aletheiafact / aletheia Goto Github PK
View Code? Open in Web Editor NEWhttps://aletheiafact.org a Crowd-sourced fact checking platform.
License: GNU General Public License v3.0
aletheia's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![sweep-ai[bot] avatar](https://avatars.githubusercontent.com/in/307814?v=4 "sweep-ai[bot]")
Stargazers
Watchers
Forkers
fossabot thiagobraga ltgouvea jvzanatta rodbecc kellynvd marcelobalexandre pepermao caneppelevitor angelobonini julianoebram brandonslialetheia's Issues
SSR - Server Side Rendering
Use reCaptcha in the claim review form
- Add reCaptcha
- Handle reCaptcha events
- Don't allow form submit until reCaptcha is ready
Implement error feedback
... and remove all console.logs
Define and implement roles and permissions
TBD
Track clicks on "I want to become a reviwer" CTA button
Background
We use umami analytics in order to collect simple analytics data with user privacy focus.
We want to track the clicks on the CTA button "I want to become a reviewer"
How
Take a look at the documentation on how to do it at https://umami.is/docs/tracker-functions
Acceptance Criteria
- Documentation is updated
- Umami analytics server starts receiving events for CTA button clicks
Consider using commitzen
Apply new Visual Identity to remaining components in the app
Use upstream service-runner
It should be similar to the following commit:
https://github.com/OpenTesseract/tess/commit/f6f58e5f9620d279ed4611dd06e498b8b07ea5a1#diff-a65167c201e7e44a0df836adbceb5d7bL4
This commit has a lot of specifics of the other project, but changing the server.js and npm install service-runner should be enough
Decide if we will store Personalities info or use Wikidata only
This is a ticket to discuss if we should store Personalities assets and infos or rely on Wikidata for everything and encourage community to improve Wikidata pages.
Consider NX workspace instead of Lerna
warning package.json: No license field
How should we handle DDos in the application layer?
Database | Regular backups
Deploy prototype to production
Fix vulnerabilities from CodeQL report
Background Information
Run yarn audit and yarn lint to see the errors that needs to be fixed
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Improper Privilege Management in shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.8.5 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @nestjs/cli │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @nestjs/cli > shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067444 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate │ Improper Privilege Management in shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.8.5 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @nestjs/cli │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @nestjs/cli > shelljs │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067451 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Incorrect Comparison in axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.21.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @nestjs/axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @nestjs/axios > axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070315 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular expression denial of service in glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-essentials │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/addon-essentials > @storybook/core-common > │
│ │ webpack > watchpack > watchpack-chokidar2 > chokidar > │
│ │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067329 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular expression denial of service in glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-essentials │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/addon-essentials > @storybook/addon-controls > │
│ │ @storybook/core-common > webpack > watchpack > │
│ │ watchpack-chokidar2 > chokidar > glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067329 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular expression denial of service in glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > @storybook/core-common > webpack > watchpack > │
│ │ watchpack-chokidar2 > chokidar > glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067329 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular expression denial of service in glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > @storybook/builder-webpack4 > @storybook/core-common > │
│ │ webpack > watchpack > watchpack-chokidar2 > chokidar > │
│ │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067329 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular expression denial of service in glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=5.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > cpy > globby > fast-glob > glob-parent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1067329 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular Expression Denial of Service in trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.0.3 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-essentials │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/addon-essentials > @storybook/addon-docs > │
│ │ @storybook/mdx1-csf > @mdx-js/mdx > remark-parse > trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070259 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular Expression Denial of Service in trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.0.3 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/addon-essentials │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/addon-essentials > @storybook/addon-docs > │
│ │ @storybook/mdx1-csf > @mdx-js/mdx > remark-mdx > │
│ │ remark-parse > trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070259 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular Expression Denial of Service in trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.0.3 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > @storybook/csf-tools > @storybook/mdx1-csf > @mdx-js/mdx > │
│ │ remark-parse > trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070259 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Regular Expression Denial of Service in trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.0.3 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > @storybook/csf-tools > @storybook/mdx1-csf > @mdx-js/mdx > │
│ │ remark-mdx > remark-parse > trim │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070259 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Uncontrolled Resource Consumption in trim-newlines │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ trim-newlines │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.0.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @storybook/react │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @storybook/react > @storybook/core > @storybook/core-server │
│ │ > x-default-browser > default-browser-id > meow > │
│ │ trim-newlines │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070391 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high │ Crash in HeaderParser in dicer │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ dicer │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ No patch available │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @nestjs/platform-express │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @nestjs/platform-express > multer > busboy > dicer │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1070480 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate │ Got allows a redirect to a UNIX socket │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ got │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=11.8.5 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ nodemon │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ nodemon > update-notifier > latest-version > package-json > │
│ │ got │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://www.npmjs.com/advisories/1075701 │
└───────────────┴──────────────────────────────────────────────────────────────┘
Acceptance Criteria
- Fix npm audits
- Fix lint warnings
Consider Prisma ORM
Home landing page introducing the project
DDos protection
Get truthiness percentage of given claim/personality
Based on claim reviews
i18n server and client side
Background Information
We need to have i18n for every user-facing text.
