diff --git a/.github/workflows/release-with-dispatch.yml b/.github/workflows/release-with-dispatch.yml
index ed2f822269..d750001b71 100644
--- a/.github/workflows/release-with-dispatch.yml
+++ b/.github/workflows/release-with-dispatch.yml
@@ -60,13 +60,13 @@ jobs:
### General
-
-
+
### Client
-
-
+
### Server
-
-
+
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
indent: ${{ vars.INDENT }}
secrets:
@@ -86,6 +86,7 @@ jobs:
draft_prerelease_channel: alpha
ready_start_prerelease_channel: beta
prerelease_channel: ${{ inputs.start-rc && 'rc' || '' }}
+ reset_number_on_channel_change: true
secrets:
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
diff --git a/.github/workflows/release-with-ready.yml b/.github/workflows/release-with-ready.yml
index e863b5e2e8..585375c20e 100644
--- a/.github/workflows/release-with-ready.yml
+++ b/.github/workflows/release-with-ready.yml
@@ -41,6 +41,7 @@ jobs:
indent: ${{ vars.INDENT }}
draft_prerelease_channel: alpha
ready_start_prerelease_channel: beta
+ reset_number_on_channel_change: true
secrets:
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
diff --git a/.gitignore b/.gitignore
index 5b8a798ba6..ac7502f384 100644
--- a/.gitignore
+++ b/.gitignore
@@ -68,6 +68,8 @@ misskey-assets
# Vite temporary files
vite.config.js.timestamp-*
vite.config.ts.timestamp-*
+vite.config.local-dev.js.timestamp-*
+vite.config.local-dev.ts.timestamp-*
# blender backups
*.blend1
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 765712b28c..844ad3c34f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,20 @@
+## Unreleased
+
+### General
+- Enhance: 特定ロールポリシーによる運営アクティビティの検知範囲拡大に対応( #13437 )
+
+### Client
+-
+
+### Server
+-
+
+
## 2024.11.0
### Note
- Node.js 20.xは非推奨になりました。Node.js 22.x (LTS)の利用を推奨します。
+ - なお、Node.js 23.xは対応していません。
- DockerのNode.jsが22.11.0に更新されました
### General
@@ -9,7 +22,7 @@
- Feat: 過去のノートを非公開化/フォロワーのみ表示可能にできるように
- Enhance: 依存関係の更新
- Enhance: l10nの更新
-- Enhance: 特定ロールポリシーによる運営アクティビティの検知範囲拡大に対応( #13437 )
+- Fix: お知らせ作成時に画像URL入力欄を空欄に変更できないのを修正 ( #14976 )
### Client
- Enhance: Bull DashboardでRelationship Queueの状態も確認できるように
@@ -27,6 +40,9 @@
- Enhance: ノート詳細画面にロールのバッジを表示
- Enhance: 過去に送信したフォローリクエストを確認できるように
(Based on https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/663)
+- Enhance: サイドバーを簡単に展開・折りたたみできるように ( #14981 )
+- Enhance: リノートメニューに「リノートの詳細」を追加
+- Enhance: 非ログイン状態でMisskeyを開いた際のパフォーマンスを向上
- Fix: 通知の範囲指定の設定項目が必要ない通知設定でも範囲指定の設定がでている問題を修正
- Fix: Turnstileが失敗・期限切れした際にも成功扱いとなってしまう問題を修正
(Cherry-picked from https://github.com/MisskeyIO/misskey/pull/768)
@@ -38,6 +54,8 @@
- Fix: メールアドレス登録有効化時の「完了」ダイアログボックスの表示条件を修正
- Fix: 画面幅が狭い環境でデザインが崩れる問題を修正
(Cherry-picked from https://github.com/MisskeyIO/misskey/pull/815)
+- Fix: TypeScriptの型チェック対象ファイルを限定してビルドを高速化するように
+ (Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/725)
### Server
- Enhance: DockerのNode.jsを22.11.0に更新
@@ -45,6 +63,8 @@
(Based on https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/588)
(Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/715)
- Enhance: リモートユーザーの照会をオリジナルにリダイレクトするように
+- Fix: sharedInboxが無いActorに紐づくリモートユーザーを照会できない
+- Fix: Aproving request from GtS appears with some delay
- Fix: フォロワーへのメッセージの絵文字をemojisに含めるように
- Fix: Nested proxy requestsを検出した際にブロックするように
[ghsa-gq5q-c77c-v236](https://github.com/misskey-dev/misskey/security/advisories/ghsa-gq5q-c77c-v236)
@@ -57,6 +77,11 @@
- Fix: FTT無効時にユーザーリストタイムラインが使用できない問題を修正
(Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/709)
- Fix: User Webhookテスト機能のMock Payloadを修正
+- Fix: アカウント削除のモデレーションログが動作していないのを修正 (#14996)
+- Fix: リノートミュートが新規投稿通知に対して作用していなかった問題を修正
+- Fix: Inboxの処理で生じるエラーを誤ってActivityとして処理することがある問題を修正
+ (Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/730)
+- Fix: セキュリティに関する修正
### Misskey.js
- Fix: Stream初期化時、別途WebSocketを指定する場合の型定義を修正
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index f8af6b3df0..1c777259d2 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -101,6 +101,22 @@ Be willing to comment on the good points and not just the things you want fixed
- Are there any omissions or gaps?
- Does it check for anomalies?
+## Security Advisory
+### For reporter
+Thank you for your reporting!
+
+If you can also create a patch to fix the vulnerability, please create a PR on the private fork.
+
+> [!note]
+> There is a GitHub bug that prevents merging if a PR not following the develop branch of upstream, so please keep follow the develop branch.
+
+### For misskey-dev member
+修正PRがdevelopに追従されていないとマージできないので、マージできなかったら
+
+> Could you merge or rebase onto upstream develop branch?
+
+などと伝える。
+
## Deploy
The `/deploy` command by issue comment can be used to deploy the contents of a PR to the preview environment.
```
diff --git a/SECURITY.md b/SECURITY.md
index fc5dec5de4..04567baf07 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -6,3 +6,10 @@ This will allow us to assess the risk, and make a fix available before we add a
bug report to the GitHub repository.
Thanks for helping make Misskey safe for everyone.
+
+## When create a patch
+
+If you can also create a patch to fix the vulnerability, please create a PR on the private fork.
+
+> [!note]
+> There is a GitHub bug that prevents merging if a PR not following the develop branch of upstream, so please keep follow the develop branch.
diff --git a/locales/ar-SA.yml b/locales/ar-SA.yml
index de24ad4bb9..2f1b391b53 100644
--- a/locales/ar-SA.yml
+++ b/locales/ar-SA.yml
@@ -343,7 +343,6 @@ enableLocalTimeline: "تفعيل الخيط المحلي"
enableGlobalTimeline: "تفعيل الخيط الزمني الشامل"
disablingTimelinesInfo: "سيتمكن المديرون والمشرفون من الوصول إلى كل الخيوط الزمنية حتى وإن لم تفعّل."
registration: "إنشاء حساب"
-enableRegistration: "تفعيل إنشاء الحسابات الجديدة"
invite: "دعوة"
driveCapacityPerLocalAccount: "حصة التخزين لكل مستخدم محلي"
driveCapacityPerRemoteAccount: "حصة التخزين لكل مستخدم بعيد"
diff --git a/locales/bn-BD.yml b/locales/bn-BD.yml
index 0e761b0743..6cd577b4a9 100644
--- a/locales/bn-BD.yml
+++ b/locales/bn-BD.yml
@@ -339,7 +339,6 @@ enableLocalTimeline: "স্থানীয় টাইমলাইন চাল
enableGlobalTimeline: "গ্লোবাল টাইমলাইন চালু করুন"
disablingTimelinesInfo: "আপনি এই টাইমলাইনগুলি বন্ধ করলেও প্রশাসক এবং মডারেটররা এই টাইমলাইনগুলি ব্যাবহার করতে পারবে"
registration: "নিবন্ধন"
-enableRegistration: "নতুন ব্যাবহারকারী নিবন্ধন চালু করুন"
invite: "আমন্ত্রণ"
driveCapacityPerLocalAccount: "প্রত্যেক স্থানীয় ব্যাবহারকারীর জন্য ড্রাইভের জায়গা"
driveCapacityPerRemoteAccount: "প্রত্যেক রিমোট ব্যাবহারকারীর জন্য ড্রাইভের জায়গা"
diff --git a/locales/ca-ES.yml b/locales/ca-ES.yml
index 048abfd781..1aca3390e6 100644
--- a/locales/ca-ES.yml
+++ b/locales/ca-ES.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "Activa la línia de temps local"
enableGlobalTimeline: "Activa la línia de temps global"
disablingTimelinesInfo: "Fins i tot si aquestes línies de temps són desactivades, els administradors i els moderadors poden continuar visualitzant per conveniència."
registration: "Registre"
-enableRegistration: "Permet el registre de nous usuaris"
invite: "Convida"
driveCapacityPerLocalAccount: "Capacitat del disc per usuaris locals"
driveCapacityPerRemoteAccount: "Capacitat del disc per usuaris remots"
@@ -587,6 +586,7 @@ masterVolume: "Volum principal"
notUseSound: "Sense so"
useSoundOnlyWhenActive: "Reproduir sons només quan Misskey estigui actiu"
details: "Detalls"
+renoteDetails: "Més informació sobre l'impuls "
chooseEmoji: "Tria un emoji"
unableToProcess: "L'operació no pot ser completada "
recentUsed: "Utilitzat recentment"
@@ -1300,6 +1300,7 @@ thisContentsAreMarkedAsSigninRequiredByAuthor: "L'autor requereix l'inici de ses
lockdown: "Bloquejat"
pleaseSelectAccount: "Seleccionar un compte"
availableRoles: "Roles disponibles "
+acknowledgeNotesAndEnable: "Activa'l després de comprendre els possibles perills."
_accountSettings:
requireSigninToViewContents: "És obligatori l'inici de sessió per poder veure el contingut"
requireSigninToViewContentsDescription1: "Es requereix l'inici de sessió per poder veure totes les notes i el contingut que has creat. Amb això esperem evitar que els rastrejadors recopilin informació."
@@ -1456,6 +1457,8 @@ _serverSettings:
reactionsBufferingDescription: "Quan s'activa aquesta opció millora bastant el rendiment en recuperar les línies de temps reduint la càrrega de la base. Com a contrapunt, augmentarà l'ús de memòria de Redís. Desactiva aquesta opció en cas de tenir un servidor amb poca memòria o si tens problemes d'inestabilitat."
inquiryUrl: "URL de consulta "
inquiryUrlDescription: "Escriu adreça URL per al formulari de consulta per al mantenidor del servidor o una pàgina web amb el contacte d'informació."
+ openRegistration: "Registres oberts"
+ openRegistrationWarning: "Obrir els registres és arriscat. Es recomana obrir-los només si el servidor és monitorat constantment i per respondre immediatament davant qualsevol problema."
thisSettingWillAutomaticallyOffWhenModeratorsInactive: "Si no es detecta activitat per part del moderador durant un període de temps, aquesta opció es desactiva automàticament per evitar el correu brossa."
_accountMigration:
moveFrom: "Migrar un altre compte a aquest"
@@ -2738,3 +2741,6 @@ _selfXssPrevention:
description1: "Si posa alguna cosa al seu compte, un usuari malintencionat podria segrestar-la o robar-li les dades."
description2: "Si no entens que estàs fent %cpara ara mateix i tanca la finestra."
description3: "Per obtenir més informació. {link}"
+_followRequest:
+ recieved: "Sol·licituds rebudes"
+ sent: "Sol·licituds enviades"
diff --git a/locales/cs-CZ.yml b/locales/cs-CZ.yml
index caf6d6e163..504ba1f8c8 100644
--- a/locales/cs-CZ.yml
+++ b/locales/cs-CZ.yml
@@ -348,7 +348,6 @@ enableLocalTimeline: "Povolit lokální čas"
enableGlobalTimeline: "Povolit globální čas"
disablingTimelinesInfo: "Administrátoři a Moderátoři budou mít stálý přístup ke všem časovým osám i přes to že nejsou zapnuté."
registration: "Registrace"
-enableRegistration: "Povolit registraci novým uživatelům"
invite: "Pozvat"
driveCapacityPerLocalAccount: "Kapacita disku na lokálního uživatele"
driveCapacityPerRemoteAccount: "Kapacita disku na vzdáleného uživatele"
diff --git a/locales/de-DE.yml b/locales/de-DE.yml
index 1aacbabbba..d85c930b73 100644
--- a/locales/de-DE.yml
+++ b/locales/de-DE.yml
@@ -10,6 +10,7 @@ username: "Benutzername"
password: "Passwort"
initialPasswordForSetup: "Initiales Passwort für die Einrichtung"
initialPasswordIsIncorrect: "Das initiale Passwort für die Einrichtung ist falsch"
+initialPasswordForSetupDescription: "Verwende das in der Konfigurationsdatei angegebene Passwort, wenn du Misskey selbst installiert hast.\nWenn du einen Misskey-Hostingdienst o.ä. nutzt, verwende das dort angegebene Kennwort.\nWenn du kein Passwort festgelegt hast, lasse es leer, um fortzufahren."
forgotPassword: "Passwort vergessen"
fetchingAsApObject: "Wird aus dem Fediverse angefragt …"
ok: "OK"
@@ -111,11 +112,14 @@ enterEmoji: "Gib ein Emoji ein"
renote: "Renote"
unrenote: "Renote zurücknehmen"
renoted: "Renote getätigt."
+renotedToX: "Renoted zu {name}."
cantRenote: "Renote dieses Beitrags nicht möglich."
cantReRenote: "Renote einer Renote nicht möglich."
quote: "Zitieren"
inChannelRenote: "Kanal-interner Renote"
inChannelQuote: "Kanal-internes Zitat"
+renoteToChannel: "Renote zu Kanal"
+renoteToOtherChannel: "Renote zu anderem Kanal"
pinnedNote: "Angeheftete Notiz"
pinned: "Angeheftet"
you: "Du"
@@ -127,12 +131,13 @@ reactions: "Reaktionen"
emojiPicker: "Emoji auswählen"
pinnedEmojisForReactionSettingDescription: "Lege Emojis fest, die angepinnt werden sollen, um sie beim Reagieren als Erstes anzuzeigen."
pinnedEmojisSettingDescription: "Lege Emojis fest, die angepinnt werden sollen, um sie in der Emoji-Auswahl als Erstes anzuzeigen"
+emojiPickerDisplay: "Anzeige der Emoji-Auswahl"
overwriteFromPinnedEmojisForReaction: "Überschreiben mit den Reaktions-Einstellungen"
overwriteFromPinnedEmojis: "Überschreiben mit den allgemeinen Einstellungen"
reactionSettingDescription2: "Ziehe um Anzuordnen, klicke um zu löschen, drücke „+“ um hinzuzufügen"
rememberNoteVisibility: "Notizsichtbarkeit merken"
attachCancel: "Anhang entfernen"
-deleteFile: "Datei gelöscht"
+deleteFile: "Datei löschen"
markAsSensitive: "Als sensibel markieren"
unmarkAsSensitive: "Als nicht sensibel markieren"
enterFileName: "Dateinamen eingeben"
@@ -180,6 +185,8 @@ addAccount: "Benutzerkonto hinzufügen"
reloadAccountsList: "Benutzerkontoliste aktualisieren"
loginFailed: "Anmeldung fehlgeschlagen"
showOnRemote: "Auf Ursprungsinstanz ansehen"
+chooseServerOnMisskeyHub: "Wähle einen Server aus dem Misskey Hub"
+inputHostName: "Gib die Domain an"
general: "Allgemein"
wallpaper: "Hintergrund"
setWallpaper: "Hintergrund festlegen"
@@ -206,6 +213,7 @@ perDay: "Pro Tag"
stopActivityDelivery: "Senden von Aktivitäten einstellen"
blockThisInstance: "Diese Instanz blockieren"
silenceThisInstance: "Instanz stummschalten"
+mediaSilenceThisInstance: "Medien dieses Servers stummschalten"
operations: "Aktionen"
software: "Software"
version: "Version"
@@ -227,6 +235,8 @@ blockedInstances: "Blockierte Instanzen"
blockedInstancesDescription: "Gib die Hostnamen der Instanzen, welche blockiert werden sollen, durch Zeilenumbrüche getrennt an. Blockierte Instanzen können mit dieser instanz nicht mehr kommunizieren."
silencedInstances: "Stummgeschaltete Instanzen"
silencedInstancesDescription: "Gib die Hostnamen der Instanzen, welche stummgeschaltet werden sollen, durch Zeilenumbrüche getrennt an. Alle Konten dieser Instanzen werden als stummgeschaltet behandelt, können nur noch Follow-Anfragen stellen und wenn nicht gefolgt keine lokalen Konten erwähnen. Blockierte Instanzen sind davon nicht betroffen."
+mediaSilencedInstances: "Medien-stummgeschaltete Server"
+mediaSilencedInstancesDescription: "Gib pro Zeile die Hostnamen der Server ein, dessen Medien du stummschalten möchtest. Alle Benutzerkonten der aufgeführten Server werden als sensibel behandelt und können keine benutzerdefinierten Emojis verwenden. Gesperrte Server sind davon nicht betroffen."
muteAndBlock: "Stummschaltungen und Blockierungen"
mutedUsers: "Stummgeschaltete Benutzer"
blockedUsers: "Blockierte Benutzer"
@@ -325,6 +335,7 @@ renameFolder: "Ordner umbenennen"
deleteFolder: "Ordner löschen"
folder: "Ordner"
addFile: "Datei hinzufügen"
+showFile: "Datei anzeigen"
emptyDrive: "Deine Drive ist leer"
emptyFolder: "Dieser Ordner ist leer"
unableToDelete: "Nicht löschbar"
@@ -367,7 +378,6 @@ enableLocalTimeline: "Lokale Chronik aktivieren"
enableGlobalTimeline: "Globale Chronik aktivieren"
disablingTimelinesInfo: "Administratoren und Moderatoren haben immer Zugriff auf alle Chroniken, auch wenn diese deaktiviert sind."
registration: "Registrieren"
-enableRegistration: "Registrierung neuer Benutzer erlauben"
invite: "Einladen"
driveCapacityPerLocalAccount: "Drive-Kapazität pro lokalem Benutzerkonto"
driveCapacityPerRemoteAccount: "Drive-Kapazität pro Benutzer fremder Instanzen"
@@ -473,6 +483,7 @@ retype: "Erneut eingeben"
noteOf: "Notiz von {user}"
quoteAttached: "Zitat"
quoteQuestion: "Als Zitat anhängen?"
+attachAsFileQuestion: "Der Text in der Zwischenablage ist lang. Möchtest du ihn als Textdatei anhängen?"
noMessagesYet: "Noch keine Nachrichten vorhanden"
newMessageExists: "Du hast eine neue Nachricht"
onlyOneFileCanBeAttached: "Es kann pro Nachricht nur eine Datei angehängt werden"
@@ -498,7 +509,11 @@ uiLanguage: "Sprache der Benutzeroberfläche"
aboutX: "Über {x}"
emojiStyle: "Emoji-Stil"
native: "Nativ"
+menuStyle: "Menü Stil"
+style: "Stil"
+popup: "Pop-up"
showNoteActionsOnlyHover: "Notizmenü nur bei Mouseover anzeigen"
+showReactionsCount: "Zeige die Anzahl der Reaktionen auf Notizen an"
noHistory: "Kein Verlauf gefunden"
signinHistory: "Anmeldungsverlauf"
enableAdvancedMfm: "Erweitertes MFM aktivieren"
@@ -579,6 +594,7 @@ ascendingOrder: "Aufsteigende Reihenfolge"
descendingOrder: "Absteigende Reihenfolge"
scratchpad: "Testumgebung"
scratchpadDescription: "Die Testumgebung bietet einen Bereich für AiScript-Experimente. Dort kannst du AiScript schreiben, ausführen sowie dessen Auswirkungen auf Misskey überprüfen."
+uiInspector: "UI-Inspektor"
output: "Ausgabe"
script: "Skript"
disablePagesScript: "AiScript auf Seiten deaktivieren"
@@ -659,6 +675,7 @@ smtpSecure: "Für SMTP-Verbindungen implizit SSL/TLS verwenden"
smtpSecureInfo: "Schalte dies aus, falls du STARTTLS verwendest."
testEmail: "Emailversand testen"
wordMute: "Wortstummschaltung"
+hardWordMute: "Harte Wort-Stummschaltung"
regexpError: "Fehler in einem regulären Ausdruck"
regexpErrorDescription: "Im regulären Ausdruck deiner in Zeile {line} von {tab}en Wortstummschaltungen ist ein Fehler aufgetreten:"
instanceMute: "Instanzstummschaltungen"
@@ -680,6 +697,7 @@ useGlobalSettingDesc: "Ist diese Option aktiviert, werden die Benachrichtigungse
other: "Anderes"
regenerateLoginToken: "Anmeldetoken regenerieren"
regenerateLoginTokenDescription: "Den zur Anmeldung intern verwendeten Token regenerieren. Normalerweise wird dies nicht benötigt. Bei Regeneration werden alle Geräte ausgeloggt."
+theKeywordWhenSearchingForCustomEmoji: "Das ist das Schlagwort beim Suchen von benutzerdefinierten Emojis."
setMultipleBySeparatingWithSpace: "Trenne Elemente durch ein Leerzeichen um mehrere Einstellungen zu kofigurieren."
fileIdOrUrl: "Datei-ID oder URL"
behavior: "Verhalten"
@@ -889,6 +907,8 @@ makeReactionsPublicDescription: "Jeder wird die Liste deiner gesendeten Reaktion
classic: "Classic"
muteThread: "Thread stummschalten"
unmuteThread: "Threadstummschaltung aufheben"
+followingVisibility: "Sichtbarkeit der Gefolgten"
+followersVisibility: "Sichtbarkeit der Folgenden"
continueThread: "Weiteren Threadverlauf anzeigen"
deleteAccountConfirm: "Dein Benutzerkonto wird unwiderruflich gelöscht. Trotzdem fortfahren?"
incorrectPassword: "Falsches Passwort."
@@ -1021,6 +1041,7 @@ thisPostMayBeAnnoyingHome: "Zur Startseite schicken"
thisPostMayBeAnnoyingCancel: "Abbrechen"
thisPostMayBeAnnoyingIgnore: "Trotzdem schicken"
collapseRenotes: "Bereits gesehene Renotes verkürzt anzeigen"
+collapseRenotesDescription: "Klappe Notizen ein, auf die du bereits reagiert oder die du renoted hast."
internalServerError: "Serverinterner Fehler"
internalServerErrorDescription: "Im Server ist ein unerwarteter Fehler aufgetreten."
copyErrorInfo: "Fehlerdetails kopieren"
@@ -1045,6 +1066,7 @@ sensitiveWords: "Sensible Wörter"
sensitiveWordsDescription: "Die Notizsichtbarkeit aller Notizen, die diese Wörter enthalten, wird automatisch auf \"Startseite\" gesetzt. Durch Zeilenumbrüche können mehrere konfiguriert werden."
sensitiveWordsDescription2: "Durch die Verwendung von Leerzeichen können AND-Verknüpfungen angegeben werden und durch das Umgeben von Schrägstrichen können reguläre Ausdrücke verwendet werden."
prohibitedWords: "Verbotene Wörter"
+prohibitedWordsDescription: "Aktiviert eine Fehlermeldung, wenn versucht wird, eine Notiz zu veröffentlichen, die das/die eingestellte(n) Wort(e) enthält. Mehrere Begriffe können durch Zeilenumbrüche getrennt festgelegt werden."
prohibitedWordsDescription2: "Durch die Verwendung von Leerzeichen können AND-Verknüpfungen angegeben werden und durch das Umgeben von Schrägstrichen können reguläre Ausdrücke verwendet werden."
hiddenTags: "Ausgeblendete Hashtags"
hiddenTagsDescription: "Die hier eingestellten Tags werden nicht mehr in den Trends angezeigt. Mit der Umschalttaste können mehrere ausgewählt werden."
