cofacts

Month: 2021-08

2021-08-01

林依柔 Zonnie 12:05:45
@zonnie01666 has joined the channel
github2 15:01:55
[cofacts/need-to-check-list-generator] Pull request merged by nonumpa

<https://github.com/cofacts/need-to-check-list-generator/pull/7|#7 Add Xlsx option>

2021-08-02

github2 12:43:12
[cofacts/rumors-line-bot] Comment on #7

<https://github.com/cofacts/rumors-line-bot/issues/7#issuecomment-890709756|Comment on #7 Collect image / video and upload to s3>

Case study from Cofact Thailand *Chatbot side* Code changes: <https://github.com/opendream/rumors-line-bot/commit/22accd49813a36bd6220ecac05e5adcce3c59359|opendream@22accd4> • Uses <https://www.npmjs.com/package/image-hash|image-hash>, which is a perceptual hash • It stores a magic string (`$image__&lt;hash&gt;__&lt;fileData.id&gt;`) to database and also uses `$image__${hash}__${fileData.id}` to search database <https://user-images.githubusercontent.com/108608/127807053-ad3ef781-a167-4ecb-89ea-01f85e35e668.png|image> • For videos it <https://github.com/opendream/rumors-line-bot/commit/22accd49813a36bd6220ecac05e5adcce3c59359#diff-edc34d7ccf60e9b3765367e05768f82bd30e0dbba0628379d44c9b63299d8fa1R82|takes a screenshot at 6th second> and the image as its hash *Website side* • Uses google drive directly to host images &amp; video <https://user-images.githubusercontent.com/108608/127807024-c7906bd8-4974-4a8d-8143-94a2f23633c0.png|image>

Opendream 用了一個很省力的方式,在不改動資料庫的狀況下支援了圖片與影片

他們用的那個 hash ( https://github.com/commonsmachinery/blockhash-js ) 針對 near-duplicate 的效果如何,我覺得可以測測看
mrorz 13:49:32
Opendream 用了一個很省力的方式,在不改動資料庫的狀況下支援了圖片與影片

他們用的那個 hash ( https://github.com/commonsmachinery/blockhash-js ) 針對 near-duplicate 的效果如何,我覺得可以測測看

commonsmachinery/blockhash-js

Image perceptual hash calculation in javascript

🙌 1
Carol 16:31:53
@wu.yen08 has joined the channel
vanillam 17:13:41
@jimkcsung has joined the channel
LU 20:11:40
@hypothesquerelle has joined the channel

2021-08-03

github2 00:36:35
[cofacts/rumors-api] Issue opened by MrOrz

<https://github.com/cofacts/rumors-api/issues/259|#259 iOS 12 devices cannot login cofacts.tw>

No matter which domain they use, iOS 12 users are not able to login Cofacts, regardless of they logged in Cofacts in other devices before. <https://user-images.githubusercontent.com/108608/127894775-d495537e-4c9c-415c-8fc3-460ee8f19940.png|截圖 2021-08-03 上午12 34 35> *Root cause* iOS &lt;=12 has a bug in its webkit core, which will interpret SameSite=None as SameSite=Strict. <https://medium.com/reactfunctioncomponentnote/samesite-%E4%B9%8B%E4%BA%82-f7e1645642bf|https://medium.com/reactfunctioncomponentnote/samesite-%E4%B9%8B%E4%BA%82-f7e1645642bf> When `SameSite=Strict`, browser will <https://blog.heroku.com/chrome-changes-samesite-cookie|not send cookie> even we are redirecting the whole page as long as the source (in this case, the authenticating service like FB, Google, etc) and destination URL (`<http://api.cofacts.tw/callback/*`|api.cofacts.tw/callback/*`>) are not in the same "site" (That is, `*.<http://cofacts.tw|cofacts.tw>`). Therefore, iOS 12 will not send session cookie to `/callback/*` endpoint, and the endpoint <https://github.com/cofacts/rumors-api/blob/master/src/auth.js#L250-L257|cannot proceed without such session keys>. *Proposed changes* Consider the following facts: • All cookies without SameSite flag will be `Lax` by default, which does not send cookie for cross-site "sub-requests" (images, frames) but allows cross-site cookies for navigations. Therefore, the default `SameSite=Lax` does not interfere OAuth login redirect. • In <https://github.com/cofacts/rumors-api/issues/250|#250> we have moved APIs and sites to the same site (`<http://cofacts.tw|cofacts.tw>`) by default. Therefore, Site &lt;&gt; API communication are all same-site requests • iOS &lt;=12 should work on `<http://cofacts.tw|cofacts.tw>` without any SameSite flags (needs test) Therefore we should be able to *drop SameSite flag at once*. • Remove samesite logic • Remove related `COOKIE_SAMESITE_NONE` and HTTPS • For localhost development (`localhost` and staging API are definately cross-site), use `/api` proxy in localhost environment (See Method 2 in <https://github.com/cofacts/rumors-api/issues/186#issuecomment-644612628|#186 (comment)> )

