* lexicon: initial lexicons for video embeds in bsky app
* lexicon: fix video caption file size limit
* codegen
* appview: stub out video embed view logic
* api prerelease
* api prerelease
* lexicon: video upload/processing lexicons
* tidy
* lexicon: app.bsky.video lexicons for uploads
* codegen
* api prerelease
* appview: present video embeds on posts
* appview: snaps
* changeset
* appview: fix wiring of video url config
* Re-use code definition of oauthResponseTypeSchema
* Generate proper invalid_authorization_details
* Remove OpenID compatibility
* tidy
* properly verify presence of jti claim in client assertion
* Remove non-standard "sub" from OAuthTokenResponse
* Remove nonce from authorization request
* tidy
* Enforce uniqueness of code_challenge
* remove unused "atproto" scope
* Improve reporting of validation errors
* Allow empty set of scopes
* Do not remove scopes not advertised in the AS's "scopes_supported" when building the authorization request.
* Prevent empty scope string
* Remove invalid check from token response
* remove un-necessary session refresh
* Validate scopes characters according to OAuth 2.1 spec
* Mandate the use of "atproto" scope
* Disable ability to list app passwords when using an app password
* Use locally defined authPassthru in com.atproto.admin.* handlers
* provide proper production handle resolver in example
* properly compote login method
* feat(oauth-provider): always rotate session cookie on sign-in
* feat(oauth-provider): do not require consent from first party apps
* update request parameter's prompt before other param validation checks
* feat(oauth-provider): rework display of client name
* feat(oauth-client-browser:example): add token info introspection
* feat(oauth-client-browser:example): allow defining scope globally
* Display requested scopes during the auth flow
* Add, and verify, a "typ" header to access and refresh tokens
* Ignore case when checking for dpop auth scheme
* Add "jwtAlg" option to verifySignature() function
* Verify service JWT header values. Add iat claim to service JWT
* Add support for "transition:generic" and "transition:chat.bsky" oauth scopes in PDS
* oauth-client-browser(example): add scope request
* Add missing "atproto" scope
* Allow missing 'typ' claim in service auth jwt
* Improved 401 feedback
Co-authored-by: devin ivy <devinivy@gmail.com>
* Properly parse scopes upon verification
Co-authored-by: devin ivy <devinivy@gmail.com>
* Rename "atp" to "credential" auth in oauth-client-browser example
* add key to iteration items
* Make CORS protection stronger
* Allow OAuthProvider to define its own CORS policies
* Revert "Allow missing 'typ' claim in service auth jwt"
This reverts commit 15c6b9e2197064eb5de61a96de6497060edb824e.
* Revert "Verify service JWT header values. Add iat claim to service JWT"
This reverts commit 08df8df322a3f4b631c4a63a61d55b2c84c60c11.
* Revert "Add "jwtAlg" option to verifySignature() function"
This reverts commit d0f77354e6904678e7f5d76bb026f07537443ba9.
* Revert "Add, and verify, a "typ" header to access and refresh tokens"
This reverts commit 3e21be9e4b5875caa5e862c11f2196786fb2366d.
* pds: implement protected service auth methods
* Prevent app password management using sessions initiated from an app password.
