dakkar
6c13dc04f2
Merge branch 'develop' into feature/2024.10
2024-11-23 10:41:33 +00:00
Hazelnoot
2bbccde2ce
reduce inbox log spam when fetching blocked / unavailable notes
2024-11-22 09:16:03 -05:00
dakkar
585052646a
better wording for moderator inactivity messages
2024-11-22 10:49:16 +00:00
dakkar
d069d78c21
Merge branch 'develop' into feature/2024.10
2024-11-22 10:42:58 +00:00
Julia Johannesen
23c4aa2571
Fix style error
2024-11-20 20:24:59 -05:00
Laura Hausmann
ad8e8793c7
fix: primitives 5 & 8: reject activities with non-string identifiers
2024-11-20 19:17:24 -05:00
Julia
5f675201f2
Merge commit from fork
...
* enhance: Add a few validation fixes from Sharkey
See the original MR on the GitLab instance:
https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/484
Co-Authored-By: Dakkar <dakkar@thenautilus.net>
* fix: primitive 2: acceptance of cross-origin alternate
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 3: validation of non-final url
* fix: primitive 4: missing same-origin identifier validation of collection-wrapped activities
* fix: primitives 5 & 8: reject activities with non
string identifiers
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 6: reject anonymous objects that were fetched by their id
* fix: primitives 9, 10 & 11: http signature validation
doesn't enforce required headers or specify auth header name
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 14: improper validation of outbox, followers, following & shared inbox collections
* fix: code style for primitive 14
* fix: primitive 15: improper same-origin validation for
note uri and url
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 16: improper same-origin validation for user uri and url
* fix: primitive 17: note same-origin identifier validation can be bypassed by wrapping the id in an array
* fix: code style for primitive 17
* fix: check attribution against actor in notes
While this isn't strictly required to fix the exploits at hand, this
mirrors the fix in `ApQuestionService` for GHSA-5h8r-gq97-xv69, as a
preemptive countermeasure.
* fix: primitive 18: `ap/get` bypasses access checks
One might argue that we could make this one actually preform access
checks against the returned activity object, but I feel like that's a
lot more work than just restricting it to administrators, since, to me
at least, it seems more like a debugging tool than anything else.
* fix: primitive 19 & 20: respect blocks and hide more
Ideally, the user property should also be hidden (as leaving it in leaks
information slightly), but given the schema of the note endpoint, I
don't think that would be possible without introducing some kind of
"ghost" user, who is attributed for posts by users who have you blocked.
* fix: primitives 21, 22, and 23: reuse resolver
This also increases the default `recursionLimit` for `Resolver`, as it
theoretically will go higher that it previously would and could possibly
fail on non-malicious collection activities.
* fix: primitives 25-33: proper local instance checks
* revert: fix: primitive 19 & 20
This reverts commit 465a9fe6591de90f78bd3d084e3c01e65dc3cf3c.
---------
Co-authored-by: Dakkar <dakkar@thenautilus.net>
Co-authored-by: Laura Hausmann <laura@hausmann.dev>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-11-21 08:20:09 +09:00
dakkar
f079edaf3c
Merge tag '2024.10.1' into feature/2024.10
2024-11-08 15:52:37 +00:00
Hazelnoot
27b502fab5
normalize re-fetch logic between InboxProcessorService and ActivityPubServerService
2024-10-26 10:40:15 -04:00
Hazelnoot
5eb9a263e2
fix public key re-fetch logic
2024-10-26 10:40:15 -04:00
おさむのひと
33b34ad7b8
feat: 運営のアクティビティが一定期間ない場合は通知+招待制に移行した際に通知 ( #14757 )
...
* feat: 運営のアクティビティが一定期間ない場合は通知+招待制に移行した際に通知
* fix misskey-js.api.md
* Revert "feat: 運営のアクティビティが一定期間ない場合は通知+招待制に移行した際に通知"
This reverts commit 3ab953bdf87f28411a1a10bce787a23d238cda80.
* 通知をやめてユーザ単位でのお知らせ機能に変更
* テスト用実装を戻す
* Update packages/backend/src/queue/processors/CheckModeratorsActivityProcessorService.ts
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* fix remove empty then
---------
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-10-13 20:32:12 +09:00
syuilo
ff47fef572
feat: リモートサーバーのサーバー情報を収集しないオプション ( #14634 )
...
* wip
* wip
* Update FetchInstanceMetadataService.ts
* Update FetchInstanceMetadataService.ts
* Update types.ts
2024-10-13 20:22:16 +09:00
かっこかり
2f09d69773
fix(backend): キューのエラーログを簡略化するように ( #14748 )
...
* reduce federation log spam
* Don't record stack trace for unrecoverable errors.
* Avoid logging duplicate stace traces.
