giersig.eu/indiekit-server
1
0
Fork 0
Code Issues Actions Packages Projects Releases Activity

chore(patches): remove patches now fixed in forks

Browse Source 
Fixes implemented upstream in svemagie/indiekit-endpoint-activitypub
and svemagie/indiekit-endpoint-microsub; postinstall patches no longer
needed:

- patch-microsub-feed-discovery (HTML <link> discovery in fetcher.js)
- patch-inbox-skip-view-activity-parse (PeerTube View buffering in federation-bridge.js)
- patch-ap-inbox-raw-body-digest (raw body preservation for HTTP Signature Digest)
- patch-ap-object-url-trailing-slash (trailing slash $in fix in federation-setup.js)
- patch-ap-signature-time-window (12h signatureTimeWindow in federation-setup.js)
- patch-inbox-ignore-view-activity (View no-op handler in inbox-listeners.js)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sven
2026-03-16 12:19:18 +01:00
parent dac2411a08
commit e52e98c5c5
7 changed files with 2 additions and 748 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package.json
View File

@@ -4,8 +4,8 @@
"description": "",
"main": "index.js",
"scripts": {
"postinstall": "xattr -w com.apple.fileprovider.ignore#P 1 node_modules 2>/dev/null || true && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-microsub-feed-discovery.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-inbox-ignore-view-activity.mjs && node scripts/patch-inbox-skip-view-activity-parse.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-inbox-raw-body-digest.mjs && node scripts/patch-ap-object-url-trailing-slash.mjs && node scripts/patch-ap-signature-time-window.mjs && node scripts/patch-ap-allow-private-address.mjs",
"serve":"export NODE_ENV=${NODE_ENV:-production} INDIEKIT_DEBUG=${INDIEKIT_DEBUG:-0} && node scripts/preflight-production-security.mjs && node scripts/preflight-mongo-connection.mjs && node scripts/preflight-activitypub-rsa-key.mjs && node scripts/preflight-activitypub-profile-urls.mjs && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-microsub-reader-ap-dispatch.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-microsub-feed-discovery.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-inbox-raw-body-digest.mjs && node scripts/patch-ap-object-url-trailing-slash.mjs && node scripts/patch-ap-signature-time-window.mjs && node scripts/patch-ap-allow-private-address.mjs && node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs",
"postinstall": "xattr -w com.apple.fileprovider.ignore#P 1 node_modules 2>/dev/null || true && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-allow-private-address.mjs",
"serve":"export NODE_ENV=${NODE_ENV:-production} INDIEKIT_DEBUG=${INDIEKIT_DEBUG:-0} && node scripts/preflight-production-security.mjs && node scripts/preflight-mongo-connection.mjs && node scripts/preflight-activitypub-rsa-key.mjs && node scripts/preflight-activitypub-profile-urls.mjs && node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node scripts/patch-endpoint-media-sharp-runtime.mjs && node scripts/patch-frontend-sharp-runtime.mjs && node scripts/patch-endpoint-files-upload-route.mjs && node scripts/patch-endpoint-files-upload-locales.mjs && node scripts/patch-endpoint-activitypub-locales.mjs && node scripts/patch-endpoint-homepage-locales.mjs && node scripts/patch-endpoint-homepage-identity-defaults.mjs && node scripts/patch-federation-unlisted-guards.mjs && node scripts/patch-endpoint-micropub-where-note-visibility.mjs && node scripts/patch-endpoint-posts-ai-fields.mjs && node scripts/patch-endpoint-posts-ai-cleanup.mjs && node scripts/patch-endpoint-podroll-opml-upload.mjs && node scripts/patch-preset-eleventy-ai-frontmatter.mjs && node scripts/patch-micropub-ai-block-resync.mjs && node scripts/patch-frontend-serviceworker-file.mjs && node scripts/patch-endpoint-comments-locales.mjs && node scripts/patch-endpoint-posts-locales.mjs && node scripts/patch-endpoint-conversations-locales.mjs && node scripts/patch-conversations-collection-guards.mjs && node scripts/patch-indiekit-routes-rate-limits.mjs && node scripts/patch-indiekit-error-production-stack.mjs && node scripts/patch-indieauth-devmode-guard.mjs && node scripts/patch-listening-endpoint-runtime-guards.mjs && node scripts/patch-endpoint-github-changelog-categories.mjs && node scripts/patch-microsub-reader-ap-dispatch.mjs && node scripts/patch-endpoint-blogroll-feeds-alias.mjs && node scripts/patch-endpoint-posts-uid-lookup.mjs && node scripts/patch-endpoint-posts-prefill-url.mjs && node scripts/patch-conversations-bluesky-self-filter.mjs && node scripts/patch-conversations-bluesky-cursor-fix.mjs && node scripts/patch-endpoint-micropub-source-filter.mjs && node scripts/patch-endpoint-posts-search-tags.mjs && node scripts/patch-syndicate-force-checked-default.mjs && node scripts/patch-ap-url-lookup-api.mjs && node scripts/patch-ap-allow-private-address.mjs && node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs",
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],

