misty.cafe/mistykey
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
31185 commits 3 branches 0 tags 177 MiB
Commit graph

3985 commits

Author SHA1 Message Date
zyoshoka
3b676f39df
fix(backend): enumerate achievement types in some response schema (#15953) 
* fix(backend): enumerate achievement types in some response schema

* refactor: use `ref`
 2025-05-06 19:52:30 +09:00
Marie
216ab3aea7 merge: remove http/https protocol in uri on masto api (!980) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/980

Closes #1046

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
 2025-05-06 08:33:19 +00:00
Marie
893f964def merge: check signatures with and without query - fix #1036 (!966) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/966

Closes #1036

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev>
 2025-05-05 23:23:30 +00:00
Marie
142b3b552e update comment 2025-05-05 23:04:43 +00:00
Marie
621f2e2ee4
upd: add logger, check hostname, add catch 2025-05-06 01:02:27 +02:00
Marie
cb3f5f598d Update instance.ts 2025-05-05 17:33:27 +00:00
Marie
e2be44fb99 change regex to include a zero-length match 2025-05-05 13:03:39 +00:00
Marie
581cc2b513 remove http/https protocol 2025-05-05 13:00:31 +00:00
syuilo
f6158abb68 use sharp 0.33.5 
Fix #15920
 2025-05-05 18:23:25 +09:00
Hazelnoot
76597d1a4c check role assignments in featured timeline 2025-05-04 08:55:57 -04:00
Hazelnoot
f6eb3148f3 use bucket rate limit for featured timeline 2025-05-04 08:55:26 -04:00
renovate[bot]
c23f2ff900
chore(deps): update node.js to v22.15.0 (#15606) 
* chore(deps): update node.js to v22.15.0

* chore: determine Jest args from Node.js version

* fix

* fix: `import.meta.dirname` is not supported in v20.10.0

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: zyoshoka <107108195+zyoshoka@users.noreply.github.com>
 2025-05-04 19:00:36 +09:00
zyoshoka
a5fa9a2cef
chore(workflow): use node-version-file instead of hardcoded node-version (#15658) 
* chore(workflow): use `node-version-file` instead of hardcoded `node-version`

* chore: test min version
 2025-05-04 14:14:09 +09:00
Hazelnoot
e87afe5804 fix more type errors because TS can't make up its mind 2025-05-03 22:21:38 -04:00
Hazelnoot
ff8b22ce60 apply optimized domain block pattern to silence and bubble checks 2025-05-03 21:54:25 -04:00
Hazelnoot
f4dafd709c check suspended users/hosts in following feed 2025-05-03 21:43:53 -04:00
おさむのひと
8c0c503c6c
refactor: ファイルアップロード時のテストを追加 (#15928) 
* refactor: ファイルアップロード時のテストを追加

* なぜかsemverが消えてた
 2025-05-04 09:38:35 +09:00
おさむのひと
526057cc61
Revert "fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896)" (#15927) 
* Revert "fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896)"

This reverts commit 7e8cc4d7c0.

* fix CHANGELOG.md
 2025-05-03 16:23:06 +09:00
おさむのひと
c13aa0c224
fix(backend): チャンネルフォロー一覧のsinceId/untilIdによる絞り込みが上手く動いていないのを修正 (#13698) 
* fix(backend): チャンネルフォロー一覧のsinceId/untilIdによる絞り込みが上手く動いていないのを修正

* fix CHANGELOG.md

* docs(changelog): fix mistaken changelog insertion (restore newline)

* docs(changelog): update insertion position

---------

Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com>
 2025-05-03 15:40:57 +09:00
anatawa12
1af98b690b
feat: CREATE INDEX CONCURRENTLY for "userId" "id" composite note index if admin wish. (#15915) 
* chore: CREATE INDEX CONCURRENTLY for "userId" "id" composite note index

* chore: remove { concurrent: true } and comment why

* update comment

* feat: add MISSKEY_MIGRATION_CREATE_INDEX_CONCURRENTLY option

* fix: spdx license header

* alter comment

* chore: improve behavior when migration failure

* docs(changelog): 2025.4.1 で追加されたインデックスの再生成をノートの追加しながら行えるようになりました

* ちょっと表現を変更

---------

Co-authored-by: 饺子w (Yumechi) <35571479+eternal-flame-ad@users.noreply.github.com>
 2025-05-03 12:57:50 +09:00
dakkar
3f611fe234 honour blocked hosts in global-timeline 2025-05-02 15:57:56 +01:00
dakkar
31d93c8052 nicer SQL checks for blocked hosts 
instead of passing a (possibly gigantic) array from JS, we get
PostgreSQL to look at the value in the `meta` table directly

tested the `federation/instances` endpoint, and the `QueryService`
methods; I have not tested the charts
 2025-05-02 15:57:56 +01:00
Hazelnoot
54b5c930cb enforce maxFileSize for remote users 2025-05-02 08:37:42 -04:00
Hazelnoot
3199c309e2 make bubble timeline visibility checks match local timeline 2025-05-01 12:14:45 -04:00
Hazelnoot
8dce293dff add setting to disable proxy account (resolves #766) 2025-05-01 12:07:38 -04:00
anatawa12
795b8366b5
Block deliver by software (#15727) 
* feat(backend): suspend instance by software

