hippofish/CONTRIBUTING.md
tamaina 5f88d56d96
perf(federation): Ed25519署名に対応する (#13464)
* 1. ed25519キーペアを発行・Personとして公開鍵を送受信

* validate additionalPublicKeys

* getAuthUserFromApIdはmainを選ぶ

* ✌️

* fix

* signatureAlgorithm

* set publicKeyCache lifetime

* refresh

* httpMessageSignatureAcceptable

* ED25519_SIGNED_ALGORITHM

* ED25519_PUBLIC_KEY_SIGNATURE_ALGORITHM

* remove sign additionalPublicKeys signature requirements

* httpMessageSignaturesSupported

* httpMessageSignaturesImplementationLevel

* httpMessageSignaturesImplementationLevel: '01'

* perf(federation): Use hint for getAuthUserFromApId (#13470)

* Hint for getAuthUserFromApId

* とどのつまりこれでいいのか?

* use @misskey-dev/node-http-message-signatures

* fix

* signedPost, signedGet

* ap-request.tsを復活させる

* remove digest prerender

* fix test?

* fix test

* add httpMessageSignaturesImplementationLevel to FederationInstance

* ManyToOne

* fetchPersonWithRenewal

* exactKey

* ✌️

* use const

* use gen-key-pair fn. from  '@misskey-dev/node-http-message-signatures'

* update node-http-message-signatures

* fix

* @misskey-dev/node-http-message-signatures@0.0.0-alpha.11

* getAuthUserFromApIdでupdatePersonの頻度を増やす

* cacheRaw.date

* use requiredInputs
https://github.com/misskey-dev/misskey/pull/13464#discussion_r1509964359

* update @misskey-dev/node-http-message-signatures

* clean up

* err msg

* fix(backend): fetchInstanceMetadataのLockが永遠に解除されない問題を修正

Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>

* fix httpMessageSignaturesImplementationLevel validation

* fix test

* fix

* comment

* comment

* improve test

* fix

* use Promise.all in genRSAAndEd25519KeyPair

* refreshAndprepareEd25519KeyPair

* refreshAndfindKey

* commetn

* refactor public keys add

* digestプリレンダを復活させる

RFC実装時にどうするか考える

* fix, async

* fix

* !== true

* use save

* Deliver update person when new key generated (not tested)
https://github.com/misskey-dev/misskey/pull/13464#issuecomment-1977049061

* 循環参照で落ちるのを解消?

* fix?

* Revert "fix?"

This reverts commit 0082f6f8e8c5d5febd14933ba9a1ac643f70ca92.

* a

* logger

* log

* change logger

* 秘密鍵の変更は、フラグではなく鍵を引き回すようにする

* addAllKnowingSharedInboxRecipe

* nanka meccha kaeta

* delivre

* キャッシュ有効チェックはロック取得前に行う

* @misskey-dev/node-http-message-signatures@0.0.3

* PrivateKeyPem

* getLocalUserPrivateKey

* fix test

* if

* fix ap-request

* update node-http-message-signatures

* fix type error

* update package

* fix type

* update package

* retry no key

* @misskey-dev/node-http-message-signatures@0.0.8

* fix type error

* log keyid

* logger

* db-resolver

* JSON.stringify

* HTTP Signatureがなかったり使えなかったりしそうな場合にLD Signatureを活用するように

* inbox-delayed use actor if no signature

* ユーザーとキーの同一性チェックはhostの一致にする

* log signature parse err

* save array

* とりあえずtryで囲っておく

* fetchPersonWithRenewalでエラーが起きたら古いデータを返す

* use transactionalEntityManager

* fix spdx

* @misskey-dev/node-http-message-signatures@0.0.10

* add comment

* fix

* publicKeyに配列が入ってもいいようにする
https://github.com/misskey-dev/misskey/pull/13950

* define additionalPublicKeys

* fix

* merge fix

* refreshAndprepareEd25519KeyPair → refreshAndPrepareEd25519KeyPair

* remove gen-key-pair.ts

* defaultMaxListeners = 512

* Revert "defaultMaxListeners = 512"

This reverts commit f2c412c18057a9300540794ccbe4dfbf6d259ed6.

* genRSAAndEd25519KeyPairではキーを直列に生成する?

* maxConcurrency: 8

* maxConcurrency: 16

* maxConcurrency: 8

* Revert "genRSAAndEd25519KeyPairではキーを直列に生成する?"

This reverts commit d0aada55c1ed5aa98f18731ec82f3ac5eb5a6c16.

