Commit Graph

496 Commits

Author SHA1 Message Date
H. Shay
0b3734d7ec add nsfw integration test 2024-09-10 16:46:37 -07:00
H. Shay
0ee021b8eb add config option to set nsfwProtection sensitivity 2024-09-10 16:46:17 -07:00
H. Shay
147f595ec1 add a NsfwProtection 2024-09-10 16:44:37 -07:00
Shay
f526b972a4
Enhance media protections (#516) 2024-07-29 09:48:36 -07:00
Travis Ralston
77357e46af
Merge pull request #515 from matrix-org/update-dco
remove real name requirement from DCO
2024-07-25 16:21:27 -06:00
Josh Simmons
dbcaafc477 remove real name requirement from DCO 2024-07-25 14:52:58 -07:00
Marco Cirillo
1ffde55beb
Do not interrupt redact sequences because of exceptions on backfilling (#479) 2024-07-24 16:14:11 -07:00
Shay
e776d82d89
modernize language (#513) 2024-07-24 15:53:19 -07:00
Shay
6a227c8ad3
Check for via servers before trying to join room in policy list manager (#514) 2024-07-24 15:53:03 -07:00
Shay
2f6120eca9
Add commands to suspend/unsuspend user (#506) 2024-07-24 12:16:12 -07:00
dependabot[bot]
033d84cc70
Bump follow-redirects from 1.15.1 to 1.15.6 (#508)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.1 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.1...v1.15.6)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 13:21:18 -07:00
dependabot[bot]
4f0bf71a5f
Bump ws from 7.5.5 to 7.5.10 (#509)
Bumps [ws](https://github.com/websockets/ws) from 7.5.5 to 7.5.10.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.5.5...7.5.10)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 13:14:26 -07:00
dependabot[bot]
2378de280f
Bump sanitize-html from 2.7.1 to 2.13.0 (#510)
Bumps [sanitize-html](https://github.com/apostrophecms/sanitize-html) from 2.7.1 to 2.13.0.
- [Changelog](https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md)
- [Commits](https://github.com/apostrophecms/sanitize-html/compare/2.7.1...2.13.0)

---
updated-dependencies:
- dependency-name: sanitize-html
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 13:03:36 -07:00
dependabot[bot]
7b09a93429
Bump braces from 3.0.2 to 3.0.3 (#511)
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 12:30:51 -07:00
dependabot[bot]
e7e77512a8
Bump express from 4.18.1 to 4.19.2 (#512)
Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.1...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 12:22:49 -07:00
dependabot[bot]
3c6039997e
Bump crypto-js from 4.1.1 to 4.2.0 (#492)
Bumps [crypto-js](https://github.com/brix/crypto-js) from 4.1.1 to 4.2.0.
- [Commits](https://github.com/brix/crypto-js/compare/4.1.1...4.2.0)

---
updated-dependencies:
- dependency-name: crypto-js
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 12:20:44 -07:00
dependabot[bot]
bb818d850a
Bump postcss from 8.4.16 to 8.4.39 (#507)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.16 to 8.4.39.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.16...8.4.39)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-19 12:12:45 -07:00
Shay
5e35efd1db
update releasing instructions (#502) 2024-01-23 21:29:43 -08:00
Shay
e1bce73ff9
add some releasing instructions (#500) 2023-11-15 08:46:29 -08:00
Shay
f2706331b7
v1.6.5 (#499) 2023-11-14 14:21:15 -08:00
Shay
e597d46b53
bump package version (#498) 2023-11-14 13:52:41 -08:00
Shay
8bf628e5bd
Bump node version to 18 (#496)
* try win dns res