@@ -1170,6 +1192,9 @@ confirmShowRepliesAll: "Dies ist eine unwiderrufliche Aktion. Wirklich Antworten
confirmHideRepliesAll: "Dies ist eine unwiderrufliche Aktion. Wirklich Antworten von allen momentan gefolgten Benutzern nicht in der Chronik anzeigen?"
externalServices: "Externe Dienste"
sourceCode: "Quellcode"
+sourceCodeIsNotYetProvided: "Der Quellcode ist noch nicht verfügbar. Kontaktiere den Administrator, um das Problem zu lösen."
+repositoryUrl: "Repository URL"
+repositoryUrlOrTarballRequired: "Wenn du kein Repository veröffentlicht hast, musst du stattdessen einen Tarball bereitstellen. Siehe .config/example.yml für weitere Informationen."
impressum: "Impressum"
impressumUrl: "Impressums-URL"
impressumDescription: "In manchen Ländern, wie Deutschland und dessen Umgebung, ist die Angabe von Betreiberinformationen (ein Impressum) bei kommerziellem Betrieb zwingend."
@@ -1192,34 +1217,81 @@ cwNotationRequired: "Ist \"Inhaltswarnung verwenden\" aktiviert, muss eine Besch
doReaction: "Reagieren"
code: "Code"
remainingN: "Verbleibend: {n}"
+overwriteContentConfirm: "Bist du sicher, dass du den aktuellen Inhalt überschreiben willst?"
+seasonalScreenEffect: "Saisonaler Bildschirmeffekt"
decorate: "Dekorieren"
addMfmFunction: "MFM hinzufügen"
+enableQuickAddMfmFunction: "Erweiterte MFM-Auswahl anzeigen"
sfx: "Soundeffekte"
+soundWillBePlayed: "Es wird Ton wiedergegeben"
showReplay: "Wiederholung anzeigen"
+ranking: "Rangliste"
lastNDays: "Letzten {n} Tage"
+backToTitle: "Zurück zum Startbildschirm"
+enableHorizontalSwipe: "Wischen, um zwischen Tabs zu wechseln"
+loading: "Laden"
surrender: "Abbrechen"
+gameRetry: "Erneut versuchen"
+notUsePleaseLeaveBlank: "Leer lassen, wenn nicht verwendet"
+useTotp: "Gib das Einmalpasswort ein"
+useBackupCode: "Verwende die Backup-Codes"
+launchApp: "Starte die App"
+useNativeUIForVideoAudioPlayer: "Browser-Benutzeroberfläche für die Video- und Audiowiedergabe verwenden"
keepOriginalFilename: "Ursprünglichen Dateinamen beibehalten"
+keepOriginalFilenameDescription: "Wenn diese Einstellung deaktiviert ist, wird der Dateiname beim Hochladen automatisch durch eine zufällige Zeichenfolge ersetzt."
+noDescription: "Keine Beschreibung vorhanden"
tryAgain: "Bitte später erneut versuchen"
confirmWhenRevealingSensitiveMedia: "Das Anzeigen von sensiblen Medien bestätigen"
+sensitiveMediaRevealConfirm: "Es könnte sich um sensible Medien handeln. Möchtest du sie anzeigen?"
createdLists: "Erstellte Listen"
createdAntennas: "Erstellte Antennen"
+fromX: "Von {x}"
genEmbedCode: "Einbettungscode generieren"
noteOfThisUser: "Notizen dieses Benutzers"
clipNoteLimitExceeded: "Zu diesem Clip können keine weiteren Notizen hinzugefügt werden."
discard: "Verwerfen"
+thereAreNChanges: "Es gibt {n} Änderung(en)"
signinWithPasskey: "Mit Passkey anmelden"
passkeyVerificationFailed: "Die Passkey-Verifizierung ist fehlgeschlagen."
passkeyVerificationSucceededButPasswordlessLoginDisabled: "Die Verifizierung des Passkeys war erfolgreich, aber die passwortlose Anmeldung ist deaktiviert."
+messageToFollower: "Nachricht an die Follower"
+testCaptchaWarning: "Diese Funktion ist für CAPTCHA-Testzwecke gedacht.\nNicht in einer Produktivumgebung verwenden."
+prohibitedWordsForNameOfUser: "Verbotene Begriffe für Benutzernamen"
+prohibitedWordsForNameOfUserDescription: "Wenn eine Zeichenfolge aus dieser Liste im Namen eines Benutzers enthalten ist, wird der Benutzername abgelehnt. Benutzer mit Moderatorenrechten sind von dieser Einschränkung nicht betroffen."
+yourNameContainsProhibitedWords: "Dein Name enthält einen verbotenen Begriff"
+yourNameContainsProhibitedWordsDescription: "Der Name enthält eine verbotene Zeichenfolge. Wende dich an deinen Serveradministrator, wenn du diesen Namen verwenden möchtest."
pleaseSelectAccount: "Bitte Konto auswählen"
availableRoles: "Verfügbare Rollen"
+_accountSettings:
+ requireSigninToViewContents: "Anmeldung erfordern, um Inhalte anzuzeigen"
+ requireSigninToViewContentsDescription1: "Erfordere eine Anmeldung, um alle Notizen und andere Inhalte anzuzeigen, die du erstellt hast. Dadurch wird verhindert, dass Crawler deine Informationen sammeln."
+ requireSigninToViewContentsDescription3: "Diese Einschränkungen gelten möglicherweise nicht für föderierte Inhalte von anderen Servern."
+ makeNotesFollowersOnlyBefore: "Macht frühere Notizen nur für Follower sichtbar"
+ makeNotesHiddenBefore: "Frühere Notizen privat machen"
+ mayNotEffectForFederatedNotes: "Dies hat möglicherweise keine Auswirkungen auf Notizen, die an andere Server föderiert werden."
_abuseUserReport:
forward: "Weiterleiten"
+ forwardDescription: "Leite die Meldung an einen entfernten Server als anonymes Systemkonto weiter."
+ accept: "Akzeptieren"
+ reject: "Ablehnen"
_delivery:
stop: "Gesperrt"
_type:
none: "Wird veröffentlicht"
+ manuallySuspended: "Manuell gesperrt"
_bubbleGame:
howToPlay: "Wie man spielt"
+ hold: "Halten"
+ _score:
+ score: "Spielstand"
+ scoreYen: "Verdienter Geldbetrag"
+ highScore: "Höchstpunktzahl"
+ maxChain: "Maximale Anzahl an Verkettungen"
+ yen: "{yen} Yen"
+ _howToPlay:
+ section1: "Passe die Position an und lasse das Objekt in das Spielfeld fallen."
+ section2: "Wenn sich zwei Objekte der gleichen Art berühren, verwandeln sie sich in ein anderes Objekt und du bekommst Punkte."
+ section3: "Das Spiel ist vorbei, wenn die Objekte aus dem Spielfeld herausragen. Versuche eine hohe Punktzahl zu erreichen, indem du die Objekte miteinander verschmelzt, ohne dass das Spielfeld überläuft!"
_announcement:
forExistingUsers: "Nur für existierende Nutzer"
forExistingUsersDescription: "Ist diese Option aktiviert, wird diese Ankündigung nur Nutzern angezeigt, die zum Zeitpunkt der Ankündigung bereits registriert sind. Ist sie deaktiviert, wird sie auch Nutzern, die sich nach dessen Veröffentlichung registrieren, angezeigt."
@@ -1263,8 +1335,18 @@ _initialTutorial:
reply: "Klicke auf diesen Button, um auf eine Nachricht zu antworten. Es ist auch möglich, auf Antworten zu antworten und die Unterhaltung wie einen Thread fortzusetzen."
_reaction:
title: "Was sind Reaktionen?"
+ description: "Auf Notizen kann mit verschiedenen Emojis reagiert werden. Reaktionen ermöglichen es dir, Nuancen auszudrücken, die mit einem einfachen „Gefällt mir“ vielleicht nicht ausgedrückt werden können."
+ letsTryReacting: "Reaktionen können durch Klicken auf die Schaltfläche „+“ in der Notiz hinzugefügt werden. Versuche, auf diese Beispielnotiz zu reagieren!"
reactToContinue: "Füge eine Reaktion hinzu, um fortzufahren."
reactNotification: "Du erhältst Echtzeit-Benachrichtigungen, wenn jemand auf deine Notiz reagiert."
+ reactDone: "Du kannst eine Reaktion zurücknehmen, indem du auf den '-' Button drückst."
+ _timeline:
+ title: "So funktionieren die Chroniken"
+ home: "Du kannst Beiträge von den Konten sehen, denen du folgst."
+ local: "Du kannst Beiträge aller Benutzer auf diesem Server sehen."
+ social: "Notizen von der Startseite und der lokalen Chronik werden angezeigt."
+ global: "Du kannst Notizen von allen föderierten Servern sehen."
+ description2: "Du kannst jederzeit am oberen Rand des Bildschirms zwischen den jeweiligen Chroniken wechseln."
_postNote:
_visibility:
description: "Du kannst einschränken, wer deine Notiz sehen kann."
@@ -1272,8 +1354,16 @@ _initialTutorial:
doNotSendConfidencialOnDirect1: "Sei vorsichtig, wenn du sensible Informationen verschickst!"
_cw:
title: "Inhaltswarnung"
+ _exampleNote:
+ note: "Ich hatte gerade einen Donut mit Schokoladenüberzug 🍩😋"
+ _howToMakeAttachmentsSensitive:
+ tryThisFile: "Versuche, das angehängte Bild als sensibel zu markieren!"
+ method: "Um einen Anhang als sensibel zu kennzeichnen, klicke auf das Vorschaubild der Datei, um das Menü zu öffnen, und klicke auf „Als sensibel markieren“."
+ sensitiveSucceeded: "Wenn du Dateien anhängst, stelle bitte die Sensibilität entsprechend der Serverrichtlinien ein."
+ doItToContinue: "Markiere die angehängte Datei als sensibel, um fortzufahren."
_done:
title: "Du hast das Tutorial abgeschlossen! 🎉"
+ description: "Die hier beschriebenen Funktionen sind nur ein kleiner Teil dessen, was Misskey zu bieten hat; um mehr darüber zu erfahren, wie du Misskey benutzen kannst, besuche bitte {link}."
_timelineDescription:
local: "In der lokalen Chronik siehst du Notizen von allen Benutzern auf diesem Server."
global: "In der globalen Chronik siehst du Notizen von allen föderierten Servern."
@@ -1291,6 +1381,7 @@ _serverSettings:
fanoutTimelineDescription: "Ist diese Option aktiviert, kann eine erhebliche Verbesserung im Abrufen von Chroniken und eine Reduzierung der Datenbankbelastung erzielt werden, im Gegenzug zu einer Steigerung in der Speichernutzung von Redis. Bei geringem Serverspeicher oder Serverinstabilität kann diese Option deaktiviert werden."
fanoutTimelineDbFallback: "Auf die Datenbank zurückfallen"
fanoutTimelineDbFallbackDescription: "Ist diese Option aktiviert, wird die Chronik auf zusätzliche Abfragen in der Datenbank zurückgreifen, wenn sich die Chronik nicht im Cache befindet. Eine Deaktivierung führt zu geringerer Serverlast, aber schränkt den Zeitraum der abrufbaren Chronik ein. "
+ thisSettingWillAutomaticallyOffWhenModeratorsInactive: "Wenn über einen bestimmten Zeitraum keine Moderatorenaktivität festgestellt wird, wird diese Einstellung automatisch deaktiviert, um Spam zu verhindern."
_accountMigration:
moveFrom: "Von einem anderen Konto zu diesem migrieren"
moveFromSub: "Alias für ein anderes Konto erstellen"
@@ -1549,6 +1640,7 @@ _achievements:
title: "Testüberfluss"
description: "Betätige den Benachrichtigungstest mehrfach innerhalb einer extrem kurzen Zeitspanne"
_tutorialCompleted:
+ title: "Misskey Grundkurs-Diplom"
description: "Tutorial abgeschlossen"
_bubbleGameExplodingHead:
title: "🤯"
@@ -1594,6 +1686,7 @@ _role:
gtlAvailable: "Kann auf die globale Chronik zugreifen"
ltlAvailable: "Kann auf die lokale Chronik zugreifen"
canPublicNote: "Kann öffentliche Notizen erstellen"
+ mentionMax: "Maximale Anzahl von Erwähnungen in einer Notiz"
canInvite: "Erstellung von Einladungscodes für diese Instanz"
inviteLimit: "Maximalanzahl an Einladungen"
inviteLimitCycle: "Zyklus des Einladungslimits"
@@ -1616,9 +1709,12 @@ _role:
canSearchNotes: "Nutzung der Notizsuchfunktion"
canUseTranslator: "Verwendung des Übersetzers"
avatarDecorationLimit: "Maximale Anzahl an Profilbilddekorationen, die angebracht werden können"
+ canImportAntennas: "Importieren von Antennen erlauben"
_condition:
isLocal: "Lokaler Benutzer"
isRemote: "Benutzer fremder Instanz"
+ isCat: "Katzen-Benutzer"
+ isBot: "Bot-Benutzer"
createdLessThan: "Kontoerstellung liegt weniger als X zurück"
createdMoreThan: "Kontoerstellung liegt mehr als X zurück"
followersLessThanOrEq: "Hat X oder weniger Follower"
@@ -1834,6 +1930,12 @@ _sfx:
note: "Notizen"
noteMy: "Meine Notizen"
notification: "Benachrichtigungen"
+_soundSettings:
+ driveFile: "Audiodatei aus dem Drive verwenden"
+ driveFileWarn: "Wähle eine Audiodatei aus dem Drive"
+ driveFileTypeWarn: "Diese Datei wird nicht unterstützt"
+ driveFileTypeWarnDescription: "Bitte wähle eine Audiodatei"
+ driveFileDurationWarn: "Audio zu lang."
_ago:
future: "Zukunft"
justNow: "Gerade eben"
@@ -1915,6 +2017,23 @@ _permissions:
"write:flash": "Deine Plays bearbeiten oder löschen"
"read:flash-likes": "Liste der Plays, die mir gefallen, lesen"
"write:flash-likes": "Liste der Plays, die mir gefallen, bearbeiten"
+ "write:admin:delete-account": "Benutzerkonto löschen"
+ "write:admin:delete-all-files-of-a-user": "Alle Dateien eines Benutzers löschen"
+ "read:admin:index-stats": "Statistiken zu Datenbankindizes einsehen"
+ "read:admin:table-stats": "Statistiken zu Datenbanktabellen einsehen"
+ "read:admin:user-ips": "IP-Adressen von Benutzern anzeigen"
+ "read:admin:meta": "Metadaten der Instanz einsehen"
+ "write:admin:reset-password": "Benutzerpasswort zurücksetzen"
+ "write:admin:send-email": "E-Mail versenden"
+ "read:admin:server-info": "Serverinformationen anzeigen"
+ "read:admin:show-moderation-log": "Moderationsprotokoll einsehen"
+ "read:admin:show-user": "Private Benutzerinformationen einsehen"
+ "write:admin:invite-codes": "Einladungscodes verwalten"
+ "read:admin:invite-codes": "Einladungscodes anzeigen"
+ "write:admin:announcements": "Ankündigungen verwalten"
+ "read:admin:announcements": "Ankündigungen einsehen"
+ "write:admin:avatar-decorations": "Kann Avatar-Dekorationen verwalten"
+ "read:admin:avatar-decorations": "Avatar-Dekorationen ansehen"
_auth:
shareAccessTitle: "Verteilung von App-Berechtigungen"
shareAccess: "Möchtest du „{name}“ authorisieren, auf dieses Benutzerkonto zugreifen zu können?"
@@ -2329,3 +2448,31 @@ _reversi:
black: "Schwarz"
white: "Weiß"
total: "Gesamt"
+_offlineScreen:
+ header: "Verbindung zum Server nicht möglich"
+_urlPreviewSetting:
+ title: "Einstellungen der URL-Vorschau"
+ enable: "URL-Vorschau aktivieren"
+ timeout: "Zeitüberschreitung beim Abrufen der Vorschau (ms)"
+ maximumContentLength: "Maximale Content-Length (Bytes)"
+_mediaControls:
+ playbackRate: "Wiedergabegeschwindigkeit"
+_contextMenu:
+ title: "Kontextmenü"
+ app: "Anwendung"
+_embedCodeGen:
+ title: "Einbettungscode anpassen"
+ header: "Kopfzeile anzeigen"
+ autoload: "Automatisch mehr laden (veraltet)"
+ maxHeight: "Maximale Höhe"
+ maxHeightDescription: "Der Wert 0 deaktiviert die Einstellung der maximalen Höhe. Gib einen Wert an, um zu verhindern, dass das Widget weiterhin vertikal vergrößert wird."
+ maxHeightWarn: "Die Begrenzung der maximalen Höhe ist deaktiviert (0). Wenn dies nicht beabsichtigt war, setze die maximale Höhe auf einen Wert fest."
+ applyToPreview: "Auf die Vorschau anwenden"
+ generateCode: "Einbettungscode generieren"
+ codeGenerated: "Der Code wurde generiert"
+ codeGeneratedDescription: "Füge den generierten Code in deine Website ein, um den Inhalt einzubetten."
+_selfXssPrevention:
+ warning: "WARNUNG"
+ title: "„Füge in diesen Bereich etwas ein“ ist eine Betrugsmasche."
+ description1: "Wenn du hier etwas einfügst, könnte ein böswilliger Benutzer dein Konto übernehmen oder deine persönlichen Daten stehlen."
+ description3: "Weitere Informationen findest du hier. {link}"
diff --git a/locales/en-US.yml b/locales/en-US.yml
index 6703d1cf3a..69e6da1a6f 100644
--- a/locales/en-US.yml
+++ b/locales/en-US.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "Enable local timeline"
enableGlobalTimeline: "Enable global timeline"
disablingTimelinesInfo: "Adminstrators and Moderators will always have access to all timelines, even if they are not enabled."
registration: "Register"
-enableRegistration: "Enable new user registration"
invite: "Invite"
driveCapacityPerLocalAccount: "Drive capacity per local user"
driveCapacityPerRemoteAccount: "Drive capacity per remote user"
@@ -587,6 +586,7 @@ masterVolume: "Master volume"
notUseSound: "Disable sound"
useSoundOnlyWhenActive: "Output sounds only if Misskey is active."
details: "Details"
+renoteDetails: "Renote details"
chooseEmoji: "Select an emoji"
unableToProcess: "The operation could not be completed"
recentUsed: "Recently used"
@@ -1309,7 +1309,7 @@ _accountSettings:
makeNotesFollowersOnlyBeforeDescription: "While this feature is enabled, only followers can see notes past the set date and time or have been visible for a set time. When it is deactivated, the note publication status will also be restored."
makeNotesHiddenBefore: "Make past notes private"
makeNotesHiddenBeforeDescription: "While this feature is enabled, notes that are past the set date and time or have been visible only to you. When it is deactivated, the note publication status will also be restored."
- mayNotEffectForFederatedNotes: "Notes federated to a remote server may not be effective."
+ mayNotEffectForFederatedNotes: "Notes federated to a remote server may not be affected."
notesHavePassedSpecifiedPeriod: "Note that the specified time has passed"
notesOlderThanSpecifiedDateAndTime: "Notes before the specified date and time"
_abuseUserReport:
diff --git a/locales/es-ES.yml b/locales/es-ES.yml
index 7731598152..a4ec114b15 100644
--- a/locales/es-ES.yml
+++ b/locales/es-ES.yml
@@ -373,7 +373,6 @@ enableLocalTimeline: "Habilitar linea de tiempo local"
enableGlobalTimeline: "Habilitar linea de tiempo global"
disablingTimelinesInfo: "Aunque se desactiven estas lineas de tiempo, por conveniencia el administrador y los moderadores pueden seguir usándolos"
registration: "Registro"
-enableRegistration: "Permitir nuevos registros"
invite: "Invitar"
driveCapacityPerLocalAccount: "Capacidad del drive por usuario local"
driveCapacityPerRemoteAccount: "Capacidad del drive por usuario remoto"
diff --git a/locales/fr-FR.yml b/locales/fr-FR.yml
index a7060c06fc..b105a86b5e 100644
--- a/locales/fr-FR.yml
+++ b/locales/fr-FR.yml
@@ -8,6 +8,9 @@ search: "Rechercher"
notifications: "Notifications"
username: "Nom d’utilisateur·rice"
password: "Mot de passe"
+initialPasswordForSetup: "Mot de passe initial pour la configuration"
+initialPasswordIsIncorrect: "Mot de passe initial pour la configuration est incorrecte"
+initialPasswordForSetupDescription: "Utilisez le mot de passe que vous avez entré pour le fichier de configuration si vous avez installé Misskey vous-même.\nSi vous utilisez un service d'hébergement Misskey, utilisez le mot de passe fourni.\nSi vous n'avez pas défini de mot de passe, laissez le champ vide pour continuer."
forgotPassword: "Mot de passe oublié"
fetchingAsApObject: "Récupération depuis le fédiverse …"
ok: "OK"
@@ -60,6 +63,7 @@ copyFileId: "Copier l'identifiant du fichier"
copyFolderId: "Copier l'identifiant du dossier"
copyProfileUrl: "Copier l'URL du profil"
searchUser: "Chercher un·e utilisateur·rice"
+searchThisUsersNotes: "Cherchez les notes de cet·te utilisateur·rice"
reply: "Répondre"
loadMore: "Afficher plus …"
showMore: "Voir plus"
@@ -108,6 +112,7 @@ enterEmoji: "Insérer un émoji"
renote: "Renoter"
unrenote: "Annuler la Renote"
renoted: "Renoté !"
+renotedToX: "Renoté en {name}"
cantRenote: "Ce message ne peut pas être renoté."
cantReRenote: "Impossible de renoter une Renote."
quote: "Citer"
@@ -151,6 +156,7 @@ editList: "Modifier la liste"
selectChannel: "Sélectionner un canal"
selectAntenna: "Sélectionner une antenne"
editAntenna: "Modifier l'antenne"
+createAntenna: "Créer une antenne"
selectWidget: "Sélectionner un widget"
editWidgets: "Modifier les widgets"
editWidgetsExit: "Valider les modifications"
@@ -177,6 +183,7 @@ addAccount: "Ajouter un compte"
reloadAccountsList: "Rafraichir la liste des comptes"
loginFailed: "Échec de la connexion"
showOnRemote: "Voir sur l’instance distante"
+continueOnRemote: "Continuer sur l'instance distante"
general: "Général"
wallpaper: "Fond d’écran"
setWallpaper: "Définir le fond d’écran"
@@ -187,6 +194,7 @@ followConfirm: "Êtes-vous sûr·e de vouloir suivre {name} ?"
proxyAccount: "Compte proxy"
proxyAccountDescription: "Un compte proxy se comporte, dans certaines conditions, comme un·e abonné·e distant·e pour les utilisateurs d'autres instances. Par exemple, quand un·e utilisateur·rice ajoute un·e utilisateur·rice distant·e à une liste, ses notes ne seront pas visibles sur l'instance si personne ne suit cet·te utilisateur·rice. Le compte proxy va donc suivre cet·te utilisateur·rice pour que ses notes soient acheminées."
host: "Serveur distant"
+selectSelf: "Sélectionner manuellement"
selectUser: "Sélectionner un·e utilisateur·rice"
recipient: "Destinataire"
annotation: "Commentaires"
@@ -320,6 +328,7 @@ renameFolder: "Renommer le dossier"
deleteFolder: "Supprimer le dossier"
folder: "Dossier"
addFile: "Ajouter un fichier"
+showFile: "Voir les fichiers"
emptyDrive: "Le Disque est vide"
emptyFolder: "Le dossier est vide"
unableToDelete: "Suppression impossible"
@@ -362,7 +371,6 @@ enableLocalTimeline: "Activer le fil local"
enableGlobalTimeline: "Activer le fil global"
disablingTimelinesInfo: "Même si vous désactivez ces fils, les administrateur·rice·s et les modérateur·rice·s pourront toujours y accéder."
registration: "S’inscrire"
-enableRegistration: "Autoriser les nouvelles inscriptions"
invite: "Inviter"
driveCapacityPerLocalAccount: "Capacité de stockage du Disque par utilisateur local"
driveCapacityPerRemoteAccount: "Capacité de stockage du Disque par utilisateur distant"
@@ -430,10 +438,11 @@ token: "Jeton"
2fa: "Authentification à deux facteurs"
setupOf2fa: "Configuration de l’authentification à deux facteurs"
totp: "Application d'authentification"
-totpDescription: "Entrez un mot de passe à usage unique à l'aide d'une application d'authentification"
+totpDescription: "Entrer un mot de passe à usage unique à l'aide d'une application d'authentification"
moderator: "Modérateur·rice·s"
moderation: "Modérations"
moderationNote: "Note de modération"
+moderationNoteDescription: "Vous pouvez remplir des notes qui seront partagés seulement entre modérateurs."
addModerationNote: "Ajouter une note de modération"
moderationLogs: "Journal de modération"
nUsersMentioned: "{n} utilisateur·rice·s mentionné·e·s"
@@ -493,6 +502,10 @@ uiLanguage: "Langue d’affichage de l’interface"
aboutX: "À propos de {x}"
emojiStyle: "Style des émojis"
native: "Natif"
+menuStyle: "Style du menu"
+style: "Style"
+drawer: "Sélecteur"
+popup: "Pop-up"
showNoteActionsOnlyHover: "Afficher les actions de note uniquement au survol"
showReactionsCount: "Afficher le nombre de réactions des notes"
noHistory: "Pas d'historique"
@@ -575,6 +588,7 @@ ascendingOrder: "Ascendant"
descendingOrder: "Descendant"
scratchpad: "ScratchPad"
scratchpadDescription: "ScratchPad fournit un environnement expérimental pour AiScript. Vous pouvez vérifier la rédaction de votre code, sa bonne exécution et le résultat de son interaction avec Misskey."
