update deps (#13624)

* update deps

* Update package.json

* update deps

* build: pass --strip-leading-paths to restore 0.2.x behavior (#13684)

* ✌️

* ✌️

* pureimageの代わりに@napi-rs/canvasを使う (#13748)

* pureimageの代わりに@napi-rs/canvasを使う

* remove writestream

* remove createtemp

* wip

* Update ClientServerService.ts

* update pnpm to 9.x

* update deps

* re: update pnpm to 9.x

* update node

* ✌️

---------

Co-authored-by: anatawa12 <anatawa12@icloud.com>
Co-authored-by: tamaina <tamaina@hotmail.co.jp>

packages/backend/package.json

@@ -12,9 +12,9 @@
 		"migrate": "pnpm typeorm migration:run -d ormconfig.js",
 		"revert": "pnpm typeorm migration:revert -d ormconfig.js",
 		"check:connect": "node ./scripts/check_connect.js",
-		"build": "swc src -d built -D",
-		"build:test": "swc test-server -d built-test -D --config-file test-server/.swcrc",
-		"watch:swc": "swc src -d built -D -w",
+		"build": "swc src -d built -D --strip-leading-paths",
+		"build:test": "swc test-server -d built-test -D --config-file test-server/.swcrc --strip-leading-paths",
+		"watch:swc": "swc src -d built -D -w --strip-leading-paths",
 		"build:tsc": "tsc -p tsconfig.json && tsc-alias -p tsconfig.json",
 		"watch": "node ./scripts/watch.mjs",
 		"restart": "pnpm build && pnpm start",
@@ -67,38 +67,39 @@
 	"dependencies": {
 		"@aws-sdk/client-s3": "3.412.0",
 		"@aws-sdk/lib-storage": "3.412.0",
-		"@bull-board/api": "5.14.2",
-		"@bull-board/fastify": "5.14.2",
-		"@bull-board/ui": "5.14.2",
-		"@discordapp/twemoji": "15.0.2",
+		"@bull-board/api": "5.17.0",
+		"@bull-board/fastify": "5.17.0",
+		"@bull-board/ui": "5.17.0",
+		"@discordapp/twemoji": "15.0.3",
 		"@fastify/accepts": "4.3.0",
 		"@fastify/cookie": "9.3.1",
-		"@fastify/cors": "8.5.0",
-		"@fastify/express": "2.3.0",
-		"@fastify/http-proxy": "9.3.0",
-		"@fastify/multipart": "8.1.0",
-		"@fastify/static": "6.12.0",
-		"@fastify/view": "8.2.0",
+		"@fastify/cors": "9.0.1",
+		"@fastify/express": "3.0.0",
+		"@fastify/http-proxy": "9.5.0",
+		"@fastify/multipart": "8.2.0",
+		"@fastify/static": "7.0.3",
+		"@fastify/view": "9.1.0",
 		"@misskey-dev/sharp-read-bmp": "1.2.0",
 		"@misskey-dev/summaly": "5.1.0",
-		"@nestjs/common": "10.3.3",
-		"@nestjs/core": "10.3.3",
-		"@nestjs/testing": "10.3.3",
+		"@napi-rs/canvas": "^0.1.52",
+		"@nestjs/common": "10.3.8",
+		"@nestjs/core": "10.3.8",
+		"@nestjs/testing": "10.3.8",
 		"@peertube/http-signature": "1.7.0",
-		"@simplewebauthn/server": "9.0.3",
+		"@simplewebauthn/server": "10.0.0",
 		"@sinonjs/fake-timers": "11.2.2",
-		"@smithy/node-http-handler": "2.1.10",
-		"@swc/cli": "0.1.63",
-		"@swc/core": "1.3.107",
-		"@twemoji/parser": "15.0.0",
+		"@smithy/node-http-handler": "2.5.0",
+		"@swc/cli": "0.3.12",
+		"@swc/core": "1.4.17",
+		"@twemoji/parser": "15.1.1",
 		"accepts": "1.3.8",
-		"ajv": "8.12.0",
-		"archiver": "6.0.1",
-		"async-mutex": "0.4.1",
+		"ajv": "8.13.0",
+		"archiver": "7.0.1",
+		"async-mutex": "0.5.0",
 		"bcryptjs": "2.4.3",
 		"blurhash": "2.0.5",
 		"body-parser": "1.20.2",
-		"bullmq": "5.4.0",
+		"bullmq": "5.7.8",
 		"cacheable-lookup": "7.0.0",
 		"cbor": "9.0.2",
 		"chalk": "5.3.0",
@@ -109,85 +110,84 @@
 		"content-disposition": "0.5.4",
 		"date-fns": "2.30.0",
 		"deep-email-validator": "0.1.21",
-		"fastify": "4.25.2",
+		"fastify": "4.26.2",
 		"fastify-raw-body": "4.3.0",
 		"feed": "4.2.2",
 		"file-type": "19.0.0",
 		"fluent-ffmpeg": "2.1.2",
 		"form-data": "4.0.0",
-		"got": "14.2.0",
-		"happy-dom": "10.0.3",
+		"got": "14.2.1",
+		"happy-dom": "14.7.1",
 		"hpagent": "1.2.0",
 		"htmlescape": "1.1.1",