* feat(frontend): suspend instance by software

* docs(chaangelog): 連合先のソフトウェア及びバージョン名により配信停止を行えるようになりました

* chore: 例で使うバージョン名を変える

* fix: broken lockfile

* fix: broken lock file

* fix broken lock file

* update changelog

* fix dependencies

* Update CHANGELOG.md

---------

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
 2025-05-01 17:58:34 +09:00
anatawa12
2fcb50273d
Exclude suspended users note from most timelines (#15775) 
* feat: exclude notes by suspended user from FTT timeline endpoint

* feat: exclude notes by suspended user from DB based timelines

* chore: fix types

* chore: fix types

* chore: fix non-reply / renote

* chore: fix non-reply / renote

* test: update test

* docs(changelog): 凍結されたユーザのノートが各種タイムラインで表示されないように

* Exclude suspended users note from featured

* fix: join user

* Update CHANGELOG.md

---------

Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
 2025-05-01 17:56:24 +09:00
dakkar
ec404fd3ce remove leftover debug line 2025-04-30 20:30:52 +01:00
Hazelnoot
d18885eefc fix type errors in e2e tests 2025-04-30 11:13:54 -04:00
Hazelnoot
6e4e4fdc33 fix type errors in mastodon API 2025-04-30 11:13:46 -04:00
Hazelnoot
4ea1b6aa4d fix type errors in SponsorsService.ts 2025-04-30 11:13:38 -04:00
Hazelnoot
dc087d4477 update @nestjs/platform-express to match other nestjs versions 2025-04-29 16:18:37 -04:00
Hazelnoot
25c96c1688 update broken SWC release (https://github.com/swc-project/swc/issues/10413) 2025-04-29 16:14:10 -04:00
Hazelnoot
dc9106dfb3 remove outdated packages from megalodon 2025-04-29 16:07:56 -04:00
Hazelnoot
9c301fa5aa Merge branch 'misskey-develop' into merge/2025-03-24 
# Conflicts:
#	.github/workflows/api-misskey-js.yml
#	.github/workflows/changelog-check.yml
#	.github/workflows/check-misskey-js-autogen.yml
#	.github/workflows/get-api-diff.yml
#	.github/workflows/lint.yml
#	.github/workflows/locale.yml
#	.github/workflows/on-release-created.yml
#	.github/workflows/storybook.yml
#	.github/workflows/test-backend.yml
#	.github/workflows/test-federation.yml
#	.github/workflows/test-frontend.yml
#	.github/workflows/test-misskey-js.yml
#	.github/workflows/test-production.yml
#	.github/workflows/validate-api-json.yml
#	package.json
#	packages/backend/package.json
#	packages/backend/src/server/api/ApiCallService.ts
#	packages/backend/src/server/api/endpoints/drive/files/create.ts
#	packages/frontend-shared/js/url.ts
#	packages/frontend/package.json
#	packages/frontend/src/components/MkFileCaptionEditWindow.vue
#	packages/frontend/src/components/MkInfo.vue
#	packages/frontend/src/components/MkLink.vue
#	packages/frontend/src/components/MkNote.vue
#	packages/frontend/src/components/MkNotes.vue
#	packages/frontend/src/components/MkPageWindow.vue
#	packages/frontend/src/components/MkReactionsViewer.vue
#	packages/frontend/src/components/MkTimeline.vue
#	packages/frontend/src/components/MkUrlPreview.vue
#	packages/frontend/src/components/MkUserPopup.vue
#	packages/frontend/src/components/global/MkPageHeader.vue
#	packages/frontend/src/components/global/MkUrl.vue
#	packages/frontend/src/components/global/PageWithHeader.vue
#	packages/frontend/src/pages/about-misskey.vue
#	packages/frontend/src/pages/announcements.vue
#	packages/frontend/src/pages/antenna-timeline.vue
#	packages/frontend/src/pages/channel.vue
#	packages/frontend/src/pages/instance-info.vue
#	packages/frontend/src/pages/note.vue
#	packages/frontend/src/pages/page.vue
#	packages/frontend/src/pages/role.vue
#	packages/frontend/src/pages/tag.vue
#	packages/frontend/src/pages/timeline.vue
#	packages/frontend/src/pages/user-list-timeline.vue
#	packages/frontend/src/pages/user/followers.vue
#	packages/frontend/src/pages/user/following.vue
#	packages/frontend/src/pages/user/home.vue
#	packages/frontend/src/pages/user/index.vue
#	packages/frontend/src/ui/deck.vue
#	packages/misskey-js/generator/package.json
#	pnpm-lock.yaml
#	scripts/changelog-checker/package-lock.json
#	scripts/changelog-checker/package.json
 2025-04-29 15:54:11 -04:00
syuilo
d6ae4c980b feat(frontend): タイトルバーを表示できるように 2025-04-29 09:43:15 +09:00
Julia
d10fdfe973
Merge commit from fork 
* SP-2025-03.1 always wrap icon&thumbnail URLs