* Alphabetically sort PROTECTED_METHODS
* Revert changes to app password management permissions
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* Add new postgate lex, hiddeReplies to threadgate, codegen
* Add protobufs
* Add to mock dataplane
* Add matching postgate method to feed hydration methods
* Add to getRecord
* Add to HydrationState
* Fix typo
* Add to mergeStates, fetch embeds in threads
* Integrate into embed views
* Add test for QPs in threads
* Add feed test
* Fix naming convention in protos
* Add #viewRemoved record view, rename postgate.json
* Integrate new view
* Filter hidden replies from feeds
* Filter out replies at the handler level, do not filter for author feeds
* Fix lint
* Move hidden reply check to view layer
* Reduce, reuse, recycle
* Rename to lowercase
* Rename layer vars
* Add quote gate props to postgate (#2693)
* Add quote gate props to postgate
* Consistent naming
* Fix record structure
* Codegen
* Show hidden replies in author feed
* Allow reposts of hidden replies
* Lex and codegen
* Add violates_quote_gate to proto
* Consistent naming, codegen
* Integrate violatesQuotegate and canQuotepost
* Remove rules, codegen
* Hydrate all postgates for all requested posts
* Match other impl
* Add test, need to split these out
* Format
* Hydrate first nested embeds too
* Add postgate test suite
* Add violatesQuoteGate to dataplane
* Ingest and set violatesQuoteGate, return on meta
* Return removed embed for quotes that violate gate
* Add test
* Dedupe URIs before fetching postgates
* Update snaps
* Snap
* Format
* Updating naming conventions for postgate-related attributes
* Correct naming
* Consistency
* Proto too
* Rename to viewDetached
* Codegen
* Rename everything
* Codegen
* Quotes that violate a quote gate can still be quoted themselves
* Couple more renames
* Snaps
* Ensure reply ref is tombstoned for hidden replies
* Split out hidden replies tests and create fresh fixture
* Hydrate threadgates for reply notifications, filter hidden replies
* Remove snap
* Add flaky test
* Rename violatesEmbeddingRules
* Fix flaky test
* Only write to db if violatesEmbeddingRules is true
* DRY up post uri -> gate uri logic
* isThreadgateListRule
* Don't share users object between tests
* No pascal
* Remove default params
* Find -> some
* canQuotepost -> canEmbed, remove optional
* Fix quoteee typo
* await follows
* Throw in post uri -> gate utils
* Ensure fetch threadgates for reply roots
* Don't hydrate threadgates twice
* DRY up uri -> did parsing
* Clean up parsePostgate logic
* Format
* Revert change
* Revert change
* Replace a couple more uri->did conversions
* Only filter replies from feeds if viewer hid them
* Revert, filter out replies that are hidden from feeds
* Remove old test
* Replace uri->did util
* Revert change to unused file
* Only validatePostEmbed and check postgates for post records
* Ensure notifications aren't generated down a hidden reply chain
* Changeset
* Cleanup
* Fix notification filtering logic
* Simplify
* Don't notify for invalid embeds
* Use new APIs
* Add hasPostGate and hasThreadGate flags from dataplane
* Only fetch postgates if post has one
* Only fetch threadgates if post has one or was deleted
* Remove notification filtering
* Don't hydrate threadgates for notifications
* Move hidden replies in feeds to match block handling
* Do no filtering of hidden replies in feeds
* Revert "Don't hydrate threadgates for notifications"
This reverts commit 1dcec0b239a7b9d6800427b26b8ba3e6a54210f9.
* Revert "Remove notification filtering"
This reverts commit 1e7069dfd809d1f18e9f05fd1d422e7399aa1bb0.