123
scripts/patch-ap-inbox-raw-body-digest.mjs
View File

@@ -1,123 +0,0 @@
/**
* Patch: preserve raw body bytes through the AP inbox buffer guard so that
* Fedify's HTTP Signature Digest verification passes.
*
* Root cause:
* patch-inbox-skip-view-activity-parse.mjs buffers the request body for
* application/activity+json requests (needed to detect PeerTube View
* activities before Fedify parses them). It stores the parsed JSON in
* req.body. fromExpressRequest() then reconstructs the body for Fedify via
* JSON.stringify(req.body).
*
* Fedify 2.x verifies the HTTP Signature "Digest: SHA-256=..." header that
* Mastodon (and most other AP servers) include with every inbox POST.
* The digest is computed over the EXACT original request bytes. Re-encoding
* the body via JSON.stringify() produces different bytes (different key
* ordering, whitespace, Unicode escaping), so the digest check fails and
* Fedify silently rejects every inbound Like, Announce, and Create activity
* from Mastodon. The activity never reaches the inbox handlers and is never
* stored in ap_activities — so conversations/AP shows zero interactions.
*
* Fix (two changes to federation-bridge.js):
*
* 1. In createFedifyMiddleware buffer guard: after the for-await loop, store
* the original Buffer in req._rawBody before JSON-parsing it into req.body.
*
* 2. In fromExpressRequest: when req._rawBody is available, pass it directly
* to new Request() instead of JSON.stringify(req.body). This gives Fedify
* the original bytes so its SHA-256 digest check matches the Digest header.
*/
import { access, readFile, writeFile } from "node:fs/promises";
const candidates = [
"node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js",
];
const MARKER = "// raw body digest fix";
const patchSpecs = [
// Patch A: store raw bytes in req._rawBody alongside req.body
{
name: "raw-body-store",
oldSnippet: ` try {
req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8"));
} catch {
req.body = {};
}`,
newSnippet: ` const _raw = Buffer.concat(_chunks); // raw body digest fix
req._rawBody = _raw; // Preserve original bytes for Fedify HTTP Signature Digest verification
try {
req.body = JSON.parse(_raw.toString("utf8"));
} catch {
req.body = {};
}`,
},
// Patch B: use req._rawBody in fromExpressRequest when available
{
name: "from-express-request-use-raw-body",
oldSnippet: ` // PeerTube activity+json body fix
if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) {
body = JSON.stringify(req.body);
}`,
newSnippet: ` // PeerTube activity+json body fix
if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) {
// Use original raw bytes when available (set by createFedifyMiddleware buffer guard).
// JSON.stringify() changes byte layout, breaking Fedify's HTTP Signature Digest check.
body = req._rawBody || JSON.stringify(req.body); // raw body digest fix
}`,
},
];
async function exists(filePath) {
try {
await access(filePath);
return true;
} catch {
return false;
}
}
let checked = 0;
let patched = 0;
for (const filePath of candidates) {
if (!(await exists(filePath))) {
continue;
}
checked += 1;
let source = await readFile(filePath, "utf8");
if (source.includes(MARKER)) {
continue;
}
let filePatched = false;
for (const spec of patchSpecs) {
if (!source.includes(spec.oldSnippet)) {
console.log(`[postinstall] patch-ap-inbox-raw-body-digest: ${spec.name} snippet not found in ${filePath}`);
continue;
}
source = source.replace(spec.oldSnippet, spec.newSnippet);
filePatched = true;
console.log(`[postinstall] Applied ${spec.name} to ${filePath}`);
}
if (filePatched) {
await writeFile(filePath, source, "utf8");
patched += 1;
}
}
if (checked === 0) {
console.log("[postinstall] patch-ap-inbox-raw-body-digest: no target files found");
} else if (patched === 0) {
console.log("[postinstall] patch-ap-inbox-raw-body-digest: already up to date");
} else {
console.log(`[postinstall] patch-ap-inbox-raw-body-digest: patched ${patched}/${checked} file(s)`);
}

