summaryrefslogtreecommitdiff
path: root/packages/backend/src/server (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix(backend): ↵4ster1sk2025-01-041-1/+1
| | | | アプリ作成方式で作成したトークンの権限を表示するように (#15177)
* enhance(frontend): 照会の際にエラーを表示するように (#15147)かっこかり2024-12-191-2/+63
| | | | | | | | | | | * enhance: 照会の失敗理由を表示するように * Update Changelog * fix * fix test * lookupErrors-> remoteLookupErrors
* fix(frontend): ↵かっこかり2024-12-101-1/+1
| | | | | | | | | | | | | 公開範囲がホームのノートの埋め込みウィジェットが読み込まれない問題を修正 (#15102) * Resolve frontend/backend contradiction for home visibility embeds This now uses the same check from `packages/frontend/src/scripts/get-note-menu.ts` * Update Changelog --------- Co-authored-by: CenTdemeern1 <timo.herngreen@gmail.com>
* fix(backend/misskey-js): タイポ修正 (#15046)かっこかり2024-11-241-1/+1
|
* fix(backend): ↵おさむのひと2024-11-231-1/+4
| | | | | | | アドレス入力で直接ユーザのプロフィールページを表示した際、前提データが足りず描画に失敗する (#15033) * fix(backend): アドレス入力で直接ユーザのプロフィールページを表示した際、前提データが足りず描画に失敗する * fix CHANGELOG.md
* fix(backend): fix apResolver (#15010)かっこかり2024-11-211-2/+3
| | | | | | | | | * fix(backend): fix apResolver * fix * add comments * tweak comment
* fix(backend): fix security patches (#15008)かっこかり2024-11-211-2/+2
|
* fix ap/showsyuilo2024-11-211-1/+1
|
* Merge commit from forkrectcoordsystem2024-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | * fix(backend): check target IP before sending HTTP request * fix(backend): allow accessing private IP when testing * Apply suggestions from code review Co-authored-by: anatawa12 <anatawa12@icloud.com> * fix(backend): lint and typecheck * fix(backend): add isLocalAddressAllowed option to getAgentByUrl and send (HttpRequestService) * fix(backend): allow fetchSummaryFromProxy, trueMail to access local addresses --------- Co-authored-by: anatawa12 <anatawa12@icloud.com> Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* Merge commit from forkJulia2024-11-213-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * enhance: Add a few validation fixes from Sharkey See the original MR on the GitLab instance: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/484 Co-Authored-By: Dakkar <dakkar@thenautilus.net> * fix: primitive 2: acceptance of cross-origin alternate Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 3: validation of non-final url * fix: primitive 4: missing same-origin identifier validation of collection-wrapped activities * fix: primitives 5 & 8: reject activities with non string identifiers Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 6: reject anonymous objects that were fetched by their id * fix: primitives 9, 10 & 11: http signature validation doesn't enforce required headers or specify auth header name Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 14: improper validation of outbox, followers, following & shared inbox collections * fix: code style for primitive 14 * fix: primitive 15: improper same-origin validation for note uri and url Co-Authored-By: Laura Hausmann <laura@hausmann.dev> * fix: primitive 16: improper same-origin validation for user uri and url * fix: primitive 17: note same-origin identifier validation can be bypassed by wrapping the id in an array * fix: code style for primitive 17 * fix: check attribution against actor in notes While this isn't strictly required to fix the exploits at hand, this mirrors the fix in `ApQuestionService` for GHSA-5h8r-gq97-xv69, as a preemptive countermeasure. * fix: primitive 18: `ap/get` bypasses access checks One might argue that we could make this one actually preform access checks against the returned activity object, but I feel like that's a lot more work than just restricting it to administrators, since, to me at least, it seems more like a debugging tool than anything else. * fix: primitive 19 & 20: respect blocks and hide more Ideally, the user property should also be hidden (as leaving it in leaks information slightly), but given the schema of the note endpoint, I don't think that would be possible without introducing some kind of "ghost" user, who is attributed for posts by users who have you blocked. * fix: primitives 21, 22, and 23: reuse resolver This also increases the default `recursionLimit` for `Resolver`, as it theoretically will go higher that it previously would and could possibly fail on non-malicious collection activities. * fix: primitives 25-33: proper local instance checks * revert: fix: primitive 19 & 20 This reverts commit 465a9fe6591de90f78bd3d084e3c01e65dc3cf3c. --------- Co-authored-by: Dakkar <dakkar@thenautilus.net> Co-authored-by: Laura Hausmann <laura@hausmann.dev> Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* perf(frontend): reduce api requests for non-logged-in enviroment (#15001)syuilo2024-11-212-1/+16
| | | | | | | * wip * Update CHANGELOG.md * wip
* Fix(backend): ↵zawa-ch.2024-11-192-3/+3
| | | | | | | アカウント削除のモデレーションログが動作していないのを修正 (#14996) (#14997) * アカウント削除のモデレーションログが動作していないのを修正 * update CHANGELOG
* fix(backend): ↵饺子w (Yumechi)2024-11-191-2/+3
| | | | | | | | | | | | | | | | お知らせ作成時に画像URL入力欄を空欄に変更できないのを修正 (#14990) * fix(backend): アナウンスメントを作成ときに画像URLを後悔できないのを修正 Signed-off-by: eternal-flame-AD <yume@yumechi.jp> * Update CHANGELOG.md Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com> --------- Signed-off-by: eternal-flame-AD <yume@yumechi.jp> Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com>
* feat: 送信したフォローリクエストを確認できるように ↵かっこかり2024-11-153-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14856) * FEAT: Allow users to view pending follow requests they sent This commit implements the `following/requests/sent` interface firstly implemented on Firefish, and provides a UI interface to view the pending follow requests users sent. * ux: should not show follow requests tab when have no pending sent follow req * fix default followreq tab * fix default followreq tab * restore missing hasPendingReceivedFollowRequest in navbar * refactor * use tabler icons * tweak design * Revert "ux: should not show follow requests tab when have no pending sent follow req" This reverts commit e580b92c37f27c2849c6d27e22ca4c47086081bb. * Update Changelog * Update Changelog * change tab titles --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com> Co-authored-by: Hazelnoot <acomputerdog@gmail.com>
* enhance(backend) : ↵momoirodouhu2024-11-091-4/+16
| | | | | | | | | | | | | | | | リモートユーザーの照会をオリジナルにリダイレクトするように (#12892) (#14897) * enhance(backend) : リモートユーザーの照会をオリジナルにリダイレクトするように (#12892) * オリジンリダイレクトのテストをtodoとして追加。 e2eテストにリモートユーザー考慮のテストがなさそうなので。 次のコマンドで動くことは確認済みです。 curl "http://localhost:3000/@foo@bar" -H "accept: application/activity+json" -L * Acctのパースを既存のパーサーでするように修正 * lint
* enhance(frontend): ↵かっこかり2024-11-093-2/+59
| | | | | | | 個別お知らせページではmetaタグを出力するように (#14902) * enhance(frontend): 個別お知らせページではmetaタグを出力するように * Update Changelog
* fix(backend): ↵4ster1sk2024-11-071-1/+1
| | | | followedMessageではなくdescriptionになっていたのを修正 (#14908)
* fix(backend): ↵4ster1sk2024-11-071-0/+6
| | | | フォロワーへのメッセージの絵文字をemojisに含めるように (#14904)
* fix(backend): ↵かっこかり2024-11-061-1/+1
| | | | | | | | | | | | | FTT無効時にユーザーリストタイムラインが使用できない問題を修正 (#14878) * fix: return getfromdb when FanoutTimeline is not enabled * Update Changelog * fix --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com>
* enhance: アイコンデコレーション管理画面の改善syuilo2024-10-282-4/+56
|
* fix(backend): ↵かっこかり2024-10-251-1/+1
| | | | | | | | | | | | | 招待コード発行可能残り数算出に使用すべきロールポリシーの値が違うのを修正 (#14834) * fix: should use invite limit cycle to calculate invite/limit * Update Changelog * Update changelog --------- Co-authored-by: Lhc_fl <lhcfl@outlook.com>
* Merge commit from fork饺子w (Yumechi)2024-10-221-0/+6
| | | | | [ghsa-gq5q-c77c-v236](https://github.com/misskey-dev/misskey/security/advisories/ghsa-gq5q-c77c-v236) Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* feat: ↵syuilo2024-10-221-0/+4
| | | | | | | | | | | | | | | | | 過去のノートを非公開化/フォロワーのみ表示可能にできる機能 (#14814) * wip * Update CHANGELOG.md * wip * wip * wip * Update privacy.vue * wip
