cofacts

Month: 2021-05

2021-05-02

github 18:40:33
:warning: *Action required - upgrade app for g0v* :warning:
Dai -大輔/東京 18:59:42
@lucien hello. nice to meet you. We are in Tokyo and we would like to build cofacts japanese version + machine learning fake news scoring model. I know this is open source but who is the leader of this? Hope we can help other local languages as well
lucien 20:58:30
Hi. It’s glad to hear you want to build Japanese cofacts! We actually have a Thailand fork one.
lucien 20:58:49
@mrorz is the founder of cofacts, too.
Slackbot 20:59:22
This message was deleted.
mrorz 21:01:01
I think @bil has a Japanese version of Cofacts website, haven’t have the chance to put it back to our repository
mrorz 21:01:25
For the time being please refer to the English version here: https://en.cofacts.tw/

en.cofacts.tw

Cofacts - Message reporting chatbot and crowd-sourced fact-checking community

Cofacts is a collaborative system connecting instant messages and fact-check reports or different opinions together. It's a grass-root effort fighting mis/disinformation in Taiwan.

Dai -大輔/東京 21:14:27
@mrorz @lucien Thank you! We will check
Dai -大輔/東京 21:14:44
@john989 hey! pls see above. Let’s talk with Bil
Dai -大輔/東京 21:15:10
@bil Hi! こんにちは!Have you done Japanese version of cofacts? We want to contribute to it
Dai -大輔/東京 21:16:10
@mrorz Hi! Your Thailand project is fantastic. Do you know any other country who needs cofacts? We can provide our brand new translation API for free for such project
mrorz 21:20:33
Thanks! All kudos should go to OpenDream when it comes to http://cofact.org/ (Cofact in Thai). Cofacts working group here in Taiwan just had one or two meetings with them and they managed to sort out all the things.

I think starting a local fact-checking community is the most important and difficult part to do when it comes to crowd-sourced fact-checking. We are glad to provide our source code to anyone that want to start such a community in their own country, so that they can focus on community building more quickly.

cofact.org

Cofact - พื้นที่เปิดให้ทุกคนมาช่วยกันตรวจสอบข่าวลวง

คนใกล้ชิดของคุณ อาจตกเป็นเหยื่อของข่าวลวง หรือ ส่งต่อข่าวลวงบนอินเทอร์เน็ตโดยไม่รู้ตัว

Dai -大輔/東京 21:30:51
@john989 let’s catch up
Dai -大輔/東京 21:39:33
@mrorz this is our thought. of course we will try to adjust our actions towards your direction.
mrorz 23:43:12
@ggm I think you can add your effort regarding NLP here.

@john989
Currently in Cofacts we use NLP just for categorizing the message into different topics, hoping that this can be useful to the volunteer editors. Personally I think it would be very difficult, if possible, that we can directly use NLP to infer correctness and generate reply, since most messages actually require quite some human knowledge to answer correctly. To make matters worse, almost all suspicious messages requires editors to sense the emotion (fear/anger/hatred/etc) in the message that makes the message viral, and provide precise and short answers to “defuse” that emotion.

In our previous research ( https://hackmd.io/@ggm/HkhTS45ig?type=view ) there were some model that determines if a viral message is disinformation by looking at the pattern it spread in the social media; however this method is not possible in closed messaging apps like LINE and whatsapp.

HackMD

【真的假的】其他相關新聞 - HackMD

【真的假的】其他相關新聞 ====== 2021-03-24 研究:2020總統大選前 候選人粉專藏2成假帳號 <https://www.cna.com.tw/news/firstnews/202>

mrorz 23:59:22
Cofacts 在等一下(0:00)要重啟 nginx 來試著放上日文版網頁,希望只會斷線 30 秒,但如果設定有問題的話可能會壞掉久一點 QQ

Hi all, we are going to restart nginx at 0:00 to get japanese version of Cofacts online. Hopefully it will only take 30 seconds, but may be longer if things go south.