-		"http-link-header": "1.1.2",
-		"ioredis": "5.3.2",
+		"http-link-header": "1.1.3",
+		"ioredis": "5.4.1",
 		"ip-cidr": "3.1.0",
-		"ipaddr.js": "2.1.0",
+		"ipaddr.js": "2.2.0",
 		"is-svg": "5.0.0",
 		"js-yaml": "4.1.0",
-		"jsdom": "23.2.0",
+		"jsdom": "24.0.0",
 		"json5": "2.2.3",
 		"jsonld": "8.3.2",
 		"jsrsasign": "11.1.0",
-		"meilisearch": "0.37.0",
+		"meilisearch": "0.38.0",
 		"mfm-js": "0.24.0",
 		"microformats-parser": "2.0.2",
 		"mime-types": "2.1.35",
 		"misskey-js": "workspace:*",
 		"misskey-reversi": "workspace:*",
 		"ms": "3.0.0-canary.1",
-		"nanoid": "5.0.6",
+		"nanoid": "5.0.7",
 		"nested-property": "4.0.0",
 		"node-fetch": "3.3.2",
-		"nodemailer": "6.9.10",
+		"nodemailer": "6.9.13",
 		"nsfwjs": "2.4.2",
 		"oauth": "0.10.0",
 		"oauth2orize": "1.12.0",
 		"oauth2orize-pkce": "0.1.2",
 		"os-utils": "0.0.14",
-		"otpauth": "9.2.2",
+		"otpauth": "9.2.3",
 		"parse5": "7.1.2",
-		"pg": "8.11.3",
+		"pg": "8.11.5",
 		"pkce-challenge": "4.1.0",
 		"probe-image-size": "7.2.3",
 		"promise-limit": "2.7.0",
 		"pug": "3.0.2",
 		"punycode": "2.3.1",
-		"pureimage": "0.3.17",
 		"qrcode": "1.5.3",
 		"random-seed": "0.3.0",
 		"ratelimiter": "3.4.1",
-		"re2": "1.20.9",
+		"re2": "1.20.10",
 		"redis-lock": "0.1.4",
-		"reflect-metadata": "0.2.1",
+		"reflect-metadata": "0.2.2",
 		"rename": "1.0.4",
 		"rss-parser": "3.13.0",
 		"rxjs": "7.8.1",
-		"sanitize-html": "2.12.1",
+		"sanitize-html": "2.13.0",
 		"secure-json-parse": "2.7.0",
-		"sharp": "0.33.2",
+		"sharp": "0.33.3",
 		"slacc": "0.0.10",
 		"strict-event-emitter-types": "2.0.0",
 		"stringz": "2.1.0",
-		"systeminformation": "5.22.0",
+		"systeminformation": "5.22.7",
 		"tinycolor2": "1.6.0",
-		"tmp": "0.2.2",
+		"tmp": "0.2.3",
 		"tsc-alias": "1.8.8",
 		"tsconfig-paths": "4.2.0",
 		"typeorm": "0.3.20",
-		"typescript": "5.3.3",
+		"typescript": "5.4.5",
 		"ulid": "2.3.0",
 		"vary": "1.1.2",
 		"web-push": "3.6.7",
-		"ws": "8.16.0",
+		"ws": "8.17.0",
 		"xev": "3.0.2"
 	},
 	"devDependencies": {
 		"@jest/globals": "29.7.0",
 		"@misskey-dev/eslint-plugin": "1.0.0",
-		"@nestjs/platform-express": "10.3.3",
-		"@simplewebauthn/types": "9.0.1",
-		"@swc/jest": "0.2.31",
+		"@nestjs/platform-express": "10.3.8",
+		"@simplewebauthn/types": "10.0.0",
+		"@swc/jest": "0.2.36",
 		"@types/accepts": "1.3.7",
 		"@types/archiver": "6.0.2",
 		"@types/bcryptjs": "2.4.6",
@@ -197,20 +197,20 @@
 		"@types/fluent-ffmpeg": "2.1.24",
 		"@types/htmlescape": "^1.1.3",
 		"@types/http-link-header": "1.0.5",
-		"@types/jest": "29.5.11",
+		"@types/jest": "29.5.12",
 		"@types/js-yaml": "4.0.9",
 		"@types/jsdom": "21.1.6",
 		"@types/jsonld": "1.5.13",
-		"@types/jsrsasign": "10.5.12",
+		"@types/jsrsasign": "10.5.14",
 		"@types/mime-types": "2.1.4",
 		"@types/ms": "0.7.34",
-		"@types/node": "20.11.22",
+		"@types/node": "20.12.7",
 		"@types/node-fetch": "3.0.3",
-		"@types/nodemailer": "6.4.14",
+		"@types/nodemailer": "6.4.15",
 		"@types/oauth": "0.9.4",
-		"@types/oauth2orize": "1.11.3",
+		"@types/oauth2orize": "1.11.5",
 		"@types/oauth2orize-pkce": "0.1.2",
-		"@types/pg": "8.11.2",
+		"@types/pg": "8.11.5",
 		"@types/pug": "2.0.10",
 		"@types/punycode": "2.1.4",
 		"@types/qrcode": "1.5.5",
@@ -226,8 +226,8 @@
 		"@types/vary": "1.1.3",
 		"@types/web-push": "3.6.3",
 		"@types/ws": "8.5.10",
-		"@typescript-eslint/eslint-plugin": "7.1.0",
-		"@typescript-eslint/parser": "7.1.0",
+		"@typescript-eslint/eslint-plugin": "7.7.1",
+		"@typescript-eslint/parser": "7.7.1",
 		"aws-sdk-client-mock": "3.0.1",
 		"cross-env": "7.0.3",
 		"eslint": "8.57.0",