(cherry picked from commit ed0570110b20dd66f73583869e1c47786702e076b4d10aa8f8f62cd8941cd8e1e4890dd867c2089b5171ba7113a5316c06ed
2024-10-11 21:29:03 +09:00
おさむのひと
a2cd6a7709
feat(backend): 7日間運営のアクティビティがないサーバを自動的に招待制にする ( #14746 )
...
* feat(backend): 7日間運営のアクティビティがないサーバを自動的に招待制にする
* fix RoleService.
* fix
* fix
* fix
* add test and fix
* fix
* fix CHANGELOG.md
* fix test
2024-10-11 20:59:36 +09:00
dakkar
02d36c4518
Merge branch 'develop' into feature/2024.9.0
2024-10-11 10:10:16 +01:00
dakkar
f00576bce6
Merge remote-tracking branch 'misskey/master' into feature/2024.9.0
2024-10-09 15:17:22 +01:00
Hazel K
a5316c06ed
don't log job name unless it has one
2024-10-08 11:01:24 -04:00
Hazel K
5171ba7113
collapse AbortErrors
2024-10-08 10:43:58 -04:00
Hazel K
d867c2089b
further condense error details
2024-10-08 10:43:51 -04:00
Hazel K
d8e1e4890d
normalize ID logging
2024-10-08 10:33:48 -04:00
Hazel K
f62cd8941c
condense error info
2024-10-08 10:33:34 -04:00
Hazel K
b4d10aa8f8
fix maxAttempts calculation
2024-10-08 10:29:03 -04:00
Hazel K
786702e076
condense job info
2024-10-08 10:27:55 -04:00
Hazel K
83869e1c47
fix lint errors
2024-10-08 10:14:33 -04:00
Hazel K
20dd66f735
improve error summaries
2024-10-08 10:14:26 -04:00
Hazel K
ed0570110b
reduce federation log spam
...
* Don't record stack trace for unrecoverable errors.
* Avoid logging duplicate stace traces.
2024-10-08 09:30:08 -04:00
かっこかり
9d026975bc
fix(backend/test): #14558 以降e2eテストがたまに失敗する問題を修正 ( #14709 )
...
* fix(backend/test): MisskeyIO#727 以降e2eテストがたまに失敗する問題を修正 (MisskeyIO#735)
* ✌️
---------
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
2024-10-05 16:20:44 +09:00
syuilo
f0d0cd2e50
wip ( #14643 )
2024-09-28 18:15:32 +09:00
かっこかり
d8a2eeb7ed
feat: エクスポート完了時に通知を発行するように ( #14484 )
...
* feat: エクスポート完了時に通知を発行するように
* Update Changelog
* entitity -> entity
* fix: ペイロードを含むように
* fix icon
* exportableEntities -> userExportableEntities
2024-09-26 14:15:03 +09:00
KOBA789
7134d24c1f
perf(backend): Defer instance metadata update ( #14558 )
...
* Defer instance metadata update
* Fix last new line
* Fix typo
* Add license notice
* Fix syntax
* Perform deferred jobs on shutdown
* Fix missing async/await
* Fix typo :)
* Update collapsed-queue.ts
---------
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-09-26 10:25:20 +09:00
Aleteoryx
689848943b
Fix: Continue importing from file if single emoji import fails ( #14461 )
...
* Fix: Continue importing from file if single emoji import fails
* Fix indentation
---------
Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-09-24 09:50:00 +09:00
syuilo
023fa30280
refactor/perf(backend): provide metadata statically ( #14601 )
...
* wip
* Update ReactionService.ts
* Update ApiCallService.ts
* Update timeline.ts
* Update GlobalModule.ts
* Update GlobalModule.ts
* Update NoteEntityService.ts
* wip
* wip
* wip
* Update ApPersonService.ts
* wip
* Update GlobalModule.ts
* Update mock-resolver.ts
* Update RoleService.ts
* Update activitypub.ts
* Update activitypub.ts
* Update activitypub.ts
* Update activitypub.ts
* Update activitypub.ts
* clean up
* Update utils.ts
* Update UtilityService.ts
* Revert "Update utils.ts"
This reverts commit a27d4be764b78c1b5a9eac685e261fee49331d89.
* Revert "Update UtilityService.ts"
This reverts commit e5fd9e004c482cf099252201c0c1aa888e001430.
* vuwa-
* Revert "vuwa-"
This reverts commit 0c3bd12472b4b9938cdff2d6f131e6800bc3724c.
* Update entry.ts
* Update entry.ts
* Update entry.ts
* Update entry.ts
* Update jest.setup.ts
2024-09-22 12:53:13 +09:00
syuilo
0b062f1407
Misskey® Reactions Buffering Technology™ ( #14579 )
...