+uiInspector: "Inspecteur UI"
output: "Sortie"
script: "Script"
disablePagesScript: "Désactiver AiScript sur les Pages"
@@ -618,7 +632,7 @@ description: "Description"
describeFile: "Ajouter une description d'image"
enterFileDescription: "Saisissez une description"
author: "Auteur·rice"
-leaveConfirm: "Vous avez des modifications non-sauvegardées. Voulez-vous les ignorer ?"
+leaveConfirm: "Vous avez des modifications non sauvegardées. Voulez-vous les ignorer ?"
manage: "Gestion"
plugins: "Extensions"
preferencesBackups: "Sauvegarder les paramètres"
@@ -828,6 +842,7 @@ administration: "Gestion"
accounts: "Comptes"
switch: "Remplacer"
noMaintainerInformationWarning: "Informations administrateur non configurées."
+noInquiryUrlWarning: "L'URL demandé n'est pas définie"
noBotProtectionWarning: "La protection contre les bots n'est pas configurée."
configure: "Configurer"
postToGallery: "Publier dans la galerie"
@@ -892,6 +907,7 @@ followersVisibility: "Visibilité des abonnés"
continueThread: "Afficher la suite du fil"
deleteAccountConfirm: "Votre compte sera supprimé. Êtes vous certain ?"
incorrectPassword: "Le mot de passe est incorrect."
+incorrectTotp: "Le mot de passe à usage unique est incorrect ou a expiré."
voteConfirm: "Confirmez-vous votre vote pour « {choice} » ?"
hide: "Masquer"
useDrawerReactionPickerForMobile: "Afficher le sélecteur de réactions en tant que panneau sur mobile"
@@ -916,6 +932,9 @@ oneHour: "1 heure"
oneDay: "1 jour"
oneWeek: "1 semaine"
oneMonth: "Un mois"
+threeMonths: "3 mois"
+oneYear: "1 an"
+threeDays: "3 jours"
reflectMayTakeTime: "Cela peut prendre un certain temps avant que cela ne se termine."
failedToFetchAccountInformation: "Impossible de récupérer les informations du compte."
rateLimitExceeded: "Limite de taux dépassée"
@@ -923,7 +942,7 @@ cropImage: "Recadrer l'image"
cropImageAsk: "Voulez-vous recadrer cette image ?"
cropYes: "Rogner"
cropNo: "Utiliser en l'état"
-file: "Fichiers"
+file: "Fichier"
recentNHours: "Dernières {n} heures"
recentNDays: "Derniers {n} jours"
noEmailServerWarning: "Serveur de courrier non configuré."
@@ -1055,6 +1074,7 @@ retryAllQueuesConfirmTitle: "Vraiment réessayer ?"
retryAllQueuesConfirmText: "Cela peut augmenter temporairement la charge du serveur."
enableChartsForRemoteUser: "Générer les graphiques pour les utilisateurs distants"
enableChartsForFederatedInstances: "Générer les graphiques pour les instances distantes"
+enableStatsForFederatedInstances: "Recevoir les statistiques des instances distantes"
showClipButtonInNoteFooter: "Ajouter « Clip » au menu d'action de la note"
reactionsDisplaySize: "Taille de l'affichage des réactions"
limitWidthOfReaction: "Limiter la largeur maximale des réactions et les afficher en taille réduite"
@@ -1102,6 +1122,8 @@ preventAiLearning: "Refuser l'usage dans l'apprentissage automatique d'IA géné
preventAiLearningDescription: "Demander aux robots d'indexation de ne pas utiliser le contenu publié, tel que les notes et les images, dans l'apprentissage automatique d'IA générative. Cela est réalisé en incluant le drapeau « noai » dans la réponse HTML. Une prévention complète n'est toutefois pas possible, car il est au robot d'indexation de respecter cette demande."
options: "Options"
specifyUser: "Spécifier l'utilisateur·rice"
+openTagPageConfirm: "Ouvrir une page d'hashtags ?"
+specifyHost: "Spécifier un serveur distant"
failedToPreviewUrl: "Aperçu d'URL échoué"
update: "Mettre à jour"
rolesThatCanBeUsedThisEmojiAsReaction: "Rôles qui peuvent utiliser cet émoji comme réaction"
@@ -1222,13 +1244,55 @@ enableHorizontalSwipe: "Glisser pour changer d'onglet"
loading: "Chargement en cours"
surrender: "Annuler"
gameRetry: "Réessayer"
+notUsePleaseLeaveBlank: "Laisser vide si non utilisé"
+useTotp: "Entrer un mot de passe à usage unique"
+useBackupCode: "Utiliser le codes de secours"
launchApp: "Lancer l'app"
+useNativeUIForVideoAudioPlayer: "Lire les vidéos et audios en utilisant l'UI du navigateur"
+keepOriginalFilename: "Garder le nom original du fichier"
+keepOriginalFilenameDescription: "Si vous désactivez ce paramètre, les noms de fichiers seront automatiquement remplacés par des noms aléatoires lorsque vous téléchargerez des fichiers."
+noDescription: "Il n'y a pas de description"
+alwaysConfirmFollow: "Confirmer lors d'un abonnement"
inquiry: "Contact"
+tryAgain: "Veuillez réessayer plus tard"
+confirmWhenRevealingSensitiveMedia: "Confirmer pour révéler du contenu sensible"
+sensitiveMediaRevealConfirm: "Ceci pourrait être du contenu sensible. Voulez-vous l'afficher ?"
+createdLists: "Listes créées"
+createdAntennas: "Antennes créées"
+fromX: "De {x}"
+genEmbedCode: "Générer le code d'intégration"
+noteOfThisUser: "Notes de cet·te utilisateur·rice"
+clipNoteLimitExceeded: "Aucune note supplémentaire ne peut être ajoutée à ce clip."
+performance: "Performance"
+modified: "Modifié"
+discard: "Annuler"
+thereAreNChanges: "Il y a {n} modification(s)"
+signinWithPasskey: "Se connecter avec une clé d'accès"
+unknownWebAuthnKey: "Clé d'accès inconnue."
+passkeyVerificationFailed: "La vérification de la clé d'accès a échoué."
+passkeyVerificationSucceededButPasswordlessLoginDisabled: "La vérification de la clé d'accès a réussi, mais la connexion sans mot de passe est désactivée."
+messageToFollower: "Message aux abonné·es"
+target: "Destinataire"
+prohibitedWordsForNameOfUser: "Mots interdits pour les noms d'utilisateur·rices"
+lockdown: "Verrouiller"
+pleaseSelectAccount: "Sélectionner un compte"
+availableRoles: "Rôles disponibles"
+_abuseUserReport:
+ forward: "Transférer"
+ forwardDescription: "Transférer le signalement vers une instance distante en tant qu'anonyme."
+ resolve: "Résoudre"
+ accept: "Accepter"
+ reject: "Rejeter"
+ resolveTutorial: "Si le signalement est légitime dans son contenu, sélectionnez « Accepter » pour marquer le cas comme résolu par l'affirmative.\nSi le contenu du rapport n'est pas légitime, sélectionnez « Rejeter » pour marquer le cas comme résolu par la négative."
_delivery:
status: "Statut de la diffusion"
stop: "Suspendu·e"
+ resume: "Reprendre"
_type:
none: "Publié"
+ manuallySuspended: "Suspendre manuellement"
+ goneSuspended: "L'instance est suspendue en raison de la suppression de ce dernier"
+ autoSuspendedForNotResponding: "L'instance est suspendue car elle ne répond pas"
_bubbleGame:
howToPlay: "Comment jouer"
hold: "Réserver"
@@ -1239,6 +1303,7 @@ _bubbleGame:
maxChain: "Nombre maximum de chaînes"
yen: "{yen} yens"
estimatedQty: "{qty} pièces"
+ scoreSweets: "{onigiriQtyWithUnit} Onigiri(s)"
_announcement:
forExistingUsers: "Pour les utilisateurs existants seulement"
needConfirmationToRead: "Exiger la confirmation de la lecture"
@@ -1258,6 +1323,7 @@ _initialAccountSetting:
profileSetting: "Paramètres du profil"
privacySetting: "Paramètres de confidentialité"
initialAccountSettingCompleted: "Configuration du profil terminée avec succès !"
+ haveFun: "Profitez de {name} !"
youCanContinueTutorial: "Vous pouvez procéder au tutoriel sur l'utilisation de {name}(Misskey) ou vous arrêter ici et commencer à l'utiliser immédiatement."
startTutorial: "Démarrer le tutoriel"
skipAreYouSure: "Désirez-vous ignorer la configuration du profil ?"
@@ -1351,18 +1417,60 @@ _achievements:
flavor: "Passez un bon moment avec Misskey !"
_notes10:
title: "Quelques notes"
+ description: "Poster 10 notes"
_notes100:
title: "Beaucoup de notes"
+ description: "Poster 100 notes"
+ _notes500:
+ title: "Couvert de notes"
+ description: "Poster 500 notes"
+ _notes1000:
+ title: "Une montagne de notes"
+ description: "Poster 1000 notes"
+ _notes5000:
+ title: "Débordement de notes"
+ description: "Poster 5 000 notes"
+ _notes10000:
+ title: "Super note"
+ description: "Poster 10 000 notes"
+ _notes20000:
+ title: "Encore... plus... de... notes..."
+ description: "Poster 20 000 notes"
+ _notes30000:
+ title: "Notes notes notes !"
+ description: "Poster 30 000 notes"
+ _notes40000:
+ title: "Usine de notes"
+ description: "Poster 40 000 notes"
+ _notes50000:
+ title: "Planète des notes"
+ description: "Poster 50 000 notes"
+ _notes60000:
+ title: "Quasar de note"
+ description: "Poster 50 000 notes"
+ _notes70000:
+ title: "Trou noir de notes"
+ description: "Poster 70 000 notes"
+ _notes80000:
+ title: "Galaxie de notes"
+ description: "Poster 80 000 notes"
+ _notes90000:
+ title: "Univers de notes"
+ description: "Poster 90 000 notes"
_notes100000:
title: "ALL YOUR NOTE ARE BELONG TO US"
+ description: "Poster 100 000 notes"
+ flavor: "Avez-vous tant de choses à dire ?"
_login3:
- title: "Débutant Ⅰ"
+ title: "Débutant I"
description: "Se connecter pour un total de 3 jours"
+ flavor: "Dès maintenant, appelez-moi Misskeynaute"
_login7:
- title: "Débutant Ⅱ"
+ title: "Débutant II"
description: "Se connecter pour un total de 7 jours"
+ flavor: "On s'habitue ?"
_login15:
- title: "Débutant Ⅲ"
+ title: "Débutant III"
description: "Se connecter pour un total de 15 jours"
_login30:
title: "Misskeynaute I"
@@ -1386,6 +1494,7 @@ _achievements:
_login500:
title: "Expert I"
description: "Se connecter pour un total de 500 jours"
+ flavor: "Non, mes amis, j'aime les notes"
_login600:
title: "Expert II"
description: "Se connecter pour un total de 600 jours"
@@ -1393,11 +1502,18 @@ _achievements:
title: "Expert III"
description: "Se connecter pour un total de 700 jours"
_login800:
+ title: "Maître des notes I"
description: "Se connecter pour un total de 800 jours"
_login900:
+ title: "Maître des notes II"
description: "Se connecter pour un total de 900 jours"
_login1000:
+ title: "Maître des notes III"
+ description: "Se connecter pour un total de 1 000 jours"
flavor: "Merci d'utiliser Misskey !"
+ _noteClipped1:
+ title: "Je... dois... clip..."
+ description: "Ajouter sa première note aux clips"
_profileFilled:
title: "Bien préparé"
description: "Configuration de votre profil"
@@ -1456,21 +1572,31 @@ _achievements:
_driveFolderCircularReference:
title: "Référence circulaire"
_setNameToSyuilo:
+ title: "Complexe de dieu"
description: "Vous avez spécifié « syuilo » comme nom"
_passedSinceAccountCreated1:
title: "Premier anniversaire"
+ description: "Un an est passé depuis la création du compte"
_passedSinceAccountCreated2:
title: "Second anniversaire"
+ description: "Deux ans sont passés depuis la création du compte"
_passedSinceAccountCreated3:
title: "3ème anniversaire"
+ description: "Trois ans sont passés depuis la création du compte"
_loggedInOnBirthday:
title: "Joyeux Anniversaire !"
description: "Vous vous êtes connecté à la date de votre anniversaire"
_loggedInOnNewYearsDay:
title: "Bonne année !"
+ description: "Vous vous êtes connecté le premier jour de l'année"
+ flavor: "Merci pour le soutient continue sur cette instance."
_cookieClicked:
+ title: "Jeu de clic sur des cookies"
+ description: "Cliqué sur un cookie"
flavor: "Attendez une minute, vous êtes sur le mauvais site web ?"
_brainDiver:
+ title: "Brain Diver"
+ description: "Poster le lien sur Brain Diver"
flavor: "Misskey-Misskey La-Tu-Ma"
_smashTestNotificationButton:
title: "Débordement de tests"
@@ -1478,6 +1604,11 @@ _achievements:
_tutorialCompleted:
title: "Diplôme de la course élémentaire de Misskey"
description: "Terminer le tutoriel"
+ _bubbleGameExplodingHead:
+ title: "🤯"
+ description: "Le plus gros objet du jeu de bulles"
+ _bubbleGameDoubleExplodingHead:
+ title: "Double🤯"
_role:
new: "Nouveau rôle"
edit: "Modifier le rôle"
@@ -1508,9 +1639,11 @@ _role:
canManageCustomEmojis: "Gestion des émojis personnalisés"
canManageAvatarDecorations: "Gestion des décorations d'avatar"
driveCapacity: "Capacité de stockage du Disque"
+ antennaMax: "Nombre maximum d'antennes"
wordMuteMax: "Nombre maximal de caractères dans le filtre de mots"
canUseTranslator: "Usage de la fonctionnalité de traduction"
avatarDecorationLimit: "Nombre maximal de décorations d'avatar"
+ canImportAntennas: "Autoriser l'importation d'antennes"
_sensitiveMediaDetection:
description: "L'apprentissage automatique peut être utilisé pour détecter automatiquement les médias sensibles à modérer. La sollicitation des serveurs augmente légèrement."
sensitivity: "Sensibilité de la détection"
@@ -1793,6 +1926,29 @@ _permissions:
"write:gallery": "Éditer la galerie"
"read:gallery-likes": "Voir les mentions « J'aime » dans la galerie"
"write:gallery-likes": "Gérer les mentions « J'aime » dans la galerie"
+ "read:flash": "Voir le Play"
+ "write:flash": "Modifier le Play"
+ "read:flash-likes": "Lire vos mentions j'aime des Play"
+ "write:flash-likes": "Modifier vos mentions j'aime des Play"
+ "read:admin:abuse-user-reports": "Voir les utilisateurs signalés"
+ "write:admin:delete-account": "Supprimer le compte d'utilisateur"
+ "write:admin:delete-all-files-of-a-user": "Supprimer tous les fichiers d'un utilisateur"
+ "read:admin:index-stats": "Voir les statistiques sur les index de base de données"
+ "read:admin:table-stats": "Voir les statistiques sur les index de base de données"
+ "read:admin:user-ips": "Voir l'adresse IP de l'utilisateur"
+ "read:admin:meta": "Voir les métadonnées de l'instance"
+ "write:admin:reset-password": "Réinitialiser le mot de passe de l'utilisateur"
+ "write:admin:resolve-abuse-user-report": "Résoudre le signalement d'un utilisateur"
+ "write:admin:send-email": "Envoyer un mail"
+ "read:admin:server-info": "Voir les informations de l'instance"
+ "read:admin:show-moderation-log": "Voir les logs de modération"
+ "read:admin:show-user": "Voir les informations privées de l'utilisateur"
+ "write:admin:suspend-user": "Suspendre l'utilisateur"
+ "write:admin:unset-user-avatar": "Retirer l'avatar de l'utilisateur"
+ "write:admin:unset-user-banner": "Retirer la bannière de l'utilisateur"
+ "write:admin:unsuspend-user": "Lever la suspension d'un utilisateur"
+ "write:admin:meta": "Gérer les métadonnées de l'instance"
+ "write:admin:roles": "Gérer les rôles"
_auth:
shareAccess: "Autoriser \"{name}\" à accéder à votre compte ?"
shareAccessAsk: "Voulez-vous vraiment autoriser cette application à accéder à votre compte?"
@@ -1944,7 +2100,16 @@ _timelines:
social: "Social"
global: "Global"
_play:
+ new: "Créer un Play"
+ edit: "Modifier un Play"
+ created: "Play créé"
+ updated: "Play édité"
+ deleted: "Play supprimé"
+ pageSetting: "Configuration du Play"
+ editThisPage: "Modifier ce Play"
viewSource: "Afficher la source"
+ my: "Mes Play"
+ liked: "Play aimés"
featured: "Populaire"
title: "Titre"
script: "Script"
@@ -2018,10 +2183,13 @@ _notification:
achievementEarned: "Accomplissement déverrouillé"
testNotification: "Tester la notification"
reactedBySomeUsers: "{n} utilisateur·rice·s ont réagi"
+ likedBySomeUsers: "{n} utilisateurs ont aimé votre note"
renotedBySomeUsers: "{n} utilisateur·rice·s ont renoté"
followedBySomeUsers: "{n} utilisateur·rice·s se sont abonné·e·s à vous"
+ login: "Quelqu'un s'est connecté"
_types:
all: "Toutes"
+ note: "Nouvelles notes"
follow: "Nouvel·le abonné·e"
mention: "Mentions"
reply: "Réponses"
@@ -2071,11 +2239,14 @@ _drivecleaner:
orderByCreatedAtAsc: "Date d'ajout ascendante"
_webhookSettings:
name: "Nom"
+ secret: "Secret"
+ trigger: "Activateur"
active: "Activé"
_abuseReport:
_notificationRecipient:
_recipientType:
mail: "E-mail "
+ keywords: "Mots clés "
_moderationLogTypes:
createRole: "Rôle créé"
deleteRole: "Rôle supprimé"
@@ -2112,6 +2283,7 @@ _moderationLogTypes:
deleteAvatarDecoration: "Décoration d'avatar supprimée"
unsetUserAvatar: "Supprimer l'avatar de l'utilisateur·rice"
unsetUserBanner: "Supprimer la bannière de l'utilisateur·rice"
+ deleteFlash: "Supprimer le Play"
_fileViewer:
title: "Détails du fichier"
type: "Type du fichier"
@@ -2175,5 +2347,20 @@ _dataSaver:
title: "Mise en évidence du code"
description: "Si la notation de mise en évidence du code est utilisée, par exemple dans la MFM, elle ne sera pas chargée tant qu'elle n'aura pas été tapée. La mise en évidence du code nécessite le chargement du fichier de définition de chaque langue à mettre en évidence, mais comme ces fichiers ne sont plus chargés automatiquement, on peut s'attendre à une réduction du trafic de données."