* feat: ノートの閲覧にログイン必須にする設定 (#14799)syuilo2024-10-215-5/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * wip * wip * Update packages/frontend/src/pages/note.vue Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> * wip * Update WebhookTestService.ts * Update privacy.vue * wip * rename * Update locales/ja-JP.yml Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com> * :art: * wip --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> Co-authored-by: Sayamame-beans <61457993+Sayamame-beans@users.noreply.github.com>
* enhance(frontend): Bull Dashboard に relationship queue を追加 (#14777)かっこかり2024-10-191-0/+3
| | | | | | | | | | | | | * spec(frontend): Bull Dashboard に relationship queue を追加 (MisskeyIO#751) (cherry picked from commit a8bbccbefa67ca0f2c1ec0880da88dfc7517b6a0) * Update Changelog * Update Changelog --------- Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com>
* feat: ↵syuilo2024-10-132-0/+10
| | | | | | | | | | | | | リモートサーバーのサーバー情報を収集しないオプション (#14634) * wip * wip * Update FetchInstanceMetadataService.ts * Update FetchInstanceMetadataService.ts * Update types.ts
* feat: ユーザーの名前に禁止ワードを設定できるように ↵かっこかり2024-10-133-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14756) * wip * :art: * Enhance: モデレーター以上は制限の影響を受けないように * refactor * better error handling * fix * Revert "better error handling" This reverts commit 5670b29cfa18a3894d0c2abfe0e5ef862e3b9ffa. * error handling * エラーが出ないのを修正 * translation * Update Changelog * status code * :v: * モデレーター以上は影響ないことを明記 * :art: * update changelog * spdx * Update update.ts * refactor * eliminate `screen name` * remove untracked file --------- Co-authored-by: KanariKanaru <93921745+kanarikanaru@users.noreply.github.com>
* wip (#14745)syuilo2024-10-115-0/+26
|
* feat(backend): ↵おさむのひと2024-10-111-2/+2
| | | | | | | | | | | | | | | | | | | | | 7日間運営のアクティビティがないサーバを自動的に招待制にする (#14746) * feat(backend): 7日間運営のアクティビティがないサーバを自動的に招待制にする * fix RoleService. * fix * fix * fix * add test and fix * fix * fix CHANGELOG.md * fix test
* fix: admin/emoji/update で不正なエラーが発生する (#14750)FineArchs2024-10-111-18/+15
| | | | | | | | | | | | | | | * fix emoji updating bug * update changelog * type fix * " -> ' * conprehensiveness check * lint * undefined -> null
* refactor(frontend): prefix css variables (#14725)syuilo2024-10-093-10/+10
| | | | | | | * wip * Update index.d.ts * remove unnecessary codes
* fix(backend): correct `admin/abuse-user-reports` schema (#14711)zyoshoka2024-10-051-2/+14
| | | | | * fix(backend): correct `abuse-user-reports` schema * Update CHANGELOG.md
* feat: 通報の強化 (#14704)syuilo2024-10-055-2/+127
| | | | | | | | | | | | | | | | | * wip * Update CHANGELOG.md * lint * Update types.ts * wip * :v: * Update MkAbuseReport.vue * tweak
* enhance: 人気のPlayを10件以上表示できるように (#14443)おさむのひと2024-10-051-11/+11
| | | Co-authored-by: osamu <46447427+sam-osamu@users.noreply.github.com>
* #14675 レビューの修正 (#14705)かっこかり2024-10-051-1/+1
|
* fix: signin ↵かっこかり2024-10-053-49/+25
| | | | | | | | | | | | | | | | | | | | | | | | | の資格情報が足りないだけの場合はエラーにせず200を返すように (#14700) * fix: signin の資格情報が足りないだけの場合はエラーにせず200を返すように * run api extractor * fix * fix * fix test * /signin -> /signin-flow * fix * fix lint * rename * fix * fix
* enhance(frontend): サインイン画面の改善 (#14658)かっこかり2024-10-041-12/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wip * Update MkSignin.vue * Update MkSignin.vue * wip * Update CHANGELOG.md * enhance(frontend): サインイン画面の改善 * Update Changelog * 14655の変更取り込み * spdx * fix * fix * fix * :art: * :art: * :art: * :art: * Captchaがリセットされない問題を修正 * 次の処理をsignin apiから読み取るように * Add Comments * fix * fix test * attempt to fix test * fix test * fix test * fix test * fix * fix test * fix: 一部のエラーがちゃんと出るように * Update Changelog * :art: * :art: * remove border --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* initialPassword -> setupPasswordsyuilo2024-10-031-4/+4
|
* fix(misskey-js): type fixes related to signup and signin (#14679)zyoshoka2024-10-031-5/+7
|
* feat: ↵かっこかり2024-10-031-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | サーバー初期設定時に初期パスワードを要求できるように (#14626) * feat: サーバー初期設定時専用の初期パスワードを設定できるように * 無いのに入力された場合もエラーにする * :art: * :art: * cypress-devcontainerにもpassを設定(テストが失敗するため) * [ci skip] :art: * :v: * test: please revert this commit before merge * Revert "test: please revert this commit before merge" This reverts commit 66b2b48f66830d2450d8cda03955c143feba76c7. * Update locales/ja-JP.yml Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com> * build assets * Update Changelog * fix condition * fix condition * add comment * change error code * 他のエラーコードと合わせる * Update CHANGELOG.md --------- Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* fix(backend): ↵Kisaragi2024-10-031-1/+1
