v0.0.23

README.md

@@ -10,6 +10,8 @@ Misskeyの/proxyが単体で動作します（Misskeyのコードがほぼその
 一応AWS Lambdaで動かす実装を用意しましたが、全くおすすめしません。
 https://github.com/tamaina/media-proxy-lambda
 
+Sharp.jsを使っているため、メモリアロケータにjemallocを指定することをお勧めします。
+
 ## Fastifyプラグインとして動作させる
 ### npm install
 
@@ -36,6 +38,13 @@ git clone https://github.com/misskey-dev/media-proxy.git
 cd media-proxy
 ```
 
+### jemallocをインストール
+Debian/Ubuntuのaptの場合
+
+```
+sudo apt install libjemalloc2
+```
+
 ### pnpm install
 ```
 NODE_ENV=production pnpm install
@@ -76,14 +85,17 @@ export default {
 適当にサーバーを公開してください。  
 （ここではmediaproxy.example.comで公開するものとします。）
 
-メモ書き程度にsystemdでの開始方法を残しますが、もしかしたらAWS Lambdaとかで動かしたほうが楽かもしれません。  
+メモ書き程度にsystemdでの開始方法を残します。  
 （サーバーレスだとsharp.jsが動かない可能性が高いため、そこはなんとかしてください）
 
