barkey

mirror of https://codeberg.org/yeentown/barkey.git synced 2025-10-26 11:07:48 +00:00

Author	SHA1	Message	Date
dakkar	3f611fe234	honour blocked hosts in global-timeline	2025-05-02 15:57:56 +01:00
dakkar	31d93c8052	nicer SQL checks for blocked hosts instead of passing a (possibly gigantic) array from JS, we get PostgreSQL to look at the value in the `meta` table directly tested the `federation/instances` endpoint, and the `QueryService` methods; I have not tested the charts	2025-05-02 15:57:56 +01:00
Hazelnoot	3199c309e2	make bubble timeline visibility checks match local timeline	2025-05-01 12:14:45 -04:00
Hazelnoot	8dce293dff	add setting to disable proxy account (resolves #766 )	2025-05-01 12:07:38 -04:00
dakkar	ec404fd3ce	remove leftover debug line	2025-04-30 20:30:52 +01:00
Hazelnoot	6e4e4fdc33	fix type errors in mastodon API	2025-04-30 11:13:46 -04:00
Hazelnoot	dc9106dfb3	remove outdated packages from megalodon	2025-04-29 16:07:56 -04:00
Hazelnoot	9c301fa5aa	Merge branch 'misskey-develop' into merge/2025-03-24 # Conflicts: # .github/workflows/api-misskey-js.yml # .github/workflows/changelog-check.yml # .github/workflows/check-misskey-js-autogen.yml # .github/workflows/get-api-diff.yml # .github/workflows/lint.yml # .github/workflows/locale.yml # .github/workflows/on-release-created.yml # .github/workflows/storybook.yml # .github/workflows/test-backend.yml # .github/workflows/test-federation.yml # .github/workflows/test-frontend.yml # .github/workflows/test-misskey-js.yml # .github/workflows/test-production.yml # .github/workflows/validate-api-json.yml # package.json # packages/backend/package.json # packages/backend/src/server/api/ApiCallService.ts # packages/backend/src/server/api/endpoints/drive/files/create.ts # packages/frontend-shared/js/url.ts # packages/frontend/package.json # packages/frontend/src/components/MkFileCaptionEditWindow.vue # packages/frontend/src/components/MkInfo.vue # packages/frontend/src/components/MkLink.vue # packages/frontend/src/components/MkNote.vue # packages/frontend/src/components/MkNotes.vue # packages/frontend/src/components/MkPageWindow.vue # packages/frontend/src/components/MkReactionsViewer.vue # packages/frontend/src/components/MkTimeline.vue # packages/frontend/src/components/MkUrlPreview.vue # packages/frontend/src/components/MkUserPopup.vue # packages/frontend/src/components/global/MkPageHeader.vue # packages/frontend/src/components/global/MkUrl.vue # packages/frontend/src/components/global/PageWithHeader.vue # packages/frontend/src/pages/about-misskey.vue # packages/frontend/src/pages/announcements.vue # packages/frontend/src/pages/antenna-timeline.vue # packages/frontend/src/pages/channel.vue # packages/frontend/src/pages/instance-info.vue # packages/frontend/src/pages/note.vue # packages/frontend/src/pages/page.vue # packages/frontend/src/pages/role.vue # packages/frontend/src/pages/tag.vue # packages/frontend/src/pages/timeline.vue # packages/frontend/src/pages/user-list-timeline.vue # packages/frontend/src/pages/user/followers.vue # packages/frontend/src/pages/user/following.vue # packages/frontend/src/pages/user/home.vue # packages/frontend/src/pages/user/index.vue # packages/frontend/src/ui/deck.vue # packages/misskey-js/generator/package.json # pnpm-lock.yaml # scripts/changelog-checker/package-lock.json # scripts/changelog-checker/package.json	2025-04-29 15:54:11 -04:00
syuilo	d6ae4c980b	feat(frontend): タイトルバーを表示できるように	2025-04-29 09:43:15 +09:00