_reversi:
+ reversi: "Reversi"
+ blackIs: "{name} joue les noirs"
+ rules: "Règles"
waitingBoth: "Préparez-vous"
+ myTurn: "C’est votre tour"
+ turnOf: "C'est le tour de {name}"
+ pastTurnOf: "Tour de {name}"
+ surrender: "Se rendre"
+ surrendered: "Par abandon"
total: "Total"
+ playing: "En cours"
+ lookingForPlayer: "Recherche d'adversaire"
+_mediaControls:
+ playbackRate: "Vitesse de lecture"
+_embedCodeGen:
+ title: "Personnaliser le code d'intégration"
+ generateCode: "Générer le code d'intégration"
diff --git a/locales/id-ID.yml b/locales/id-ID.yml
index 5d51d2dc78..fe3f207618 100644
--- a/locales/id-ID.yml
+++ b/locales/id-ID.yml
@@ -375,7 +375,6 @@ enableLocalTimeline: "Nyalakan lini masa lokal"
enableGlobalTimeline: "Nyalakan lini masa global"
disablingTimelinesInfo: "Admin dan Moderator akan selalu memiliki akses ke semua lini masa meskipun lini masa tersebut tidak diaktifkan."
registration: "Pendaftaran"
-enableRegistration: "Nyalakan pendaftaran pengguna baru"
invite: "Undang"
driveCapacityPerLocalAccount: "Kapasitas drive per pengguna lokal"
driveCapacityPerRemoteAccount: "Kapasitas drive per pengguna remote"
diff --git a/locales/index.d.ts b/locales/index.d.ts
index 8a0f38203f..42b13bada0 100644
--- a/locales/index.d.ts
+++ b/locales/index.d.ts
@@ -1546,10 +1546,6 @@ export interface Locale extends ILocale {
* 登録
*/
"registration": string;
- /**
- * 誰でも新規登録できるようにする
- */
- "enableRegistration": string;
/**
* 招待
*/
@@ -2366,6 +2362,10 @@ export interface Locale extends ILocale {
* 詳細
*/
"details": string;
+ /**
+ * リノートの詳細
+ */
+ "renoteDetails": string;
/**
* 絵文字を選択
*/
@@ -5218,6 +5218,10 @@ export interface Locale extends ILocale {
* 利用可能なロール
*/
"availableRoles": string;
+ /**
+ * 注意事項を理解した上でオンにします。
+ */
+ "acknowledgeNotesAndEnable": string;
"_accountSettings": {
/**
* コンテンツの表示にログインを必須にする
@@ -5794,6 +5798,14 @@ export interface Locale extends ILocale {
* サーバー運営者へのお問い合わせフォームのURLや、運営者の連絡先等が記載されたWebページのURLを指定します。
*/
"inquiryUrlDescription": string;
+ /**
+ * アカウントの作成をオープンにする
+ */
+ "openRegistration": string;
+ /**
+ * 登録を開放することはリスクが伴います。サーバーを常に監視し、トラブルが発生した際にすぐに対応できる体制がある場合のみオンにすることを推奨します。
+ */
+ "openRegistrationWarning": string;
/**
* 一定期間モデレーターのアクティビティが検出されなかった場合、スパム防止のためこの設定は自動でオフになります。
*/
diff --git a/locales/it-IT.yml b/locales/it-IT.yml
index 8fb6dcd6f2..66ca935b1b 100644
--- a/locales/it-IT.yml
+++ b/locales/it-IT.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "Abilita la timeline locale"
enableGlobalTimeline: "Abilita la timeline federata"
disablingTimelinesInfo: "Anche disabilitandole, gli Amministratori e i Moderatori potranno comunque accedervi."
registration: "Iscriviti"
-enableRegistration: "Consenti a chiunque di registrarsi"
invite: "Invita"
driveCapacityPerLocalAccount: "Capienza del Drive per profilo locale"
driveCapacityPerRemoteAccount: "Capienza del Drive per profilo remoto"
diff --git a/locales/ja-JP.yml b/locales/ja-JP.yml
index 7b011885ab..8006718897 100644
--- a/locales/ja-JP.yml
+++ b/locales/ja-JP.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "ローカルタイムラインを有効にする"
enableGlobalTimeline: "グローバルタイムラインを有効にする"
disablingTimelinesInfo: "これらのタイムラインを無効化しても、利便性のため管理者およびモデレーターは引き続き利用することができます。"
registration: "登録"
-enableRegistration: "誰でも新規登録できるようにする"
invite: "招待"
driveCapacityPerLocalAccount: "ローカルユーザーひとりあたりのドライブ容量"
driveCapacityPerRemoteAccount: "リモートユーザーひとりあたりのドライブ容量"
@@ -587,6 +586,7 @@ masterVolume: "マスター音量"
notUseSound: "サウンドを出力しない"
useSoundOnlyWhenActive: "Misskeyがアクティブな時のみサウンドを出力する"
details: "詳細"
+renoteDetails: "リノートの詳細"
chooseEmoji: "絵文字を選択"
unableToProcess: "操作を完了できません"
recentUsed: "最近使用"
@@ -1300,6 +1300,7 @@ thisContentsAreMarkedAsSigninRequiredByAuthor: "投稿者により、表示に
lockdown: "ロックダウン"
pleaseSelectAccount: "アカウントを選択してください"
availableRoles: "利用可能なロール"
+acknowledgeNotesAndEnable: "注意事項を理解した上でオンにします。"
_accountSettings:
requireSigninToViewContents: "コンテンツの表示にログインを必須にする"
@@ -1466,6 +1467,8 @@ _serverSettings:
reactionsBufferingDescription: "有効にすると、リアクション作成時のパフォーマンスが大幅に向上し、データベースへの負荷を軽減することが可能です。ただし、Redisのメモリ使用量は増加します。"
inquiryUrl: "問い合わせ先URL"
inquiryUrlDescription: "サーバー運営者へのお問い合わせフォームのURLや、運営者の連絡先等が記載されたWebページのURLを指定します。"
+ openRegistration: "アカウントの作成をオープンにする"
+ openRegistrationWarning: "登録を開放することはリスクが伴います。サーバーを常に監視し、トラブルが発生した際にすぐに対応できる体制がある場合のみオンにすることを推奨します。"
thisSettingWillAutomaticallyOffWhenModeratorsInactive: "一定期間モデレーターのアクティビティが検出されなかった場合、スパム防止のためこの設定は自動でオフになります。"
_accountMigration:
diff --git a/locales/ja-KS.yml b/locales/ja-KS.yml
index 50132c0645..c3e0096926 100644
--- a/locales/ja-KS.yml
+++ b/locales/ja-KS.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "ローカルタイムラインを使えるようにする
enableGlobalTimeline: "グローバルタイムラインを使えるようにするわ"
disablingTimelinesInfo: "ここらへんのタイムラインを使えんようにしてしもても、管理者とモデレーターは使えるままになってるで、そうやなかったら不便やからな。"
registration: "登録"
-enableRegistration: "一見さんでも誰でもいらっしゃ~い"
invite: "来てや"
driveCapacityPerLocalAccount: "ローカルユーザーはんひとりあたりのドライブ容量"
driveCapacityPerRemoteAccount: "リモートユーザーはんひとりあたりのドライブ容量"
diff --git a/locales/ko-GS.yml b/locales/ko-GS.yml
index 1f7faba23a..60b82d5db9 100644
--- a/locales/ko-GS.yml
+++ b/locales/ko-GS.yml
@@ -356,7 +356,6 @@ enableLocalTimeline: "로컬 타임라인 키기"
enableGlobalTimeline: "글로벌 타임라인 키기"
disablingTimelinesInfo: "요 타임라인얼 꺼도 간리자하고 중재자넌 고대로 설 수 잇십니다."
registration: "맨걸기"
-enableRegistration: "누라도 새로 맨걸 수 잇거로 하기"
invite: "초대하기"
driveCapacityPerLocalAccount: "로컬 사용자 하나마중 드라이브 커기"
driveCapacityPerRemoteAccount: "웬겍 사용자 하나마중 드라이브 커기"
diff --git a/locales/ko-KR.yml b/locales/ko-KR.yml
index 5d07ebe244..d694d2dbae 100644
--- a/locales/ko-KR.yml
+++ b/locales/ko-KR.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "로컬 타임라인 활성화"
enableGlobalTimeline: "글로벌 타임라인 활성화"
disablingTimelinesInfo: "특정 타임라인을 비활성화하더라도 관리자 및 모더레이터는 계속 사용할 수 있습니다."
registration: "등록"
-enableRegistration: "신규 회원가입을 활성화"
invite: "초대"
driveCapacityPerLocalAccount: "로컬 유저 한 명당 드라이브 용량"
driveCapacityPerRemoteAccount: "원격 사용자별 드라이브 용량"
@@ -587,6 +586,7 @@ masterVolume: "마스터 볼륨"
notUseSound: "음소거 하기"
useSoundOnlyWhenActive: "Misskey를 활성화한 때에만 소리를 출력하기"
details: "자세히"
+renoteDetails: "리노트 상세 내용"
chooseEmoji: "이모지 선택"
unableToProcess: "작업을 완료할 수 없습니다"
recentUsed: "최근 사용"
@@ -1257,7 +1257,7 @@ lastNDays: "최근 {n}일"
backToTitle: "타이틀로 가기"
hemisphere: "거주 지역"
withSensitive: "민감한 파일이 포함된 노트 보기"
-userSaysSomethingSensitive: "{name} 같은 민감한 파일이 포함된 글"
+userSaysSomethingSensitive: "{name}의 민감한 파일이 포함된 게시물"
enableHorizontalSwipe: "스와이프하여 탭 전환"
loading: "불러오는 중"
surrender: "그만두기"
@@ -1300,6 +1300,7 @@ thisContentsAreMarkedAsSigninRequiredByAuthor: "게시자에 의해 로그인해
lockdown: "잠금"
pleaseSelectAccount: "계정을 선택해주세요."
availableRoles: "사용 가능한 역할"
+acknowledgeNotesAndEnable: "활성화 하기 전에 주의 사항을 확인했습니다."
_accountSettings:
requireSigninToViewContents: "콘텐츠 열람을 위해 로그인으 필수로 설정하기"
requireSigninToViewContentsDescription1: "자신이 작성한 모든 노트 등의 콘텐츠를 보기 위해 로그인을 필수로 설정합니다. 크롤러가 정보 수집하는 것을 방지하는 효과를 기대할 수 있습니다."
@@ -1456,6 +1457,8 @@ _serverSettings:
reactionsBufferingDescription: "활성화 한 경우, 리액션 작성 퍼포먼스가 대폭 향상되어 DB의 부하를 줄일 수 있으나, Redis의 메모리 사용량이 많아집니다."
inquiryUrl: "문의처 URL"
inquiryUrlDescription: "서버 운영자에게 보내는 문의 양식의 URL이나 운영자의 연락처 등이 적힌 웹 페이지의 URL을 설정합니다."
+ openRegistration: "회원 가입을 활성화 하기"
+ openRegistrationWarning: "회원 가입을 개방하는 것은 리스크가 따릅니다. 서버를 항상 감시할 수 있고, 문제가 발생했을 때 바로 대응할 수 있는 상태에서만 활성화 하는 것을 권장합니다."
thisSettingWillAutomaticallyOffWhenModeratorsInactive: "일정 기간동안 모더레이터의 활동이 감지되지 않는 경우, 스팸 방지를 위해 이 설정은 자동으로 꺼집니다."
_accountMigration:
moveFrom: "다른 계정에서 이 계정으로 이사"
@@ -2738,3 +2741,6 @@ _selfXssPrevention:
description1: "여기에 무언가를 붙여넣으면 악의적인 사용자에게 계정을 탈취당하거나 개인정보를 도용당할 수 있습니다."
description2: "붙여 넣으려는 항목이 무엇인지 정확히 이해하지 못하는 경우, %c지금 바로 작업을 중단하고 이 창을 닫으십시오."
description3: "자세한 내용은 여기를 확인해 주세요. {link}"
+_followRequest:
+ recieved: "받은 신청"
+ sent: "보낸 신청"
diff --git a/locales/lo-LA.yml b/locales/lo-LA.yml
index b100d0300f..38965119fe 100644
--- a/locales/lo-LA.yml
+++ b/locales/lo-LA.yml
@@ -299,7 +299,6 @@ enableLocalTimeline: "ເປີດໃຊ້ທາມລາຍທ້ອງຖິ
enableGlobalTimeline: "ເປີດໃຊ້ທາມລາຍທົ່ວໂລກ"
disablingTimelinesInfo: "ຜູ້ດູແລລະບບແລະຜູ້ຄວບຄຸມຈະສາມາດເຂົ້າເຖີງໄທມ໌ໄລນ໌ທັ້ງເບີດ ເຖີງວ່າຈະບໍ່ໄດ້ເປີດໃຊ້ງານກໍ່ຕາມ"
registration: "ລົງທະບຽນ"
-enableRegistration: "ເປີດໃຊ້ການລົງທະບຽນຜູ້ໃຊ້ໃໝ່"
invite: "ເຊີນ"
driveCapacityPerLocalAccount: "ຄວາມຈຸຂອງ drive ຕໍ່ຜູ້ໃຊ້ທ້ອງຖິ່ນ"
driveCapacityPerRemoteAccount: "ຄວາມຈຸຂອງ drive ຕໍ່ຜູ້ໃຊ້ໄລຍະໄກ"
diff --git a/locales/nl-NL.yml b/locales/nl-NL.yml
index dde3035357..7e5e9cbbfb 100644
--- a/locales/nl-NL.yml
+++ b/locales/nl-NL.yml
@@ -333,7 +333,6 @@ enableLocalTimeline: "Inschakelen lokale tijdlijn"
enableGlobalTimeline: "Inschakelen globale tijdlijn "
disablingTimelinesInfo: "Beheerders en moderators hebben altijd toegang tot alle tijdlijnen, ook als ze niet actief zijn."
registration: "Registreren"
-enableRegistration: "Inschakelen registratie nieuwe gebruikers "
invite: "Uitnodigen"
driveCapacityPerLocalAccount: "Opslagruimte per lokale gebruiker"
driveCapacityPerRemoteAccount: "Opslagruimte per externe gebruiker"
diff --git a/locales/no-NO.yml b/locales/no-NO.yml
index c5f61db745..87ea01764d 100644
--- a/locales/no-NO.yml
+++ b/locales/no-NO.yml
@@ -260,7 +260,6 @@ enableLocalTimeline: "Aktiver lokal tidslinje"
enableGlobalTimeline: "Aktiver global tidslinje"
disablingTimelinesInfo: "Administratorer og Moderatorer vil alltid ha tilgang til alle tidslinjer, selv om de ikke er aktivert."
registration: "Registrer"
-enableRegistration: "Aktiver registrering av nye brukere"
invite: "Inviter"
basicInfo: "Grunnleggende informasjon"
pinnedUsers: "Festede brukrere"
diff --git a/locales/pl-PL.yml b/locales/pl-PL.yml
index d7afd57760..203f44b334 100644
--- a/locales/pl-PL.yml
+++ b/locales/pl-PL.yml
@@ -362,7 +362,6 @@ enableLocalTimeline: "Włącz lokalną oś czasu"
enableGlobalTimeline: "Włącz globalną oś czasu"
disablingTimelinesInfo: "Administratorzy i moderatorzy będą zawsze mieć dostęp do wszystkich osi czasu, nawet gdy są one wyłączone."
registration: "Zarejestruj się"
-enableRegistration: "Włącz rejestrację nowych użytkowników"
invite: "Zaproś"
driveCapacityPerLocalAccount: "Powierzchnia dyskowa na lokalnego użytkownika"
driveCapacityPerRemoteAccount: "Powierzchnia dyskowa na zdalnego użytkownika"
@@ -492,6 +491,10 @@ uiLanguage: "Język wyświetlania UI"
aboutX: "O {x}"
emojiStyle: "Styl emoji"
native: "Natywny"
+menuStyle: "Styl Menu"
+style: "Styl"
+drawer: "Schowek"
+popup: "Wyskakujące okienka"
showNoteActionsOnlyHover: "Pokazuj akcje notatek tylko po najechaniu myszką"
showReactionsCount: "Wyświetl liczbę reakcji na notatkę"
noHistory: "Brak historii"
@@ -574,6 +577,7 @@ ascendingOrder: "Rosnąco"
descendingOrder: "Malejąco"
scratchpad: "Brudnopis"
scratchpadDescription: "Brudnopis zawiera eksperymentalne środowisko dla AiScript. Możesz pisać, wykonywać i sprawdzać wyniki w interakcji z Misskey."
+uiInspector: "Inspektor UI"
output: "Wyjście"
script: "Skrypt"
disablePagesScript: "Wyłącz AiScript na Stronach"
@@ -654,6 +658,7 @@ smtpSecure: "Użyj niejawnego SSL/TLS dla połączeń SMTP"
smtpSecureInfo: "Wyłącz, jeżeli używasz STARTTLS"
testEmail: "Przetestuj dostarczanie wiadomości e-mail"
wordMute: "Wyciszenie słowa"
+hardWordMute: "Wyciszaj przekleństwa"
regexpError: "Błąd wyrażenia regularnego"
regexpErrorDescription: "Wystąpił błąd w wyrażeniu regularnym w linii {line} twoich {tab} wyciszeń:"
instanceMute: "Wyciszone instancje"
@@ -826,6 +831,7 @@ administration: "Zarządzanie"
accounts: "Konta"
switch: "Przełącz"
noMaintainerInformationWarning: "Informacje o administratorze nie są skonfigurowane."
+noInquiryUrlWarning: "Adres URL zapytania nie został ustawiony"
noBotProtectionWarning: "Zabezpieczenie przed botami nie jest skonfigurowane."
configure: "Skonfiguruj"
postToGallery: "Opublikuj w galerii"
@@ -890,6 +896,7 @@ followersVisibility: "Widoczność obserwujących"
continueThread: "Pokaż kontynuację wątku"
deleteAccountConfirm: "Spowoduje to nieodwracalne usunięcie Twojego konta. Kontynuować?"
incorrectPassword: "Nieprawidłowe hasło."
+incorrectTotp: "Hasło pojedynczego użytku jest nie poprawne, lub straciło ważność"
voteConfirm: "Potwierdzić swój głos na \"{choice}\"?"
hide: "Ukryj"
useDrawerReactionPickerForMobile: "Wyświetlaj wybornik reakcji jako szufladę na urządzeniach mobilnych"
@@ -914,6 +921,10 @@ oneHour: "1 godzina"
oneDay: "1 dzień"
oneWeek: "1 tydzień"
oneMonth: "jeden miesiąc"
+threeMonths: "3 miesiące"
+oneYear: "Rok"
+threeDays: "3 dni"
+reflectMayTakeTime: "Może minąć trochę czasu, zanim będzie to uwzględnione"
failedToFetchAccountInformation: "Nie udało się uzyskać informacji o koncie"
rateLimitExceeded: "Limit szybkości przekroczony"
cropImage: "Przytnij obraz"
@@ -924,9 +935,11 @@ file: "Pliki"
recentNHours: "W ciągu ostatnich {n} godzin"
recentNDays: "W ciągu ostatnich {n} dni"
noEmailServerWarning: "Serwer Email nie jest skonfigurowany"
+thereIsUnresolvedAbuseReportWarning: "Istnieją niewyjaśnione raporty"
recommended: "Zalecane"
check: "Zweryfikuj"
driveCapOverrideLabel: "Zmień limit pojemności dysku użytkownika"
+driveCapOverrideCaption: "Resetuje pojemność do wartości domyślnej, przez wpisanie wartości 0 lub niższej"
requireAdminForView: "Aby to zobaczyć, musisz być administratorem"
isSystemAccount: "To jest konto stworzone i zarządzane przez system"
typeToConfirm: "Wprowadź {x}, aby potwierdzić"
@@ -995,17 +1008,29 @@ unassign: "Cofnij przydzielenie"
color: "Kolor"
manageCustomEmojis: "Zarządzaj niestandardowymi Emoji"
manageAvatarDecorations: "Zarządzaj dekoracjami awatara"
+youCannotCreateAnymore: "Limit kreacji został przekroczony"
+cannotPerformTemporary: "Opcja tymczasowo niedostępna"
+cannotPerformTemporaryDescription: "Ta akcja nie może zostać wykonana, z powodu przekroczenia limitu wykonań. Prosimy poczekać chwilę i spróbować ponownie"
invalidParamError: "Błąd parametrów"
+invalidParamErrorDescription: "Wartości, które zostały podane są niepoprawne. Zwykle jest to spowodowane bugiem, lecz również może być to spowodowane przekroczeniem limitu wartości, lub podobnym problemem"
permissionDeniedError: "Odrzucono operacje"
permissionDeniedErrorDescription: "Konto nie posiada uprawnień"
preset: "Konfiguracja"
selectFromPresets: "Wybierz konfiguracje"
achievements: "Osiągnięcia"
+gotInvalidResponseError: "Niepoprawna odpowiedź serwera"
+gotInvalidResponseErrorDescription: "Wystąpił problem z Twoim połączeniem z Internetem, lub z serwerem. {Spróbuj ponownie} wkrótce."
+thisPostMayBeAnnoying: "Ten wpis może obrażać pozostałych użytkowników"
+thisPostMayBeAnnoyingHome: "Opublikuj na domowej osi czasu"
thisPostMayBeAnnoyingCancel: "Odrzuć"
+thisPostMayBeAnnoyingIgnore: "Zignoruj i wyślij"
+collapseRenotes: "Zwiń wpisy, które już zobaczyłeś"
+collapseRenotesDescription: "Zwiń wpisy, na które już zareagowałeś lub udostępniłeś"
internalServerError: "Wewnętrzny błąd serwera"
internalServerErrorDescription: "Niespodziewany błąd po stronie serwera"
copyErrorInfo: "Kopiuj informacje o błędzie"
joinThisServer: "Dołącz do chaty"
+exploreOtherServers: "Szukaj innej instancji"
disableFederationOk: "Wyłącz federacje"
invitationRequiredToRegister: "Ten serwer wymaga zaproszenia. Tylko osoby z zaproszeniem mogą się zarejestrować"
emailNotSupported: "Wysyłanie wiadomości E-mail nie jest obsługiwane na tym serwerze"
diff --git a/locales/pt-PT.yml b/locales/pt-PT.yml
index 9039fd2141..7ef9e3a946 100644
--- a/locales/pt-PT.yml
+++ b/locales/pt-PT.yml
@@ -376,7 +376,6 @@ enableLocalTimeline: "Ativar linha do tempo local"
enableGlobalTimeline: "Ativar linha do tempo global"
disablingTimelinesInfo: "Se você desabilitar essas linhas do tempo, administradores e moderadores ainda poderão usá-las por conveniência."
registration: "Registar"
-enableRegistration: "Permitir que qualquer pessoa se registre"
invite: "Convidar"
driveCapacityPerLocalAccount: "Capacidade do drive por usuário local"
driveCapacityPerRemoteAccount: "Capacidade do drive por usuário remoto"
diff --git a/locales/ro-RO.yml b/locales/ro-RO.yml
index 3cc09aa5c2..71dc1dc94c 100644
--- a/locales/ro-RO.yml
+++ b/locales/ro-RO.yml
@@ -341,7 +341,6 @@ enableLocalTimeline: "Activează cronologia locală"
enableGlobalTimeline: "Activeaza cronologia globală"
disablingTimelinesInfo: "Administratorii și Moderatorii vor avea mereu access la toate cronologiile, chiar dacă nu sunt activate."
registration: "Inregistrare"
-enableRegistration: "Activează înregistrările pentru utilizatori noi"
invite: "Invită"
driveCapacityPerLocalAccount: "Capacitatea Drive-ului per utilizator local"
driveCapacityPerRemoteAccount: "Capacitatea Drive-ului per utilizator extern"
diff --git a/locales/ru-RU.yml b/locales/ru-RU.yml
index 8174675880..537e99036c 100644
--- a/locales/ru-RU.yml
+++ b/locales/ru-RU.yml
@@ -377,7 +377,6 @@ enableLocalTimeline: "Включить локальную ленту"
enableGlobalTimeline: "Включить глобальную ленту"
disablingTimelinesInfo: "У администраторов и модераторов есть доступ ко всем лентам, даже если они отключены."
registration: "Регистрация"
-enableRegistration: "Разрешить регистрацию"
invite: "Пригласить"
driveCapacityPerLocalAccount: "Объём Диска на одного локального пользователя"
driveCapacityPerRemoteAccount: "Объём Диска на одного пользователя с другого экземпляра"
diff --git a/locales/sk-SK.yml b/locales/sk-SK.yml
index 60ce45a6b9..f3f43ee6a6 100644
--- a/locales/sk-SK.yml
+++ b/locales/sk-SK.yml
@@ -331,7 +331,6 @@ enableLocalTimeline: "Povoliť lokálnu časovú os"
enableGlobalTimeline: "Povoliť globálnu časovú os"
disablingTimelinesInfo: "Administrátori a moderátori majú vždy prístup ku všetkým časovým osiam, aj keď sú vypnuté."
registration: "Registrácia"
-enableRegistration: "Povoliť registráciu nových používateľov"
invite: "Pozvať"
driveCapacityPerLocalAccount: "Kapacita disku pre používateľa"
driveCapacityPerRemoteAccount: "Kapacita disku pre vzdialeného používateľa"
diff --git a/locales/sv-SE.yml b/locales/sv-SE.yml
index 4945e0f677..5961605645 100644
--- a/locales/sv-SE.yml
+++ b/locales/sv-SE.yml
@@ -333,7 +333,6 @@ disconnectService: "Koppla från"
enableLocalTimeline: "Aktivera lokal tidslinje"
enableGlobalTimeline: "Aktivera global tidslinje"
registration: "Registrera"
-enableRegistration: "Aktivera registrering av nya användare"
invite: "Inbjudan"
inMb: "I megabyte"
bannerUrl: "URL till banner-bilden"
@@ -481,6 +480,7 @@ nNotes: "{n} Noter"
backgroundColor: "Bakgrundsbild"
textColor: "Text"
saveAs: "Spara som..."
+saveConfirm: "Spara ändringar?"
youAreRunningUpToDateClient: "Klienten du använder är uppdaterat."
newVersionOfClientAvailable: "Ny version av klienten är tillgänglig."
editCode: "Redigera kod"
@@ -523,6 +523,7 @@ threeMonths: "3 månader"
oneYear: "1 år"
threeDays: "3 dagar"
file: "Filer"
+deleteAccount: "Radera konto"
label: "Etikett"
cannotUploadBecauseNoFreeSpace: "Kan inte ladda upp filen för att det finns inget lagringsutrymme kvar."
cannotUploadBecauseExceedsFileSizeLimit: "Kan inte ladda upp filen för att den är större än filstorleksgränsen."
