From e52e98c5c56cbc6acd7dd78a3427bf01ea74ed4b Mon Sep 17 00:00:00 2001 From: Sven Date: Mon, 16 Mar 2026 12:19:18 +0100 Subject: [PATCH] chore(patches): remove patches now fixed in forks Fixes implemented upstream in svemagie/indiekit-endpoint-activitypub and svemagie/indiekit-endpoint-microsub; postinstall patches no longer needed: - patch-microsub-feed-discovery (HTML discovery in fetcher.js) - patch-inbox-skip-view-activity-parse (PeerTube View buffering in federation-bridge.js) - patch-ap-inbox-raw-body-digest (raw body preservation for HTTP Signature Digest) - patch-ap-object-url-trailing-slash (trailing slash $in fix in federation-setup.js) - patch-ap-signature-time-window (12h signatureTimeWindow in federation-setup.js) - patch-inbox-ignore-view-activity (View no-op handler in inbox-listeners.js) Co-Authored-By: Claude Sonnet 4.6 --- package.json | 4 +- scripts/patch-ap-inbox-raw-body-digest.mjs | 123 ------------ .../patch-ap-object-url-trailing-slash.mjs | 81 -------- scripts/patch-ap-signature-time-window.mjs | 90 --------- scripts/patch-inbox-ignore-view-activity.mjs | 113 ----------- .../patch-inbox-skip-view-activity-parse.mjs | 190 ------------------ scripts/patch-microsub-feed-discovery.mjs | 149 -------------- 7 files changed, 2 insertions(+), 748 deletions(-) delete mode 100644 scripts/patch-ap-inbox-raw-body-digest.mjs delete mode 100644 scripts/patch-ap-object-url-trailing-slash.mjs delete mode 100644 scripts/patch-ap-signature-time-window.mjs delete mode 100644 scripts/patch-inbox-ignore-view-activity.mjs delete mode 100644 scripts/patch-inbox-skip-view-activity-parse.mjs delete mode 100644 scripts/patch-microsub-feed-discovery.mjs diff --git a/package.json b/package.json index 61d16f66..7e64ed54 100644 --- a/package.json +++ b/package.json @@ -4,8 +4,8 @@ "description": "", "main": "index.js", "scripts": { - "postinstall": "xattr -w com.apple.fileprovider.ignore#P 1 node_modules 2>/dev/null || true && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-microsub-feed-discovery.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-inbox-ignore-view-activity.mjs && node scripts/patch-inbox-skip-view-activity-parse.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-inbox-raw-body-digest.mjs && node scripts/patch-ap-object-url-trailing-slash.mjs && node scripts/patch-ap-signature-time-window.mjs && node scripts/patch-ap-allow-private-address.mjs", - "serve":"export NODE_ENV=${NODE_ENV:-production} INDIEKIT_DEBUG=${INDIEKIT_DEBUG:-0} && node scripts/preflight-production-security.mjs && node scripts/preflight-mongo-connection.mjs && node scripts/preflight-activitypub-rsa-key.mjs && node scripts/preflight-activitypub-profile-urls.mjs && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-microsub-reader-ap-dispatch.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-microsub-feed-discovery.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-inbox-raw-body-digest.mjs && node scripts/patch-ap-object-url-trailing-slash.mjs && node scripts/patch-ap-signature-time-window.mjs && node scripts/patch-ap-allow-private-address.mjs && node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs", + "postinstall": "xattr -w com.apple.fileprovider.ignore#P 1 node_modules 2>/dev/null || true && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-allow-private-address.mjs", + "serve":"export NODE_ENV=${NODE_ENV:-production} INDIEKIT_DEBUG=${INDIEKIT_DEBUG:-0} && node scripts/preflight-production-security.mjs && node scripts/preflight-mongo-connection.mjs && node scripts/preflight-activitypub-rsa-key.mjs && node scripts/preflight-activitypub-profile-urls.mjs && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-microsub-reader-ap-dispatch.