Commit graph

454 commits

Author SHA1 Message Date
饺子w (Yumechi)
e5d117dc98
fix(backend): tighten an overly relaxed criteria and remove capability of matching multiple final URLs in URL authority checking (#15655)
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
2025-03-12 12:39:24 +00:00
かっこかり
22228b6756
enhance: OAuth2 (IndieAuth) でロゴが提供されている場合は表示するように (#15578)
* enhance: OAuthでロゴが提供されている場合は表示するように

* Update Changelog

* refactor

* fix

* fix test
2025-03-06 08:05:14 +00:00
Hazelnoot
910b83c531 filter url properties by mediaType 2025-03-02 11:06:32 -05:00
Hazelnoot
a568333ecd remove assertActivityMatchesUrls in favor of three-way same-authority checks 2025-03-02 11:06:29 -05:00
syuilo
616cccf251
enhance(backend): refine system account (#15530)
* wip

* wip

* wip

* Update SystemAccountService.ts

* Update 1740121393164-system-accounts.js

* Update DeleteAccountService.ts

* wip

* wip

* wip

* wip

* Update 1740121393164-system-accounts.js

* Update RepositoryModule.ts

* wip

* wip

* wip

* Update ApRendererService.ts

* wip

* wip

* Update SystemAccountService.ts

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* add print logs

* ログが長すぎて出てないかもしれない

* fix migration

* refactor

* fix fed-tests

* Update RelayService.ts

* merge

* Update user.test.ts

* chore: emit log

* fix: tweak sleep duration

* fix: exit 1

* fix: wait for misskey processes to become healthy

* fix: longer sleep for user deletion

* fix: make sleep longer again

* デッドロック解消の試み

https://github.com/misskey-dev/misskey/issues/15005

* Revert "デッドロック解消の試み"

This reverts commit 266141f66fb584371bbb56ef7eba04e14bcff94d.

* wip

* Update SystemAccountService.ts

---------

Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com>
Co-authored-by: zyoshoka <107108195+zyoshoka@users.noreply.github.com>
2025-03-02 20:06:20 +09:00
Hazelnoot
14a81b4f85 merge: Add "reject quotes" settings (!901)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/901

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-03-01 03:33:06 +00:00
鴇峰 朔華
39c487e1d1
fix(backend): ローカル判定でisUriLocalを使用していない箇所を修正 (#15069)
* fix(backend): ローカル判定でisUriLocalを使用していない箇所を修正

* fix(test backend): RelayServiceでUtilityServiceを使う
2025-02-26 01:28:53 +00:00
かっこかり
b5799351d0
fix(backend): clips/updateのdescriptionで空文字を許容するように (#15429)
* fix(backend): clips/updateのdescriptionで空文字を許容するように

* Update Changelog

* fix: createの際も空文字を許容するように

* fix test

* fix test

---------

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2025-02-26 01:27:38 +00:00
Hazelnoot
f039a7a37b use padEnd to shorten long line in activitypub.ts 2025-02-25 11:44:16 -05:00
Hazelnoot
6cb04dbaac trim padded Actor keys to avoid value too long error 2025-02-25 11:41:44 -05:00
おさむのひと
426940bea7
2025.2.1-beta.0のlintがコケているのを修正 (#15546) 2025-02-23 21:21:58 +09:00
饺子w (Yumechi)
25052164c0
Merge commit from fork
* fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.

[GHSA-6w2c-vf6f-xf26](https://github.com/misskey-dev/misskey/security/advisories/GHSA-6w2c-vf6f-xf26)

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* Enhance: Add configuration option to disable all external redirects when responding to an ActivityPub lookup (config.disallowExternalApRedirect)

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* fixup! fix(backend): Fix an issue where the origin of ActivityPub lookup response was not validated correctly.

* docs & one edge case

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* apply suggestions

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* remove stale frontend reference to _responseInvalidIdHostNotMatch

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* apply suggestions

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

---------

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
2025-02-23 19:21:34 +09:00
Hazelnoot
bb0bc68927 cover more retryable errors for quote resolution 2025-02-20 09:58:22 -05:00
Hazelnoot
784290186f fix type errors in is-renote unit tests 2025-02-20 09:58:06 -05:00
Hazelnoot
b100249a34 fix type errors in NoteCreateService unit tests 2025-02-20 09:58:06 -05:00
dakkar
534c35cca2 merge: Add "force content warning" setting for user moderation (resolves #905) (!876)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/876

Closes #905

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-20 10:20:49 +00:00
dakkar
029f67b7e5 fix time zone for CustomEmojiService test
otherwise, the timestamps that the test uses for queries are
interpreted as UTC (because they have a TZ in the string), but the
truncated date is interpreted in the session timezone, which defaults
to the server timezone, which can be anything

thanks to @fEmber for noticing
2025-02-18 20:57:55 +00:00
Hazelnoot
dbaeb7f2ac fix unit tests using mock-resolver 2025-02-16 19:25:25 -05:00
Hazelnoot
e60fe879d6 document "special character" as zero-width space in activitypub unit tests 2025-02-16 19:20:42 -05:00
Hazelnoot
c54b6bf55d append mandatory CW in Update(Note) activities 2025-02-16 19:20:41 -05:00
Hazelnoot
6c2034a373 append default CW when rendering AP Note objects 2025-02-16 19:20:41 -05:00
Hazelnoot
563e32316f factor out common append-content-warning routine for use in both frontend and backend 2025-02-16 19:20:41 -05:00
syuilo
ffd8cf07e6
update deps (#15311)
* wip