@@ -575,9 +576,13 @@ _achievements:
_open3windows:
title: "Flera Fönster"
description: "Ha minst 3 fönster öppna samtidigt"
+_role:
+ edit: "Redigera roll"
_ffVisibility:
public: "Publicera"
private: "Privat"
+_accountDelete:
+ accountDelete: "Radera konto"
_ad:
back: "Tillbaka"
_gallery:
@@ -587,6 +592,7 @@ _email:
title: "följde dig"
_aboutMisskey:
source: "Källkod"
+ projectMembers: "Projektmedlemmar"
_channel:
setBanner: "Välj banner"
removeBanner: "Ta bort banner"
@@ -602,8 +608,17 @@ _theme:
_sfx:
note: "Noter"
notification: "Notifikationer"
+_ago:
+ justNow: "Just nu"
_2fa:
+ step3Title: "Ange en autentiseringskod"
renewTOTPCancel: "Nej tack"
+_permissions:
+ "read:reactions": "Visa dina reaktioner"
+ "write:reactions": "Redigera dina reaktioner"
+ "write:admin:delete-account": "Radera användarkonto"
+ "write:admin:roles": "Hantera roller"
+ "read:admin:roles": "Visa roller"
_antennaSources:
all: "Alla noter"
homeTimeline: "Noter från följda användare"
@@ -666,6 +681,8 @@ _notification:
reply: "Svara"
renote: "Omnotera"
_deck:
+ addColumn: "Lägg till kolumn"
+ deleteProfile: "Radera profil"
_columns:
notifications: "Notifikationer"
tl: "Tidslinje"
diff --git a/locales/th-TH.yml b/locales/th-TH.yml
index 58cf8f068c..c725282d50 100644
--- a/locales/th-TH.yml
+++ b/locales/th-TH.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "เปิดใช้งานไทม์ไลน์ท
enableGlobalTimeline: "เปิดใช้งานไทม์ไลน์ทั่วโลก"
disablingTimelinesInfo: "ผู้ดูแลระบบและผู้ควบคุมจะสามารถเข้าถึงไทม์ไลน์ทั้งหมด ถึงแม้ว่าจะไม่ได้เปิดใช้งานก็ตาม"
registration: "ลงทะเบียน"
-enableRegistration: "เปิดใช้งานการลงทะเบียนผู้ใช้ใหม่"
invite: "คำเชิญ"
driveCapacityPerLocalAccount: "ความจุของไดรฟ์ต่อผู้ใช้ท้องถิ่น"
driveCapacityPerRemoteAccount: "ความจุของไดรฟ์ต่อผู้ใช้ระยะไกล"
diff --git a/locales/tr-TR.yml b/locales/tr-TR.yml
index fe2f158ff6..69892fedc8 100644
--- a/locales/tr-TR.yml
+++ b/locales/tr-TR.yml
@@ -344,7 +344,6 @@ today: "Bugün"
monthX: "{month} ay"
pages: "Sayfalar"
integration: "Entegrasyon"
-enableRegistration: "Kayıtlara izin ver"
basicInfo: "Temel bilgiler"
pinnedUsers: "Sabitlenmiş kullanıcılar"
pinnedNotes: "Sabitlenen"
diff --git a/locales/uk-UA.yml b/locales/uk-UA.yml
index f2262cd71f..1b21854650 100644
--- a/locales/uk-UA.yml
+++ b/locales/uk-UA.yml
@@ -334,7 +334,6 @@ enableLocalTimeline: "Увімкнути локальну стрічку"
enableGlobalTimeline: "Увімкнути глобальну стрічку"
disablingTimelinesInfo: "Адміністратори та модератори завжди мають доступ до всіх стрічок, навіть якщо вони вимкнуті."
registration: "Реєстрація"
-enableRegistration: "Дозволити реєстрацію"
invite: "Запросити"
driveCapacityPerLocalAccount: "Об'єм диска на одного локального користувача"
driveCapacityPerRemoteAccount: "Об'єм диска на одного віддаленого користувача"
diff --git a/locales/uz-UZ.yml b/locales/uz-UZ.yml
index 37a550008a..051a4ae6c5 100644
--- a/locales/uz-UZ.yml
+++ b/locales/uz-UZ.yml
@@ -349,7 +349,6 @@ enableLocalTimeline: "Mahalliy vaqt mintaqasini yoqing"
enableGlobalTimeline: "Global vaqt mintaqasini yoqing"
disablingTimelinesInfo: "Administratorlar va Moderatorlar har doim barcha vaqt jadvallariga kirish huquqiga ega bo'ladilar, hatto ular yoqilmagan bo'lsa ham."
registration: "Ro'yxatdan o'tish"
-enableRegistration: "Ro'yxatdan o'tishni yoqing"
invite: "Taklif qilish"
driveCapacityPerLocalAccount: "Har bir mahalliy foydalanuvchi uchun disk maydoni"
driveCapacityPerRemoteAccount: "Har bir masofaviy foydalanuvchi uchun disk maydoni"
diff --git a/locales/vi-VN.yml b/locales/vi-VN.yml
index fb8e898bf1..24faa4b94c 100644
--- a/locales/vi-VN.yml
+++ b/locales/vi-VN.yml
@@ -357,7 +357,6 @@ enableLocalTimeline: "Bật bảng tin máy chủ"
enableGlobalTimeline: "Bật bảng tin liên hợp"
disablingTimelinesInfo: "Quản trị viên và Kiểm duyệt viên luôn có quyền truy cập mọi bảng tin, kể cả khi chúng không được bật."
registration: "Đăng ký"
-enableRegistration: "Cho phép đăng ký mới"
invite: "Mời"
driveCapacityPerLocalAccount: "Dung lượng ổ đĩa tối đa cho mỗi người dùng"
driveCapacityPerRemoteAccount: "Dung lượng ổ đĩa tối đa cho mỗi người dùng từ xa"
diff --git a/locales/zh-CN.yml b/locales/zh-CN.yml
index 7a11f247ca..e6232070d7 100644
--- a/locales/zh-CN.yml
+++ b/locales/zh-CN.yml
@@ -143,8 +143,8 @@ unmarkAsSensitive: "取消标记为敏感内容"
enterFileName: "输入文件名"
mute: "屏蔽"
unmute: "解除静音"
-renoteMute: "屏蔽转帖"
-renoteUnmute: "解除屏蔽转帖"
+renoteMute: "隐藏转帖"
+renoteUnmute: "解除隐藏转帖"
block: "拉黑"
unblock: "取消拉黑"
suspend: "冻结"
@@ -213,7 +213,7 @@ charts: "图表"
perHour: "每小时"
perDay: "每天"
stopActivityDelivery: "停止发送活动"
-blockThisInstance: "封锁此服务器"
+blockThisInstance: "屏蔽此服务器"
silenceThisInstance: "静音此服务器"
mediaSilenceThisInstance: "隐藏此服务器的媒体文件"
operations: "操作"
@@ -233,17 +233,17 @@ clearQueueConfirmTitle: "确定清除队列?"
clearQueueConfirmText: "未送达的帖子将不会被投递。 通常无需执行此操作。"
clearCachedFiles: "清除缓存"
clearCachedFilesConfirm: "确定要清除所有缓存的远程文件?"
-blockedInstances: "被封锁的服务器"
-blockedInstancesDescription: "设定要封锁的服务器,以换行分隔。被封锁的服务器将无法与本服务器进行交换通讯。子域名也同样会被封锁。"
+blockedInstances: "被屏蔽的服务器"
+blockedInstancesDescription: "设定要屏蔽的服务器,以换行分隔。被屏蔽的服务器将无法与本服务器进行交换通讯。子域名也同样会被屏蔽。"
silencedInstances: "被静音的服务器"
silencedInstancesDescription: "设置要静音的服务器,以换行分隔。被静音的服务器内所有的账户将默认处于「静音」状态,仅能发送关注请求,并且在未关注状态下无法提及本地账户。被阻止的实例不受影响。"
mediaSilencedInstances: "已隐藏媒体文件的服务器"
mediaSilencedInstancesDescription: "设置要隐藏媒体文件的服务器,以换行分隔。被设置为隐藏媒体文件服务器内所有账号的文件均按照「敏感内容」处理,且将无法使用自定义表情符号。被阻止的实例不受影响。"
federationAllowedHosts: "允许联合的服务器"
federationAllowedHostsDescription: "设定允许联合的服务器,以换行分隔。"
-muteAndBlock: "静音/拉黑"
-mutedUsers: "已静音用户"
-blockedUsers: "已拉黑的用户"
+muteAndBlock: "隐藏和屏蔽"
+mutedUsers: "已隐藏用户"
+blockedUsers: "已屏蔽的用户"
noUsers: "无用户"
editProfile: "编辑资料"
noteDeleteConfirm: "要删除该帖子吗?"
@@ -382,7 +382,6 @@ enableLocalTimeline: "启用本地时间线"
enableGlobalTimeline: "启用全局时间线"
disablingTimelinesInfo: "即使时间线功能被禁用,出于方便,管理员和监察员也可以继续使用。"
registration: "注册"
-enableRegistration: "允许任何人注册"
invite: "邀请"
driveCapacityPerLocalAccount: "每个用户的网盘容量"
driveCapacityPerRemoteAccount: "每个远程用户的网盘容量"
@@ -587,6 +586,7 @@ masterVolume: "主音量"
notUseSound: "静音"
useSoundOnlyWhenActive: "仅在 Misskey 活跃时输出声音"
details: "详情"
+renoteDetails: "转帖详情"
chooseEmoji: "选择表情符号"
unableToProcess: "操作无法完成"
recentUsed: "最近使用"
@@ -683,11 +683,11 @@ emptyToDisableSmtpAuth: "用户名和密码留空可以禁用 SMTP 验证"
smtpSecure: "在 SMTP 连接中使用隐式 SSL / TLS"
smtpSecureInfo: "使用 STARTTLS 时关闭。"
testEmail: "邮件发送测试"
-wordMute: "文字屏蔽"
+wordMute: "隐藏文字"
hardWordMute: "屏蔽关键词"
regexpError: "正则表达式错误"
regexpErrorDescription: "{tab} 屏蔽文字的第 {line} 行的正则表达式有错误:"
-instanceMute: "被屏蔽的服务器"
+instanceMute: "已隐藏的服务器"
userSaysSomething: "{name} 说了什么,但是被屏蔽词过滤了"
makeActive: "启用"
display: "显示"
@@ -915,8 +915,8 @@ manageAccounts: "管理账户"
makeReactionsPublic: "将回应设置为公开"
makeReactionsPublicDescription: "将您发表过的回应设置成公开可见。"
classic: "经典"
-muteThread: "屏蔽帖子列表"
-unmuteThread: "取消屏蔽帖子列表"
+muteThread: "隐藏帖子列表"
+unmuteThread: "取消隐藏帖子列表"
followingVisibility: "关注的人的公开范围"
followersVisibility: "关注者的公开范围"
continueThread: "查看更多帖子"
@@ -939,7 +939,7 @@ searchByGoogle: "Google"
instanceDefaultLightTheme: "服务器默认浅色主题"
instanceDefaultDarkTheme: "服务器默认深色主题"
instanceDefaultThemeDescription: "以对象格式输入主题代码"
-mutePeriod: "屏蔽期限"
+mutePeriod: "隐藏期限"
period: "截止时间"
indefinitely: "永久"
tenMinutes: "10 分钟"
@@ -1300,6 +1300,7 @@ thisContentsAreMarkedAsSigninRequiredByAuthor: "根据发帖者的设定,需
lockdown: "锁定"
pleaseSelectAccount: "请选择帐户"
availableRoles: "可用角色"
+acknowledgeNotesAndEnable: "理解注意事项后再开启。"
_accountSettings:
requireSigninToViewContents: "需要登录才能显示内容"
requireSigninToViewContentsDescription1: "您发布的所有帖子将变成需要登入后才会显示。有望防止爬虫收集各种信息。"
@@ -1456,6 +1457,8 @@ _serverSettings:
reactionsBufferingDescription: "开启时可显著提高发送回应时的性能,及减轻数据库负荷。但 Redis 的内存用量会相应增加。"
inquiryUrl: "联络地址"
inquiryUrlDescription: "用来指定诸如向服务运营商咨询的论坛地址,或记载了运营商联系方式之类的网页地址。"
+ openRegistration: "开放注册"
+ openRegistrationWarning: "开放注册有风险。建议仅当能够持续监控服务器并在出现问题时能够立即响应时才打开它。"
thisSettingWillAutomaticallyOffWhenModeratorsInactive: "若在一段时间内没有检测到管理活动,为防止垃圾信息,此设定将自动关闭。"
_accountMigration:
moveFrom: "从别的账号迁移到此账户"
@@ -1704,9 +1707,9 @@ _achievements:
description: "在元旦登入"
flavor: "今年也请对本服务器多多指教!"
_cookieClicked:
- title: "点击饼干小游戏"
+ title: "饼干点点乐"
description: "点击了饼干"
- flavor: "用错软件了?"
+ flavor: "穿越了?"
_brainDiver:
title: "Brain Diver"
description: "发布了包含 Brain Diver 链接的帖子"
@@ -1776,7 +1779,7 @@ _role:
canUpdateBioMedia: "可以更新头像和横幅"
pinMax: "帖子置顶数量限制"
antennaMax: "可创建的最大天线数量"
- wordMuteMax: "屏蔽词的字数限制"
+ wordMuteMax: "隐藏词的字数限制"
webhookMax: "Webhook 创建数量限制"
clipMax: "便签创建数量限制"
noteEachClipsMax: "单个便签内的贴文数量限制"
@@ -1789,7 +1792,7 @@ _role:
canUseTranslator: "使用翻译功能"
avatarDecorationLimit: "可添加头像挂件的最大个数"
canImportAntennas: "允许导入天线"
- canImportBlocking: "允许导入拉黑列表"
+ canImportBlocking: "允许导入屏蔽列表"
canImportFollowing: "允许导入关注列表"
canImportMuting: "允许导入屏蔽列表"
canImportUserLists: "允许导入用户列表"
@@ -1939,14 +1942,14 @@ _menuDisplay:
top: "顶部"
hide: "隐藏"
_wordMute:
- muteWords: "禁用词"
+ muteWords: "要隐藏的词"
muteWordsDescription: "AND 条件用空格分隔,OR 条件用换行符分隔。"
muteWordsDescription2: "正则表达式用斜线包裹"
_instanceMute:
- instanceMuteDescription: "屏蔽服务器中的所有帖子和转帖,包括这些服务器上的用户回复。"
+ instanceMuteDescription: "隐藏服务器中的所有帖子和转帖,包括这些服务器上的用户回复。"
instanceMuteDescription2: "一行一个"
title: "隐藏服务器已设置的帖子。"
- heading: "屏蔽服务器"
+ heading: "已隐藏的服务器"
_theme:
explore: "寻找主题"
install: "安装主题"
@@ -2086,8 +2089,8 @@ _2fa:
_permissions:
"read:account": "查看账户信息"
"write:account": "更改帐户信息"
- "read:blocks": "查看黑名单"
- "write:blocks": "编辑黑名单"
+ "read:blocks": "查看屏蔽列表"
+ "write:blocks": "编辑屏蔽列表"
"read:drive": "查看网盘"
"write:drive": "管理网盘文件"
"read:favorites": "查看收藏夹"
@@ -2096,8 +2099,8 @@ _permissions:
"write:following": "关注/取消关注"
"read:messaging": "查看消息"
"write:messaging": "撰写或删除消息"
- "read:mutes": "查看屏蔽列表"
- "write:mutes": "编辑屏蔽列表"
+ "read:mutes": "查看隐藏列表"
+ "write:mutes": "编辑隐藏列表"
"write:notes": "撰写或删除帖子"
"read:notifications": "查看通知"
"write:notifications": "管理通知"
@@ -2297,8 +2300,8 @@ _exportOrImport:
favoritedNotes: "收藏的帖子"
clips: "便签"
followingList: "关注中"
- muteList: "屏蔽"
- blockingList: "拉黑"
+ muteList: "隐藏"
+ blockingList: "屏蔽"
userLists: "列表"
excludeMutingUsers: "排除屏蔽用户"
excludeInactiveUsers: "排除不活跃用户"
@@ -2738,3 +2741,6 @@ _selfXssPrevention:
description1: "如果在此处粘贴了什么,恶意用户可能会接管账户或者盗取个人资料。"
description2: "如果不能完全理解将要粘贴的内容,%c 请立即停止操作并关闭这个窗口。"
description3: "详情请看这里。{link}"
+_followRequest:
+ recieved: "已收到申请"
+ sent: "已发送申请"
diff --git a/locales/zh-TW.yml b/locales/zh-TW.yml
index b7c9def26f..d4ffb28c76 100644
--- a/locales/zh-TW.yml
+++ b/locales/zh-TW.yml
@@ -382,7 +382,6 @@ enableLocalTimeline: "啟用本地時間軸"
enableGlobalTimeline: "啟用全域時間軸"
disablingTimelinesInfo: "為了方便,即使您關閉了時間軸功能,管理員和審查員仍可以繼續使用。"
registration: "註冊"
-enableRegistration: "開放新使用者註冊"
invite: "邀請"
driveCapacityPerLocalAccount: "每個本地使用者的雲端硬碟容量"
driveCapacityPerRemoteAccount: "每個非本地用戶的雲端空間大小"
@@ -587,6 +586,7 @@ masterVolume: "主音量"
notUseSound: "關閉音效"
useSoundOnlyWhenActive: "瀏覽器在前景運作時,Misskey 才會發出音效"
details: "詳細資訊"
+renoteDetails: "轉發貼文的細節"
chooseEmoji: "選擇您的表情符號"
unableToProcess: "操作無法完成"
recentUsed: "最近使用"
@@ -1119,7 +1119,7 @@ vertical: "直向"
horizontal: "橫向"
position: "位置"
serverRules: "伺服器規則"
-pleaseConfirmBelowBeforeSignup: "在本伺服器註冊之前,請確認下列事項。"
+pleaseConfirmBelowBeforeSignup: "在本伺服器註冊之前,必須確認並同意以下內容。"
pleaseAgreeAllToContinue: "必須全部勾選「同意」才能繼續。"
continue: "繼續"
preservedUsernames: "保留的使用者名稱"
@@ -1300,6 +1300,7 @@ thisContentsAreMarkedAsSigninRequiredByAuthor: "作者將其設定為需要登
lockdown: "鎖定"
pleaseSelectAccount: "請選擇帳戶"
availableRoles: "可用角色"
+acknowledgeNotesAndEnable: "了解注意事項後再開啟。"
_accountSettings:
requireSigninToViewContents: "須登入以顯示內容"
requireSigninToViewContentsDescription1: "必須登入才會顯示您建立的貼文等內容。可望有效防止資訊被爬蟲蒐集。"
@@ -1456,6 +1457,8 @@ _serverSettings:
reactionsBufferingDescription: "啟用時,可以顯著提高建立反應時的效能並減少資料庫的負載。 但是,Redis 記憶體使用量會增加。"
inquiryUrl: "聯絡表單網址"
inquiryUrlDescription: "指定伺服器運營者的聯絡表單網址,或包含運營者聯絡資訊網頁的網址。"
+ openRegistration: "允許建立帳戶"
+ openRegistrationWarning: "開放註冊伴隨著風險。 建議只有在伺服器受到持續監控,並準備好在出現問題時能立即處理的情況下才開放註冊。"
thisSettingWillAutomaticallyOffWhenModeratorsInactive: "為了防止 spam,如果一段期間內沒有偵測到審查員的活動,此設定將自動關閉。"
_accountMigration:
moveFrom: "從其他帳戶遷移到這個帳戶"
@@ -2738,3 +2741,6 @@ _selfXssPrevention:
description1: "如果您在此處貼上任何內容,惡意使用者可能會接管您的帳戶或竊取您的個人資訊。"
description2: "如果您不確切知道要貼上的內容,%c 請立即停止工作並關閉此視窗。"
description3: "細節請看這裡。{link}"
+_followRequest:
+ recieved: "收到的請求"
+ sent: "送出的請求"
diff --git a/package.json b/package.json
index 63043d62e0..60de6f4e15 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "misskey",
- "version": "2024.11.0-alpha.1",
+ "version": "2024.11.0",
"codename": "nasubi",
"repository": {
"type": "git",
diff --git a/packages/backend/src/core/AbuseReportNotificationService.ts b/packages/backend/src/core/AbuseReportNotificationService.ts
index 25e265f2b1..742e2621fd 100644
--- a/packages/backend/src/core/AbuseReportNotificationService.ts
+++ b/packages/backend/src/core/AbuseReportNotificationService.ts
@@ -154,9 +154,9 @@ export class AbuseReportNotificationService implements OnApplicationShutdown {
const convertedReports = abuseReports.map(it => {
return {
...it,
- reporter: usersMap.get(it.reporterId),
- targetUser: usersMap.get(it.targetUserId),
- assignee: it.assigneeId ? usersMap.get(it.assigneeId) : null,
+ reporter: usersMap.get(it.reporterId) ?? null,
+ targetUser: usersMap.get(it.targetUserId) ?? null,
+ assignee: it.assigneeId ? (usersMap.get(it.assigneeId) ?? null) : null,
};
});
diff --git a/packages/backend/src/core/AnnouncementService.ts b/packages/backend/src/core/AnnouncementService.ts
index d4fcf19439..a9f6731977 100644
--- a/packages/backend/src/core/AnnouncementService.ts
+++ b/packages/backend/src/core/AnnouncementService.ts
@@ -72,7 +72,7 @@ export class AnnouncementService {
updatedAt: null,
title: values.title,
text: values.text,
- imageUrl: values.imageUrl,
+ imageUrl: values.imageUrl || null,
icon: values.icon,
display: values.display,
forExistingUsers: values.forExistingUsers,
diff --git a/packages/backend/src/core/DownloadService.ts b/packages/backend/src/core/DownloadService.ts
index 93f4a38246..2e78e6d877 100644
--- a/packages/backend/src/core/DownloadService.ts
+++ b/packages/backend/src/core/DownloadService.ts
@@ -6,7 +6,6 @@
import * as fs from 'node:fs';
import * as stream from 'node:stream/promises';
import { Inject, Injectable } from '@nestjs/common';
-import ipaddr from 'ipaddr.js';
import chalk from 'chalk';
import got, * as Got from 'got';
import { parse } from 'content-disposition';
@@ -70,13 +69,6 @@ export class DownloadService {
},
enableUnixSockets: false,
}).on('response', (res: Got.Response) => {
- if ((process.env.NODE_ENV === 'production' || process.env.NODE_ENV === 'test') && !this.config.proxy && res.ip) {
- if (this.isPrivateIp(res.ip)) {
- this.logger.warn(`Blocked address: ${res.ip}`);
- req.destroy();
- }
- }
-
const contentLength = res.headers['content-length'];
if (contentLength != null) {
const size = Number(contentLength);
@@ -139,18 +131,4 @@ export class DownloadService {
cleanup();
}
}
-
- @bindThis
- private isPrivateIp(ip: string): boolean {
- const parsedIp = ipaddr.parse(ip);
-
- for (const net of this.config.allowedPrivateNetworks ?? []) {
- const cidr = ipaddr.parseCIDR(net);
- if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(ipaddr.parseCIDR(net))) {
- return false;
- }
- }
-
- return parsedIp.range() !== 'unicast';
- }
}
diff --git a/packages/backend/src/core/EmailService.ts b/packages/backend/src/core/EmailService.ts
index a176474b95..da198d0e42 100644
--- a/packages/backend/src/core/EmailService.ts
+++ b/packages/backend/src/core/EmailService.ts
@@ -312,6 +312,7 @@ export class EmailService {
Accept: 'application/json',
Authorization: truemailAuthKey,
},
+ isLocalAddressAllowed: true,
});
const json = (await res.json()) as {
diff --git a/packages/backend/src/core/HttpRequestService.ts b/packages/backend/src/core/HttpRequestService.ts
index 7f3cac7c58..083153940a 100644
--- a/packages/backend/src/core/HttpRequestService.ts
+++ b/packages/backend/src/core/HttpRequestService.ts
@@ -6,6 +6,7 @@
import * as http from 'node:http';
import * as https from 'node:https';
import * as net from 'node:net';
+import ipaddr from 'ipaddr.js';
import CacheableLookup from 'cacheable-lookup';
import fetch from 'node-fetch';
import { HttpProxyAgent, HttpsProxyAgent } from 'hpagent';
@@ -15,6 +16,7 @@ import type { Config } from '@/config.js';
import { StatusError } from '@/misc/status-error.js';
import { bindThis } from '@/decorators.js';
import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
+import { assertActivityMatchesUrls } from '@/core/activitypub/misc/check-against-url.js';
import type { IObject } from '@/core/activitypub/type.js';
import type { Response } from 'node-fetch';
import type { URL } from 'node:url';
@@ -24,8 +26,102 @@ export type HttpRequestSendOptions = {
validators?: ((res: Response) => void)[];
};
+declare module 'node:http' {
+ interface Agent {
+ createConnection(options: net.NetConnectOpts, callback?: (err: unknown, stream: net.Socket) => void): net.Socket;
+ }
+}
+
+class HttpRequestServiceAgent extends http.Agent {
+ constructor(
+ private config: Config,
+ options?: http.AgentOptions,
+ ) {
+ super(options);
+ }
+
+ @bindThis
