饺子w (Yumechi) 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								25052164c0 
								
							 
						 
						
							
							
								
								Merge commit from fork  
							
							... 
							
							
							
							* fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.
[GHSA-6w2c-vf6f-xf26](https://github.com/misskey-dev/misskey/security/advisories/GHSA-6w2c-vf6f-xf26 )
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* Enhance: Add configuration option to disable all external redirects when responding to an ActivityPub lookup (config.disallowExternalApRedirect)
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* fixup! fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.
* docs & one edge case
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* apply suggestions
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* remove stale frontend reference to _responseInvalidIdHostNotMatch
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* apply suggestions
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---------
Signed-off-by: eternal-flame-AD <yume@yumechi.jp> 
							
						 
						
							2025-02-23 19:21:34 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								3642ea022b 
								
							 
						 
						
							
							
								
								disable inline note previews from users with quotes disabled  
							
							
							
						 
						
							2025-02-20 21:34:09 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								f39f47aade 
								
							 
						 
						
							
							
								
								include rejectQuotes on all packed User entities  
							
							
							
						 
						
							2025-02-20 21:12:12 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								bb0bc68927 
								
							 
						 
						
							
							
								
								cover more retryable errors for quote resolution  
							
							
							
						 
						
							2025-02-20 09:58:22 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								ca7d8b5bff 
								
							 
						 
						
							
							
								
								fix logging for quote errors  
							
							
							
						 
						
							2025-02-20 09:58:22 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								b9b339fd48 
								
							 
						 
						
							
							
								
								add admin/reject-quotes to new endpoints list  
							
							
							
						 
						
							2025-02-20 09:58:19 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								784290186f 
								
							 
						 
						
							
							
								
								fix type errors in is-renote unit tests  
							
							
							
						 
						
							2025-02-20 09:58:06 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								b100249a34 
								
							 
						 
						
							
							
								
								fix type errors in NoteCreateService unit tests  
							
							
							
						 
						
							2025-02-20 09:58:06 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								0e2e77e346 
								
							 
						 
						
							
							
								
								fix type errors in WebhookTestService.ts  
							
							
							
						 
						
							2025-02-20 09:58:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								292d3b9229 
								
							 
						 
						
							
							
								
								add "reject quotes" toggle at user and instance level  
							
							... 
							
							
							
							+ improve, cleanup, and de-duplicate quote resolution
+ add warning message when quote cannot be loaded
+ add "process error" framework to display warnings when a note cannot be correctly loaded from another instance 
							
						 
						
							2025-02-20 09:57:48 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								93ffd4611c 
								
							 
						 
						
							
							
								
								merge: TSVector based search provider ( !910 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/910 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-20 10:27:18 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								534c35cca2 
								
							 
						 
						
							
							
								
								merge: Add "force content warning" setting for user moderation ( resolves   #905 ) ( !876 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/876 
Closes  #905 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-20 10:20:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								285bbcb81f 
								
							 
						 
						
							
							
								
								fix linter...  
							
							
							
						 
						
							2025-02-19 16:46:59 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								691a9a6be2 
								
							 
						 
						
							
							
								
								Rename tsvector to sqlTsvector  
							
							
							
						 
						
							2025-02-19 16:34:48 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e6464906e6 
								
							 
						 
						
							
							
								
								change to sqlTsvector  
							
							
							
						 
						
							2025-02-19 16:32:11 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								b5208c2ad0 
								
							 
						 
						
							
							
								
								simplify tsvector implementation, remove cover density  
							
							
							
						 
						
							2025-02-19 16:26:02 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								4fde14d1cc 
								
							 
						 
						
							
							
								
								fix wrong column name  
							
							
							
						 
						
							2025-02-19 15:12:16 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									PrivateGER 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								d82c8e8e97 
								
							 
						 
						
							
							
								
								Implement tsvector search support  
							
							
							
						 
						
							2025-02-19 14:55:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								d67eefaaf5 
								
							 
						 
						
							
							
								
								merge: Add separate redis for rate limit ( !908 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/908 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-18 23:27:56 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								9e3667b2a3 
								
							 
						 
						
							
							
								
								fix names that annoy @dakkar  
							
							
							
						 
						
							2025-02-18 20:57:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								029f67b7e5 
								
							 
						 
						
							
							
								
								fix time zone for CustomEmojiService test  
							
							... 
							
