encrypt/gancio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[refactor] remove username field and let instance_name be the only AP Actor

Browse Source
This commit is contained in:
les
2019-12-04 00:50:15 +01:00
parent e84d7f3bd1
commit 3116e776a0
23 changed files with 159 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
components/Register.vue
View File

@@ -5,9 +5,6 @@
p(v-html="$t('register.description')") p(v-html="$t('register.description')")
div(v-loading='loading') div(v-loading='loading')
el-input.mb-2(v-model='user.username' type='text' name='username'
:placeholder='$t("common.username")' prefix-icon='el-icon-user')
el-input.mb-2(ref='email' v-model='user.email' type='email' required el-input.mb-2(ref='email' v-model='user.email' type='email' required
:placeholder='$t("common.email")' autocomplete='email' :placeholder='$t("common.email")' autocomplete='email'
prefix-icon='el-icon-message' name='email') prefix-icon='el-icon-message' name='email')

2
components/admin/Federation.vue
View File

@@ -1,6 +1,6 @@
<template lang="pug"> <template lang="pug">
div div
el-form(inline label-width='200px') el-form(label-width='200px')
el-form-item(:label="$t('admin.enable_federation')") el-form-item(:label="$t('admin.enable_federation')")
el-switch(v-model='enable_federation') el-switch(v-model='enable_federation')
el-popover(:content="$t('admin.enable_federation_help')" trigger='hover') el-popover(:content="$t('admin.enable_federation_help')" trigger='hover')

6
components/admin/Users.vue
View File

@@ -6,8 +6,6 @@ div
template(slot='title') template(slot='title')
el-button(mini size='mini') <v-icon name='plus'/> {{$t('common.new_user')}} el-button(mini size='mini') <v-icon name='plus'/> {{$t('common.new_user')}}
el-form(inline) el-form(inline)
el-form-item(:label="$t('common.username')")
el-input(v-model='new_user.username')
el-form-item(:label="$t('common.email')") el-form-item(:label="$t('common.email')")
el-input(v-model='new_user.email') el-input(v-model='new_user.email')
el-form-item(:label="$t('common.admin')") el-form-item(:label="$t('common.admin')")
@@ -17,9 +15,6 @@ div
//- USERS LIST //- USERS LIST
el-table(:data='paginatedUsers' small) el-table(:data='paginatedUsers' small)
el-table-column(label='Username' width='250')
template(slot-scope='data')
span(slot='reference') {{data.row.username}}
el-table-column(label='Email' width='250') el-table-column(label='Email' width='250')
template(slot-scope='data') template(slot-scope='data')
el-popover(trigger='hover' :content='data.row.description' width='400') el-popover(trigger='hover' :content='data.row.description' width='400')
@@ -39,7 +34,6 @@ div
@click='delete_user(data.row)') {{$t('admin.delete_user')}} @click='delete_user(data.row)') {{$t('admin.delete_user')}}
div(v-else) div(v-else)
span {{$t('common.me')}} span {{$t('common.me')}}
el-tag(v-if='settings.fedi_admin===data.row.username' size='mini' type='primary') instance account
client-only client-only
el-pagination(:page-size='perPage' :currentPage.sync='userPage' :total='users_.length') el-pagination(:page-size='perPage' :currentPage.sync='userPage' :total='users_.length')

4
docs/_config.yml
View File

@@ -14,9 +14,9 @@
# You can create any custom variable you would like, and they will be accessible # You can create any custom variable you would like, and they will be accessible
# in the templates via {{ site.myvariable }}. # in the templates via {{ site.myvariable }}.
title: Gancio title: Gancio
email: gancio@cisti.org email: lesion@autistici.org
description: >- # this means to ignore newlines until "baseurl:" description: >- # this means to ignore newlines until "baseurl:"
A shared agenda for local communities A shared agenda for local communities with AP support
baseurl: "/" # the subpath of your site, e.g. /blog baseurl: "/" # the subpath of your site, e.g. /blog
url: "https://gancio.org" # the base hostname & protocol for your site, e.g. http://example.com url: "https://gancio.org" # the base hostname & protocol for your site, e.g. http://example.com
#twitter_username: jekyllrb #twitter_username: jekyllrb

2
locales/email/en.json
View File

@@ -17,6 +17,6 @@
}, },
"admin_register": { "admin_register": {
"subject": "New registration", "subject": "New registration",
"content": "{{user.username}} has requested registration on {{config.title}}: <br/><pre>{{user.description}}</pre><br/> Confirm it <a href='{{config.baseurl}}/admin'>here</a>." "content": "{{user.email}} has requested registration on {{config.title}}: <br/><pre>{{user.description}}</pre><br/> Confirm it <a href='{{config.baseurl}}/admin'>here</a>."
} }
} }

2
locales/email/it.json
View File

@@ -17,6 +17,6 @@
}, },
"admin_register":{ "admin_register":{
"subject": "Nuova registrazione", "subject": "Nuova registrazione",
"content": "{{user.username}} si è registrato/a a {{config.title}} scrivendo:<br/><pre>{{user.description}}</pre><br/> Puoi confermarlo <a href='{{config.baseurl}}/admin'>qui</a>." "content": "{{user.email}} si è registrato/a a {{config.title}} scrivendo:<br/><pre>{{user.description}}</pre><br/> Puoi confermarlo <a href='{{config.baseurl}}/admin'>qui</a>."
} }
} }

1
locales/es.json
View File

@@ -49,7 +49,6 @@
"disable": "Deshabilita", "disable": "Deshabilita",
"me": "Sos tú", "me": "Sos tú",
"password_updated": "Contraseña actualizada!", "password_updated": "Contraseña actualizada!",
"username": "Nickname",
"comments": "ningún comentario|un comentario|{n} comentarios" "comments": "ningún comentario|un comentario|{n} comentarios"
}, },
"login": { "login": {