* Filter notifications for OP only
* Add additional check to hidden replies test
* Move noty filter logic into method handler
* Update .changeset/perfect-parrots-appear.md
Co-authored-by: devin ivy <devinivy@gmail.com>
* Update packages/bsky/tests/seed/postgates.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Another structuredClone
* Update packages/bsky/src/hydration/hydrator.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Better comment
* Update packages/bsky/src/data-plane/server/indexing/plugins/post.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Regen protos to match dataplane
* Update quotes snap to include embeddingDisabled
* Clarify usage of post uri -> gate utils
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* add quote count to post_agg, add getPostQuotes
rework schema
rework schema
add getPostQuotes to api
use posts
use posts
codegen
use items instead of quotes
codegen
add getPostQuotes
add quoteCount to response
update lexicon for postview
increment post ags
add quote to post aggs
add quote interface
oops
add quote table migration
* update
* bufgen
* update params
* update to use v2
* logs
* rm comment
* pass cursor
* add index
* Update packages/bsky/src/data-plane/server/db/migrations/20240723T220703655Z-quotes.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* only if its a post
* tests
* Discard changes to packages/bsky/tests/views/posts.test.ts
* fix client call
* Include new quotes agg in test expectation
* Use new API for headers
* Update packages/bsky/src/data-plane/server/indexing/plugins/post.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* revert rm
* rm timeout
* cursor test
* Changeset
* Remove pds specific bump
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Eric Bailey <git@esb.lol>
* feat(api): support creation of oauth based AtpAgents
* oauth: misc fixes for confidential clients
* fix(xprc): remove ReadableStream.from polyfill
* OAuth docs tweaks (#2679)
* OAuth: clarification about client_name being shown
* OAuth: re-write handle resolution privacy concern
* avoid relying on ReadableStream.from in xrpc-server tests
* feat(oauth-types): expose "ALLOW_UNSECURE_ORIGINS" constant
* feat(handle-resolver): expose "AtprotoIdentityDidMethods" type
* fix(oauth-client): ensure that the oauth metadata document contains client_id_metadata_document_supported
* fix(oauth-types): prevent unknown query string in loopback client id
* fix(identity-resolver): check that handle is in did doc's "alsoKnownAs"
* feat(oauth-client:oauth-resolver): allow logging in using either the PDS URL or Entryway URL
* fix(oauth-client): return better error in case of invalid "oauth-protected-resource" status code
* refactor(did): group atproto specific checks in own
* feat(api): relax typing of "appLabelers" and "labelers" AtpClient properties
* allow any did as labeller (for tests mainly)
* fix(api): allow to override "atproto-proxy" on a per-request basis
* remove release candidate versions from changelog
* update changeset for api and xrpc packages
* Add missing changeset
* revert RC versions
* Proper wording in OAUTH.md api example
* remove "pre" changeset file
* xrpc: restore original behavior of setHEader and unsetHeader
* docs: add comment for XrpcClient 's constructor arg
* feat(api): expose "schemas" publicly
* feat(api): allow customizing the whatwg fetch function of the AtpAgent
* docs(api): improve migration docs
* docs: change reference to BskyAgent to AtpAgent
* docs: mention the breaking change regarding setSessionPersistHandler
* fix(api): better split AtpClient concerns
* fix(xrpc): remove unused import
* refactor(api): simplify class hierarchu by removeing AtpClient
* fix(api): mock proper method for facets detection
* restore ability to restore session asynchronously
* feat(api): allow instantiating Agent with same argument as super class
* docs(api): properly extend Agent class
* style(xrpc): var name
* docs(api): remove "async" to header getter
---------
Co-authored-by: Devin Ivy <devinivy@gmail.com>
Co-authored-by: bnewbold <bnewbold@robocracy.org>
Co-authored-by: Hailey <me@haileyok.com>
* Sketch proposal for additional muted words attributes
* Rename ttl -> expiresAt
* Feedback
* Codegen
* Refactor muted words methods to integrate new attributes
* Add changeset
* Use datetime format
* Simplify migration
