cofacts

Month: 2021-09

2021-09-01

mrorz 02:13:22
LIFF 的 cache 似乎可能可以透過 cache-control 解決 https://developers.line.biz/en/docs/liff/overview/#liff-browser-cache

Asset 可以 cache 沒問題,但至少 html 不該 cache 呢

developers.line.biz

LINE Front-end Framework

LINE Front-end Framework (LIFF) is a platform provided by LINE.

昨天討論到拿掉 server-side 的 maxage 這件事情
現在 staging 上線的是拿掉 maxage 後的東西,現在看到的 cache-control 是 cloudflare 的瀏覽器快取 TTL

不過我發現如果 server-side 沒給 cache-control,cloudflare 本身似乎就完全懶得 cache,無論怎麼 refresh, cf-cache-status 都是 expired XDDD
似乎還是要設個 cache-control 不然 cloudflare 真的不會 cache⋯⋯
https://developers.cloudflare.com/cache/about/default-cache-behavior
github2 04:36:41

<https://github.com/cofacts/rumors-line-bot/pull/282#issuecomment-909615688|Comment on #282 Article LIFF with feedback submission>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42532060|Build 1185001360>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github2 04:39:24

<https://github.com/cofacts/rumors-line-bot/pull/283#issuecomment-909617614|Comment on #283 Refactor: FeedbackForm use vote (enum) instead of deprecated score (1 | -1)>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42532117|Build 1185007548>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

Andy Lin 11:02:55
@a021848 has joined the channel
mrorz 13:50:44
今日議程
https://g0v.hackmd.io/E1-ajzinSwCyacGG228VsQ

article LIFF 主要功能開發得差不多了,所以今天會在 staging 測一下 article LIFF 的作用
會畫定哪些是 GA (general availability) 前應該要實作完的東西、哪些不是
也會討論 9 月小聚~

g0v.hackmd.io

20210901 會議記錄 - HackMD

2

2021-09-02

github2 01:56:51

<https://github.com/cofacts/rumors-line-bot/pull/284|#284 Remove LIFF max-age header>

As discussed in <https://g0v.hackmd.io/E1-ajzinSwCyacGG228VsQ#LIFF-HTML-%E8%A2%AB-cache-%E4%BD%8F%E7%9A%84%E5%95%8F%E9%A1%8C|https://g0v.hackmd.io/E1-ajzinSwCyacGG228VsQ#LIFF-HTML-%E8%A2%AB-cache-%E4%BD%8F%E7%9A%84%E5%95%8F%E9%A1%8C> We should not cache LIFF HTML. Therefore, we delete maxage and just use Cloudflare to cache.

:white_check_mark: All checks have passed

github2 01:59:47

<https://github.com/cofacts/rumors-line-bot/pull/284#issuecomment-910522252|Comment on #284 Remove LIFF max-age header>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42587894|Build 1191247797>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

mrorz 09:16:36
發現有一則空的回應
https://cofacts.tw/reply/UkJBtHoBgBgcuemX5aeB

他會導致 chatbot 講不出話:
https://rollbar.com/mrorz/rumors-line-bot/items/364/occurrences/180647301074/