* wip
* wip
* Update ReactionsBufferingService.ts
* Update ReactionsBufferingService.ts
* wip
* wip
* wip
* Update ReactionsBufferingService.ts
* wip
* wip
* wip
* Update NoteEntityService.ts
* wip
* wip
* wip
* wip
* Update CHANGELOG.md
2024-09-20 21:03:53 +09:00
Hazel K
9ce44b24b8
fix(backend): memory leak in memory caches ( #14363 )
...
* encapsulate `MemoryKVCache<T>`
* remove infinity caches
* encapsulate other caches
* add missing awaits to internally synchronize caches
* implement pull-through caching
* tune cache lifetimes
* optimize cache GC by stopping early
* summarize changes in CHANGELOG.md
* Fix timeout comments
Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
* add comments about awaiting the redis write
---------
Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
2024-08-18 13:34:01 +09:00
dakkar
94dceb9e15
Merge branch 'develop' into feature/misskey-2024.07
2024-08-06 17:51:51 +01:00
Hazel K
9930c64f2d
Fix timeout comments
...
Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
2024-08-06 12:13:17 -04:00
Hazel K
672f1ea684
tune cache lifetimes
2024-08-03 14:49:06 -04:00
dakkar
cfa9b852df
Merge remote-tracking branch 'misskey/master' into feature/misskey-2024.07
2024-08-02 12:25:58 +01:00
zyoshoka
fc71bcc98e
fix(backend): avoid notifying to remote users on local ( #13774 )
...
* fix(backend): avoid notifying to remote users on local
* Update CHANGELOG.md
* refactor: check before calling method
---------
Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-07-25 16:32:07 +09:00
syuilo
337b42bcb1
revert 5f88d56d96
...
バグがある(かつすぐに修正できそうにない) & まだレビュー途中で意図せずマージされたため
2024-07-20 21:33:20 +09:00
tamaina
5f88d56d96
perf(federation): Ed25519署名に対応する ( #13464 )
...
* 1. ed25519キーペアを発行・Personとして公開鍵を送受信
* validate additionalPublicKeys
* getAuthUserFromApIdはmainを選ぶ
* ✌️
* fix
* signatureAlgorithm
* set publicKeyCache lifetime
* refresh
* httpMessageSignatureAcceptable
* ED25519_SIGNED_ALGORITHM
* ED25519_PUBLIC_KEY_SIGNATURE_ALGORITHM
* remove sign additionalPublicKeys signature requirements
* httpMessageSignaturesSupported
* httpMessageSignaturesImplementationLevel
* httpMessageSignaturesImplementationLevel: '01'
* perf(federation): Use hint for getAuthUserFromApId (#13470 )
* Hint for getAuthUserFromApId
* とどのつまりこれでいいのか?
* use @misskey-dev/node-http-message-signatures
* fix
* signedPost, signedGet
* ap-request.tsを復活させる
* remove digest prerender
* fix test?
* fix test
* add httpMessageSignaturesImplementationLevel to FederationInstance
* ManyToOne
* fetchPersonWithRenewal
* exactKey
* ✌️
* use const
* use gen-key-pair fn. from '@misskey-dev/node-http-message-signatures'
* update node-http-message-signatures
* fix
* @misskey-dev/node-http-message-signatures@0.0.0-alpha.11
* getAuthUserFromApIdでupdatePersonの頻度を増やす
* cacheRaw.date
* use requiredInputs
https://github.com/misskey-dev/misskey/pull/13464#discussion_r1509964359
* update @misskey-dev/node-http-message-signatures
* clean up
* err msg
* fix(backend): fetchInstanceMetadataのLockが永遠に解除されない問題を修正
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
* fix httpMessageSignaturesImplementationLevel validation
* fix test
* fix
* comment
* comment
* improve test
* fix
* use Promise.all in genRSAAndEd25519KeyPair
* refreshAndprepareEd25519KeyPair
* refreshAndfindKey
* commetn
* refactor public keys add
* digestプリレンダを復活させる
RFC実装時にどうするか考える
* fix, async
* fix
* !== true
* use save
* Deliver update person when new key generated (not tested)
https://github.com/misskey-dev/misskey/pull/13464#issuecomment-1977049061
* 循環参照で落ちるのを解消?
* fix?
* Revert "fix?"
This reverts commit 0082f6f8e8c5d5febd14933ba9a1ac643f70ca92.
