We have just released version 2024.3.3 we recommend updating sharkey as it includes a security fix
changes of the update: - a security fix for a defect in the validation of JSON-LD signatures that could lead to account takeover - non-ascii characters are now allowed in custom emoji names (please don't go too wild, other instances may not recognise the names) - UI language is now saved and restored in "preferences backup" - embedding a CW-ed note on other sites now only shows the CW, not the whole note - various imports, and the generation of movie thumbnails, are once again working - ranged requests to proxied files are now correctly handled (should improve video playback on iOS) - the modtracker player is now loaded on-demand, so the frontend loads faster - floating UI windows now render custom emojis in the titlebar - the "word mute" feature now includes poll choices and image alt-texts - custom emoji should look better in admin panel - un-pinning emojis from the selector pop-up works better - editing a note to add/remove an attachment, or the edit alt-text, works properly now - instance description and server rules can now contain more HTML (images, centered text, details/summary, styled links) - clearing cached files from drive should be more reliable - all paginated views (e.g. timelines, various admin pages) should be more stable and not randomly drop items
⚠️IMPORTANT SECURITY UPDATE, PLEASE BOOST THIS POST⚠️
Please update your Sharkey to version 2024.3.2, there has been some security fixes to ensure validation of remote users and activities
this is a minor release mostly just for the security fixes
changes of this release: - prohibited words are now correctly checked when creating notes - notes with CW are no longer shown on the welcome page for non-logged-in users - database migrations should no longer timeout - docker image improvements - important security fixes
Important Note for Users that do NOT use S3 and that USE Docker
There have been some improvements made to the Docker images that should fix some issues with that the container now runs as a seperate Sharkey user with id 991:991 so its required to change ownership of the files directory to do that run the following in the directory where your docker-compose.yml file is# replace web with what ever you named the sharkey service if you changed the default docker compose file
docker compose exec --user=root web chown -R sharkey:sharkey /sharkey/files Important Note for everyone please update immediately there is a scheduled downtime on April 6th during that time the Sharkey docker images and repo might be unavailable for more than 2 hours
Alright, I've been thinking. When life gives you Misskey, don't make a Misskey Fork - make life take the Misskey back! Get mad! I don't want your damn Misskey, what am I supposed to do with that? Demand to see life's manager. Make life rue the day it thought it could give Fedi Misskey. Do you know who I am? I'm the Network that's gonna burn your house down! With Misskey. I'm going to to get my engineers to invent combustible Misskey that burns your house down.
It's been a long while since the last release, but alas here we are with another Release after 2 Months of waiting.
This release includes a lot of bug fixes, and not many big features unlike the last release.
Changes in this Release: - fixed lines connecting replies - added a hover effect to replies in the detailed view - if a direct link to a note in a long thread is opened a highlight will show which post is being linked to - added download buttons for audio and video attachments - added ability to select tossface emoji - added oneko, the cute cat that follows your mouse pointer - added a warning that will show up if you try to post images without alt text (this can be turned off) - when searching for emoji, the closest match is shown first - added ability to disable notifications from achievements - the AiScript "scratchpad" shows line numbers in the editor and in error messages - added ability for admins to set an URL for donations - for translations, DeepLX-JS is supported in addition to regular DeepL - blocked / silenced / suspended instances will not be listed to non-logged-in users, this makes it harder to target your instance for harassment based on who you block - added a notification for when someone edits a post you have been tagged in - made several improvements to the Mod player that should make it faster - fixed the bug that would cause Sharkey to not work on older IOS devices / Safari version - alot of fixes have been made to muting and blocking - signToActivityPubGet now defaults to true even if not set in the config - import from twitter decodes < etc - reworked the boost visibility selector (only shows values that you can use, "local" is a separate switch) - import from mastodon keeps alt text - expandAllCws also expands all long posts on first click
in addition all the new features and bug fixes from the latest Misskey releases til 2024.3.1 have also been added.