Error:
> result.details [{“message”: “must be non-empty text”, “property”: “/contents/1/body/contents/0/text”}]
> result.message A message (messages[2]) in the request body is invalid
`message[2]` 長這樣:
```{"type":"flex","altText":"請從下列選擇您要查看的回應。","contents":{"type":"carousel","contents":[{"type":"bubble","direction":"ltr","header":{"type":"box","layout":"horizontal","spacing":"md","paddingBottom":"none","contents":[{"type":"text","text":"💬","flex":0},{"type":"text","text":"有人認為它含有不實訊息","gravity":"center","size":"sm","weight":"bold","wrap":true,"color":"#AAAAAA"}]},"body":{"type":"box","layout":"vertical","contents":[{"type":"text","text":"假的。 \n2019年起的相關規定如下:\n1、紅燈右轉: 機車和小型車罰 600元、大型車罰1400元。\n2、闖紅燈: 機車罰1800元、小型車罰2700元、大型車罰3600元。","align":"start","wrap":true,"margin":"md","maxLines":10},{"type":"filler"},{"type":"separator","margin":"md"},{"type":"box","layout":"horizontal","contents":[{"type":"text","text":"👍 有 1296 人覺得此回應有幫助\n😕 有 14 人覺得此回應沒幫助","size":"xs","wrap":true}],"margin":"md","spacing":"none"}]},"footer":{"type":"box","layout":"vertical","contents":[{"type":"button","action":{"type":"postback","label":"👀 看他怎麼說","displayText":"我要選「假的。 \n2019年起的相關規定如下:\n1、紅⋯⋯」","data":"{\"input\":\"CkyiZ24BV0DITCqGleU_\",\"sessionId\":1630504342376,\"state\":\"CHOOSING_REPLY\"}"},"style":"primary","color":"#ffb600"}]}},{"type":"bubble","direction":"ltr","header":{"type":"box","layout":"horizontal","spacing":"md","paddingBottom":"none","contents":[{"type":"text","text":"💬","flex":0},{"type":"text","text":"有人認為它不在查證範圍","gravity":"center","size":"sm","weight":"bold","wrap":true,"color":"#AAAAAA"}]},"body":{"type":"box","layout":"vertical","contents":[{"type":"text","text":"","align":"start","wrap":true,"margin":"md","maxLines":10},{"type":"filler"},{"type":"separator","margin":"md"},{"type":"box","layout":"horizontal","contents":[{"type":"text","text":"還沒有人針對此回應評價","size":"xs","wrap":true}],"margin":"md","spacing":"none"}]},"footer":{"type":"box","layout":"vertical","contents":[{"type":"button","action":{"type":"postback","label":"👀 看他怎麼說","displayText":"我要選「」","data":"{\"input\":\"UkJBtHoBgBgcuemX5aeB\",\"sessionId\":1630504342376,\"state\":\"CHOOSING_REPLY\"}"},"style":"primary","color":"#ffb600"}]}}]}}```
😮 1
github2 09:16:46

<https://github.com/cofacts/rumors-line-bot/issues/285|#285 Empty reply will break chatbot>

View details in Rollbar: <https://rollbar.com/mrorz/rumors-line-bot/items/364/|https://rollbar.com/mrorz/rumors-line-bot/items/364/> ``` [LINE Client] 400: A message (messages[2]) in the request body is invalid. ``` `messages[2]`: ``` {"type":"flex","altText":"請從下列選擇您要查看的回應。","contents":{"type":"carousel","contents":[{"type":"bubble","direction":"ltr","header":{"type":"box","layout":"horizontal","spacing":"md","paddingBottom":"none","contents":[{"type":"text","text":"💬","flex":0},{"type":"text","text":"有人認為它含有不實訊息","gravity":"center","size":"sm","weight":"bold","wrap":true,"color":"#AAAAAA"}]},"body":{"type":"box","layout":"vertical","contents":[{"type":"text","text":"假的。 \n2019年起的相關規定如下:\n1、紅燈右轉: 機車和小型車罰 600元、大型車罰1400元。\n2、闖紅燈: 機車罰1800元、小型車罰2700元、大型車罰3600元。","align":"start","wrap":true,"margin":"md","maxLines":10},{"type":"filler"},{"type":"separator","margin":"md"},{"type":"box","layout":"horizontal","contents":[{"type":"text","text":"👍 有 1296 人覺得此回應有幫助\n😕 有 14 人覺得此回應沒幫助","size":"xs","wrap":true}],"margin":"md","spacing":"none"}]},"footer":{"type":"box","layout":"vertical","contents":[{"type":"button","action":{"type":"postback","label":"👀 看他怎麼說","displayText":"我要選「假的。 \n2019年起的相關規定如下:\n1、紅⋯⋯」","data":"{\"input\":\"CkyiZ24BV0DITCqGleU_\",\"sessionId\":1630504342376,\"state\":\"CHOOSING_REPLY\"}"},"style":"primary","color":"#ffb600"}]}},{"type":"bubble","direction":"ltr","header":{"type":"box","layout":"horizontal","spacing":"md","paddingBottom":"none","contents":[{"type":"text","text":"💬","flex":0},{"type":"text","text":"有人認為它不在查證範圍","gravity":"center","size":"sm","weight":"bold","wrap":true,"color":"#AAAAAA"}]},"body":{"type":"box","layout":"vertical","contents":[{"type":"text","text":"","align":"start","wrap":true,"margin":"md","maxLines":10},{"type":"filler"},{"type":"separator","margin":"md"},{"type":"box","layout":"horizontal","contents":[{"type":"text","text":"還沒有人針對此回應評價","size":"xs","wrap":true}],"margin":"md","spacing":"none"}]},"footer":{"type":"box","layout":"vertical","contents":[{"type":"button","action":{"type":"postback","label":"👀 看他怎麼說","displayText":"我要選「」","data":"{\"input\":\"UkJBtHoBgBgcuemX5aeB\",\"sessionId\":123,\"state\":\"CHOOSING_REPLY\"}"},"style":"primary","color":"#ffb600"}]}}]}} ``` The reply: <https://cofacts.tw/reply/UkJBtHoBgBgcuemX5aeB|https://cofacts.tw/reply/UkJBtHoBgBgcuemX5aeB> Occurrences: <https://user-images.githubusercontent.com/108608/131766155-2d7fe6a1-7740-4ecc-b684-013ae87eabbe.png|image>

mrorz 10:27:46
好像可以刪掉再說? XD
mrorz 10:28:15
但使用者條款裡面好像沒寫說我們可以刪這種回應,可能要去社團問問
github2 14:03:54

<https://github.com/cofacts/rumors-line-bot/pull/286|#286 Set cache-control for assets>

As discussed in <https://g0v-tw.slack.com/archives/C2PPMRQGP/p1630552367020400?thread_ts=1630433602.014900&amp;cid=C2PPMRQGP|slack>, after we remove max-age in <https://github.com/cofacts/rumors-line-bot/pull/284|#284>, cloudflare never caches our asset files. This is because • koa-send (used by koa-static-server we are currently using) sets `max-age` to 0 if we do not specify any max-age: <https://github.com/koajs/send/blob/master/index.js#L60|https://github.com/koajs/send/blob/master/index.js#L60> • <https://developers.cloudflare.com/cache/about/default-cache-behavior|Default cache behavior of cloudflare> will respect max-age: 0 when it is given In this PR we override `Cache-Control` using <https://github.com/koajs/send#setheaders|`setHeaders` option> so that whenever koa-send serves a file that is not `index.html`, we attach a 1-year long max-age in the response header. *HTML* <https://user-images.githubusercontent.com/108608/131790478-2615c1cb-26ba-423a-8726-3cd7c6cb1b68.png|image> *Assets that is not HTML* <https://user-images.githubusercontent.com/108608/131790707-a8bdbff2-9aad-46eb-9fe0-39962e74d383.png|image>

:white_check_mark: 1 other check has passed

github2 15:12:13

<https://github.com/cofacts/rumors-line-bot/pull/286#issuecomment-911297102|Comment on #286 Set cache-control for assets>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42602700|Build 1193026137>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

2021-09-03

github2 06:48:25

<https://github.com/cofacts/rumors-site/pull/446|#446 Bump immer from 8.0.1 to 9.0.6>

Bumps <https://github.com/immerjs/immer|immer> from 8.0.1 to 9.0.6. Release notes _Sourced from <https://github.com/immerjs/immer/releases|immer's releases>._ &gt; *v9.0.6* &gt; *<https://github.com/immerjs/immer/compare/v9.0.5...v9.0.6|9.0.6> (2021-08-31)* &gt; *Bug Fixes* &gt; &gt; • *security:* Follow up on <https://github.com/advisories/GHSA-9qmh-276g-x5pj|CVE-2020-28477> where `path: [["__proto__"], "x"]` could still pollute the prototype (<https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237|fa671e5>) &gt; &gt; *v9.0.5* &gt; *<https://github.com/immerjs/immer/compare/v9.0.4...v9.0.5|9.0.5> (2021-07-05)* &gt; *Bug Fixes* &gt; &gt; • release missing dist/ folder (<https://github.com/immerjs/immer/commit/bfb8decc92ded85d035da4b0c70dd642bb25e451|bfb8dec>) &gt; &gt; *v9.0.4* &gt; *<https://github.com/immerjs/immer/compare/v9.0.3...v9.0.4|9.0.4> (2021-07-05)* &gt; *Bug