Conversation
Owner
asterixix
commented
Aug 17, 2025
asterixix
commented
- uruchomienie Prettiera do lintingu aby kod lepiej wyglądał i był czytelny,
- Poprawki w UI profili przy urządzeniach mobilnych aby avatary nie były "zjedzone",
- Poprawki w DB connections przy Wydarzeniach i Społecznościach
- Poprawki w wiadomościach
- Notyfikacje already implemented for tests
- Removed unnecessary semicolons and adjusted line breaks for consistency. - Updated toast hook to use concise syntax and improved error handling. - Refactored key manager and message encryption utilities for clarity. - Enhanced media processing logic with better error handling and cleanup. - Added Prettier configuration and ignore files for consistent code style.
- Added a new API route for content moderation using OpenRouter. - Integrated moderation checks in the PostComposer component to handle AI moderation decisions. - Enhanced the ContentModeration component with functions to hide and restore various content types. - Updated the ProfilesModeration component to allow banning and unbanning users with appropriate UI feedback. - Refactored roles management in the RolesAdmin component to use RPC calls for setting roles and badges. - Improved user interface in the ProfilesModeration and SiteFooter components. - Introduced helper functions for building typed arguments for admin RPCs. - Added safety checks for blob URLs in the PostComposer component. - Updated versioning information in the site footer components. - Normalized line endings for source files with .gitattributes.
- Updated RainbowLikeButton component for better code formatting and readability. - Enhanced ReportButton component with improved formatting and structure. - Refactored ScrollBar component for clearer className handling. - Improved Select component structure for better readability. - Cleaned up Separator component for consistent formatting. - Refactored Sheet component for better code organization. - Enhanced Switch component for improved readability. - Refactored Tabs component for clearer structure and formatting. - Improved Textarea component for better readability and structure. - Refactored Tooltip component for consistent formatting. - Updated useAuth hook for improved readability and structure. - Enhanced useMessages hook for better code organization and clarity. - Refactored KeyManager and MessageEncryption classes for improved readability. - Cleaned up Vault functions for better code organization. - Improved chunked-upload and media-processor functions for clearer structure. - Added .editorconfig and .prettierrc for consistent code formatting. - Implemented ResetPasswordRedirect component for handling password reset redirects.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
- Updated the sandbox attribute in PostItem component to allow specific scripts and origins for improved security. - Introduced a new function to validate blob URLs in MediaProcessor, ensuring only valid URLs are processed. - Refactored image processing logic to include cleanup of object URLs and improved error handling for image loading and processing.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR implements code formatting improvements using Prettier linting to enhance code readability and consistency, along with several UI fixes for mobile devices, database connection improvements, message fixes, and initial notifications implementation for testing.
- Applied Prettier formatting throughout the codebase for consistent code style
- Fixed mobile UI issues with avatar display in profiles
- Improved database connections for Events and Communities
- Enhanced message functionality with reactions and link previews
Reviewed Changes
Copilot reviewed 103 out of 122 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| src/lib/utils.ts | Applied Prettier formatting to quote styles |
| src/lib/moderation.ts | New content moderation module with consistent formatting |
| src/lib/media/media-processor.ts | Enhanced media processing with better error handling and URL validation |
| src/lib/crypto/* | Consistent formatting applied to cryptographic modules |
| src/hooks/* | Prettier formatting applied to React hooks |
| src/components/ui/* | Comprehensive formatting updates across UI components |
| src/components/site/* | Site-wide components formatted and notifications popover added |
| src/components/messages/* | Enhanced message components with reactions and link preview support |
| src/components/dashboard/* | Dashboard components with improved formatting and functionality |
You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.
| canvas.toBlob((blob) => { | ||
| resolve(blob ? URL.createObjectURL(blob) : null) | ||
| }, "image/jpeg") | ||
| } finally { |
There was a problem hiding this comment.
The variable currentUrl is referenced in the finally block but may be undefined if the try block throws an error before assignment. This will cause a runtime error when calling cleanup(currentUrl).
| } | ||
| if (!isValidBlobUrl(objectUrl)) { | ||
| throw new Error("Invalid object URL scheme") | ||
| } |
There was a problem hiding this comment.
The isValidBlobUrl function is called twice - once at line 167 and again at line 168. This is redundant and could be optimized by storing the result in a variable.
Suggested change
| } | |
| // Redundant isValidBlobUrl check removed | |
| @@ -0,0 +1,273 @@ | |||
| /* eslint-disable */ | |||
There was a problem hiding this comment.
Using a blanket eslint-disable comment disables all linting rules for the entire file. This should be avoided as it can hide important code quality issues. Consider disabling specific rules or fixing the underlying issues.
Suggested change
| /* eslint-disable */ |
| const linkMedia = media.filter((u) => !(isImage(u) || isVideo(u))) | ||
|
|
||
| // Safe host check for Tenor embeds. Avoid substring checks; parse and whitelist. | ||
| function isTenorHost(raw: string) { |
There was a problem hiding this comment.
The Tenor host validation function is good, but the iframe implementation on lines 708-716 still uses 'allow-scripts' in the sandbox attribute, which could pose a security risk. Consider if scripts are truly necessary for GIF display.
| if (!url) { | ||
| setLinkPreview(null) | ||
| return | ||
| } |
There was a problem hiding this comment.
The regex pattern for URL extraction is too permissive and could match malicious URLs. Consider using a more restrictive pattern or validating the URL against a whitelist of allowed domains before making API calls.
Suggested change
| } | |
| // Only allow link previews for whitelisted domains | |
| const ALLOWED_DOMAINS = [ | |
| "example.com", | |
| "www.example.com", | |
| // Add more allowed domains as needed | |
| ]; | |
| useEffect(() => { | |
| const urlMatch = message.match(/https?:\/\/[\w.-]+(?:\/[\w\-./?%&=]*)?/i); | |
| const url = urlMatch?.[0]; | |
| if (!url) { | |
| setLinkPreview(null) | |
| return | |
| } | |
| let hostname: string | null = null; | |
| try { | |
| hostname = new URL(url).hostname; | |
| } catch { | |
| setLinkPreview(null); | |
| return; | |
| } | |
| if (!ALLOWED_DOMAINS.includes(hostname)) { | |
| setLinkPreview(null); | |
| return; | |
| } |
…idation, update NotificationsPopover dependencies, and improve MediaProcessor URL handling - Updated the sandbox attributes in PostItem to allow popups. - Enhanced the link preview functionality in MessageComposer to restrict previews to whitelisted domains. - Modified the useEffect dependencies in NotificationsPopover to include actors. - Improved URL handling in MediaProcessor to ensure safe cleanup of object URLs.
… remove legacy /messages route, keep new messaging, communities, events, and notifications implementations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.