1
locales/it.json
View File

@@ -49,7 +49,6 @@
"disable": "Disabilita", "disable": "Disabilita",
"me": "Sei te", "me": "Sei te",
"password_updated": "Password modificata!", "password_updated": "Password modificata!",
"username": "Nomignolo",
"activate_user": "Confermato", "activate_user": "Confermato",
"displayname": "Nome mostrato", "displayname": "Nome mostrato",
"federation": "Federazione", "federation": "Federazione",

3
pages/settings.vue
View File

@@ -38,7 +38,6 @@ export default {
name: 'Settings', name: 'Settings',
data () { data () {
return { return {
username_editable: false,
password: '', password: '',
user: { } user: { }
} }
@@ -50,7 +49,7 @@ export default {
}, },
async asyncData ({ $axios, params }) { async asyncData ({ $axios, params }) {
const user = await $axios.$get('/auth/user') const user = await $axios.$get('/auth/user')
return { user, username_editable: user.username.length === 0 } return { user }
}, },
computed: { computed: {
...mapState(['settings']), ...mapState(['settings']),

47
server/api/controller/settings.js
View File

@@ -5,6 +5,22 @@ const path = require('path')
const fs = require('fs') const fs = require('fs')
const pkg = require('../../../package.json') const pkg = require('../../../package.json')
const debug = require('debug')('settings') const debug = require('debug')('settings')
const crypto = require('crypto')
const util = require('util')
const generateKeyPair = util.promisify(crypto.generateKeyPair)
const defaultSettings = {
instance_timezone: 'Europe/Rome',
instance_name: config.title.toLowerCase().replace(/ /g, ''),
allow_registration: true,
allow_anon_event: true,
allow_recurrent_event: false,
recurrent_event_visible: false,
enable_federation: true,
enable_resources: false,
hide_boosts: true
}
/** /**
* Settings controller: store instance settings * Settings controller: store instance settings
* Current supported settings: * Current supported settings:
@@ -20,13 +36,14 @@ const settingsController = {
user_locale: {}, user_locale: {},
secretSettings: {}, secretSettings: {},
async initialize () { async load () {
if (!settingsController.settings.initialized) { if (!settingsController.settings.initialized) {
// initialize instance settings from db // initialize instance settings from db
// note that this is done only once when the server starts // note that this is done only once when the server starts
// and not for each request (it's a kind of cache)! // and not for each request (it's a kind of cache)!
const settings = await Setting.findAll() const settings = await Setting.findAll()
settingsController.settings.initialized = true settingsController.settings.initialized = true
settingsController.settings = defaultSettings
settings.forEach(s => { settings.forEach(s => {
if (s.is_secret) { if (s.is_secret) {
settingsController.secretSettings[s.key] = s.value settingsController.secretSettings[s.key] = s.value
@@ -35,16 +52,26 @@ const settingsController = {
} }
}) })
// set fediverse admin actor // add pub/priv instance key if needed
const fedi_admin = await User.findOne({ where: { email: config.admin_email } }) if (!settingsController.settings.publicKey) {
if (fedi_admin) { debug('Instance priv/pub key not found')
settingsController.settings.fedi_admin = fedi_admin.username const { publicKey, privateKey } = await generateKeyPair('rsa', {
} else { modulusLength: 4096,
debug('Federation disabled! An admin with %s as email cannot be found', config.admin_email) publicKeyEncoding: {
settingsController.settings.enable_federation = false type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
})
await settingsController.set('publicKey', publicKey)
await settingsController.set('privateKey', privateKey, true)
} }
// // initialize user_locale // initialize user_locale
if (config.user_locale && fs.existsSync(path.resolve(config.user_locale))) { if (config.user_locale && fs.existsSync(path.resolve(config.user_locale))) {
const user_locale = fs.readdirSync(path.resolve(config.user_locale)) const user_locale = fs.readdirSync(path.resolve(config.user_locale))
user_locale.forEach(async f => { user_locale.forEach(async f => {
@@ -97,5 +124,5 @@ const settingsController = {
} }
} }
settingsController.initialize() // settingsController.initialize()
module.exports = settingsController module.exports = settingsController

14
server/api/controller/user.js
View File

@@ -6,19 +6,14 @@ const { Op } = require('sequelize')
const jsonwebtoken = require('jsonwebtoken') const jsonwebtoken = require('jsonwebtoken')
const config = require('config') const config = require('config')
const mail = require('../mail') const mail = require('../mail')
const { user: User, event: Event, tag: Tag, place: Place, fed_users: FedUsers } = require('../models') const { user: User, event: Event, tag: Tag, place: Place } = require('../models')
const settingsController = require('./settings') const settingsController = require('./settings')
const debug = require('debug')('user:controller') const debug = require('debug')('user:controller')
const userController = { const userController = {
async login (req, res) { async login (req, res) {
// find the user // find the user
const user = await User.findOne({ where: { const user = await User.findOne({ where: { email: req.body.email } })
[Op.or]: [
{ email: req.body.email },
{ username: req.body.email }
]
} })
if (!user) { if (!user) {
res.status(403).json({ success: false, message: 'auth.fail' }) res.status(403).json({ success: false, message: 'auth.fail' })
} else if (user) { } else if (user) {
@@ -206,7 +201,7 @@ const userController = {
async current (req, res) { async current (req, res) {
if (!req.user) { return res.status(400).send('Not logged') } if (!req.user) { return res.status(400).send('Not logged') }
const user = await User.scope('withoutPassword').findByPk(req.user.id, { include: { model: FedUsers, as: 'followers' } }) const user = await User.scope('withoutPassword').findByPk(req.user.id)
res.json(user) res.json(user)
}, },
@@ -227,9 +222,6 @@ const userController = {
return res.status(400).json({ succes: false, message: 'Not allowed' }) return res.status(400).json({ succes: false, message: 'Not allowed' })
} }
// ensure username to not change if not empty
req.body.username = user.username ? user.username : req.body.username
if (!req.body.password) { delete req.body.password } if (!req.body.password) { delete req.body.password }
if (!user.is_active && req.body.is_active && user.recover_code) { if (!user.is_active && req.body.is_active && user.recover_code) {