Julia	d10fdfe973	Merge commit from fork * SP-2025-03.1 always wrap icon&thumbnail URLs if they're not HTTP URLs, the frontend won't be able to display them anyway (`<img src="mailto:…">` or '<div stile="background-image: url(nntp:…)">` aren't going to work!), so let's always run them through the media proxy, which will fail harder (fetching a `javascript:` URL won't do anything in the backend, might do something in the frontend) and will always protect the client's address in cases like `gemini:` where the browser could try to fetch * SP-2025-03.2 use object binding for more styles interpolating a random (remote-controlled!) string into a `style` attribute is a bad idea; using VueJS object binding, we should get proper quoting and therefore safe parse failures instead of CSS injections / XSS * SP-2025-03.3 slightly more robust "self" URL handling parse URLs instead of treating them as strings; this is still not perfect, but the `URL` class only handles full URLs, not relative ones, so there's so way to ask it "give me a URL object that represents this resource relative to this base URL" notice that passing very weird URLs to `MkUrl` and `MkUrlPreview` will break the frontend (in dev mode) because there's an untrapped `new URL(…)` that may explode; production builds seem to safely ignore the error, though --------- Co-authored-by: dakkar <dakkar@thenautilus.net>	2025-04-29 08:15:54 +09:00
おさむのひと	7e8cc4d7c0	fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896 ) * wip * ロールポリシーの値も参照するように * エンドポイントのテストを追加 * fix review * add spdx * fix CHANGELOG.md * fix test * regenerate * add log * Revert "add log" This reverts commit 4b2bf59a609b85ca0bfcc9b71438db782f11983d. * add log * fix * Revert "add log" This reverts commit c5a73d57da0f30ec5215e08a8b4d78785cce48d1.	2025-04-29 08:15:09 +09:00
dakkar	4981e5ba36	Merge branch 'develop' into merge/2025-03-24	2025-04-28 15:31:28 +01:00
zyoshoka	aaa31c9d64	fix(backend): correct response schema of chat endpoints (#15904 )	2025-04-28 18:58:08 +09:00
anatawa12	ec92bf47f1	Exclude blocked instance note from most timelines (#15792 ) * Exclude blocked instance note from most timelines * Exclude blocked instance note from FTT timelines * Exclude blocked instance note from featured * fix type	2025-04-28 07:21:00 +09:00
Julia Johannesen	ac905118cc	Merge branch 'stable' into merge-stable-into-develop	2025-04-27 16:19:44 -04:00
Julia Johannesen	35df3944c1	Update summaly	2025-04-27 13:31:27 -04:00
Julia Johannesen	0bb4e57b0c	Security fixes Co-Authored-By: dakkar <dakkar@thenautilus.net>	2025-04-27 13:05:09 -04:00
syuilo	9481b5a6e8	feat: アップロード可能な最大ファイルサイズをロールごとに設定可能に	2025-04-27 09:35:44 +09:00
Hazelnoot	a4dd19fdd4	merge upstream again	2025-04-24 14:23:45 -04:00
Hazelnoot	ac894986f9	Merge branch 'develop' into merge/2025-03-24 # Conflicts: # CONTRIBUTING.md # packages/backend/src/core/activitypub/models/ApPersonService.ts	2025-04-24 13:07:41 -04:00
