summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix(backend/misskey-js): タイポ修正 (#15046)かっこかり2024-11-241-1/+1
|
* fix(backend): fix apResolver (#15010)かっこかり2024-11-211-2/+3
| | | | | | | | | * fix(backend): fix apResolver * fix * add comments * tweak comment
* fix(backend): fix security patches (#15008)かっこかり2024-11-211-2/+2
|
* fix ap/showsyuilo2024-11-211-1/+1
|
* Merge commit from forkJulia2024-11-212-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * enhance: Add a few validation fixes from Sharkey See the original MR on the GitLab instance: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/484 Co-Authored-By: Dakkar <dakkar@thenautilus.net> * fix: primitive 2: acceptance of cross-origin alternate Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 3: validation of non-final url * fix: primitive 4: missing same-origin identifier validation of collection-wrapped activities * fix: primitives 5 & 8: reject activities with non string identifiers Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 6: reject anonymous objects that were fetched by their id * fix: primitives 9, 10 & 11: http signature validation doesn't enforce required headers or specify auth header name Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 14: improper validation of outbox, followers, following & shared inbox collections * fix: code style for primitive 14 * fix: primitive 15: improper same-origin validation for note uri and url Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 16: improper same-origin validation for user uri and url * fix: primitive 17: note same-origin identifier validation can be bypassed by wrapping the id in an array * fix: code style for primitive 17 * fix: check attribution against actor in notes While this isn't strictly required to fix the exploits at hand, this mirrors the fix in `ApQuestionService` for GHSA-5h8r-gq97-xv69, as a preemptive countermeasure. * fix: primitive 18: `ap/get` bypasses access checks One might argue that we could make this one actually preform access checks against the returned activity object, but I feel like that's a lot more work than just restricting it to administrators, since, to me at least, it seems more like a debugging tool than anything else. * fix: primitive 19 & 20: respect blocks and hide more Ideally, the user property should also be hidden (as leaving it in leaks information slightly), but given the schema of the note endpoint, I don't think that would be possible without introducing some kind of "ghost" user, who is attributed for posts by users who have you blocked. * fix: primitives 21, 22, and 23: reuse resolver This also increases the default `recursionLimit` for `Resolver`, as it theoretically will go higher that it previously would and could possibly fail on non-malicious collection activities. * fix: primitives 25-33: proper local instance checks * revert: fix: primitive 19 & 20 This reverts commit 465a9fe6591de90f78bd3d084e3c01e65dc3cf3c. --------- Co-authored-by: Dakkar <dakkar@thenautilus.net> Co-authored-by: Laura Hausmann <laura@hausmann.dev> Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* Fix(backend): ↵zawa-ch.2024-11-192-3/+3
| | | | | | | アカウント削除のモデレーションログが動作していないのを修正 (#14996) (#14997) * アカウント削除のモデレーションログが動作していないのを修正 * update CHANGELOG
* fix(backend): ↵饺子w (Yumechi)2024-11-191-2/+3
| | | | | | | | | | | | | | | | お知らせ作成時に画像URL入力欄を空欄に変更できないのを修正 (#14990) * fix(backend): アナウンスメントを作成ときに画像URLを後悔できないのを修正 Signed-off-by: eternal-flame-AD <yume@yumechi.jp> * Update CHANGELOG.md Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com> --------- Signed-off-by: eternal-flame-AD <yume@yumechi.jp> Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com>