50
server/api/models/user.js
View File

@@ -1,20 +1,8 @@
'use strict'
const bcrypt = require('bcryptjs') const bcrypt = require('bcryptjs')
const crypto = require('crypto')
const util = require('util')
const debug = require('debug')('model:user') const debug = require('debug')('model:user')
const generateKeyPair = util.promisify(crypto.generateKeyPair)
module.exports = (sequelize, DataTypes) => { module.exports = (sequelize, DataTypes) => {
const user = sequelize.define('user', { const User = sequelize.define('user', {
username: {
type: DataTypes.STRING,
unique: { msg: 'error.nick_taken' },
index: true,
allowNull: false
},
display_name: DataTypes.STRING,
settings: { settings: {
type: DataTypes.JSON, type: DataTypes.JSON,
defaultValue: '{}' defaultValue: '{}'
@@ -29,53 +17,33 @@ module.exports = (sequelize, DataTypes) => {
password: DataTypes.STRING, password: DataTypes.STRING,
recover_code: DataTypes.STRING, recover_code: DataTypes.STRING,
is_admin: DataTypes.BOOLEAN, is_admin: DataTypes.BOOLEAN,
is_active: DataTypes.BOOLEAN, is_active: DataTypes.BOOLEAN
rsa: DataTypes.JSON
}, { }, {
scopes: { scopes: {
withoutPassword: { withoutPassword: {
attributes: { exclude: ['password', 'recover_code', 'rsa'] } attributes: { exclude: ['password', 'recover_code'] }
} }
} }
}) })
user.associate = function (models) { User.associate = function (models) {
// associations can be defined here User.hasMany(models.event)
user.hasMany(models.event)
user.belongsToMany(models.fed_users, { through: 'user_followers', as: 'followers' })
} }
user.prototype.comparePassword = async function (pwd) { User.prototype.comparePassword = async function (pwd) {
if (!this.password) { return false } if (!this.password) { return false }
const ret = await bcrypt.compare(pwd, this.password) const ret = await bcrypt.compare(pwd, this.password)
return ret return ret
} }
user.beforeSave(async (user, options) => { User.beforeSave(async (user, options) => {
if (user.changed('password')) { if (user.changed('password')) {
debug('Password for %s modified', user.username) debug('Password for %s modified', user.email)
const salt = await bcrypt.genSalt(10) const salt = await bcrypt.genSalt(10)
const hash = await bcrypt.hash(user.password, salt) const hash = await bcrypt.hash(user.password, salt)
user.password = hash user.password = hash
} }
}) })
user.beforeCreate(async (user, options) => { return User
debug('Create a new user => %s', user.username)
// generate rsa keys
const rsa = await generateKeyPair('rsa', {
modulusLength: 4096,
publicKeyEncoding: {
type: 'spki',
format: 'pem'
},
privateKeyEncoding: {
type: 'pkcs8',
format: 'pem'
}
})
user.rsa = rsa
})
return user
} }

27
server/federation/follows.js
View File

@@ -10,26 +10,23 @@ module.exports = {
const body = req.body const body = req.body
if (typeof body.object !== 'string') { return } if (typeof body.object !== 'string') { return }
const username = body.object.replace(`${config.baseurl}/federation/u/`, '') const username = body.object.replace(`${config.baseurl}/federation/u/`, '')
const user = await User.findOne({ where: { username }, include: { model: FedUsers, as: 'followers' } }) if (username !== req.settings.instance_name) { return res.status(404).send('User not found') }
if (!user) { return res.status(404).send('User not found') }
// check for duplicate // check for duplicate
if (!user.followers.includes(body.actor)) { // if (!user.followers.includes(body.actor)) {
await user.addFollowers([req.fedi_user.ap_id]) // await user.addFollowers([req.fedi_user.id])
// await user.update({ followers: [...user.followers, body.actor] }) // await user.update({ followers: [...user.followers, body.actor] })
debug('%s followed by %s (%d)', username, body.actor, user.followers.length + 1) await req.fedi_user.update({ follower: true })
} else { debug('Followed by %s', body.actor)
debug('duplicate %s followed by %s', username, body.actor)
}
const guid = crypto.randomBytes(16).toString('hex') const guid = crypto.randomBytes(16).toString('hex')
const message = { const message = {
'@context': 'https://www.w3.org/ns/activitystreams', '@context': 'https://www.w3.org/ns/activitystreams',
'id': `${config.baseurl}/federation/${guid}`, 'id': `${config.baseurl}/federation/${guid}`,
'type': 'Accept', 'type': 'Accept',
'actor': `${config.baseurl}/federation/u/${user.username}`, 'actor': `${config.baseurl}/federation/u/${username}`,
'object': body 'object': body
} }
Helpers.signAndSend(message, user, req.fedi_user.object.inbox) Helpers.signAndSend(message, req.fedi_user.object.inbox)
res.sendStatus(200) res.sendStatus(200)
}, },
@@ -37,16 +34,14 @@ module.exports = {
async unfollow (req, res) { async unfollow (req, res) {
const body = req.body const body = req.body
const username = body.object.object.replace(`${config.baseurl}/federation/u/`, '') const username = body.object.object.replace(`${config.baseurl}/federation/u/`, '')
const user = await User.findOne({ where: { username }, include: { model: FedUsers, as: 'followers' } }) if (username !== req.settings.instance_name) { return res.status(404).send('User not found') }
if (!user) { return res.status(404).send('User not found') }
if (body.actor !== body.object.actor || body.actor !== req.fedi_user.ap_id) { if (body.actor !== body.object.actor || body.actor !== req.fedi_user.ap_id) {
debug('Unfollow an user created by a different actor !?!?') debug('Unfollow an user created by a different actor !?!?')
return res.status(400).send('Bad things') return res.status(400).send('Bad things')
} }
await req.fedi_user.update({ follower: false })
if (req.fedi_user) { await user.removeFollowers(req.fedi_user.ap_id) } debug('Unfollowed by %s', body.actor)
debug('%s unfollowed by %s', username, body.actor)
res.sendStatus(200) res.sendStatus(200)
} }
} }

