Marie
d412879560
fix: bubble state not working on federation page
2024-01-02 20:43:11 +01:00
Marie
a1a57889fc
upd: add bubble to instance federation page as state
...
Closes #296
2024-01-02 13:35:03 +01:00
Marie
81dea75eb7
upd: higher character limit for poll options
...
Limited to 150 to account for {}, "" and commas in DB column
Closes #297
2024-01-02 12:39:47 +01:00
Marie
1805150533
fix: visibility check on masto import
...
Originally from PR #288
2023-12-31 22:41:35 +01:00
dakkar
8bc77072cb
fix: sort multiple config files
...
`globSync` doesn't guarantee the order in which it returns the
matching paths, so without the `sort()`, the config files may be
merged differently each time the server is started
2023-12-31 18:44:53 +00:00
Marie
4f2fa60a72
merge: bugfix auth-fetch ask to never cache responses ( #284 )
...
Reviewed-on: https://git.joinsharkey.org/Sharkey/Sharkey/pulls/284
2023-12-31 19:24:29 +01:00
Marie
3ec00398a3
fix: security with notes/show endpoint
2023-12-31 19:21:59 +01:00
Marie
233eff48f3
merge: pleroma note import - Use hashed filename for exists check ( #283 )
...
Reviewed-on: https://git.joinsharkey.org/Sharkey/Sharkey/pulls/283
2023-12-31 18:43:38 +01:00
Marie
b1c26201ca
upd: Note Length customization
...
note length is now configurable through the config file
Closes #281
falls back to 3000 (misskey default) if not used/included in config
2023-12-31 18:22:02 +01:00
Marie
031d748d0c
fix: /oauth/oauth to /oauth
2023-12-31 17:25:38 +01:00
dakkar
61c193c08f
lint
2023-12-31 16:17:45 +00:00
smitten
8d6d5923da
Simplify hash steps
2023-12-31 11:14:41 -05:00
smitten
327694d4cf
Use base64url digest
2023-12-31 09:13:51 -05:00
smitten
e9428a5a05
Use hex digest
2023-12-31 09:03:46 -05:00
dakkar
6d5d3d9ea1
auth-fetch: ask to never cache responses
...
I could have factored out all the lines that set cache headers, but
that would have made future merges even more complicated ☹
thanks ShittyCopper for reporting the problem!
2023-12-31 13:27:38 +00:00
Marie
b700fadbe3
upd: add home as a visibility for mastodon imports
2023-12-31 06:32:39 +01:00
Marie
07f06d7ed6
fix: if condition
2023-12-31 04:09:44 +01:00
Marie
fc6581b948
fix: correct followers visibility on import
2023-12-31 03:50:05 +01:00
Marie
667daebb79
upd: prevent vanilla mastodon imports from importing DMs
...
Also adds the visibility function to mastodon imports
2023-12-31 03:48:51 +01:00
smitten
0bb0d69543
Use hashed filename for exists check
2023-12-30 20:44:31 -05:00
trivernis
5f2e07d81f
Revert unnecessary changes to backend package.json
2023-12-29 20:05:19 +01:00
Trivernis
5af915e17e
Merge branch 'develop' into feature/config-dropdir
2023-12-29 20:04:22 +01:00
Marie
18e82c0627
fix: frontend not being able to build
2023-12-28 19:37:22 +01:00
Marie
870f70a683
upd: up sfm.js version
2023-12-28 13:06:11 +01:00
Marie
9a9f61a6c0
fix: typecheck
2023-12-28 12:52:12 +01:00
Marie
592027cf68
merge: upstream
2023-12-28 09:54:32 +01:00
Chocolate Pie
530a282524
fix(test): CIが落ちている問題を修正 ( #12816 )
...
* fix(test): CIが落ちているのを修正
* fix(ci)?: CIの`typecheck`が落ちる問題を修正
* fix(ci): コンフィグファイルのタイポを修正
2023-12-28 09:46:46 +01:00
MomentQYC
3f60d7c44b
Add a prompt for Tor Browser users ( #12776 )
...
* perf: Add a prompt for Tor Browser users
* typo
2023-12-28 09:46:46 +01:00
Kagami Sascha Rosylight
544b8106b2
feat(backend/oauth): allow CORS for token endpoint ( #12814 )
...
* feat(backend/oauth): allow CORS for token endpoint
* no need to explicitly set origin to `*`
* Update CHANGELOG.md
2023-12-28 09:46:19 +01:00
Chocolate Pie
82822e29d9
Merge pull request from GHSA-7pxq-6xx9-xpgm
...