* add dns hack to application service tests

* fix unused import

* update types

* add note about why dns resolution order is necessary
2023-11-14 12:52:53 -08:00
Travis Ralston
7ca748c3c0
Merge pull request #487 from matrix-org/dependabot/npm_and_yarn/matrix-appservice-bridge-8.1.2
Bump matrix-appservice-bridge from 8.0.0 to 8.1.2
2023-08-04 11:58:33 -06:00
dependabot[bot]
2cb616943c
Bump matrix-appservice-bridge from 8.0.0 to 8.1.2
Bumps [matrix-appservice-bridge](https://github.com/matrix-org/matrix-appservice-bridge) from 8.0.0 to 8.1.2.
- [Release notes](https://github.com/matrix-org/matrix-appservice-bridge/releases)
- [Changelog](https://github.com/matrix-org/matrix-appservice-bridge/blob/8.1.2/CHANGELOG.md)
- [Commits](https://github.com/matrix-org/matrix-appservice-bridge/compare/8.0.0...8.1.2)

---
updated-dependencies:
- dependency-name: matrix-appservice-bridge
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-04 17:27:31 +00:00
Travis Ralston
6cfde89ed4
Merge pull request #478 from matrix-org/dependabot/npm_and_yarn/yaml-2.2.2
Bump yaml from 2.1.1 to 2.2.2
2023-07-18 22:47:41 -06:00
Travis Ralston
f749772c88
Merge pull request #484 from matrix-org/dependabot/npm_and_yarn/semver-5.7.2
Bump semver from 5.7.1 to 5.7.2
2023-07-18 22:47:31 -06:00
Travis Ralston
41c79ad9dc
Merge pull request #486 from matrix-org/dependabot/npm_and_yarn/word-wrap-1.2.4
Bump word-wrap from 1.2.3 to 1.2.4
2023-07-18 22:47:22 -06:00
dependabot[bot]
e12c0c6146
Bump word-wrap from 1.2.3 to 1.2.4
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-19 03:47:38 +00:00
dependabot[bot]
f6ffdd351b
Bump semver from 5.7.1 to 5.7.2
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-12 14:45:11 +00:00
Travis Ralston
0e94bc73df
Merge pull request #480 from RasmusRendal/blockstickers
Detect stickers as media
2023-05-11 10:58:09 -06:00
Rasmus Rendal
57af0563ba
Detect stickers as media 2023-05-11 14:45:15 +02:00
dependabot[bot]
774cf38678
Bump yaml from 2.1.1 to 2.2.2
Bumps [yaml](https://github.com/eemeli/yaml) from 2.1.1 to 2.2.2.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.1...v2.2.2)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-25 20:21:21 +00:00
Travis Ralston
9023c78e66 Treat read receipt errors as non-fatal 2023-04-03 14:03:46 -06:00
Travis Ralston
b42a3cfcc1 Update yarn lockfile 2023-04-03 14:03:02 -06:00
David Teller
9693149e1e Fix: Make sure that config.bot.displayName is always set 2023-01-11 14:37:40 +01:00
David Teller
7be00c1c3c v1.6.3 2023-01-11 11:02:29 +01:00
David Teller
5b509a226a Setting up Decentralized Abuse Reports automatically by default 2023-01-10 20:46:56 +01:00
David Teller
d83127ea8c Mjölnir-for-all: Nicer display name 2023-01-10 20:46:56 +01:00
David Teller
fa5fbee229 A first implementation of report-to-moderator
Traditionally, when a user clicks "report" in a Matrix client, this goes
to the homeserver administrator, who often is the wrong person for the job.

MSC3215 introduces a mechanism to let clients cooperate with a bot to send
the report to the moderator instead. Client support has landed in Element Web
(behind a Labs flag) in in 2021. This allows Mjölnir to serve as the partner
bot.
2023-01-10 20:46:56 +01:00
dependabot[bot]
1451ac9951
Bump json5 from 1.0.1 to 1.0.2 (#464)
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-05 11:37:02 +01:00
David Teller
c3cb22bf36
Very basic support for OpenMetrics (aka Prometheus) (#442)
This PR:

- creates an OpenMetrics server that enables collecting performance data from this process by e.g. a Prometheus server;
- exposes as metrics the performance of http requests with MatrixBot.

