Commit Graph

2079 Commits

Author SHA1 Message Date
Laura Hausmann
b73a07011a
[backend] Backslash needs to be escaped in sqlLikeEscape 2023-11-18 19:46:37 +01:00
Laura Hausmann
9ee786e888
[mastodon-client] Verify scopes are identical between /oauth/authorize and /oauth/token instead of testing whether they are a subset 2023-11-16 20:37:21 +01:00
Laura Hausmann
c60414f347
[backend] Fix re2 imports 2023-11-15 15:17:35 +01:00
Laura Hausmann
20410b0543
[backend] Move back to upstream re2 dependency
Upstream accepted my patches for both re2 (fixing build on arm64-musl) and the install-artifact-from-github dependency (cutting down build times for architectures where prebuilts are available from ~2 minutes to ~2 seconds), so there's no reason to stick with our fork.
2023-11-15 15:12:59 +01:00
Laura Hausmann
b45be30d19
[mastodon-client] Fix scope parameter in /oauth/token 2023-11-14 17:19:17 +01:00
Alexis
76db23855c
added more selective control over users show endpoint 2023-11-10 03:05:08 +01:00
Laura Hausmann
2baa787b72
[backend] Dynamically import redisClient in postgre.ts and dependencies
This fixes unnecessary redisClient instances being created during migration runs, which previously prevented the revertmigration command from exiting by itself due to a TypeORM inconsistency between migration:run and migration:revert.
2023-11-07 23:12:20 +01:00
Laura Hausmann
7cf00d1503
[backend] Move to our own fork of the re2 package
This fixes builds on alpine-arm64 (and presumably also other musl-arm64 distros)
2023-11-05 16:54:00 +01:00
Laura Hausmann
42aa8b7126
[backend] Remove cache server configuration, migrate back to unified redis in-memory cache 2023-11-05 15:03:17 +01:00
Laura Hausmann
9d4f74d290
[backend] Add _misskey_summary field
This fixes federation of MFM in user bios between *key instances

Co-authored-by: default avatarkakkokari-gtyih <daisho7308+f@gmail.com>
ref: https://github.com/misskey-dev/misskey/pull/12184
2023-11-05 14:49:51 +01:00
Laura Hausmann
b6ee1c5dc4
[mastodon-client] Add missing semicolon 2023-11-04 23:51:58 +01:00
Laura Hausmann
734c6685f7
[mastodon-client] Don't duplicate RE: for pleroma/akkoma quotes 2023-11-04 23:50:08 +01:00
Laura Hausmann
35c75bbebf
[backend] Reset poll votes when choices change on note edit 2023-11-04 23:22:34 +01:00
Laura Hausmann
8b78709378
[backend] Fix errors in updateNote
This fixes incoming federation of poll edits
2023-11-04 23:08:29 +01:00
Laura Hausmann
2166ea019d
[backend] Require authentication to view channels 2023-11-03 22:56:02 +01:00
Laura Hausmann
cd48af6393
[backend] Fix polls not federating properly to non-*key servers
This fixes a regression that caused the `content` attribute of rendered notes with polls attached to be set to `{}`, causing undefined behavior in Mastodon & Akkoma. Misskey & forks just use the `_misskey_content` attribute, which was unaffected.