* maxWorkers: '90%'

* Revert "maxWorkers: '90%'"

This reverts commit 9e0a93f110456320d6485a871f014f7cdab29b33.

* e2e/timelines.tsで個々のテストに対するtimeoutを削除, maxConcurrency: 32

* better error handling of this.userPublickeysRepository.delete

* better comment

* set result to keypairEntityCache

* deliverJobConcurrency: 16, deliverJobPerSec: 1024, inboxJobConcurrency: 4

* inboxJobPerSec: 64

* delete request.headers['host'];

* fix

* // node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!

* move delete host

* modify comment

* modify comment

* fix correct → collect

* refreshAndfindKey → refreshAndFindKey

* modify comment

* modify attachLdSignature

* getApId, InboxProcessorService

* TODO

* [skip ci] add CHANGELOG

---------

Co-authored-by: MeiMei <30769358+mei23@users.noreply.github.com>
Co-authored-by: まっちゃとーにゅ <17376330+u1-liquid@users.noreply.github.com>
2024-07-18 01:28:17 +09:00

20 KiB
Raw Blame History

Contribution guide

We're glad you're interested in contributing Misskey! In this document you will find the information you need to contribute to the project.

Note

This project uses Japanese as its major language, but you do not need to translate and write the Issues/PRs in Japanese. Also, you might receive comments on your Issue/PR in Japanese, but you do not need to reply to them in Japanese as well.
The accuracy of machine translation into Japanese is not high, so it will be easier for us to understand if you write it in the original language. It will also allow the reader to use the translation tool of their preference if necessary.

Roadmap

See ROADMAP.md

Issues

Before creating an issue, please check the following:

  • To avoid duplication, please search for similar issues before creating a new issue.
  • Do not use Issues to ask questions or troubleshooting.
    • Issues should only be used to feature requests, suggestions, and bug tracking.
    • Please ask questions or troubleshooting in GitHub Discussions or Discord.

Warning

Do not close issues that are about to be resolved. It should remain open until a commit that actually resolves it is merged.

Before implementation

When you want to add a feature or fix a bug, first have the design and policy reviewed in an Issue (if it is not there, please make one). Without this step, there is a high possibility that the PR will not be merged even if it is implemented.

At this point, you also need to clarify the goals of the PR you will create, and make sure that the other members of the team are aware of them. PRs that do not have a clear set of do's and don'ts tend to be bloated and difficult to review.

Also, when you start implementation, assign yourself to the Issue (if you cannot do it yourself, ask another member to assign you). By expressing your intention to work the Issue, you can prevent conflicts in the work.

Well-known branches

  • master branch is tracking the latest release and used for production purposes.
  • develop branch is where we work for the next release.
    • When you create a PR, basically target it to this branch.
  • l10n_develop branch is reserved for localization management.

Creating a PR

Thank you for your PR! Before creating a PR, please check the following:

  • If possible, prefix the title with a keyword that identifies the type of this PR, as shown below.
    • fix / refactor / feat / enhance / perf / chore etc
    • Also, make sure that the granularity of this PR is appropriate. Please do not include more than one type of change or interest in a single PR.
  • If there is an Issue which will be resolved by this PR, please include a reference to the Issue in the text.
  • Please add the summary of the changes to CHANGELOG.md. However, this is not necessary for changes that do not affect the users, such as refactoring.
  • Check if there are any documents that need to be created or updated due to this change.
  • If you have added a feature or fixed a bug, please add a test case if possible.
  • Please make sure that tests and Lint are passed in advance.
  • If this PR includes UI changes, please attach a screenshot in the text.

Thanks for your cooperation 🤗

Reviewers guide

Be willing to comment on the good points and not just the things you want fixed 💯

Review perspective

  • Scope
    • Are the goals of the PR clear?
    • Is the granularity of the PR appropriate?
  • Security
    • Does merging this PR create a vulnerability?
  • Performance
    • Will merging this PR cause unexpected performance degradation?
    • Is there a more efficient way?
  • Testing
    • Does the test ensure the expected behavior?
    • Are there any omissions or gaps?
    • Does it check for anomalies?

Deploy

The /deploy command by issue comment can be used to deploy the contents of a PR to the preview environment.

/deploy sha=<commit hash>

An actual domain will be assigned so you can test the federation.

