Merge branch 'develop'

.npmignore

@@ -0,0 +1,3 @@
+.*
+docs
+*.tgz

docs/security.md

@@ -1,5 +1,28 @@
 # Security Policy
 
+## Security Model
+
+Oasis is experimental software, please don't trust it with your life.
+
+If everything is working correctly, it's likely that:
+
+- Only your computer can access Oasis.
+- Only you can publish a message to your feed.
+- Only the recipients of private messages can read the message.
+- Only basic HTML is supported in blobs, which can't access the rest of Oasis.
+
+It's important to know that this is not a silver bullet:
+
+- Your public messages can be read by anyone on the Secure Scuttlebutt network.
+- Your public messages can be read by anyone on the Secure Scuttlebutt network.
+- Your IP address can be seen by anyone that peers with you.
+- Your private messages can be read by anyone with access to your private key.
+
+You should also know:
+
+- Information that others can read can be saved, without your permission.
+- Encryption techniques that are unbreakable today may become compromised in the future; maybe in dozens or hundreds of years.
+
 ## Supported Versions
 
 Only the latest release is supported.

package.json

@@ -8,7 +8,7 @@
     "@fraction/base16-css": "^1.1.0",
     "@fraction/flotilla": "^1.0.1",
     "debug": "^4.1.1",
-    "highlight.js": "^9.15.8",
+    "highlight.js": "^9.16.2",
     "hyperaxe": "^1.3.0",
     "koa": "^2.7.0",
     "koa-body": "^4.1.0",
@@ -23,13 +23,13 @@
     "require-style": "^1.1.0",
     "sharp": "^0.23.0",
     "ssb-client": "^4.7.7",
-    "ssb-config": "^3.4.2",
-    "ssb-markdown": "6.0.0",
+    "ssb-config": "^3.4.3",
+    "ssb-markdown": "^6.0.0",
     "ssb-mentions": "^0.5.0",
     "ssb-msgs": "^5.2.0",
     "ssb-ref": "^2.13.9",
-    "ssb-thread-schema": "1.0.3",
-    "yargs": "14.0.0"
+    "ssb-thread-schema": "^1.1.1",
+    "yargs": "^14.2.1"
   },
   "bin": {
     "oasis": "./index.js"
@@ -37,11 +37,11 @@
   "description": "friendly neighborhood scuttlebutt interface",
   "repository": "git@github.com:fraction/oasis.git",
   "devDependencies": {
-    "cspell": "^4.0.23",
-    "dependency-check": "4.1.0",
+    "cspell": "^4.0.33",
+    "dependency-check": "^4.1.0",
     "husky": "^3.0.5",
     "nodemon": "^1.19.1",
-    "standard": "14.3.0",
+    "standard": "^14.3.0",
     "stylelint": "^11.0.0",
     "stylelint-config-standard": "^19.0.0"
   },

src/app.js

@@ -58,7 +58,7 @@ module.exports = (config) => {
       'img-src \'self\'',
       'form-action \'self\'',
       'media-src \'self\'',
-      'style-src \'self\''
+      'style-src \'self\' \'unsafe-inline\''
     ].join('; ')
 
     // Disallow scripts.

src/pages/models/post.js

@@ -1,20 +1,22 @@
 'use strict'
 
-const lodash = require('lodash')
-const pull = require('pull-stream')
-const prettyMs = require('pretty-ms')
-const { isRoot, isNestedReply, isReply } = require('ssb-thread-schema')
 const debug = require('debug')('oasis:model-post')
-
+const lodash = require('lodash')
 const parallelMap = require('pull-paramap')
+const prettyMs = require('pretty-ms')
+const pull = require('pull-stream')
+const { isRoot, isReply } = require('ssb-thread-schema')
+
+// HACK: https://github.com/ssbc/ssb-thread-schema/issues/4
+const isNestedReply = require('ssb-thread-schema/post/nested-reply/validator')
 
-const cooler = require('./lib/cooler')
 const configure = require('./lib/configure')
+const cooler = require('./lib/cooler')
 const markdown = require('./lib/markdown')
 
 const maxMessages = 128
 
-const getMessages = async ({ myFeedId, customOptions, ssb, query }) => {
+const getMessages = async ({ myFeedId, customOptions, ssb, query, filter }) => {
   const options = configure({ query, index: 'DTA' }, customOptions)
 
   const source = await cooler.read(
@@ -27,7 +29,7 @@ const getMessages = async ({ myFeedId, customOptions, ssb, query }) => {
       pull.filter((msg) =>
         typeof msg.value.content !== 'string' &&
         msg.value.content.type === 'post' &&
-        msg.value.author !== myFeedId
+        (filter == null || filter(msg) === true)
       ),
       pull.take(maxMessages),
       pull.collect((err, collectedMessages) => {
@@ -196,7 +198,13 @@ const post = {
       }
     }]
 
-    const messages = await getMessages({ myFeedId, customOptions, ssb, query })
+    const messages = await getMessages({
+      myFeedId,
+      customOptions,
+      ssb,
+      query,
+      filter: (msg) => msg.value.author !== myFeedId
+    })
 
     return messages
   },
@@ -330,6 +338,7 @@ const post = {
         }
 
         if (msg.value.content.type !== 'post') {
+          debug('not a post')
           resolve(msg)
         }
 
@@ -369,7 +378,8 @@ const post = {
         } else {
           // type !== "post", probably
           // this should show up as JSON
-          debug('got mysterious root ancestor')
+          debug('got mysterious root ancestor that fails all known schemas')
+          debug('%O', msg)
           resolve(msg)
         }
       }
@@ -534,8 +544,7 @@ const post = {
     const myFeedId = whoami.id
 
     const options = configure({
-      type: 'post',
-      private: true
+      type: 'post'
     }, customOptions)
 
     const source = await cooler.read(