* a
* logger
* log
* change logger
* 秘密鍵の変更は、フラグではなく鍵を引き回すようにする
* addAllKnowingSharedInboxRecipe
* nanka meccha kaeta
* delivre
* キャッシュ有効チェックはロック取得前に行う
* @misskey-dev/node-http-message-signatures@0.0.3
* PrivateKeyPem
* getLocalUserPrivateKey
* fix test
* if
* fix ap-request
* update node-http-message-signatures
* fix type error
* update package
* fix type
* update package
* retry no key
* @misskey-dev/node-http-message-signatures@0.0.8
* fix type error
* log keyid
* logger
* db-resolver
* JSON.stringify
* HTTP Signatureがなかったり使えなかったりしそうな場合にLD Signatureを活用するように
* inbox-delayed use actor if no signature
* ユーザーとキーの同一性チェックはhostの一致にする
* log signature parse err
* save array
* とりあえずtryで囲っておく
* fetchPersonWithRenewalでエラーが起きたら古いデータを返す
* use transactionalEntityManager
* fix spdx
* @misskey-dev/node-http-message-signatures@0.0.10
* add comment
* fix
* publicKeyに配列が入ってもいいようにする
https://github.com/misskey-dev/misskey/pull/13950
* define additionalPublicKeys
* fix
* merge fix
* refreshAndprepareEd25519KeyPair → refreshAndPrepareEd25519KeyPair
* remove gen-key-pair.ts
* defaultMaxListeners = 512
* Revert "defaultMaxListeners = 512"
This reverts commit f2c412c18057a9300540794ccbe4dfbf6d259ed6.
* genRSAAndEd25519KeyPairではキーを直列に生成する?
* maxConcurrency: 8
* maxConcurrency: 16
* maxConcurrency: 8
* Revert "genRSAAndEd25519KeyPairではキーを直列に生成する?"
This reverts commit d0aada55c1ed5aa98f18731ec82f3ac5eb5a6c16.
* maxWorkers: '90%'
* Revert "maxWorkers: '90%'"
This reverts commit 9e0a93f110456320d6485a871f014f7cdab29b33.
* e2e/timelines.tsで個々のテストに対するtimeoutを削除, maxConcurrency: 32
* better error handling of this.userPublickeysRepository.delete
* better comment
* set result to keypairEntityCache
* deliverJobConcurrency: 16, deliverJobPerSec: 1024, inboxJobConcurrency: 4
* inboxJobPerSec: 64
* delete request.headers['host'];
* fix
* // node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
* move delete host
* modify comment
* modify comment
* fix correct → collect
* refreshAndfindKey → refreshAndFindKey
* modify comment
* modify attachLdSignature
* getApId, InboxProcessorService
* TODO
* [skip ci] add CHANGELOG
---------
Co-authored-by: MeiMei <30769358+mei23@users.noreply.github.com>
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
2024-07-18 01:28:17 +09:00
anatawa12
0e5a52c678
fix: notRespondingSinceが実装される前に不通になったインスタンスが自動的に配信停止にならない ( #14059 )
...
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-06-23 10:59:43 +01:00
anatawa12
1e78ef1cb8
fix: notRespondingSinceが実装される前に不通になったインスタンスが自動的に配信停止にならない ( #14059 )
...
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-06-22 12:44:01 +09:00
dakkar
b525c5887f
add copyright text to all our files
2024-06-15 11:36:55 +01:00
dakkar
5dc8c2827c
Merge branch 'develop' into future-2024-05-31
2024-06-08 16:45:53 +01:00
おさむのひと
61fae45390
feat: 通報を受けた際にメールまたはWebhookで通知を送出出来るようにする ( #13758 )
...
* feat: 通報を受けた際にメールまたはWebhookで通知を送出出来るようにする
* モデログに対応&エンドポイントを単一オブジェクトでのサポートに変更(API経由で大量に作るシチュエーションもないと思うので)
* fix spdx
* fix migration
* fix migration
* fix models
* add e2e webhook
* tweak
* fix modlog
* fix bugs
* add tests and fix bugs
* add tests and fix bugs
* add tests
* fix path
* regenerate locale
* 混入除去
* 混入除去
* add abuseReportResolved
* fix pnpm-lock.yaml
* add abuseReportResolved test
* fix bugs
* fix ui
* add tests
* fix CHANGELOG.md
* add tests
* add RoleService.getModeratorIds tests
* WebhookServiceをUserとSystemに分割
* fix CHANGELOG.md
* fix test
* insertOneを使う用に
* fix
* regenerate locales
* revert version
* separate webhook job queue
* fix
* 🎨
* Update QueueProcessorService.ts
---------
Co-authored-by: osamu <46447427+sam-osamu@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-06-08 15:34:19 +09:00
syuilo
8592716139
enhance(backend): improve sentry integration
2024-06-07 13:15:37 +09:00
syuilo
8f833d742f
enhance(backend): improve sentry integration
2024-06-06 11:51:31 +09:00
syuilo
a697a7f97b
enhance(backend): improve sentry integration
2024-06-06 11:38:34 +09:00
syuilo
ab69e113f4
enhance(backend): improve sentry integration
2024-06-06 11:20:54 +09:00