Fixes* &gt; &gt; • <https://github-redirect.dependabot.com/immerjs/immer/issues/791|#791> return 'nothing' should produce undefined patch (<https://github.com/immerjs/immer/commit/5412c9f770663d0f19fe9bdaeabfa05ff3127cc9|5412c9f>) &gt; • <https://github-redirect.dependabot.com/immerjs/immer/issues/807|#807> new undefined properties should end up in result object (<https://github.com/immerjs/immer/commit/dc3f66cdea53fd5a8c814924bfafa9f6b53c9c62|dc3f66c>) &gt; • Better applyPatches type (<https://github-redirect.dependabot.com/immerjs/immer/issues/810|#810>) (<https://github.com/immerjs/immer/commit/09ac097513714130e08ff18bc7496c4fd04f6531|09ac097>), closes <https://github-redirect.dependabot.com/immerjs/immer/issues/809|#809> &gt; &gt; *v9.0.3* &gt; *<https://github.com/immerjs/immer/compare/v9.0.2...v9.0.3|9.0.3> (2021-06-09)* &gt; *Bug Fixes* &gt; &gt; • isPlainObject: add quick comparison between input and `Object` to short-circuit taxing `Function.toString` invocations (<https://github-redirect.dependabot.com/immerjs/immer/issues/805|#805>) (<https://github.com/immerjs/immer/commit/07575f38f49babcc6014dc898e77d39e4a9347b1|07575f3>) &gt; &gt; *v9.0.2* &gt; *<https://github.com/immerjs/immer/compare/v9.0.1...v9.0.2|9.0.2> (2021-04-25)* &gt; *Bug Fixes* &gt; &gt; • <https://github-redirect.dependabot.com/immerjs/immer/issues/785|#785> fix type inference for produce incorrectly inferring promise (<https://github-redirect.dependabot.com/immerjs/immer/issues/786|#786>) (<https://github.com/immerjs/immer/commit/6555173838f575d48a3fcb825c5a7d1953573a11|6555173>) &gt; &gt; *v9.0.1* &gt; *<https://github.com/immerjs/immer/compare/v9.0.0...v9.0.1|9.0.1> (2021-03-20)* &gt; *Bug Fixes* &gt; &gt; • <https://github-redirect.dependabot.com/immerjs/immer/issues/768|#768> `immerable` field being lost during patch value cloning (<https://github-redirect.dependabot.com/immerjs/immer/issues/771|#771>) (<https://github.com/immerjs/immer/commit/e0b7c01c4ce039b7a68b5cb3cd97a7242962b7ab|e0b7c01>) ... (truncated) Commits • <https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237|`fa671e5`> fix(security): Follow up on <https://github.com/advisories/GHSA-9qmh-276g-x5pj|CVE-2020-28477> where `path: [["__proto__"], "x"]`... • <https://github.com/immerjs/immer/commit/2e0aa95b5002dd235ac51a1e2d6ae4fc65361dbc|`2e0aa95`> Create SECURITY.md • <https://github.com/immerjs/immer/commit/050522dea1d0b3810e1896d8f01c79ce89e4186c|`050522d`> chore: fix CI. maybe. • <https://github.com/immerjs/immer/commit/11955103ee6d63adc819438d76ac8a8585e1c44e|`1195510`> docs: Update example-setstate.mdx (<https://github-redirect.dependabot.com/immerjs/immer/issues/833|#833>) • <https://github.com/immerjs/immer/commit/648d39bc72426d1772633acd48909b953d474672|`648d39b`> docs: fixing link to RFC-6902 &amp; fixing typo (<https://github-redirect.dependabot.com/immerjs/immer/issues/830|#830>) • <https://github.com/immerjs/immer/commit/bc890f751bae6a26bd0eb61022cfea45517bc52a|`bc890f7`> docs: Update example-setstate.mdx (<https://github-redirect.dependabot.com/immerjs/immer/issues/829|#829>) • <https://github.com/immerjs/immer/commit/16a3d0f36ceefeed7f4e7db8b4341b1d21f52636|`16a3d0f`> chore(deps): bump prismjs from 1.23.0 to 1.24.0 in /website (<https://github-redirect.dependabot.com/immerjs/immer/issues/822|#822>) • <https://github.com/immerjs/immer/commit/847492c42043c38674642413a69a4a6fdfe648e7|`847492c`> docs: Extended / updated documenation (<https://github-redirect.dependabot.com/immerjs/immer/issues/824|#824>) • <https://github.com/immerjs/immer/commit/7f414838a7aa84bd55f03d31afb0ee85c6cae2f5|`7f41483`> chore: [workflows] don't release from forks • <https://github.com/immerjs/immer/commit/3f9a94e9e7502001ceda15614dabf423e98c7091|`3f9a94e`> chore: let's test before publish • Additional commits viewable in <https://github.com/immerjs/immer/compare/v8.0.1...v9.0.6|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.