packages/backend/src/core/WebAuthnService.ts

@@ -10,7 +10,7 @@ import {
 	generateRegistrationOptions, verifyAuthenticationResponse,
 	verifyRegistrationResponse,
 } from '@simplewebauthn/server';
-import { AttestationFormat, isoCBOR } from '@simplewebauthn/server/helpers';
+import { AttestationFormat, isoCBOR, isoUint8Array } from '@simplewebauthn/server/helpers';
 import { DI } from '@/di-symbols.js';
 import type { UserSecurityKeysRepository } from '@/models/_.js';
 import type { Config } from '@/config.js';
@@ -49,7 +49,7 @@ export class WebAuthnService {
 		const instance = await this.metaService.fetch();
 		return {
 			origin: this.config.url,
-			rpId: this.config.host,
+			rpId: this.config.hostname,
 			rpName: instance.name ?? this.config.host,
 			rpIcon: instance.iconUrl ?? undefined,
 		};
@@ -65,13 +65,12 @@ export class WebAuthnService {
 		const registrationOptions = await generateRegistrationOptions({
 			rpName: relyingParty.rpName,
 			rpID: relyingParty.rpId,
-			userID: userId,
+			userID: isoUint8Array.fromUTF8String(userId),
 			userName: userName,
 			userDisplayName: userDisplayName,
 			attestationType: 'indirect',
-			excludeCredentials: keys.map(key => (<PublicKeyCredentialDescriptorFuture>{
-				id: Buffer.from(key.id, 'base64url'),
-				type: 'public-key',
+			excludeCredentials: keys.map(key => (<{ id: string; transports?: AuthenticatorTransportFuture[]; }>{
+				id: key.id,
 				transports: key.transports ?? undefined,
 			})),
 			authenticatorSelection: {
@@ -87,7 +86,7 @@ export class WebAuthnService {
 
 	@bindThis
 	public async verifyRegistration(userId: MiUser['id'], response: RegistrationResponseJSON): Promise<{
-		credentialID: Uint8Array;
+		credentialID: string;
 		credentialPublicKey: Uint8Array;
 		attestationObject: Uint8Array;
 		fmt: AttestationFormat;
@@ -144,6 +143,7 @@ export class WebAuthnService {
 
 	@bindThis
 	public async initiateAuthentication(userId: MiUser['id']): Promise<PublicKeyCredentialRequestOptionsJSON> {
+		const relyingParty = await this.getRelyingParty();
 		const keys = await this.userSecurityKeysRepository.findBy({
 			userId: userId,
 		});
@@ -153,9 +153,9 @@ export class WebAuthnService {
 		}
 