* Fix tests
* Format
* Re-integrate tests
* Let the lock cook
* Fix comments
* Integrate mute words enhancements (#2643)
* Check expiry when comparing mute words
* Check actors when comparing
* Tweak lex, condegen
* Integrate new prop
* Remove fake timers
(cherry picked from commit ad31910560ce938e3ff64944d46355c64635ebf8)
* Update changeset
* Prevent deleting value when updating
* Include missing test
* Add default
* Apply default 'all' value to existing mute words to satisfy Typescript
* Fix types in tests
* Fix types on new tests
* Update lex
* Codegen
* Set up StatSig
* Integrate new implementation into old endpoint
* Add todo to crypto module
* Format
* Specify StatSig env
* Downgrade pnpm to match CI, bump lock
* Catch StatSig errors
* Use sep env
* Reset lockfile
* Re-add new dep using correct pnpm version
* tidy
* Integrate into AppContext and lifecycle
* Use camelCase
* Switcheroo
Co-authored-by: devin ivy <devinivy@gmail.com>
* Init prior to server listen start
* Move test env check up to server config
* Add logger and log
* Better comment
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* Add bskyAppState preference and api for dismissed nudges
* Add tests
* Wrap preference updates in an lock region to avoid clobbering updates
* Move to queuedNudges and activeProgressGuide
* Fix type error
* Update test
* Add changeset
* 🚧 Proposal for moderator manager lexicons
* ✨ CRUD for moderator management works
* ✨ Add profile view to moderator user list
* ✨ Seed mod users from env var to db
* ✅ Adjust tests
* ✅ Update snapshots
* ✨ Fix type and lexicon token issues
* ✨ Add pagination to listUsers
* ✨ Use sort order in pagination
* 📝 Change error name
* ✅ Update snapshots
* ✅ seed mods in sync to avoid re-order
* 🧹 Remove unnecessary import
* 🐛 Re-run codegen
* 🧹 Some cleanup
* 🧹 Cleanup unnecessary properties on auth-verifier
* ✨ Rename terminologies from moderator to team and member
* 🧹 Cleanup
* ✨ Allow admin tokens to update/add member
* ✨ Delete members in transaction
* ✨ Use db transactions and move profile hydration to the service layer
* ✅ Add test for addMember endpoint
* 🐛 wait on adding admin DID
* ✨ Do not allow updating/deleting service owner and always give service owner admin access
* 🧹 Cleanup
* ✨ Make timestamp columns non null
* 🧹 Cleanup
* ✨ Update mod role definition in getConfig
* ✨ Deletion and update guards
* 🐛 don't prefill service did
* 📝 Add changeset
* chore(deps): update zod
* chore(deps): update pino to match entryway version
* chore(tsconfig): remove truncation of types through noErrorTruncation
* add support for DPoP token type when logging
* fix(bsky): JSON.parse does not return value of type JSON
* fix(pds): add res property to ReqCtx
* fix(pds): properly type getPreferences return value
* chore(tsconfig): disable noFallthroughCasesInSwitch
* refactor(pds): move tracer config in own file
* feat(dev-env): start with "pnpm dev"
* feat(oauth): add oauth provider & client libs
* feat(pds): add oauth provider
* chore: changeset
* feat: various fixes and improvements
* chore(deps): update better-sqlite3 to version 10.0.0 for node 22 compatibility
* chore(deps): drop unused tslib
* fix(did): normalize service IDs before looking for duplicates
* fix(did): avoid minor type casting
* fix(did): improve argument validation
* fix(fetch): explicit use of negation around number comparison
* fix(oauth-provider): improve argument validation
* feat(did): add ATPROTO specific "isAtprotoDidWeb" method
* feat(rollup-plugin-bundle-manifest): add readme
* feat(lint): add eqeqeq rule (only allow == and != with null)
* fix(oauth-client-browser): typo in gitignore
* fix(oauth-provider): properly name error class file
* fix(oauth-provider): remove un-necessary useMemo
* fix(did-resolver): properly build did:web document url
* fix(did-resolver): remove unused types
* fix(fetch): remove unused utils
* fix(pds): remove unused script and dependency
* fix(oauth-provider): simplify isSubPath util
* fix(oauth-provider): add InvalidRedirectUriError static constructor
* fix(jwk): improve JWT validation to provide better error messages and distinguish between signed and unsigned tokens
* fix(pds): use "debug" log level for fetch method
* fix(pds): allow access tokens to contain an unknown "typ" claim (with the exception of "dpop+jwt")
* fix(jwk): remove un-necessary code
