From 7f0ae038d418e65bc39d350ea5eefbda260cb1ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=8B=E3=81=A3=E3=81=93=E3=81=8B=E3=82=8A?= <67428053+kakkokari-gtyih@users.noreply.github.com> Date: Thu, 21 Nov 2024 17:16:06 +0900 Subject: [PATCH 1/9] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 02566ff87f..39ce36d678 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,9 +8,9 @@ ### General - Feat: コンテンツの表示にログインを必須にできるように - Feat: 過去のノートを非公開化/フォロワーのみ表示可能にできるように -- Fix: お知らせ作成時に画像URL入力欄を空欄に変更できないのを修正 ( #14976 ) - Enhance: 依存関係の更新 - Enhance: l10nの更新 +- Fix: お知らせ作成時に画像URL入力欄を空欄に変更できないのを修正 ( #14976 ) ### Client - Enhance: Bull DashboardでRelationship Queueの状態も確認できるように From 752606fe887abe4767b9fff194e8694a4ea484ac Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 21 Nov 2024 08:21:54 +0000 Subject: [PATCH 2/9] Bump version to 2024.11.0-beta.4 --- package.json | 2 +- packages/misskey-js/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 9ee1cac90e..ccb6170a16 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "misskey", - "version": "2024.11.0-alpha.3", + "version": "2024.11.0-beta.4", "codename": "nasubi", "repository": { "type": "git", diff --git a/packages/misskey-js/package.json b/packages/misskey-js/package.json index ac585b5573..cda4c183fa 100644 --- a/packages/misskey-js/package.json +++ b/packages/misskey-js/package.json @@ -1,7 +1,7 @@ { "type": "module", "name": "misskey-js", - "version": "2024.11.0-alpha.3", + "version": "2024.11.0-beta.4", "description": "Misskey SDK for JavaScript", "license": "MIT", "main": "./built/index.js", From 1911972ae2dfd5eb462d34ff3d2e614f733cab10 Mon Sep 17 00:00:00 2001 From: anatawa12 Date: Fri, 22 Nov 2024 12:11:45 +0900 Subject: [PATCH 3/9] ci: reset prerelease number on release (#15024) --- .github/workflows/release-with-dispatch.yml | 7 ++++--- .github/workflows/release-with-ready.yml | 1 + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-with-dispatch.yml b/.github/workflows/release-with-dispatch.yml index ed2f822269..d750001b71 100644 --- a/.github/workflows/release-with-dispatch.yml +++ b/.github/workflows/release-with-dispatch.yml @@ -60,13 +60,13 @@ jobs: ### General - - + ### Client - - + ### Server - - + use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }} indent: ${{ vars.INDENT }} secrets: @@ -86,6 +86,7 @@ jobs: draft_prerelease_channel: alpha ready_start_prerelease_channel: beta prerelease_channel: ${{ inputs.start-rc && 'rc' || '' }} + reset_number_on_channel_change: true secrets: RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }} RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} diff --git a/.github/workflows/release-with-ready.yml b/.github/workflows/release-with-ready.yml index e863b5e2e8..585375c20e 100644 --- a/.github/workflows/release-with-ready.yml +++ b/.github/workflows/release-with-ready.yml @@ -41,6 +41,7 @@ jobs: indent: ${{ vars.INDENT }} draft_prerelease_channel: alpha ready_start_prerelease_channel: beta + reset_number_on_channel_change: true secrets: RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }} RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} From f25fc5215bd03b9405b257fc8b8b1d7df7ea33b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=8B=E3=81=A3=E3=81=93=E3=81=8B=E3=82=8A?