Hazelnoot
0c2e113e8e
update fast-xml-parser to patch security issue (DoS)
2024-10-15 22:03:42 -04:00
Hazelnoot
1a9f2f84b3
fix linting and type checks in all packages
2024-10-15 21:41:36 -04:00
dakkar
f00576bce6
Merge remote-tracking branch 'misskey/master' into feature/2024.9.0
2024-10-09 15:17:22 +01:00
zyoshoka
1184436461
fix(backend): update and re-enable Bull Dashboard ( #14648 )
2024-09-29 18:44:55 +09:00
syuilo
76408667f3
update deps ( #14594 )
...
* wip
* Update ClientServerService.ts
* eslint
* Update fetch-resource.ts
* wip
2024-09-22 12:32:01 +09:00
Esurio/1673beta
d4d15f338e
fix: EmailServiceでインラインスタイルを適用するように ( #14600 )
...
Co-authored-by: Esurio <esurio@esurio1673.net>
2024-09-21 18:18:52 +09:00
dakkar
7439230401
bump `happy-dom`
...
just because MisskeyIO uses this version
2024-09-20 08:30:24 +01:00
dakkar
e9e51fdc01
bump `glob`
...
latest version no longer uses `inflight`; other dependencies still use
an older `glob`, though…
2024-09-20 08:29:36 +01:00
dependabot[bot]
887c709647
chore(deps): bump body-parser from 1.20.2 to 1.20.3 in /packages/backend ( #14550 )
...
Bumps [body-parser](https://github.com/expressjs/body-parser ) from 1.20.2 to 1.20.3.
- [Release notes](https://github.com/expressjs/body-parser/releases )
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md )
- [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3 )
---
updated-dependencies:
- dependency-name: body-parser
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-15 20:54:26 +09:00
かっこかり
be0906a6c7
fix(backend): happy-domで外部HTMLをパースする際に関連リソースが読み込まれる問題を修正 ( #14521 )
...
* bump happy-dom, disable all JS&c when parsing
version 10 didn't quite support disabling all of that
I have tested that `MfmService` (the other code that uses `happy-dom`)
still works fine: the RSS feed for a user is generated correctly, with
HTML rendered from MFM
(cherry picked from commit 26e0412fbb
)
* Update Changelog
* lint
* fix possible memory leak
---------
Co-authored-by: dakkar <dakkar@thenautilus.net>
2024-09-15 12:30:27 +09:00
4censord
0a8cb21e9b
Run eslint with caching
...
This reduces the time for subsequent lints significantly.
e.g. for `package/frontend`, the first run takes ~10min.
With the cache, every subsequent run takes only a few seconds.
2024-09-14 00:58:02 +02:00
dakkar
26e0412fbb
bump happy-dom, disable all JS&c when parsing
...
version 10 didn't quite support disabling all of that
I have tested that `MfmService` (the other code that uses `happy-dom`)
still works fine: the RSS feed for a user is generated correctly, with
HTML rendered from MFM
2024-08-30 15:35:19 +01:00
dakkar
a58df8ac7c
Merge branch 'develop' into feature/misskey-2024.07
2024-08-18 13:13:23 +01:00
Julia Johannesen
aff57333d5
Add @types/proxy-addr
2024-08-17 13:12:16 -04:00
dakkar
4cd44130e0
use the correct remote address
...
we're doing the same thing that Fastify does in the non-streaming
ServerService
2024-08-16 18:00:50 +01:00
dakkar
ef99b1ca07
put back dependency I had deleted by accident
2024-08-02 13:47:40 +01:00
dakkar
cfa9b852df
Merge remote-tracking branch 'misskey/master' into feature/misskey-2024.07
2024-08-02 12:25:58 +01:00
syuilo
085b3abf26
update deps ( #14312 )
2024-07-28 11:14:31 +09:00
かっこかり
46d96c7412
fix(build): autogen生成時にbackendを2度buildしているのを修正 ( #14309 )
...
* fix(build): autogen生成時にbackendを2度buildしているのを修正
* fix
* fix
2024-07-27 18:09:15 +09:00
syuilo
337b42bcb1
revert 5f88d56d96
...
バグがある(かつすぐに修正できそうにない) & まだレビュー途中で意図せずマージされたため
2024-07-20 21:33:20 +09:00
tamaina
5f88d56d96
perf(federation): Ed25519署名に対応する ( #13464 )
...
* 1. ed25519キーペアを発行・Personとして公開鍵を送受信
* validate additionalPublicKeys
* getAuthUserFromApIdはmainを選ぶ
* ✌️
* fix
* signatureAlgorithm
* set publicKeyCache lifetime
* refresh
* httpMessageSignatureAcceptable
* ED25519_SIGNED_ALGORITHM
* ED25519_PUBLIC_KEY_SIGNATURE_ALGORITHM
* remove sign additionalPublicKeys signature requirements
* httpMessageSignaturesSupported
* httpMessageSignaturesImplementationLevel
* httpMessageSignaturesImplementationLevel: '01'
* perf(federation): Use hint for getAuthUserFromApId (#13470 )
* Hint for getAuthUserFromApId
* とどのつまりこれでいいのか?