81
scripts/patch-ap-object-url-trailing-slash.mjs
View File

@@ -1,81 +0,0 @@
/**
* Patch: make the Fedify object dispatcher's post lookup tolerate trailing-slash
* differences between the AP object URL and the stored post URL.
*
* Root cause:
* setupObjectDispatchers resolvePost() builds postUrl from the {+id} template
* variable (e.g. "replies/bd78a") and does an exact findOne() match against
* posts.properties.url. Posts in MongoDB are stored with a trailing slash
* ("https://blog.giersig.eu/replies/bd78a/"), but the AP object URL returned
* by the /api/ap-url lookup endpoint has no trailing slash. The exact match
* fails → Fedify returns 404 → remote instance shows "Could not connect".
*
* Fix:
* Replace the single-value findOne() with a $in query that tries both the
* bare URL and the URL with a trailing slash appended.
*/
import { access, readFile, writeFile } from "node:fs/promises";
const candidates = [
"node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js",
];
const MARKER = "// trailing-slash url fix";
const OLD_SNIPPET = ` const postUrl = \`\${publicationUrl.replace(/\\/$/, "")}/\${id}\`;
const post = await collections.posts.findOne({ "properties.url": postUrl });`;
const NEW_SNIPPET = ` const postUrl = \`\${publicationUrl.replace(/\\/$/, "")}/\${id}\`; // trailing-slash url fix
const post = await collections.posts.findOne({
"properties.url": { $in: [postUrl, postUrl + "/"] },
});`;
async function exists(filePath) {
try {
await access(filePath);
return true;
} catch {
return false;
}
}
let checked = 0;
let patched = 0;
for (const filePath of candidates) {
if (!(await exists(filePath))) {
continue;
}
checked += 1;
const source = await readFile(filePath, "utf8");
if (source.includes(MARKER)) {
continue;
}
if (!source.includes(OLD_SNIPPET)) {
console.log(`[postinstall] patch-ap-object-url-trailing-slash: snippet not found in ${filePath}`);
continue;
}
const updated = source.replace(OLD_SNIPPET, NEW_SNIPPET);
if (updated === source) {
continue;
}
await writeFile(filePath, updated, "utf8");
patched += 1;
console.log(`[postinstall] Applied patch-ap-object-url-trailing-slash to ${filePath}`);
}
if (checked === 0) {
console.log("[postinstall] patch-ap-object-url-trailing-slash: no target files found");
} else if (patched === 0) {
console.log("[postinstall] patch-ap-object-url-trailing-slash: already up to date");
} else {
console.log(`[postinstall] patch-ap-object-url-trailing-slash: patched ${patched}/${checked} file(s)`);
}