dakkar	58c0ac6c89	check signatures with and without query - fix #1036 @Oneric explained: > Spec says query params must be included in the signature; Mastodon > being Mastodon used to always exclude it though and for > compatibility everyone followed this. At some point GtS decided to > follow spec instead which caused interop issues, but succeeded in > getting Mastodon (and others like *oma) to accept incoming requests > with (and also still without) query params though outgoing requests > remaing query-param-free. Some still only accept query-param-less > requests though and GtS uses a retry mechanism to resend any request > failing with 401 with an query-parama-less signature once. (Also > see: > https://docs.gotosocial.org/en/latest/federation/http_signatures/ ) > > So for incoming requests both versions need to be checked. For > outgoing requests, unless you want to jump through retry hoops like > GtS, omitting query-params is the safer bet for now (presumably this > will only change if Mastodon ever decides to send out requests > signed with query params)	2025-04-21 16:44:13 +01:00
piuvas	6df82f4eef	remove redundant sql query.	2025-04-20 23:21:50 -03:00
piuvas	46fa99fc28	requested changes to verifyFieldLinks Co-authored-by: dakkar <dakkar@thenautilus.net>	2025-04-20 12:34:00 -03:00
piuvas	6a77512737	refactor link verification.	2025-04-19 23:04:48 -03:00
syuilo	7b38806413	feat: Job queue inspector (#15856 ) * wip * wip * Update job-queue.vue * wip * wip * Update job-queue.vue * wip * Update job-queue.vue * wip * Update QueueService.ts * Update QueueService.ts * Update QueueService.ts * Update job-queue.vue * wip * wip * wip * Update job-queue.vue * wip * Update MkTl.vue * wip * Update index.vue * wip * wip * Update MkTl.vue * 🎨 * jobs search * wip * Update job-queue.vue * wip * wip * Update job-queue.vue * Update job-queue.vue * Update job-queue.vue * Update job-queue.vue * wip * Update job-queue.job.vue * wip * wip * wip * Update MkCode.vue * wip * Update job-queue.job.vue * wip * Update job-queue.job.vue * Update misskey-js.api.md * Update CHANGELOG.md * Update job-queue.job.vue	2025-04-19 14:00:38 +09:00
syuilo	eda2f587a3	enhance: コントロールパネルでジョブキューをクリアできるように	2025-04-16 16:47:03 +09:00
Marie	4f64803ef2	merge: make MOTD html unescaped. (requires discussion?) (!759 ) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/759 Approved-by: Hazelnoot <acomputerdog@gmail.com> Approved-by: Marie <github@yuugi.dev>	2025-04-15 07:45:51 +00:00
anatawa12	b2e3e65896	fix: use ftt for outbox (#15819 ) * fix: use ftt for outbox * chore: check for enableFanoutTimeline * lint: fix lint	2025-04-15 16:15:27 +09:00
anatawa12	d5fe6e36ae	fix: avatarId が null のときにも avatarUrl が non null 担ってることがある問題 (#15833 )	2025-04-15 16:10:17 +09:00
dakkar	d3baf735e6	allow `/` in `objectStoragePrefix`	2025-04-14 14:56:02 +01:00
Hazelnoot	d1682ee7cc	relax rate limit on /users endpoint	2025-04-13 19:56:43 -04:00
Hazelnoot	8957cd9f3e	Make NoteEdit entity match the database schema	2025-04-13 19:19:49 -04:00
Hazelnoot	91fb75dece	Merge branch 'develop' into merge/2025-03-24	2025-04-13 13:07:24 -04:00
Hazelnoot	7132696285	Merge tag '2025.4.0' into merge/2025-03-24 # Conflicts: # .github/workflows/storybook.yml # locales/index.d.ts # package.json # packages/backend/src/models/json-schema/role.ts # packages/frontend/src/components/MkPageWindow.vue # packages/frontend/src/pages/admin/roles.editor.vue # packages/frontend/src/pages/admin/roles.vue # packages/frontend/src/pages/settings/preferences.vue # packages/frontend/src/pages/settings/privacy.vue # packages/frontend/src/pages/timeline.vue # packages/frontend/src/pref-migrate.ts # packages/frontend/src/ui/_common_/common.vue # packages/frontend/src/ui/deck.vue # packages/frontend/src/ui/universal.vue # packages/misskey-js/src/autogen/types.ts	2025-04-13 13:07:09 -04:00