2021-05-03

mrorz 00:02:09
Hmm http://cofacts.tw|cofacts.tw is still alive, which is good. http://ja.cofacts.tw|ja.cofacts.tw needs SSL setup on Cloudflare.
mrorz 00:09:02
Japanese version of Cofacts website UI is up and running now:
https://ja.cofacts.tw/

Note that the database is still connected to our production server, which serves Mandarin content, thus http://ja.cofacts.tw|ja.cofacts.tw is just for demonstration purpose.

I am putting together a pull request that include the current Japanese translations so that after merging the pull request, @john989 and @dai can fork the project with Japanese translation already in place and build your own version using this as a starting point :building_construction:

ja.cofacts.tw

Cofacts デマ探偵隊 - 情報に対してリプライするチャットボットと協働検証をするコミュニティです

「Cofacts デマ探偵隊」はインターネット情報及びデマ検証・報告に関する市民協働とリンクするシステムです。デマ情報に対して、一人一人が積極的に参加するような草の根の力で対応策を作り上げるのを目指しています。

github 00:15:57

#432 Japanese version

• Include Japanese translation in codebase • Build &amp; push script • Relax landing page style so that it also works for Japanese version

github 00:16:33

#19 Support Japanese version

Deploy `site-ja` and setup `api`'s CORS domain

github 00:33:37

Comment on #251 Support japanese version of Cofacts

*Pull Request Test Coverage Report for <https://coveralls.io/builds/39290812|Build 1315>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *86.629%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

mrorz 01:55:28
JP version of Cofacts chatbot:
https://lin.ee/hIyZFR8
mrorz 09:01:00
讓我想到寫回應與評價回應
https://m.facebook.com/story.php?story_fbid=573035977412792&amp;id=108928800490181|https://m.facebook.com/story.php?story_fbid=573035977412792&amp;id=108928800490181

m.facebook.com

飛鳥涼不涼的遊戲營運觀察小站

【聊聊產品遊戲化中的雙循環理論】 「遊戲化」到底是不是一個偽命題一直有些爭論。贊成者認為遊戲中對於人性誘因的設計,適用於各種產品如拼多多、Dulingo、Orangetheory Fitness等都有不錯的成績;反對者則認為很多打著遊戲化的產品大多流於表面,短期內可能帶來不錯的成效,但長線看來對產品的收入沒有太大幫助。...

Dai -大輔/東京 14:55:27
@john989 this is Japanese police info about fake info
Dai -大輔/東京 14:55:50
@john989 you can find some typical features
Dai -大輔/東京 14:56:17
@mrorz please google translate this
mrorz 15:14:41
Thanks for the info!