+ public createConnection(options: net.NetConnectOpts, callback?: (err: unknown, stream: net.Socket) => void): net.Socket {
+ const socket = super.createConnection(options, callback)
+ .on('connect', () => {
+ const address = socket.remoteAddress;
+ if (process.env.NODE_ENV === 'production') {
+ if (address && ipaddr.isValid(address)) {
+ if (this.isPrivateIp(address)) {
+ socket.destroy(new Error(`Blocked address: ${address}`));
+ }
+ }
+ }
+ });
+ return socket;
+ }
+
+ @bindThis
+ private isPrivateIp(ip: string): boolean {
+ const parsedIp = ipaddr.parse(ip);
+
+ for (const net of this.config.allowedPrivateNetworks ?? []) {
+ const cidr = ipaddr.parseCIDR(net);
+ if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(ipaddr.parseCIDR(net))) {
+ return false;
+ }
+ }
+
+ return parsedIp.range() !== 'unicast';
+ }
+}
+
+class HttpsRequestServiceAgent extends https.Agent {
+ constructor(
+ private config: Config,
+ options?: https.AgentOptions,
+ ) {
+ super(options);
+ }
+
+ @bindThis
+ public createConnection(options: net.NetConnectOpts, callback?: (err: unknown, stream: net.Socket) => void): net.Socket {
+ const socket = super.createConnection(options, callback)
+ .on('connect', () => {
+ const address = socket.remoteAddress;
+ if (process.env.NODE_ENV === 'production') {
+ if (address && ipaddr.isValid(address)) {
+ if (this.isPrivateIp(address)) {
+ socket.destroy(new Error(`Blocked address: ${address}`));
+ }
+ }
+ }
+ });
+ return socket;
+ }
+
+ @bindThis
+ private isPrivateIp(ip: string): boolean {
+ const parsedIp = ipaddr.parse(ip);
+
+ for (const net of this.config.allowedPrivateNetworks ?? []) {
+ const cidr = ipaddr.parseCIDR(net);
+ if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(ipaddr.parseCIDR(net))) {
+ return false;
+ }
+ }
+
+ return parsedIp.range() !== 'unicast';
+ }
+}
+
@Injectable()
export class HttpRequestService {
+ /**
+ * Get http non-proxy agent (without local address filtering)
+ */
+ private httpNative: http.Agent;
+
+ /**
+ * Get https non-proxy agent (without local address filtering)
+ */
+ private httpsNative: https.Agent;
+
/**
* Get http non-proxy agent
*/
@@ -56,19 +152,20 @@ export class HttpRequestService {
lookup: false, // nativeのdns.lookupにfallbackしない
});
- this.http = new http.Agent({
+ const agentOption = {
keepAlive: true,
keepAliveMsecs: 30 * 1000,
lookup: cache.lookup as unknown as net.LookupFunction,
localAddress: config.outgoingAddress,
- });
+ };
- this.https = new https.Agent({
- keepAlive: true,
- keepAliveMsecs: 30 * 1000,
- lookup: cache.lookup as unknown as net.LookupFunction,
- localAddress: config.outgoingAddress,
- });
+ this.httpNative = new http.Agent(agentOption);
+
+ this.httpsNative = new https.Agent(agentOption);
+
+ this.http = new HttpRequestServiceAgent(config, agentOption);
+
+ this.https = new HttpsRequestServiceAgent(config, agentOption);
const maxSockets = Math.max(256, config.deliverJobConcurrency ?? 128);
@@ -103,16 +200,22 @@ export class HttpRequestService {
* @param bypassProxy Allways bypass proxy
*/
@bindThis
- public getAgentByUrl(url: URL, bypassProxy = false): http.Agent | https.Agent {
+ public getAgentByUrl(url: URL, bypassProxy = false, isLocalAddressAllowed = false): http.Agent | https.Agent {
if (bypassProxy || (this.config.proxyBypassHosts ?? []).includes(url.hostname)) {
+ if (isLocalAddressAllowed) {
+ return url.protocol === 'http:' ? this.httpNative : this.httpsNative;
+ }
return url.protocol === 'http:' ? this.http : this.https;
} else {
+ if (isLocalAddressAllowed && (!this.config.proxy)) {
+ return url.protocol === 'http:' ? this.httpNative : this.httpsNative;
+ }
return url.protocol === 'http:' ? this.httpAgent : this.httpsAgent;
}
}
@bindThis
- public async getActivityJson(url: string): Promise {
+ public async getActivityJson(url: string, isLocalAddressAllowed = false): Promise {
const res = await this.send(url, {
method: 'GET',
headers: {
@@ -120,16 +223,22 @@ export class HttpRequestService {
},
timeout: 5000,
size: 1024 * 256,
+ isLocalAddressAllowed: isLocalAddressAllowed,
}, {
throwErrorWhenResponseNotOk: true,
validators: [validateContentTypeSetAsActivityPub],
});
- return await res.json() as IObject;
+ const finalUrl = res.url; // redirects may have been involved
+ const activity = await res.json() as IObject;
+
+ assertActivityMatchesUrls(activity, [finalUrl]);
+
+ return activity;
}
@bindThis
- public async getJson(url: string, accept = 'application/json, */*', headers?: Record): Promise {
+ public async getJson(url: string, accept = 'application/json, */*', headers?: Record, isLocalAddressAllowed = false): Promise {
const res = await this.send(url, {
method: 'GET',
headers: Object.assign({
@@ -137,19 +246,21 @@ export class HttpRequestService {
}, headers ?? {}),
timeout: 5000,
size: 1024 * 256,
+ isLocalAddressAllowed: isLocalAddressAllowed,
});
return await res.json() as T;
}
@bindThis
- public async getHtml(url: string, accept = 'text/html, */*', headers?: Record): Promise {
+ public async getHtml(url: string, accept = 'text/html, */*', headers?: Record, isLocalAddressAllowed = false): Promise {
const res = await this.send(url, {
method: 'GET',
headers: Object.assign({
Accept: accept,
}, headers ?? {}),
timeout: 5000,
+ isLocalAddressAllowed: isLocalAddressAllowed,
});
return await res.text();
@@ -164,6 +275,7 @@ export class HttpRequestService {
headers?: Record,
timeout?: number,
size?: number,
+ isLocalAddressAllowed?: boolean,
} = {},
extra: HttpRequestSendOptions = {
throwErrorWhenResponseNotOk: true,
@@ -177,6 +289,8 @@ export class HttpRequestService {
controller.abort();
}, timeout);
+ const isLocalAddressAllowed = args.isLocalAddressAllowed ?? false;
+
const res = await fetch(url, {
method: args.method ?? 'GET',
headers: {
@@ -185,7 +299,7 @@ export class HttpRequestService {
},
body: args.body,
size: args.size ?? 10 * 1024 * 1024,
- agent: (url) => this.getAgentByUrl(url),
+ agent: (url) => this.getAgentByUrl(url, false, isLocalAddressAllowed),
signal: controller.signal,
});
diff --git a/packages/backend/src/core/NoteCreateService.ts b/packages/backend/src/core/NoteCreateService.ts
index 3647fa7231..56ddcefd7c 100644
--- a/packages/backend/src/core/NoteCreateService.ts
+++ b/packages/backend/src/core/NoteCreateService.ts
@@ -56,6 +56,7 @@ import { isReply } from '@/misc/is-reply.js';
import { trackPromise } from '@/misc/promise-tracker.js';
import { IdentifiableError } from '@/misc/identifiable-error.js';
import { CollapsedQueue } from '@/misc/collapsed-queue.js';
+import { CacheService } from '@/core/CacheService.js';
type NotificationType = 'reply' | 'renote' | 'quote' | 'mention';
@@ -217,6 +218,7 @@ export class NoteCreateService implements OnApplicationShutdown {
private instanceChart: InstanceChart,
private utilityService: UtilityService,
private userBlockingService: UserBlockingService,
+ private cacheService: CacheService,
) {
this.updateNotesCountQueue = new CollapsedQueue(process.env.NODE_ENV !== 'test' ? 60 * 1000 * 5 : 0, this.collapseNotesCount, this.performUpdateNotesCount);
}
@@ -543,13 +545,21 @@ export class NoteCreateService implements OnApplicationShutdown {
this.followingsRepository.findBy({
followeeId: user.id,
notify: 'normal',
- }).then(followings => {
+ }).then(async followings => {
if (note.visibility !== 'specified') {
+ const isPureRenote = this.isRenote(data) && !this.isQuote(data) ? true : false;
for (const following of followings) {
// TODO: ワードミュート考慮
- this.notificationService.createNotification(following.followerId, 'note', {
- noteId: note.id,
- }, user.id);
+ let isRenoteMuted = false;
+ if (isPureRenote) {
+ const userIdsWhoMeMutingRenotes = await this.cacheService.renoteMutingsCache.fetch(following.followerId);
+ isRenoteMuted = userIdsWhoMeMutingRenotes.has(user.id);
+ }
+ if (!isRenoteMuted) {
+ this.notificationService.createNotification(following.followerId, 'note', {
+ noteId: note.id,
+ }, user.id);
+ }
}
}
});
diff --git a/packages/backend/src/core/QueueService.ts b/packages/backend/src/core/QueueService.ts
index 50f08da241..da76dd1284 100644
--- a/packages/backend/src/core/QueueService.ts
+++ b/packages/backend/src/core/QueueService.ts
@@ -7,13 +7,15 @@ import { randomUUID } from 'node:crypto';
import { Inject, Injectable } from '@nestjs/common';
import type { IActivity } from '@/core/activitypub/type.js';
import type { MiDriveFile } from '@/models/DriveFile.js';
-import type { MiWebhook, WebhookEventTypes, webhookEventTypes } from '@/models/Webhook.js';
+import type { MiWebhook, WebhookEventTypes } from '@/models/Webhook.js';
import type { MiSystemWebhook, SystemWebhookEventType } from '@/models/SystemWebhook.js';
import type { Config } from '@/config.js';
import { DI } from '@/di-symbols.js';
import { bindThis } from '@/decorators.js';
import type { Antenna } from '@/server/api/endpoints/i/import-antennas.js';
import { ApRequestCreator } from '@/core/activitypub/ApRequestService.js';
+import { type SystemWebhookPayload } from '@/core/SystemWebhookService.js';
+import { type UserWebhookPayload } from './UserWebhookService.js';
import type {
DbJobData,
DeliverJobData,
@@ -30,12 +32,11 @@ import type {
ObjectStorageQueue,
RelationshipQueue,
SystemQueue,
- UserWebhookDeliverQueue,
SystemWebhookDeliverQueue,
+ UserWebhookDeliverQueue,
} from './QueueModule.js';
import type httpSignature from '@peertube/http-signature';
import type * as Bull from 'bullmq';
-import { type UserWebhookPayload } from './UserWebhookService.js';
@Injectable()
export class QueueService {
@@ -501,10 +502,10 @@ export class QueueService {
* @see SystemWebhookDeliverProcessorService
*/
@bindThis
- public systemWebhookDeliver(
+ public systemWebhookDeliver(
webhook: MiSystemWebhook,
- type: SystemWebhookEventType,
- content: unknown,
+ type: T,
+ content: SystemWebhookPayload,
opts?: { attempts?: number },
) {
const data: SystemWebhookDeliverJobData = {
diff --git a/packages/backend/src/core/RemoteUserResolveService.ts b/packages/backend/src/core/RemoteUserResolveService.ts
index f5a55eb8bc..098b5e1706 100644
--- a/packages/backend/src/core/RemoteUserResolveService.ts
+++ b/packages/backend/src/core/RemoteUserResolveService.ts
@@ -56,7 +56,7 @@ export class RemoteUserResolveService {
host = this.utilityService.toPuny(host);
- if (this.config.host === host) {
+ if (host === this.utilityService.toPuny(this.config.host)) {
this.logger.info(`return local user: ${usernameLower}`);
return await this.usersRepository.findOneBy({ usernameLower, host: IsNull() }).then(u => {
if (u == null) {
diff --git a/packages/backend/src/core/SystemWebhookService.ts b/packages/backend/src/core/SystemWebhookService.ts
index db6407dcb3..de00169612 100644
--- a/packages/backend/src/core/SystemWebhookService.ts
+++ b/packages/backend/src/core/SystemWebhookService.ts
@@ -15,8 +15,39 @@ import { QueueService } from '@/core/QueueService.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
import { LoggerService } from '@/core/LoggerService.js';
import Logger from '@/logger.js';
+import { Packed } from '@/misc/json-schema.js';
+import { AbuseReportResolveType } from '@/models/AbuseUserReport.js';
+import { ModeratorInactivityRemainingTime } from '@/queue/processors/CheckModeratorsActivityProcessorService.js';
import type { OnApplicationShutdown } from '@nestjs/common';
+export type AbuseReportPayload = {
+ id: string;
+ targetUserId: string;
+ targetUser: Packed<'UserLite'> | null;
+ targetUserHost: string | null;
+ reporterId: string;
+ reporter: Packed<'UserLite'> | null;
+ reporterHost: string | null;
+ assigneeId: string | null;
+ assignee: Packed<'UserLite'> | null;
+ resolved: boolean;
+ forwarded: boolean;
+ comment: string;
+ moderationNote: string;
+ resolvedAs: AbuseReportResolveType | null;
+};
+
+export type InactiveModeratorsWarningPayload = {
+ remainingTime: ModeratorInactivityRemainingTime;
+};
+
+export type SystemWebhookPayload =
+ T extends 'abuseReport' | 'abuseReportResolved' ? AbuseReportPayload :
+ T extends 'userCreated' ? Packed<'UserLite'> :
+ T extends 'inactiveModeratorsWarning' ? InactiveModeratorsWarningPayload :
+ T extends 'inactiveModeratorsInvitationOnlyChanged' ? Record :
+ never;
+
@Injectable()
export class SystemWebhookService implements OnApplicationShutdown {
private logger: Logger;
@@ -168,7 +199,7 @@ export class SystemWebhookService implements OnApplicationShutdown {
public async enqueueSystemWebhook(
webhook: MiSystemWebhook | MiSystemWebhook['id'],
type: T,
- content: unknown,
+ content: SystemWebhookPayload,
) {
const webhookEntity = typeof webhook === 'string'
? (await this.fetchActiveSystemWebhooks()).find(a => a.id === webhook)
diff --git a/packages/backend/src/core/UtilityService.ts b/packages/backend/src/core/UtilityService.ts
index 86082ccdcd..9a2ba72ed3 100644
--- a/packages/backend/src/core/UtilityService.ts
+++ b/packages/backend/src/core/UtilityService.ts
@@ -34,6 +34,11 @@ export class UtilityService {
return this.toPuny(this.config.host) === this.toPuny(host);
}
+ @bindThis
+ public isUriLocal(uri: string): boolean {
+ return this.punyHost(uri) === this.toPuny(this.config.host);
+ }
+
@bindThis
public isBlockedHost(blockedHosts: string[], host: string | null): boolean {
if (host == null) return false;
@@ -96,7 +101,7 @@ export class UtilityService {
@bindThis
public extractDbHost(uri: string): string {
const url = new URL(uri);
- return this.toPuny(url.hostname);
+ return this.toPuny(url.host);
}
@bindThis
@@ -110,6 +115,13 @@ export class UtilityService {
return toASCII(host.toLowerCase());
}
+ @bindThis
+ public punyHost(url: string): string {
+ const urlObj = new URL(url);
+ const host = `${this.toPuny(urlObj.hostname)}${urlObj.port.length > 0 ? ':' + urlObj.port : ''}`;
+ return host;
+ }
+
@bindThis
public isFederationAllowedHost(host: string): boolean {
if (this.meta.federation === 'none') return false;
diff --git a/packages/backend/src/core/WebAuthnService.ts b/packages/backend/src/core/WebAuthnService.ts
index 75ab0a207c..ad53192f18 100644
--- a/packages/backend/src/core/WebAuthnService.ts
+++ b/packages/backend/src/core/WebAuthnService.ts
@@ -246,14 +246,12 @@ export class WebAuthnService {
@bindThis
public async verifyAuthentication(userId: MiUser['id'], response: AuthenticationResponseJSON): Promise {
- const challenge = await this.redisClient.get(`webauthn:challenge:${userId}`);
+ const challenge = await this.redisClient.getdel(`webauthn:challenge:${userId}`);
if (!challenge) {
throw new IdentifiableError('2d16e51c-007b-4edd-afd2-f7dd02c947f6', 'challenge not found');
}
- await this.redisClient.del(`webauthn:challenge:${userId}`);
-
const key = await this.userSecurityKeysRepository.findOneBy({
id: response.id,
userId: userId,
diff --git a/packages/backend/src/core/WebhookTestService.ts b/packages/backend/src/core/WebhookTestService.ts
index b1ea7974fb..555a39f71c 100644
--- a/packages/backend/src/core/WebhookTestService.ts
+++ b/packages/backend/src/core/WebhookTestService.ts
@@ -7,7 +7,7 @@ import { Injectable } from '@nestjs/common';
import { MiAbuseUserReport, MiNote, MiUser, MiWebhook } from '@/models/_.js';
import { bindThis } from '@/decorators.js';
import { MiSystemWebhook, type SystemWebhookEventType } from '@/models/SystemWebhook.js';
-import { SystemWebhookService } from '@/core/SystemWebhookService.js';
+import { AbuseReportPayload, SystemWebhookPayload, SystemWebhookService } from '@/core/SystemWebhookService.js';
import { Packed } from '@/misc/json-schema.js';
import { type WebhookEventTypes } from '@/models/Webhook.js';
import { type UserWebhookPayload, UserWebhookService } from '@/core/UserWebhookService.js';
@@ -16,13 +16,7 @@ import { ModeratorInactivityRemainingTime } from '@/queue/processors/CheckModera
const oneDayMillis = 24 * 60 * 60 * 1000;
-type AbuseUserReportDto = Omit & {
- targetUser: Packed<'UserLite'> | null,
- reporter: Packed<'UserLite'> | null,
- assignee: Packed<'UserLite'> | null,
-};
-
-function generateAbuseReport(override?: Partial): AbuseUserReportDto {
+function generateAbuseReport(override?: Partial): AbuseReportPayload {
const result: MiAbuseUserReport = {
id: 'dummy-abuse-report1',
targetUserId: 'dummy-target-user',
@@ -389,7 +383,8 @@ export class WebhookTestService {
break;
}
// まだ実装されていない (#9485)
- case 'reaction': return;
+ case 'reaction':
+ return;
default: {
// eslint-disable-next-line @typescript-eslint/no-unused-vars
const _exhaustiveAssertion: never = params.type;
@@ -407,10 +402,10 @@ export class WebhookTestService {
* - 送信対象イベント(on)に関する設定
*/
@bindThis
- public async testSystemWebhook(
+ public async testSystemWebhook(
params: {
webhookId: MiSystemWebhook['id'],
- type: SystemWebhookEventType,
+ type: T,
override?: Partial>,
},
) {
@@ -420,7 +415,7 @@ export class WebhookTestService {
}
const webhook = webhooks[0];
- const send = (contents: unknown) => {
+ const send = (type: U, contents: SystemWebhookPayload) => {
const merged = {
...webhook,
...params.override,
@@ -428,12 +423,12 @@ export class WebhookTestService {
// テスト目的なのでSystemWebhookServiceの機能を経由せず直接キューに追加する(チェック処理などをスキップする意図).
// また、Jobの試行回数も1回だけ.