* feat: 送信したフォローリクエストを確認できるように ↵かっこかり2024-11-153-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14856) * FEAT: Allow users to view pending follow requests they sent This commit implements the `following/requests/sent` interface firstly implemented on Firefish, and provides a UI interface to view the pending follow requests users sent. * ux: should not show follow requests tab when have no pending sent follow req * fix default followreq tab * fix default followreq tab * restore missing hasPendingReceivedFollowRequest in navbar * refactor * use tabler icons * tweak design * Revert "ux: should not show follow requests tab when have no pending sent follow req" This reverts commit e580b92c37f27c2849c6d27e22ca4c47086081bb. * Update Changelog * Update Changelog * change tab titles --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com> Co-authored-by: Hazelnoot <acomputerdog@gmail.com>
* fix(backend): ↵4ster1sk2024-11-071-1/+1
| | | | followedMessageではなくdescriptionになっていたのを修正 (#14908)
* fix(backend): ↵4ster1sk2024-11-071-0/+6
| | | | フォロワーへのメッセージの絵文字をemojisに含めるように (#14904)
* fix(backend): ↵かっこかり2024-11-061-1/+1
| | | | | | | | | | | | | FTT無効時にユーザーリストタイムラインが使用できない問題を修正 (#14878) * fix: return getfromdb when FanoutTimeline is not enabled * Update Changelog * fix --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com>
* enhance: アイコンデコレーション管理画面の改善syuilo2024-10-282-4/+56
|
* fix(backend): ↵かっこかり2024-10-251-1/+1
| | | | | | | | | | | | | 招待コード発行可能残り数算出に使用すべきロールポリシーの値が違うのを修正 (#14834) * fix: should use invite limit cycle to calculate invite/limit * Update Changelog * Update changelog --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com>
* feat: ↵syuilo2024-10-221-0/+4
| | | | | | | | | | | | | | | | | 過去のノートを非公開化/フォロワーのみ表示可能にできる機能 (#14814) * wip * Update CHANGELOG.md * wip * wip * wip * Update privacy.vue * wip
* feat: ノートの閲覧にログイン必須にする設定 (#14799)syuilo2024-10-214-1/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * wip * wip * Update packages/frontend/src/pages/note.vue Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> * wip * Update WebhookTestService.ts * Update privacy.vue * wip * rename * Update locales/ja-JP.yml Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com> * :art: * wip --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com>
* feat: ↵syuilo2024-10-132-0/+10
| | | | | | | | | | | | | リモートサーバーのサーバー情報を収集しないオプション (#14634) * wip * wip * Update FetchInstanceMetadataService.ts * Update FetchInstanceMetadataService.ts * Update types.ts
* feat: ユーザーの名前に禁止ワードを設定できるように ↵かっこかり2024-10-133-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14756) * wip * :art: * Enhance: モデレーター以上は制限の影響を受けないように * refactor * better error handling * fix * Revert "better error handling" This reverts commit 5670b29cfa18a3894d0c2abfe0e5ef862e3b9ffa. * error handling * エラーが出ないのを修正 * translation * Update Changelog * status code * :v: * モデレーター以上は影響ないことを明記 * :art: * update changelog * spdx * Update update.ts * refactor * eliminate `screen name` * remove untracked file --------- Co-authored-by: KanariKanaru <93921745+kanarikanaru@users.noreply.github.com>
* wip (#14745)syuilo2024-10-115-0/+26
|
* feat(backend): ↵おさむのひと2024-10-111-2/+2
| | | | | | | | | | | | | | | | | | | | | 7日間運営のアクティビティがないサーバを自動的に招待制にする (#14746) * feat(backend): 7日間運営のアクティビティがないサーバを自動的に招待制にする * fix RoleService. * fix * fix * fix * add test and fix * fix * fix CHANGELOG.md * fix test
* fix: admin/emoji/update で不正なエラーが発生する (#14750)FineArchs2024-10-111-18/+15
