Commit graph

26134 commits

Author SHA1 Message Date
Kagami Sascha Rosylight
ad346b6f36
feat(backend/oauth): allow CORS for token endpoint (#12814)
* feat(backend/oauth): allow CORS for token endpoint

* no need to explicitly set origin to `*`

* Update CHANGELOG.md
2023-12-27 15:10:24 +09:00
Chocolate Pie
c96bc36fed
Merge pull request from GHSA-7pxq-6xx9-xpgm
* fix: fix improper authorization when accessing with third-party application

* refactor: refactor type definitions

* fix: get rid of unnecessary access limitation

* enhance: サードパーティアプリケーションがWebsocket APIを使えるように

* fix: add missing parentheses

* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"

This reverts commit 5150053275.

* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする

* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加

* enhance(test): Websocket APIに対するテストも追加

* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合

* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正

* enhance(backend): Websocketの接続に最低限必要な権限を変更

* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように

* fix(backend): エンドポイントにアクセスするために必要な権限を変更

* fix(frontend/locale): Add missing type declaration

* chore: update `misskey-js/src/autogen`

---------

Co-authored-by: tamaina <tamaina@hotmail.co.jp>
2023-12-27 15:08:59 +09:00
syuilo
d87fecda7f chore(frontend): update team members 2023-12-27 14:21:34 +09:00
ShittyKopper
6242f37111 Partial Revert "fix: fix: notification count position"
Firefox now implements :has. There is no reason for this workaround

This partially reverts commit 4f0bc185af.
2023-12-26 22:09:25 +03:00
ShittyKopper
aafdcccd24 fix: note history not working 2023-12-26 22:02:48 +03:00
ShittyKopper
32318bbbfa fix: un-hardcode more border radius values
all of these are blind find and replace, no clue if they end up breaking
anything
2023-12-26 22:02:48 +03:00
ShittyKopper
62a5793e71 fix: don't show filename as alt text 2023-12-26 22:02:48 +03:00
ShittyKopper
2f5c51c1ca fix: don't load text of empty draft
this fixes a small ux quirk where blanking a reply and cancelling it
results in an empty reply next time you try to reply to that note, accidentally
un-tagging everyone
2023-12-26 22:02:48 +03:00
GrapeApple0
6855079811
refactor: paginationの型を明示する (#12809)
* refactor: paginationの型を明示する

* asではなくsatisfiesを使うように
2023-12-26 21:40:27 +09:00
shiosyakeyakini
9022b05fea
fix(backend): 非センシティブのみ(リモートはいいねのみ)が昨日していない問題を修正 (#12801) (#12802)
Co-authored-by: sorairo <sorairo@shiosyakeyakini.info>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2023-12-26 18:42:37 +09:00
zyoshoka
75034d9240
refactor(frontend): Reactivityで型を明示するように (#12791)
* refactor(frontend): Reactivityで型を明示するように

* fix: プロパティの参照が誤っているのを修正

* fix: 初期化の値を空配列に書き換えていた部分をnullに置き換え
2023-12-26 14:19:35 +09:00
かっこかり
a9b42765f9
(dev) Issue Templateに、自分で実装してPRを出したいかの意思表明を追加 (#12799)
* Update 01_bug-report.yml

* Update 02_feature-request.yml
2023-12-26 11:40:55 +09:00
Soli
eb23798c9f
fix(frontend): ロールアサイン時の通知で,ロールアイコンが縮小されずに表示される問題を修正 (misskey-dev#12805) (#12806) 2023-12-26 11:40:31 +09:00
Marie
5bc036180f upd: module versions 2023-12-25 21:37:13 +01:00
Marie
a67d31c963 merge: KaTeX support (#261)
Closes #174
2023-12-25 21:28:25 +01:00
dakkar
8fd72fa12c remove spurious indent 2023-12-25 19:51:41 +00:00
dakkar
8d291ef039 formula component based on katex
thanks a lot to MoshiBar for the initial implementation!
2023-12-25 18:12:55 +00:00
Marie
6f63ff62fc fix: autocomplete on users being janky 2023-12-25 18:40:49 +01:00
dakkar
62a0f43c84 add package 2023-12-25 17:31:21 +00:00
FineArchs
4f247a0784
Feat: クリックイベントを発生させるMFM構文を追加 (#12798)
* Update MkMisskeyFlavoredMarkdown.ts

* fix MkMisskeyFlavoredMarkdown.ts

* Update MkAsUi.vue

* Update ui.ts

* Fix MkMisskeyFlavoredMarkdown.ts

* Update CHANGELOG.md

* fix ui.ts

* revert CHANGELOG.md

* Update CHANGELOG.md
2023-12-25 18:03:06 +09:00
syuilo
95547da5a5
Update SECURITY.md 2023-12-25 16:50:41 +09:00
syuilo
b0799089cd
Update SECURITY.md 2023-12-25 16:47:26 +09:00
Sayamame-beans
8ed7c7486c
fix(frontend): モデログ表示の"logYellow"が機能していない問題を修正 (#12794)
* fix: logYellow of moderation log was not working

* docs(changelog): Fix: 一部のモデログ(logYellowでの表示対象)について、表示の色が変わらない問題を修正
2023-12-25 14:49:06 +09:00
anatawa12
fd040c50b1
fix: 自分のdirect noteがuser list timelineに追加されない (#12782)
* fix: 自分のdirect noteがuser list timelineに追加されない