- this.queueService.systemWebhookDeliver(merged, params.type, contents, { attempts: 1 });
+ this.queueService.systemWebhookDeliver(merged, type, contents, { attempts: 1 });
};
switch (params.type) {
case 'abuseReport': {
- send(generateAbuseReport({
+ send('abuseReport', generateAbuseReport({
targetUserId: dummyUser1.id,
targetUser: dummyUser1,
reporterId: dummyUser2.id,
@@ -442,7 +437,7 @@ export class WebhookTestService {
break;
}
case 'abuseReportResolved': {
- send(generateAbuseReport({
+ send('abuseReportResolved', generateAbuseReport({
targetUserId: dummyUser1.id,
targetUser: dummyUser1,
reporterId: dummyUser2.id,
@@ -454,7 +449,7 @@ export class WebhookTestService {
break;
}
case 'userCreated': {
- send(toPackedUserLite(dummyUser1));
+ send('userCreated', toPackedUserLite(dummyUser1));
break;
}
case 'inactiveModeratorsWarning': {
@@ -464,15 +459,20 @@ export class WebhookTestService {
asHours: 24,
};
- send({
+ send('inactiveModeratorsWarning', {
remainingTime: dummyTime,
});
break;
}
case 'inactiveModeratorsInvitationOnlyChanged': {
- send({});
+ send('inactiveModeratorsInvitationOnlyChanged', {});
break;
}
+ default: {
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
+ const _exhaustiveAssertion: never = params.type;
+ return;
+ }
}
}
}
diff --git a/packages/backend/src/core/activitypub/ApDbResolverService.ts b/packages/backend/src/core/activitypub/ApDbResolverService.ts
index 4192e8659a..5c16744a77 100644
--- a/packages/backend/src/core/activitypub/ApDbResolverService.ts
+++ b/packages/backend/src/core/activitypub/ApDbResolverService.ts
@@ -10,6 +10,7 @@ import type { Config } from '@/config.js';
import { MemoryKVCache } from '@/misc/cache.js';
import type { MiUserPublickey } from '@/models/UserPublickey.js';
import { CacheService } from '@/core/CacheService.js';
+import { UtilityService } from '@/core/UtilityService.js';
import type { MiNote } from '@/models/Note.js';
import { bindThis } from '@/decorators.js';
import { MiLocalUser, MiRemoteUser } from '@/models/User.js';
@@ -53,6 +54,7 @@ export class ApDbResolverService implements OnApplicationShutdown {
private cacheService: CacheService,
private apPersonService: ApPersonService,
+ private utilityService: UtilityService,
) {
this.publicKeyCache = new MemoryKVCache(1000 * 60 * 60 * 12); // 12h
this.publicKeyByUserIdCache = new MemoryKVCache(1000 * 60 * 60 * 12); // 12h
@@ -63,7 +65,9 @@ export class ApDbResolverService implements OnApplicationShutdown {
const separator = '/';
const uri = new URL(getApId(value));
- if (uri.origin !== this.config.url) return { local: false, uri: uri.href };
+ if (this.utilityService.toPuny(uri.host) !== this.utilityService.toPuny(this.config.host)) {
+ return { local: false, uri: uri.href };
+ }
const [, type, id, ...rest] = uri.pathname.split(separator);
return {
diff --git a/packages/backend/src/core/activitypub/ApInboxService.ts b/packages/backend/src/core/activitypub/ApInboxService.ts
index 376c9c0151..21c7adf7b2 100644
--- a/packages/backend/src/core/activitypub/ApInboxService.ts
+++ b/packages/backend/src/core/activitypub/ApInboxService.ts
@@ -28,6 +28,7 @@ import { bindThis } from '@/decorators.js';
import type { MiRemoteUser } from '@/models/User.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import { AbuseReportService } from '@/core/AbuseReportService.js';
+import { IdentifiableError } from '@/misc/identifiable-error.js';
import { getApHrefNullable, getApId, getApIds, getApType, isAccept, isActor, isAdd, isAnnounce, isBlock, isCollection, isCollectionOrOrderedCollection, isCreate, isDelete, isFlag, isFollow, isLike, isMove, isPost, isReject, isRemove, isTombstone, isUndo, isUpdate, validActor, validPost } from './type.js';
import { ApNoteService } from './models/ApNoteService.js';
import { ApLoggerService } from './ApLoggerService.js';
@@ -89,15 +90,26 @@ export class ApInboxService {
}
@bindThis
- public async performActivity(actor: MiRemoteUser, activity: IObject): Promise {
+ public async performActivity(actor: MiRemoteUser, activity: IObject, resolver?: Resolver): Promise {
let result = undefined as string | void;
if (isCollectionOrOrderedCollection(activity)) {
const results = [] as [string, string | void][];
- const resolver = this.apResolverService.createResolver();
- for (const item of toArray(isCollection(activity) ? activity.items : activity.orderedItems)) {
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
+
+ const items = toArray(isCollection(activity) ? activity.items : activity.orderedItems);
+ if (items.length >= resolver.getRecursionLimit()) {
+ throw new Error(`skipping activity: collection would surpass recursion limit: ${this.utilityService.extractDbHost(actor.uri)}`);
+ }
+
+ for (const item of items) {
const act = await resolver.resolve(item);
+ if (act.id == null || this.utilityService.extractDbHost(act.id) !== this.utilityService.extractDbHost(actor.uri)) {
+ this.logger.debug('skipping activity: activity id is null or mismatching');
+ continue;
+ }
try {
- results.push([getApId(item), await this.performOneActivity(actor, act)]);
+ results.push([getApId(item), await this.performOneActivity(actor, act, resolver)]);
} catch (err) {
if (err instanceof Error || typeof err === 'string') {
this.logger.error(err);
@@ -112,13 +124,14 @@ export class ApInboxService {
result = results.map(([id, reason]) => `${id}: ${reason}`).join('\n');
}
} else {
- result = await this.performOneActivity(actor, activity);
+ result = await this.performOneActivity(actor, activity, resolver);
}
// ついでにリモートユーザーの情報が古かったら更新しておく
if (actor.uri) {
if (actor.lastFetchedAt == null || Date.now() - actor.lastFetchedAt.getTime() > 1000 * 60 * 60 * 24) {
setImmediate(() => {
+ // 同一ユーザーの情報を再度処理するので、使用済みのresolverを再利用してはいけない
this.apPersonService.updatePerson(actor.uri);
});
}
@@ -127,37 +140,37 @@ export class ApInboxService {
}
@bindThis
- public async performOneActivity(actor: MiRemoteUser, activity: IObject): Promise {
+ public async performOneActivity(actor: MiRemoteUser, activity: IObject, resolver?: Resolver): Promise {
if (actor.isSuspended) return;
if (isCreate(activity)) {
- return await this.create(actor, activity);
+ return await this.create(actor, activity, resolver);
} else if (isDelete(activity)) {
return await this.delete(actor, activity);
} else if (isUpdate(activity)) {
- return await this.update(actor, activity);
+ return await this.update(actor, activity, resolver);
} else if (isFollow(activity)) {
return await this.follow(actor, activity);
} else if (isAccept(activity)) {
- return await this.accept(actor, activity);
+ return await this.accept(actor, activity, resolver);
} else if (isReject(activity)) {
- return await this.reject(actor, activity);
+ return await this.reject(actor, activity, resolver);
} else if (isAdd(activity)) {
- return await this.add(actor, activity);
+ return await this.add(actor, activity, resolver);
} else if (isRemove(activity)) {
- return await this.remove(actor, activity);
+ return await this.remove(actor, activity, resolver);
} else if (isAnnounce(activity)) {
- return await this.announce(actor, activity);
+ return await this.announce(actor, activity, resolver);
} else if (isLike(activity)) {
return await this.like(actor, activity);
} else if (isUndo(activity)) {
- return await this.undo(actor, activity);
+ return await this.undo(actor, activity, resolver);
} else if (isBlock(activity)) {
return await this.block(actor, activity);
} else if (isFlag(activity)) {
return await this.flag(actor, activity);
} else if (isMove(activity)) {
- return await this.move(actor, activity);
+ return await this.move(actor, activity, resolver);
} else {
return `unrecognized activity type: ${activity.type}`;
}
@@ -189,22 +202,26 @@ export class ApInboxService {
await this.apNoteService.extractEmojis(activity.tag ?? [], actor.host).catch(() => null);
- return await this.reactionService.create(actor, note, activity._misskey_reaction ?? activity.content ?? activity.name).catch(err => {
- if (err.id === '51c42bb4-931a-456b-bff7-e5a8a70dd298') {
+ try {
+ await this.reactionService.create(actor, note, activity._misskey_reaction ?? activity.content ?? activity.name);
+ return 'ok';
+ } catch (err) {
+ if (err instanceof IdentifiableError && err.id === '51c42bb4-931a-456b-bff7-e5a8a70dd298') {
return 'skip: already reacted';
} else {
throw err;
}
- }).then(() => 'ok');
+ }
}
@bindThis
- private async accept(actor: MiRemoteUser, activity: IAccept): Promise {
+ private async accept(actor: MiRemoteUser, activity: IAccept, resolver?: Resolver): Promise {
const uri = activity.id ?? activity;
this.logger.info(`Accept: ${uri}`);
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
const object = await resolver.resolve(activity.object).catch(err => {
this.logger.error(`Resolution failed: ${err}`);
@@ -241,7 +258,7 @@ export class ApInboxService {
}
@bindThis
- private async add(actor: MiRemoteUser, activity: IAdd): Promise {
+ private async add(actor: MiRemoteUser, activity: IAdd, resolver?: Resolver): Promise {
if (actor.uri !== activity.actor) {
return 'invalid actor';
}
@@ -251,7 +268,7 @@ export class ApInboxService {
}
if (activity.target === actor.featured) {
- const note = await this.apNoteService.resolveNote(activity.object);
+ const note = await this.apNoteService.resolveNote(activity.object, { resolver });
if (note == null) return 'note not found';
await this.notePiningService.addPinned(actor, note.id);
return;
@@ -261,12 +278,13 @@ export class ApInboxService {
}
@bindThis
- private async announce(actor: MiRemoteUser, activity: IAnnounce): Promise {
+ private async announce(actor: MiRemoteUser, activity: IAnnounce, resolver?: Resolver): Promise {
const uri = getApId(activity);
this.logger.info(`Announce: ${uri}`);
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
if (!activity.object) return 'skip: activity has no object property';
const targetUri = getApId(activity.object);
@@ -274,7 +292,7 @@ export class ApInboxService {
const target = await resolver.resolve(activity.object).catch(e => {
this.logger.error(`Resolution failed: ${e}`);
- return e;
+ throw e;
});
if (isPost(target)) return await this.announceNote(actor, activity, target);
@@ -283,7 +301,7 @@ export class ApInboxService {
}
@bindThis
- private async announceNote(actor: MiRemoteUser, activity: IAnnounce, target: IPost): Promise {
+ private async announceNote(actor: MiRemoteUser, activity: IAnnounce, target: IPost, resolver?: Resolver): Promise {
const uri = getApId(activity);
if (actor.isSuspended) {
@@ -305,7 +323,7 @@ export class ApInboxService {
// Announce対象をresolve
let renote;
try {
- renote = await this.apNoteService.resolveNote(target);
+ renote = await this.apNoteService.resolveNote(target, { resolver });
if (renote == null) return 'announce target is null';
} catch (err) {
// 対象が4xxならスキップ
@@ -324,7 +342,7 @@ export class ApInboxService {
this.logger.info(`Creating the (Re)Note: ${uri}`);
- const activityAudience = await this.apAudienceService.parseAudience(actor, activity.to, activity.cc);
+ const activityAudience = await this.apAudienceService.parseAudience(actor, activity.to, activity.cc, resolver);
const createdAt = activity.published ? new Date(activity.published) : null;
if (createdAt && createdAt < this.idService.parse(renote.id).date) {
@@ -362,7 +380,7 @@ export class ApInboxService {
}
@bindThis
- private async create(actor: MiRemoteUser, activity: ICreate): Promise {
+ private async create(actor: MiRemoteUser, activity: ICreate, resolver?: Resolver): Promise {
const uri = getApId(activity);
this.logger.info(`Create: ${uri}`);
@@ -387,7 +405,8 @@ export class ApInboxService {
activity.object.attributedTo = activity.actor;
}
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
const object = await resolver.resolve(activity.object).catch(e => {
this.logger.error(`Resolution failed: ${e}`);
@@ -414,6 +433,8 @@ export class ApInboxService {
if (this.utilityService.extractDbHost(actor.uri) !== this.utilityService.extractDbHost(note.id)) {
return 'skip: host in actor.uri !== note.id';
}
+ } else {
+ return 'skip: note.id is not a string';
}
}
@@ -423,7 +444,7 @@ export class ApInboxService {
const exist = await this.apNoteService.fetchNote(note);
if (exist) return 'skip: note exists';
- await this.apNoteService.createNote(note, resolver, silent);
+ await this.apNoteService.createNote(note, actor, resolver, silent);
return 'ok';
} catch (err) {
if (err instanceof StatusError && !err.isRetryable) {
@@ -555,12 +576,13 @@ export class ApInboxService {
}
@bindThis
- private async reject(actor: MiRemoteUser, activity: IReject): Promise {
+ private async reject(actor: MiRemoteUser, activity: IReject, resolver?: Resolver): Promise {
const uri = activity.id ?? activity;
this.logger.info(`Reject: ${uri}`);
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
const object = await resolver.resolve(activity.object).catch(e => {
this.logger.error(`Resolution failed: ${e}`);
@@ -597,7 +619,7 @@ export class ApInboxService {
}
@bindThis
- private async remove(actor: MiRemoteUser, activity: IRemove): Promise {
+ private async remove(actor: MiRemoteUser, activity: IRemove, resolver?: Resolver): Promise {
if (actor.uri !== activity.actor) {
return 'invalid actor';
}
@@ -607,7 +629,7 @@ export class ApInboxService {
}
if (activity.target === actor.featured) {
- const note = await this.apNoteService.resolveNote(activity.object);
+ const note = await this.apNoteService.resolveNote(activity.object, { resolver });
if (note == null) return 'note not found';
await this.notePiningService.removePinned(actor, note.id);
return;
@@ -617,7 +639,7 @@ export class ApInboxService {
}
@bindThis
- private async undo(actor: MiRemoteUser, activity: IUndo): Promise {
+ private async undo(actor: MiRemoteUser, activity: IUndo, resolver?: Resolver): Promise {
if (actor.uri !== activity.actor) {
return 'invalid actor';
}
@@ -626,11 +648,12 @@ export class ApInboxService {
this.logger.info(`Undo: ${uri}`);
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
const object = await resolver.resolve(activity.object).catch(e => {
this.logger.error(`Resolution failed: ${e}`);
- return e;
+ throw e;
});
// don't queue because the sender may attempt again when timeout
@@ -750,14 +773,15 @@ export class ApInboxService {
}
@bindThis
- private async update(actor: MiRemoteUser, activity: IUpdate): Promise {
+ private async update(actor: MiRemoteUser, activity: IUpdate, resolver?: Resolver): Promise {
if (actor.uri !== activity.actor) {
return 'skip: invalid actor';
}
this.logger.debug('Update');
- const resolver = this.apResolverService.createResolver();
+ // eslint-disable-next-line no-param-reassign
+ resolver ??= this.apResolverService.createResolver();
const object = await resolver.resolve(activity.object).catch(e => {
this.logger.error(`Resolution failed: ${e}`);
@@ -768,7 +792,7 @@ export class ApInboxService {
await this.apPersonService.updatePerson(actor.uri, resolver, object);
return 'ok: Person updated';
} else if (getApType(object) === 'Question') {
- await this.apQuestionService.updateQuestion(object, resolver).catch(err => console.error(err));
+ await this.apQuestionService.updateQuestion(object, actor, resolver).catch(err => console.error(err));
return 'ok: Question updated';
} else {
return `skip: Unknown type: ${getApType(object)}`;
@@ -776,11 +800,11 @@ export class ApInboxService {
}
@bindThis
- private async move(actor: MiRemoteUser, activity: IMove): Promise {
+ private async move(actor: MiRemoteUser, activity: IMove, resolver?: Resolver): Promise {
// fetch the new and old accounts
const targetUri = getApHrefNullable(activity.target);
if (!targetUri) return 'skip: invalid activity target';
- return await this.apPersonService.updatePerson(actor.uri) ?? 'skip: nothing to do';
+ return await this.apPersonService.updatePerson(actor.uri, resolver) ?? 'skip: nothing to do';
}
}
diff --git a/packages/backend/src/core/activitypub/ApRequestService.ts b/packages/backend/src/core/activitypub/ApRequestService.ts
index c7d19adfd5..8c3b7295e4 100644
--- a/packages/backend/src/core/activitypub/ApRequestService.ts
+++ b/packages/backend/src/core/activitypub/ApRequestService.ts
@@ -11,11 +11,14 @@ import { DI } from '@/di-symbols.js';
import type { Config } from '@/config.js';
import type { MiUser } from '@/models/User.js';
import { UserKeypairService } from '@/core/UserKeypairService.js';
+import { UtilityService } from '@/core/UtilityService.js';
import { HttpRequestService } from '@/core/HttpRequestService.js';
import { LoggerService } from '@/core/LoggerService.js';
import { bindThis } from '@/decorators.js';
import type Logger from '@/logger.js';
import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
+import { assertActivityMatchesUrls } from '@/core/activitypub/misc/check-against-url.js';
+import type { IObject } from './type.js';
type Request = {
url: string;
@@ -145,6 +148,7 @@ export class ApRequestService {
private userKeypairService: UserKeypairService,
private httpRequestService: HttpRequestService,
private loggerService: LoggerService,
+ private utilityService: UtilityService,
) {
// eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
this.logger = this.loggerService?.getLogger('ap-request'); // なぜか TypeError: Cannot read properties of undefined (reading 'getLogger') と言われる
@@ -238,7 +242,7 @@ export class ApRequestService {
const alternate = document.querySelector('head > link[rel="alternate"][type="application/activity+json"]');
if (alternate) {
const href = alternate.getAttribute('href');
- if (href) {
+ if (href && this.utilityService.punyHost(url) === this.utilityService.punyHost(href)) {
return await this.signedGet(href, user, false);
}
}
@@ -251,7 +255,11 @@ export class ApRequestService {
//#endregion
validateContentTypeSetAsActivityPub(res);
+ const finalUrl = res.url; // redirects may have been involved
+ const activity = await res.json() as IObject;
- return await res.json();
+ assertActivityMatchesUrls(activity, [finalUrl]);
+
+ return activity;
}
}
diff --git a/packages/backend/src/core/activitypub/ApResolverService.ts b/packages/backend/src/core/activitypub/ApResolverService.ts
index ca35608d9b..b0b35274ea 100644
--- a/packages/backend/src/core/activitypub/ApResolverService.ts
+++ b/packages/backend/src/core/activitypub/ApResolverService.ts
@@ -41,7 +41,7 @@ export class Resolver {
private apRendererService: ApRendererService,
private apDbResolverService: ApDbResolverService,
private loggerService: LoggerService,
- private recursionLimit = 100,
+ private recursionLimit = 256,
) {
this.history = new Set();
this.logger = this.loggerService.getLogger('ap-resolve');
@@ -52,6 +52,11 @@ export class Resolver {
return Array.from(this.history);
}
+ @bindThis
+ public getRecursionLimit(): number {
+ return this.recursionLimit;
+ }
+
@bindThis
public async resolveCollection(value: string | IObject): Promise {
const collection = typeof value === 'string'
@@ -113,6 +118,18 @@ export class Resolver {
throw new Error('invalid response');
}
+ // HttpRequestService / ApRequestService have already checked that
+ // `object.id` or `object.url` matches the URL used to fetch the
+ // object after redirects; here we double-check that no redirects
+ // bounced between hosts
+ if (object.id == null) {
+ throw new Error('invalid AP object: missing id');
+ }
+
+ if (this.utilityService.punyHost(object.id) !== this.utilityService.punyHost(value)) {
+ throw new Error(`invalid AP object ${value}: id ${object.id} has different host`);
+ }
+
return object;
}
diff --git a/packages/backend/src/core/activitypub/misc/check-against-url.ts b/packages/backend/src/core/activitypub/misc/check-against-url.ts
new file mode 100644
index 0000000000..78ba891a2e
--- /dev/null
+++ b/packages/backend/src/core/activitypub/misc/check-against-url.ts
@@ -0,0 +1,19 @@
+/*
+ * SPDX-FileCopyrightText: dakkar and sharkey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+import type { IObject } from '../type.js';
+
+export function assertActivityMatchesUrls(activity: IObject, urls: string[]) {
+ const idOk = activity.id !== undefined && urls.includes(activity.id);
+
+ // technically `activity.url` could be an `ApObject = IObject |
+ // string | (IObject | string)[]`, but if it's a complicated thing
+ // and the `activity.id` doesn't match, I think we're fine
+ // rejecting the activity
+ const urlOk = typeof(activity.url) === 'string' && urls.includes(activity.url);
+
+ if (!idOk && !urlOk) {
+ throw new Error(`bad Activity: neither id(${activity?.id}) nor url(${activity?.url}) match location(${urls})`);
+ }
+}
diff --git a/packages/backend/src/core/activitypub/models/ApNoteService.ts b/packages/backend/src/core/activitypub/models/ApNoteService.ts
index 2d333b3634..eb2e771a38 100644
--- a/packages/backend/src/core/activitypub/models/ApNoteService.ts
+++ b/packages/backend/src/core/activitypub/models/ApNoteService.ts
@@ -77,7 +77,7 @@ export class ApNoteService {
}
@bindThis
- public validateNote(object: IObject, uri: string): Error | null {
+ public validateNote(object: IObject, uri: string, actor?: MiRemoteUser): Error | null {
const expectHost = this.utilityService.extractDbHost(uri);
const apType = getApType(object);
@@ -98,6 +98,14 @@ export class ApNoteService {
return new IdentifiableError('d450b8a9-48e4-4dab-ae36-f4db763fda7c', 'invalid Note: published timestamp is malformed');
}
+ if (actor) {
+ const attribution = (object.attributedTo) ? getOneApId(object.attributedTo) : actor.uri;
+
+ if (attribution !== actor.uri) {
+ return new IdentifiableError('d450b8a9-48e4-4dab-ae36-f4db763fda7c', `invalid Note: attribution does not match the actor that send it. attribution: ${attribution}, actor: ${actor.uri}`);
+ }
+ }
+
return null;
}
@@ -115,14 +123,14 @@ export class ApNoteService {
* Noteを作成します。
*/
@bindThis
- public async createNote(value: string | IObject, resolver?: Resolver, silent = false): Promise {
+ public async createNote(value: string | IObject, actor?: MiRemoteUser, resolver?: Resolver, silent = false): Promise {
// eslint-disable-next-line no-param-reassign
if (resolver == null) resolver = this.apResolverService.createResolver();
const object = await resolver.resolve(value);
const entryUri = getApId(value);
- const err = this.validateNote(object, entryUri);
+ const err = this.validateNote(object, entryUri, actor);
if (err) {
this.logger.error(err.message, {
resolver: { history: resolver.getHistory() },
@@ -136,14 +144,24 @@ export class ApNoteService {
this.logger.debug(`Note fetched: ${JSON.stringify(note, null, 2)}`);
- if (note.id && !checkHttps(note.id)) {
+ if (note.id == null) {
+ throw new Error('Refusing to create note without id');
+ }
+
+ if (!checkHttps(note.id)) {
throw new Error('unexpected schema of note.id: ' + note.id);
}
const url = getOneApHrefNullable(note.url);
- if (url && !checkHttps(url)) {
- throw new Error('unexpected schema of note url: ' + url);
+ if (url != null) {
+ if (!checkHttps(url)) {
+ throw new Error('unexpected schema of note url: ' + url);
+ }
+
+ if (this.utilityService.punyHost(url) !== this.utilityService.punyHost(note.id)) {
+ throw new Error(`note url & uri host mismatch: note url: ${url}, note uri: ${note.id}`);
+ }
}
this.logger.info(`Creating the Note: ${note.id}`);
@@ -156,8 +174,9 @@ export class ApNoteService {
const uri = getOneApId(note.attributedTo);
// ローカルで投稿者を検索し、もし凍結されていたらスキップ
- const cachedActor = await this.apPersonService.fetchPerson(uri) as MiRemoteUser;
- if (cachedActor && cachedActor.isSuspended) {
+ // eslint-disable-next-line no-param-reassign
+ actor ??= await this.apPersonService.fetchPerson(uri) as MiRemoteUser | undefined;
+ if (actor && actor.isSuspended) {
throw new IdentifiableError('85ab9bd7-3a41-4530-959d-f07073900109', 'actor has been suspended');
}
@@ -189,7 +208,8 @@ export class ApNoteService {
}
//#endregion
- const actor = cachedActor ?? await this.apPersonService.resolvePerson(uri, resolver) as MiRemoteUser;
+ // eslint-disable-next-line no-param-reassign
+ actor ??= await this.apPersonService.resolvePerson(uri, resolver) as MiRemoteUser;
// 解決した投稿者が凍結されていたらスキップ
if (actor.isSuspended) {
@@ -348,7 +368,7 @@ export class ApNoteService {
if (exist) return exist;
//#endregion
- if (uri.startsWith(this.config.url)) {
+ if (this.utilityService.isUriLocal(uri)) {
throw new StatusError('cannot resolve local note', 400, 'cannot resolve local note');
}
@@ -356,7 +376,7 @@ export class ApNoteService {
// ここでuriの代わりに添付されてきたNote Objectが指定されていると、サーバーフェッチを経ずにノートが生成されるが
