nelle/jormungandr-bite
1
0
Fork 0
mirror of https://iceshrimp.dev/limepotato/jormungandr-bite.git synced 2025-02-05 06:10:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
26953 commits 22 branches 21 tags 1.6 GiB
Commit graph

270 commits

Author SHA1 Message Date
limepotato
d8bee9a30c fix tickFetch and tickResolve not being imported 2024-08-03 17:46:02 -06:00
limepotato
03e54e88b8 Merge branch 'v2023.12.9'
Some checks are pending
/ test-build (push) Waiting to run
Details
2024-07-28 19:01:14 -06:00
mia
d8303175fe apply patches 2024-07-28 15:26:00 -07:00
Laura Hausmann
630d6bdbe5
[backend] Limit node-fetch responses to a reasonable length in all places 2024-07-28 19:15:37 +02:00
Laura Hausmann
5c659b1306
Revert "[backend] Improve JSON-LD context size limiter" 
This reverts commit 9a8b7efcd6.
 2024-07-28 19:02:13 +02:00
Laura Hausmann
9a8b7efcd6
[backend] Improve JSON-LD context size limiter 2024-07-28 17:00:00 +02:00
Laura Hausmann
d9d6dc1b60
[backend] Limit fetched JSON-LD context size to 1MB 2024-07-28 16:17:13 +02:00
ShittyKopper
14797cbcff switch to sharkey's mfm-js fork in order to support usernames with dots 
Signed-off-by: limepotato <limepot@protonmail.ch>
 2024-07-14 05:08:53 -06:00
limepotato
8e26dd6bc3 withdrawal metrics and obliterate 2024-07-01 17:56:13 -06:00
limepotato
98f3f55371 withdrawal replacements patch 2024-06-17 13:02:29 -06:00
Laura Hausmann
d8a75cdd08
[backend] Render pinned notes as links instead of objects 2024-05-31 20:56:35 +02:00
Laura Hausmann
df5734523f
[backend] Correctly set CW on note update 
Resolves: #547
 2024-05-01 23:48:07 +02:00
mia
cc4a0d3e58 apply patches 2024-04-29 07:55:26 -07:00
Laura Hausmann
febb499fcb
[backend] Compact LD-signed activities against well-known context to defend against spoofing attacks 2024-04-29 16:36:58 +02:00
Laura Hausmann
cf506d3bd9
[backend] Reject anonymous objects in the AP resolver 2024-03-30 13:11:09 +01:00
Laura Hausmann
ac57c58ecf
[backend] Stricter validation of activity identifiers 
This resolves a security issue that was disclosed on 2024-03-24 & patched in coordination with other affected software on 2024-03-30.
Huge thanks to Oneric for the detailed security disclosure.
 2024-03-30 13:11:03 +01:00
老周部落
3824767cc9 [backend] Fix resolver cannot parse some follows and notes request 2024-02-26 08:49:45 +01:00
Laura Hausmann
e2cff0340f
[backend] When fetching activities, specify the acceptable JSON-LD profile explicitly 2024-02-17 16:11:23 +01:00
Laura Hausmann
31122636d3
[backend] Fix federation for incoming note edits with an attachment that has no alt text 2024-02-17 04:04:25 +01:00
Laura Hausmann
5f6096c1b7
[backend] Verify object id host matches final URL when fetching remote activities 2024-02-16 18:42:23 +01:00
Laura Hausmann
9fc45f166c
[backend] Verify response content type when fetching remote activities 2024-02-16 18:42:22 +01:00
Laura Hausmann
4b20ab6ad4
[backend] Fix typo in audience.ts isPublic check 2024-02-07 19:56:02 +01:00
Pyrox
60f7e2cf6a [feat] Remove Twitter Integration 2023-12-04 13:49:36 +01:00
Laura Hausmann
7ab7edeefd
[mastodon-client] Improve html cache performance 2023-11-27 00:07:24 +01:00
Laura Hausmann
61c532a854
[mastodon-client] Add html cache for user profiles and note contents 2023-11-26 21:41:20 +01:00
Laura Hausmann
8890902675 [backend] Fix HTTP signature validation 
Co-authored-by: perillamint <perillamint@silicon.moe>
Co-authored-by: yunochi <yuno@yunochi.com>
 2023-11-26 20:34:25 +01:00
Laura Hausmann
302b112f05
[backend] Include avatar & banner url and blurhash in the user table 
This drastically improves timeline performance due to the many (2-6 per query) database joins that are now no longer required
 2023-11-22 18:59:38 +01:00
Laura Hausmann
9d4f74d290
[backend] Add _misskey_summary field 
This fixes federation of MFM in user bios between *key instances