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-allow-private-address.mjs && node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs", "test": "echo \"Error: no test specified\" && exit 1" }, "keywords": [], diff --git a/scripts/patch-ap-inbox-raw-body-digest.mjs b/scripts/patch-ap-inbox-raw-body-digest.mjs deleted file mode 100644 index 81b6dbb1..00000000 --- a/scripts/patch-ap-inbox-raw-body-digest.mjs +++ /dev/null @@ -1,123 +0,0 @@ -/** - * Patch: preserve raw body bytes through the AP inbox buffer guard so that - * Fedify's HTTP Signature Digest verification passes. - * - * Root cause: - * patch-inbox-skip-view-activity-parse.mjs buffers the request body for - * application/activity+json requests (needed to detect PeerTube View - * activities before Fedify parses them). It stores the parsed JSON in - * req.body. fromExpressRequest() then reconstructs the body for Fedify via - * JSON.stringify(req.body). - * - * Fedify 2.x verifies the HTTP Signature "Digest: SHA-256=..." header that - * Mastodon (and most other AP servers) include with every inbox POST. - * The digest is computed over the EXACT original request bytes. Re-encoding - * the body via JSON.stringify() produces different bytes (different key - * ordering, whitespace, Unicode escaping), so the digest check fails and - * Fedify silently rejects every inbound Like, Announce, and Create activity - * from Mastodon. The activity never reaches the inbox handlers and is never - * stored in ap_activities — so conversations/AP shows zero interactions. - * - * Fix (two changes to federation-bridge.js): - * - * 1. In createFedifyMiddleware buffer guard: after the for-await loop, store - * the original Buffer in req._rawBody before JSON-parsing it into req.body. - * - * 2. In fromExpressRequest: when req._rawBody is available, pass it directly - * to new Request() instead of JSON.stringify(req.body). This gives Fedify - * the original bytes so its SHA-256 digest check matches the Digest header. - */ - -import { access, readFile, writeFile } from "node:fs/promises"; - -const candidates = [ - "node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js", -]; - -const MARKER = "// raw body digest fix"; - -const patchSpecs = [ - // Patch A: store raw bytes in req._rawBody alongside req.body - { - name: "raw-body-store", - oldSnippet: ` try { - req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8")); - } catch { - req.body = {}; - }`, - newSnippet: ` const _raw = Buffer.concat(_chunks); // raw body digest fix - req._rawBody = _raw; // Preserve original bytes for Fedify HTTP Signature Digest verification - try { - req.body = JSON.parse(_raw.toString("utf8")); - } catch { - req.body = {}; - }`, - }, - - // Patch B: use req._rawBody in fromExpressRequest when available - { - name: "from-express-request-use-raw-body", - oldSnippet: ` // PeerTube activity+json body fix - if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) { - body = JSON.stringify(req.body); - }`, - newSnippet: ` // PeerTube activity+json body fix - if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) { - // Use original raw bytes when available (set by createFedifyMiddleware buffer guard). - // JSON.stringify() changes byte layout, breaking Fedify's HTTP Signature Digest check. - body = req._rawBody || JSON.stringify(req.body); // raw body digest fix - }`, - }, -]; - -async function exists(filePath) { - try { - await access(filePath); - return true; - } catch { - return false; - } -} - -let checked = 0; -let patched = 0; - -for (const filePath of candidates) { - if (!(await exists(filePath))) { - continue; - } - - checked += 1; - let source = await readFile(filePath, "utf8"); - - if (source.includes(MARKER)) { - continue; - } - - let filePatched = false; - - for (const spec of patchSpecs) { - if (!source.includes(spec.oldSnippet)) { - console.log(`[postinstall] patch-ap-inbox-raw-body-digest: ${spec.name} snippet not found in ${filePath}`); - continue; - } - - source = source.replace(spec.oldSnippet, spec.newSnippet); - filePatched = true; - console.log(`[postinstall] Applied ${spec.name} to ${filePath}`); - } - - if (filePatched) { - await writeFile(filePath, source, "utf8"); - patched += 1; - } -} - -if (checked === 0) { - console.log("[postinstall] patch-ap-inbox-raw-body-digest: no target files found"); -} else if (patched === 0) { - console.log("[postinstall] patch-ap-inbox-raw-body-digest: already up to date"); -} else { - console.log(`[postinstall] patch-ap-inbox-raw-body-digest: patched ${patched}/${checked} file(s)`); -} diff --git a/scripts/patch-ap-object-url-trailing-slash.mjs