rumors-line-bot
rumors-line-bot copied to clipboard
cofacts
Line bot that checks if a message contains internet rumor.
From 20220810 test result: https://g0v.hackmd.io/uZ3gouRWRamtrCFzKFrgnw#%E6%9C%AA%E7%AB%9F%E9%A0%85%E7%9B%AE ## As-is  ## To-be If there is no other people submitting reply request / comments, we should not show the second sentence. Just use...
From 20220810 test result: https://g0v.hackmd.io/uZ3gouRWRamtrCFzKFrgnw#%E6%9C%AA%E7%AB%9F%E9%A0%85%E7%9B%AE LIFF article list (articles) and article page should support displaying images
大佬,你好,我是@abbykimi,我IDE运行您这个项目的时候,提示有几个漏洞,项目调用了immer等1520个开源组件,存在17个安全漏洞,建议你升级下。 ``` 漏洞标题:Immer 安全漏洞 漏洞编号:CVE-2021-23436 漏洞描述: Immer是Immer社区的一个基于Javascript的状态管理库。。 immer 9.0.6之前版本存在安全漏洞,该漏洞源于当path参数中使用的用户提供的密钥是数组时,可能导致绕过CVE-2020-28477。 影响范围:(∞, 9.0.6) 最小修复版本:9.0.6 引入路径: [email protected]>@storybook/[email protected]>@storybook/[email protected]>@storybook/[email protected]>[email protected]>[email protected] ``` 另外16个漏洞 ,信息有点多我就不贴了,你自己看下完整报告:https://www.mfsec.cn/jr?p=aec148 如果你对这个issues有任何疑问可以回复我哈( @abbykimi ),我会及时回复你的。
## As-is Currently Cofacts LIFF requests for `openid` and `chat_message.write` scope.  This triggers the following consent window when the user first opens Cofacts LIFF:  Currently the "用戶識別資訊 (必要資訊)"...
View details in Rollbar: [https://rollbar.com/mrorz/rumors-line-bot/items/364/](https://rollbar.com/mrorz/rumors-line-bot/items/364/) ``` [LINE Client] 400: A message (messages[2]) in the request body is invalid. ``` `messages[2]`: ``` {"type":"flex","altText":"請從下列選擇您要查看的回應。","contents":{"type":"carousel","contents":[{"type":"bubble","direction":"ltr","header":{"type":"box","layout":"horizontal","spacing":"md","paddingBottom":"none","contents":[{"type":"text","text":"💬","flex":0},{"type":"text","text":"有人認為它含有不實訊息","gravity":"center","size":"sm","weight":"bold","wrap":true,"color":"#AAAAAA"}]},"body":{"type":"box","layout":"vertical","contents":[{"type":"text","text":"假的。 \n2019年起的相關規定如下:\n1、紅燈右轉: 機車和小型車罰 600元、大型車罰1400元。\n2、闖紅燈: 機車罰1800元、小型車罰2700元、大型車罰3600元。","align":"start","wrap":true,"margin":"md","maxLines":10},{"type":"filler"},{"type":"separator","margin":"md"},{"type":"box","layout":"horizontal","contents":[{"type":"text","text":"👍 有 1296 人覺得此回應有幫助\n😕 有...
不需要蓋 article,一樣回覆「我們還不支援文字以外的訊息唷」 但把東西存起來之後分析
## As-is From https://g0v.hackmd.io/OC7BneJ3TEGJHge1hWV-0w?both#%E5%9B%9E%E6%87%89%E3%80%8C%E6%B2%92%E6%9C%89%E3%80%8D%E7%9A%84%E6%AD%A3%E8%A9%95 > 看來是因為我們在使用者回報一個回應有用時,會這樣問使用者: >  > 這個提問導致使用者輸入「沒有」然後送出。但在 Cofacts 網站上,就會看到有一堆人 upvote 然後又表示「沒有」,有點沒頭沒尾。  > [name=MrOrz] > > 可以用 place holder 寫「沒有其他意見」之類的,這樣使用者應該會直接按送出? > [name=stimim] ## To-be Change the wording...
Discussion: https://g0v.hackmd.io/giYWfM8yRkKghtPOG1EBig#%E4%BA%82%E5%9B%9E%E8%88%87%E9%80%9A%E7%9F%A5 We should not notify LINE user of replies with negative feedbacks. `getArticlesInBatch()` in `src/scripts/lib.js` should only yield articles when there are new replies having positive or zero feedbacks...
We need to show our donation information when users query suspicious messages.