What
Client-side needs to have i18n and server-side responses that contain text needs to have i18n as well.
For the server-side, we don't care about logged messages and content translation, just messages that are sent to the user.
Acceptance Criteria
- Apply i18next in the front-end
- #460
- Apply i18next in the back-end
Improve Dev environment with fake DB entries
Allow Claims to be posts from social media
Let's start with twitter integration
Improve i18n for date fields
Background Information
Some date fields don't have proper formatting and i18n applied
See current behavior:
See Design vignette:
What
Create a date string component that formats and applies i18n for date and replace wherever is possible
How
Current: 2021-11-10T17:28:00.184Z
Expected:
- English:
Stated on 11/10/2021 - Portuguese:
Afirmou em 10/11/2021
Acceptance Criteria
- All date strings uses a single component that applies proper formatting and i18n
Server | log every request
Improve server-side logging
Implement baseUrl for client
UI/UX revision
We need to change UI/UX after the prototype is ready
Support references for generated content
Create a new table for references and create a relationship with Claim and ClaimReview (optional).
Fields:
- link
- citation
- claim (relationship)
- claimReview (relationship)
- type: ["claim", "claim_review"] // TODO: improve these relationships
- classification
References will be a generic table where we can create references for every type of content.
References can be classified as well, the possible labels are:
- Reliable source
- Unreliable source
- Fake
References are not required
Unify front and backend and make Aletheia monorepo
Add wikidata support for personality
Create a new field where the user can fetch the wikidata Q id and associate it with the personality.
When a personality has a wikidata id, fetch its metadata and show the relevant information on the Personality page. The relevant information is:
- Picture
- Description instead of mini-bio
- DOB
- occupation
- official website
- social network identifiers
- link to wikidata profile
- link to wikipedia profile if exists
If the personality doesn't exist, create a link to suggest the user add a new entry to wikidata
Server | Implement unit tests for the parser
[DOCUMENTATION] Aletheia sketches
Search for personalities to attribute claims
Or create personalities profiles
Look for personalities with a Wikidata ID
See their profile (images and other information can be fetched from Wikidata)
Create a claim for a given personality
Access a personality claim
View the Claim (Twitter integration would be similar, with a tweet box instead of the plain text)
Choose a sentence to review
Review the sentence (no bots allowed!)
Check the stats of a personality regarding how much they say is false!
Personality edit page
Use Typescript everywhere
Fix MongoDB warnings
Support account creation
- Use wikipedia OAUTH?
Implement unit tests for the parser
Figure out Claim Translation
Update prototype documentation
- README
- Use some doc generator
Join Open collective as OpenTesseract
Introduce Prettier to the stack
Define prod domain
Use parcel for bundling
Allow Claim to be YouTube videos
Ideas
- Integrate the flow to perform an automated Abuse Report after a fact-check flow is finished https://developers.google.com/youtube/v3/docs/videoAbuseReportReasons
- Allow to detect duplicates of already checked videos
Open questions
- How do we assure "strategic silence" to not increase traffic to the misinformation content?
Resources
Front | 404 Page
Background Information
Right now if you try to access a page that doesn't exist the server returns a json response, example. Nextjs is supposed to show a 404 page, but it doesn't.
Open questions
We might need to work with the server in this one, because nextjs is being manipulated by NestJS
Acceptance Criteria
- 404 pages are showed correctly
- Documentation is updated
Define anti-bot policy
Home | randomize list of personalities
Introduce DTOs to the server requests
Right now, we don't take advantage of NestJS DTO approach for API requests. This is an issue to track the implementation to introduce DTOs to the server requests.
- auth
- claim-review
- claim
- root
- home
- personality
- source
- stats
- wikidata
Replace reCAPTCHA with a better option for privacy
Improve server-side error handling
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.