b/scripts/patch-ap-object-url-trailing-slash.mjs deleted file mode 100644 index e12d094b..00000000 --- a/scripts/patch-ap-object-url-trailing-slash.mjs +++ /dev/null @@ -1,81 +0,0 @@ -/** - * Patch: make the Fedify object dispatcher's post lookup tolerate trailing-slash - * differences between the AP object URL and the stored post URL. - * - * Root cause: - * setupObjectDispatchers resolvePost() builds postUrl from the {+id} template - * variable (e.g. "replies/bd78a") and does an exact findOne() match against - * posts.properties.url. Posts in MongoDB are stored with a trailing slash - * ("https://blog.giersig.eu/replies/bd78a/"), but the AP object URL returned - * by the /api/ap-url lookup endpoint has no trailing slash. The exact match - * fails → Fedify returns 404 → remote instance shows "Could not connect". - * - * Fix: - * Replace the single-value findOne() with a $in query that tries both the - * bare URL and the URL with a trailing slash appended. - */ - -import { access, readFile, writeFile } from "node:fs/promises"; - -const candidates = [ - "node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js", -]; - -const MARKER = "// trailing-slash url fix"; - -const OLD_SNIPPET = ` const postUrl = \`\${publicationUrl.replace(/\\/$/, "")}/\${id}\`; - const post = await collections.posts.findOne({ "properties.url": postUrl });`; - -const NEW_SNIPPET = ` const postUrl = \`\${publicationUrl.replace(/\\/$/, "")}/\${id}\`; // trailing-slash url fix - const post = await collections.posts.findOne({ - "properties.url": { $in: [postUrl, postUrl + "/"] }, - });`; - -async function exists(filePath) { - try { - await access(filePath); - return true; - } catch { - return false; - } -} - -let checked = 0; -let patched = 0; - -for (const filePath of candidates) { - if (!(await exists(filePath))) { - continue; - } - - checked += 1; - const source = await readFile(filePath, "utf8"); - - if (source.includes(MARKER)) { - continue; - } - - if (!source.includes(OLD_SNIPPET)) { - console.log(`[postinstall] patch-ap-object-url-trailing-slash: snippet not found in ${filePath}`); - continue; - } - - const updated = source.replace(OLD_SNIPPET, NEW_SNIPPET); - - if (updated === source) { - continue; - } - - await writeFile(filePath, updated, "utf8"); - patched += 1; - console.log(`[postinstall] Applied patch-ap-object-url-trailing-slash to ${filePath}`); -} - -if (checked === 0) { - console.log("[postinstall] patch-ap-object-url-trailing-slash: no target files found"); -} else if (patched === 0) { - console.log("[postinstall] patch-ap-object-url-trailing-slash: already up to date"); -} else { - console.log(`[postinstall] patch-ap-object-url-trailing-slash: patched ${patched}/${checked} file(s)`); -} diff --git a/scripts/patch-ap-signature-time-window.mjs b/scripts/patch-ap-signature-time-window.mjs deleted file mode 100644 index 307fea2b..00000000 --- a/scripts/patch-ap-signature-time-window.mjs +++ /dev/null @@ -1,90 +0,0 @@ -/** - * Patch: extend Fedify's HTTP Signature time window from 1 hour to 12 hours. - * - * Root cause: - * Mastodon retries failed inbox deliveries with the SAME original HTTP - * Signature. Before the raw-body digest fix, every Mastodon delivery was - * being rejected (Digest mismatch), so Mastodon queued them all for retry. - * Once the digest fix is applied and the server restarts, those retried - * deliveries arrive with signatures that are now > 1 hour old. Fedify's - * default signatureTimeWindow of { hours: 1 } rejects them with - * "Date is too far in the past", logged as "Failed to verify the request's - * HTTP Signatures." at ERROR level. - * - * Fix: - * Pass signatureTimeWindow: { hours: 12 } to createFederation so that - * retried Mastodon deliveries (which can arrive hours later) are still - * accepted. The signature must still be cryptographically valid — extending - * the window only avoids replay-window false positives. - */ - -import { access, readFile, writeFile } from "node:fs/promises"; - -const candidates = [ - "node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js", -]; - -const MARKER = "// signature time window fix"; - -const OLD_SNIPPET = ` const federation = createFederation({ - kv, - queue, - });`; - -const NEW_SNIPPET = ` const federation = createFederation({ - kv, - queue, - // Accept signatures up to 12 h old. // signature time window fix - // Mastodon retries failed deliveries with the original signature, which - // can be hours old by the time the delivery succeeds. - signatureTimeWindow: { hours: 12 }, - });`; - -async function exists(filePath) { - try { - await access(filePath); - return true; - } catch { - return false; - } -} - -let checked = 0; -let patched = 0; - -for (const filePath of candidates) { - if (!