| | | | | | | | | | | | | | | * fix emoji updating bug * update changelog * type fix * " -> ' * conprehensiveness check * lint * undefined -> null
* fix(backend): correct `admin/abuse-user-reports` schema (#14711)zyoshoka2024-10-051-2/+14
| | | | | * fix(backend): correct `abuse-user-reports` schema * Update CHANGELOG.md
* feat: 通報の強化 (#14704)syuilo2024-10-055-2/+127
| | | | | | | | | | | | | | | | | * wip * Update CHANGELOG.md * lint * Update types.ts * wip * :v: * Update MkAbuseReport.vue * tweak
* enhance: 人気のPlayを10件以上表示できるように (#14443)おさむのひと2024-10-051-11/+11
| | | Co-authored-by: osamu <46447427+sam-osamu@users.noreply.github.com>
* #14675 レビューの修正 (#14705)かっこかり2024-10-051-1/+1
|
* fix: signin ↵かっこかり2024-10-053-49/+25
| | | | | | | | | | | | | | | | | | | | | | | | | の資格情報が足りないだけの場合はエラーにせず200を返すように (#14700) * fix: signin の資格情報が足りないだけの場合はエラーにせず200を返すように * run api extractor * fix * fix * fix test * /signin -> /signin-flow * fix * fix lint * rename * fix * fix
* enhance(frontend): サインイン画面の改善 (#14658)かっこかり2024-10-041-12/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * Update MkSignin.vue * Update MkSignin.vue * wip * Update CHANGELOG.md * enhance(frontend): サインイン画面の改善 * Update Changelog * 14655の変更取り込み * spdx * fix * fix * fix * :art: * :art: * :art: * :art: * Captchaがリセットされない問題を修正 * 次の処理をsignin apiから読み取るように * Add Comments * fix * fix test * attempt to fix test * fix test * fix test * fix test * fix * fix test * fix: 一部のエラーがちゃんと出るように * Update Changelog * :art: * :art: * remove border --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* initialPassword -> setupPasswordsyuilo2024-10-031-4/+4
|
* fix(misskey-js): type fixes related to signup and signin (#14679)zyoshoka2024-10-031-5/+7
|
* feat: ↵かっこかり2024-10-031-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | サーバー初期設定時に初期パスワードを要求できるように (#14626) * feat: サーバー初期設定時専用の初期パスワードを設定できるように * 無いのに入力された場合もエラーにする * :art: * :art: * cypress-devcontainerにもpassを設定(テストが失敗するため) * [ci skip] :art: * :v: * test: please revert this commit before merge * Revert "test: please revert this commit before merge" This reverts commit 66b2b48f66830d2450d8cda03955c143feba76c7. * Update locales/ja-JP.yml Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com> * build assets * Update Changelog * fix condition * fix condition * add comment * change error code * 他のエラーコードと合わせる * Update CHANGELOG.md --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* fix(backend): ↵Kisaragi2024-10-031-1/+1
| | | | | | | 連合限定先が間違って連合しない先に代入されているのを修正 (#14662) * fix(backend): 連合限定先が間違って連合しない先に代入されているのを修正 * build: fix property typo
* enhance(backend): notify new login (#14673)syuilo2024-10-031-3/+17
| | | | | | | | | | | | | | | * wip * Update CHANGELOG.md * wip * fix * Update index.d.ts * Update SigninService.ts * Update MkNotification.vue
* enhance: require captcha for signin (#14655)syuilo2024-10-031-0/+37
| | | | | | | | | | | * wip * Update MkSignin.vue * Update MkSignin.vue * wip * Update CHANGELOG.md
* wip (#14643)syuilo2024-09-283-7/+33
|
* feat: ↵syuilo2024-09-282-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | フォローされた際のメッセージを設定できるようにする (#14430) * feat: フォローされた際のメッセージを設定できるようにする Resolve #14425 * Update CHANGELOG.md * 既にフォローしているユーザーのメッセージも見れるように * Update packages/frontend/src/components/MkNotification.vue Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> * fix indent * Update users.ts * wip * Update users.ts --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
* Add Sign in with passkey Button (#14577)Yuri Lee2024-09-262-0/+182