* use @misskey-dev/node-http-message-signatures
* fix
* signedPost, signedGet
* ap-request.tsを復活させる
* remove digest prerender
* fix test?
* fix test
* add httpMessageSignaturesImplementationLevel to FederationInstance
* ManyToOne
* fetchPersonWithRenewal
* exactKey
* ✌️
* use const
* use gen-key-pair fn. from '@misskey-dev/node-http-message-signatures'
* update node-http-message-signatures
* fix
* @misskey-dev/node-http-message-signatures@0.0.0-alpha.11
* getAuthUserFromApIdでupdatePersonの頻度を増やす
* cacheRaw.date
* use requiredInputs
https://github.com/misskey-dev/misskey/pull/13464#discussion_r1509964359
* update @misskey-dev/node-http-message-signatures
* clean up
* err msg
* fix(backend): fetchInstanceMetadataのLockが永遠に解除されない問題を修正
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
* fix httpMessageSignaturesImplementationLevel validation
* fix test
* fix
* comment
* comment
* improve test
* fix
* use Promise.all in genRSAAndEd25519KeyPair
* refreshAndprepareEd25519KeyPair
* refreshAndfindKey
* commetn
* refactor public keys add
* digestプリレンダを復活させる
RFC実装時にどうするか考える
* fix, async
* fix
* !== true
* use save
* Deliver update person when new key generated (not tested)
https://github.com/misskey-dev/misskey/pull/13464#issuecomment-1977049061
* 循環参照で落ちるのを解消?
* fix?
* Revert "fix?"
This reverts commit 0082f6f8e8c5d5febd14933ba9a1ac643f70ca92.
* a
* logger
* log
* change logger
* 秘密鍵の変更は、フラグではなく鍵を引き回すようにする
* addAllKnowingSharedInboxRecipe
* nanka meccha kaeta
* delivre
* キャッシュ有効チェックはロック取得前に行う
* @misskey-dev/node-http-message-signatures@0.0.3
* PrivateKeyPem
* getLocalUserPrivateKey
* fix test
* if
* fix ap-request
* update node-http-message-signatures
* fix type error
* update package
* fix type
* update package
* retry no key
* @misskey-dev/node-http-message-signatures@0.0.8
* fix type error
* log keyid
* logger
* db-resolver
* JSON.stringify
* HTTP Signatureがなかったり使えなかったりしそうな場合にLD Signatureを活用するように
* inbox-delayed use actor if no signature
* ユーザーとキーの同一性チェックはhostの一致にする
* log signature parse err
* save array
* とりあえずtryで囲っておく
* fetchPersonWithRenewalでエラーが起きたら古いデータを返す
* use transactionalEntityManager
* fix spdx
* @misskey-dev/node-http-message-signatures@0.0.10
* add comment
* fix
* publicKeyに配列が入ってもいいようにする
https://github.com/misskey-dev/misskey/pull/13950
* define additionalPublicKeys
* fix
* merge fix
* refreshAndprepareEd25519KeyPair → refreshAndPrepareEd25519KeyPair
* remove gen-key-pair.ts
* defaultMaxListeners = 512
* Revert "defaultMaxListeners = 512"
This reverts commit f2c412c18057a9300540794ccbe4dfbf6d259ed6.
* genRSAAndEd25519KeyPairではキーを直列に生成する?
* maxConcurrency: 8
* maxConcurrency: 16
* maxConcurrency: 8
* Revert "genRSAAndEd25519KeyPairではキーを直列に生成する?"
This reverts commit d0aada55c1ed5aa98f18731ec82f3ac5eb5a6c16.
* maxWorkers: '90%'
* Revert "maxWorkers: '90%'"
This reverts commit 9e0a93f110456320d6485a871f014f7cdab29b33.
* e2e/timelines.tsで個々のテストに対するtimeoutを削除, maxConcurrency: 32
* better error handling of this.userPublickeysRepository.delete
* better comment
* set result to keypairEntityCache
* deliverJobConcurrency: 16, deliverJobPerSec: 1024, inboxJobConcurrency: 4
* inboxJobPerSec: 64
* delete request.headers['host'];
* fix
* // node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
* move delete host
* modify comment
* modify comment
* fix correct → collect
* refreshAndfindKey → refreshAndFindKey
* modify comment
* modify attachLdSignature
* getApId, InboxProcessorService
* TODO
* [skip ci] add CHANGELOG
---------
Co-authored-by: MeiMei <30769358+mei23@users.noreply.github.com>
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
2024-07-18 01:28:17 +09:00
slonkazoid
7a62e1be31
implement fetching host-meta before the webfinger endpoint
...
code ported from iceshrimp: c3e685a925/packages/backend/src/remote/webfinger.ts
2024-07-09 05:45:41 +03:00
syuilo
427648c4b8
update deps ( #14057 )
...