結果 samesite 問題搞了一年多,遇到 iOS 12 還是沒輒。
最終依然不如 `/api` proxy 解呀⋯⋯
mrorz 00:37:35
結果 samesite 問題搞了一年多,遇到 iOS 12 還是沒輒。
最終依然不如 `/api` proxy 解呀⋯⋯
😿 1
fly 21:54:10
https://github.com/WICG/scroll-to-text-fragment 覺得這個標記用來引用網址特定內文滿好用的,但 Cofacts 的網址好像不支援會移掉 `:~:text=` (更正,Cofacts可運作),不知道有沒有機會支援?Chrome目前已將此進入實驗功能,Edge也支援 https://www.xda-developers.com/google-chrome-90-share-highlighted-text-web-pages/

WICG/scroll-to-text-fragment

Proposal to allow specifying a text snippet in a URL fragment

xda-developers

Google Chrome 90 now lets you share highlighted text on web pages

Google Chrome 90 is bringing a neat feature that will let you link people to a specific part on a web page. Read on to know more.

看起來是會 work 但 fragment 會被神秘地移掉(思
https://cofacts.tw/article/20i6gaxxeave3#:~:text=消費卷
對,我剛再試過,可以運作,讚讚。location hash 好像與捲動位置有關,若頁面移動就會移掉,我猜也有可能有倒致此判斷的原因
1 1

2021-08-04

mrorz 00:06:31
看到這個
https://www.facebook.com/VELEMENT1997/posts/876764336272844

覺得 Cofacts 應該要申請個商標(汗
不知道有沒有人有申請商標的經驗呢?網路上有人的意見是自行申請有風險,大部分是透過代理人申請這樣

facebook.com

Log In or Sign Up to View

See posts, photos and more on Facebook.

創業第一站|簡單創

【 商標查詢、檢索】商標保護前最重要的步驟 | 附國際商標查詢

商標查詢檢索是商標註冊的前哨戰,而商標查詢檢索是確保你的商標尚未有人持有。雖商標查詢看似簡單,但許多眉角,如商標識別性的判斷、商標構成混淆、商標如何有效檢索、商標指定商品類別的挑選。要自行申請若侵犯到別人的商標可是吃不完兜著走的啊。

一直在開發系統,但沒有自己申請過 XD
https://aiplux.com/
自己申請容易踩坑,商標局不是那種對新手友善的習慣,程序往返過程如果沒有人協助會容易卡關而花許多冤枉錢
一般都會找專精智財權的事務所幫忙申請,可以省去很多麻煩事
一直有個疑問,如果申請了台灣地區商標,但被人家拿去在其他國家申請,怎麼防止呢?另外,剛才有看過itpo 網站的商標Q&A,申請資格如果是「團體商標」、「團體標章」、「證明標章」,跟自然人、法人或商業體是不一樣的…
是不是要定義cofacts是哪一種類型,才看看該怎樣進行?
我會覺得,如果在國內未來有什麼糾紛的話,作為商標權利人,會有多一份排解問題的空間,但若發生在其他國家就鞭長莫及囉。

然後對於商標要給自然人還是人民團體這個部分,我的理解是商標可以授權給人民團體使用,先申請起來是可以的~
一般是會評估商標可能會在哪些國家使用而預先申請起來,但如果沒有預先申請但發現在其它國家被別人搶註,然後你的品牌已經在該國有點名氣的話,可以跟該國智財法院以商標早已具知名度且比搶註的人申請時間要早為理由,要求該國智財法院將對方搶註的商標撤銷,或改判為你的商標
1
github2 00:19:52
[cofacts/rumors-site] Pull request opened by MrOrz

<https://github.com/cofacts/rumors-site/pull/440|#440 [Trivial] Update URL constants>

Since we are using <http://cofacts.tw|cofacts.tw> as primary URL, we should change the legacy URLs in the codebase to <http://cofacts.tw|cofacts.tw>.

mrorz 12:41:16
今日議程
https://g0v.hackmd.io/Nhc9MnskSsGvUqntz0z7Dg?both

g0v.hackmd.io

20210804 會議記錄 - HackMD

期待 商標申請 的實際推動經驗!我先把討論串 筆記到 坑主小聚的共筆頁面
https://g0v.hackmd.io/bLZZA8HlQcWZyjbgvRS6ig?view#%E5%95%86%E6%A8%99%E7%94%B3%E8%AB%8B