2023-11-03 16:09:54 +01:00
Laura Hausmann
1e2045bf33
[backend] Correctly handle tags on edit 2023-11-03 13:49:46 +01:00
Laura Hausmann
6d715cfef5
[backend] Don't return local only notes for guest users 2023-11-02 18:47:54 +01:00
Laura Hausmann
b100b88971
Migrate from rome to biome 2023-10-27 16:46:38 +02:00
Laura Hausmann
c49780bcee
Fix build on NodeJS 21 2023-10-26 18:38:39 +02:00
Laura Hausmann
80c9280682
[backend] Decrease default RecursionLimiter count to 10 2023-10-25 18:11:30 +02:00
Laura Hausmann
1cbfd68a39
[backend] Also use RecursionLimiter for parseAudience and noteCreateService 2023-10-25 18:10:23 +02:00
Laura Hausmann
4dd8fdbd04
[backend] Refactor database transactions
This moves all code that isn't a direct call to transactionalEntityManager to outside of the transaction blocks, and removes all transaction blocks that were unnecessary
2023-10-25 17:03:08 +02:00
Laura Hausmann
7c56ee348b
[mastodon-client] Refresh user data in background on UserConverter.encode 2023-10-25 14:15:03 +02:00
Laura Hausmann
2575588fa3
[backend] Use a recursion limiter for user profile mentions instead of disabling recursion altogether 2023-10-25 13:49:10 +02:00
Laura Hausmann
9b13ec9c0c
[backend] Catch errors in refetchPublicKeyForApId 2023-10-24 20:44:30 +02:00
Laura Hausmann
3b85491ee4
[backend] Don't recursively resolve user profile mentions 2023-10-24 18:50:41 +02:00
Laura Hausmann
7c8881f1a8
[backend] Limit user profile mentions queue to a concurrency of 5 2023-10-24 18:50:41 +02:00
Laura Hausmann
8c45d331ef
[mastodon-client] Bump compatible version to 4.2.1
This allows clients to detect support for features like "hide list members from home timeline"
2023-10-24 18:50:41 +02:00
Laura Hausmann
d025177d2c
[mastodon-client] Fix renoteMuting for streaming API 2023-10-22 23:00:31 +02:00
Laura Hausmann
10865168bf
[backend] Fix UserListJoining delete query on unfollow 2023-10-22 22:50:47 +02:00
Laura Hausmann
c7dc059116
[backend] Cleaner workaround for GoToSocial federation with authorized fetch 2023-10-22 22:00:17 +02:00
Laura Hausmann
496454cf1f
[backend] Fix initial federation initiated by GoToSocial in secure mode
This bypasses GoToSocial issue #1186 (ref: https://github.com/superseriousbusiness/gotosocial/issues/1186)
2023-10-22 19:43:31 +02:00
Laura Hausmann
89ab890331
[backend] [client] Add option to hide user lists from home timeline 2023-10-22 18:43:51 +02:00
Laura Hausmann
fdd8c28aed
[backend] Don't filter search-by-username-and-host by recently active by default 2023-10-22 18:43:51 +02:00
Laura Hausmann
37ac6addd2
[backend] Remove unfollowed users from existing lists with migration 2023-10-22 18:43:51 +02:00
Laura Hausmann
d1cf1b5611
[backend] Remove user from list on unfollow 2023-10-21 23:56:34 +02:00
Laura Hausmann
11b3d4fa0a
[backend] Require users to be followed before adding them to lists 2023-10-21 23:56:34 +02:00
Laura Hausmann
7ad6bbd32c
[backend] Remove user list proxy account 2023-10-21 23:56:33 +02:00
Laura Hausmann
ed25373bc7
[mastodon-client] Return uri as url if status has no known url and is not local 2023-10-21 23:42:59 +02:00
Laura Hausmann
d8f13b6a06
[mastodon-client] Prefer status url over uri 2023-10-21 23:24:08 +02:00
Laura Hausmann
04fa6bef15
[backend] Improved http signature verification checks
This fixes an edge case where federation with split domain instances could fail.
2023-10-21 22:39:03 +02:00
Laura Hausmann
1f53affd76
Upgrade versions of dependencies with critical vulnerabilities 2023-10-20 23:16:11 +02:00
Laura Hausmann
97c733dd72
[backend] Add cache for resolveMentionToUserAndProfile 2023-10-20 20:20:49 +02:00
Laura Hausmann
544b5a1678
[backend] Use a semaphore around populateMentions
This fixes a user-generated DoS payload for giant webring-style trees of mentions in user bios that could cause backend stalls.
2023-10-20 20:16:01 +02:00
Laura Hausmann
9b96b54c3c
[backend] Add start:debug command 2023-10-20 16:47:18 +02:00
Laura Hausmann
5c7a663320
[backend] Remove nsfw detection / tensorflow 2023-10-18 23:18:00 +02:00
Laura Hausmann
6b45b7019c
[backend] Enable authorized fetch by default for new instances
This does not affect existing instances.