| | | | | | | 連合限定先が間違って連合しない先に代入されているのを修正 (#14662) * fix(backend): 連合限定先が間違って連合しない先に代入されているのを修正 * build: fix property typo
* enhance(backend): notify new login (#14673)syuilo2024-10-031-3/+17
| | | | | | | | | | | | | | | * wip * Update CHANGELOG.md * wip * fix * Update index.d.ts * Update SigninService.ts * Update MkNotification.vue
* enhance: require captcha for signin (#14655)syuilo2024-10-031-0/+37
| | | | | | | | | | | * wip * Update MkSignin.vue * Update MkSignin.vue * wip * Update CHANGELOG.md
* fix(backend): update and re-enable Bull Dashboard (#14648)zyoshoka2024-09-291-1/+1
|
* wip (#14643)syuilo2024-09-283-7/+33
|
* feat: ↵syuilo2024-09-282-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | フォローされた際のメッセージを設定できるようにする (#14430) * feat: フォローされた際のメッセージを設定できるようにする Resolve #14425 * Update CHANGELOG.md * 既にフォローしているユーザーのメッセージも見れるように * Update packages/frontend/src/components/MkNotification.vue Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com> * fix indent * Update users.ts * wip * Update users.ts --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
* Add Sign in with passkey Button (#14577)Yuri Lee2024-09-263-0/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Sign in with passkey (PoC) * 💄 Added "Login with Passkey" Button * refactor: Improve error response when WebAuthn challenge fails * signinResponse should be placed under the SigninWithPasskeyResponse object. * Frontend fix * Fix: Rate limiting key for passkey signin Use specific rate limiting key: 'signin-with-passkey' for passkey sign-in API to avoid collisions with signin rate-limit. * Refactor: enhance Passkey sign-in flow and error handling - Increased the rate limit for Passkey sign-in attempts to accommodate the two API calls needed per sign-in. - Improved error messages and handling in both the `WebAuthnService` and the `SigninWithPasskeyApiService`, providing more context and better usability. - Updated error messages to provide more specific and helpful details to the user. These changes aim to enhance the Passkey sign-in experience by providing more robust error handling, improving security by limiting API calls, and delivering a more user-friendly interface. * Refactor: Streamline 2FA flow and remove redundant Passkey button. - Separate the flow of 1FA and 2FA. - Remove duplicate passkey buttons * Fix: Add error messages to MkSignin * chore: Hide passkey button if the entered user does not use passkey login * Update CHANGELOG.md * Refactor: Rename functions and Add comments * Update locales/ja-JP.yml Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com> * Fix: Update translation - update index.d.ts - update ko-KR.yml, en-US.yml - Fix: Reflect Changed i18n key on MkSignin --------- Co-authored-by: Squarecat-meow <kw7551@gmail.com> Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
* fix(backend): embedの動作に必要な値を復活させる (#14633)かっこかり2024-09-251-0/+2
|
* feat: ↵かっこかり2024-09-241-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | adminのファイル一覧画面で、ファイルが添付されているノートを一覧できるように (#14403) * enhance(moderation): モデレーターがファイルが添付されているノートを照会できるように (MisskeyIO#680) Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com> (cherry picked from commit b059162324d2cfc697d1af9f3b6fb49fad2734e0) * Update Changelog * :v: Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com> --------- Co-authored-by: Yuuki <yukikum57@gmail.com> Co-authored-by: riku6460 <17585784+riku6460@users.noreply.github.com> Co-authored-by: nenohi <kimutipartylove@gmail.com> Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
* perf(embed): improve embed performance (#14613)syuilo2024-09-232-0/+69
| | | | | | | | | | | | | | | * wip * wip * wip * refactor * refactor --------- Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-05-11 20:39:10 +0000