* bump misskey-dev/eslint-plugin

* lint fixes (backend)

* lint fixes (frontend)

* lint fixes (frontend-embed)

* rollback nsfwjs to 4.2.0

ref: infinitered/nsfwjs#904

* rollback openapi-typescript to v6

v7でOpenAPIのバリデーションが入るようになった関係でスコープ外での変更が避けられないため一時的に戻した

* lint fixes (misskey-js)

* temporarily disable errored lint rule (frontend-shared)

* fix lint

* temporarily ignore errored file for lint (frontend-shared)

* rollback simplewebauthn/server to 12.0.0

v13 contains breaking changes that require some decision making

* lint fixes (frontend-shared)

* build misskey-js with types

* fix(backend): migrate simplewebauthn/server to v12

* fix(misskey-js/autogen): ignore indent rules to generate consistent output

* attempt to fix test

changes due to capricorn86/happy-dom#1617 (XMLSerializer now produces valid XML)

* attempt to fix test

changes due to capricorn86/happy-dom#1617 (XMLSerializer now produces valid XML)

* fix test

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: anatawa12 <anatawa12@icloud.com>

* bump summaly to v5.2.0

* update tabler-icons to v3.30.0-based

---------

Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Co-authored-by: anatawa12 <anatawa12@icloud.com>
2025-02-15 10:24:22 +09:00
Hazelnoot
7e1b4b259a Merge branch 'develop' into merge/2024-02-03
# Conflicts:
#	packages/backend/src/server/ActivityPubServerService.ts
#	pnpm-lock.yaml
2025-02-08 13:16:37 -05:00
Hazelnoot
50a3e55be4 merge: Rework rate limit factors and add caching (resolves #884) (!884)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/884

Closes #884

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
2025-02-08 15:05:01 +00:00
dakkar
d426e2a7ef fix our ruby/group hack 2025-02-07 18:22:45 +00:00
Hazelnoot
f36029f795 Merge branch 'develop' into merge/2024-02-03
# Conflicts:
#	locales/index.d.ts
#	packages/backend/src/core/entities/UserEntityService.ts
#	packages/frontend/src/_dev_boot_.ts
#	packages/misskey-js/src/autogen/types.ts
#	sharkey-locales/en-US.yml
2025-02-07 11:57:44 -05:00
Hazelnoot
f92fb3bb8c move SkRateLimiterService to correct directory 2025-02-05 11:20:26 -05:00
Hazelnoot
09669d72e7 lookup and cache rate limit factors directly within SkRateLimiterService 2025-02-05 11:20:25 -05:00
dakkar
1b5123d9a3 fix emoji test 2025-02-05 12:10:24 +00:00
dakkar
6489458751 fix captcha test 2025-02-05 12:00:58 +00:00
Hazelnoot
a4e86758c1 merge upstream 2025-02-03 2025-02-03 14:36:09 -05:00
おさむのひと
f9ad127aaf
feat: 新カスタム絵文字管理画面(β)の追加 (#13473)
* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* fix