Co-authored-by: default avatarkakkokari-gtyih <daisho7308+f@gmail.com>
ref: https://github.com/misskey-dev/misskey/pull/12184
 2023-11-05 14:49:51 +01:00
Laura Hausmann
35c75bbebf
[backend] Reset poll votes when choices change on note edit 2023-11-04 23:22:34 +01:00
Laura Hausmann
8b78709378
[backend] Fix errors in updateNote 
This fixes incoming federation of poll edits
 2023-11-04 23:08:29 +01:00
Laura Hausmann
cd48af6393
[backend] Fix polls not federating properly to non-*key servers 
This fixes a regression that caused the `content` attribute of rendered notes with polls attached to be set to `{}`, causing undefined behavior in Mastodon & Akkoma. Misskey & forks just use the `_misskey_content` attribute, which was unaffected.
 2023-11-03 16:09:54 +01:00
Laura Hausmann
80c9280682
[backend] Decrease default RecursionLimiter count to 10 2023-10-25 18:11:30 +02:00
Laura Hausmann
1cbfd68a39
[backend] Also use RecursionLimiter for parseAudience and noteCreateService 2023-10-25 18:10:23 +02:00
Laura Hausmann
4dd8fdbd04
[backend] Refactor database transactions 
This moves all code that isn't a direct call to transactionalEntityManager to outside of the transaction blocks, and removes all transaction blocks that were unnecessary
 2023-10-25 17:03:08 +02:00
Laura Hausmann
7c56ee348b
[mastodon-client] Refresh user data in background on UserConverter.encode 2023-10-25 14:15:03 +02:00
Laura Hausmann
2575588fa3
[backend] Use a recursion limiter for user profile mentions instead of disabling recursion altogether 2023-10-25 13:49:10 +02:00
Laura Hausmann
9b13ec9c0c
[backend] Catch errors in refetchPublicKeyForApId 2023-10-24 20:44:30 +02:00
Laura Hausmann
3b85491ee4
[backend] Don't recursively resolve user profile mentions 2023-10-24 18:50:41 +02:00
Laura Hausmann
c7dc059116
[backend] Cleaner workaround for GoToSocial federation with authorized fetch 2023-10-22 22:00:17 +02:00
Laura Hausmann
496454cf1f
[backend] Fix initial federation initiated by GoToSocial in secure mode 
This bypasses GoToSocial issue #1186 (ref: https://github.com/superseriousbusiness/gotosocial/issues/1186)
 2023-10-22 19:43:31 +02:00
Laura Hausmann
04fa6bef15
[backend] Improved http signature verification checks 
This fixes an edge case where federation with split domain instances could fail.
 2023-10-21 22:39:03 +02:00
Laura Hausmann
97c733dd72
[backend] Add cache for resolveMentionToUserAndProfile 2023-10-20 20:20:49 +02:00
Laura Hausmann
8b699248af
[backend] Fix mention host fallback 2023-10-18 17:20:46 +02:00
Laura Hausmann
062d256a67
[backend] Update user profile mentions in background 2023-10-18 13:02:13 +02:00
Laura Hausmann
d42a1eeb63
[backend] Clean up unnecessary code in resolve-user 2023-10-18 00:09:53 +02:00
Laura Hausmann
b8bd0c9f3b
[backend] Use correct capitalization when rendering mentions 2023-10-17 22:36:28 +02:00
Laura Hausmann
4920b0c768
[backend] Federate outgoing invalid mentions as text 2023-10-17 20:53:36 +02:00
Laura Hausmann
5dcd4c4fff
[mastodon-client] Skip invalid mentions 2023-10-17 20:36:07 +02:00
Erin Shepherd
0c9c04f89d
[backend] Refetch user keys when HTTP Signature validation fails 
If a user has had a key rotation, and nobody on this server follows
that user, we will not receive the Update activity with the new key

Therefore, when we encounter key validation errors we should check
for an up-to-date key.

References (other implementations):

 * [Mastodon](fc9ab61448/app/controllers/concerns/signature_verification.rb (L96))
 * [Akkoma](https://akkoma.dev/AkkomaGang/http_signatures/src/branch/main/lib/http_signatures/http_signatures.ex#L46)
 2023-10-17 00:52:51 +02:00
Laura Hausmann
c64f6b6db6
[backend] Fix populateMentions remote filter 2023-10-16 01:41:14 +02:00