78
server/federation/helpers.js
View File

@@ -4,7 +4,7 @@ const crypto = require('crypto')
const config = require('config') const config = require('config')
const httpSignature = require('http-signature') const httpSignature = require('http-signature')
const debug = require('debug')('federation:helpers') const debug = require('debug')('federation:helpers')
const { user: User, fed_users: FedUsers, instances: Instances } = require('../api/models') const { APUser, Instance } = require('../api/models')
const url = require('url') const url = require('url')
const settingsController = require('../api/controller/settings') const settingsController = require('../api/controller/settings')
@@ -24,10 +24,10 @@ const Helpers = {
next() next()
}, },
async signAndSend (message, user, inbox) { async signAndSend (message, inbox) {
// get the URI of the actor object and append 'inbox' to it // get the URI of the actor object and append 'inbox' to it
const inboxUrl = new url.URL(inbox) const inboxUrl = new url.URL(inbox)
const privkey = user.rsa.privateKey const privkey = settingsController.secretSettings.privateKey
const signer = crypto.createSign('sha256') const signer = crypto.createSign('sha256')
const d = new Date() const d = new Date()
const stringToSign = `(request-target): post ${inboxUrl.pathname}\nhost: ${inboxUrl.hostname}\ndate: ${d.toUTCString()}` const stringToSign = `(request-target): post ${inboxUrl.pathname}\nhost: ${inboxUrl.hostname}\ndate: ${d.toUTCString()}`
@@ -35,7 +35,7 @@ const Helpers = {
signer.end() signer.end()
const signature = signer.sign(privkey) const signature = signer.sign(privkey)
const signature_b64 = signature.toString('base64') const signature_b64 = signature.toString('base64')
const header = `keyId="${config.baseurl}/federation/u/${user.username}",headers="(request-target) host date",signature="${signature_b64}"` const header = `keyId="${config.baseurl}/federation/u/${settingsController.settings.instance_name}",headers="(request-target) host date",signature="${signature_b64}"`
const ret = await fetch(inbox, { const ret = await fetch(inbox, {
headers: { headers: {
'Host': inboxUrl.hostname, 'Host': inboxUrl.hostname,
@@ -49,82 +49,38 @@ const Helpers = {
debug('sign %s => %s', ret.status, await ret.text()) debug('sign %s => %s', ret.status, await ret.text())
}, },
async sendEvent (event, user, type = 'Create') { async sendEvent (event, type = 'Create') {
if (!settingsController.settings.enable_federation) { if (!settingsController.settings.enable_federation) {
debug('event not send, federation disabled') debug('event not send, federation disabled')
return return
} }
// event is sent by user that published it and by the admin instance const followers = await APUser.findAll({ where: { follow: true } })
// collect followers from admin and user
const instanceAdmin = await User.findOne({ where: { email: config.admin_email }, include: { model: FedUsers, as: 'followers' } })
if (!instanceAdmin || !instanceAdmin.username) {
debug('Instance admin not found (there is no user with email => %s)', config.admin_email)
return
}
const recipients = {} const recipients = {}
instanceAdmin.followers.forEach(follower => { followers.forEach(follower => {
const sharedInbox = follower.object.endpoints.sharedInbox const sharedInbox = follower.object.endpoints.sharedInbox
if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] } if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
recipients[sharedInbox].push(follower.ap_id) recipients[sharedInbox].push(follower.ap_id)
}) })
for (const sharedInbox in recipients) { for (const sharedInbox in recipients) {
debug('Notify %s with event %s (from admin %s) cc => %d', sharedInbox, event.title, instanceAdmin.username, recipients[sharedInbox].length) debug('Notify %s with event %s cc => %d', sharedInbox, event.title , recipients[sharedInbox].length)
const body = { const body = {
id: `${config.baseurl}/federation/m/${event.id}#create`, id: `${config.baseurl}/federation/m/${event.id}#create`,
type, type,
to: ['https://www.w3.org/ns/activitystreams#Public'], to: ['https://www.w3.org/ns/activitystreams#Public'],