:white_check_mark: All checks have passed

github2 06:51:33

<https://github.com/cofacts/rumors-site/pull/446#issuecomment-912113143|Comment on #446 Bump immer from 8.0.1 to 9.0.6>

<https://coveralls.io/builds/42626646|Coverage Status> Coverage remained the same at 75.261% when pulling *<https://github.com/cofacts/rumors-site/commit/126fc50a81835c261680cc7031429377a286575d|126fc50> on dependabot/npm_and_yarn/immer-9.0.6* into *<https://github.com/cofacts/rumors-site/commit/712af7c7126683d89ea6b4498ba8be0011382779|712af7c> on master*.

2021-09-04

mrorz 19:26:46
https://www.wired.com/story/could-wisdom-of-crowds-help-fix-social-media-trust-problem/

Wired

Can the Wisdom of Crowds Help Fix Social Media’s Trust Issue?

A new study finds that small groups of laypeople can match or surpass the work of professional fact checkers—and they can do it at scale.

2021-09-05

mrorz 23:16:24
我根據上次測試 feedback 調整區段標題翻譯
另外加上 header 讓 Cofacts logo 露出,在 header 右邊加上往 Cofacts chatbot (LIFF URL scheme) 或網站的連結
想問這樣的大家覺得如何
https://www.figma.com/proto/DvmAQjMJCncuPORWKnljM1/Cofacts-LIFF?page-id=3004%3A224&[…]le-down&starting-point-node-id=3614%3A298&show-proto-sidebar=1

2021-09-06

github2 01:07:38

<https://github.com/cofacts/rumors-line-bot/pull/287#issuecomment-913191843|Comment on #287 Translation>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42662507|Build 1203508341>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

github2 13:56:56

<https://github.com/cofacts/rumors-line-bot/pull/288|#288 Send article content as title when submitting LIFF events>

Adds article content as document title in the following GA events (`Event category` / `Event action` / `Event label`): • `LIFF` / `ViewArticle` / `&lt;articleId&gt;` • `LIFF` / `ViewReply` / `&lt;replyId&gt;` This will be useful to generate a message search trend report with message search capability, such as <https://datastudio.google.com/reporting/18J8jZYumsoaCPBk9bdRd97GKvi_W5v-r/page/NrUQ|this one>. <https://user-images.githubusercontent.com/108608/132167356-2ebdf02b-bcf1-4edb-b071-09dff6122d37.png|image>

:white_check_mark: All checks have passed

github2 13:59:43

<https://github.com/cofacts/rumors-line-bot/pull/288#issuecomment-913365183|Comment on #288 Send article content as title when submitting LIFF events>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42667782|Build 1204850639>* • *4* of *4* *(100.0%)* changed or added relevant lines in *2* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage increased (+*0.008%*) to *87.333%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

Carmen 17:34:15
🙋‍♀️請問一下, Cofacts的Chatbot是從甚麼時候正式上線的呢? 目前除了官網之外, chatbot機器人主要是在LINE回覆嗎?
1. 「正式上線」是不包含爆紅但我們聲稱還沒做好的那段時間嗎?
2. 對,以 LINE chatbot 為主
原來4年多前就有了!
廣為周知(就LINE使用族群)是兩年前嗎?
例如說,如果「廣為周知」是指全台 1% 的人(23萬)加好友
那我們2
😆感恩如此清晰又簡短的回覆
😆感恩如此清晰又簡短的回覆
「廣為周知」明確定義 ++ XDD
這「廣為周知」的定義不錯 XDD
Carmen 18:51:45
😆感恩如此清晰又簡短的回覆

2021-09-07

2021-09-08

github2 01:28:14

<https://github.com/cofacts/rumors-line-bot/pull/289#issuecomment-914489940|Comment on #289 Add AppBar and links to website>

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42706371|Build 1210453592>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.326%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

mrorz 13:43:03
今日議程:https://g0v.hackmd.io/6mTYVWhLSTWfDcyaxYLaXA?view

主要是 Review Article LIFF 的 GA blocker,還有小聚~