* docs(changelog): Fix: 自分のdirect noteがuser list timelineに追加されない
2023-12-25 11:56:00 +09:00
Marie
fd57c7e24c merge: authorized fetch (#247)
Closes #217
2023-12-24 10:02:53 +01:00
anatawa12
237fe242ad
chore(misskey-js): update misskey-js with api.json (#12778)
pnpm build && pnpm build-misskey-js-with-types && pnpm --filter misskey-js api
2023-12-24 17:54:00 +09:00
zyoshoka
0009aa332b
refactor(frontend): import宣言周りのエラーを修正 (#12773) 2023-12-24 16:16:58 +09:00
syuilo
bf45c23098 Update CHANGELOG.md 2023-12-24 15:38:03 +09:00
syuilo
7167bb397e Update CHANGELOG.md 2023-12-24 15:31:48 +09:00
syuilo
0393d8f53c
New Crowdin updates (#12759)
* New translations ja-jp.yml (Spanish)

* New translations ja-jp.yml (Chinese Traditional)

* New translations ja-jp.yml (Korean)

* New translations ja-jp.yml (Korean)
2023-12-24 15:25:13 +09:00
Nya Candy
cae40e68e4
fix: lint (#12761) 2023-12-24 15:24:51 +09:00
おさむのひと
36701f8a7c
fix(backend): 1702718871541-ffVisibility.jsのdownが壊れている (#12767) 2023-12-24 15:24:26 +09:00
syuilo
6fce36374d enhance(backend): センシティブワードの設定がハッシュタグトレンドにも適用されるように 2023-12-24 15:23:56 +09:00
anatawa12
316ffcea54
ci: Get api.json from Misskeyでupload-artifact@v4で同名artifactでエラーになるのを修正 (#12770)
* ci: upload-artifact@v4で同名artifactでエラーになるのを修正

Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com>

* report-api-diff.ymlの最中にエラーが発生したときに分かりづらいので、PRにコメントを残すようにする

* 古いget-api-diffを使ってるactionとの互換性をもたせる

---------

Co-authored-by: おさむのひと <46447427+samunohito@users.noreply.github.com>
2023-12-24 14:20:43 +09:00
dakkar
a3dd61dec4 fix logging 2023-12-23 21:27:48 +00:00
dakkar
e6c02909c7 fix typo
thanks @Marie
2023-12-23 20:11:53 +00:00
Marie
53365159e8 merge: real-time updates on note detail view (#246)
Closes #223

Reviewed-on: https://git.joinsharkey.org/Sharkey/Sharkey/pulls/246
Reviewed-by: Marie <marie@kaifa.ch>
2023-12-23 21:00:00 +01:00
Marie
eb036d558f fix: note footer not properly resizing 2023-12-23 19:21:37 +01:00
Marie
978ee64fd1 Merge: always use black shadow in SK instance ticker (#254)
Closes #223
2023-12-23 18:57:38 +01:00
dakkar
e14a06cd16 always use black shadow in instance ticker #238
we know this looks decent because it's what the MkInstanceTicker
already does
2023-12-23 15:31:19 +00:00
dakkar
477cda0b63 authorized fetch: log when things go wrong 2023-12-23 15:26:42 +00:00
dakkar
1984416e3e authorized fetch: let /@instance.actor through
this is probably never actually used, but it still looks like a good
idea (also, FireFish does it)

thanks @ShittyKoper for noticing!
2023-12-23 15:26:42 +00:00
dakkar
e5ea882ed7 authorized fetch #217
the implementation is copied from the other places we already check
HTTP signatures, and cross-checked with Firefish's implementation
2023-12-23 15:26:42 +00:00
Marie
6526968f2d fix: check 2023-12-23 16:08:04 +01:00
dakkar
fea6428245 add missing .value 2023-12-23 14:47:14 +00:00
dakkar
576a87118c real-time update: adjust replyCount up/down
this also fixes the connecting lines in the Sk-style view

thanks @ShittyKopper for reporting the bug!

NOTE: at this point, the `isDeletedRef` boolean is pretty much
useless, because we're directly removing deleted notes from the
`replies` array and therefore from the DOM (we were just hiding them,
before); I'm intentionally not touching `isDeletedRef` to simplify
merges from upstream
2023-12-23 14:09:52 +00:00
dakkar
d06939bd25 real-time update: hide deleted replies 2023-12-23 14:09:52 +00:00
dakkar
683b4aafb2 real-time updates on note detail view
`useNoteCapture` already subscribes to all updates for a note, so
we can tell it when a note gets replied to, too

Since I'm not actually adding any extra subscription in the client,
just an extra callback, there should be no overhead when replies are
not coming in.

Also, all the timelines already call `useNoteCapture` for each note
displayed, so we know the whole `GlobalEventService` thing works fine.

Many thanks to VueJS for taking care of all the DOM complications
2023-12-23 14:09:51 +00:00
Marie
b3b89567ee merge: upstream 2023-12-23 14:26:24 +01:00
syuilo
471c8ec050 Update CHANGELOG.md 2023-12-23 19:59:27 +09:00