= <67428053+kakkokari-gtyih@users.noreply.github.com> Date: Fri, 22 Nov 2024 12:14:41 +0900 Subject: [PATCH 4/9] =?UTF-8?q?fix(backend):=20Inbox=E3=81=AE=E3=82=A8?= =?UTF-8?q?=E3=83=A9=E3=83=BC=E3=82=92throw=E3=81=9B=E3=81=9Areturn?= =?UTF-8?q?=E3=81=97=E3=81=A6=E3=81=84=E3=82=8B=E5=95=8F=E9=A1=8C=E3=82=92?= =?UTF-8?q?=E4=BF=AE=E6=AD=A3=20(#15022)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix exception handling for Like activities (cherry picked from commit 8f42e8434eaebe3aba5d1980c57f49dd8ad0de91) * fix exception handling for Announce activities (cherry picked from commit cfc3ab4b045af0674122fa49176431860176358b) * fix exception handling for Undo activities * Update Changelog --------- Co-authored-by: Hazelnoot --- CHANGELOG.md | 2 ++ .../backend/src/core/activitypub/ApInboxService.ts | 14 +++++++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39ce36d678..5fa756c0f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -67,6 +67,8 @@ - Fix: User Webhookテスト機能のMock Payloadを修正 - Fix: アカウント削除のモデレーションログが動作していないのを修正 (#14996) - Fix: リノートミュートが新規投稿通知に対して作用していなかった問題を修正 +- Fix: Inboxの処理で生じるエラーを誤ってActivityとして処理することがある問題を修正 + (Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/730) - Fix: セキュリティに関する修正 ### Misskey.js diff --git a/packages/backend/src/core/activitypub/ApInboxService.ts b/packages/backend/src/core/activitypub/ApInboxService.ts index ee3f691c51..21c7adf7b2 100644 --- a/packages/backend/src/core/activitypub/ApInboxService.ts +++ b/packages/backend/src/core/activitypub/ApInboxService.ts @@ -28,6 +28,7 @@ import { bindThis } from '@/decorators.js'; import type { MiRemoteUser } from '@/models/User.js'; import { GlobalEventService } from '@/core/GlobalEventService.js'; import { AbuseReportService } from '@/core/AbuseReportService.js'; +import { IdentifiableError } from '@/misc/identifiable-error.js'; import { getApHrefNullable, getApId, getApIds, getApType, isAccept, isActor, isAdd, isAnnounce, isBlock, isCollection, isCollectionOrOrderedCollection, isCreate, isDelete, isFlag, isFollow, isLike, isMove, isPost, isReject, isRemove, isTombstone, isUndo, isUpdate, validActor, validPost } from './type.js'; import { ApNoteService } from './models/ApNoteService.js'; import { ApLoggerService } from './ApLoggerService.js'; @@ -201,13 +202,16 @@ export class ApInboxService { await this.apNoteService.extractEmojis(activity.tag ?? [], actor.host).catch(() => null); - return await this.reactionService.create(actor, note, activity._misskey_reaction ?? activity.content ?? activity.name).catch(err => { - if (err.id === '51c42bb4-931a-456b-bff7-e5a8a70dd298') { + try { + await this.reactionService.create(actor, note, activity._misskey_reaction ?? activity.content ?? activity.name); + return 'ok'; + } catch (err) { + if (err instanceof IdentifiableError && err.id === '51c42bb4-931a-456b-bff7-e5a8a70dd298') { return 'skip: already reacted'; } else { throw err; } - }).then(() => 'ok'); + } } @bindThis @@ -288,7 +292,7 @@ export class ApInboxService { const target = await resolver.resolve(activity.object).catch(e => { this.logger.error(`Resolution failed: ${e}`); - return e; + throw e; }); if (isPost(target)) return await this.announceNote(actor, activity, target); @@ -649,7 +653,7 @@ export class ApInboxService { const object = await resolver.resolve(activity.object).catch(e => { this.logger.error(`Resolution failed: ${e}`); - return e; + throw e; }); // don't queue because the sender may attempt again when timeout From 71bfa859862d716e5284ab1988df08561d4de60b Mon Sep 17 00:00:00 2001 From: syuilo <4439005+syuilo@users.noreply.github.com> Date: Fri, 22 Nov 2024 18:01:56 +0900 Subject: [PATCH 5/9] New Crowdin updates (#15027) * New translations ja-jp.yml (Chinese Simplified) * New translations ja-jp.yml (Chinese Simplified) --- locales/zh-CN.yml | 48 +++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/locales/zh-CN.yml b/locales/zh-CN.yml index 08e007df7f..e6232070d7 100644 --- a/locales/zh-CN.yml +++ b/locales/zh-CN.yml @@ -143,8 +143,8 @@ unmarkAsSensitive: "取消标记为敏感内容" enterFileName: "输入文件名" mute: "屏蔽" unmute: "解除静音" -renoteMute: "屏蔽转帖" -renoteUnmute: "解除屏蔽转帖" +renoteMute: "隐藏转帖" +renoteUnmute: "解除隐藏转帖" block: "拉黑" unblock: "取消拉黑" suspend: "冻结" @@ -213,7 +213,7 @@ charts: "图表" perHour: "每小时" perDay: "每天" stopActivityDelivery: "停止发送活动" -blockThisInstance: "封锁此服务器" +blockThisInstance: "屏蔽此服务器" silenceThisInstance: "静音此服务器" mediaSilenceThisInstance: "隐藏此服务器的媒体文件" operations: "操作" @@ -233,17 +233,17 @@ clearQueueConfirmTitle: "确定清除队列?" clearQueueConfirmText: "未送达的帖子将不会被投递。 通常无需执行此操作。" clearCachedFiles: "清除缓存" clearCachedFilesConfirm: "确定要清除所有缓存的远程文件?" -blockedInstances: "被封锁的服务器" -blockedInstancesDescription: "设定要封锁的服务器,以换行分隔。被封锁的服务器将无法与本服务器进行交换通讯。子域名也同样会被封锁。" +blockedInstances: "被屏蔽的服务器" +blockedInstancesDescription: "设定要屏蔽的服务器,以换行分隔。被屏蔽的服务器将无法与本服务器进行交换通讯。子域名也同样会被屏蔽。" silencedInstances: "被静音的服务器" silencedInstancesDescription: "设置要静音的服务器,以换行分隔。被静音的服务器内所有的账户将默认处于「静音」状态,仅能发送关注请求,并且在未关注状态下无法提及本地账户。被阻止的实例不受影响。" mediaSilencedInstances: "已隐藏媒体文件的服务器" mediaSilencedInstancesDescription: "设置要隐藏媒体文件的服务器,以换行分隔。被设置为隐藏媒体文件服务器内所有账号的文件均按照「敏感内容」处理,且将无法使用自定义表情符号。被阻止的实例不受影响。" federationAllowedHosts: "允许联合的服务器" federationAllowedHostsDescription: "设定允许联合的服务器,以换行分隔。" -muteAndBlock: "静音/拉黑" -mutedUsers: "已静音用户" -blockedUsers: "已拉黑的用户" +muteAndBlock: "隐藏和屏蔽" +mutedUsers: "已隐藏用户" +blockedUsers: "已屏蔽的用户" noUsers: "无用户" editProfile: "编辑资料" noteDeleteConfirm: "要删除该帖子吗?" @@ -683,11 +683,11 @@ emptyToDisableSmtpAuth: "用户名和密码留空可以禁用 SMTP 验证" smtpSecure: "在 SMTP 连接中使用隐式 SSL / TLS" smtpSecureInfo: "使用 STARTTLS 时关闭。" testEmail: "邮件发送测试" -wordMute: "文字屏蔽" +wordMute: "隐藏文字" hardWordMute: "屏蔽关键词" regexpError: "正则表达式错误" regexpErrorDescription: "{tab} 屏蔽文字的第 {line} 行的正则表达式有错误:" -instanceMute: "被屏蔽的服务器" +instanceMute: "已隐藏的服务器" userSaysSomething: "{name} 说了什么,但是被屏蔽词过滤了" makeActive: "启用" display: "显示" @@ -915,8 +915,8 @@ manageAccounts: "管理账户" makeReactionsPublic: "将回应设置为公开" makeReactionsPublicDescription: "将您发表过的回应设置成公开可见。" classic: "经典" -muteThread: "屏蔽帖子列表" -unmuteThread: "取消屏蔽帖子列表" +muteThread: "隐藏帖子列表" +unmuteThread: "取消隐藏帖子列表" followingVisibility: "关注的人的公开范围" followersVisibility: "关注者的公开范围" continueThread: "查看更多帖子" @@ -939,7 +939,7 @@ searchByGoogle: "Google" instanceDefaultLightTheme: "服务器默认浅色主题" instanceDefaultDarkTheme: "服务器默认深色主题" instanceDefaultThemeDescription: "以对象格式输入主题代码" -mutePeriod: "屏蔽期限" +mutePeriod: "隐藏期限" period: "截止时间" indefinitely: "永久" tenMinutes: "10 分钟" @@ -1779,7 +1779,7 @@ _role: canUpdateBioMedia: "可以更新头像和横幅" pinMax: "帖子置顶数量限制" antennaMax: "可创建的最大天线数量" - wordMuteMax: "屏蔽词的字数限制" + wordMuteMax: "隐藏词的字数限制" webhookMax: "Webhook 创建数量限制" clipMax: "便签创建数量限制" noteEachClipsMax: "单个便签内的贴文数量限制" @@ -1792,7 +1792,7 @@ _role: canUseTranslator: "使用翻译功能" avatarDecorationLimit: "可添加头像挂件的最大个数" canImportAntennas: "允许导入天线" - canImportBlocking: "允许导入拉黑列表" + canImportBlocking: "允许导入屏蔽列表" canImportFollowing: "允许导入关注列表" canImportMuting: "允许导入屏蔽列表" canImportUserLists: "允许导入用户列表" @@ -1942,14 +1942,14 @@ _menuDisplay: top: "顶部" hide: "隐藏" _wordMute: - muteWords: "禁用词" + muteWords: "要隐藏的词" muteWordsDescription: "AND 条件用空格分隔,OR 条件用换行符分隔。" muteWordsDescription2: "正则表达式用斜线包裹" _instanceMute: - instanceMuteDescription: "屏蔽服务器中的所有帖子和转帖,包括这些服务器上的用户回复。" + instanceMuteDescription: "隐藏服务器中的所有帖子和转帖,包括这些服务器上的用户回复。" instanceMuteDescription2: "一行一个" title: "隐藏服务器已设置的帖子。" - heading: "屏蔽服务器" + heading: "已隐藏的服务器" _theme: explore: "寻找主题" install: "安装主题" @@ -2089,8 +2089,8 @@ _2fa: _permissions: "read:account": "查看账户信息" "write:account": "更改帐户信息" - "read:blocks": "查看黑名单" - "write:blocks": "编辑黑名单" + "read:blocks": "查看屏蔽列表" + "write:blocks": "编辑屏蔽列表" "read:drive": "查看网盘" "write:drive": "管理网盘文件" "read:favorites": "查看收藏夹" @@ -2099,8 +2099,8 @@ _permissions: "write:following": "关注/取消关注" "read:messaging": "查看消息" "write:messaging": "撰写或删除消息" - "read:mutes": "查看屏蔽列表" - "write:mutes": "编辑屏蔽列表" + "read:mutes": "查看隐藏列表" + "write:mutes": "编辑隐藏列表" "write:notes": "撰写或删除帖子" "read:notifications": "查看通知" "write:notifications": "管理通知" @@ -2300,8 +2300,8 @@ _exportOrImport: favoritedNotes: "收藏的帖子" clips: "便签" followingList: "关注中" - muteList: "屏蔽" - blockingList: "拉黑" + muteList: "隐藏" + blockingList: "屏蔽" userLists: "列表" excludeMutingUsers: "排除屏蔽用户" excludeInactiveUsers: "排除不活跃用户" From 551040ed0ff4bfabeb4c54df2fd1860d58bedd21 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 22 Nov 2024 09:15:09 +0000 Subject: [PATCH 6/9] Release: 2024.11.0 --- package.json | 2 +- packages/misskey-js/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index ccb6170a16..60de6f4e15 