barkey

mirror of https://codeberg.org/yeentown/barkey.git synced 2025-10-25 10:44:51 +00:00

Author	SHA1	Message	Date
Hazelnoot	7cd181df71	improve type checks in POST /api/v1/apps endpoint	2025-05-08 11:23:20 -04:00
Hazelnoot	317f5602fe	temporary: add recursive error handler to MastodonApiServerService.ts	2025-05-08 11:23:20 -04:00
Hazelnoot	cd4fbc851b	improve compatibility with multipart/form-data mastodon API requests	2025-05-08 11:23:20 -04:00
Marie	239bfd3b62	add missing state ref: https://github.com/misskey-dev/misskey/issues/15992	2025-05-08 11:45:36 +02:00
Marie	a72610c8d6	merge: Reorder relay activities to avoid delivery race condition (resolves #989 ) (!986 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/986 Closes #989 Approved-by: dakkar <dakkar@thenautilus.net> Approved-by: Marie <github@yuugi.dev>	2025-05-08 09:17:07 +00:00
Marie	cfad5999b2	Fix polls not rendering properly in Schedule List	2025-05-08 01:26:56 +02:00
Hazelnoot	b66a486036	merge: Show all files for Drive Cleaner (!982 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/982 Closes #1033 Approved-by: dakkar <dakkar@thenautilus.net> Approved-by: Hazelnoot <acomputerdog@gmail.com>	2025-05-07 17:14:41 +00:00
Hazelnoot	c302a5c2d7	reorder relay activities to avoid delivery race condition	2025-05-07 12:40:01 -04:00
Marie	6b6dd372cb	up	2025-05-07 10:48:09 +02:00
Marie	da54742291	add boolean to ignore folderId sorting, show all files on drive cleaner	2025-05-07 09:06:50 +02:00
Hazelnoot	95cd19b049	Merge branch 'develop' into merge/2025-03-24	2025-05-06 11:20:46 -04:00
Marie	216ab3aea7	merge: remove http/https protocol in uri on masto api (!980 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/980 Closes #1046 Approved-by: Hazelnoot <acomputerdog@gmail.com> Approved-by: dakkar <dakkar@thenautilus.net>	2025-05-06 08:33:19 +00:00
Marie	893f964def	merge: check signatures with and without query - fix #1036 (!966 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/966 Closes #1036 Approved-by: Hazelnoot <acomputerdog@gmail.com> Approved-by: Marie <github@yuugi.dev>	2025-05-05 23:23:30 +00:00
Marie	cb3f5f598d	Update instance.ts	2025-05-05 17:33:27 +00:00
Marie	e2be44fb99	change regex to include a zero-length match	2025-05-05 13:03:39 +00:00
Marie	581cc2b513	remove http/https protocol	2025-05-05 13:00:31 +00:00
Hazelnoot	76597d1a4c	check role assignments in featured timeline	2025-05-04 08:55:57 -04:00
Hazelnoot	f6eb3148f3	use bucket rate limit for featured timeline	2025-05-04 08:55:26 -04:00
Hazelnoot	e87afe5804	fix more type errors because TS can't make up its mind	2025-05-03 22:21:38 -04:00
Hazelnoot	ff8b22ce60	apply optimized domain block pattern to silence and bubble checks	2025-05-03 21:54:25 -04:00
Hazelnoot	f4dafd709c	check suspended users/hosts in following feed	2025-05-03 21:43:53 -04:00
dakkar	3f611fe234	honour blocked hosts in global-timeline	2025-05-02 15:57:56 +01:00
dakkar	31d93c8052	nicer SQL checks for blocked hosts instead of passing a (possibly gigantic) array from JS, we get PostgreSQL to look at the value in the `meta` table directly tested the `federation/instances` endpoint, and the `QueryService` methods; I have not tested the charts	2025-05-02 15:57:56 +01:00
Hazelnoot	3199c309e2	make bubble timeline visibility checks match local timeline	2025-05-01 12:14:45 -04:00
Hazelnoot	8dce293dff	add setting to disable proxy account (resolves #766 )	2025-05-01 12:07:38 -04:00
dakkar	ec404fd3ce	remove leftover debug line	2025-04-30 20:30:52 +01:00
Hazelnoot	6e4e4fdc33	fix type errors in mastodon API	2025-04-30 11:13:46 -04:00
Hazelnoot	dc9106dfb3	remove outdated packages from megalodon	2025-04-29 16:07:56 -04:00