90
scripts/patch-ap-signature-time-window.mjs
View File

@@ -1,90 +0,0 @@
/**
* Patch: extend Fedify's HTTP Signature time window from 1 hour to 12 hours.
*
* Root cause:
* Mastodon retries failed inbox deliveries with the SAME original HTTP
* Signature. Before the raw-body digest fix, every Mastodon delivery was
* being rejected (Digest mismatch), so Mastodon queued them all for retry.
* Once the digest fix is applied and the server restarts, those retried
* deliveries arrive with signatures that are now > 1 hour old. Fedify's
* default signatureTimeWindow of { hours: 1 } rejects them with
* "Date is too far in the past", logged as "Failed to verify the request's
* HTTP Signatures." at ERROR level.
*
* Fix:
* Pass signatureTimeWindow: { hours: 12 } to createFederation so that
* retried Mastodon deliveries (which can arrive hours later) are still
* accepted. The signature must still be cryptographically valid — extending
* the window only avoids replay-window false positives.
*/
import { access, readFile, writeFile } from "node:fs/promises";
const candidates = [
"node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-setup.js",
];
const MARKER = "// signature time window fix";
const OLD_SNIPPET = ` const federation = createFederation({
kv,
queue,
});`;
const NEW_SNIPPET = ` const federation = createFederation({
kv,
queue,
// Accept signatures up to 12 h old. // signature time window fix
// Mastodon retries failed deliveries with the original signature, which
// can be hours old by the time the delivery succeeds.
signatureTimeWindow: { hours: 12 },
});`;
async function exists(filePath) {
try {
await access(filePath);
return true;
} catch {
return false;
}
}
let checked = 0;
let patched = 0;
for (const filePath of candidates) {
if (!(await exists(filePath))) {
continue;
}
checked += 1;
const source = await readFile(filePath, "utf8");
if (source.includes(MARKER)) {
continue;
}
if (!source.includes(OLD_SNIPPET)) {
console.log(`[postinstall] patch-ap-signature-time-window: snippet not found in ${filePath}`);
continue;
}
const updated = source.replace(OLD_SNIPPET, NEW_SNIPPET);
if (updated === source) {
continue;
}
await writeFile(filePath, updated, "utf8");
patched += 1;
console.log(`[postinstall] Applied patch-ap-signature-time-window to ${filePath}`);
}
if (checked === 0) {
console.log("[postinstall] patch-ap-signature-time-window: no target files found");
} else if (patched === 0) {
console.log("[postinstall] patch-ap-signature-time-window: already up to date");
} else {
console.log(`[postinstall] patch-ap-signature-time-window: patched ${patched}/${checked} file(s)`);
}

113
scripts/patch-inbox-ignore-view-activity.mjs
View File

@@ -1,113 +0,0 @@
/**
* Patch: silently ignore PeerTube View (WatchAction) activities in the inbox.
*
* PeerTube broadcasts a non-standard ActivityStreams `View` activity to all
* followers whenever someone watches a video. Fedify has no built-in handler
* registered for this type, which causes a noisy
* "Unsupported activity type" error in the federation inbox log on every view.
*
* Fix: register a no-op `.on(View, ...)` handler at the end of the inbox
* listener chain so Fedify accepts and silently discards these activities
* instead of logging them as errors.
*/
import { access, readFile, writeFile } from "node:fs/promises";
const candidates = [
"node_modules/@rmdes/indiekit-endpoint-activitypub/lib/inbox-listeners.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/inbox-listeners.js",
];
const patchSpecs = [
{
name: "inbox-ignore-view-activity-import",
marker: "// View imported",
oldSnippet: ` Undo,
Update,
} from "@fedify/fedify/vocab";`,
newSnippet: ` Undo,
Update,
View, // View imported
} from "@fedify/fedify/vocab";`,
},
{
name: "inbox-ignore-view-activity-handler",
marker: "// PeerTube View handler",
oldSnippet: ` console.info(\`[ActivityPub] Flag received from \${reporterName} — \${reportedIds.length} objects reported\`);
} catch (error) {
console.warn("[ActivityPub] Flag handler error:", error.message);
}
});
}`,
newSnippet: ` console.info(\`[ActivityPub] Flag received from \${reporterName} — \${reportedIds.length} objects reported\`);
} catch (error) {
console.warn("[ActivityPub] Flag handler error:", error.message);
}
})
// ── View (PeerTube watch) ─────────────────────────────────────────────
// PeerTube broadcasts View (WatchAction) activities to all followers
// whenever someone watches a video. Fedify has no built-in handler for
// this type, producing noisy "Unsupported activity type" log errors.
// Silently accept and discard. // PeerTube View handler
.on(View, async () => {});
}`,
},
];
async function exists(filePath) {
try {
await access(filePath);
return true;
} catch {
return false;
}
}
const checkedFiles = new Set();
const patchedFiles = new Set();
for (const spec of patchSpecs) {
let foundAnyTarget = false;
for (const filePath of candidates) {
if (!(await exists(filePath))) {
continue;
}
foundAnyTarget = true;
checkedFiles.add(filePath);
const source = await readFile(filePath, "utf8");
if (spec.marker && source.includes(spec.marker)) {
continue;
}
if (!source.includes(spec.oldSnippet)) {
continue;
}
const updated = source.replace(spec.oldSnippet, spec.newSnippet);
if (updated === source) {
continue;
}
await writeFile(filePath, updated, "utf8");
patchedFiles.add(filePath);
}
if (!foundAnyTarget) {
console.log(`[postinstall] ${spec.name}: no target files found`);
}
}
if (checkedFiles.size === 0) {
console.log("[postinstall] No inbox-listeners files found for View activity patch");
} else if (patchedFiles.size === 0) {
console.log("[postinstall] inbox-ignore-view-activity patches already applied");
} else {
console.log(
`[postinstall] Patched inbox-ignore-view-activity in ${patchedFiles.size}/${checkedFiles.size} file(s)`,
);
}

