misskey

🌎 An interplanetary microblogging platform 🚀

activitypub federation fediverse microblog misskey

Go to file

Julia d10fdfe973 Merge commit from fork * SP-2025-03.1 always wrap icon&thumbnail URLs if they're not HTTP URLs, the frontend won't be able to display them anyway (`<img src="mailto:…">` or '<div stile="background-image: url(nntp:…)">` aren't going to work!), so let's always run them through the media proxy, which will fail harder (fetching a `javascript:` URL won't do anything in the backend, might do something in the frontend) and will always protect the client's address in cases like `gemini:` where the browser could try to fetch * SP-2025-03.2 use object binding for more styles interpolating a random (remote-controlled!) string into a `style` attribute is a bad idea; using VueJS object binding, we should get proper quoting and therefore safe parse failures instead of CSS injections / XSS * SP-2025-03.3 slightly more robust "self" URL handling parse URLs instead of treating them as strings; this is still not perfect, but the `URL` class only handles full URLs, not relative ones, so there's so way to ask it "give me a URL object that represents this resource relative to this base URL" notice that passing very weird URLs to `MkUrl` and `MkUrlPreview` will break the frontend (in dev mode) because there's an untrapped `new URL(…)` that may explode; production builds seem to safely ignore the error, though --------- Co-authored-by: dakkar <dakkar@thenautilus.net>		2025-04-29 08:15:54 +09:00
.config	enhance: implement `sentryForFrontend` (#15433 )	2025-04-02 15:44:04 +09:00
.devcontainer	deps: update pnpm to v10.10.0 (#15899 )	2025-04-28 10:12:04 +09:00
.github	chore(ci): change the Test step to terminate with error in the federation test (#15903 )	2025-04-28 18:31:13 +09:00
.okteto	ok-to-test with okteto (#8799 )	2022-06-09 00:50:23 +09:00
.vscode	fix(dev): vscode-jest: Deprecated: Please use jest.runMode instead.	2024-03-14 17:42:30 +09:00
assets	chore: remove unused files	2025-03-11 12:02:41 +09:00
chart	enhance: implement `sentryForFrontend` (#15433 )	2025-04-02 15:44:04 +09:00
cypress	enhance(backend): refine system account (#15530 )	2025-03-02 20:06:20 +09:00
fluent-emojis@cae981eb4c	feat: introduce fluent emoji	2022-12-26 16:04:56 +09:00
idea	feat(frontend): 設定の検索 (#15505 )	2025-03-06 23:15:19 +09:00
locales	New Crowdin updates (#15897 )	2025-04-29 08:15:29 +09:00
packages	Merge commit from fork	2025-04-29 08:15:54 +09:00
scripts	deps: update pnpm to v10.10.0 (#15899 )	2025-04-28 10:12:04 +09:00
.dockerignore	refactor: misskey-assetsサブモジュールを削除 (#12818 )	2024-07-18 01:47:11 +09:00
.dockleignore	fix: aptのキャッシュを削除しないようにする (#9803 )	2023-02-05 14:15:59 +09:00
.editorconfig	cleanup: trim trailing whitespace (#11136 )	2023-07-08 07:08:16 +09:00
.gitattributes	改行コードをLFに統一 (#9926 )	2023-02-14 13:13:34 +09:00
.gitignore	Update .gitignore	2024-11-16 15:32:51 +09:00
.gitmodules	refactor: misskey-assetsサブモジュールを削除 (#12818 )	2024-07-18 01:47:11 +09:00
.node-version	update node to 22.11.0 (#14869 )	2024-11-13 19:43:36 +09:00
.npmrc	fix(deps): pnpm v10でre2のインストールに失敗することがある問題を修正 (#15627 )	2025-03-08 18:56:53 +09:00
.vsls.json	Add .vsls.json	2018-08-13 00:24:45 +09:00
CHANGELOG.md	fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896 )	2025-04-29 08:15:09 +09:00
CODE_OF_CONDUCT.md	docs: Update Code of Conduct to version 2.1 (#12150 )	2023-11-13 16:52:54 +09:00
CONTRIBUTING.md	refactor(frontend): router refactoring	2025-03-19 15:54:30 +09:00
COPYING	2025 (#15203 )	2025-01-04 14:37:14 +09:00
Dockerfile	fix: Dockerのrunnerにpnpmのインストール手順が欠けていたのを修正 (#15623 )	2025-03-08 10:02:15 +09:00
LICENSE	Use AGPLv3	2018-03-28 22:56:28 +09:00
Procfile	Create Procfile	2019-04-05 18:17:30 +09:00
README.md	Update README.md for Sentry	2024-05-31 20:42:02 +09:00
ROADMAP.md	Update ROADMAP.md	2024-01-04 08:44:38 +09:00
SECURITY.md	Update SECURITY.md	2025-02-01 13:57:39 +09:00
codecov.yml	Update codecov.yml	2023-02-26 14:17:29 +09:00
compose.local-db.yml	chore(docker-compose): 推奨の名前にする (#14096 )	2024-06-28 11:16:12 +09:00
compose_example.yml	enhance(backend): Load settings via environment variables (#14179 )	2024-07-14 21:33:22 +09:00
crowdin.yml	ドキュメントをmisskey-hubに移行	2021-11-05 16:18:52 +09:00
cypress.config.ts	update cypress	2022-06-11 15:53:45 +09:00
healthcheck.sh	feat(backend): add /healthz endpoint (#13834 )	2024-05-23 15:19:52 +09:00
package.json	Bump version to 2025.4.1-beta.7	2025-04-28 04:08:47 +00:00
pnpm-lock.yaml	fix: 添付ファイルのあるリクエストを受けたときの初動を改善 (#15896 )	2025-04-29 08:15:09 +09:00
pnpm-workspace.yaml	chore: set ignorePatchFailures to false (#15763 )	2025-04-05 19:32:35 +09:00
renovate.json5	fix(ci): change Chromatic build to be triggered when frontend `package.json` is edited instead of lockfile (#15793 )	2025-04-27 10:49:23 +09:00

README.md

🌎 Misskey is an open source, federated social media platform that's free forever! 🚀

Learn more

Thanks

Thanks to Sentry for providing the error tracking platform that helps us catch unexpected errors.

Thanks to Chromatic for providing the visual testing platform that helps us review UI changes and catch visual regressions.

Thanks to Codecov for providing the code coverage platform that helps us improve our test coverage.

Thanks to Crowdin for providing the localization platform that helps us translate Misskey into many languages.

Thanks to Docker for providing the container platform that helps us run Misskey in production.