cc: [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]], cc: [`${config.baseurl}/federation/u/${settingsController.settings.instance_name}/followers`, ...recipients[sharedInbox]],
// cc: recipients[sharedInbox], // cc: recipients[sharedInbox],
actor: `${config.baseurl}/federation/u/${instanceAdmin.username}`, actor: `${config.baseurl}/federation/u/${settingsController.settings.instance_name}`,
// object: event.toAP(instanceAdmin.username, [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]]) // object: event.toNoteAP(instanceAdmin.username, [`${config.baseurl}/federation/u/${instanceAdmin.username}/followers`, ...recipients[sharedInbox]])
object: event.toAP(instanceAdmin.username, recipients[sharedInbox]) object: event.toNoteAP(settingsController.settings.instance_name, recipients[sharedInbox])
} }
body['@context'] = [ body['@context'] = [
'https://www.w3.org/ns/activitystreams', 'https://www.w3.org/ns/activitystreams',
'https://w3id.org/security/v1', 'https://w3id.org/security/v1',
{ Hashtag: 'as:Hashtag' } ] { Hashtag: 'as:Hashtag' } ]
Helpers.signAndSend(body, instanceAdmin, sharedInbox) Helpers.signAndSend(body, sharedInbox)
} }
// TODO
// in case the event is published by the Admin itself do not add user
// if (instanceAdmin.id === user.id) {
// debug('Event published by instance Admin')
// return
// }
// if (!user.settings.enable_federation || !user.username) {
// debug('Federation disabled for user %d (%s)', user.id, user.username)
// return
// }
// debug('Sending to user followers => ', user.username)
// user = await User.findByPk(user.id, { include: { model: FedUsers, as: 'followers' } })
// debug('Sending to user followers => ', user.followers.length)
// recipients = {}
// user.followers.forEach(follower => {
// const sharedInbox = follower.object.endpoints.sharedInbox
// if (!recipients[sharedInbox]) { recipients[sharedInbox] = [] }
// recipients[sharedInbox].push(follower.ap_id)
// })
// for (const sharedInbox in recipients) {
// debug('Notify %s with event %s (from user %s) cc => %d', sharedInbox, event.title, user.username, recipients[sharedInbox].length)
// const body = {
// id: `${config.baseurl}/federation/m/${event.id}#create`,
// type: 'Create',
// to: ['https://www.w3.org/ns/activitystreams#Public'],
// cc: [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]],
// // cc: recipients[sharedInbox],
// actor: `${config.baseurl}/federation/u/${user.username}`,
// // object: event.toAP(user.username, [`${config.baseurl}/federation/u/${user.username}/followers`, ...recipients[sharedInbox]])
// object: event.toAP(user.username, recipients[sharedInbox])
// }
// body['@context'] = 'https://www.w3.org/ns/activitystreams'
// Helpers.signAndSend(body, user, sharedInbox)
// }
}, },
async getActor (URL, instance, force = false) { async getActor (URL, instance, force = false) {
@@ -132,7 +88,7 @@ const Helpers = {
// try with cache first // try with cache first
if (!force) { if (!force) {
fedi_user = await FedUsers.findByPk(URL, { include: Instances }) fedi_user = await APUser.findByPk(URL, { include: Instance })
if (fedi_user) { if (fedi_user) {
if (!fedi_user.instances) { if (!fedi_user.instances) {
fedi_user.setInstance(instance) fedi_user.setInstance(instance)
@@ -151,7 +107,7 @@ const Helpers = {
}) })
if (fedi_user) { if (fedi_user) {
fedi_user = await FedUsers.create({ ap_id: URL, object: fedi_user }) fedi_user = await APUser.create({ ap_id: URL, object: fedi_user })
} }
return fedi_user return fedi_user
}, },
@@ -163,7 +119,7 @@ const Helpers = {
debug('getInstance %s', domain) debug('getInstance %s', domain)
let instance let instance
if (!force) { if (!force) {
instance = await Instances.findByPk(domain) instance = await Instance.findByPk(domain)
if (instance) { return instance } if (instance) { return instance }
} }
@@ -174,7 +130,7 @@ const Helpers = {
stats: instance.stats, stats: instance.stats,
thumbnail: instance.thumbnail thumbnail: instance.thumbnail
} }
return Instances.create({ name: instance.title, domain, data, blocked: false }) return Instance.create({ name: instance.title, domain, data, blocked: false })
}) })
.catch(e => { .catch(e => {
debug(e) debug(e)