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Sign in with passkey (PoC) * 💄 Added "Login with Passkey" Button * refactor: Improve error response when WebAuthn challenge fails * signinResponse should be placed under the SigninWithPasskeyResponse object. * Frontend fix * Fix: Rate limiting key for passkey signin Use specific rate limiting key: 'signin-with-passkey' for passkey sign-in API to avoid collisions with signin rate-limit. * Refactor: enhance Passkey sign-in flow and error handling - Increased the rate limit for Passkey sign-in attempts to accommodate the two API calls needed per sign-in. - Improved error messages and handling in both the `WebAuthnService` and the `SigninWithPasskeyApiService`, providing more context and better usability. - Updated error messages to provide more specific and helpful details to the user. These changes aim to enhance the Passkey sign-in experience by providing more robust error handling, improving security by limiting API calls, and delivering a more user-friendly interface. * Refactor: Streamline 2FA flow and remove redundant Passkey button. - Separate the flow of 1FA and 2FA. - Remove duplicate passkey buttons * Fix: Add error messages to MkSignin * chore: Hide passkey button if the entered user does not use passkey login * Update CHANGELOG.md * Refactor: Rename functions and Add comments * Update locales/ja-JP.yml Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com> * Fix: Update translation - update index.d.ts - update ko-KR.yml, en-US.yml - Fix: Reflect Changed i18n key on MkSignin --------- Co-authored-by: Squarecat-meow <kw7551@gmail.com> Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* feat: ↵かっこかり2024-09-241-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | adminのファイル一覧画面で、ファイルが添付されているノートを一覧できるように (#14403) * enhance(moderation): モデレーターがファイルが添付されているノートを照会できるように (MisskeyIO#680) Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com> (cherry picked from commit b059162324d2cfc697d1af9f3b6fb49fad2734e0) * Update Changelog * :v: Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com> --------- Co-authored-by: Yuuki <yukikum57@gmail.com> Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
* refactor/perf(backend): provide metadata statically (#14601)syuilo2024-09-2218-125/+109
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * Update ReactionService.ts * Update ApiCallService.ts * Update timeline.ts * Update GlobalModule.ts * Update GlobalModule.ts * Update NoteEntityService.ts * wip * wip * wip * Update ApPersonService.ts * wip * Update GlobalModule.ts * Update mock-resolver.ts * Update RoleService.ts * Update activitypub.ts * Update activitypub.ts * Update activitypub.ts * Update activitypub.ts * Update activitypub.ts * clean up * Update utils.ts * Update UtilityService.ts * Revert "Update utils.ts" This reverts commit a27d4be764b78c1b5a9eac685e261fee49331d89. * Revert "Update UtilityService.ts" This reverts commit e5fd9e004c482cf099252201c0c1aa888e001430. * vuwa- * Revert "vuwa-" This reverts commit 0c3bd12472b4b9938cdff2d6f131e6800bc3724c. * Update entry.ts * Update entry.ts * Update entry.ts * Update entry.ts * Update jest.setup.ts
* fix(backend): ↵かっこかり2024-09-211-9/+9
| | | | | | | | | | | | | | | | | | | | `Retry-After`ヘッダーが実際には送信されなかった問題を修正 (#14597) * move rate-limit-exceeded error reporting, earlier a rate-limit-exceeded error has `kind:'client'`, so the branch that adds the `Retry-After` would never get taken (cherry picked from commit 8a982c61c01909e7540ff1be9f019df07c3f0624) * Update Changelog * fix * indent --------- Co-authored-by: dakkar <dakkar@thenautilus.net>
* enhance: ↵かっこかり2024-09-205-0/+5
| | | | | | | ユーザーコンテンツのインポート操作の実行可否をロールで制御できるように (#14583) * enhance: インポート操作の実行可否をロールで制御できるように * Update Changelog