Hazelnoot	9c301fa5aa	Merge branch 'misskey-develop' into merge/2025-03-24 # Conflicts: # .github/workflows/api-misskey-js.yml # .github/workflows/changelog-check.yml # .github/workflows/check-misskey-js-autogen.yml # .github/workflows/get-api-diff.yml # .github/workflows/lint.yml # .github/workflows/locale.yml # .github/workflows/on-release-created.yml # .github/workflows/storybook.yml # .github/workflows/test-backend.yml # .github/workflows/test-federation.yml # .github/workflows/test-frontend.yml # .github/workflows/test-misskey-js.yml # .github/workflows/test-production.yml # .github/workflows/validate-api-json.yml # package.json # packages/backend/package.json # packages/backend/src/server/api/ApiCallService.ts # packages/backend/src/server/api/endpoints/drive/files/create.ts # packages/frontend-shared/js/url.ts # packages/frontend/package.json # packages/frontend/src/components/MkFileCaptionEditWindow.vue # packages/frontend/src/components/MkInfo.vue # packages/frontend/src/components/MkLink.vue # packages/frontend/src/components/MkNote.vue # packages/frontend/src/components/MkNotes.vue # packages/frontend/src/components/MkPageWindow.vue # packages/frontend/src/components/MkReactionsViewer.vue # packages/frontend/src/components/MkTimeline.vue # packages/frontend/src/components/MkUrlPreview.vue # packages/frontend/src/components/MkUserPopup.vue # packages/frontend/src/components/global/MkPageHeader.vue # packages/frontend/src/components/global/MkUrl.vue # packages/frontend/src/components/global/PageWithHeader.vue # packages/frontend/src/pages/about-misskey.vue # packages/frontend/src/pages/announcements.vue # packages/frontend/src/pages/antenna-timeline.vue # packages/frontend/src/pages/channel.vue # packages/frontend/src/pages/instance-info.vue # packages/frontend/src/pages/note.vue # packages/frontend/src/pages/page.vue # packages/frontend/src/pages/role.vue # packages/frontend/src/pages/tag.vue # packages/frontend/src/pages/timeline.vue # packages/frontend/src/pages/user-list-timeline.vue # packages/frontend/src/pages/user/followers.vue # packages/frontend/src/pages/user/following.vue # packages/frontend/src/pages/user/home.vue # packages/frontend/src/pages/user/index.vue # packages/frontend/src/ui/deck.vue # packages/misskey-js/generator/package.json # pnpm-lock.yaml # scripts/changelog-checker/package-lock.json # scripts/changelog-checker/package.json	2025-04-29 15:54:11 -04:00
syuilo	d6ae4c980b	feat(frontend): タイトルバーを表示できるように	2025-04-29 09:43:15 +09:00
Julia	d10fdfe973	Merge commit from fork * SP-2025-03.1 always wrap icon&thumbnail URLs if they're not HTTP URLs, the frontend won't be able to display them anyway (`<img src="mailto:…">` or '<div stile="background-image: url(nntp:…)">` aren't going to work!), so let's always run them through the media proxy, which will fail harder (fetching a `javascript:` URL won't do anything in the backend, might do something in the frontend) and will always protect the client's address in cases like `gemini:` where the browser could try to fetch * SP-2025-03.2 use object binding for more styles interpolating a random (remote-controlled!) string into a `style` attribute is a bad idea; using VueJS object binding, we should get proper quoting and therefore safe parse failures instead of CSS injections / XSS * SP-2025-03.3 slightly more robust "self" URL handling parse URLs instead of treating them as strings; this is still not perfect, but the `URL` class only handles full URLs, not relative ones, so there's so way to ask it "give me a URL object that represents this resource relative to this base URL" notice that passing very weird URLs to `MkUrl` and `MkUrlPreview` will break the frontend (in dev mode) because there's an untrapped `new URL(…)` that may explode; production builds seem to safely ignore the error, though --------- Co-authored-by: dakkar <dakkar@thenautilus.net>	2025-04-29 08:15:54 +09:00
おさむのひと	7e8cc4d7c0	fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896 ) * wip * ロールポリシーの値も参照するように * エンドポイントのテストを追加 * fix review * add spdx * fix CHANGELOG.md * fix test * regenerate * add log * Revert "add log" This reverts commit 4b2bf59a609b85ca0bfcc9b71438db782f11983d. * add log * fix * Revert "add log" This reverts commit c5a73d57da0f30ec5215e08a8b4d78785cce48d1.	2025-04-29 08:15:09 +09:00