2
server/federation/index.js
View File

@@ -33,7 +33,7 @@ router.get('/m/:event_id', async (req, res) => {
const event = await Event.findByPk(req.params.event_id, { include: [ User, Tag, Place ] }) const event = await Event.findByPk(req.params.event_id, { include: [ User, Tag, Place ] })
if (!event) { return res.status(404).send('Not found') } if (!event) { return res.status(404).send('Not found') }
return res.json(event.toAP(event.user.username)) return res.json(event.toNoteAP(event.user.username))
}) })
// get any message coming from federation // get any message coming from federation

28
server/federation/users.js
View File

@@ -23,8 +23,8 @@ module.exports = {
id: `${config.baseurl}/federation/u/${name}`, id: `${config.baseurl}/federation/u/${name}`,
type: 'Person', type: 'Person',
summary: config.description, summary: config.description,
name: user.display_name || user.username, name,
preferredUsername: user.username, preferredUsername: name,
inbox: `${config.baseurl}/federation/u/${name}/inbox`, inbox: `${config.baseurl}/federation/u/${name}/inbox`,
// outbox: `${config.baseurl}/federation/u/${name}/outbox`, // outbox: `${config.baseurl}/federation/u/${name}/outbox`,
// followers: `${config.baseurl}/federation/u/${name}/followers`, // followers: `${config.baseurl}/federation/u/${name}/followers`,
@@ -42,19 +42,23 @@ module.exports = {
publicKey: { publicKey: {
id: `${config.baseurl}/federation/u/${name}#main-key`, id: `${config.baseurl}/federation/u/${name}#main-key`,
owner: `${config.baseurl}/federation/u/${name}`, owner: `${config.baseurl}/federation/u/${name}`,
publicKeyPem: get(user, 'rsa.publicKey', '') publicKeyPem: req.settings.publicKey
} }
} }
res.type('application/activity+json; charset=utf-8') res.type('application/activity+json; charset=utf-8')
res.json(ret) res.json(ret)
}, },
async followers (req, res) {
async followers(req, res) {
// TODO
const name = req.params.name const name = req.params.name
const page = req.query.page const page = req.query.page
debug('Retrieve %s followers', name) debug('Retrieve %s followers', name)
if (!name) { return res.status(400).send('Bad request.') } if (!name) { return res.status(400).send('Bad request.') }
const user = await User.findOne({ where: { username: name }, include: [{ model: FedUsers, as: 'followers' }] }) if (name !== req.settings.instance_name) {
if (!user) { return res.status(404).send(`No record found for ${name}`) } return res.status(404).send(`No record found for ${name}`)
}
const followers = await APUser.findAll({ where: { follower: true } })
res.type('application/activity+json; charset=utf-8') res.type('application/activity+json; charset=utf-8')
@@ -64,19 +68,19 @@ module.exports = {
'@context': 'https://www.w3.org/ns/activitystreams', '@context': 'https://www.w3.org/ns/activitystreams',
id: `${config.baseurl}/federation/u/${name}/followers`, id: `${config.baseurl}/federation/u/${name}/followers`,
type: 'OrderedCollection', type: 'OrderedCollection',
totalItems: user.followers.length, totalItems: followers.length,
first: `${config.baseurl}/federation/u/${name}/followers?page=true`, first: `${config.baseurl}/federation/u/${name}/followers?page=true`,
last: `${config.baseurl}/federation/u/${name}/followers?page=true`, last: `${config.baseurl}/federation/u/${name}/followers?page=true`,
orderedItems: user.followers.map(f => f.ap_id) orderedItems: followers.map(f => f.ap_id)
}) })
} }
return res.json({ return res.json({
'@context': 'https://www.w3.org/ns/activitystreams', '@context': 'https://www.w3.org/ns/activitystreams',
id: `${config.baseurl}/federation/u/${name}/followers?page=${page}`, id: `${config.baseurl}/federation/u/${name}/followers?page=${page}`,
type: 'OrderedCollectionPage', type: 'OrderedCollectionPage',
totalItems: user.followers.length, totalItems: followers.length,
partOf: `${config.baseurl}/federation/u/${name}/followers`, partOf: `${config.baseurl}/federation/u/${name}/followers`,
orderedItems: user.followers.map(f => f.ap_id) orderedItems: followers.map(f => f.ap_id)
}) })
}, },
@@ -115,7 +119,7 @@ module.exports = {
totalItems: user.events.length, totalItems: user.events.length,
partOf: `${config.baseurl}/federation/u/${name}/outbox`, partOf: `${config.baseurl}/federation/u/${name}/outbox`,
orderedItems: user.events.map(e => ({ orderedItems: user.events.map(e => ({
...e.toAP(user.username), actor: `${config.baseurl}/federation/u/${user.username}`})) ...e.toNoteAP(user.username), actor: `${config.baseurl}/federation/u/${user.username}` }))
// user.events.map(e => ({ // user.events.map(e => ({
// id: `${config.baseurl}/federation/m/${e.id}#create`, // id: `${config.baseurl}/federation/m/${e.id}#create`,
// type: 'Create', // type: 'Create',
@@ -123,7 +127,7 @@ module.exports = {
// cc: [`${config.baseurl}/federation/u/${user.username}/followers`], // cc: [`${config.baseurl}/federation/u/${user.username}/followers`],
// published: e.createdAt, // published: e.createdAt,
// actor: `${config.baseurl}/federation/u/${user.username}`, // actor: `${config.baseurl}/federation/u/${user.username}`,
// object: e.toAP(user.username) // object: e.toNoteAP(user.username)
// })) // }))
}) })
} }

9
server/federation/webfinger.js
View File

@@ -15,23 +15,20 @@ router.use((req, res, next) => {
res.status(404).send('Federation disabled') res.status(404).send('Federation disabled')
}) })
router.get('/webfinger', async (req, res) => { router.get('/webfinger', (req, res) => {
if (!req.query || !req.query.resource || !req.query.resource.includes('acct:')) { if (!req.query || !req.query.resource || !req.query.resource.includes('acct:')) {
debug('Bad webfinger request => %s', req.query && req.query.resource) debug('Bad webfinger request => %s', req.query && req.query.resource)
return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.') return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.')
} }
const resource = req.query.resource const resource = req.query.resource
const domain = url.parse(req.settings.baseurl).host const domain = (new url.URL(req.settings.baseurl)).host
const [, name, req_domain] = resource.match(/acct:(.*)@(.*)/) const [, name, req_domain] = resource.match(/acct:(.*)@(.*)/)
if (domain !== req_domain) { if (domain !== req_domain) {
debug('Bad webfinger request, requested domain "%s" instead of "%s"', req_domain, domain) debug('Bad webfinger request, requested domain "%s" instead of "%s"', req_domain, domain)
return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.') return res.status(400).send('Bad request. Please make sure "acct:USER@DOMAIN" is what you are sending as the "resource" query parameter.')
} }
if (name !== req.settings.instance_name) {
const user = await User.findOne({ where: { username: name } })
if (!user) {
debug('User not found: %s', name) debug('User not found: %s', name)
return res.status(404).send(`No record found for ${name}`) return res.status(404).send(`No record found for ${name}`)
} }

14
server/firstrun.js
View File

@@ -39,24 +39,10 @@ module.exports = {
await db.user.create({ await db.user.create({
email: admin.email, email: admin.email,
password: admin.password, password: admin.password,
username: config.title.toLowerCase().replace(/ /g, ''),
display_name: config.title,
is_admin: true, is_admin: true,
is_active: true is_active: true
}) })
// set default settings
consola.info('Set default settings')
const settings = require('./api/controller/settings')
await settings.set('allow_registration', true)
await settings.set('allow_anon_event', true)
await settings.set('allow_recurrent_event', false)
await settings.set('recurrent_event_visible', true)
await settings.set('enable_federation', false)
await settings.set('enable_comments', false)
await settings.set('disable_gamification', true)
await settings.set('instance_timezone', 'Europe/Rome')
// add default notification // add default notification
consola.info('Add default notification') consola.info('Add default notification')