Important Note for Users that have migrated from FireFish
Misskey has brought back Reversii, but firefish has dropped related tables, you will have to recreate those tables, please use "BEGIN;" before running any of these, so if anything goes wrong your database doesn't end up in a broken state-- Misskey used to have a Reversi game, Firefish dropped the tables,
-- now Misskey uses them again
CREATE TABLE "reversi_game" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "startedAt" TIMESTAMP WITH TIME ZONE, "user1Id" character varying(32) NOT NULL, "user2Id" character varying(32) NOT NULL, "user1Accepted" boolean NOT NULL DEFAULT false, "user2Accepted" boolean NOT NULL DEFAULT false, "black" integer, "isStarted" boolean NOT NULL DEFAULT false, "isEnded" boolean NOT NULL DEFAULT false, "winnerId" character varying(32), "surrendered" character varying(32), "logs" jsonb NOT NULL DEFAULT '[]', "map" character varying(64) array NOT NULL, "bw" character varying(32) NOT NULL, "isLlotheo" boolean NOT NULL DEFAULT false, "canPutEverywhere" boolean NOT NULL DEFAULT false, "loopedBoard" boolean NOT NULL DEFAULT false, "form1" jsonb DEFAULT null, "form2" jsonb DEFAULT null, "crc32" character varying(32), CONSTRAINT "PK_76b30eeba71b1193ad7c5311c3f" PRIMARY KEY ("id"));
CREATE INDEX "IDX_b46ec40746efceac604142be1c" ON "reversi_game" ("createdAt");
CREATE TABLE "reversi_matching" ("id" character varying(32) NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL, "parentId" character varying(32) NOT NULL, "childId" character varying(32) NOT NULL, CONSTRAINT "PK_880bd0afbab232f21c8b9d146cf" PRIMARY KEY ("id"));
CREATE INDEX "IDX_b604d92d6c7aec38627f6eaf16" ON "reversi_matching" ("createdAt");
CREATE INDEX "IDX_3b25402709dd9882048c2bbade" ON "reversi_matching" ("parentId");
CREATE INDEX "IDX_e247b23a3c9b45f89ec1299d06" ON "reversi_matching" ("childId");
EDIT: side note we are currently doing a fundraiser for buying server hardware for Sharkey and our instances, it would help alot if you could donate (referee to https://transfem.social/notes/9q4cf231u9w700o5 for more info)
Explaining Rumors about Sharkey, circulating right now.
for those that are to lazy to read the entire thing. here is a TLDR:
yes, the lead dev marie has quit fedi as a whole but this shouldn't affect the project, as we have active contributors, and the other Project Lead @Amelia@transfem.social is still fully involved in the project.
Long Explanation:
Due to the recent drama sounding TransFem.social and the other dramas before it, marie former lead dev, has decided to quit fedi as a whole this includes leaving the Sharkey Project but she will stay and help out till the next release which is upcoming soon, after that @Amelia@transfem.social (Project Lead) and the other sharkey contributors will continue sharkey as usual, we have spent alot of time over the last month expanding the dev team behind sharkey and inviting more contributors, so the project is not dead, nor at risk of dying and will be developed as usual in the foreseeable future
PS: @Amelia@transfem.social is very dedicated towards the Sharkey Project, and has been in charge of managing the project and the servers / accounts since the beginning.
The increased spam bots have show that misskey instances lack moderation tools to deal with massive spam campaigns, we will be looking into improving instance moderation tools in #sharkey, to maybe get them as powerful as Akkoma MRF or atleast close
Everyone watch out, the spam bot situation has evolved, the bad actors are now actively engaging in doxxing people and using the info the send prank emails to business, and to send bomb threats to public institutions.
Note: is is mainly happening in japan, and law enforcement is already involved
Currently we are doing some reorganization of how sharkey development is done:
this includes but is not limited to:
1. Making all future dev discussions channels public, for increased transparency and community involvement 2. adding a new voting system, which will also be public, developers need to vote on new features before any major changes can be made, the vote needs to have a majority to pass, each member of the dev team can block a vote with valid reasoning, such as the feature increasing merging effort resulting in keeping up with misskey changes being hard 3. logging of inactivity of team members 4. Merge requests now require the approval of at least 2 devs, with a dev having the ability to block a merge request, if its a major feature it also requires a vote 5. new team members can now be voted in 6. Project Leads can no be elected in-case they go inactive or leave the team 7. Project Lead can be force fully replaced by a vote, in case a Project Lead, goes inactive for a while without any notice or they do something harmful to the project on purpose 8. a merge request can be merged without approval in emergency cases should an exploit happen that requires quick action, and non of the other team members are available a dev can merge security fixes without approval, this is only for upmost emergencys and should not happen
Other changes that will be done: - reworking the contributing.md to be in english and have good instructions - setting up crowdin for translations - inviting more active contributors
Note: this is not final yet some things may change
@puniko@mk.absturztau.be@esm@wetdry.world by replying to my post you have just agreed to be part of the testimonial on the new sharkey site /joke (there won't even be testimonials lol)
The FireFish.Social and joinfirefish.org servers are completly down and don't even respond to pings anymore, this means #firefish is officially dead, the servers no longer run, the git server still runs but seems to be run by a different person than kainoa
We're sad to see firefish go down like this, and we're especially sad about all the users who's data is now gone due to both major instances going down
while this is a major blow to a lot of people, please don't start harassing any one that was involved in the firefish project harassing people isn't going to help, we should see firefish as something to learn from to see what went wrong and prevent something like that happening in the future
and a note be added, Sharkey is not a firefish fork, and does not intent feature parity with it, Sharkey is a misskey softfork its supposed to update with misskey, unlike other fork we will not do big actions like rewrites
Sharkey is an Misskey fork following upstream changes when possible, with added features!It has features such as:* Federated Post editing* MastodonAPI* UI Improvements* Federated Profile Backgrounds* Federated Music Status via ListenbrainzIt is possible to migrate to Sharkey from:* FireFish (Pre ScyllaDB migration)* IceShrimp* MisskeyFollow the Devs:@Marie@transfem.social@Amelia@transfem.social#Sharkey #FOSS #OpenSource #Docker #Misskey #Fediverse