@atproto/pds 0.4.68 → 0.4.70

package/src/lexicon/types/tools/ozone/moderation/defs.ts

@@ -30,6 +30,9 @@ export interface ModEventView {
     | ModEventResolveAppeal
     | ModEventDivert
     | ModEventTag
+    | AccountEvent
+    | IdentityEvent
+    | RecordEvent
     | { $type: string; [k: string]: unknown }
   subject:
     | ComAtprotoAdminDefs.RepoRef
@@ -74,6 +77,9 @@ export interface ModEventViewDetail {
     | ModEventResolveAppeal
     | ModEventDivert
     | ModEventTag
+    | AccountEvent
+    | IdentityEvent
+    | RecordEvent
     | { $type: string; [k: string]: unknown }
   subject:
     | RepoView
@@ -105,6 +111,10 @@ export interface SubjectStatusView {
     | ComAtprotoAdminDefs.RepoRef
     | ComAtprotoRepoStrongRef.Main
     | { $type: string; [k: string]: unknown }
+  hosting?:
+    | AccountHosting
+    | RecordHosting
+    | { $type: string; [k: string]: unknown }
   subjectBlobCids?: string[]
   subjectRepoHandle?: string
   /** Timestamp referencing when the last update was made to the moderation status of the subject */
@@ -472,6 +482,78 @@ export function validateModEventTag(v: unknown): ValidationResult {
   return lexicons.validate('tools.ozone.moderation.defs#modEventTag', v)
 }
 
+/** Logs account status related events on a repo subject. Normally captured by automod from the firehose and emitted to ozone for historical tracking. */
+export interface AccountEvent {
+  comment?: string
+  /** Indicates that the account has a repository which can be fetched from the host that emitted this event. */
+  active: boolean
+  status?:
+    | 'unknown'
+    | 'deactivated'
+    | 'deleted'
+    | 'takendown'
+    | 'suspended'
+    | 'tombstoned'
+    | (string & {})
+  timestamp: string
+  [k: string]: unknown
+}
+
+export function isAccountEvent(v: unknown): v is AccountEvent {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.moderation.defs#accountEvent'
+  )
+}
+
+export function validateAccountEvent(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.moderation.defs#accountEvent', v)
+}
+
+/** Logs identity related events on a repo subject. Normally captured by automod from the firehose and emitted to ozone for historical tracking. */
+export interface IdentityEvent {
+  comment?: string
+  handle?: string
+  pdsHost?: string
+  tombstone?: boolean
+  timestamp: string
+  [k: string]: unknown
+}
+
+export function isIdentityEvent(v: unknown): v is IdentityEvent {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.moderation.defs#identityEvent'
+  )
+}
+
+export function validateIdentityEvent(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.moderation.defs#identityEvent', v)
+}
+
+/** Logs lifecycle event on a record subject. Normally captured by automod from the firehose and emitted to ozone for historical tracking. */
+export interface RecordEvent {
+  comment?: string
+  op: 'create' | 'update' | 'delete' | (string & {})
+  cid?: string
+  timestamp: string
+  [k: string]: unknown
+}
+
+export function isRecordEvent(v: unknown): v is RecordEvent {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.moderation.defs#recordEvent'
+  )
+}
+
+export function validateRecordEvent(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.moderation.defs#recordEvent', v)
+}
+
 export interface RepoView {
   did: string
   handle: string
@@ -483,6 +565,7 @@ export interface RepoView {
   invitesDisabled?: boolean
   inviteNote?: string
   deactivatedAt?: string
+  threatSignatures?: ComAtprotoAdminDefs.ThreatSignature[]
   [k: string]: unknown
 }
 
@@ -512,6 +595,7 @@ export interface RepoViewDetail {
   inviteNote?: string
   emailConfirmedAt?: string
   deactivatedAt?: string
+  threatSignatures?: ComAtprotoAdminDefs.ThreatSignature[]
   [k: string]: unknown
 }
 
@@ -703,3 +787,51 @@ export function isVideoDetails(v: unknown): v is VideoDetails {
 export function validateVideoDetails(v: unknown): ValidationResult {
   return lexicons.validate('tools.ozone.moderation.defs#videoDetails', v)
 }
+
+export interface AccountHosting {
+  status:
+    | 'takendown'
+    | 'suspended'
+    | 'deleted'
+    | 'deactivated'
+    | 'unknown'
+    | (string & {})
+  updatedAt?: string
+  createdAt?: string
+  deletedAt?: string
+  deactivatedAt?: string
+  reactivatedAt?: string
+  [k: string]: unknown
+}
+
+export function isAccountHosting(v: unknown): v is AccountHosting {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.moderation.defs#accountHosting'
+  )
+}
+
+export function validateAccountHosting(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.moderation.defs#accountHosting', v)
+}
+
+export interface RecordHosting {
+  status: 'deleted' | 'unknown' | (string & {})
+  updatedAt?: string
+  createdAt?: string
+  deletedAt?: string
+  [k: string]: unknown
+}
+
+export function isRecordHosting(v: unknown): v is RecordHosting {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.moderation.defs#recordHosting'
+  )
+}
+
+export function validateRecordHosting(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.moderation.defs#recordHosting', v)
+}