2023-10-18 19:19:05 +02:00
Laura Hausmann
8b699248af
[backend] Fix mention host fallback 2023-10-18 17:20:46 +02:00
Laura Hausmann
4748f30214
[mastodon-client] Prevent updateUserInBackground from running excessively 2023-10-18 13:20:20 +02:00
Laura Hausmann
062d256a67
[backend] Update user profile mentions in background 2023-10-18 13:02:13 +02:00
Laura Hausmann
32d471803c
[mastodon-client] Recurse one last time for reblogged quotes in NoteConverter.encode 2023-10-18 01:42:14 +02:00
Laura Hausmann
b48594ef68
[mastodon-client] Switch to isQuote for detecting quotes 2023-10-18 01:30:10 +02:00
Laura Hausmann
44fb31ab13
[mastodon-client] Use new backend service for user (profile) updates
This fixes profile updates not immediately federating when edited through the Mastodon client API.
2023-10-18 00:56:49 +02:00
Laura Hausmann
d42a1eeb63
[backend] Clean up unnecessary code in resolve-user 2023-10-18 00:09:53 +02:00
Laura Hausmann
998bb1ae08
[mastodon-api] Only wait up to 1500 ms for mentions to update on /accounts/update_credentials 2023-10-18 00:03:45 +02:00
Laura Hausmann
b8bd0c9f3b
[backend] Use correct capitalization when rendering mentions 2023-10-17 22:36:28 +02:00
Laura Hausmann
4920b0c768
[backend] Federate outgoing invalid mentions as text 2023-10-17 20:53:36 +02:00
Laura Hausmann
5dcd4c4fff
[mastodon-client] Skip invalid mentions 2023-10-17 20:36:07 +02:00
Laura Hausmann
eadf9acdc3
[backend] Generate VAPID keys during meta bootstrap 2023-10-17 18:45:11 +02:00
Laura Hausmann
6ffe09709e
[backend] Fix error images configuration load 2023-10-17 01:20:58 +02:00
Erin Shepherd
0c9c04f89d
[backend] Refetch user keys when HTTP Signature validation fails
If a user has had a key rotation, and nobody on this server follows
that user, we will not receive the Update activity with the new key

Therefore, when we encounter key validation errors we should check
for an up-to-date key.

References (other implementations):

 * [Mastodon](fc9ab61448/app/controllers/concerns/signature_verification.rb (L96))
 * [Akkoma](https://akkoma.dev/AkkomaGang/http_signatures/src/branch/main/lib/http_signatures/http_signatures.ex#L46)
2023-10-17 00:52:51 +02:00
Laura Hausmann
092462d3a9
[mastodon-client] Add content_type to /statuses/:id/source 2023-10-17 00:45:33 +02:00
Laura Hausmann
2830953862
[mastodon-client] Rework quote rendering 2023-10-17 00:25:24 +02:00
Laura Hausmann
775d8f6e3a
[mastodon-client] Return fqn field for accounts 2023-10-16 23:45:03 +02:00
Laura Hausmann
9c4466035e
[mastodon-client] Set class=hashtag for tags in mfm-to-html 2023-10-16 23:42:18 +02:00
Laura Hausmann
4a6d010724
[mastodon-client] Return text/x.misskeymarkdown as supported_mime_types in /v1/instance 2023-10-16 23:23:25 +02:00
Laura Hausmann
97176e00f9
[mastodon-client] Return content_type for statuses 2023-10-16 23:21:01 +02:00
Laura Hausmann
c64f6b6db6
[backend] Fix populateMentions remote filter 2023-10-16 01:41:14 +02:00
Laura Hausmann
3cdf9eee94
[mastodon-client] Update mentions in background on /i/update 2023-10-16 00:54:57 +02:00
Laura Hausmann
34376b0718
[mastodon-client] Also refresh user profile data on /accounts/:id 2023-10-15 23:22:00 +02:00
Laura Hausmann
7c7c6a09a2
[mastodon-client] Refresh user profile data on /accounts/lookup 2023-10-15 23:13:58 +02:00
Laura Hausmann
75c9873796
[backend] Update user profile mentions on createPerson and updatePerson 2023-10-15 22:34:20 +02:00
Laura Hausmann
82e0ef7414
[backend] Add mentions column to user_profile table 2023-10-15 21:57:59 +02:00
Laura Hausmann
bc08d8c92b