2021-08-05

github2 11:38:03
[cofacts/rumors-site] nonumpa approved MrOrz's pull request

Review on #440 [Trivial] Update URL constants

github2 12:21:57
[cofacts/rumors-site] bil4444 approved MrOrz's pull request

Review on #440 [Trivial] Update URL constants

github2 13:07:24
[cofacts/rumors-site] Pull request merged by MrOrz

<https://github.com/cofacts/rumors-site/pull/440|#440 [Trivial] Update URL constants>

2021-08-08

github2 01:28:01
[cofacts/rumors-line-bot] Pull request opened by MrOrz

<https://github.com/cofacts/rumors-line-bot/pull/276|#276 Improve date string handling &amp; cleanups>

*Features* • Adjust date formatting • `format()` will give "OOO ago" or a fixed date • relative date &amp; fixed date threshold is identical to rumors-site's (48 hours) <https://user-images.githubusercontent.com/108608/128608868-e96667eb-730c-4b43-bd08-b45c7eb5bf55.png|圖片> <https://user-images.githubusercontent.com/108608/128608524-5c783472-7976-41be-bd92-5663dd87a0b5.png|圖片> *Cleanups* • Upgrade ttag to include <https://github.com/ttag-org/ttag-cli/pull/116|ttag-org/ttag-cli#116> • Remove sass-loader, which was added due to svelte-material-ui and should be removed as we no longer uses smui.

:white_check_mark: All checks have passed

github2 01:30:35
[cofacts/rumors-line-bot] Comment on #276

<https://github.com/cofacts/rumors-line-bot/pull/276#issuecomment-894682620|Comment on #276 Improve date string handling &amp; cleanups>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/41979244|Build 1108371032>* • *6* of *6* *(100.0%)* changed or added relevant lines in *1* file are covered. • No unchanged relevant lines lost coverage. • Overall coverage increased (+*0.06%*) to *87.233%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github2 01:39:58
[cofacts/rumors-line-bot] Comment on #277

<https://github.com/cofacts/rumors-line-bot/pull/277#issuecomment-894683748|Comment on #277 Article page>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/41979255|Build 1108381223>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.233%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

mrorz 14:58:12
感覺回應跟出處之外的訊息,我們都可以改用 flex message,這樣大家就不會把這類東西送進來

他送進來麻煩的點在於,因為它付有 Cofacts URL,crawler 會針對文章訊息再次建檔,導致詢問原始訊息時會找到這種訊息
https://cofacts.tw/article/aayr2qaurvsv
或者是不能把 cofacts URL 再次送進資料庫之類的
是recursive
針對這種已經送進來的訊息,我們要刪除 hyperlinks 嗎
不然因為他有 cofacts article hyperlink 所以一直會被找到囧
https://cofacts.tw/article/aayr2qaurvsv
👍 1

2021-08-09

github2 01:32:08
[cofacts/rumors-site] Pull request opened by MrOrz

<https://github.com/cofacts/rumors-site/pull/442|#442 Make ellipsis URLs copyable>

Currently when we copy links from "References" directly, we often copy the URLs with ellipsis in the middle, thus breaks the links. This PR adjusted how ellipsis URLs are rendered so that when user selects the text and press "copy", the full URLs are copied instead. Technically it is replacing `slice` + `...` with rendering the full URL + ellipsis with CSS. *Can select &amp; copy* Notice that the "..." in the URLs are gone when pasted. <https://user-images.githubusercontent.com/108608/128640745-d3f76a95-a7da-4885-acb9-279c6ec70fb3.gif|copy-paste-full-urls> *Works in narrow screens* <https://user-images.githubusercontent.com/108608/128640449-b290451a-3f0e-4b3f-8f0d-0d501f412592.gif|url-shrink>

mrorz 01:52:58
最近寫 Cofacts 回應的時候覺得
• 「搜尋自己的回應」功能實在太重要,但它是壞的cofacts/rumors-site#441 修復「我查核過」搜尋功能,並且改進關鍵字 highlight。
• 我們會針對過長的 URL 做 ellipsis(中間用⋯省略),讓出處等有很長網址的地方的顯示較為簡潔。但是這會讓人無法直接複製貼上出處(會複製到「⋯」所以出處會壞掉),我又超級常複製貼上自己的舊出處的,每次都要用 share > copy 然後刪掉多的字真的很痛苦,還常常漏刪 🤦‍♀️ 。cofacts/rumors-site#442 讓有「⋯」的 URL ,在複製貼上時不受影響,也就是貼上的時候會得到的是完整的 URL。