Further metrics may of course be added.
2023-01-05 08:37:54 +01:00
Jess Porter
5824539449
fix 2 issues in !config get (#413) 2023-01-05 08:37:42 +01:00
David Teller
6abc8a7c4e v1.6.2 2023-01-02 12:40:27 +01:00
David Teller
b7d5e5d7bc
PolicyListManager: Let's not forget to remove the room also from the set of rooms we failed to resolve (#463) 2022-12-22 09:42:09 +01:00
David Teller
cff9b43207
This should hopefully fix some startup woes (#462)
Splitting PolicyListManager from Mjolnir, making it more resilient to startup errors
2022-12-21 19:32:27 +01:00
Stefan
7534fbc73c
Update setup_selfbuild.md to have more specific instructions (#434) 2022-12-09 12:22:13 +00:00
dependabot[bot]
dafbd20393
Bump express from 4.17.1 to 4.17.3 (#455)
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.17.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.17.1...4.17.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-08 16:19:00 +00:00
Gnuxie
433ff7eadd
A look at PolicyList.update (#454)
This started out as just a way to find out why mjolnir was syncing with lists several times for each update to a policy list.

The main changes are

- Verbosity was irrelevant to the sync command but for some reason was an option.
  Unfortunately all this did was suppress whether to tell you when it had finished, meaning it wouldn't
  when verbose logging was disabled. Historically this was probably a parameter that got passed through
  to applyServerAcl/applyUserBans, which can be horribly verbose, but they access the config directly.

- Stop emitting `'PolicyList.update'` when there are no changes.
- Include a revision ID for the `'PolicyList.update'`method and event.
- Use the revision ID in the `ProtectedRoomsSet` so that we don't unnecessarily resynchronize all rooms when the `'PolicyList.update'` event is received. Though not when the `sync` command is used. Since this is supposed to `sync` in the case when there is a state reset or otherwise or the user has changed some room settings.
- insert an await lock around the `PolicyList.update` method to avoid a race condition where a call can be started and finished within the extent of an existing call (via another task, this can happen if the server is slow with handling one request). `PolicyList.udpate` now has a helper that is synchronous to be called directly after requesting the room state. The reason for this is to enforce that no one `await`s while updating the policy list's cache of rules. Which is important because it is one of the biggest methods that I tolerate and visually checking for `await` is impossible.
- The revision ID uses a ULID, but this is unnecessary and could have just been a "dumb counter".

closes https://github.com/matrix-org/mjolnir/issues/447
2022-12-08 16:09:55 +00:00
Gnuxie
1d3da94f38
Make autojoinOnlyIfManager true by default. (#451)
Also assert that we if `autojoinOnlyIfManager` is enabled that
the user has provided a space for `acceptInvitesFromSpace`.
It does sound like `autojoinOnlyIfManager` would imply that
anyone could send an invitation to the mjolnir if
`autojoinONlyIfManager` is false.
This has never been the case though, and it is not sensible
either, especially if `protectAllJoinedRooms` is also true.
Additionally the documentation in `config/default.yaml`
has always claimed that `autojoinOnlyIfManager` is "true by default".

This setting has confused users in #mjolnir:matrix.org before
Closes https://github.com/matrix-org/mjolnir/issues/436.

Also fixes an issue in the appservice where we require
`autojoinOnlyIfManager` to always be explicitly set to false
or it crashes any Mjolnir receiving an invite.
2022-12-07 17:00:05 +00:00
Gnuxie
5de0dae62a
Make updateForEvent actually update PolicyLists. (#448)
For some reason we were relying on a mjolnir listening to
`'PolicyList.batch'` to update policy lists.

This was exposing an implementation detail to Mjolnir
and including it as part of the implementation of
`PolicyList.updateForEvent()` which is supposed to cause
the `PolicyList` to update (eventually).

I am confident this was because of a need before batching was
introduced to get the changes to a policy list directly
from the method call to `PolicyList.update()`, whereas
now you can just listen to `PolicyList.update`.

The `'PolicyList.batch'` event has now been removed
and the PolicyList event batcher (`UpdateBatcher`)
now calls `PolicyList.update()` internally.
2022-12-07 13:57:39 +00:00