if they're not HTTP URLs, the frontend won't be able to display them
anyway (`<img src="mailto:…">` or '<div stile="background-image:
url(nntp:…)">` aren't going to work!), so let's always run them through the
media proxy, which will fail harder (fetching a `javascript:` URL
won't do anything in the backend, might do something in the frontend)
and will always protect the client's address in cases like `gemini:`
where the browser could try to fetch

* SP-2025-03.2 use object binding for more styles

interpolating a random (remote-controlled!) string into a `style`
attribute is a bad idea; using VueJS object binding, we should get
proper quoting and therefore safe parse failures instead of CSS
injections / XSS

* SP-2025-03.3 slightly more robust "self" URL handling

parse URLs instead of treating them as strings; this is still not
perfect, but the `URL` class only handles full URLs, not relative
ones, so there's so way to ask it "give me a URL object that
represents this resource relative to this base URL"

notice that passing very weird URLs to `MkUrl` and `MkUrlPreview` will
break the frontend (in dev mode) because there's an untrapped `new
URL(…)` that may explode; production builds seem to safely ignore the
error, though

---------

Co-authored-by: dakkar <dakkar@thenautilus.net>
 2025-04-29 08:15:54 +09:00
おさむのひと
7e8cc4d7c0
fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896) 
* wip

* ロールポリシーの値も参照するように

* エンドポイントのテストを追加

* fix review

* add spdx

* fix CHANGELOG.md

* fix test

* regenerate

* add log

* Revert "add log"

This reverts commit 4b2bf59a609b85ca0bfcc9b71438db782f11983d.

* add log

* fix

* Revert "add log"

This reverts commit c5a73d57da0f30ec5215e08a8b4d78785cce48d1.
 2025-04-29 08:15:09 +09:00
dakkar
4981e5ba36 Merge branch 'develop' into merge/2025-03-24 2025-04-28 15:31:28 +01:00
zyoshoka
aaa31c9d64
fix(backend): correct response schema of chat endpoints (#15904) 2025-04-28 18:58:08 +09:00
かっこかり
b5268fa240
fix(test): fix federation test (#15900) 2025-04-28 11:24:26 +09:00
renovate[bot]
b94ff3590b
fix(deps): update [backend] update dependencies (#15811) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-28 09:29:52 +09:00
anatawa12
ec92bf47f1
Exclude blocked instance note from most timelines (#15792) 
* Exclude blocked instance note from most timelines

* Exclude blocked instance note from FTT timelines

* Exclude blocked instance note from featured

* fix type
 2025-04-28 07:21:00 +09:00
Julia Johannesen
ac905118cc
Merge branch 'stable' into merge-stable-into-develop 2025-04-27 16:19:44 -04:00
Julia Johannesen
35df3944c1
Update summaly 2025-04-27 13:31:27 -04:00
Julia Johannesen
0bb4e57b0c
Security fixes 
Co-Authored-By: dakkar <dakkar@thenautilus.net>
 2025-04-27 13:05:09 -04:00
syuilo
9481b5a6e8 feat: アップロード可能な最大ファイルサイズをロールごとに設定可能に 2025-04-27 09:35:44 +09:00
なっかあ
de073d6d69
Fix #15876 絵文字がアニメーションしない問題を修正 (#15881) 2025-04-27 09:16:41 +09:00
Hazelnoot
335603f073 fix null checks for background in UserEntityService.ts 2025-04-24 15:07:26 -04:00
Marie
e6888131b7 baseQueueOptions > baseWorkerOptions 2025-04-24 18:57:32 +00:00