(await exists(filePath))) { - continue; - } - - checked += 1; - const source = await readFile(filePath, "utf8"); - - if (source.includes(MARKER)) { - continue; - } - - if (!source.includes(OLD_SNIPPET)) { - console.log(`[postinstall] patch-ap-signature-time-window: snippet not found in ${filePath}`); - continue; - } - - const updated = source.replace(OLD_SNIPPET, NEW_SNIPPET); - - if (updated === source) { - continue; - } - - await writeFile(filePath, updated, "utf8"); - patched += 1; - console.log(`[postinstall] Applied patch-ap-signature-time-window to ${filePath}`); -} - -if (checked === 0) { - console.log("[postinstall] patch-ap-signature-time-window: no target files found"); -} else if (patched === 0) { - console.log("[postinstall] patch-ap-signature-time-window: already up to date"); -} else { - console.log(`[postinstall] patch-ap-signature-time-window: patched ${patched}/${checked} file(s)`); -} diff --git a/scripts/patch-inbox-ignore-view-activity.mjs b/scripts/patch-inbox-ignore-view-activity.mjs deleted file mode 100644 index 4d308f79..00000000 --- a/scripts/patch-inbox-ignore-view-activity.mjs +++ /dev/null @@ -1,113 +0,0 @@ -/** - * Patch: silently ignore PeerTube View (WatchAction) activities in the inbox. - * - * PeerTube broadcasts a non-standard ActivityStreams `View` activity to all - * followers whenever someone watches a video. Fedify has no built-in handler - * registered for this type, which causes a noisy - * "Unsupported activity type" error in the federation inbox log on every view. - * - * Fix: register a no-op `.on(View, ...)` handler at the end of the inbox - * listener chain so Fedify accepts and silently discards these activities - * instead of logging them as errors. - */ - -import { access, readFile, writeFile } from "node:fs/promises"; - -const candidates = [ - "node_modules/@rmdes/indiekit-endpoint-activitypub/lib/inbox-listeners.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/inbox-listeners.js", -]; - -const patchSpecs = [ - { - name: "inbox-ignore-view-activity-import", - marker: "// View imported", - oldSnippet: ` Undo, - Update, -} from "@fedify/fedify/vocab";`, - newSnippet: ` Undo, - Update, - View, // View imported -} from "@fedify/fedify/vocab";`, - }, - { - name: "inbox-ignore-view-activity-handler", - marker: "// PeerTube View handler", - oldSnippet: ` console.info(\`[ActivityPub] Flag received from \${reporterName} — \${reportedIds.length} objects reported\`); - } catch (error) { - console.warn("[ActivityPub] Flag handler error:", error.message); - } - }); -}`, - newSnippet: ` console.info(\`[ActivityPub] Flag received from \${reporterName} — \${reportedIds.length} objects reported\`); - } catch (error) { - console.warn("[ActivityPub] Flag handler error:", error.message); - } - }) - // ── View (PeerTube watch) ───────────────────────────────────────────── - // PeerTube broadcasts View (WatchAction) activities to all followers - // whenever someone watches a video. Fedify has no built-in handler for - // this type, producing noisy "Unsupported activity type" log errors. - // Silently accept and discard. // PeerTube View handler - .on(View, async () => {}); -}`, - }, -]; - -async function exists(filePath) { - try { - await access(filePath); - return true; - } catch { - return false; - } -} - -const checkedFiles = new Set(); -const patchedFiles = new Set(); - -for (const spec of patchSpecs) { - let foundAnyTarget = false; - - for (const filePath of candidates) { - if (!