:00
dakkar
029f67b7e5 fix time zone for CustomEmojiService test
otherwise, the timestamps that the test uses for queries are
interpreted as UTC (because they have a TZ in the string), but the
truncated date is interpreted in the session timezone, which defaults
to the server timezone, which can be anything

thanks to @fEmber for noticing
2025-02-18 20:57:55 +00:00
Hazelnoot
c28b27b57f merge: Optionally log remote ActivityPub objects to database (!833)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/833

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-18 19:51:13 +00:00
Hazelnoot
788751d24d implement redisForRateLimit 2025-02-18 10:36:29 -05:00
Marie
3dfd018305 merge: Fix error message when a peertube object is rejected for bad ID / URL (!900)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/900

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-17 19:47:36 +00:00
Marie
0e01c94efc merge: Increase rate limit on server-info to avoid errors and blank graphs (!903)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/903

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-17 19:46:31 +00:00
Marie
25da35eab2 merge: relax validation of Announce / renote timestamps (resolves #799) (!905)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/905

Closes #799

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-17 19:46:11 +00:00
syuilo
93e7aad44e tweak error log 2025-02-17 13:34:17 +09:00
Hazelnoot
f183df3044 fix error message when a peertube object is reject for bad ID / URL 2025-02-16 19:27:06 -05:00
Hazelnoot
17ec2df3e1 increase rate limit on server-info to avoid errors and blank graphs 2025-02-16 19:26:29 -05:00
Hazelnoot
9de5ecae51 delete fetch logs when a note or user is deleted 2025-02-16 19:25:42 -05:00
Hazelnoot
dbaeb7f2ac fix unit tests using mock-resolver 2025-02-16 19:25:25 -05:00
Hazelnoot
71be39ecc8 add missing await in ApLogCleanupService 2025-02-16 19:25:24 -05:00
Hazelnoot
4858276465 don't log slow activities, as this is known to happen under regular circumstances 2025-02-16 19:25:24 -05:00
Hazelnoot
81944b3bdf implement AP fetch logs 2025-02-16 19:25:22 -05:00
Hazelnoot
cc2edae7ab rename activity_log and activity_context to ap_inbox_log and ap_context 2025-02-16 19:25:04 -05:00
Hazelnoot
0979392925 make activity_log.duration nullable 2025-02-16 19:25:04 -05:00
Hazelnoot
15148b7875 fix activity duration calculation
* Ensure that timing is recorded even if an exception is thrown.
* Round to the correct decimal place.
2025-02-16 19:25:04 -05:00
Hazelnoot
871c63b48b print warning when activity processing exceeds 10 seonds 2025-02-16 19:25:04 -05:00
Hazelnoot
e35e92beb9 log inbound activity duration 2025-02-16 19:25:04 -05:00
Hazelnoot
07cd01ec34 add missing constraint names to SkActivityLog and SkActivityContext 2025-02-16 19:25:04 -05:00
Hazelnoot
561f46b8d4 add logging for ActivityLogCleanupService 2025-02-16 19:25:04 -05:00
Hazelnoot
b65b4ecadc add inbound activity logger for debugging 2025-02-16 19:25:02 -05:00
Hazelnoot
ec0b2933e6 add admin/cw-user to new endpoints list 2025-02-16 19:22:55 -05:00
Hazelnoot
e60fe879d6 document "special character" as zero-width space in activitypub unit tests 2025-02-16 19:20:42 -05:00
Hazelnoot
86b26fb58e adjust types to avoid merge conflicts in NoteCreateService.ts and NoteEditService.ts 2025-02-16 19:20:42 -05:00
Hazelnoot
5c86929b58 fix type errors in NoteCreateService.ts 2025-02-16 19:20:42 -05:00
Hazelnoot
c54b6bf55d append mandatory CW in Update(Note) activities 2025-02-16 19:20:41 -05:00
Hazelnoot
583f55bc5a fix type error in WebhookTestService.ts 2025-02-16 19:20:41 -05:00
Hazelnoot
3d23cdc0e4 append mandatory CW in note previews 2025-02-16 19:20:41 -05:00