g0v.hackmd.io

20210908 會議記錄 - HackMD

cai 16:47:59
https://cofacts.g0v.tw/article/c01uxqletgk8 這個連名字都出現了,誇張
又開始要看哪所停課~看cofacts最快了~
警局或市府裡面總是有人愛把訊息傳出去
😢 2
tmonk 17:08:21
1631090990900.jpg
github2 21:04:45

<https://github.com/cofacts/rumors-line-bot/pull/290|#290 Replace "編輯" with "查證志工">

As discussed in <https://g0v.hackmd.io/6mTYVWhLSTWfDcyaxYLaXA?view#%E6%9C%AA%E7%AB%9F%E9%A0%85%E7%9B%AE|https://g0v.hackmd.io/6mTYVWhLSTWfDcyaxYLaXA?view#%E6%9C%AA%E7%AB%9F%E9%A0%85%E7%9B%AE> , we should avoid using "編輯" because it is too ambiguous. We use "查證志工" instead. <https://user-images.githubusercontent.com/108608/132513816-6d696429-f7f1-4246-94f2-330c4ba1100b.png|圖片> <https://user-images.githubusercontent.com/108608/132514272-0c149642-ef16-4d22-a167-15aa1f440cf6.png|圖片> <https://user-images.githubusercontent.com/108608/132516160-8f51c391-1a88-4e81-ab22-98c8e869a675.png|圖片> <https://user-images.githubusercontent.com/108608/132516243-7ad2c0e2-de4f-4827-85b8-3547c98ebd3f.png|圖片>

:white_check_mark: All checks have passed

github2 21:16:29

<https://github.com/cofacts/rumors-line-bot/pull/290#issuecomment-915230111|Comment on #290 Replace "編輯" with "查證志工">

*Pull Request Test Coverage Report for <https://coveralls.io/builds/42727886|Build 1213457984>* • *0* of *0* changed or added relevant lines in *0* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage remained the same at *87.333%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*

2021-09-13

cai 00:58:14
`我想補充` 有限制要多少字以上嗎?
我用pc版google瀏覽器按我想補充後,要輸入超過80個字後才能按送出,可是其他留言都短短的 🤔
註解 2021-09-13 004829.png
在手機上送出的時候沒有限制,但我們期待網站使用者會貼 URL 並且描述內容等,所以比較長唷!

2021-09-14

github2 01:52:39

<https://github.com/cofacts/rumors-site/pull/447|#447 Comply to OAuth2 Login identity provider platform terms>

Facebook <https://developers.facebook.com/terms|Platform Terms>: &gt; Platform Terms 4.b: Your privacy policy must comply with applicable law and regulations and must accurately and clearly explain what data you are Processing, how you are Processing it, the purposes for which you are Processing it, and how Users may request deletion of that data. Thus we add the following info to our privacy term (四、隱私及個人資料): • How we process the platform data • How to request delete of platform data • actually in 一、5 we already said that collaborators can email us to modify their personal data. However since it is not a clear "deletion" step, let's clarify it again in 四、隱私及個人資料.

:white_check_mark: All checks have passed

github2 01:55:46

<https://github.com/cofacts/rumors-site/pull/447#issuecomment-918435062|Comment on #447 Comply to OAuth2 Login identity provider platform terms>

<https://coveralls.io/builds/42836109|Coverage Status> Coverage remained the same at 75.261% when pulling *<https://github.com/cofacts/rumors-site/commit/75b2e00b1ed5c9ff1bc1d0341428b09a283262f9|75b2e00> on privacy-update* into *<https://github.com/cofacts/rumors-site/commit/712af7c7126683d89ea6b4498ba8be0011382779|712af7c> on master*.

2021-09-15

github2 02:38:16

<https://github.com/cofacts/rumors-site/issues/449|#449 Do not allow empty replies>

Currently there are empty replies like this in the DB: <https://cofacts.tw/reply/UkJBtHoBgBgcuemX5aeB|https://cofacts.tw/reply/UkJBtHoBgBgcuemX5aeB> We should block empty replies when submitting on website &amp; also block it on API side. Also, replies with only space / blank lines should be blocked to. Consider `trim()` before checking its emptyness. Relates to <https://github.com/cofacts/rumors-line-bot/issues/285|cofacts/rumors-line-bot#285>

github2 02:38:28

<https://github.com/cofacts/rumors-site/pull/448#issuecomment-919416584|Comment on #448 [Trivial] fix typo in ReportPage>