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "misskey", - "version": "2024.11.0-beta.4", + "version": "2024.11.0", "codename": "nasubi", "repository": { "type": "git", diff --git a/packages/misskey-js/package.json b/packages/misskey-js/package.json index cda4c183fa..7994dac1e4 100644 --- a/packages/misskey-js/package.json +++ b/packages/misskey-js/package.json @@ -1,7 +1,7 @@ { "type": "module", "name": "misskey-js", - "version": "2024.11.0-beta.4", + "version": "2024.11.0", "description": "Misskey SDK for JavaScript", "license": "MIT", "main": "./built/index.js", From 872cefcfb80eb8f0185f5b28e9aed0a2a49fc544 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 22 Nov 2024 09:15:37 +0000 Subject: [PATCH 7/9] [skip ci] Update CHANGELOG.md (prepend template) --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5fa756c0f0..8f097d16fd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +## Unreleased + +### General +- + +### Client +- + +### Server +- + + ## 2024.11.0 ### Note From 0e90589290de7948683131b356f91265c521d280 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=8B=E3=81=A3=E3=81=93=E3=81=8B=E3=82=8A?= <67428053+kakkokari-gtyih@users.noreply.github.com> Date: Fri, 22 Nov 2024 21:19:12 +0900 Subject: [PATCH 8/9] Update CHANGELOG.md (typo) --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f097d16fd..a0ea1127c3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -49,7 +49,7 @@ - Fix: デッキのタイムラインカラムで「センシティブなファイルを含むノートを表示」設定が使用できなかった問題を修正 - Fix: Encode RSS urls with escape sequences before fetching allowing query parameters to be used - Fix: リンク切れを修正 -= Fix: ノート投稿ボタンにホバー時のスタイルが適用されていないのを修正 +- Fix: ノート投稿ボタンにホバー時のスタイルが適用されていないのを修正 (Cherry-picked from https://github.com/taiyme/misskey/pull/305) - Fix: メールアドレス登録有効化時の「完了」ダイアログボックスの表示条件を修正 - Fix: 画面幅が狭い環境でデザインが崩れる問題を修正 From 04b221409cac8e54e9f392b1a50094799c866441 Mon Sep 17 00:00:00 2001 From: syuilo <4439005+syuilo@users.noreply.github.com> Date: Sat, 23 Nov 2024 04:44:33 +0900 Subject: [PATCH 9/9] fix(backend): use atomic command to improve security --- packages/backend/src/core/WebAuthnService.ts | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packages/backend/src/core/WebAuthnService.ts b/packages/backend/src/core/WebAuthnService.ts index ad53192f18..ed75e4f467 100644 --- a/packages/backend/src/core/WebAuthnService.ts +++ b/packages/backend/src/core/WebAuthnService.ts @@ -189,14 +189,12 @@ export class WebAuthnService { */ @bindThis public async verifySignInWithPasskeyAuthentication(context: string, response: AuthenticationResponseJSON): Promise { - const challenge = await this.redisClient.get(`webauthn:challenge:${context}`); + const challenge = await this.redisClient.getdel(`webauthn:challenge:${context}`); if (!challenge) { throw new IdentifiableError('2d16e51c-007b-4edd-afd2-f7dd02c947f6', `challenge '${context}' not found`); } - await this.redisClient.del(`webauthn:challenge:${context}`); - const key = await this.userSecurityKeysRepository.findOneBy({ id: response.id, });