dakkar	4981e5ba36	Merge branch 'develop' into merge/2025-03-24	2025-04-28 15:31:28 +01:00
zyoshoka	aaa31c9d64	fix(backend): correct response schema of chat endpoints (#15904 )	2025-04-28 18:58:08 +09:00
anatawa12	ec92bf47f1	Exclude blocked instance note from most timelines (#15792 ) * Exclude blocked instance note from most timelines * Exclude blocked instance note from FTT timelines * Exclude blocked instance note from featured * fix type	2025-04-28 07:21:00 +09:00
Julia Johannesen	ac905118cc	Merge branch 'stable' into merge-stable-into-develop	2025-04-27 16:19:44 -04:00
Julia Johannesen	35df3944c1	Update summaly	2025-04-27 13:31:27 -04:00
Julia Johannesen	0bb4e57b0c	Security fixes Co-Authored-By: dakkar <dakkar@thenautilus.net>	2025-04-27 13:05:09 -04:00
syuilo	9481b5a6e8	feat: アップロード可能な最大ファイルサイズをロールごとに設定可能に	2025-04-27 09:35:44 +09:00
Hazelnoot	a4dd19fdd4	merge upstream again	2025-04-24 14:23:45 -04:00
Hazelnoot	ac894986f9	Merge branch 'develop' into merge/2025-03-24 # Conflicts: # CONTRIBUTING.md # packages/backend/src/core/activitypub/models/ApPersonService.ts	2025-04-24 13:07:41 -04:00
dakkar	58c0ac6c89	check signatures with and without query - fix #1036 @Oneric explained: > Spec says query params must be included in the signature; Mastodon > being Mastodon used to always exclude it though and for > compatibility everyone followed this. At some point GtS decided to > follow spec instead which caused interop issues, but succeeded in > getting Mastodon (and others like *oma) to accept incoming requests > with (and also still without) query params though outgoing requests > remaing query-param-free. Some still only accept query-param-less > requests though and GtS uses a retry mechanism to resend any request > failing with 401 with an query-parama-less signature once. (Also > see: > https://docs.gotosocial.org/en/latest/federation/http_signatures/ ) > > So for incoming requests both versions need to be checked. For > outgoing requests, unless you want to jump through retry hoops like > GtS, omitting query-params is the safer bet for now (presumably this > will only change if Mastodon ever decides to send out requests > signed with query params)	2025-04-21 16:44:13 +01:00
piuvas	6df82f4eef	remove redundant sql query.	2025-04-20 23:21:50 -03:00
piuvas	46fa99fc28	requested changes to verifyFieldLinks Co-authored-by: dakkar <dakkar@thenautilus.net>	2025-04-20 12:34:00 -03:00
piuvas	6a77512737	refactor link verification.	2025-04-19 23:04:48 -03:00
syuilo	7b38806413	feat: Job queue inspector (#15856 ) * wip * wip * Update job-queue.vue * wip * wip * Update job-queue.vue * wip * Update job-queue.vue * wip * Update QueueService.ts * Update QueueService.ts * Update QueueService.ts * Update job-queue.vue * wip * wip * wip * Update job-queue.vue * wip * Update MkTl.vue * wip * Update index.vue * wip * wip * Update MkTl.vue * 🎨 * jobs search * wip * Update job-queue.vue * wip * wip * Update job-queue.vue * Update job-queue.vue * Update job-queue.vue * Update job-queue.vue * wip * Update job-queue.job.vue * wip * wip * wip * Update MkCode.vue * wip * Update job-queue.job.vue * wip * Update job-queue.job.vue * Update misskey-js.api.md * Update CHANGELOG.md * Update job-queue.job.vue	2025-04-19 14:00:38 +09:00
syuilo	eda2f587a3	enhance: コントロールパネルでジョブキューをクリアできるように	2025-04-16 16:47:03 +09:00
Marie	4f64803ef2	merge: make MOTD html unescaped. (requires discussion?) (!759 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/759 Approved-by: Hazelnoot <acomputerdog@gmail.com> Approved-by: Marie <github@yuugi.dev>	2025-04-15 07:45:51 +00:00
anatawa12	b2e3e65896	fix: use ftt for outbox (#15819 ) * fix: use ftt for outbox * chore: check for enableFanoutTimeline * lint: fix lint	2025-04-15 16:15:27 +09:00
anatawa12	d5fe6e36ae	fix: avatarId が null のときにも avatarUrl が non null 担ってることがある問題 (#15833 )	2025-04-15 16:10:17 +09:00

1 2 3 4 5 ...

1991 commits