<https://github.com/cofacts/rumors-site/pull/441|#441 Fix "replied by me" filter and improve search highlighting>

<https://github.com/cofacts/rumors-site/pull/442|#442 Make ellipsis URLs copyable>

🦒 1 🌸 1

2021-08-10

github2 02:26:17
[cofacts/rumors-line-bot] Pull request ready for review by MrOrz

<https://github.com/cofacts/rumors-line-bot/pull/277|#277 Article page>

github2 02:36:37
[cofacts/rumors-line-bot] Comment on #278

<https://github.com/cofacts/rumors-line-bot/pull/278#issuecomment-895448083|Comment on #278 Viewed articles>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42010349|Build 1113928653>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.233%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github2 12:52:06
[cofacts/rumors-line-bot] bil4444 approved MrOrz's pull request

Review on #277 Article page

2021-08-11

github2 02:09:12
[cofacts/rumors-line-bot] Pull request ready for review by MrOrz

<https://github.com/cofacts/rumors-line-bot/pull/278|#278 Revamp viewed articles list>

github2 03:25:55
[cofacts/rumors-fb-bot] Pull request opened by dependabot[bot]

<https://github.com/cofacts/rumors-fb-bot/pull/26|#26 Bump path-parse from 1.0.5 to 1.0.7>

Bumps <https://github.com/jbgutierrez/path-parse|path-parse> from 1.0.5 to 1.0.7. Commits • See full diff in <https://github.com/jbgutierrez/path-parse/commits/v1.0.7|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

github2 08:56:16
[cofacts/rumors-line-bot] bil4444 approved MrOrz's pull request

Review on #278 Revamp viewed articles list

github2 20:33:39
[cofacts/takedowns] Pull request opened by MrOrz

<https://github.com/cofacts/takedowns/pull/16|#16 Create 0811-ads.md>

github2 20:41:57
[cofacts/takedowns] bil4444 approved MrOrz's pull request

Review on #16 Create 0811-ads.md

github2 21:15:51
[cofacts/takedowns] andyy0216 approved MrOrz's pull request

Review on #16 Create 0811-ads.md

github2 22:22:10
[cofacts/takedowns] Pull request merged by MrOrz

<https://github.com/cofacts/takedowns/pull/16|#16 Create 0811-ads.md>

github2 22:28:57
[cofacts/rumors-site] nonumpa approved MrOrz's pull request

Review on #442 Make ellipsis URLs copyable

LGTM!

2021-08-12

犬良 15:48:17
@birthtago has joined the channel

2021-08-13

github2 01:06:38
[cofacts/rumors-site] Pull request merged by MrOrz

<https://github.com/cofacts/rumors-site/pull/442|#442 Make ellipsis URLs copyable>

github2 01:07:47
[cofacts/rumors-site] Pull request opened by dependabot[bot]

<https://github.com/cofacts/rumors-site/pull/443|#443 Bump next from 9.3.2 to 11.1.0>

