HidemaruOwO/puyoskey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
28631 commits 2 branches 1 tag 333 MiB
Commit graph

1546 commits

Author SHA1 Message Date
Hazelnoot
e3b826db5a add rate limits to all public endpoints 2024-11-22 15:19:24 -05:00
Hazelnoot
b0834ebf55 prevent DoS from spammed media proxy requests 2024-11-20 19:37:38 -05:00
Julia Johannesen
8e90484b3e
Bump version 2024-11-20 19:21:57 -05:00
rectcoordsystem
776f6fd1f5
fix(backend): allow fetchSummaryFromProxy, trueMail to access local addresses 2024-11-20 19:17:25 -05:00
Julia Johannesen
cbf8cc376e
fix: primitive 18: ap/get bypasses access checks 
One might argue that we could make this one actually preform access
checks against the returned activity object, but I feel like that's a
lot more work than just restricting it to administrators, since, to me
at least, it seems more like a debugging tool than anything else.
 2024-11-20 19:17:25 -05:00
Julia Johannesen
c04f344049
fix: primitive 13: check attribution against actor in notes 2024-11-20 19:17:25 -05:00
Laura Hausmann
9ab25ede28
fix: primitives 9, 10 & 11: http signature validation doesn't enforce required headers or specify auth header name 2024-11-20 19:17:24 -05:00
Hazelnoot
d150e92f41 prevent DoS from spammed media proxy requests 2024-11-19 23:31:59 -05:00
Hazel K
37fd454f70 factor out shared code 2024-11-02 17:39:16 -04:00
Hazel K
3a72bf453a respect following privacy settings 2024-11-02 17:39:16 -04:00
Hazel K
65d81a4ae2 Revert "fix incorrect populated object in followers endpoint" 
This reverts commit 7b9473bf4c0b55facede0e1d1e33297d14184110.
 2024-11-02 17:39:16 -04:00
Hazel K
8f0df1f01c check for blocks in following / followers endpoints 2024-11-02 17:39:16 -04:00
Hazel K
c566fa1f36 require auth for followers & following endpoints 2024-11-02 17:39:16 -04:00
Marie
d786e96c2b
upd: add FriendlyCaptcha as a captcha solution 
FriendlyCaptcha is a german captcha solution which is GDPR compliant and has a non-commerical free license
 2024-11-02 02:20:35 +01:00
Hazelnoot
ade801ec58 check token permissions in admin/accounts/create.ts 2024-11-01 10:12:28 -04:00
Hazelnoot
f36a1a5701 allow admins to create approved users 2024-11-01 09:29:40 -04:00
Julia
1520bc1715 merge: Split character limits between local and remote notes (resolves #723) (!669) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/669

Closes #723

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Julia <julia@insertdomain.name>
 2024-10-29 03:04:25 +00:00
Hazelnoot
27b502fab5 normalize re-fetch logic between InboxProcessorService and ActivityPubServerService 2024-10-26 10:40:15 -04:00
Hazelnoot
ca1cdc4ea3 fix poll option limit in masto API 2024-10-26 10:38:29 -04:00
Hazelnoot
c5d9bde43f expose CW limit to frontend 2024-10-26 10:37:43 -04:00
Hazelnoot
01e98c75ab add separate limits for CW length 2024-10-26 10:04:23 -04:00
Hazelnoot
10d3d9f382 fix unit tests 2024-10-26 09:49:28 -04:00
Hazel K
67185a5d5d fix UUID format 2024-10-26 09:49:28 -04:00
Hazel K
560ee43dcf separate character limits for local and remote notes 2024-10-26 09:49:28 -04:00
Hazelnoot
9562a830ed merge: Merge upstream security advisary (!707) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/707

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Hazelnoot <acomputerdog@gmail.com>
 2024-10-25 15:22:21 +00:00
Lhc_fl
67f977f4ff
fix: return getfromdb when FanoutTimeline is not enabled 2024-10-23 23:14:46 +08:00
饺子w (Yumechi)
e05420a92d
Merge commit from fork 
[ghsa-gq5q-c77c-v236](https://github.com/misskey-dev/misskey/security/advisories/ghsa-gq5q-c77c-v236)

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
 2024-10-22 22:30:17 +02:00
dakkar
60be692a0a merge: fix: should use invite limit cycle to calculate invite/limit (!706) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/706

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
 2024-10-22 14:07:17 +00:00
Lhc_fl
6aaeda13b9
fix: should use invite limit cycle to calculate invite/limit 2024-10-22 18:48:24 +08:00
Hazelnoot
04654b2f84 add "followers" tab to following feed 2024-10-21 17:55:06 -04:00
Hazelnoot
053b47d78a return error when calling following feed with both includeReplies and filesOnly 2024-10-21 17:55:06 -04:00
Hazelnoot
6430a191f7 fix duplicate users in the following feed 2024-10-21 17:55:06 -04:00
Marie
65ac5fef46
fix: default sensitive not letting users unmark files 2024-10-20 11:04:48 +02:00
dakkar
2a4c91efcc Merge branch 'develop' into feature/2024.9.0 2024-10-18 22:09:11 +01:00
Marie
290bfd2075 merge: Allow logged in users to refresh polls (!686) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/686

Closes #743

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
 2024-10-18 21:03:07 +00:00
dakkar
52e291af67 Merge branch 'develop' into feature/2024.9.0 2024-10-18 22:00:07 +01:00
Marie
fea7889e0c
upd: add recommended checks 2024-10-17 21:56:43 +02:00
Marie
42530b5a39
upd: add additional check from delete endpoint 2024-10-17 20:15:20 +02:00
Marie
360a127ad7
chore: indent 2024-10-17 20:14:25 +02:00
Marie
1d9cb4fad9
upd: add decline endpoint and free up username on decline 2024-10-17 20:11:10 +02:00
Hazelnoot
2c8af72168 fix formatting in boot.js 2024-10-16 09:15:03 -04:00
Hazelnoot
7431866d86 fix locales versioning in backend client 2024-10-15 21:40:20 -04:00
Marie
dedb24fe74 chore: change permission kind 2024-10-15 18:21:09 -04:00
Marie
61cb46b171 upd: hide refresh if logged out and if local, change blocked error message 2024-10-15 18:21:08 -04:00
Marie
dd58a4aa92 upd: add ability to refresh poll 2024-10-15 18:21:08 -04:00
Hazelnoot
8a34d8e9d2 Merge branch 'develop' into feature/2024.9.0 
# Conflicts:
#	locales/en-US.yml
#	locales/ja-JP.yml
#	packages/backend/src/core/NoteCreateService.ts
#	packages/backend/src/core/NoteDeleteService.ts
#	packages/backend/src/core/NoteEditService.ts
#	packages/frontend-shared/js/config.ts
#	packages/frontend/src/boot/common.ts
#	packages/frontend/src/pages/following-feed.vue
#	packages/misskey-js/src/autogen/endpoint.ts
 2024-10-15 18:09:11 -04:00
Hazelnoot
68b90df00b merge: Refresh locales after any change, not just a version update (resolves #732) (!692) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/692

Closes #732

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2024-10-15 21:50:56 +00:00
Hazelnoot
9b1bae653d add "show bots" toggle to following feed 2024-10-15 14:16:46 -04:00
Hazel K
fb7ac68ece match following endpoint default values with frontend defaults 2024-10-15 14:16:46 -04:00
Hazel K
463b9ac59d add filters for following feed 2024-10-15 14:16:46 -04:00