190
scripts/patch-inbox-skip-view-activity-parse.mjs
View File

@@ -1,190 +0,0 @@
/**
* Patch: skip PeerTube View (WatchAction) activities before Fedify parses them.
*
* PeerTube's View activities embed Schema.org extensions such as
* `InteractionCounter` that Fedify's JSON-LD deserializer doesn't recognise.
* This causes a hard "Failed to parse activity" error *before* any inbox
* listener is reached, so the .on(View, ...) no-op handler added earlier
* never fires.
*
* Root cause of the previous (broken) patch: Express's JSON body parser only
* handles `application/json`, not `application/activity+json`. So `req.body`
* is always undefined for ActivityPub inbox POSTs, meaning the check
* `req.body?.type === "View"` never matched and Fedify still received the raw
* stream.
*
* Fix (two changes to federation-bridge.js):
*
* 1. In createFedifyMiddleware: for ActivityPub POST requests where the body
* hasn't been parsed yet, buffer the raw stream, JSON-parse it, and store
* the result on req.body before the guard runs. Then check type === "View"
* and return 200 if so (preventing retries from the sender).
*
* 2. In fromExpressRequest: extend the content-type check to also handle
* `application/activity+json` and `application/ld+json` bodies (i.e. use
* JSON.stringify(req.body) to reconstruct the stream), so that non-View
* ActivityPub activities are forwarded correctly to Fedify.
*/
import { access, readFile, writeFile } from "node:fs/promises";
const candidates = [
"node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-activitypub/lib/federation-bridge.js",
];
const patchSpecs = [
// --- Patch 1: extend fromExpressRequest to handle activity+json bodies ---
{
name: "from-express-request-activity-json-fix",
marker: "// PeerTube activity+json body fix",
oldSnippet: ` if (ct.includes("application/json")) {
body = JSON.stringify(req.body);
} else if (ct.includes("application/x-www-form-urlencoded")) {`,
newSnippet: ` // PeerTube activity+json body fix
if (ct.includes("application/json") || ct.includes("activity+json") || ct.includes("ld+json")) {
body = JSON.stringify(req.body);
} else if (ct.includes("application/x-www-form-urlencoded")) {`,
},
// --- Patch 2a: replace the old (broken) v1 guard with the buffering v2 guard ---
// Handles the case where the previous version of this script was already run.
{
name: "inbox-skip-view-activity-parse-v2",
marker: "// PeerTube View parse skip v2",
oldSnippet: ` // Short-circuit PeerTube View (WatchAction) activities before Fedify
// attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's
// Schema.org extensions (e.g. InteractionCounter), causing a
// "Failed to parse activity" error. Return 200 to prevent retries.
// PeerTube View parse skip
if (req.method === "POST" && req.body?.type === "View") {
return res.status(200).end();
}
const request = fromExpressRequest(req);`,
newSnippet: ` // Short-circuit PeerTube View (WatchAction) activities before Fedify
// attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's
// Schema.org extensions (e.g. InteractionCounter), causing a
// "Failed to parse activity" error. Return 200 to prevent retries.
// PeerTube View parse skip v2