Maybe we cannot assert the message’s correctness by these emotion traits, but I think it would be helpful to mark out the sentiments in the rumor text and ask the audience to be careful, or just raise awareness that such message is trying to sway you by emotion.
Dai -大輔/東京 16:30:29
```There are many expressions that emphasize, arouse anxiety, and hurry.
If the information is true, it is sufficient to include only the facts. However, false information is made to believe in emphasized expressions and expressions that arouse anxiety, and tries to spread it in a hurry.

Examples of expressions that are easily included in hoaxes
Emphasized expression Very, quite, very, absolutely, all, surely, serious, etc.
Expressions that arouse anxiety Dangerous, malicious, difficult, etc.
Expression to hurry Immediately, urgently, etc.
Content related to life and money
Many life-threatening contents such as evacuation information and disaster information are also abused. In addition, money-related items such as "free services will be charged from next month" and "paid services will be free for a limited time" are also easily abused, so be sure to check the information source.

Source not listed
If it's true, but it doesn't have a link (URL of the source) or rationale, be sure to search for it yourself to find out the source. If it is related to government offices or companies, please check the official website or official blog.
It is also effective to check TV, radio, etc. depending on the content such as weather information.

Written in hearsay format
You should also be careful if the information provided includes hearsay formats such as "likely," "like," and "likely." If the source of information is ambiguous, such as "friends", "acquaintances", or "entertainers", please check with the parties directly or by searching the official website.

Recommended to spread
There are two main types of writing that recommend diffusion: malicious and good faith. In either case, it's important to know the source and not spread indiscriminately.

Examples of malicious spread demands
"If you don't give it to someone within ○ hours after seeing it, you will be unhappy."
"People who stop this information will be identified and attacked (captured)" etc.
An example of a request for spread in good faith
"The pet shop has collapsed, so please spread it to people who are likely to get it."
"Please share it with all your acquaintances to prevent damage" etc.
In other special cases, the source of information itself may be a false site (so-called joke site). Some people believe in content that is not common sense. If you receive such information, get in the habit of verifying the authenticity of the information.```
Dai -大輔/東京 16:30:38
Screen Shot 2021-05-03 at 17.30.22.png
Dai -大輔/東京 16:30:50
note : translated jp police advice HP above

2021-05-05

github 13:18:35
:warning: *Action required - upgrade app for g0v* :warning:
github 13:18:36

#258 Remove reply content in removeArticleReply.js script

Per <https://g0v.hackmd.io/6ZwH7NANRqG6s-CCIy9IYw?both#yegogo-%E8%99%95%E7%90%86|20210428 discussion>, since we backup original reply text in the spreadsheet, we can consider removing spammer's reply text entirely. We can modify `removeArticleReply.js` so that it optionally take a CLI argument that replaces the reply text with specified text. We can provide link to the spreadsheet or takedown note in the replaced text.

github 13:35:30

Comment on #432 Japanese version

Seems that there are missing kanji font in our current font selection <https://user-images.githubusercontent.com/108608/117100608-b8b55500-ada6-11eb-8b4e-8fe32bb6b6c0.png|image>

2021-05-07

github 02:48:11
:warning: *Action required - upgrade app for g0v* :warning:
github 02:48:13

#433 Bump lodash from 4.17.19 to 4.17.21