* fix

* fix

* fix size

* fix register logs

* fix img autosize

* fix row selection

* support delete

* fix border rendering

* fix display:none

* tweak comments

* support choose pc file and drive file

* support directory drag-drop

* fix

* fix comment

* support context menu on data area

* fix autogen

* wip イベント整理

* イベントの整理

* refactor grid

* fix cell re-render bugs

* fix row remove

* fix comment

* fix validation

* fix utils

* list maximum

* add mimetype check

* fix

* fix number cell focus

* fix over 100 file drop

* remove log

* fix patchData

* fix performance

* fix

* support update and delete

* support remote import

* fix layout

* heightやめる

* fix performance

* add list v2 endpoint

* support pagination

* fix api call

* fix no clickable input text

* fix limit

* fix paging

* fix

* fix

* support search

* tweak logs

* tweak cell selection

* fix range select

* block delete

* add comment

* fix

* support import log

* fix dialog

* refactor

* add confirm dialog

* fix name

* fix autogen

* wip

* support image change and highlight row

* add columns

* wip

* support sort

* add role name

* add index to emoji

* refine context menu setting

* support role select

* remove unused buttons

* fix url

* fix MkRoleSelectDialog.vue

* add route

* refine remote page

* enter key search

* fix paste bugs

* fix copy/paste

* fix keyEvent

* fix copy/paste and delete

* fix comment

* fix MkRoleSelectDialog.vue and storybook scenario

* fix MkRoleSelectDialog.vue and storybook scenario

* add MkGrid.stories.impl.ts

* fix

* [wip] add custom-emojis-manager2.stories.impl.ts

* [wip] add custom-emojis-manager2.stories.impl.ts

* wip

* 課題はまだ残っているが、ひとまず完了

* fix validation and register roles

* fix upload

* optimize import

* patch from dev

* i18n

* revert excess fixes

* separate sort order component

* add SPDX

* revert excess fixes

* fix pre test

* fix bugs

* add type column

* fix types

* fix CHANGELOG.md

* fix lit

* lint

* tweak style

* refactor

* fix ci

* autogen

* Update types.ts

* CSS Module化

* fix log

* 縦スクロールを無効化

* MkStickyContainer化

* regenerate locales index.d.ts

* fix

* fix

* テスト

* ランダム値によるUI変更の抑制

* テスト

* tableタグやめる

* fix last-child css

* fix overflow css

* fix endpoint.ts

* tweak css

* 最新への追従とレイアウト微調整

* ソートキーの指定方法を他と合わせた

* fix focus

* fix layout

* v2エンドポイントのルールに対応

* 表示条件などを微調整

* fix MkDataCell.vue

* fix error code

* fix error

* add comment to MkModal.vue

* Update index.d.ts

* fix CHANGELOG.md

* fix color theme

* fix CHANGELOG.md

* fix CHANGELOG.md

* fix center

* fix: テーブルにフォーカスがあり、通常状態であるときはキーイベントの伝搬を止める

* fix: ロール選択用のダイアログにてコンディショナルロールを×ボタンで除外できなかったのを修正

* fix remote list folder

* sticky footers

* chore: fix ci error(just single line-break diff)

* fix loading

* fix like

* comma to space

* fix ci

* fix ci

* removed align-center

---------

Co-authored-by: osamu <46447427+sam-osamu@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com>
2025-01-20 11:35:37 +00:00
dakkar
408e2f824a format ruby for masto api 2025-01-19 11:16:00 +00:00
dakkar
01a5300be8 handle more complex ruby from/to html - fixes #605
this is not exactly great, but it should be "good enough"

note that the new `group` function should not escape in the wild, as
we don't document it and only use it internally

I tried using `$[scale foo bar]` instead of `$[group foo bar]`, but
that would be rendered as `<i>foo bar</i>` when sent over the network
to non-misskey instances, and we don't want that
2025-01-18 12:51:38 +00:00
おさむのひと
6396243973
fix: タイムアウトを起こすe2eテストの時間設定を延長 (#15283) 2025-01-15 19:48:37 +09:00
Hong Minhee (洪 民憙)
d018fe58aa
fix(backend): Let MfmService.fromHtml accept ruby (#15117)
This fix makes `MfmService.fromHtml()` method accept `<ruby>` tags
and translate it to MFM's ruby characters syntax (`$[ruby ...]`).

このパッチは`MfmService.fromHtml()`メソッドが`<ruby>`タグをMFMの
読み仮名(ルビ)文法に翻訳する様に修正します。
2025-01-14 13:06:39 +00:00
おさむのひと
d2e22f9050
refactor: SystemWebhook/UserWebhookの配信処理呼び出し部分の改善 (#15035)
* UserWebhook側の対処

* SystemWebhook側の対処

* fix test
2025-01-14 11:14:02 +00:00
おさむのひと
64501c69a1
feat(frontend): Botプロテクションの設定変更時は実際に検証を通過しないと保存できないようにする (#15151)
* feat(frontend): CAPTCHAの設定変更時は実際に検証を通過しないと保存できないようにする

* なしでも保存できるようにした

* fix CHANGELOG.md

* フォームが増殖するのを修正

* add comment

* add server-side verify

* fix ci

* fix

* fix

* fix i18n

* add current.ts

* fix text

* fix

* regenerate locales

* fix MkFormFooter.vue

---------

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2025-01-14 10:57:58 +00:00
dakkar
e2352839e4 merge: upstream changes for 2024.11 (!742)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/742

Closes #645 and #646

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev>
2024-12-15 17:27:12 +00:00
Hazelnoot
72d18602d8 fix SkRateLimiterService tests 2024-12-11 14:07:14 -05:00
Hazelnoot
0ea9d6ec5d use atomic variant of Leaky Bucket for safe concurrent rate limits 2024-12-11 09:10:11 -05:00
Hazelnoot
407b2423af fix redis transaction implementation 2024-12-10 19:01:35 -05:00
Hazelnoot
ead781900d enable rate limits for dev environment 2024-12-09 19:04:59 -05:00
Hazelnoot
9daafca155 fix rate limits under multi-node environments 2024-12-09 19:04:06 -05:00
dakkar
1837ccc618 Merge branch 'develop' into feature/2024.10 2024-12-09 09:43:55 +00:00
Hazelnoot
2946f85592 fix type errors from new rate limit definitions 2024-12-08 13:22:07 -05:00
Hazelnoot
fc4599ec07 fix rate limit scaling (it's no longer inverted) 2024-12-08 12:02:58 -05:00
Hazelnoot
91c9b67cb0 bypass rate limits when factor is 0 2024-12-08 11:58:57 -05:00
Hazelnoot
2bcac80092 use fraction seconds for rate limit headers 2024-12-08 11:56:26 -05:00