const _apct = req.headers["content-type"] || "";
if (
req.method === "POST" &&
!req.body &&
req.readable &&
(_apct.includes("activity+json") || _apct.includes("ld+json"))
) {
// Express doesn't parse application/activity+json, so buffer it ourselves.
const _chunks = [];
for await (const _chunk of req) {
_chunks.push(Buffer.isBuffer(_chunk) ? _chunk : Buffer.from(_chunk));
}
try {
req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8"));
} catch {
req.body = {};
}
}
if (req.method === "POST" && req.body?.type === "View") {
return res.status(200).end();
}
const request = fromExpressRequest(req);`,
},
// --- Patch 2b: apply the buffering v2 guard on a fresh (unpatched) file ---
// Handles the case where neither v1 nor v2 patch has been applied yet.
{
name: "inbox-skip-view-activity-parse-v2-fresh",
marker: "// PeerTube View parse skip v2",
oldSnippet: ` return async (req, res, next) => {
try {
const request = fromExpressRequest(req);`,
newSnippet: ` return async (req, res, next) => {
try {
// Short-circuit PeerTube View (WatchAction) activities before Fedify
// attempts JSON-LD parsing. Fedify's vocab parser throws on PeerTube's
// Schema.org extensions (e.g. InteractionCounter), causing a
// "Failed to parse activity" error. Return 200 to prevent retries.
// PeerTube View parse skip v2
const _apct = req.headers["content-type"] || "";
if (
req.method === "POST" &&
!req.body &&
req.readable &&
(_apct.includes("activity+json") || _apct.includes("ld+json"))
) {
// Express doesn't parse application/activity+json, so buffer it ourselves.
const _chunks = [];
for await (const _chunk of req) {
_chunks.push(Buffer.isBuffer(_chunk) ? _chunk : Buffer.from(_chunk));
}
try {
req.body = JSON.parse(Buffer.concat(_chunks).toString("utf8"));
} catch {
req.body = {};
}
}
if (req.method === "POST" && req.body?.type === "View") {
return res.status(200).end();
}
const request = fromExpressRequest(req);`,
},
];
async function exists(filePath) {
try {
await access(filePath);
return true;
} catch {
return false;
}
}
const checkedFiles = new Set();
const patchedFiles = new Set();
for (const spec of patchSpecs) {
let foundAnyTarget = false;
for (const filePath of candidates) {
if (!(await exists(filePath))) {
continue;
}
foundAnyTarget = true;
checkedFiles.add(filePath);
const source = await readFile(filePath, "utf8");
if (spec.marker && source.includes(spec.marker)) {
continue;
}
if (!source.includes(spec.oldSnippet)) {
continue;
}
const updated = source.replace(spec.oldSnippet, spec.newSnippet);
if (updated === source) {
continue;
}
await writeFile(filePath, updated, "utf8");
patchedFiles.add(filePath);
console.log(`[postinstall] Applied ${spec.name} to ${filePath}`);
}
if (!foundAnyTarget) {
console.log(`[postinstall] ${spec.name}: no target files found`);
}
}
if (checkedFiles.size === 0) {
console.log("[postinstall] No federation-bridge files found for View activity parse-skip patch");
} else if (patchedFiles.size === 0) {
console.log("[postinstall] inbox-skip-view-activity-parse patch already up to date");
} else {
console.log(
`[postinstall] Patched inbox-skip-view-activity-parse in ${patchedFiles.size}/${checkedFiles.size} file(s)`,
);
}