 		const authenticationOptions = await generateAuthenticationOptions({
-			allowCredentials: keys.map(key => (<PublicKeyCredentialDescriptorFuture>{
-				id: Buffer.from(key.id, 'base64url'),
-				type: 'public-key',
+			rpID: relyingParty.rpId,
+			allowCredentials: keys.map(key => (<{ id: string; transports?: AuthenticatorTransportFuture[]; }>{
+				id: key.id,
 				transports: key.transports ?? undefined,
 			})),
 			userVerification: 'preferred',
@@ -219,7 +219,7 @@ export class WebAuthnService {
 				expectedOrigin: relyingParty.origin,
 				expectedRPID: relyingParty.rpId,
 				authenticator: {
-					credentialID: Buffer.from(key.id, 'base64url'),
+					credentialID: key.id,
 					credentialPublicKey: Buffer.from(key.publicKey, 'base64url'),
 					counter: key.counter,
 					transports: key.transports ? key.transports as AuthenticatorTransportFuture[] : undefined,

packages/backend/src/misc/gen-identicon.ts

@@ -8,9 +8,8 @@
  * https://en.wikipedia.org/wiki/Identicon
  */
 
-import * as p from 'pureimage';
+import { createCanvas } from '@napi-rs/canvas';
 import gen from 'random-seed';
-import type { WriteStream } from 'node:fs';
 
 const size = 128; // px
 const n = 5; // resolution
@@ -45,9 +44,9 @@ const sideN = Math.floor(n / 2);
 /**
  * Generate buffer of an identicon by seed
  */
-export function genIdenticon(seed: string, stream: WriteStream): Promise<void> {
+export async function genIdenticon(seed: string): Promise<Buffer> {
 	const rand = gen.create(seed);
-	const canvas = p.make(size, size, undefined);
+	const canvas = createCanvas(size, size);
 	const ctx = canvas.getContext('2d');
 
 	const bgColors = colors[rand(colors.length)];
@@ -101,5 +100,5 @@ export function genIdenticon(seed: string, stream: WriteStream): Promise<void> {
 		}
 	}
 
-	return p.encodePNGToStream(canvas, stream);
+	return await canvas.encode('png');
 }

packages/backend/src/server/ServerService.ts

@@ -18,7 +18,6 @@ import { DI } from '@/di-symbols.js';
 import type Logger from '@/logger.js';
 import * as Acct from '@/misc/acct.js';
 import { genIdenticon } from '@/misc/gen-identicon.js';
-import { createTemp } from '@/misc/create-temp.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
 import { LoggerService } from '@/core/LoggerService.js';
 import { bindThis } from '@/decorators.js';
@@ -192,9 +191,7 @@ export class ServerService implements OnApplicationShutdown {
 			reply.header('Cache-Control', 'public, max-age=86400');
 
 			if ((await this.metaService.fetch()).enableIdenticonGeneration) {
-				const [temp, cleanup] = await createTemp();
-				await genIdenticon(request.params.x, fs.createWriteStream(temp));
-				return fs.createReadStream(temp).on('close', () => cleanup());
+				return await genIdenticon(request.params.x);
 			} else {
 				return reply.redirect('/static-assets/avatar.png');
 			}

packages/backend/src/server/api/endpoints/i/2fa/key-done.ts

@@ -96,10 +96,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
 			}
 
 			const keyInfo = await this.webAuthnService.verifyRegistration(me.id, ps.credential);
+			const keyId = keyInfo.credentialID;
 
-			const credentialId = Buffer.from(keyInfo.credentialID).toString('base64url');
 			await this.userSecurityKeysRepository.insert({
-				id: credentialId,
+				id: keyId,
 				userId: me.id,
 				name: ps.name,
 				publicKey: Buffer.from(keyInfo.credentialPublicKey).toString('base64url'),
@@ -116,7 +116,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
 			}));
 
 			return {
-				id: credentialId,
+				id: keyId,
 				name: ps.name,
 			};
 		});

packages/backend/src/server/web/ClientServerService.ts

@@ -199,6 +199,11 @@ export class ClientServerService {
 
 		// Authenticate
 		fastify.addHook('onRequest', async (request, reply) => {
+			if (request.routeOptions.url == null) {
+				reply.code(404).send('Not found');
+				return;
+			}
+
 			// %71ueueとかでリクエストされたら困るため
 			const url = decodeURI(request.routeOptions.url);
 			if (url === bullBoardPath || url.startsWith(bullBoardPath + '/')) {

packages/backend/src/server/web/views/base.pug

@@ -36,7 +36,7 @@ html
 		link(rel='prefetch' href=infoImageUrl)
 		link(rel='prefetch' href=notFoundImageUrl)
 		//- https://github.com/misskey-dev/misskey/issues/9842
-		link(rel='stylesheet' href='/assets/tabler-icons/tabler-icons.min.css?v2.44.0')
+		link(rel='stylesheet' href='/assets/tabler-icons/tabler-icons.min.css?v3.3.0')
 		link(rel='modulepreload' href=`/vite/${clientEntry.file}`)
 
 		if !config.clientManifestExists