Bumps <https://github.com/vercel/next.js|next> from 9.3.2 to 11.1.0. Release notes _Sourced from <https://github.com/vercel/next.js/releases|next's releases>._ &gt; *v11.1.0* &gt; &gt; A security team from one of our partners noticed an issue in Next.js that allowed for an open redirect to occur. &gt; &gt; Specially encoded paths could be used when `pages/_error.js` was statically generated allowing an open redirect to occur to an external site. &gt; &gt; In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. &gt; &gt; We recommend upgrading to the latest version of Next.js to improve the overall security of your application. &gt; &gt; *How to Upgrade* &gt; &gt; • We have released patch versions for both the stable and canary channels of Next.js. &gt; • To upgrade run `npm install next@latest --save` &gt; &gt; *Impact* &gt; &gt; • *Affected:* Users of Next.js between 10.0.5 and 10.2.0 &gt; • *Affected:* Users of Next.js between 11.0.0 and 11.0.1 using `pages/_error.js` without `getInitialProps` &gt; • *Affected:* Users of Next.js between 11.0.0 and 11.0.1 using `pages/_error.js` and `next export` &gt; • *Not affected*: Deployments on Vercel (<https://vercel.com|vercel.com>) are not affected &gt; • *Not affected:* Deployments *with* `pages/404.js` &gt; &gt; We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. &gt; &gt; *How to Assess Impact* &gt; &gt; If you think sensitive code or data could have been exposed, you can filter logs of affected sites by `//` (double slash at the start of the url) followed by a domain. &gt; &gt; *What is Being Done* &gt; &gt; As Next.js has grown in popularity and usage by enterprises, it has received the attention of security researchers and auditors. We are thankful to Gabriel Benmergui from Robinhood for their investigation and discovery of the original bug and subsequent responsible disclosure. &gt; &gt; We've landed a patch that ensures path parsing is handled properly for these paths so that the open redirect can no longer occur. &gt; &gt; Regression tests for this attack were added to the <https://github.com/zeit/next.js/blob/canary/test/integration/production/test/security.js|security> integration test suite &gt; &gt; • We have notified known Next.js users in advance of this publication. &gt; • A public CVE was released. &gt; • We encourage responsible disclosure of future reports. Please email us at `<mailto:security@vercel.com|security@vercel.com>`. We are actively monitoring this mailbox. &gt; &gt; * * * &gt; &gt; *Release notes* &gt; *Core Changes* &gt; &gt; • Don't test image domains in test env: <https://github-redirect.dependabot.com/vercel/next.js/issues/26502|#26502> &gt; • Fix props not updating when changing the locale and keeping hash: <https://github-redirect.dependabot.com/vercel/next.js/issues/26205|#26205> &gt; • Allow user to override next-image-loader: <https://github-redirect.dependabot.com/vercel/next.js/issues/26548|#26548> &gt; • Add logging when a custom babelrc is loaded: <https://github-redirect.dependabot.com/vercel/next.js/issues/26570|#26570> ... (truncated) Commits • <https://github.com/vercel/next.js/commit/ce4adfc02d3532e2c62ed8088660df1655e66278|`ce4adfc`> v11.1.0 • <https://github.com/vercel/next.js/commit/092a476feb0d479d5a1d078e2e1f78ef93f092c2|`092a476`> v11.0.2-canary.31 • <https://github.com/vercel/next.js/commit/ebb6a303700df09b83ebe49f23b7641c9573377c|`ebb6a30`> Revert "Add warning during `next build` when sharp is missing (<https://github-redirect.dependabot.com/vercel/next.js/issues/27933|#27933>)" • <https://github.com/vercel/next.js/commit/52486ceccf59ca05f2f9d3ee428813cddaa85654|`52486ce`> v11.0.2-canary.30 • <https://github.com/vercel/next.js/commit/8ac3254d25725ccc171c6879f7dfc649cdb946bd|`8ac3254`> Revert "Next swc publish flow (<https://github-redirect.dependabot.com/vercel/next.js/issues/27932|#27932>)" • <https://github.com/vercel/next.js/commit/6014b6e0f82bd29b57e148bf0e6f404784297d27|`6014b6e`> v11.0.2-canary.29 • <https://github.com/vercel/next.js/commit/4cd45aabcffc5adeb339703bb8c14e3069ba3de8|`4cd45aa`> Add rootDir setting to eslint-plugin-next (<https://github-redirect.dependabot.com/vercel/next.js/issues/27918|#27918>) • <https://github.com/vercel/next.js/commit/e61ea6f27b7bf34b00ffd3f59f2326b3bbbdfa48|`e61ea6f`> Add manifest check step and add missing items (<https://github-redirect.dependabot.com/vercel/next.js/issues/27934|#27934>) • <https://github.com/vercel/next.js/commit/94fc6f0832a81ab68b393a8d45f42493429d04ee|`94fc6f0`> Next swc publish flow (<https://github-redirect.dependabot.com/vercel/next.js/issues/27932|#27932>) • <https://github.com/vercel/next.js/commit/51a2a028ddcc321aac4744b777df2b4e96511b83|`51a2a02`> Add warning during `next build` when sharp is missing (<https://github-redirect.dependabot.com/vercel/next.js/issues/27933|#27933>) • Additional commits viewable in <https://github.com/vercel/next.js/compare/v9.3.2...v11.1.0|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.

mrorz 01:11:55
原來 dockerhub auto build 關了
line bot 都用 github build 所以沒注意到囧
https://www.docker.com/blog/changes-to-docker-hub-autobuilds/

Docker Blog

Changes to Docker Hub Autobuilds - Docker Blog

Learn from Docker experts to simplify and advance your app development and management with Docker. Stay up to date on Docker events and new version announcements!