package/src/lexicon/types/tools/ozone/moderation/emitEvent.ts

@@ -29,6 +29,9 @@ export interface InputSchema {
     | ToolsOzoneModerationDefs.ModEventResolveAppeal
     | ToolsOzoneModerationDefs.ModEventEmail
     | ToolsOzoneModerationDefs.ModEventTag
+    | ToolsOzoneModerationDefs.AccountEvent
+    | ToolsOzoneModerationDefs.IdentityEvent
+    | ToolsOzoneModerationDefs.RecordEvent
     | { $type: string; [k: string]: unknown }
   subject:
     | ComAtprotoAdminDefs.RepoRef

package/src/lexicon/types/tools/ozone/moderation/queryStatuses.ts

@@ -22,6 +22,16 @@ export interface QueryParams {
   reportedBefore?: string
   /** Search subjects reviewed after a given timestamp */
   reviewedAfter?: string
+  /** Search subjects where the associated record/account was deleted after a given timestamp */
+  hostingDeletedAfter?: string
+  /** Search subjects where the associated record/account was deleted before a given timestamp */
+  hostingDeletedBefore?: string
+  /** Search subjects where the associated record/account was updated after a given timestamp */
+  hostingUpdatedAfter?: string
+  /** Search subjects where the associated record/account was updated before a given timestamp */
+  hostingUpdatedBefore?: string
+  /** Search subjects by the status of the associated record/account */
+  hostingStatuses?: string[]
   /** Search subjects reviewed before a given timestamp */
   reviewedBefore?: string
   /** By default, we don't include muted subjects in the results. Set this to true to include them. */

package/src/lexicon/types/tools/ozone/setting/defs.ts

@@ -0,0 +1,37 @@
+/**
+ * GENERATED CODE - DO NOT MODIFY
+ */
+import { ValidationResult, BlobRef } from '@atproto/lexicon'
+import { lexicons } from '../../../../lexicons'
+import { isObj, hasProp } from '../../../../util'
+import { CID } from 'multiformats/cid'
+
+export interface Option {
+  key: string
+  did: string
+  value: {}
+  description?: string
+  createdAt?: string
+  updatedAt?: string
+  managerRole?:
+    | 'tools.ozone.team.defs#roleModerator'
+    | 'tools.ozone.team.defs#roleTriage'
+    | 'tools.ozone.team.defs#roleAdmin'
+    | (string & {})
+  scope: 'instance' | 'personal' | (string & {})
+  createdBy: string
+  lastUpdatedBy: string
+  [k: string]: unknown
+}
+
+export function isOption(v: unknown): v is Option {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'tools.ozone.setting.defs#option'
+  )
+}
+
+export function validateOption(v: unknown): ValidationResult {
+  return lexicons.validate('tools.ozone.setting.defs#option', v)
+}

package/src/lexicon/types/tools/ozone/setting/listOptions.ts

@@ -0,0 +1,53 @@
+/**
+ * GENERATED CODE - DO NOT MODIFY
+ */
+import express from 'express'
+import { ValidationResult, BlobRef } from '@atproto/lexicon'
+import { lexicons } from '../../../../lexicons'
+import { isObj, hasProp } from '../../../../util'
+import { CID } from 'multiformats/cid'
+import { HandlerAuth, HandlerPipeThrough } from '@atproto/xrpc-server'
+import * as ToolsOzoneSettingDefs from './defs'
+
+export interface QueryParams {
+  limit: number
+  cursor?: string
+  scope: 'instance' | 'personal' | (string & {})
+  /** Filter keys by prefix */
+  prefix?: string
+  /** Filter for only the specified keys. Ignored if prefix is provided */
+  keys?: string[]
+}
+
+export type InputSchema = undefined
+
+export interface OutputSchema {
+  cursor?: string
+  options: ToolsOzoneSettingDefs.Option[]
+  [k: string]: unknown
+}
+
+export type HandlerInput = undefined
+
+export interface HandlerSuccess {
+  encoding: 'application/json'
+  body: OutputSchema
+  headers?: { [key: string]: string }
+}
+
+export interface HandlerError {
+  status: number
+  message?: string
+}
+
+export type HandlerOutput = HandlerError | HandlerSuccess | HandlerPipeThrough
+export type HandlerReqCtx<HA extends HandlerAuth = never> = {
+  auth: HA
+  params: QueryParams
+  input: HandlerInput
+  req: express.Request
+  res: express.Response
+}
+export type Handler<HA extends HandlerAuth = never> = (
+  ctx: HandlerReqCtx<HA>,
+) => Promise<HandlerOutput> | HandlerOutput