* Misskey® Reactions Buffering Technology™ (#14579)syuilo2024-09-202-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * wip * Update ReactionsBufferingService.ts * Update ReactionsBufferingService.ts * wip * wip * wip * Update ReactionsBufferingService.ts * wip * wip * wip * Update NoteEntityService.ts * wip * wip * wip * wip * Update CHANGELOG.md
* feat: UserWebhook/SystemWebhookのテスト送信機能を追加 (#14489)おさむのひと2024-09-197-0/+168
| | | | | | | | | | | * feat: UserWebhook/SystemWebhookのテスト送信機能を追加 * fix CHANGELOG.md * 一部設定をパラメータから上書き出来るように修正 * remove async * regenerate autogen
* fix(backend/antenna): ↵Kisaragi2024-09-152-2/+14
| | | | | | | | | | | | | | | | | | | | | キーワードが与えられなかった場合のエラーをApiErrorとして投げる (#14491) * fix(backend/antenna): report validation failure as ApiError on update * test(backend/antenna): reflect change in previous commit * fix(backend/antenna): report validation failure as ApiError on create * test(backend/antenna): reflect change in previous commit * test(backend/antenna): semi * test(backend/antenna): bring being spread parameters first in object literal * chore: add CHANGELOG entry --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* fix(backend): use `prefixItems` in `admin/queue/*-delayed` endpoint schema ↵zyoshoka2024-08-302-20/+18
| | | | | | | | | | | | | | | (#14468) * fix(backend): represent tuples with `prefixItems` * refactor(frontend): fix type errors * fix(backend): add `prefixItems` in `SchemaType` * fix(backend): add `unevaluatedItems: false` to disallow extra items * refactor(frontend): consolidate `'deliver' | 'queue'` type def into `queue.vue` * fix(backend): add `unevaluatedItems` in `SchemaType`
* enhance(frontend): ↵syuilo2024-08-231-1/+1
| | | | サイズ制限を超過するファイルをアップロードしようとした際にエラーを出すように
* add notesyuilo2024-08-231-0/+1
|
* fix(backend): ↵syuilo2024-08-231-1/+9
| | | | ファイルがサイズの制限を超えてアップロードされた際にエラーを返さなかった問題を修正
* fix(backend): memory leak in memory caches (#14363)Hazel K2024-08-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | * encapsulate `MemoryKVCache<T>` * remove infinity caches * encapsulate other caches * add missing awaits to internally synchronize caches * implement pull-through caching * tune cache lifetimes * optimize cache GC by stopping early * summarize changes in CHANGELOG.md * Fix timeout comments Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> * add comments about awaiting the redis write --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
* enhance(backend): ↵zyoshoka2024-08-173-9/+74
| | | | | | | | | | | | | | | ページ、ギャラリー、Playのモデレーション強化 (#13523) * enhance(backend): Page、ギャラリー、Playのモデレーション強化 * Update CHANGELOG.md * fix: update misskey-js * refactor(frontend): use `MkA` * Update CHANGELOG.md * fix(i18n): Page -> ページ
* fix(backend): ↵かっこかり2024-08-171-2/+13
| | | | | | | | | | | | | ベースロールのポリシー変更時モデレーションログが残るように (#14418) * fix(policies): ベースロールのポリシー変更時モデレーションログが残るように (MisskeyIO#700) (cherry picked from commit 80389a914049f6f26237fde8da7d4e1bd41452fc) * Update Changelog --------- Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
* suspend周りの改修 (#14409)syuilo2024-08-173-81/+6
| | | | | | | | | | | | | | | | | | | | | | * enhance(backend): 凍結されたアカウントのフォローリクエストを表示しないように * Update CHANGELOG.md * wip * Update gen-spec.ts * Update packages/backend/src/server/api/endpoints/admin/suspend-user.ts Co-authored-by: Kisaragi <48310258+KisaragiEffective@users.noreply.github.com> * owa- * revert misskey-js related changes (#14414) --------- Co-authored-by: Kisaragi <48310258+KisaragiEffective@users.noreply.github.com> Co-authored-by: anatawa12 <anatawa12@icloud.com>
generated by cgit v1.3.1-freya (git 2.54.0) at 2026-05-17 23:04:32 +0000