Merge

Release

Release Instructions

  1. Commit version changes in the develop branch (package.json)
  2. Create a release PR.
    • Into master from develop branch.
    • The title must be in the format Release: x.y.z.
      • x.y.z is the new version you are trying to release.
  3. Deploy and perform a simple QA check. Also verify that the tests passed.
  4. Merge it. (Do not squash commit)
  5. Create a release of GitHub
    • The target branch must be master
    • The tag name must be the version

Note

Why this instruction is necessary:

  • To perform final QA checks
  • To distribute responsibility
  • To check direct commits to develop
  • To celebrate the release together 🎉

Localization (l10n)

Misskey uses Crowdin for localization management. You can improve our translations with your Crowdin account. Your changes in Crowdin are automatically submitted as a PR (with the title "New Crowdin translations") to the repository. The owner @syuilo merges the PR into the develop branch before the next release.

If your language is not listed in Crowdin, please open an issue.

Crowdin

Development

During development, it is useful to use the

pnpm dev

command.

  • Server-side source files and automatically builds them if they are modified. Automatically start the server process(es).
  • Vite HMR (just the vite command) is available. The behavior may be different from production.
  • Service Worker is watched by esbuild.
  • The front end can be viewed by accessing http://localhost:5173.
  • The backend listens on the port configured with port in .config/default.yml. If you have not changed it from the default, it will be "http://localhost:3000". If "port" in .config/default.yml is set to something other than 3000, you need to change the proxy settings in packages/frontend/vite.config.local-dev.ts.

MK_DEV_PREFER=backend pnpm dev

pnpm dev has another mode with MK_DEV_PREFER=backend.

MK_DEV_PREFER=backend pnpm dev
  • This mode is closer to the production environment than the default mode.
  • Vite runs behind the backend (the backend will proxy Vite at /vite).
  • You can see Misskey by accessing http://localhost:3000 (Replace 3000 with the port configured with port in .config/default.yml).
  • To change the port of Vite, specify with VITE_PORT environment variable.
  • HMR may not work in some environments such as Windows.

Dev Container

Instead of running pnpm locally, you can use Dev Container to set up your development environment. To use Dev Container, open the project directory on VSCode with Dev Containers installed.
Note: If you are using Windows, please clone the repository with WSL. Using Git for Windows will result in broken files due to the difference in how newlines are handled.

It will run the following command automatically inside the container.

git submodule update --init
pnpm install --frozen-lockfile
cp .devcontainer/devcontainer.yml .config/default.yml
pnpm build
pnpm migrate

After finishing the migration, run the pnpm dev command to start the development server.

pnpm dev

Testing

Run test

Create a config file.

cp .github/misskey/test.yml .config/

Prepare DB/Redis for testing.

docker compose -f packages/backend/test/compose.yml up

Alternatively, prepare an empty (data can be erased) DB and edit .config/test.yml.

Run all test.

pnpm test

Run specify test

pnpm jest -- foo.ts

e2e tests

TODO

Environment Variable

  • MISSKEY_CONFIG_YML: Specify the file path of config.yml instead of default.yml (e.g. 2nd.yml).
  • MISSKEY_USE_HTTP: If it's set true, federation requests (like nodeinfo and webfinger) will be http instead of https, useful for testing federation between servers in localhost. NEVER USE IN PRODUCTION. (was MISSKEY_WEBFINGER_USE_HTTP)

Continuous integration

Misskey uses GitHub Actions for executing automated tests. Configuration files are located in /.github/workflows.

Vue

Misskey uses Vue(v3) as its front-end framework.

  • Use TypeScript.
  • When creating a new component, please use the Composition API (with setup sugar and ref sugar) instead of the Options API.
    • Some of the existing components are implemented in the Options API, but it is an old implementation. Refactors that migrate those components to the Composition API are also welcome.

nirax

niraxは、Misskeyで使用しているオリジナルのフロントエンドルーティングシステムです。 vue-routerから影響を多大に受けているので、まずはvue-routerについて学ぶことをお勧めします。

ルート定義

ルート定義は、以下の形式のオブジェクトの配列です。

{
	name?: string;
	path: string;
	component: Component;
	query?: Record<string, string>;
	loginRequired?: boolean;
	hash?: string;
	globalCacheKey?: string;
	children?: RouteDef[];
}

Warning

現状、ルートは定義された順に評価されます。 たとえば、/foo/:idルート定義の次に/foo/barルート定義がされていた場合、後者がマッチすることはありません。

複数のルーター

vue-routerとの最大の違いは、niraxは複数のルーターが存在することを許可している点です。 これにより、アプリ内ウィンドウでブラウザとは個別にルーティングすることなどが可能になります。

Storybook

Misskey uses Storybook for UI development.