<https://coveralls.io/builds/42869583|Coverage Status> Coverage remained the same at 75.261% when pulling *<https://github.com/cofacts/rumors-site/commit/d9689cf6bcbd3e9690ef80f85feaf5a48713e565|d9689cf> on impact-typo* into *<https://github.com/cofacts/rumors-site/commit/712af7c7126683d89ea6b4498ba8be0011382779|712af7c> on master*.

github2 23:06:26

<https://github.com/cofacts/rumors-site/issues/449#issuecomment-920104679|Comment on #449 Do not allow empty replies>

若只擋空字串或空白字元,有心人只要隨便打幾個字就可以騙過,所以怎樣的狀況應該視為是來亂的而忽略掉,可能要再討論一下吧?

github2 23:08:40

<https://github.com/cofacts/rumors-site/issues/449#issuecomment-920106757|Comment on #449 Do not allow empty replies>

如果有違反使用者條款的狀況,我們可以直接尋條款刪除唷 目前實際有刪掉的狀況可以看 <https://github.com/cofacts/takedowns|https://github.com/cofacts/takedowns> ~ 無論多複雜的阻擋方式,先從空白下手,總是一種開始的方法

mrorz 23:25:13
【主機維護公告】

主機供應商 Linode 安排,台灣時間 2021/9/17 1:15~3:15 AM 會維護 Cofacts 真的假的伺服器所在的主機。
維護期間,Cofacts 網站、API 服務、聊天機器人將會無法提供服務,敬請見諒。
若 Linode 結束維護,就會提早上線,不另行通知。
後來 8:50 才上線 QQ
redis 忘記設 restart policy,然後這是好幾百天來第一次 server-restart
👀 2

2021-09-16

github2 10:37:29

<https://github.com/cofacts/rumors-line-bot/issues/291|#291 Article LIFF should handle the case when specified replyId is incorrect>

When `replyId` of article LIFF is not one of the currently available replies (may be a deleted reply or just an incorrect ID), show an error message "This reply does not exist or has been deleted by its author." and list all other replies. Current: <https://line-bot.cofacts.tw/liff/index.html?p=article&amp;articleId=3i4cnjbpou0qy&amp;replyId=WRONG_ID|https://line-bot.cofacts.tw/liff/index.html?p=article&amp;articleId=3i4cnjbpou0qy&amp;replyId=WRONG_ID>

2021-09-17

2021-09-21

github2 04:44:08

<https://github.com/cofacts/rumors-site/pull/450|#450 Bump tmpl from 1.0.4 to 1.0.5>

Bumps <https://github.com/daaku/nodejs-tmpl|tmpl> from 1.0.4 to 1.0.5. Commits • See full diff in <https://github.com/daaku/nodejs-tmpl/commits/v1.0.5|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.

:white_check_mark: No checks have passed

github2 07:36:37

<https://github.com/cofacts/rumors-fb-bot/pull/27|#27 Bump tmpl from 1.0.4 to 1.0.5>

Bumps <https://github.com/daaku/nodejs-tmpl|tmpl> from 1.0.4 to 1.0.5. Commits • See full diff in <https://github.com/daaku/nodejs-tmpl/commits/v1.0.5|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.

cai 16:06:12
https://forum.gamer.com.tw/C.php?bsn=60076&snA=6200625
這種line 整人連結我們能試著在傳訊息給機器人時就先提醒嗎?
目前看到的都是固定開頭連結 `<line://app/1654206673-P3MaRNpN?type=text&text=>`
https://cofacts.tw/article/10th9phioqy75
這好酷 XDDD
https://github.com/keezxc1223/liff-1/blob/master/liff-starter.js

JS 還經過混淆,看起來是惡意惡搞無誤呢
看起來「相似可疑訊息」那裡可以列出一樣是「<line://app/1654206673-P3MaRNpN>」該頭的訊息
所以可以發一個公版回應然後連結到這些訊息
這樣如果有人 google 或者 LINE bot 轉傳很相似的訊息,就會收到回應

但要判斷開頭的話,花的精力會比對方繞過還要大
看來過去這幾個月,已經有超過 10 種變形
大家都很愛惡作劇
https://cofacts.tw/reply/qsJCDHwBucwAqrba8r6X

2021-09-22

2021-09-23

github2 13:54:15

<https://github.com/cofacts/rumors-line-bot/issues/293|#293 LIFF should request "Profile" instead of "Open ID">

*As-is* Currently Cofacts LIFF requests for `openid` and `chat_message.write` scope. <https://user-images.githubusercontent.com/108608/134458898-89d9be95-b495-4628-b520-482ddfb79a55.png|image> This triggers the following consent window when the user first opens Cofacts LIFF: <https://user-images.githubusercontent.com/108608/134459233-2e4f29c5-fe84-4cef-999e-bf7c69b378ba.png|image> Currently the "用戶識別資訊 (必要資訊)" has caused confusion and intimidated users from proceeding. *To-be* We should use `profile` instead. If we do so, the consent window will become something similar to: <https://user-images.githubusercontent.com/108608/134459682-746d7f16-fad0-44b6-99d0-d47903ba5103.png|image> The