* fix: fix improper authorization when accessing with third-party application
* refactor: refactor type definitions
* fix: get rid of unnecessary access limitation
* enhance: サードパーティアプリケーションがWebsocket APIを使えるように
* fix: add missing parentheses
* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"
This reverts commit 5150053275
.
* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする
* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加
* enhance(test): Websocket APIに対するテストも追加
* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合
* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正
* enhance(backend): Websocketの接続に最低限必要な権限を変更
* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように
* fix(backend): エンドポイントにアクセスするために必要な権限を変更
* fix(frontend/locale): Add missing type declaration
* chore: update `misskey-js/src/autogen`
---------
Co-authored-by: tamaina <tamaina@hotmail.co.jp>
2023-12-28 09:45:54 +01:00
shiosyakeyakini
790f509ebe
fix(backend): 非センシティブのみ(リモートはいいねのみ)が昨日していない問題を修正 ( #12801 ) ( #12802 )
...
Co-authored-by: sorairo <sorairo@shiosyakeyakini.info>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2023-12-28 09:45:15 +01:00
zyoshoka
8daff4a998
refactor(frontend): Reactivityで型を明示するように ( #12791 )
...
* refactor(frontend): Reactivityで型を明示するように
* fix: プロパティの参照が誤っているのを修正
* fix: 初期化の値を空配列に書き換えていた部分をnullに置き換え
2023-12-28 09:45:15 +01:00
anatawa12
34cdba6c11
fix: 自分のdirect noteがuser list timelineに追加されない ( #12782 )
...
* fix: 自分のdirect noteがuser list timelineに追加されない
* docs(changelog): Fix: 自分のdirect noteがuser list timelineに追加されない
2023-12-28 09:43:12 +01:00
Nya Candy
6f65091cef
fix: lint ( #12761 )
2023-12-28 09:42:47 +01:00
おさむのひと
f743cba26b
fix(backend): 1702718871541-ffVisibility.jsのdownが壊れている ( #12767 )
2023-12-28 09:42:47 +01:00
syuilo
42cc909c5b
enhance(backend): センシティブワードの設定がハッシュタグトレンドにも適用されるように
2023-12-28 09:42:47 +01:00
Marie
1f5256b99c
upd: mute reaction notifications if thread is muted
...
Closes #263
2023-12-27 23:53:37 +01:00
trivernis
06d110a773
Lock glob to exact package version 10.3.10
2023-12-27 21:02:10 +01:00
trivernis
93094bcb72
Keep only the changes to loading the config files using glob patterns
2023-12-27 16:35:14 +01:00
trivernis
df7f4aa3ec
Add support for glob syntax to config file env variables
...
This change allows loading config files using glob syntax, for
exakple `production-*.yml` to load all config files prefixed with
*production*. With this change the config file can also be configured
using two additional env variables `SHARKEY_CONFIG_YML`
and `SHARKEY_CONFIG_FILE`.
2023-12-27 16:08:37 +01:00
Trivernis
8b31c12607
Merge branch 'develop' into feature/config-dropdir
2023-12-27 14:11:42 +01:00
trivernis
64d34f595c
Change loadConfig to load all yaml files in the config directory
2023-12-27 14:09:59 +01:00
Marie
5bc036180f
upd: module versions
2023-12-25 21:37:13 +01:00
Marie
fd57c7e24c
merge: authorized fetch ( #247 )
...
Closes #217
2023-12-24 10:02:53 +01:00
dakkar
a3dd61dec4
fix logging
2023-12-23 21:27:48 +00:00
dakkar
e6c02909c7
fix typo
...
thanks @Marie
2023-12-23 20:11:53 +00:00
Marie
53365159e8
merge: real-time updates on note detail view ( #246 )
...
Closes #223
Reviewed-on: https://git.joinsharkey.org/Sharkey/Sharkey/pulls/246
Reviewed-by: Marie <marie@kaifa.ch>
2023-12-23 21:00:00 +01:00
dakkar
477cda0b63
authorized fetch: log when things go wrong
2023-12-23 15:26:42 +00:00
dakkar
1984416e3e
authorized fetch: let /@instance.actor through
...
this is probably never actually used, but it still looks like a good
idea (also, FireFish does it)
thanks @ShittyKoper for noticing!
2023-12-23 15:26:42 +00:00
dakkar
e5ea882ed7
authorized fetch #217
...
the implementation is copied from the other places we already check
HTTP signatures, and cross-checked with Firefish's implementation
2023-12-23 15:26:42 +00:00