* fix(pds): account for whitespace chars when checking JSON
* fix(pds): remove oauth specific config
* fix(pds): run all write queries through transaction or executeWithRetry
fix(pds): remove outdated comments
fix(pds): rename used_refresh_token columns & added primary key
fix(pds): run cleanup task through backgroundQueue
fix(pds): add device.id foreign key to device_account
fix(pds): add comment on cleanup of used_refresh_token
fix(pds): add primary key on device_account
* fix(oauth-provider:time): simplify constantTime util
* fix(pds): rename disableSsrf into disableSsrfProtection
* fix(oauth-client-react-native): remove incomplete package
* refactor(pds): remove status & active from ActorAccount
* fix(pds): invalidate all oauth tokens on takedown
* fix(oauth-provider): enforce token expiry
* fix(pds): properly support deactivated accounts
* perf(pds:db): allow transaction function to be sync
* refactor(psq:account-manager): expose only query builders & data transformations utils from helpers
* fix(oauth-provider): imports from self
* fix(ci): add nested packages to build artifacts
* style(fetch): rename TODO into @TODO
* style(rollup-plugin-bundle-manifest): remove "TODO" from comment
* style(oauth-client): rename TODO into @TODO
* style(oauth-provider): rename TODO into @TODO
* refactor(oauth-client): remove "OAuth" prefix from types
* fix(oauth-client-browser): better type SessionListener
* style(oauth): rename TODO into @TODO
* fix(oauth-provider): enforce provider max session age
* fix(oauth-provider): check authentication parameters against all client metadata
* fix(api): tests
* fix(pds): remove .js from imports for tests
* fix(pds): change account status to match tests
* chore(deps): make all packages depend on the same zod version
* fix(common-web): remove un-necessary binding of Checkable to "zod"
* refactor(jwk): infer jwt schema from refinement definition
* fix(handle-resolver): allow resolution errors to propagate
docs(handle-resolver): better handling of DNS resolution errors
fix(handle-resolver): properly handle DOH responses
* fix(did): service endpoint arrays must contain "one or more" element
* refactor(pipe): simplify implementation
* fix(pds): add missing DB indexes
* feat(oauth): Resolve Authorization Server URI through Protected Resource Metadata
* style:(oauth-client): import order
* docs(oauth-provider:redirect-uri): add reference url
* feat(oauth): implement "OAuth Client ID Metadata Document" from draft-parecki-oauth-client-id-metadata-document-latest internet draft
* feat(oauth-client): backport changes from feat-oauth-client
* docs(simple-store): improve comments
* feat(lexicons): add iterable capabilities
* fix(pds): type error in dev mode
* feat(oauth-provider): improved error reporting
* fix(oauth-types): allow insecure issuer during tests
* fix(xrpc-server): allow upload of empty files
* fix: lint
* feat(fetch): keep request reference in errors
feat(fetch): utilities improvements
* fix(pds): allow more than one session token per user
* feat(ozone): improve env validation error messages
* fix(oauth-client): account for DPoP when checking for invalid_token errors
* fixup! feat(fetch): keep request reference in errors feat(fetch): utilities improvements
* fixup! feat(fetch): keep request reference in errors feat(fetch): utilities improvements
* fix(oauth): various validation fixes
feat(oauth): share client_id validation and parsing utilities between client & provider
* feat(dev-env): fix ozone port number
* fix(fetch-node): prevent fetch against invalid domain names
* fix(oauth-provider): add typings for psl dep
* feat(jwk): make type def compatible with TS 4.x
* fix(oauth): fixed various spec compliance
fix(oauth): return "sub" in refresh token response
fix(oauth): limit token validity for third party clients
fix(oauth): hide client image when not trusted
* fix(oauth): lint
* pds: switch changeset to patch, no breaking changes
* changeset and config for new oauth deps
---------
Co-authored-by: Devin Ivy <devinivy@gmail.com>
* schemas
* protos
* implementation
* add filtering on ingestion
* test
* add thread viewer state to post views
* update snaps
* changeset
* fix threadgating test
Daniel Holmgren
devin ivy
github-actions[bot]
Matthieu Sieben
Matthieu Sieben
Eric Bailey
Hailey
bnewbold
Yoshihiro Sugi
Paul Frazee
Foysal Ahamed