(await exists(filePath))) { - continue; - } - - foundAnyTarget = true; - checkedFiles.add(filePath); - - const source = await readFile(filePath, "utf8"); - - if (spec.marker && source.includes(spec.marker)) { - continue; - } - - if (!source.includes(spec.oldSnippet)) { - continue; - } - - const updated = source.replace(spec.oldSnippet, spec.newSnippet); - - if (updated === source) { - continue; - } - - await writeFile(filePath, updated, "utf8"); - patchedFiles.add(filePath); - } - - if (!foundAnyTarget) { - console.log(`[postinstall] ${spec.name}: no target files found`); - } -} - -if (checkedFiles.size === 0) { - console.log("[postinstall] No inbox-listeners files found for View activity patch"); -} else if (patchedFiles.size === 0) { - console.log("[postinstall] inbox-ignore-view-activity patches already applied"); -} else { - console.log( - `[postinstall] Patched inbox-ignore-view-activity in ${patchedFiles.size}/${checkedFiles.size} file(s)`, - ); -} diff --git a/scripts/patch-inbox-skip-view-activity-parse.mjs b/scripts/patch-inbox-skip-view-activity-parse.mjs deleted file mode 100644 index 748dce28..00000000 --- a/scripts/patch-inbox-skip-view-activity-parse.mjs +++ /dev/null @@ -1,190 +0,0 @@ -/** - * Patch: skip PeerTube View (WatchAction) activities before Fedify parses them. - * - * PeerTube's View activities embed Schema.org extensions such as - * `InteractionCounter` that Fedify's JSON-LD deserializer doesn't recognise. - * This causes a hard "Failed to parse activity" error *before* any inbox - * listener is reached, so the .on(View, ...) no-op handler added earlier - * never fires. - * - * Root cause of the previous (broken) patch: Express's JSON body parser only - * handles `application/json`, not `application/activity+json`. So `req.body` - * is always undefined for ActivityPub inbox POSTs, meaning the check - * `req.body?.type === "View"` never matched and Fedify still received the raw - * stream. - * - * Fix (two changes to federation-bridge.js): - * - * 1. In createFedifyMiddleware: for ActivityPub POST requests where the body - * hasn't been parsed yet, buffer the raw stream, JSON-parse it, and store - * the result on req.body before the guard runs. Then check type === "View" - * and return 200 if so (preventing retries from the sender). - * - * 2. In fromExpressRequest: extend the content-type check to also handle - * `application/activity+json` and `application/ld+json` bodies (i.e. use - * JSON.stringify(req.body) to reconstruct the stream), so that non-View - * ActivityPub activities are forwarded correctly to Fedify. - */ - -import { access, readFile, writeFile } from "node:fs/promises"; - -const candidates = [ - "node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js", -]; - -const patchSpecs = [ - // --- Patch 1: extend fromExpressRequest to handle activity+json bodies --- - { - name: "from-express-request-activity-json-fix", - marker: "// PeerTube activity+json body fix", - oldSnippet: ` if (ct.includes("application/json")) { - body = JSON.stringify(req.body); - } else if (ct.includes("application/x-www-form-urlencoded")) {`, - newSnippet: ` // PeerTube activity+json body fix - if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) { - body = JSON.stringify(req.body); - } else if (ct.includes("application/x-www-form-urlencoded")) {`, - }, - - // --- Patch 2a: replace the old (broken) v1 guard with the buffering v2 guard --- - // Handles the case where the previous version of this script was already run. - { - name: "inbox-skip-view-activity-parse-v2", - marker: "// PeerTube View parse skip v2", - oldSnippet: ` // Short-circuit PeerTube View (WatchAction) activities before Fedify - // attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's - // Schema.org extensions (e.g. InteractionCounter), causing a - // "Failed to parse activity" error. Return 200 to prevent retries. - // PeerTube View parse skip - if (req.method === "POST" && req.body?.type === "View") { - return res.status(200).end(); - } - const request = fromExpressRequest(req);`, - newSnippet: ` // Short-circuit PeerTube View (WatchAction) activities before Fedify - // attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's - // Schema.org extensions (e.g. InteractionCounter), causing a - // "Failed