Bumps <https://github.com/lodash/lodash|lodash> from 4.17.19 to 4.17.21. Commits • <https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538|`f299b52`> Bump to v4.17.21 • <https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a|`c4847eb`> Improve performance of `toNumber`, `trim` and `trimEnd` on large input strings • <https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c|`3469357`> Prevent command injection through `_.template`'s `variable` option • <https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a|`ded9bc6`> Bump to v4.17.20. • <https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa|`63150ef`> Documentation fixes. • <https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794|`00f0f62`> test.js: Remove trailing comma. • <https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389|`846e434`> Temporarily use a custom fork of `lodash-cli`. • <https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229|`5d046f3`> Re-enable Travis tests on `4.17` branch. • <https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd|`aa816b3`> Remove `/npm-package`. • See full diff in <https://github.com/lodash/lodash/compare/4.17.19...4.17.21|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~bnjmnt4n|bnjmnt4n>, a new releaser for lodash since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.

github 05:44:19

#22 Bump handlebars from 4.5.1 to 4.7.7

Bumps <https://github.com/wycats/handlebars.js|handlebars> from 4.5.1 to 4.7.7. Changelog _Sourced from <https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md|handlebars's changelog>._ &gt; *v4.7.7 - February 15th, 2021* &gt; &gt; • fix weird error in integration tests - eb860c0 &gt; • fix: check prototype property access in strict-mode (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736|#1736>) - b6d3de7 &gt; • fix: escape property names in compat mode (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736|#1736>) - f058970 &gt; • refactor: In spec tests, use expectTemplate over equals and shouldThrow (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1683|#1683>) - 77825f8 &gt; • chore: start testing on Node.js 12 and 13 - 3789a30 &gt; &gt; (POSSIBLY) BREAKING CHANGES: &gt; &gt; • the changes from version <https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020|4.6.0> now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See <https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1633|#1633> for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build. &gt; &gt; That is why we only bump the patch version despite mentioning breaking changes. &gt; &gt; <https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7|Commits> &gt; &gt; *v4.7.6 - April 3rd, 2020* &gt; &gt; Chore/Housekeeping: &gt; &gt; • <https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1672|#1672> - Switch cmd parser to latest minimist (<https://api.github.com/users/dougwilson|`@​dougwilson`> &gt; &gt; Compatibility notes: &gt; &gt; • Restored Node.js compatibility &gt; &gt; <https://github.com/wycats/handlebars.js/compare/v4.7.5...v4.7.6|Commits> &gt; &gt; *v4.7.5 - April 2nd, 2020* &gt; &gt; Chore/Housekeeping: &gt; &gt; • ~Node.js version support has been changed to v6+~ Reverted in 4.7.6 &gt; &gt; Compatibility notes: &gt; &gt; • ~Node.js &lt; v6 is no longer supported~ Reverted in 4.7.6 &gt; &gt; <https://github.com/wycats/handlebars.js/compare/v4.7.4...v4.7.5|Commits> &gt; &gt; *v4.7.4 - April 1st, 2020* &gt; &gt; Chore/Housekeeping: &gt; &gt; • <https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1666|#1666> - Replaced minimist with yargs for handlebars CLI (<https://api.github.com/users/aorinevo|`@​aorinevo`>, <https://api.github.com/users/AviVahl|`@​AviVahl`> &amp; <https://api.github.com/users/fabb|`@​fabb`>) &gt; &gt; Compatibility notes: ... (truncated) Commits • <https://github.com/handlebars-lang/handlebars.js/commit/a9a8e403213583ca90cb7c872d3a22796c37d961|`a9a8e40`> v4.7.7 • <https://github.com/handlebars-lang/handlebars.js/commit/e66aed5b99c1b6c93564f37d627e34e5d60eb76e|`e66aed5`> Update release notes • <https://github.com/handlebars-lang/handlebars.js/commit/7d4d170ce46a53084a41920c5c7387c131357989|`7d4d170`> disable IE in Saucelabs tests • <https://github.com/handlebars-lang/handlebars.js/commit/eb860c08998f8f506360d305d89e1f4b40f72a0a|`eb860c0`> fix weird error in integration tests • <https://github.com/handlebars-lang/handlebars.js/commit/b6d3de7123eebba603e321f04afdbae608e8fea8|`b6d3de7`> fix: check prototype property access in strict-mode (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736|#1736>) • <https://github.com/handlebars-lang/handlebars.js/commit/f0589701698268578199be25285b2ebea1c1e427|`f058970`> fix: escape property names in compat mode (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1736|#1736>) • <https://github.com/handlebars-lang/handlebars.js/commit/77825f8d3522356feb8e4160fac16344104d192b|`77825f8`> refator: In spec tests, use expectTemplate over equals and shouldThrow (<https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1683|#1683>) • <https://github.com/handlebars-lang/handlebars.js/commit/3789a309554fd600caeae442f40881cf93eb3b54|`3789a30`> chore: start testing on Node.js 12 and 13 • <https://github.com/handlebars-lang/handlebars.js/commit/e6ad93ea01bcde1f8ddaa4b4ebe572dd616abfaa|`e6ad93e`> v4.7.6 • <https://github.com/handlebars-lang/handlebars.js/commit/2bf4fc6fd3ae3d8f076d628653f284d85faebeb4|`2bf4fc6`> Update release notes • Additional commits viewable in <https://github.com/wycats/handlebars.js/compare/v4.5.1...v4.7.7|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

github 05:44:21

Comment on #15 Bump handlebars from 4.5.1 to 4.7.6

Superseded by <https://github.com/cofacts/rumors-fb-bot/pull/22|#22>.

2021-05-08

github 00:03:20

#23 Bump lodash from 4.17.10 to 4.17.21

Bumps <https://github.com/lodash/lodash|lodash> from 4.17.10 to 4.17.21. Commits • <https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538|`f299b52`> Bump to v4.17.21 • <https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a|`c4847eb`> Improve performance of `toNumber`, `trim` and `trimEnd` on large input strings • <https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c|`3469357`> Prevent command injection through `_.template`'s `variable` option • <https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a|`ded9bc6`> Bump to v4.17.20. • <https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa|`63150ef`> Documentation fixes. • <https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794|`00f0f62`> test.js: Remove trailing comma. • <https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389|`846e434`> Temporarily use a custom fork of `lodash-cli`. • <https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229|`5d046f3`> Re-enable Travis tests on `4.17` branch. • <https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd|`aa816b3`> Remove `/npm-package`. • <https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056|`d7fbc52`> Bump to v4.17.19 • Additional commits viewable in <https://github.com/lodash/lodash/compare/4.17.10...4.17.21|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~bnjmnt4n|bnjmnt4n>, a new releaser for lodash since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

github 00:03:21

Comment on #12 Bump lodash from 4.17.10 to 4.17.19

Superseded by <https://github.com/cofacts/rumors-fb-bot/pull/23|#23>.

Dai -大輔/東京 08:38:22
@mrorz Hi! Sorry but John left our team this week. I will let you know our possible steps in meantime.
Dai -大輔/東京 08:39:08
@mrorz BTW is your name Mr.オルツ like geek Twitter Japanese? Just wondered
mrorz 18:32:16
調整了一下 Article LIFF feedback form
• upvote / downvote 與 reason text input 會放一起填
• 送出後會進入 summary,可回到編輯模式或展開其他人的 feedback
◦ Summary 高度最矮,僅用刷淡底色標注使用者的選擇。這是希望使用者繼續往下捲到其他回應 or 下面的內容,以不干擾使用者繼續往下讀為主。
◦ 之前討論的「分頁」形式我覺得還是太複雜,會不知道點下去會是編輯還是看其他人回應還怎樣,而且會干擾使用者繼續往下讀。
• 其他人的 feedback 是 upvote / downvote 人混排
https://www.figma.com/file/DvmAQjMJCncuPORWKnljM1/Cofacts-website-MrOrz?node-id=3042%3A2

Figma

Cofacts website (MrOrz)

Created with Figma

github 19:36:37
:warning: *Action required - upgrade app for g0v* :warning:
github 19:36:39

#434 Incorrect "Similar replies" title

In reply page, the sidebar title should be "Similar replies" rather than "Similar messages". <https://user-images.githubusercontent.com/108608/117537599-96386b80-b034-11eb-8cdc-f3f0de947d41.png|image>

github 19:49:22

#252 Ask user not to trust the message just yet when no reply is available