Setup & Run

Setup

pnpm --filter misskey-js build

Run

pnpm --filter frontend storybook-dev

Usage

When you create a new component (in this example, MyComponent.vue), the story file (MyComponent.stories.ts) will be automatically generated by the .storybook/generate.js script. You can override the default story by creating a impl story file (MyComponent.stories.impl.ts).

/* eslint-disable @typescript-eslint/explicit-function-return-type */
import { StoryObj } from '@storybook/vue3';
import MyComponent from './MyComponent.vue';
export const Default = {
	render(args) {
		return {
			components: {
				MyComponent,
			},
			setup() {
				return {
					args,
				};
			},
			computed: {
				props() {
					return {
						...this.args,
					};
				},
			},
			template: '<MyComponent v-bind="props" />',
		};
	},
	args: {
		foo: 'bar',
	},
	parameters: {
		layout: 'centered',
	},
} satisfies StoryObj<typeof MkAvatar>;

If you want to opt-out from the automatic generation, create a MyComponent.stories.impl.ts file and add the following line to the file.

import MyComponent from './MyComponent.vue';
void MyComponent;

You can override the component meta by creating a meta story file (MyComponent.stories.meta.ts).

export const argTypes = {
	scale: {
		control: {
			type: 'range',
			min: 1,
			max: 4,
		},
	},
};

Also, you can use msw to mock API requests in the storybook. Creating a MyComponent.stories.msw.ts file to define the mock handlers.

import { HttpResponse, http } from 'msw';
export const handlers = [
	http.post('/api/notes/timeline', ({ request }) => {
		return HttpResponse.json([]);
	}),
];

Don't forget to re-run the .storybook/generate.js script after adding, editing, or removing the above files.

Nest

Nest Service Circular dependency / Nestでサービスの循環参照でエラーが起きた場合

forwardRef

まずは簡単にforwardRefを試してみる

export class FooService {
	constructor(
		@Inject(forwardRef(() => BarService))
		private barService: BarService
	) {
	}
}

OnModuleInit

できなければOnModuleInitを使う

import { Injectable, OnModuleInit } from '@nestjs/common';
import { ModuleRef } from '@nestjs/core';
import { BarService } from '@/core/BarService';

@Injectable()
export class FooService implements OnModuleInit {
	private barService: BarService // constructorから移動してくる

	constructor(
		private moduleRef: ModuleRef,
	) {
	}

	async onModuleInit() {
		this.barService = this.moduleRef.get(BarService.name);
	}

	public async niceMethod() {
		return await this.barService.incredibleMethod({ hoge: 'fuga' });
	}
}
Service Unit Test

テストでonModuleInitを呼び出す必要がある

// import ...

describe('test', () => {
	let app: TestingModule;
	let fooService: FooService; // for test case
	let barService: BarService; // for test case

	beforeEach(async () => {
		app = await Test.createTestingModule({
			imports: ...,
			providers: [
				FooService,
				{ // mockする (mockは必須ではないかもしれない)
					provide: BarService,
					useFactory: () => ({
						incredibleMethod: jest.fn(),
					}),
				},
				{ // Provideにする
					provide: BarService.name,
					useExisting: BarService,
				},
			],
		})
			.useMocker(...
			.compile();
	
		fooService = app.get<FooService>(FooService);
		barService = app.get<BarService>(BarService) as jest.Mocked<BarService>;

		// onModuleInitを実行する
		await fooService.onModuleInit();
	});

	test('nice', () => {
		await fooService.niceMethod();

		expect(barService.incredibleMethod).toHaveBeenCalled();
		expect(barService.incredibleMethod.mock.lastCall![0])
			.toEqual({ hoge: 'fuga' });
	});
})

Notes

Misskeyのドメイン固有の概念はMiをprefixする

例えばGoogleが自社サービスをMap、Earth、DriveではなくGoogle Map、Google Earth、Google Driveのように命名するのと同じ コード上でMisskeyのドメイン固有の概念にはMiをprefixすることで、他のドメインの同様の概念と区別できるほか、名前の衝突を防ぐ。 ただし、文脈上Misskeyのものを指すことが明らかであり、名前の衝突の恐れがない場合は、一時的なローカル変数に限ってMiを省略してもよい。

How to resolve conflictions occurred at pnpm-lock.yaml?

Just execute pnpm to fix it.