6
server/helpers.js
View File

@@ -1,6 +1,5 @@
const settingsController = require('./api/controller/settings') const settingsController = require('./api/controller/settings')
const { user: User } = require('./api/models') const { user: User } = require('./api/models')
const { Op } = require('sequelize')
const acceptLanguage = require('accept-language') const acceptLanguage = require('accept-language')
const expressJwt = require('express-jwt') const expressJwt = require('express-jwt')
const moment = require('moment-timezone') const moment = require('moment-timezone')
@@ -22,7 +21,8 @@ const jwt = expressJwt({
}) })
module.exports = { module.exports = {
initMiddleware (req, res, next) { async initMiddleware (req, res, next) {
await settingsController.load()
// initialize settings // initialize settings
req.settings = settingsController.settings req.settings = settingsController.settings
req.secretSettings = settingsController.secretSettings req.secretSettings = settingsController.secretSettings
@@ -44,7 +44,7 @@ module.exports = {
jwt(req, res, async () => { jwt(req, res, async () => {
if (!req.user) { return next() } if (!req.user) { return next() }
req.user = await User.findOne({ req.user = await User.findOne({
where: { id: { [Op.eq]: req.user.id }, is_active: true } }) where: { id: req.user.id, is_active: true } })
next() next()
}) })
} }

6
server/notifier.js
View File

@@ -5,7 +5,7 @@ const debug = require('debug')('notifier')
const fediverseHelpers = require('./federation/helpers') const fediverseHelpers = require('./federation/helpers')
const { event: Event, notification: Notification, event_notification: EventNotification, const { event: Event, notification: Notification, event_notification: EventNotification,
user: User, place: Place, tag: Tag, fed_users: FedUsers } = require('./api/models') user: User, place: Place, tag: Tag, ap_user: APUser } = require('./api/models')
const eventController = require('./api/controller/event') const eventController = require('./api/controller/event')
const notifier = { const notifier = {
@@ -21,14 +21,14 @@ const notifier = {
promises.push(p) promises.push(p)
break break
case 'ap': case 'ap':
p = fediverseHelpers.sendEvent(event, event.user, notification.action) p = fediverseHelpers.sendEvent(event, notification.action)
promises.push(p) promises.push(p)
} }
return Promise.all(promises) return Promise.all(promises)
}, },
async notifyEvent (action, eventId) { async notifyEvent (action, eventId) {
const event = await Event.findByPk(eventId, { const event = await Event.findByPk(eventId, {
include: [ Tag, Place, Notification, { model: User, include: { model: FedUsers, as: 'followers' } } ] include: [ Tag, Place, Notification, { model: User, include: { model: APUser, as: 'followers' } } ]
}) })
debug('%s -> %s', action, event.title) debug('%s -> %s', action, event.title)

5
store/index.js
View File

@@ -10,13 +10,14 @@ export const state = () => ({
places: [], places: [],
settings: { settings: {
instance_timezone: 'Europe/Rome', instance_timezone: 'Europe/Rome',
instance_name: '',
allow_registration: true, allow_registration: true,
allow_anon_event: true, allow_anon_event: true,
allow_recurrent_event: true, allow_recurrent_event: true,
recurrent_event_visible: false, recurrent_event_visible: false,
enable_federation: false, enable_federation: false,
enable_comments: false, enable_resources: false,
disable_gamification: true hide_boosts: true
}, },
in_past: false, in_past: false,
filters: { filters: {

2
views/feed/rss.pug
View File

@@ -18,5 +18,5 @@ rss(version='2.0' xmlns:atom="http://www.w3.org/2005/Atom")
| <img src="#{settings.baseurl}/media/#{event.image_path}"/> | <img src="#{settings.baseurl}/media/#{event.image_path}"/>
| <pre>!{event.description}</pre> | <pre>!{event.description}</pre>
| ]]> | ]]>
pubDate= new Date(event.createdAt).toUTCString() pubDate= new Date(event.updatedAt).toUTCString()
guid(isPermaLink='false') #{settings.baseurl}/event/#{event.id} guid(isPermaLink='false') #{settings.baseurl}/event/#{event.id}