							
							
							otherwise, the timestamps that the test uses for queries are
interpreted as UTC (because they have a TZ in the string), but the
truncated date is interpreted in the session timezone, which defaults
to the server timezone, which can be anything
thanks to @fEmber for noticing 
							
						 
						
							2025-02-18 20:57:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								c28b27b57f 
								
							 
						 
						
							
							
								
								merge: Optionally log remote ActivityPub objects to database ( !833 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/833 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-18 19:51:13 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								788751d24d 
								
							 
						 
						
							
							
								
								implement redisForRateLimit  
							
							
							
						 
						
							2025-02-18 10:36:29 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								3dfd018305 
								
							 
						 
						
							
							
								
								merge: Fix error message when a peertube object is rejected for bad ID / URL ( !900 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/900 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-17 19:47:36 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								0e01c94efc 
								
							 
						 
						
							
							
								
								merge: Increase rate limit on server-info to avoid errors and blank graphs ( !903 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/903 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-17 19:46:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								25da35eab2 
								
							 
						 
						
							
							
								
								merge: relax validation of Announce / renote timestamps ( resolves   #799 ) ( !905 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/905 
Closes  #799 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-02-17 19:46:11 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									syuilo 
								
							 
						 
						
							
							
							
							
								
							
							
								93e7aad44e 
								
							 
						 
						
							
							
								
								tweak error log  
							
							
							
						 
						
							2025-02-17 13:34:17 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								f183df3044 
								
							 
						 
						
							
							
								
								fix error message when a peertube object is reject for bad ID / URL  
							
							
							
						 
						
							2025-02-16 19:27:06 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								17ec2df3e1 
								
							 
						 
						
							
							
								
								increase rate limit on server-info to avoid errors and blank graphs  
							
							
							
						 
						
							2025-02-16 19:26:29 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								9de5ecae51 
								
							 
						 
						
							
							
								
								delete fetch logs when a note or user is deleted  
							
							
							
						 
						
							2025-02-16 19:25:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								dbaeb7f2ac 
								
							 
						 
						
							
							
								
								fix unit tests using mock-resolver  
							
							
							
						 
						
							2025-02-16 19:25:25 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								71be39ecc8 
								
							 
						 
						
							
							
								
								add missing await in ApLogCleanupService  
							
							
							
						 
						
							2025-02-16 19:25:24 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								4858276465 
								
							 
						 
						
							
							
								
								don't log slow activities, as this is known to happen under regular circumstances  
							
							
							
						 
						
							2025-02-16 19:25:24 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								81944b3bdf 
								
							 
						 
						
							
							
								
								implement AP fetch logs  
							
							
							
						 
						
							2025-02-16 19:25:22 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								cc2edae7ab 
								
							 
						 
						
							
							
								
								rename activity_log and activity_context to ap_inbox_log and ap_context  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								0979392925 
								
							 
						 
						
							
							
								
								make activity_log.duration nullable  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								15148b7875 
								
							 
						 
						
							
							
								
								fix activity duration calculation  
							
							... 
							
							
							
							* Ensure that timing is recorded even if an exception is thrown.
* Round to the correct decimal place. 
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								871c63b48b 
								
							 
						 
						
							
							
								
								print warning when activity processing exceeds 10 seonds  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								e35e92beb9 
								
							 
						 
						
							
							
								
								log inbound activity duration  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								07cd01ec34 
								
							 
						 
						
							
							
								
								add missing constraint names to SkActivityLog and SkActivityContext  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								561f46b8d4 
								
							 
						 
						
							
							
								
								add logging for ActivityLogCleanupService  
							
							
							
						 
						
							2025-02-16 19:25:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								b65b4ecadc 
								
							 
						 
						
							
							
								
								add inbound activity logger for debugging  
							
							
							
						 
						
							2025-02-16 19:25:02 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								ec0b2933e6 
								
							 
						 
						
							
							
								
								add admin/cw-user to new endpoints list  
							
							
							
						 
						
							2025-02-16 19:22:55 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								e60fe879d6 
								
							 
						 
						
							
							
								
								document "special character" as zero-width space in activitypub unit tests  
							
							
							
						 
						
							2025-02-16 19:20:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								86b26fb58e 
								
							 
						 
						
							
							
								
								adjust types to avoid merge conflicts in NoteCreateService.ts and NoteEditService.ts  
							
							
							
						 
						
							2025-02-16 19:20:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								5c86929b58 
								
							 
						 
						
							
							
								
								fix type errors in NoteCreateService.ts  
							
							
							
						 
						
							2025-02-16 19:20:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								c54b6bf55d 
								
							 
						 
						
							
							
								
								append mandatory CW in Update(Note) activities  
							
							
							
						 
						
							2025-02-16 19:20:41 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								583f55bc5a 
								
							 
						 
						
							
							
								
								fix type error in WebhookTestService.ts  
							
							
							
						 
						
							2025-02-16 19:20:41 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								3d23cdc0e4 
								
							 
						 
						
							
							
								
								append mandatory CW in note previews  
							
							
							
						 
						
							2025-02-16 19:20:41 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								c5933f369e 
								
							 
						 
						
							
							
								
								move mandatoryCW from admin-user to PackedUserLite (public field)  
							
							
							
						 
						
							2025-02-16 19:20:41 -05:00