* add id for activitypub follows
* fix lint
* fix: follower must be local, followee must be remote
Misskey will only use ActivityPub follow requests for users that are local
and are requesting to follow a remote user. This check is to ensure that
this endpoint can not be used by other services or instances.
* fix: missing import
* render block with id
* fix comment
* add more user details for admins to see
* fix some issues
* small style fix
as suggested by Johann150
Co-authored-by: Johann150 <johann@qwertqwefsday.eu>
* fix
Co-authored-by: Johann150 <johann@qwertqwefsday.eu>
Co-authored-by: Johann150 <johann@qwertqwefsday.eu>
* enhance: rate limit works without signed in user
* fix: make limit key required for limiter
As before the fallback limiter key will be set from the endpoint name.
* enhance: use limiter for signin
* Revert "CAPTCHA求めるのは2fa認証が無効になっているときだけにした"
This reverts commit 02a43a310f6ad0cc9e9beccc26e51ab5b339e15f.
* Revert "feat: make captcha required when signin to improve security"
This reverts commit b21b0580058c14532ff3f4033e2a9147643bfca6.
* fix undefined reference
* fix: better error message
* enhance: only handle prefix of IPv6
* simplify temporary files for thumbnails
Because only a single file will be written to the directory, creating a
separate directory seems unnecessary. If only a temporary file is created,
the code from `createTemp` can be reused here as well.
* refactor: deduplicate code for temporary files/directories
To follow the DRY principle, the same code should not be duplicated
across different files. Instead an already existing function is used.
Because temporary directories are also create in multiple locations,
a function for this is also newly added to reduce duplication.
* fix: clean up identicon temp files
The temporary files for identicons are not reused and can be deleted
after they are fully read. This condition is met when the stream is closed
and so the file can be cleaned up using the events API of the stream.
* fix: ensure cleanup is called when download fails
* fix: ensure cleanup is called in error conditions
This covers import/export queue jobs and is mostly just wrapping all
code in a try...finally statement where the finally runs the cleanup.
* fix: use correct type instead of `any`
* enhance: make theme color format uniform
All newly fetched instance theme colors will be uniformely formatted
as hashtag followed by 6 hexadecimal digits.
Colors are checked for validity and invalid colors are not handled.
* better input validation for own theme color
* migration to unify theme color formats
Fixes theme colors of other instances as well as the local instance.
* add changelog entry
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
* remove empty file
If the endpoint is to be implemented later, the file can be added back,
but for now it is confusing to have an empty file.
* enhance(doc): document defaults
Default for `isPublic` is based on the database schema default value.
Defaults for `local` and `withFiles` are based on the behaviour of the endpoint.
* enhance(doc): explain nullable emoji category
* fix: make nullable if default is null
* enhance(doc): explain mute attribute expiresAt
* fix: define required fields
- `notes/create`: the default for `text` has been removed because ajv can not handle
`default` inside of `anyOf`, see
https://ajv.js.org/guide/modifying-data.html#assigning-defaults
and the default value cannot be `null` if text is `nullable: false` in the `anyOf`
first alternative.
- `notes/create`: The `mediaIds` property has been marked as deprecated because it
has the same behaviour as using `fileIds`, but the implementation tries to handlè
`fileIds` first.
- The result schema for `admin/emoji/list` has been altered because the `host`
property will always be `null` as it is filtered this way in the database query.
See packages/backend/src/server/api/endpoints/admin/emoji/list.ts line 67.
* enhance(doc): explain nullable hostname
* update changelog
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>