48
yarn.lock
View File

@@ -1642,6 +1642,11 @@ array-includes@^3.0.3:
define-properties "^1.1.2" define-properties "^1.1.2"
es-abstract "^1.7.0" es-abstract "^1.7.0"
array-uniq@^1.0.2:
version "1.0.3"
resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6"
integrity sha1-r2rId6Jcx/dOBYiUdThY39sk/bY=
array-unique@^0.3.2: array-unique@^0.3.2:
version "0.3.2" version "0.3.2"
resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428" resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428"
@@ -5120,7 +5125,7 @@ html-webpack-plugin@^3.2.0:
toposort "^1.0.0" toposort "^1.0.0"
util.promisify "1.0.0" util.promisify "1.0.0"
htmlparser2@^3.10.1, htmlparser2@^3.3.0, htmlparser2@^3.9.1, htmlparser2@^3.9.2: htmlparser2@^3.10.0, htmlparser2@^3.10.1, htmlparser2@^3.3.0, htmlparser2@^3.9.1, htmlparser2@^3.9.2:
version "3.10.1" version "3.10.1"
resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.10.1.tgz#bd679dc3f59897b6a34bb10749c855bb53a9392f" resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.10.1.tgz#bd679dc3f59897b6a34bb10749c855bb53a9392f"
integrity sha512-IgieNijUMbkDovyoKObU1DUhm1iwNYE/fuifEoEHfd1oZKZDaONBSkal7Y01shxsM49R4XaMdGez3WnF9UfiCQ== integrity sha512-IgieNijUMbkDovyoKObU1DUhm1iwNYE/fuifEoEHfd1oZKZDaONBSkal7Y01shxsM49R4XaMdGez3WnF9UfiCQ==
@@ -6188,6 +6193,11 @@ lodash.camelcase@^4.1.1:
resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6" resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6"
integrity sha1-soqmKIorn8ZRA1x3EfZathkDMaY= integrity sha1-soqmKIorn8ZRA1x3EfZathkDMaY=
lodash.clonedeep@^4.5.0:
version "4.5.0"
resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef"
integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=
lodash.defaults@^4.0.1: lodash.defaults@^4.0.1:
version "4.2.0" version "4.2.0"
resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c" resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c"
@@ -6198,6 +6208,11 @@ lodash.defaultsdeep@^4.6.0:
resolved "https://registry.yarnpkg.com/lodash.defaultsdeep/-/lodash.defaultsdeep-4.6.1.tgz#512e9bd721d272d94e3d3a63653fa17516741ca6" resolved "https://registry.yarnpkg.com/lodash.defaultsdeep/-/lodash.defaultsdeep-4.6.1.tgz#512e9bd721d272d94e3d3a63653fa17516741ca6"
integrity sha512-3j8wdDzYuWO3lM3Reg03MuQR957t287Rpcxp1njpEa8oDrikb+FwGdW3n+FELh/A6qib6yPit0j/pv9G/yeAqA== integrity sha512-3j8wdDzYuWO3lM3Reg03MuQR957t287Rpcxp1njpEa8oDrikb+FwGdW3n+FELh/A6qib6yPit0j/pv9G/yeAqA==
lodash.escaperegexp@^4.1.2:
version "4.1.2"
resolved "https://registry.yarnpkg.com/lodash.escaperegexp/-/lodash.escaperegexp-4.1.2.tgz#64762c48618082518ac3df4ccf5d5886dae20347"
integrity sha1-ZHYsSGGAglGKw99Mz11YhtriA0c=
lodash.filter@^4.4.0: lodash.filter@^4.4.0:
version "4.6.0" version "4.6.0"
resolved "https://registry.yarnpkg.com/lodash.filter/-/lodash.filter-4.6.0.tgz#668b1d4981603ae1cc5a6fa760143e480b4c4ace" resolved "https://registry.yarnpkg.com/lodash.filter/-/lodash.filter-4.6.0.tgz#668b1d4981603ae1cc5a6fa760143e480b4c4ace"
@@ -6268,6 +6283,11 @@ lodash.merge@^4.4.0:
resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a" resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ== integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
lodash.mergewith@^4.6.1:
version "4.6.2"
resolved "https://registry.yarnpkg.com/lodash.mergewith/-/lodash.mergewith-4.6.2.tgz#617121f89ac55f59047c7aec1ccd6654c6590f55"
integrity sha512-GK3g5RPZWTRSeLSpgP8Xhra+pnjBC56q9FZYe1d5RN3TJ35dbkGy3YqBSMbyCrlbi+CM9Z3Jk5yTL7RCsqboyQ==
lodash.once@^4.0.0: lodash.once@^4.0.0:
version "4.1.1" version "4.1.1"
resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac"
@@ -9187,6 +9207,22 @@ safefs@^3.1.2:
resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
sanitize-html@^1.20.1:
version "1.20.1"
resolved "https://registry.yarnpkg.com/sanitize-html/-/sanitize-html-1.20.1.tgz#f6effdf55dd398807171215a62bfc21811bacf85"
integrity sha512-txnH8TQjaQvg2Q0HY06G6CDJLVYCpbnxrdO0WN8gjCKaU5J0KbyGYhZxx5QJg3WLZ1lB7XU9kDkfrCXUozqptA==
dependencies:
chalk "^2.4.1"
htmlparser2 "^3.10.0"
lodash.clonedeep "^4.5.0"
lodash.escaperegexp "^4.1.2"
lodash.isplainobject "^4.0.6"
lodash.isstring "^4.0.1"
lodash.mergewith "^4.6.1"
postcss "^7.0.5"
srcset "^1.0.0"
xtend "^4.0.1"
sass-loader@^8.0.0: sass-loader@^8.0.0:
version "8.0.0" version "8.0.0"
resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-8.0.0.tgz#e7b07a3e357f965e6b03dd45b016b0a9746af797" resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-8.0.0.tgz#e7b07a3e357f965e6b03dd45b016b0a9746af797"
@@ -9646,6 +9682,14 @@ sqlite3@^4.1.0:
node-pre-gyp "^0.11.0" node-pre-gyp "^0.11.0"
request "^2.87.0" request "^2.87.0"
srcset@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/srcset/-/srcset-1.0.0.tgz#a5669de12b42f3b1d5e83ed03c71046fc48f41ef"
integrity sha1-pWad4StC87HV6D7QPHEEb8SPQe8=
dependencies:
array-uniq "^1.0.2"
number-is-nan "^1.0.0"
sshpk@^1.14.1, sshpk@^1.7.0: sshpk@^1.14.1, sshpk@^1.7.0:
version "1.16.1" version "1.16.1"
resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877" resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877"
@@ -11113,7 +11157,7 @@ xregexp@^2.0.0:
resolved "https://registry.yarnpkg.com/xregexp/-/xregexp-2.0.0.tgz#52a63e56ca0b84a7f3a5f3d61872f126ad7a5943" resolved "https://registry.yarnpkg.com/xregexp/-/xregexp-2.0.0.tgz#52a63e56ca0b84a7f3a5f3d61872f126ad7a5943"
integrity sha1-UqY+VsoLhKfzpfPWGHLxJq16WUM= integrity sha1-UqY+VsoLhKfzpfPWGHLxJq16WUM=
xtend@^4.0.0, xtend@^4.0.2, xtend@~4.0.1: xtend@^4.0.0, xtend@^4.0.1, xtend@^4.0.2, xtend@~4.0.1:
version "4.0.2" version "4.0.2"
resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54" resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ== integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==