github2 01:41:57
[cofacts/rumors-line-bot] Pull request merged by MrOrz

<https://github.com/cofacts/rumors-line-bot/pull/277|#277 Article page>

github2 01:42:21
[cofacts/rumors-line-bot] Pull request merged by MrOrz

<https://github.com/cofacts/rumors-line-bot/pull/278|#278 Revamp viewed articles list>

mrorz 02:04:33
週會測過的功能都 release 囉
好像該來發久違的功能介紹貼文了⋯⋯
🦒 1

2021-08-15

mrorz 17:00:32
我發現原來 cloudflare 只要有指定 `Link: </css/style.css>; rel=preload;`
cloudflare 自動升級 HTTP2 的同時還會做 HTTP2 push

https://www.cloudflare.com/zh-tw/website-optimization/http2/serverpush/

這樣瀏覽器在拿到一開始的 html response 的時候,就同時會收到這些 asset 的 http2 push
省去瀏覽器 parse + 發 request 去拿 asset 的一個 RTT
感覺值得一試

Cloudflare

HTTP/2 Server Push Service | Cloudflare

Server Push is a feature of HTTP/2 that allows a server or edge network to send resources back to a web browser even though it didn’t ask for them.

github2 22:02:59
[cofacts/rumors-api] Pull request opened by MrOrz

<https://github.com/cofacts/rumors-api/pull/261|#261 GitHub actions>

Since both <http://travis.org|travis.org> &amp; docker hub has stopped free builds, we are migrating CI &amp; build to github actions instead.

:white_check_mark: All checks have passed

github2 22:10:42
[cofacts/rumors-api] Comment on #261

<https://github.com/cofacts/rumors-api/pull/261#issuecomment-899056788|Comment on #261 GitHub actions>

<https://coveralls.io/builds/42154042|Coverage Status> Coverage decreased (-0.05%) to 86.147% when pulling *<https://github.com/cofacts/rumors-api/commit/b472b8a6f0b3f1638536beb9c759497b2291bd96|b472b8a> on github-actions* into *<https://github.com/cofacts/rumors-api/commit/c71eddb5656699e12fb27e4ff26aa6e8a0d485cd|c71eddb> on master*.

github2 22:48:08
[cofacts/rumors-api] Pull request merged by MrOrz

<https://github.com/cofacts/rumors-api/pull/261|#261 GitHub actions>

github2 23:06:23
[cofacts/rumors-site] Pull request opened by MrOrz

<https://github.com/cofacts/rumors-site/pull/444|#444 Add github workflow>

Since both <http://travis.org|travis.org> &amp; docker hub has stopped free builds, we are migrating CI &amp; build to github actions instead.

:white_check_mark: 2 other checks have passed

2021-08-16

github2 00:43:19
[cofacts/rumors-api] Comment on #260

<https://github.com/cofacts/rumors-api/pull/260#issuecomment-899079681|Comment on #260 Renders open peep into data-url>

<https://coveralls.io/builds/42154787|Coverage Status> Coverage increased (+0.1%) to 86.17% when pulling *<https://github.com/cofacts/rumors-api/commit/1c2d46e5ed82de86b8e500d835187209aa23a85b|1c2d46e> on openpeeps* into *<https://github.com/cofacts/rumors-api/commit/5e1fbd126ffc46a0f6b0e54009599b6321e81ab7|5e1fbd1> on master*.

mrorz 16:56:11
針對這種已經送進來的訊息,我們要刪除 hyperlinks 嗎
不然因為他有 cofacts article hyperlink 所以一直會被找到囧
https://cofacts.tw/article/aayr2qaurvsv
bil 23:15:50
刪除唷~

2021-08-18

EvaTT 16:40:53
@evatseng9310 has joined the channel
github2 20:17:20
[cofacts/rumors-api] Comment on #259

<https://github.com/cofacts/rumors-api/issues/259#issuecomment-901064880|Comment on #259 iOS 12 devices cannot login cofacts.tw>

Conclusion: According to <https://g0v.hackmd.io/Nhc9MnskSsGvUqntz0z7Dg#iOS12-%E7%99%BB%E5%85%A5%E5%95%8F%E9%A1%8C|0804 discussion> We will detect iOS &lt;= 12 with `user-agent` header and do not set same-site flag if iOS &lt;= 12 is detected.

github2 21:59:24
[cofacts/takedowns] Pull request opened by MrOrz

<https://github.com/cofacts/takedowns/pull/17|#17 Merge pull request #16 from cofacts/20210811-ads>

Create 0811-ads.md

github2 22:33:55
[cofacts/takedowns] bil4444 approved MrOrz's pull request

Review on #17 Merge pull request #16 from cofacts/20210811-ads

github2 22:40:30
[cofacts/takedowns] LucienLee approved MrOrz's pull request

Review on #17 Merge pull request #16 from cofacts/20210811-ads

2021-08-19

github2 19:51:47

<https://github.com/cofacts/takedowns/pull/17|#17 Merge pull request #16 from cofacts/20210811-ads>