[mastodon-client] Ignore capitalization for hashtag timeline 2023-10-15 21:57:56 +02:00
Laura Hausmann
4176ac20ac
[backend] Fix an old migration 2023-10-15 21:57:55 +02:00
Laura Hausmann
7af7f1c175
[backend] Make constraint creations in ResyncWithOrm migration idempotent too 2023-10-14 21:09:47 +02:00
Laura Hausmann
5f49d62817
[backend] Make index creations in ResyncWithOrm migration idempotent too 2023-10-14 20:59:43 +02:00
Laura Hausmann
f90607146d
[backend] Make ResyncWithOrm migration idempotent 2023-10-14 20:52:12 +02:00
Laura Hausmann
fe165dd4d3
[backend] Cache mention uri in resolveMentionWithFallback 2023-10-14 17:45:59 +02:00
Laura Hausmann
c0d7ecf5c3
[backend] Actually resolve with objectHost 2023-10-14 17:40:06 +02:00
Laura Hausmann
8719a6922e
[backend] More mentions fixes 2023-10-14 17:11:21 +02:00
Laura Hausmann
588a39f17a
[backend] Don't refresh user data in resolveMentionWithFallback 2023-10-14 16:57:04 +02:00
Laura Hausmann
ce29c1dce2
[mastodon-client] Use improved mention parsing in mfm-to-html 2023-10-14 16:48:49 +02:00
Laura Hausmann
349f770166
[backend] Actually try to resolve unknown mentions in mfm-to-html 2023-10-14 16:39:24 +02:00
Laura Hausmann
72f048a24d
[backend] Parse incorrectly formatted mentions in from-html 2023-10-14 16:12:22 +02:00
Laura Hausmann
c02747116d
[backend] Fix typo 2023-10-14 15:37:28 +02:00
Laura Hausmann
b33ca93195
[backend] Fix resync-with-orm migration
Due to a previously missing constraint there could be references to deleted users in the renote_muting table, this cleans that up.
2023-10-14 15:35:52 +02:00
Laura Hausmann
0261a666f1
[backend] Resync migrations with TypeORM
It appears people have been writing manual migrations for a while now, often containing errors that create duplicate or unused indicies, unique constraints on primary key columns, and so on. This commit resolves these, so migrations can be autogenerated again from now on.
2023-10-14 15:23:35 +02:00
Laura Hausmann
c7e0659cfb
[mastodon-client] Fix handling of long redirect URIs in the oauth_token table 2023-10-14 14:41:49 +02:00
Laura Hausmann
e5dc89c1cb
[mastodon-client] Fix type hints in AuthHelpers 2023-10-14 14:07:10 +02:00
Laura Hausmann
7b951f76ed
[mastodon-client] Add additional fields to /v1/apps response
This is undocumented under https://docs.joinmastodon.org/entities/Application/ but some apps expect it anyway.
2023-10-14 13:55:03 +02:00
Laura Hausmann
c46ea29ba3
[mastodon-client] Fix streaming API url
This fixes a regression where some clients were unable to connect to the streaming API.
The /mastodon suffix was previously removed in other parts of the code as too many clients didn't respect it, however it was not removed here, leaving clients that do respect it are unable to connect.
2023-10-14 13:30:31 +02:00
Laura Hausmann
2192d5c668
[mastodon-client] Fix long redirect URIs 2023-10-14 03:22:21 +02:00
Laura Hausmann
d049de2935
[mastodon-client] Fix scopes parsing error in auth helper 2023-10-14 00:58:54 +02:00
Laura Hausmann
1c2b914164
[mastodon-client] Switch from MiAuth to OAuth 2023-10-14 00:19:10 +02:00
Laura Hausmann
b5393e41d0
[mastodon-client] Add support for public:allow_local_only stream 2023-10-13 23:54:55 +02:00
Laura Hausmann
f14b3cec97
[backend] Automatically generate vapid/web-push keys
Co-authored-by: Johann150 (563f3672a9)
2023-10-13 19:23:36 +02:00
Laura Hausmann
b53b7a8654
[backend] Remove check:connect script and js file 2023-10-13 18:46:20 +02:00
Laura Hausmann
bb5d0e319d
[backend] Add missing postgres types 2023-10-13 18:44:25 +02:00