 systemdサービスのファイルを作成…
 
 /etc/systemd/system/misskey-proxy.service
 
-エディタで開き、以下のコードを貼り付けて保存（ユーザーやポートは適宜変更すること）:
+エディタで開き、以下のコードを貼り付けて保存
+
+ユーザーやポートは適宜変更すること。  
+また、arm64の場合`Environment="LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2"`のx86_64をaarch64に変更する必要がある。jemallocのパスはディストリビューションによって変わる可能性がある。
 
 ```systemd
 [Unit]
@@ -94,6 +106,7 @@ Type=simple
 User=misskey
 ExecStart=/usr/bin/npm start
 WorkingDirectory=/home/misskey/media-proxy
+Environment="LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2"
 Environment="NODE_ENV=production"
 Environment="PORT=3000"
 TimeoutSec=60

built/download.d.ts

@@ -1,5 +1,5 @@
-/// <reference types="node" />
-/// <reference types="node" />
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node" resolution-mode="require"/>
 import * as http from 'node:http';
 import * as https from 'node:https';
 export type DownloadConfig = {

built/download.js

@@ -1,9 +1,8 @@
 import * as fs from 'node:fs';
 import * as stream from 'node:stream';
 import * as util from 'node:util';
+import ipaddr from 'ipaddr.js';
 import got, * as Got from 'got';
-import IPCIDR from 'ip-cidr';
-import PrivateIp from 'private-ip';
 import { StatusError } from './status-error.js';
 import { getAgents } from './http.js';
 import { parse } from 'content-disposition';
@@ -95,11 +94,11 @@ export async function downloadUrl(url, path, settings = defaultDownloadConfig) {
     };
 }
 function isPrivateIp(ip, allowedPrivateNetworks) {
+    const parsedIp = ipaddr.parse(ip);
     for (const net of allowedPrivateNetworks ?? []) {
-        const cidr = new IPCIDR(net);
-        if (cidr.contains(ip)) {
+        if (parsedIp.match(ipaddr.parseCIDR(net))) {
             return false;
         }
     }
-    return PrivateIp(ip) ?? false;
+    return parsedIp.range() !== 'unicast';
 }

built/file-info.js

@@ -46,7 +46,7 @@ async function checkSvg(path) {
         const size = await getFileSize(path);
         if (size > 1 * 1024 * 1024)
             return false;
-        return isSvg(fs.readFileSync(path));
+        return isSvg(fs.readFileSync(path, { encoding: 'utf-8' }));
     }
     catch {
         return false;

built/http.d.ts

@@ -1,5 +1,5 @@
-/// <reference types="node" />
-/// <reference types="node" />
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node" resolution-mode="require"/>
 import * as http from 'node:http';
 import * as https from 'node:https';
 export declare function getAgents(proxy?: string): {

built/image-processor.d.ts

@@ -1,5 +1,5 @@
-/// <reference types="node" />
-/// <reference types="node" />
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node" resolution-mode="require"/>
 import sharp from 'sharp';
 import { Readable } from 'node:stream';
 export type IImage = {

built/index.d.ts

@@ -1,5 +1,5 @@
-/// <reference types="node" />
-/// <reference types="node" />
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node" resolution-mode="require"/>
 import * as http from 'node:http';
 import * as https from 'node:https';
 import type { FastifyInstance } from 'fastify';

package.json

@@ -1,9 +1,9 @@
 {
   "name": "misskey-media-proxy",
-  "version": "0.0.22",
+  "version": "0.0.23",
   "description": "The Media Proxy for Misskey",
   "main": "built/index.js",
-  "packageManager": "pnpm@7.28.0",
+  "packageManager": "pnpm@8.7.5",
   "type": "module",
   "files": [
     "built",
@@ -27,26 +27,26 @@
   "homepage": "https://github.com/misskey-dev/media-proxy#readme",
   "devDependencies": {
     "@swc/cli": "^0.1.62",
-    "@swc/core": "^1.3.57",
-    "@types/content-disposition": "^0.5.5",
-    "@types/node": "^18.16.7",
-    "@types/sharp": "^0.31.1",
-    "@types/tmp": "^0.2.3",
-    "typescript": "^4.9.5"
+    "@swc/core": "^1.3.86",
+    "@types/content-disposition": "^0.5.6",
+    "@types/node": "^20.6.3",
+    "@types/tmp": "^0.2.4",
+    "typescript": "^5.2.2"
   },
   "dependencies": {
-    "@fastify/static": "^6.10.1",
+    "@fastify/static": "^6.11.2",
     "cacheable-lookup": "^7.0.0",
     "content-disposition": "^0.5.4",
-    "fastify": "^4.17.0",
-    "fastify-cli": "^5.7.1",
-    "file-type": "^18.4.0",
-    "got": "^12.6.0",
+    "fastify": "^4.23.2",
+    "fastify-cli": "^5.8.0",
+    "file-type": "^18.5.0",
+    "got": "^13.0.0",
     "hpagent": "^1.2.0",
     "ip-cidr": "^3.1.0",
-    "is-svg": "^4.4.0",
-    "private-ip": "^3.0.0",
-    "sharp": "^0.31.3",
+    "ipaddr.js": "^2.1.0",
+    "is-svg": "^5.0.0",
+    "private-ip": "^3.0.1",
+    "sharp": "^0.32.6",
     "sharp-read-bmp": "github:misskey-dev/sharp-read-bmp",
     "tmp": "^0.2.1"
   }

src/download.ts

@@ -3,9 +3,8 @@ import * as stream from 'node:stream';
 import * as util from 'node:util';
 import * as http from 'node:http';
 import * as https from 'node:https';
+import ipaddr from 'ipaddr.js';
 import got, * as Got from 'got';
-import IPCIDR from 'ip-cidr';
-import PrivateIp from 'private-ip';
 import { StatusError } from './status-error.js';
 import { getAgents } from './http.js';
 import { parse } from 'content-disposition';
@@ -116,12 +115,13 @@ export async function downloadUrl(url: string, path: string, settings:DownloadCo
 }
 
 function isPrivateIp(ip: string, allowedPrivateNetworks: string[]): boolean {
+    const parsedIp = ipaddr.parse(ip);
+
     for (const net of allowedPrivateNetworks ?? []) {
-        const cidr = new IPCIDR(net);
-        if (cidr.contains(ip)) {
+        if (parsedIp.match(ipaddr.parseCIDR(net))) {
             return false;
         }
     }
 
-    return PrivateIp(ip) ?? false;
+    return parsedIp.range() !== 'unicast';
 }

src/file-info.ts

@@ -1,6 +1,6 @@
 import fs from 'node:fs';
 import { fileTypeFromFile } from 'file-type';
-import type fileType from 'file-type';
+import type { MimeType } from 'file-type';
 import isSvg from 'is-svg';
 import { promisify } from 'node:util';
 
@@ -57,7 +57,7 @@ async function checkSvg(path: string) {
     try {
         const size = await getFileSize(path);
         if (size > 1 * 1024 * 1024) return false;
-        return isSvg(fs.readFileSync(path));
+        return isSvg(fs.readFileSync(path, { encoding: 'utf-8' }));
     } catch {
         return false;
     }
@@ -73,7 +73,7 @@ const dictionary = {
 
 export const isMimeImage = (mime: string, type: keyof typeof dictionary): boolean => dictionary[type].includes(mime);
 
-function fixMime(mime: string | fileType.MimeType): string {
+function fixMime(mime: string | MimeType): string {
     // see https://github.com/misskey-dev/misskey/pull/10686
     if (mime === "audio/x-flac") {
         return "audio/flac";

src/http.ts

@@ -2,6 +2,7 @@ import * as http from 'node:http';
 import * as https from 'node:https';
 import CacheableLookup from 'cacheable-lookup';
 import { HttpProxyAgent, HttpsProxyAgent } from 'hpagent';
+import { LookupFunction } from 'node:net';
 
 const cache = new CacheableLookup({
     maxTtl: 3600,	// 1hours
@@ -12,13 +13,13 @@ const cache = new CacheableLookup({
 const _http = new http.Agent({
     keepAlive: true,
     keepAliveMsecs: 30 * 1000,
-    lookup: cache.lookup,
+    lookup: cache.lookup as unknown as LookupFunction,
 } as http.AgentOptions);
 
 const _https = new https.Agent({
     keepAlive: true,
     keepAliveMsecs: 30 * 1000,
-    lookup: cache.lookup,
+    lookup: cache.lookup as unknown as LookupFunction,
 } as https.AgentOptions);
 
 export function getAgents(proxy?: string) {

tsconfig.json

@@ -10,8 +10,8 @@
 		"declaration": true,
 		"sourceMap": false,
 		"target": "es2021",
-		"module": "esnext",
-		"moduleResolution": "node",
+		"module": "nodenext",
+		"moduleResolution": "nodenext",
 		"allowSyntheticDefaultImports": true,
 		"removeComments": false,
 		"noLib": false,
@@ -36,6 +36,7 @@
 		],
 		"typeRoots": [
 			"./node_modules/@types",
+			"./node_modules",
 			"./src/@types"
 		],
 		"lib": [