wording of "Profile" scope (個人檔案) is more welcoming to the users. To achieve this, we should replace <https://g0v.hackmd.io/eIeU2g86Tfu5VnLazNfUvQ?view#1-LIFF-ltgt-chatbot-GraphQL-API-%E7%9A%84%E6%96%B0%E8%AA%8D%E8%AD%89%E6%96%B9%E5%BC%8F|current ID token mechanism> with <https://developers.line.biz/en/docs/line-login/secure-login-process/#using-access-tokens|access token + get profile API from chatbot server>. Furthermore, we can access <https://developers.line.biz/en/reference/liff/#get-friendship|`liff.getFriendship()`> after we have access to `profile` scope, allowing us to <https://g0v.hackmd.io/s3gX4lQ-SSmqMXzrcOpPag#%E7%9C%9F%E7%9A%84%E5%81%87%E7%9A%84-ltgt-TM-Check|display links to add Cofacts chatbot to those who did not>. *Implementation detail* 1. We can replace the current mechanism of passing ID tokens to passing access token instead. 2. On server side, we replace ID token verification mechanism with calling `/v2/profile` for the `userId`. 3. We don't need to call `/oauth2/v2.1/verify`, `/v2/profile` should be enough just for retrieving trustworthy `userId` from LINE. *Other notes* • This issue does not nessasarily cover <https://g0v.hackmd.io/BBeVH2VxRNOCq5QB_HC6EQ?both#Devs---Q2|the deprecation> of <https://g0v.hackmd.io/BBeVH2VxRNOCq5QB_HC6EQ?view#Devs---Q2|`urlToken` param mechanism>. • This issue does not cover <https://github.com/cofacts/rumors-line-bot/issues/174|"send messages to user">. Removing this scope requires siginificant rewrite of the chatbot workflows, which are outlined <https://g0v.hackmd.io/iTCmUFHeQLSILSXi2dBTjw#%E6%B6%88%E9%99%A4%E3%80%8C%E9%80%81%E8%A8%8A%E6%81%AF%E8%87%B3%E8%81%8A%E5%A4%A9%E5%AE%A4%E3%80%8D%E6%AC%8A%E9%99%90%E8%AB%8B%E6%B1%82|here>.

cai 18:49:58
COVID-19 疫苗相關多到我覺得可以獨立分類了 😆
24小時內至少11件
確實有獨立的 COVID-19 分類~
https://cofacts.tw/articles?categoryIds=covid19

只是現在自動分類器還不會分這個新類別 QQ
疫苗我都先丟醫藥那個,疫情相關的才會丟covid-19
嗯嗯也可以~~
mrorz 22:18:32
11:00 的時候我們會測試小聚的 jitsi 的影片播放,以及大家是不是都可以聽到彼此的聲音唷~
jitsi link: https://meet.jit.si/moderated/eae854318e312b7c8822609fc01dd25f1f40e4b4470aff1a60c05c2a8e45ae04

meet.jit.si

Jitsi Meet

Join a WebRTC video conference powered by the Jitsi Videobridge

2021-09-25

bil 13:57:43
https://meet.jit.si/moderated/eae854318e312b7c8822609fc01dd25f1f40e4b4470aff1a60c05c2a8e45ae04s

線上參與,真的假的 查核小聚

meet.jit.si

Jitsi Meet

Join a WebRTC video conference powered by the Jitsi Videobridge

2021-09-27

cai 15:31:01
`延伸此回應來查核`要怎樣用才會顯示是引用別人的?
我發現只要有修改引用的文字就會變成引用我自己了🤔
對對,有修改就會是自己的唷
如果是用「使用現有回應」tab -->「直接用此回應」按鈕的話才會顯示成引用別人~

2021-09-29

github2 14:24:00

<https://github.com/cofacts/rumors-site/pull/451|#451 Block empty replies>

Fixes <https://github.com/cofacts/rumors-site/issues/449|#449> When reply text is empty or contains nothing but only space / line breaks, block submission. <https://user-images.githubusercontent.com/108608/135214140-df796939-4fae-4e06-82f4-095cc33311d7.gif|block-empty>

:white_check_mark: All checks have passed

github2 14:26:24

<https://github.com/cofacts/rumors-site/pull/451#issuecomment-929874905|Comment on #451 Block empty replies>

<https://coveralls.io/builds/43142243|Coverage Status> Coverage remained the same at 75.261% when pulling *<https://github.com/cofacts/rumors-site/commit/a3a33e438c8d6bc30bb3229ea81556579b47a1c2|a3a33e4> on block-empty-replies* into *<https://github.com/cofacts/rumors-site/commit/824fb25a0fdb3d5ba73359e612efcd5cf6dad893|824fb25> on master*.

github2 14:27:19

<https://github.com/cofacts/rumors-site/pull/443#issuecomment-929875372|Comment on #443 Bump next from 9.3.2 to 11.1.0>

We are not affected as we are using old version of next.js. <https://github.com/dependabot|@dependabot> close