to parse activity" error. Return 200 to prevent retries. - // PeerTube View parse skip v2 - const _apct = req.headers["content-type"] || ""; - if ( - req.method === "POST" && - !req.body && - req.readable && - (_apct.includes("activity+json") || _apct.includes("ld+json")) - ) { - // Express doesn't parse application/activity+json, so buffer it ourselves. - const _chunks = []; - for await (const _chunk of req) { - _chunks.push(Buffer.isBuffer(_chunk) ? _chunk : Buffer.from(_chunk)); - } - try { - req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8")); - } catch { - req.body = {}; - } - } - if (req.method === "POST" && req.body?.type === "View") { - return res.status(200).end(); - } - const request = fromExpressRequest(req);`, - }, - - // --- Patch 2b: apply the buffering v2 guard on a fresh (unpatched) file --- - // Handles the case where neither v1 nor v2 patch has been applied yet. - { - name: "inbox-skip-view-activity-parse-v2-fresh", - marker: "// PeerTube View parse skip v2", - oldSnippet: ` return async (req, res, next) => { - try { - const request = fromExpressRequest(req);`, - newSnippet: ` return async (req, res, next) => { - try { - // Short-circuit PeerTube View (WatchAction) activities before Fedify - // attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's - // Schema.org extensions (e.g. InteractionCounter), causing a - // "Failed to parse activity" error. Return 200 to prevent retries. - // PeerTube View parse skip v2 - const _apct = req.headers["content-type"] || ""; - if ( - req.method === "POST" && - !req.body && - req.readable && - (_apct.includes("activity+json") || _apct.includes("ld+json")) - ) { - // Express doesn't parse application/activity+json, so buffer it ourselves. - const _chunks = []; - for await (const _chunk of req) { - _chunks.push(Buffer.isBuffer(_chunk) ? _chunk : Buffer.from(_chunk)); - } - try { - req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8")); - } catch { - req.body = {}; - } - } - if (req.method === "POST" && req.body?.type === "View") { - return res.status(200).end(); - } - const request = fromExpressRequest(req);`, - }, -]; - -async function exists(filePath) { - try { - await access(filePath); - return true; - } catch { - return false; - } -} - -const checkedFiles = new Set(); -const patchedFiles = new Set(); - -for (const spec of patchSpecs) { - let foundAnyTarget = false; - - for (const filePath of candidates) { - if (!(await exists(filePath))) { - continue; - } - - foundAnyTarget = true; - checkedFiles.add(filePath); - - const source = await readFile(filePath, "utf8"); - - if (spec.marker && source.includes(spec.marker)) { - continue; - } - - if (!source.includes(spec.oldSnippet)) { - continue; - } - - const updated = source.replace(spec.oldSnippet, spec.newSnippet); - - if (updated === source) { - continue; - } - - await writeFile(filePath, updated, "utf8"); - patchedFiles.add(filePath); - console.log(`[postinstall] Applied ${spec.name} to ${filePath}`); - } - - if (!foundAnyTarget) { - console.log(`[postinstall] ${spec.name}: no target files found`); - } -} - -if (checkedFiles.size === 0) { - console.log("[postinstall] No federation-bridge files found for View activity parse-skip patch"); -} else if (patchedFiles.size === 0) { - console.log("[postinstall] inbox-skip-view-activity-parse patch already up to date"); -} else { - console.log( - `[postinstall] Patched inbox-skip-view-activity-parse in ${patchedFiles.size}/${checkedFiles.size} file(s)`, - ); -} diff --git a/scripts/patch-microsub-feed-discovery.mjs b/scripts/patch-microsub-feed-discovery.mjs deleted file mode 100644 index 4dafadb2..00000000 --- a/scripts/patch-microsub-feed-discovery.mjs +++ /dev/null @@ -1,149 +0,0 @@ -/** - * Patch: improve feed discovery in fetchAndParseFeed - * - * Problem: when a bookmarked URL is an HTML page (article, site root, etc.), - * fetchAndParseFeed only tries a fixed list of common paths (/feed, /rss.xml …). - * This misses sites whose feed URL is advertised via a - * - * tag in the page . For example, econsoc.mpifg.de, signal.org blog - * pages, and Substack article URLs all work through discovery but - * fail the common-path