package/src/lexicon/types/tools/ozone/setting/removeOptions.ts

@@ -0,0 +1,49 @@
+/**
+ * GENERATED CODE - DO NOT MODIFY
+ */
+import express from 'express'
+import { ValidationResult, BlobRef } from '@atproto/lexicon'
+import { lexicons } from '../../../../lexicons'
+import { isObj, hasProp } from '../../../../util'
+import { CID } from 'multiformats/cid'
+import { HandlerAuth, HandlerPipeThrough } from '@atproto/xrpc-server'
+
+export interface QueryParams {}
+
+export interface InputSchema {
+  keys: string[]
+  scope: 'instance' | 'personal' | (string & {})
+  [k: string]: unknown
+}
+
+export interface OutputSchema {
+  [k: string]: unknown
+}
+
+export interface HandlerInput {
+  encoding: 'application/json'
+  body: InputSchema
+}
+
+export interface HandlerSuccess {
+  encoding: 'application/json'
+  body: OutputSchema
+  headers?: { [key: string]: string }
+}
+
+export interface HandlerError {
+  status: number
+  message?: string
+}
+
+export type HandlerOutput = HandlerError | HandlerSuccess | HandlerPipeThrough
+export type HandlerReqCtx<HA extends HandlerAuth = never> = {
+  auth: HA
+  params: QueryParams
+  input: HandlerInput
+  req: express.Request
+  res: express.Response
+}
+export type Handler<HA extends HandlerAuth = never> = (
+  ctx: HandlerReqCtx<HA>,
+) => Promise<HandlerOutput> | HandlerOutput

package/src/lexicon/types/tools/ozone/setting/upsertOption.ts

@@ -0,0 +1,58 @@
+/**
+ * GENERATED CODE - DO NOT MODIFY
+ */
+import express from 'express'
+import { ValidationResult, BlobRef } from '@atproto/lexicon'
+import { lexicons } from '../../../../lexicons'
+import { isObj, hasProp } from '../../../../util'
+import { CID } from 'multiformats/cid'
+import { HandlerAuth, HandlerPipeThrough } from '@atproto/xrpc-server'
+import * as ToolsOzoneSettingDefs from './defs'
+
+export interface QueryParams {}
+
+export interface InputSchema {
+  key: string
+  scope: 'instance' | 'personal' | (string & {})
+  value: {}
+  description?: string
+  managerRole?:
+    | 'tools.ozone.team.defs#roleModerator'
+    | 'tools.ozone.team.defs#roleTriage'
+    | 'tools.ozone.team.defs#roleAdmin'
+    | (string & {})
+  [k: string]: unknown
+}
+
+export interface OutputSchema {
+  option: ToolsOzoneSettingDefs.Option
+  [k: string]: unknown
+}
+
+export interface HandlerInput {
+  encoding: 'application/json'
+  body: InputSchema
+}
+
+export interface HandlerSuccess {
+  encoding: 'application/json'
+  body: OutputSchema
+  headers?: { [key: string]: string }
+}
+
+export interface HandlerError {
+  status: number
+  message?: string
+}
+
+export type HandlerOutput = HandlerError | HandlerSuccess | HandlerPipeThrough
+export type HandlerReqCtx<HA extends HandlerAuth = never> = {
+  auth: HA
+  params: QueryParams
+  input: HandlerInput
+  req: express.Request
+  res: express.Response
+}
+export type Handler<HA extends HandlerAuth = never> = (
+  ctx: HandlerReqCtx<HA>,
+) => Promise<HandlerOutput> | HandlerOutput

package/src/pipethrough.ts

@@ -357,9 +357,9 @@ async function pipethroughRequest(
 
 function handleUpstreamRequestError(
   err: unknown,
-  message = 'pipethrough network error',
+  message = 'Upstream service unreachable',
 ): never {
-  httpLogger.warn({ err }, message)
+  httpLogger.error({ err }, message)
   throw new XRPCServerError(ResponseType.UpstreamFailure, message, undefined, {
     cause: err,
   })
@@ -520,18 +520,11 @@ async function tryParsingError(
   }
 }
 
-export async function bufferUpstreamResponse(
+async function bufferUpstreamResponse(
   readable: Readable,
   contentEncoding?: string | string[],
 ): Promise<Buffer> {
   try {
-    // Needed for type-safety (should never happen irl)
-    if (Array.isArray(contentEncoding)) {
-      throw new TypeError(
-        'upstream service returned multiple content-encoding headers',
-      )
-    }
-
     return await streamToNodeBuffer(decodeStream(readable, contentEncoding))
   } catch (err) {
     if (!readable.destroyed) readable.destroy()
@@ -561,7 +554,11 @@ export async function asPipeThroughBuffer(
 // Response parsing/forwarding
 // -------------------
 