anatawa12	4c473eb76d	fix: resolve with non-lowercased acct is broken (#15813 ) * fix: resolve with non-lowercased acct is broken * docs(changelog): Fix: 大文字を含むユーザの URL で紹介された場合に 404 エラーを返す問題	2025-04-13 18:34:33 +09:00
Zlendy	ce26d8d3cb	feat: Allow injection of raw HTML strings inside <head>	2025-04-11 22:56:26 +02:00
syuilo	c500e4392a	hideNotesInSensitiveChannel -> excludeNotesInSensitiveChannel	2025-04-08 20:50:38 +09:00
かっこかり	9d3f3264fd	enhance: チャットの閲覧を無効化できるように (#15765 ) * enhance: チャットの閲覧を無効化できるように * fix * fix * fix * readonlyの説明を追加 * enhance: チャットが無効な場合はチャット関連の設定も隠すように * fix * refactor: ChatServiceからApiに関するドメイン知識を排除	2025-04-07 19:09:11 +09:00
syuilo	5b0f594f15	fix(backend): 非ログインでタイムラインのストリームに接続した際、表示にログイン必須のノートが流れる場合がある問題を修正	2025-04-07 16:39:03 +09:00
Hazelnoot	3eeb53ff63	Merge branch 'misskey-develop' into merge/2025-03-24 # Conflicts: # package.json # packages/backend/src/core/AccountMoveService.ts # packages/frontend/src/components/MkDateSeparatedList.vue # packages/misskey-js/etc/misskey-js.api.md # pnpm-lock.yaml	2025-04-03 22:06:37 -04:00
Hazelnoot	967f31daa7	refactor bubble-timeline.ts to match global-timeline.ts and local-timeline.ts	2025-04-03 22:02:32 -04:00
anatawa12	cab82452ec	Copy role on move (#15745 ) * feat(backend): copyOnMoveAccount * feat(endpoints): copyOnMoveAccount * feat(frontend): copyOnMoveAccount * docs(changelog): アカウントのマイグレーション時に古いアカウントからロールをコピーできるようになりました。 * fix: spdx header for migration * Update locales/ja-JP.yml * copyOnMoveAccount -> preserveAssignmentOnMoveAccount * fix: check for preserveAssignmentOnMoveAccount --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>	2025-04-03 19:22:49 +09:00
かっこかり	e07bb1dcbc	fix: チャット周りの修正 (#15741 ) * fix(misskey-js): チャットのChannel型定義を追加 * fix(backend); canChatで塞いでいない書き込み系のAPIを塞ぐ * fix(frontend): チャット周りのフロントエンド型修正 * lint fix * fix broken lockfile * fix * refactor * wip * wip * wip * clean up --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>	2025-04-03 15:28:10 +09:00
syuilo	455be80b4f	fix(backend): 非ログインでタイムラインのストリームに接続した際、表示にログイン必須のノートが流れる場合がある問題を修正	2025-04-03 11:32:55 +09:00
Hazelnoot	dab9b518e4	merge from misskey-develop	2025-04-02 22:29:14 -04:00
Hazelnoot	f9c1535147	fix backend lint errors	2025-04-02 10:35:11 -04:00
Nanashi.	98eadd7093	feat: アンテナでセンシティブなチャンネルからのノートを除外できるように (#15346 ) * feat(db): マイグレーションを追加 * feat(backend): カラムの定義を追加 * wip * feat: フラグを設定出来るように * feat: /notesエンドポイントを対応 * feat: websocketを対応 * test: テストを追加 * docs: CHANGELOGを更新 * docs: CHANGELOGの追加場所を修正 * chore: api.jsonを更新 * docs(CHANGELOG): General欄に移動 * docs: フォーマットを揃える * chore: クエリを削除 * revert: 英訳を消す * chore: note.channelを追加するところを変える * docs: CHANGELOGを更新する * docs(CHANGELOG): 2025.3.2に移動 * chore: changelogを下に移動 * ci: CI再実行用の空コミット --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>	2025-04-02 16:01:24 +09:00
anatawa12	55d835ad51	Fix: 通知のページネーションで２つ以上読み込めなくなることがある問題 (#15277 ) * fix: notifications-groupedのinclude/exclude typesに:groupedを指定できてしまう問題 * refactor: 通知の取得処理を Notification Service に移動 * feat: add function to parse additional part of id * fix: 通知のページネーションが正しく動かない問題 Redisにのページネーションで使用する時間及びidとRedis上のものが混同されていたので、Misskeyが生成するものに寄せました。 * pnpm run build-misskey-js-with-types * chore: XADDをretryするように * fix: notifications-groupedでxrevrangeしているのを消し忘れていた	2025-04-02 10:37:16 +09:00
Hazelnoot	6ac37b4d6c	lint and type fixes	2025-04-01 20:47:04 -04:00
Hazelnoot	d272d6f224	fix software name in boot.embed.js, boot.js, and error.js	2025-04-01 12:30:35 -04:00

... 3 4 5 6 7 ...

2170 commits