probe. - * - * Solution: before falling back to tryCommonFeedPaths, call discoverFeeds() - * (which already parses tags) on the fetched HTML - * content. If it finds a typed RSS/Atom/JSONFeed link, use that URL. - * Only if link-based discovery also fails do we probe common paths. - */ -import { access, readFile, writeFile } from "node:fs/promises"; - -async function exists(p) { - try { - await access(p); - return true; - } catch { - return false; - } -} - -const patchSpecs = [ - { - name: "microsub-html-feed-discovery", - marker: "link-based discovery from HTML", - candidates: [ - "node_modules/@rmdes/indiekit-endpoint-microsub/lib/feeds/fetcher.js", - "node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-microsub/lib/feeds/fetcher.js", - ], - oldSnippet: ` // If we got ActivityPub or unknown, try common feed paths - if (feedType === "activitypub" || feedType === "unknown") { - const fallbackFeed = await tryCommonFeedPaths(url, options); - if (fallbackFeed) { - // Fetch and parse the discovered feed - const feedResult = await fetchFeed(fallbackFeed.url, options); - if (!feedResult.notModified) { - const fallbackType = detectFeedType(feedResult.content, feedResult.contentType); - const parsed = await parseFeed(feedResult.content, fallbackFeed.url, { - contentType: feedResult.contentType, - }); - return { - ...feedResult, - ...parsed, - feedType: fallbackType, - hub: feedResult.hub || parsed._hub, - discoveredFrom: url, - }; - } - } - throw new Error( - \`Unable to find a feed at \${url}. Try the direct feed URL.\`, - ); - }`, - newSnippet: ` // If we got ActivityPub or unknown, try link-based discovery then common paths - if (feedType === "activitypub" || feedType === "unknown") { - // 1. link-based discovery from HTML: parse - let discoveredFeedUrl; - if (result.content) { - const { discoverFeeds } = await import("./hfeed.js"); - const discovered = await discoverFeeds(result.content, url); - const rssOrAtom = discovered.find( - (f) => f.type === "rss" || f.type === "atom" || f.type === "jsonfeed", - ); - if (rssOrAtom) discoveredFeedUrl = rssOrAtom.url; - } - - // 2. Fall back to common feed paths (/feed, /rss.xml, etc.) - const fallbackFeed = discoveredFeedUrl - ? { url: discoveredFeedUrl } - : await tryCommonFeedPaths(url, options); - - if (fallbackFeed) { - // Fetch and parse the discovered feed - const feedResult = await fetchFeed(fallbackFeed.url, options); - if (!feedResult.notModified) { - const fallbackType = detectFeedType(feedResult.content, feedResult.contentType); - const parsed = await parseFeed(feedResult.content, fallbackFeed.url, { - contentType: feedResult.contentType, - }); - return { - ...feedResult, - ...parsed, - feedType: fallbackType, - hub: feedResult.hub || parsed._hub, - discoveredFrom: url, - }; - } - } - throw new Error( - \`Unable to find a feed at \${url}. Try the direct feed URL.\`, - ); - }`, - }, -]; - -let filesChecked = 0; -let filesPatched = 0; - -for (const spec of patchSpecs) { - let foundAnyTarget = false; - - for (const filePath of spec.candidates) { - if (!(await exists(filePath))) { - continue; - } - - foundAnyTarget = true; - filesChecked += 1; - - const source = await readFile(filePath, "utf8"); - - if (source.includes(spec.marker)) { - console.log(`[postinstall] ${spec.name}: already patched, skipping`); - continue; - } - - if (!source.includes(spec.oldSnippet)) { - console.warn( - `[postinstall] ${spec.name}: target snippet not found in ${filePath} — may have been updated upstream`, - ); - continue; - } - - const updated = source.replace(spec.oldSnippet, spec.newSnippet); - await writeFile(filePath, updated, "utf8"); - filesPatched += 1; - console.log(`[postinstall] ${spec.name}: patched ${filePath}`); - } - - if (!foundAnyTarget) { - console.log(`[postinstall] ${spec.name}: no target files found`); - } -} - -if (filesChecked === 0) { - console.log("[postinstall] No microsub fetcher files found"); -} else if (filesPatched === 0) { - console.log("[postinstall] microsub HTML feed discovery already patched"); -} else { - console.log( - `[postinstall] Patched microsub HTML feed discovery in ${filesPatched}/${filesChecked} file(s)`, - ); -}