-const RES_HEADERS_TO_FORWARD = ['atproto-repo-rev', 'atproto-content-labelers']
+const RES_HEADERS_TO_FORWARD = [
+  'atproto-repo-rev',
+  'atproto-content-labelers',
+  'retry-after',
+]
 
 function* responseHeaders(
   headers: IncomingHttpHeaders,
@@ -584,7 +581,11 @@ function* responseHeaders(
   for (let i = 0; i < RES_HEADERS_TO_FORWARD.length; i++) {
     const name = RES_HEADERS_TO_FORWARD[i]
     const val = headers[name]
-    if (typeof val === 'string') yield [name, val]
+
+    if (val != null) {
+      const value: string = Array.isArray(val) ? val.join(',') : val
+      yield [name, value]
+    }
   }
 }
 

package/tests/proxied/__snapshots__/admin.test.ts.snap

@@ -122,6 +122,10 @@ Object {
     "moderation": Object {
       "subjectStatus": Object {
         "createdAt": "1970-01-01T00:00:00.000Z",
+        "hosting": Object {
+          "$type": "tools.ozone.moderation.defs#accountHosting",
+          "status": "unknown",
+        },
         "id": 1,
         "lastReportedAt": "1970-01-01T00:00:00.000Z",
         "lastReviewedAt": "1970-01-01T00:00:00.000Z",
@@ -214,6 +218,10 @@ Object {
   "moderation": Object {
     "subjectStatus": Object {
       "createdAt": "1970-01-01T00:00:00.000Z",
+      "hosting": Object {
+        "$type": "tools.ozone.moderation.defs#recordHosting",
+        "status": "unknown",
+      },
       "id": 4,
       "lastReviewedAt": "1970-01-01T00:00:00.000Z",
       "lastReviewedBy": "user(1)",
@@ -271,6 +279,10 @@ Object {
     "moderation": Object {
       "subjectStatus": Object {
         "createdAt": "1970-01-01T00:00:00.000Z",
+        "hosting": Object {
+          "$type": "tools.ozone.moderation.defs#accountHosting",
+          "status": "unknown",
+        },
         "id": 1,
         "lastReportedAt": "1970-01-01T00:00:00.000Z",
         "lastReviewedAt": "1970-01-01T00:00:00.000Z",

package/tests/proxied/proxy-catchall.test.ts

@@ -116,7 +116,7 @@ describe('proxy header', () => {
     for (const lex of lexicons) client.lex.add(lex)
 
     await expect(client.call('com.example.ok')).rejects.toThrow(
-      'pipethrough network error',
+      'Upstream service unreachable',
     )
   })
 

package/tests/proxied/read-after-write.test.ts

@@ -101,12 +101,22 @@ describe('proxy read after write', () => {
       { uri: sc.posts[alice][0].ref.uriStr },
       { headers: { ...sc.getHeaders(alice) } },
     )
-    const layerOne = res.data.thread.replies as ThreadViewPost[]
+    const thread = res.data.thread as ThreadViewPost
+    const layerOne = thread.replies as ThreadViewPost[]
     expect(layerOne.length).toBe(1)
     expect(layerOne[0].post.uri).toEqual(reply1.ref.uriStr)
     const layerTwo = layerOne[0].replies as ThreadViewPost[]
     expect(layerTwo.length).toBe(1)
     expect(layerTwo[0].post.uri).toEqual(reply2.ref.uriStr)
+
+    const aliceHandle = sc.accounts[alice].handle
+    const handleUriStr = thread.post.uri.replace(alice, aliceHandle)
+    expect(handleUriStr).not.toEqual(thread.post.uri)
+    const handleRes = await agent.api.app.bsky.feed.getPostThread(
+      { uri: handleUriStr },
+      { headers: { ...sc.getHeaders(alice) } },
+    )
+    expect(handleRes.data.thread).toEqual(res.data.thread)
   })
 
   it('handles read after write on a thread that is not found on appview', async () => {
@@ -123,6 +133,15 @@ describe('proxy read after write', () => {
     expect((thread.replies?.at(0) as ThreadViewPost).post.uri).toEqual(
       replyRef2.uriStr,
     )
+
+    const aliceHandle = sc.accounts[alice].handle
+    const handleUriStr = thread.post.uri.replace(alice, aliceHandle)
+    expect(handleUriStr).not.toEqual(thread.post.uri)
+    const handleRes = await agent.api.app.bsky.feed.getPostThread(
+      { uri: handleUriStr },
+      { headers: { ...sc.getHeaders(alice) } },
+    )
+    expect(handleRes.data.thread).toEqual(res.data.thread)
   })
 
   it('handles read after write on threads with record embeds', async () => {