149
scripts/patch-microsub-feed-discovery.mjs
View File

@@ -1,149 +0,0 @@
/**
* Patch: improve feed discovery in fetchAndParseFeed
*
* Problem: when a bookmarked URL is an HTML page (article, site root, etc.),
* fetchAndParseFeed only tries a fixed list of common paths (/feed, /rss.xml …).
* This misses sites whose feed URL is advertised via a
* <link rel="alternate" type="application/rss+xml" href="…">
* tag in the page <head>. For example, econsoc.mpifg.de, signal.org blog
* pages, and Substack article URLs all work through <link> discovery but
* fail the common-path probe.
*
* Solution: before falling back to tryCommonFeedPaths, call discoverFeeds()
* (which already parses <link rel="alternate"> tags) on the fetched HTML
* content. If it finds a typed RSS/Atom/JSONFeed link, use that URL.
* Only if link-based discovery also fails do we probe common paths.
*/
import { access, readFile, writeFile } from "node:fs/promises";
async function exists(p) {
try {
await access(p);
return true;
} catch {
return false;
}
}
const patchSpecs = [
{
name: "microsub-html-feed-discovery",
marker: "link-based discovery from HTML",
candidates: [
"node_modules/@rmdes/indiekit-endpoint-microsub/lib/feeds/fetcher.js",
"node_modules/@indiekit/indiekit/node_modules/@rmdes/indiekit-endpoint-microsub/lib/feeds/fetcher.js",
],
oldSnippet: ` // If we got ActivityPub or unknown, try common feed paths
if (feedType === "activitypub" || feedType === "unknown") {
const fallbackFeed = await tryCommonFeedPaths(url, options);
if (fallbackFeed) {
// Fetch and parse the discovered feed
const feedResult = await fetchFeed(fallbackFeed.url, options);
if (!feedResult.notModified) {
const fallbackType = detectFeedType(feedResult.content, feedResult.contentType);
const parsed = await parseFeed(feedResult.content, fallbackFeed.url, {
contentType: feedResult.contentType,
});
return {
...feedResult,
...parsed,
feedType: fallbackType,
hub: feedResult.hub || parsed._hub,
discoveredFrom: url,
};
}
}
throw new Error(
\`Unable to find a feed at \${url}. Try the direct feed URL.\`,
);
}`,
newSnippet: ` // If we got ActivityPub or unknown, try link-based discovery then common paths
if (feedType === "activitypub" || feedType === "unknown") {
// 1. link-based discovery from HTML: parse <link rel="alternate" type="application/rss+xml|atom+xml">
let discoveredFeedUrl;
if (result.content) {
const { discoverFeeds } = await import("./hfeed.js");
const discovered = await discoverFeeds(result.content, url);
const rssOrAtom = discovered.find(
(f) => f.type === "rss" || f.type === "atom" || f.type === "jsonfeed",
);
if (rssOrAtom) discoveredFeedUrl = rssOrAtom.url;
}
// 2. Fall back to common feed paths (/feed, /rss.xml, etc.)
const fallbackFeed = discoveredFeedUrl
? { url: discoveredFeedUrl }
: await tryCommonFeedPaths(url, options);
if (fallbackFeed) {
// Fetch and parse the discovered feed
const feedResult = await fetchFeed(fallbackFeed.url, options);
if (!feedResult.notModified) {
const fallbackType = detectFeedType(feedResult.content, feedResult.contentType);
const parsed = await parseFeed(feedResult.content, fallbackFeed.url, {
contentType: feedResult.contentType,
});
return {
...feedResult,
...parsed,
feedType: fallbackType,
hub: feedResult.hub || parsed._hub,
discoveredFrom: url,
};
}
}
throw new Error(
\`Unable to find a feed at \${url}. Try the direct feed URL.\`,
);
}`,
},
];
let filesChecked = 0;
let filesPatched = 0;
for (const spec of patchSpecs) {
let foundAnyTarget = false;
for (const filePath of spec.candidates) {
if (!(await exists(filePath))) {
continue;
}
foundAnyTarget = true;
filesChecked += 1;
const source = await readFile(filePath, "utf8");
if (source.includes(spec.marker)) {
console.log(`[postinstall] ${spec.name}: already patched, skipping`);
continue;
}
if (!source.includes(spec.oldSnippet)) {
console.warn(
`[postinstall] ${spec.name}: target snippet not found in ${filePath} — may have been updated upstream`,
);
continue;
}
const updated = source.replace(spec.oldSnippet, spec.newSnippet);
await writeFile(filePath, updated, "utf8");
filesPatched += 1;
console.log(`[postinstall] ${spec.name}: patched ${filePath}`);
}
if (!foundAnyTarget) {
console.log(`[postinstall] ${spec.name}: no target files found`);
}
}
if (filesChecked === 0) {
console.log("[postinstall] No microsub fetcher files found");
} else if (filesPatched === 0) {
console.log("[postinstall] microsub HTML feed discovery already patched");
} else {
console.log(
`[postinstall] Patched microsub HTML feed discovery in ${filesPatched}/${filesChecked} file(s)`,
);
}