* wip
* locales/index.jsのymlファイル取得ロジックを調節
* regenerate pnpm-lock.yaml
* fix(backend): typecheck fails
* chore(deps): bump ip-cidr from 4.0.0 to 4.0.1 in /packages/backend
* chore: migrate ESLint configs to flat config (#14094 )
* chore: migrate ESLint configs to flat config
* fix: update paths
* fix: frontend lint fails
* refactor(misskey-js): lint build.js
* update deps
---------
Co-authored-by: samunohito <46447427+samunohito@users.noreply.github.com>
Co-authored-by: zyoshoka <root@zyoshoka.com>
Co-authored-by: zyoshoka <107108195+zyoshoka@users.noreply.github.com>
2024-07-02 11:38:34 +09:00
woxtu
00b213373b
Remove @types/node-fetch ( #13948 )
2024-06-22 19:46:29 +09:00
syuilo
1df90cef4c
update typescript
2024-06-21 13:03:00 +09:00
syuilo
c73d739bd6
node 22 support
2024-06-13 10:40:20 +09:00
dakkar
3372e0ffe1
Merge remote-tracking branch 'misskey/release/2024.5.0' into future
2024-05-31 12:26:07 +01:00
syuilo
80f3cb96b0
feat: sentry integration ( #13897 )
...
* wip
* wip
* wip
* wip
* Update CHANGELOG.md
* Update ApiCallService.ts
* Update config.ts
2024-05-28 17:06:33 +09:00
syuilo
20c0bd9ddb
happy-domにメモリリークがありそう
2024-05-21 17:29:02 +09:00
dakkar
451b0ecc9b
Merge remote-tracking branch 'misskey/release/2024.5.0' into future-2024-04-25-post
2024-05-11 14:13:07 +01:00
dakkar
30bd7768d6
Merge branch 'develop' into future-2024-04-25-post
2024-05-11 13:11:07 +01:00
syuilo
2b21c19362
update deps ( #13624 )
...
* update deps
* Update package.json
* update deps
* build: pass --strip-leading-paths to restore 0.2.x behavior (#13684 )
* ✌️
* ✌️
* pureimageの代わりに@napi-rs/canvasを使う (#13748 )
* pureimageの代わりに@napi-rs/canvasを使う
* remove writestream
* remove createtemp
* wip
* Update ClientServerService.ts
* update pnpm to 9.x
* update deps
* re: update pnpm to 9.x
* update node
* ✌️
---------
Co-authored-by: anatawa12 <anatawa12@icloud.com>
Co-authored-by: tamaina <tamaina@hotmail.co.jp>
2024-05-04 20:56:14 +09:00
dakkar
d0a2708f91
merge: handle non-ASCII emoji names ( !464 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/464
Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Ember <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-02 21:06:10 +00:00
dakkar
ea6629cebf
Merge branch 'develop' into future-2024-04-10-post
2024-04-25 11:18:30 +01:00
dakkar
a3b4ca782a
Merge remote-tracking branch 'misskey/develop' into future-2024-04-10
2024-04-11 13:39:55 +01:00
dakkar
b6f41a28ed
pull in sfm-js that supports non-ascii in emoji names
2024-04-07 16:37:31 +01:00
おさむのひと
efa42a1624
fix(backend): バックエンドのpnpm devによるビルド後にbuild-assetsを行うようにする ( #13659 )
...
* moveto scripts
* add scripts/dev.mjs
2024-04-04 22:25:28 +09:00
dakkar
bc531ac414
Merge remote-tracking branch 'misskey/develop' into future-2024-03-23
2024-03-24 11:53:52 +00:00
おさむのひと
831c74a25b
fix: URLプレビューの動作改善+動作設定を可能にする ( #13579 )
...
* wip
* support new version
* URLプレビュー無効化時、フロント側も非表示にしてリクエストをしないようにする
* fix lint
* fix lint
* tweak preview request error handles
* fix: CHANGELOG.md
* fix
* fix
---------
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
2024-03-21 18:46:42 +09:00
dakkar
f4e89f2e6b
bump tmp@0.2.3 - fixes #464
...
see also https://github.com/raszi/node-tmp/issues/295
2024-03-19 17:13:43 +00:00
zyoshoka
412e9f284d
test(backend): enable typecheck by workflow ( #13526 )
2024-03-07 09:51:57 +09:00
dakkar
af548d05ca
merge upstream for 2024.2.1
2024-03-02 16:36:49 +00:00
syuilo
2f31606eff
update deps
2024-03-01 14:16:44 +09:00
syuilo
033d71ee28
update deps
2024-03-01 13:52:39 +09:00
syuilo
920c3be750
update deps
2024-02-29 11:10:03 +09:00
Marie
15d2319011
merge: upstream
2024-02-23 13:42:52 +01:00
かっこかり
080a3c20bd
fix: SSR時のmetaをエスケープするように ( #13440 )
...
* fix: SSR時のmetaをエスケープするように
* エスケープ方法を変更
2024-02-23 14:10:13 +09:00
tamaina
ae27085f69
fix: Bump sharp to 0.33.2 ( #13391 )
2024-02-21 14:42:37 +09:00
Marie
10bfc61670
merge: upstream
2024-02-19 10:47:42 +01:00
zyoshoka
37959bab1d
refactor(backend): remove/replace deprecated type deps ( #13252 )
2024-02-16 20:09:07 +09:00