我不知道按到什麼我是誰我在哪 QQ
XDDDD
按到 merge 惹 XDD
沒關係本來就會要 merge 無誤
只是我晚點才會執行

2021-08-21

github2 14:56:59

<https://github.com/cofacts/rumors-line-bot/issues/213#issuecomment-903071275|Comment on #213 Improve wording in reason feedback dialog>

也許可以試試看這個? 中文版: 可以說明一下為什麼對您有幫助呢? 什麼都可以喔! 您的回應將幫助CoFacts做出更對大家更有幫助的聊天機器人! 英文版: Care to tell us why you upvoted it? Anything is highly appreciated! Your comments here help CoFacts chatbot grow smarter and more helpful.

github2 15:07:16

<https://github.com/cofacts/rumors-line-bot/issues/213#issuecomment-903072552|Comment on #213 Improve wording in reason feedback dialog>

感謝 <https://github.com/husohome|@husohome> 的提案~~ 目前這個頁面長這樣,外觀拉過皮但文字一樣:<https://www.figma.com/file/DvmAQjMJCncuPORWKnljM1/Cofacts-LIFF?node-id=3042%3A2|https://www.figma.com/file/DvmAQjMJCncuPORWKnljM1/Cofacts-LIFF?node-id=3042%3A2> <https://user-images.githubusercontent.com/108608/130313748-9207950c-d192-4da2-ae43-0e4ea5726e10.png|圖片> 似乎可以把提問(textarea 外粗體)的部分填入「可以說明一下為什麼對您有幫助呢?」 然後「什麼都可以喔!⋯⋯!」引導的部分放在 textarea 裡面作為 placholder。 好像可以在引導文字裡面提醒使用者,他寫的話會被背後的志工編輯看到,也可以鼓勵使用者謝謝他?這樣志工編輯看到應該會很開心 :smiley:

🦒 2 🌸 1
github2 15:10:08

<https://github.com/cofacts/rumors-line-bot/issues/213#issuecomment-903072858|Comment on #213 Improve wording in reason feedback dialog>

另一個我有想過的,比較懶人但可以解決使用者填「沒有」的作法是 在引導文字後面加上 `(選填)` 但或許這樣大家就不填了 XDD

github2 16:11:35

<https://github.com/cofacts/rumors-line-bot/issues/213#issuecomment-903080125|Comment on #213 Improve wording in reason feedback dialog>

還是有一些罐頭選項?像ubereats那樣,如果你幫外送員按讚,畫面就會出現五個選項 準時送達、送得很細心等等 也許可以讓使用者按一些罐頭選項 然後textarea的內容就會 += 選項內容 可是這些罐頭選項本身可能也是要蒐集夠多回應之後才能整理出來 T_T

2021-08-22

github2 13:02:26

<https://github.com/cofacts/rumors-line-bot/issues/213#issuecomment-903213995|Comment on #213 Improve wording in reason feedback dialog>

<https://g0v.hackmd.io/LpBtA5-CT-m0XmlqpsdWEQ#Case-study-Twitter-birdwatch|Twitter birdwatch> 也有選項可以選 按下去可以加字的樣板選項聽起來很不錯!

2021-08-23

Hank Liao 15:44:59
@hankliao87 has joined the channel
LB learner 17:46:51
@linguinbio has joined the channel

2021-08-25

github2 13:51:06

<https://github.com/cofacts/rumors-site/pull/445#issuecomment-905203457|Comment on #445 Unify all occurrences of "Reference" to depend on reply type>

<https://coveralls.io/builds/42393137|Coverage Status> Coverage increased (+0.02%) to 75.261% when pulling *<https://github.com/cofacts/rumors-site/commit/6064b1aa980ccd2e722a864ef0d935571fe846d2|6064b1a> on unify-reply-type-title* into *<https://github.com/cofacts/rumors-site/commit/07c6a23710aab7d4f0e2fdd7f9770189d2096d78|07c6a23> on master*.

github2 15:03:54

<https://github.com/cofacts/rumors-line-bot/pull/280|#280 Move functions to sharedUtil and add icons>

• move `createTypeWords` to under `lib/sharedUtils` so that LIFF can also use it • add reply type icons, which supports strokes around the icon *Icons* <https://user-images.githubusercontent.com/108608/130742347-c16a4b9d-8f09-4b3a-a4b6-ece68e6231a7.gif|borderwidths> <https://user-images.githubusercontent.com/108608/130742413-3853131a-68e4-402b-b1f5-4e750df4845d.png|image>

:white_check_mark: All checks have passed

github2 15:06:43

<https://github.com/cofacts/rumors-line-bot/pull/280#issuecomment-905240365|Comment on #280 Move functions to sharedUtil and add icons>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42394344|Build 1165524546>* • *6* of *6* *(100.0%)* changed or added relevant lines in *1* file are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.233%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github2 15:10:42

