heartles/egirlskey
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge branch 'develop'

Browse source
This commit is contained in:
syuilo 2023-02-04 18:22:08 +09:00
commit 9d84214462
4 changed files with 15 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
CHANGELOG.md
View file

@ -9,6 +9,11 @@
You should also include the user name that made the change.
-->
## 13.3.3 (2023/02/04)
### Bugfixes
- Server: improve security
## 13.3.2 (2023/02/04)
### Improvements

7
locales/zh-CN.yml
View file

@ -1023,17 +1023,23 @@ _achievements:
title: "定期联系Ⅲ"
description: "总登录天数400天"
_login500:
title: "老熟人Ⅰ"
description: "总登录天数500天"
flavor: "诸君,我喜欢贴文"
_login600:
title: "老熟人Ⅱ"
description: "总登录天数600天"
_login700:
title: "老熟人Ⅲ"
description: "总登录天数700天"
_login800:
title: "帖子大师Ⅰ"
description: "总登录天数800天"
_login900:
title: "帖子大师Ⅱ"
description: "总登录天数900天"
_login1000:
title: "帖子大师Ⅲ"
description: "总登录天数1000天"
flavor: "感谢您使用Misskey"
_noteClipped1:
@ -1086,6 +1092,7 @@ _achievements:
title: "信号塔"
description: "拥有超过500名关注者"
_followers1000:
title: "大影响家"
description: "拥有超过1000名关注者"
_collectAchievements30:
title: "成就收藏家"

2
package.json
View file

@ -1,6 +1,6 @@
{
"name": "misskey",
"version": "13.3.2",
"version": "13.3.3",
"codename": "nasubi",
"repository": {
"type": "git",

4
packages/backend/src/server/api/endpoints/notes/search-by-tag.ts
View file

@ -95,14 +95,14 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
try {
if (ps.tag) {
if (!safeForSql(ps.tag)) throw 'Injection';
if (!safeForSql(normalizeForSearch(ps.tag))) throw 'Injection';
query.andWhere(`'{"${normalizeForSearch(ps.tag)}"}' <@ note.tags`);
} else {
query.andWhere(new Brackets(qb => {
for (const tags of ps.query!) {
qb.orWhere(new Brackets(qb => {
for (const tag of tags) {
if (!safeForSql(tag)) throw 'Injection';
if (!safeForSql(normalizeForSearch(tag))) throw 'Injection';
qb.andWhere(`'{"${normalizeForSearch(tag)}"}' <@ note.tags`);
}
}));