// 添付されてきたNote Objectは偽装されている可能性があるため、常にuriを指定してサーバーフェッチを行う。
const createFrom = options.sentFrom?.origin === new URL(uri).origin ? value : uri;
- return await this.createNote(createFrom, options.resolver, true);
+ return await this.createNote(createFrom, undefined, options.resolver, true);
} finally {
unlock();
}
diff --git a/packages/backend/src/core/activitypub/models/ApPersonService.ts b/packages/backend/src/core/activitypub/models/ApPersonService.ts
index c9de67b3a0..8590861ca0 100644
--- a/packages/backend/src/core/activitypub/models/ApPersonService.ts
+++ b/packages/backend/src/core/activitypub/models/ApPersonService.ts
@@ -129,12 +129,6 @@ export class ApPersonService implements OnModuleInit {
this.logger = this.apLoggerService.logger;
}
- private punyHost(url: string): string {
- const urlObj = new URL(url);
- const host = `${this.utilityService.toPuny(urlObj.hostname)}${urlObj.port.length > 0 ? ':' + urlObj.port : ''}`;
- return host;
- }
-
/**
* Validate and convert to actor object
* @param x Fetched object
@@ -142,7 +136,7 @@ export class ApPersonService implements OnModuleInit {
*/
@bindThis
private validateActor(x: IObject, uri: string): IActor {
- const expectHost = this.punyHost(uri);
+ const expectHost = this.utilityService.punyHost(uri);
if (!isActor(x)) {
throw new Error(`invalid Actor type '${x.type}'`);
@@ -156,6 +150,32 @@ export class ApPersonService implements OnModuleInit {
throw new Error('invalid Actor: wrong inbox');
}
+ if (this.utilityService.punyHost(x.inbox) !== expectHost) {
+ throw new Error('invalid Actor: inbox has different host');
+ }
+
+ const sharedInboxObject = x.sharedInbox ?? (x.endpoints ? x.endpoints.sharedInbox : undefined);
+ if (sharedInboxObject != null) {
+ const sharedInbox = getApId(sharedInboxObject);
+ if (!(typeof sharedInbox === 'string' && sharedInbox.length > 0 && this.utilityService.punyHost(sharedInbox) === expectHost)) {
+ throw new Error('invalid Actor: wrong shared inbox');
+ }
+ }
+
+ for (const collection of ['outbox', 'followers', 'following'] as (keyof IActor)[]) {
+ const xCollection = (x as IActor)[collection];
+ if (xCollection != null) {
+ const collectionUri = getApId(xCollection);
+ if (typeof collectionUri === 'string' && collectionUri.length > 0) {
+ if (this.utilityService.punyHost(collectionUri) !== expectHost) {
+ throw new Error(`invalid Actor: ${collection} has different host`);
+ }
+ } else if (collectionUri != null) {
+ throw new Error(`invalid Actor: wrong ${collection}`);
+ }
+ }
+ }
+
if (!(typeof x.preferredUsername === 'string' && x.preferredUsername.length > 0 && x.preferredUsername.length <= 128 && /^\w([\w-.]*\w)?$/.test(x.preferredUsername))) {
throw new Error('invalid Actor: wrong username');
}
@@ -179,7 +199,7 @@ export class ApPersonService implements OnModuleInit {
x.summary = truncate(x.summary, summaryLength);
}
- const idHost = this.punyHost(x.id);
+ const idHost = this.utilityService.punyHost(x.id);
if (idHost !== expectHost) {
throw new Error('invalid Actor: id has different host');
}
@@ -189,7 +209,7 @@ export class ApPersonService implements OnModuleInit {
throw new Error('invalid Actor: publicKey.id is not a string');
}
- const publicKeyIdHost = this.punyHost(x.publicKey.id);
+ const publicKeyIdHost = this.utilityService.punyHost(x.publicKey.id);
if (publicKeyIdHost !== expectHost) {
throw new Error('invalid Actor: publicKey.id has different host');
}
@@ -280,7 +300,8 @@ export class ApPersonService implements OnModuleInit {
public async createPerson(uri: string, resolver?: Resolver): Promise {
if (typeof uri !== 'string') throw new Error('uri is not string');
- if (uri.startsWith(this.config.url)) {
+ const host = this.utilityService.punyHost(uri);
+ if (host === this.utilityService.toPuny(this.config.host)) {
throw new StatusError('cannot resolve local user', 400, 'cannot resolve local user');
}
@@ -294,8 +315,6 @@ export class ApPersonService implements OnModuleInit {
this.logger.info(`Creating the Person: ${person.id}`);
- const host = this.punyHost(object.id);
-
const fields = this.analyzeAttachments(person.attachment ?? []);
const tags = extractApHashtags(person.tag).map(normalizeForSearch).splice(0, 32);
@@ -321,8 +340,18 @@ export class ApPersonService implements OnModuleInit {
const url = getOneApHrefNullable(person.url);
- if (url && !checkHttps(url)) {
- throw new Error('unexpected schema of person url: ' + url);
+ if (person.id == null) {
+ throw new Error('Refusing to create person without id');
+ }
+
+ if (url != null) {
+ if (!checkHttps(url)) {
+ throw new Error('unexpected schema of person url: ' + url);
+ }
+
+ if (this.utilityService.punyHost(url) !== this.utilityService.punyHost(person.id)) {
+ throw new Error(`person url <> uri host mismatch: ${url} <> ${person.id}`);
+ }
}
// Create user
@@ -355,7 +384,7 @@ export class ApPersonService implements OnModuleInit {
usernameLower: person.preferredUsername?.toLowerCase(),
host,
inbox: person.inbox,
- sharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox,
+ sharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox ?? null,
followersUri: person.followers ? getApId(person.followers) : undefined,
featured: person.featured ? getApId(person.featured) : undefined,
uri: person.id,
@@ -465,7 +494,7 @@ export class ApPersonService implements OnModuleInit {
if (typeof uri !== 'string') throw new Error('uri is not string');
// URIがこのサーバーを指しているならスキップ
- if (uri.startsWith(`${this.config.url}/`)) return;
+ if (this.utilityService.isUriLocal(uri)) return;
//#region このサーバーに既に登録されているか
const exist = await this.fetchPerson(uri) as MiRemoteUser | null;
@@ -514,14 +543,24 @@ export class ApPersonService implements OnModuleInit {
const url = getOneApHrefNullable(person.url);
- if (url && !checkHttps(url)) {
- throw new Error('unexpected schema of person url: ' + url);
+ if (person.id == null) {
+ throw new Error('Refusing to update person without id');
+ }
+
+ if (url != null) {
+ if (!checkHttps(url)) {
+ throw new Error('unexpected schema of person url: ' + url);
+ }
+
+ if (this.utilityService.punyHost(url) !== this.utilityService.punyHost(person.id)) {
+ throw new Error(`person url <> uri host mismatch: ${url} <> ${person.id}`);
+ }
}
const updates = {
lastFetchedAt: new Date(),
inbox: person.inbox,
- sharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox,
+ sharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox ?? null,
followersUri: person.followers ? getApId(person.followers) : undefined,
featured: person.featured,
emojis: emojiNames,
@@ -593,7 +632,7 @@ export class ApPersonService implements OnModuleInit {
// 該当ユーザーが既にフォロワーになっていた場合はFollowingもアップデートする
await this.followingsRepository.update(
{ followerId: exist.id },
- { followerSharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox },
+ { followerSharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox ?? null },
);
await this.updateFeatured(exist.id, resolver).catch(err => this.logger.error(err));
@@ -728,7 +767,7 @@ export class ApPersonService implements OnModuleInit {
await this.updatePerson(src.movedToUri, undefined, undefined, [...movePreventUris, src.uri]);
dst = await this.fetchPerson(src.movedToUri) ?? dst;
} else {
- if (src.movedToUri.startsWith(`${this.config.url}/`)) {
+ if (this.utilityService.isUriLocal(src.movedToUri)) {
// ローカルユーザーっぽいのにfetchPersonで見つからないということはmovedToUriが間違っている
return 'failed: movedTo is local but not found';
}
diff --git a/packages/backend/src/core/activitypub/models/ApQuestionService.ts b/packages/backend/src/core/activitypub/models/ApQuestionService.ts
index 73004d10b0..a2cdaf02ca 100644
--- a/packages/backend/src/core/activitypub/models/ApQuestionService.ts
+++ b/packages/backend/src/core/activitypub/models/ApQuestionService.ts
@@ -5,16 +5,18 @@
import { Inject, Injectable } from '@nestjs/common';
import { DI } from '@/di-symbols.js';
-import type { NotesRepository, PollsRepository } from '@/models/_.js';
+import type { UsersRepository, NotesRepository, PollsRepository } from '@/models/_.js';
import type { Config } from '@/config.js';
import type { IPoll } from '@/models/Poll.js';
+import type { MiRemoteUser } from '@/models/User.js';
import type Logger from '@/logger.js';
import { bindThis } from '@/decorators.js';
-import { isQuestion } from '../type.js';
+import { getOneApId, isQuestion } from '../type.js';
+import { UtilityService } from '@/core/UtilityService.js';
import { ApLoggerService } from '../ApLoggerService.js';
import { ApResolverService } from '../ApResolverService.js';
import type { Resolver } from '../ApResolverService.js';
-import type { IObject, IQuestion } from '../type.js';
+import type { IObject } from '../type.js';
@Injectable()
export class ApQuestionService {
@@ -24,6 +26,9 @@ export class ApQuestionService {
@Inject(DI.config)
private config: Config,
+ @Inject(DI.usersRepository)
+ private usersRepository: UsersRepository,
+
@Inject(DI.notesRepository)
private notesRepository: NotesRepository,
@@ -32,6 +37,7 @@ export class ApQuestionService {
private apResolverService: ApResolverService,
private apLoggerService: ApLoggerService,
+ private utilityService: UtilityService,
) {
this.logger = this.apLoggerService.logger;
}
@@ -65,12 +71,12 @@ export class ApQuestionService {
* @returns true if updated
*/
@bindThis
- public async updateQuestion(value: string | IObject, resolver?: Resolver): Promise {
+ public async updateQuestion(value: string | IObject, actor?: MiRemoteUser, resolver?: Resolver): Promise {
const uri = typeof value === 'string' ? value : value.id;
if (uri == null) throw new Error('uri is null');
// URIがこのサーバーを指しているならスキップ
- if (uri.startsWith(this.config.url + '/')) throw new Error('uri points local');
+ if (this.utilityService.isUriLocal(uri)) throw new Error('uri points local');
//#region このサーバーに既に登録されているか
const note = await this.notesRepository.findOneBy({ uri });
@@ -78,15 +84,26 @@ export class ApQuestionService {
const poll = await this.pollsRepository.findOneBy({ noteId: note.id });
if (poll == null) throw new Error('Question is not registered');
+
+ const user = await this.usersRepository.findOneBy({ id: poll.userId });
+ if (user == null) throw new Error('Question is not registered');
//#endregion
// resolve new Question object
// eslint-disable-next-line no-param-reassign
if (resolver == null) resolver = this.apResolverService.createResolver();
- const question = await resolver.resolve(value) as IQuestion;
+ const question = await resolver.resolve(value);
this.logger.debug(`fetched question: ${JSON.stringify(question, null, 2)}`);
- if (question.type !== 'Question') throw new Error('object is not a Question');
+ if (!isQuestion(question)) throw new Error('object is not a Question');
+
+ const attribution = (question.attributedTo) ? getOneApId(question.attributedTo) : user.uri;
+ const attributionMatchesExisting = attribution === user.uri;
+ const actorMatchesAttribution = (actor) ? attribution === actor.uri : true;
+
+ if (!attributionMatchesExisting || !actorMatchesAttribution) {
+ throw new Error('Refusing to ingest update for poll by different user');
+ }
const apChoices = question.oneOf ?? question.anyOf;
if (apChoices == null) throw new Error('invalid apChoices: ' + apChoices);
@@ -96,7 +113,7 @@ export class ApQuestionService {
for (const choice of poll.choices) {
const oldCount = poll.votes[poll.choices.indexOf(choice)];
const newCount = apChoices.filter(ap => ap.name === choice).at(0)?.replies?.totalItems;
- if (newCount == null) throw new Error('invalid newCount: ' + newCount);
+ if (newCount == null || !(Number.isInteger(newCount) && newCount >= 0)) throw new Error('invalid newCount: ' + newCount);
if (oldCount !== newCount) {
changed = true;
diff --git a/packages/backend/src/models/AbuseUserReport.ts b/packages/backend/src/models/AbuseUserReport.ts
index cb5672e4ac..d43ebf9342 100644
--- a/packages/backend/src/models/AbuseUserReport.ts
+++ b/packages/backend/src/models/AbuseUserReport.ts
@@ -7,6 +7,8 @@ import { PrimaryColumn, Entity, Index, JoinColumn, Column, ManyToOne } from 'typ
import { id } from './util/id.js';
import { MiUser } from './User.js';
+export type AbuseReportResolveType = 'accept' | 'reject';
+
@Entity('abuse_user_report')
export class MiAbuseUserReport {
@PrimaryColumn(id())
@@ -76,7 +78,7 @@ export class MiAbuseUserReport {
@Column('varchar', {
length: 128, nullable: true,
})
- public resolvedAs: 'accept' | 'reject' | null;
+ public resolvedAs: AbuseReportResolveType | null;
//#region Denormalized fields
@Index()
diff --git a/packages/backend/src/queue/processors/InboxProcessorService.ts b/packages/backend/src/queue/processors/InboxProcessorService.ts
index 95d764e4d8..004fe1382d 100644
--- a/packages/backend/src/queue/processors/InboxProcessorService.ts
+++ b/packages/backend/src/queue/processors/InboxProcessorService.ts
@@ -190,6 +190,8 @@ export class InboxProcessorService implements OnApplicationShutdown {
if (signerHost !== activityIdHost) {
throw new Bull.UnrecoverableError(`skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`);
}
+ } else {
+ throw new Bull.UnrecoverableError('skip: activity id is not a string');
}
this.apRequestChart.inbox();
diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts
index ba2342b630..f34f6583d3 100644
--- a/packages/backend/src/server/ActivityPubServerService.ts
+++ b/packages/backend/src/server/ActivityPubServerService.ts
@@ -105,7 +105,7 @@ export class ActivityPubServerService {
let signature;
try {
- signature = httpSignature.parseRequest(request.raw, { 'headers': [] });
+ signature = httpSignature.parseRequest(request.raw, { 'headers': ['(request-target)', 'host', 'date'], authorizationHeaderName: 'signature' });
} catch (e) {
reply.code(401);
return;
diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
index 01dea703a3..ece1984cff 100644
--- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
@@ -46,7 +46,7 @@ export default class extends Endpoint { // eslint-
throw new Error('cannot delete a root account');
}
- await this.deleteAccoountService.deleteAccount(user);
+ await this.deleteAccoountService.deleteAccount(user, me);
});
}
}
diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
index 2dae1df87d..b8bfda73a4 100644
--- a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
@@ -55,7 +55,7 @@ export const paramDef = {
properties: {
title: { type: 'string', minLength: 1 },
text: { type: 'string', minLength: 1 },
- imageUrl: { type: 'string', nullable: true, minLength: 1 },
+ imageUrl: { type: 'string', nullable: true, minLength: 0 },
icon: { type: 'string', enum: ['info', 'warning', 'error', 'success'], default: 'info' },
display: { type: 'string', enum: ['normal', 'banner', 'dialog'], default: 'normal' },
forExistingUsers: { type: 'boolean', default: false },
@@ -76,7 +76,8 @@ export default class extends Endpoint { // eslint-
updatedAt: null,
title: ps.title,
text: ps.text,
- imageUrl: ps.imageUrl,
+ /* eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing -- 空の文字列の場合、nullを渡すようにするため */
+ imageUrl: ps.imageUrl || null,
icon: ps.icon,
display: ps.display,
forExistingUsers: ps.forExistingUsers,
diff --git a/packages/backend/src/server/api/endpoints/admin/delete-account.ts b/packages/backend/src/server/api/endpoints/admin/delete-account.ts
index b6f0f22d60..9065a71f6a 100644
--- a/packages/backend/src/server/api/endpoints/admin/delete-account.ts
+++ b/packages/backend/src/server/api/endpoints/admin/delete-account.ts
@@ -33,13 +33,13 @@ export default class extends Endpoint { // eslint-
private deleteAccountService: DeleteAccountService,
) {
- super(meta, paramDef, async (ps) => {
+ super(meta, paramDef, async (ps, me) => {
const user = await this.usersRepository.findOneByOrFail({ id: ps.userId });
if (user.isDeleted) {
return;
}
- await this.deleteAccountService.deleteAccount(user);
+ await this.deleteAccountService.deleteAccount(user, me);
});
}
}
diff --git a/packages/backend/src/server/api/endpoints/ap/get.ts b/packages/backend/src/server/api/endpoints/ap/get.ts
index d8c55de7ec..14286bc23e 100644
--- a/packages/backend/src/server/api/endpoints/ap/get.ts
+++ b/packages/backend/src/server/api/endpoints/ap/get.ts
@@ -11,6 +11,7 @@ import { ApResolverService } from '@/core/activitypub/ApResolverService.js';
export const meta = {
tags: ['federation'],
+ requireAdmin: true,
requireCredential: true,
kind: 'read:federation',
diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts
index c52608cefb..24d5a7b0f1 100644
--- a/packages/backend/src/server/api/endpoints/ap/show.ts
+++ b/packages/backend/src/server/api/endpoints/ap/show.ts
@@ -118,6 +118,11 @@ export default class extends Endpoint { // eslint-
]));
if (local != null) return local;
+ const host = this.utilityService.extractDbHost(uri);
+
+ // local object, not found in db? fail
+ if (this.utilityService.isSelfHost(host)) return null;
+
// リモートから一旦オブジェクトフェッチ
const resolver = this.apResolverService.createResolver();
const object = await resolver.resolve(uri) as any;
@@ -132,10 +137,11 @@ export default class extends Endpoint { // eslint-
if (local != null) return local;
}
+ // 同一ユーザーの情報を再度処理するので、使用済みのresolverを再利用してはいけない
return await this.mergePack(
me,
isActor(object) ? await this.apPersonService.createPerson(getApId(object)) : null,
- isPost(object) ? await this.apNoteService.createNote(getApId(object), undefined, true) : null,
+ isPost(object) ? await this.apNoteService.createNote(getApId(object), undefined, undefined, true) : null,
);
}
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts
index 5ebec4ffd0..1b8873214b 100644
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@@ -559,7 +559,7 @@ export class ClientServerService {
}
});
- //#region SSR (for crawlers)
+ //#region SSR
// User
fastify.get<{ Params: { user: string; sub?: string; } }>('/@:user/:sub?', async (request, reply) => {
const { username, host } = Acct.parse(request.params.user);
@@ -584,11 +584,17 @@ export class ClientServerService {
reply.header('X-Robots-Tag', 'noimageai');
reply.header('X-Robots-Tag', 'noai');
}
+
+ const _user = await this.userEntityService.pack(user);
+
return await reply.view('user', {
user, profile, me,
avatarUrl: user.avatarUrl ?? this.userEntityService.getIdenticonUrl(user),
sub: request.params.sub,
...await this.generateCommonPugData(this.meta),
+ clientCtx: htmlSafeJsonStringify({
+ user: _user,
+ }),
});
} else {
// リモートユーザーなので
@@ -641,6 +647,9 @@ export class ClientServerService {
// TODO: Let locale changeable by instance setting
summary: getNoteSummary(_note),
...await this.generateCommonPugData(this.meta),
+ clientCtx: htmlSafeJsonStringify({
+ note: _note,
+ }),
});
} else {
return await renderBase(reply);
@@ -729,6 +738,9 @@ export class ClientServerService {
profile,
avatarUrl: _clip.user.avatarUrl,
...await this.generateCommonPugData(this.meta),
+ clientCtx: htmlSafeJsonStringify({
+ clip: _clip,
+ }),
});
} else {
return await renderBase(reply);
diff --git a/packages/backend/src/server/web/UrlPreviewService.ts b/packages/backend/src/server/web/UrlPreviewService.ts
index 5d493c2c46..9b5f0acd2c 100644
--- a/packages/backend/src/server/web/UrlPreviewService.ts
+++ b/packages/backend/src/server/web/UrlPreviewService.ts
@@ -145,6 +145,6 @@ export class UrlPreviewService {
contentLengthRequired: meta.urlPreviewRequireContentLength,
});
- return this.httpRequestService.getJson(`${proxy}?${queryStr}`);
+ return this.httpRequestService.getJson(`${proxy}?${queryStr}`, 'application/json, */*', undefined, true);
}
}
diff --git a/packages/backend/src/server/web/views/base.pug b/packages/backend/src/server/web/views/base.pug
index 280a5923c2..3883b5e5ab 100644
--- a/packages/backend/src/server/web/views/base.pug
+++ b/packages/backend/src/server/web/views/base.pug
@@ -74,6 +74,9 @@ html
script(type='application/json' id='misskey_meta' data-generated-at=now)
!= metaJson
+ script(type='application/json' id='misskey_clientCtx' data-generated-at=now)
+ != clientCtx
+
script
include ../boot.js
diff --git a/packages/backend/test-federation/.config/example.default.yml b/packages/backend/test-federation/.config/example.default.yml
index ff1760a5a6..28d51ac86e 100644
--- a/packages/backend/test-federation/.config/example.default.yml
+++ b/packages/backend/test-federation/.config/example.default.yml
@@ -19,7 +19,6 @@ proxyBypassHosts:
- challenges.cloudflare.com
proxyRemoteFiles: true
signToActivityPubGet: true
-allowedPrivateNetworks: [
- '127.0.0.1/32',
- '172.20.0.0/16'
-]
+allowedPrivateNetworks:
+ - 127.0.0.1/32
+ - 172.20.0.0/16
diff --git a/packages/backend/test/unit/activitypub.ts b/packages/backend/test/unit/activitypub.ts
index 2fc08aec91..9df947982b 100644
--- a/packages/backend/test/unit/activitypub.ts
+++ b/packages/backend/test/unit/activitypub.ts
@@ -176,7 +176,7 @@ describe('ActivityPub', () => {
resolver.register(actor.id, actor);
resolver.register(post.id, post);
- const note = await noteService.createNote(post.id, resolver, true);
+ const note = await noteService.createNote(post.id, undefined, resolver, true);
assert.deepStrictEqual(note?.uri, post.id);
assert.deepStrictEqual(note.visibility, 'public');
@@ -336,7 +336,7 @@ describe('ActivityPub', () => {
resolver.register(actor.featured, featured);
resolver.register(firstNote.id, firstNote);
- const note = await noteService.createNote(firstNote.id as string, resolver);
+ const note = await noteService.createNote(firstNote.id as string, undefined, resolver);
assert.strictEqual(note?.uri, firstNote.id);
});
});
diff --git a/packages/frontend-embed/tsconfig.json b/packages/frontend-embed/tsconfig.json
index 3701343623..45f933dc28 100644
--- a/packages/frontend-embed/tsconfig.json
+++ b/packages/frontend-embed/tsconfig.json
@@ -33,7 +33,7 @@
"./node_modules"
],
"types": [
- "vite/client",
+ "vite/client"
],
"lib": [
"esnext",
@@ -44,8 +44,9 @@
},
"compileOnSave": false,
"include": [
- "./**/*.ts",
- "./**/*.vue"
+ "./src/**/*.ts",
+ "./src/**/*.vue",
+ "./@types/**/*.ts"
],
"exclude": [
".storybook/**/*"
diff --git a/packages/frontend/src/components/MkNote.vue b/packages/frontend/src/components/MkNote.vue
index cf0d0787b1..1a8814b7cb 100644
--- a/packages/frontend/src/components/MkNote.vue
+++ b/packages/frontend/src/components/MkNote.vue
@@ -187,6 +187,7 @@ import MkUrlPreview from '@/components/MkUrlPreview.vue';
import MkInstanceTicker from '@/components/MkInstanceTicker.vue';
import { pleaseLogin, type OpenOnRemoteOptions } from '@/scripts/please-login.js';
import { checkWordMute } from '@/scripts/check-word-mute.js';
+import { notePage } from '@/filters/note.js';
import { userPage } from '@/filters/user.js';
import number from '@/filters/number.js';
import * as os from '@/os.js';
@@ -566,15 +567,24 @@ function showRenoteMenu(): void {
};
}
+ const renoteDetailsMenu: MenuItem = {
+ type: 'link',
+ text: i18n.ts.renoteDetails,
+ icon: 'ti ti-info-circle',
+ to: notePage(note.value),
+ };
+
if (isMyRenote) {
pleaseLogin({ openOnRemote: pleaseLoginContext.value });
os.popupMenu([
+ renoteDetailsMenu,
getCopyNoteLinkMenu(note.value, i18n.ts.copyLinkRenote),
{ type: 'divider' },
getUnrenote(),
], renoteTime.value);
} else {
os.popupMenu([
+ renoteDetailsMenu,
getCopyNoteLinkMenu(note.value, i18n.ts.copyLinkRenote),
{ type: 'divider' },
getAbuseNoteMenu(note.value, i18n.ts.reportAbuseRenote),
diff --git a/packages/frontend/src/components/global/MkCustomEmoji.vue b/packages/frontend/src/components/global/MkCustomEmoji.vue
index 66f82a7898..ec1d859080 100644
--- a/packages/frontend/src/components/global/MkCustomEmoji.vue
+++ b/packages/frontend/src/components/global/MkCustomEmoji.vue
@@ -25,17 +25,18 @@ SPDX-License-Identifier: AGPL-3.0-only
diff --git a/packages/frontend/tsconfig.json b/packages/frontend/tsconfig.json
index b88773b598..4e5ca7f559 100644
--- a/packages/frontend/tsconfig.json
+++ b/packages/frontend/tsconfig.json
@@ -45,8 +45,11 @@
},
"compileOnSave": false,
"include": [
- "./**/*.ts",
- "./**/*.vue"
+ "./src/**/*.ts",
+ "./src/**/*.vue",
+ "./test/**/*.ts",
+ "./test/**/*.vue",
+ "./@types/**/*.ts"
],
"exclude": [
".storybook/**/*"
diff --git a/packages/misskey-js/package.json b/packages/misskey-js/package.json
index 8166dcedad..7994dac1e4 100644
--- a/packages/misskey-js/package.json
+++ b/packages/misskey-js/package.json
@@ -1,7 +1,7 @@
{
"type": "module",
"name": "misskey-js",
- "version": "2024.11.0-alpha.1",
+ "version": "2024.11.0",
"description": "Misskey SDK for JavaScript",
"license": "MIT",
"main": "./built/index.js",