Discussions: <https://g0v.hackmd.io/BRQtYUVzTU2vNxainshnMQ#%E4%BD%BF%E7%94%A8%E8%80%85%E8%AE%8A%E5%A4%9A|https://g0v.hackmd.io/BRQtYUVzTU2vNxainshnMQ#%E4%BD%BF%E7%94%A8%E8%80%85%E8%AE%8A%E5%A4%9A> *Screenshots* *Message not in DB* <https://user-images.githubusercontent.com/108608/117537838-127f7e80-b036-11eb-923d-6990ebc6e375.png|image> *There are similar messages in DB but not what user want* <https://user-images.githubusercontent.com/108608/117537856-29be6c00-b036-11eb-826f-d1e080ea28a5.png|image> *Message in DB but not replied yet* <https://user-images.githubusercontent.com/108608/117537875-38a51e80-b036-11eb-94f6-158893f5c36f.png|image>

github 19:53:03

Comment on #252 Ask user not to trust the message just yet when no reply is available

*Pull Request Test Coverage Report for <https://coveralls.io/builds/39483780|Build 1320>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *86.629%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

2021-05-09

github 01:51:01

#253 Dockerfile

TODO: • tesseract support • automatic build &amp; push in Github Actions with `.env` as secret (<https://docs.docker.com/ci-cd/github-actions/|https://docs.docker.com/ci-cd/github-actions/>)

github 02:29:05

Comment on #253 Dockerfile

*Pull Request Test Coverage Report for <https://coveralls.io/builds/39487586|Build 1326>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *86.629%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github 08:00:07

#435 Bump hosted-git-info from 2.8.4 to 2.8.9

Bumps <https://github.com/npm/hosted-git-info|hosted-git-info> from 2.8.4 to 2.8.9. Changelog _Sourced from <https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md|hosted-git-info's changelog>._ &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9|2.8.9> (2021-04-07)* &gt; *Bug Fixes* &gt; &gt; • backport regex fix from <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76|#76> (<https://github.com/npm/hosted-git-info/commit/29adfe5|29adfe5>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/84|#84> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.7...v2.8.8|2.8.8> (2020-02-29)* &gt; *Bug Fixes* &gt; &gt; • <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> &amp; <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65|#65> addressing issues w/ url.URL implmentation which regressed node 6 support (<https://github.com/npm/hosted-git-info/commit/5038b18|5038b18>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/66|#66> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.6...v2.8.7|2.8.7> (2020-02-26)* &gt; *Bug Fixes* &gt; &gt; • Do not attempt to use url.URL when unavailable (<https://github.com/npm/hosted-git-info/commit/2d0bb66|2d0bb66>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/62|#62> &gt; • Do not pass scp-style URLs to the WhatWG url.URL (<https://github.com/npm/hosted-git-info/commit/f2cdfcf|f2cdfcf>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/60|#60> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.6|2.8.6> (2020-02-25)* &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.5|2.8.5> (2019-10-07)* &gt; *Bug Fixes* &gt; &gt; • updated pathmatch for gitlab (<https://github.com/npm/hosted-git-info/commit/e8325b5|e8325b5>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/51|#51> &gt; • updated pathmatch for gitlab (<https://github.com/npm/hosted-git-info/commit/ffe056f|ffe056f>) Commits • <https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01|`8d4b369`> chore(release): 2.8.9 • <https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7|`29adfe5`> fix: backport regex fix from <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76|#76> • <https://github.com/npm/hosted-git-info/commit/afeaefdd86ba9bb5044be3c1554a666d007cf19a|`afeaefd`> chore(release): 2.8.8 • <https://github.com/npm/hosted-git-info/commit/5038b1891a61ca3cd7453acbf85d7011fe0086bb|`5038b18`> fix: <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> &amp; <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65|#65> addressing issues w/ url.URL implmentation which regressed nod... • <https://github.com/npm/hosted-git-info/commit/7440afa859162051c191e55d8ecfaf69a193b026|`7440afa`> chore(release): 2.8.7 • <https://github.com/npm/hosted-git-info/commit/2d0bb6615ecb8f9ef1019bc0737aab7f6449641f|`2d0bb66`> fix: Do not attempt to use url.URL when unavailable • <https://github.com/npm/hosted-git-info/commit/f2cdfcf33ad2bd3bd1acdba0326281089f53c5b1|`f2cdfcf`> fix: Do not pass scp-style URLs to the WhatWG url.URL • <https://github.com/npm/hosted-git-info/commit/e1b83df5d9cb1f8bb220352e20565560548d2292|`e1b83df`> chore(release): 2.8.6 • <https://github.com/npm/hosted-git-info/commit/ff259a6117c62df488e927820e30bec2f7ee453f|`ff259a6`> Ensure passwords in hosted Git URLs are correctly escaped • <https://github.com/npm/hosted-git-info/commit/624fd6f301dd5a1fd7ad1b333d6f8921a12ff98c|`624fd6f`> chore(release): 2.8.5 • Additional commits viewable in <https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.9|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~nlf|nlf>, a new releaser for hosted-git-info since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.

2021-05-10

github 00:33:08
:warning: *Action required - upgrade app for g0v* :warning:
github 00:33:10

#24 Bump hosted-git-info from 2.7.1 to 2.8.9

Bumps <https://github.com/npm/hosted-git-info|hosted-git-info> from 2.7.1 to 2.8.9. Changelog _Sourced from <https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md|hosted-git-info's changelog>._ &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9|2.8.9> (2021-04-07)* &gt; *Bug Fixes* &gt; &gt; • backport regex fix from <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76|#76> (<https://github.com/npm/hosted-git-info/commit/29adfe5|29adfe5>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/84|#84> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.7...v2.8.8|2.8.8> (2020-02-29)* &gt; *Bug Fixes* &gt; &gt; • <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> &amp; <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65|#65> addressing issues w/ url.URL implmentation which regressed node 6 support (<https://github.com/npm/hosted-git-info/commit/5038b18|5038b18>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/66|#66> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.6...v2.8.7|2.8.7> (2020-02-26)* &gt; *Bug Fixes* &gt; &gt; • Do not attempt to use url.URL when unavailable (<https://github.com/npm/hosted-git-info/commit/2d0bb66|2d0bb66>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/62|#62> &gt; • Do not pass scp-style URLs to the WhatWG url.URL (<https://github.com/npm/hosted-git-info/commit/f2cdfcf|f2cdfcf>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/60|#60> &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.6|2.8.6> (2020-02-25)* &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.4...v2.8.5|2.8.5> (2019-10-07)* &gt; *Bug Fixes* &gt; &gt; • updated pathmatch for gitlab (<https://github.com/npm/hosted-git-info/commit/e8325b5|e8325b5>), closes <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/51|#51> &gt; • updated pathmatch for gitlab (<https://github.com/npm/hosted-git-info/commit/ffe056f|ffe056f>) &gt; &gt; *<https://github.com/npm/hosted-git-info/compare/v2.8.3...v2.8.4|2.8.4> (2019-08-12)* ... (truncated) Commits • <https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01|`8d4b369`> chore(release): 2.8.9 • <https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7|`29adfe5`> fix: backport regex fix from <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76|#76> • <https://github.com/npm/hosted-git-info/commit/afeaefdd86ba9bb5044be3c1554a666d007cf19a|`afeaefd`> chore(release): 2.8.8 • <https://github.com/npm/hosted-git-info/commit/5038b1891a61ca3cd7453acbf85d7011fe0086bb|`5038b18`> fix: <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/61|#61> &amp; <https://github-redirect.dependabot.com/npm/hosted-git-info/issues/65|#65> addressing issues w/ url.URL implmentation which regressed nod... • <https://github.com/npm/hosted-git-info/commit/7440afa859162051c191e55d8ecfaf69a193b026|`7440afa`> chore(release): 2.8.7 • <https://github.com/npm/hosted-git-info/commit/2d0bb6615ecb8f9ef1019bc0737aab7f6449641f|`2d0bb66`> fix: Do not attempt to use url.URL when unavailable • <https://github.com/npm/hosted-git-info/commit/f2cdfcf33ad2bd3bd1acdba0326281089f53c5b1|`f2cdfcf`> fix: Do not pass scp-style URLs to the WhatWG url.URL • <https://github.com/npm/hosted-git-info/commit/e1b83df5d9cb1f8bb220352e20565560548d2292|`e1b83df`> chore(release): 2.8.6 • <https://github.com/npm/hosted-git-info/commit/ff259a6117c62df488e927820e30bec2f7ee453f|`ff259a6`> Ensure passwords in hosted Git URLs are correctly escaped • <https://github.com/npm/hosted-git-info/commit/624fd6f301dd5a1fd7ad1b333d6f8921a12ff98c|`624fd6f`> chore(release): 2.8.5 • Additional commits viewable in <https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~nlf|nlf>, a new releaser for hosted-git-info since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

mrorz 13:38:15
週末~因為 2077 破完了所以~試著把 rumors-line-bot 弄成 docker image,未來打算搬進跟 API、site、elasticsearch 同樣的一台主機。如果試跑起來沒問題的話,之後就能擺脫 Heroku 的 512MB / 1024MB RAM、每天抱怨 memory quota exceed、以及每個月約 45 鎂的使用費囉。

現在 Docker 版 LINE bot 已經放到 staging https://lin.ee/1QUzEX4nI 大家可以測測。

Related PR: https://github.com/cofacts/rumors-line-bot/pull/253

#253 Dockerfile

• Update dockerfile • Multi-stage build to make docker image smaller • apply `.env` file in build process (which is consistent to Heroku build environment) • npm scripts: Move build process to `heroku-postbuild` • so that it runs on heroku only, not in docker builds • heroku build should still work • .travis.yml updated accordingly • Categorize env vars into "Build time variables" and "Runtime secrets" • "Build time variables" are used by webpack and will be built into docker image • "Runtime secrets" are given when running docker container • Cofacts API introspection script makes sure `data/` folder exist so that it works in docker build • Local `data/` folder contains mongodb garbage so it is ignored in docker • Thus we need to build our own `data/` folder within docker • README documentation • `tmp_image_process` does not trigger pm2 watch since it watches only `/src` folder. Paragraph in README removed. TODO: ☑︎ tesseract support ☑︎ Deploy to staging - <https://lin.ee/1QUzEX4nI|https://lin.ee/1QUzEX4nI> ☐ automatic build &amp; push in Github Actions with `.env` as secret (<https://docs.docker.com/ci-cd/github-actions/|https://docs.docker.com/ci-cd/github-actions/> , <https://stackoverflow.com/a/59482124|https://stackoverflow.com/a/59482124>) ☐ README for docker image build ☐ Log drain

2021-05-11

bil 15:06:23
2077好好玩judy很可愛
github 23:02:40
:warning: *Action required - upgrade app for g0v* :warning:

2021-05-12

2021-05-13

chihao 09:48:38
cofacts 最近有沒有被謠言回報轟炸 q_q
mrorz 09:53:13


還有更棘手的,看起來像是從各級政府單位 leak 出來的、沒有證實過的確診者足跡。
chihao 09:53:24
哦不 orz
isabelhou 09:53:28
oh no
chihao 09:55:53
`不要學我說話。` cofacts 好好笑哦
mrorz 09:55:59
XDDD
chihao 09:56:08
:heart:
chihao 09:56:18
`確診訊息太極鍵譜`
isabelhou 09:56:21
「真的假的」實在太強了!
chihao 09:56:33
求團長大力推廣(?)
chihao 09:56:52
我剛有在家裡群組推廣!
chihao 09:57:01
`如果看到訊息,不知道是不是真的,也可以傳到「Cofacts 真的假的」這個 LINE 帳號,他們是一群幫忙查證訊息內容的志工,如果是已經有人查證的內容,他們就會把結果回傳,可以多一點資訊參考 :)`
ichieh 12:27:03
我現在是工人真的假的,先讓我爸傳訊息給我,我幫他傳給真的假的,我再回傳給他
chihao 17:23:24
\ @chiehg0v / ++

2021-05-14

github 01:31:49
:warning: *Action required - upgrade app for g0v* :warning:
github 01:31:51

Comment on #220 TypeError: Cannot read property 'split' of undefined

Another instance is reported today by Robin, MyGoPen ``` 刷樂,依必朗,3M漱口水有含那成份Chlorhexidine <https://www.worldjournal.com/wj/story/121471/5394313?fbclid=IwAR1HowY-Wq-5szf51JMVqrkN5tM053M9-qCtEEjj-bSiIXT2JBGH7H9Ea> ``` <https://user-images.githubusercontent.com/108608/118162903-e4de6f00-b453-11eb-974c-b9a473b2ebaf.png|image> <https://user-images.githubusercontent.com/108608/118163066-1e16df00-b454-11eb-9c8f-e239744c91f6.png|image> Its variant will not trigger such error. No fbclid --&gt; OK <https://user-images.githubusercontent.com/108608/118162947-f0319a80-b453-11eb-83c0-56e32ff67f35.png|image> URL only with fbclid --&gt; OK <https://user-images.githubusercontent.com/108608/118162983-fb84c600-b453-11eb-934e-f1538aaa7407.png|image> Text only ---&gt; OK <https://user-images.githubusercontent.com/108608/118163007-05a6c480-b454-11eb-853e-d117c18c6a39.png|image>