<https://github.com/cofacts/rumors-line-bot/pull/279#issuecomment-905242772|Comment on #279 Article replies>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42394432|Build 1165538318>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.233%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

2021-08-26

github2 01:45:03

<https://github.com/cofacts/rumors-line-bot/issues/7#issuecomment-905743889|Comment on #7 Collect image / video and upload to s3>

Design doc &amp; alternatives in different perspective <https://g0v.hackmd.io/aJqHn8f5QGuBDLSMH_EinA|https://g0v.hackmd.io/aJqHn8f5QGuBDLSMH_EinA>

2021-08-28

nonumpa 13:59:11
發現一則在同一個訊息下面重複引用別人回應的回應,雖然看起來高機率是誤用,但可能也要考慮之後會不會有人故意用這種方式洗 credit
https://cofacts.tw/article/3v74tlg49nudw
👀 1
chewei 20:50:09
#facing-the-ocean 的線上聚會,會議中聽到分享
由 Parti 建置的 https://factchecker.or.kr/

팩트체크넷

전 국민이 함께하는 팩트체크

전문가와 시민이 협업하여 객관적이고 중립적인 검증 정보를 제공합니다

🦒 3

2021-08-29

chihao 09:58:17
雖然是昨天的 FtO chat 才決定的,不過 FtO organizers 接下來要開始 organize(XD)年底一次 online meet & hack,希望 fact-checking 是其中一個主題 😄
@bil @mrorz @lucien @ggm 12/18 可以請大家預留時間,邀請cofacts的大家來參與嗎?日韓朋友很想了解cofacts專案,也許會有fork的可能性?
我這裡 OK 唷
另外這裡有日文版 Cofacts 介面 https://ja.cofacts.tw/
12/18 好遠啊 😂😂 我先記下來
感謝 @isabelhou 介紹
可以唷
歡迎大家加入 #facing-the-ocean 頻道!小提醒:頻道跟 code for japan / code for korea 是聯通的哦
btw 12/18 要公投ㄛ
(尚無移轉投票,所以有些人可能要返鄉)
有,小聚的時候有提到,但還是通過了(?)
線上,所以應該還好(?)
就是台灣人可能無法從頭參加到尾。中間還是要去投票
就算不當天搭車返鄉投票
11點開始,可以先去投?這次設定時間比較短(還是要長一點也可以)
公投與大選分開的好處就是
對於不用通勤的人來說
投票應該會很快 XD
10/23大松前兩天節目組開會,56歲日本組頭好奇這次因為與大選分開,公投投票率是否會下降超過10%?
當下回他說:我對台灣人的民主有信心!
糟糕我覺得會下降超過10%
我會覺得跟大選比有點不公平 XD
https://zh.wikipedia.org/wiki/%E8%87%BA%E4%B8%AD%E5%B8%82%E7%AC%AC%E4%BA%8C%E9%81%B8%E8%88%89%E5%8D%80_(%E7%AB%8B%E6%B3%95%E5%A7%94%E5%93%A1)#%[…]89

中二選區第十屆立委選舉投票率 77.2%
罷免投票率 51.7%
我覺得差超過 10% 應該是滿可能的啦 XD”
但四個公投一起的話,達到成案門檻應該也不難
2 1

2021-08-30

mr.changyuheng 14:24:54
@mr.changyuheng has joined the channel
github2 22:44:00

<https://github.com/cofacts/rumors-line-bot/pull/281|#281 Turn URLs in reference section into hyperlinks>

• Implement `linkify()` and its unit test • Apply `linkify()` reference section • All links should open in new tab *Storybook* <https://user-images.githubusercontent.com/108608/131356823-a701a0ab-4ccd-451c-8b3c-e9eac1fa2ab5.png|image> *Actual look* <https://user-images.githubusercontent.com/108608/131357477-54837c13-9888-427d-9fef-e35c31c11a96.png|image>

:white_check_mark: All checks have passed

2021-08-31

github2 14:19:51

<https://github.com/cofacts/rumors-line-bot/pull/283|#283 Refactor: FeedbackForm use vote (enum) instead of deprecated score (1 | -1)>

Refactor LIFF's `FeedbackForm` to use `vote` (`UPVOTE` | `DOWNVOTE` | null) instead of `score` (1 | -1), because `score` is actually a deprecated field of `ArticleReplyFeedback` in <https://dev-api.cofacts.tw/|Cofacts API>. There should be no visual change in this PR, and existing functionality should not break.

:white_check_mark: All checks have passed

github2 21:50:23