INSERTするときにはsaveではなくinsertを使用する

#6441

placeholder

SQLをクエリビルダで組み立てる際、使用するプレースホルダは重複してはならない 例えば

query.andWhere(new Brackets(qb => {
	for (const type of ps.fileType) {
		qb.orWhere(`:type = ANY(note.attachedFileTypes)`, { type: type });
	}
}));

と書くと、ループ中でtypeというプレースホルダが複数回使われてしまいおかしくなる だから次のようにする必要がある

query.andWhere(new Brackets(qb => {
	for (const type of ps.fileType) {
		const i = ps.fileType.indexOf(type);
		qb.orWhere(`:type${i} = ANY(note.attachedFileTypes)`, { [`type${i}`]: type });
	}
}));

Not null in TypeORM

const foo = await Foos.findOne({
	bar: Not(null)
});

のようなクエリ(barnullではない)は期待通りに動作しない。 次のようにします:

const foo = await Foos.findOne({
	bar: Not(IsNull())
});

null in SQL

SQLを発行する際、パラメータがnullになる可能性のある場合はSQL文を出し分けなければならない 例えば

query.where('file.folderId = :folderId', { folderId: ps.folderId });

という処理で、ps.folderIdnullだと結果的にfile.folderId = nullのようなクエリが発行されてしまい、これは正しいSQLではないので期待した結果が得られない だから次のようにする必要がある

if (ps.folderId) {
	query.where('file.folderId = :folderId', { folderId: ps.folderId });
} else {
	query.where('file.folderId IS NULL');
}

[] in SQL

SQLを発行する際、INのパラメータが[](空の配列)になる可能性のある場合はSQL文を出し分けなければならない 例えば

const users = await Users.find({
	id: In(userIds)
});

という処理で、userIds[]だと結果的にuser.id IN ()のようなクエリが発行されてしまい、これは正しいSQLではないので期待した結果が得られない だから次のようにする必要がある

const users = userIds.length > 0 ? await Users.find({
	id: In(userIds)
}) : [];

配列のインデックス in SQL

SQLでは配列のインデックスは1始まり[a, b, c]aにアクセスしたいなら[0]ではなく[1]と書く

null IN

nullが含まれる可能性のあるカラムにINするときは、そのままだとおかしくなるのでORなどでnullのハンドリングをしよう。

enumの削除は気をつける

enumの列挙の内容の削除は、その値をもつレコードを全て削除しないといけない

削除が重たかったり不可能だったりする場合は、削除しないでおく

Migration作成方法

packages/backendで:

pnpm dlx typeorm migration:generate -d ormconfig.js -o <migration name>
  • 生成後、ファイルをmigration下に移してください
  • 作成されたスクリプトは不必要な変更を含むため除去してください

JSON SchemaのobjectでanyOfを使うとき

JSON Schemaで、objectに対してanyOfを使う場合、anyOfの中でpropertiesを定義しないこと。
バリデーションが効かないため。SchemaTypeもそのように作られており、objectのanyOf内のpropertiesは捨てられます
https://github.com/misskey-dev/misskey/pull/10082

テキストhogeおよびfugaについて、片方を必須としつつ両方の指定もありうる場合:

export const paramDef = {
	type: 'object',
	properties: {
		hoge: { type: 'string', minLength: 1 },
		fuga: { type: 'string', minLength: 1 },
	},
	anyOf: [
		{ required: ['hoge'] },
		{ required: ['fuga'] },
	],
} as const;

コネクションにはmarkRawせよ

Vueのコンポーネントのdataオプションとしてmisskey.jsのコネクションを設定するとき、必ずmarkRawでラップしてください。インスタンスが不必要にリアクティブ化されることで、misskey.js内の処理で不具合が発生するとともに、パフォーマンス上の問題にも繋がる。なお、Composition APIを使う場合はこの限りではない(リアクティブ化はマニュアルなため)。

JSONのimportに気を付けよう

TypeScriptでjsonをimportすると、tscでコンパイルするときにそのjsonファイルも一緒にdistディレクトリに吐き出されてしまう。この挙動により、意図せずファイルの書き換えが発生することがあるので、jsonをimportするときは書き換えられても良いものかどうか確認すること。書き換えされて欲しくない場合は、importで読み込むのではなく、fs.readFileSyncなどの関数を使って読み込むようにすればよい。

コンポーネントのスタイル定義でmarginを持たせない

コンポーネント自身がmarginを設定するのは問題の元となることはよく知られている marginはそのコンポーネントを使う側が設定する

その他

HTMLのクラス名で follow という単語は使わない

広告ブロッカーで誤ってブロックされる

indexというファイル名を使うな

ESMではディレクトリインポートは廃止されているのと、ディレクトリインポートせずともファイル名が index だと何故か一部のライブラリ?でディレクトリインポートだと見做されてエラーになる