.gitlab/issue_templates/feature.md

+<!-- 💖 Thanks for taking the time to fill out this bug report!
+💁 Having trouble with deployment? [Ask the support chat.](https://discord.gg/4qUhaeeHmm)
+🔒 Found a security vulnerability? [Please disclose it responsibly.](https://activitypub.software/TransFem-org/Sharkey/-/blob/develop/SECURITY.md)
+🤝 By submitting this feature request, you agree to follow our [Contribution Guidelines.](https://activitypub.software/TransFem-org/Sharkey/-/blob/develop/CONTRIBUTING.md) -->
+
+# **What feature would you like implemented?**
+<!-- Please give us a brief description of what you'd like. -->
+
+# **Why should we add this feature?**
+<!-- Please give us a brief description of why your feature is important. -->
+
+# **Version**
+<!-- What version of Sharkey is your instance running? You can find this by clicking your instance's logo at the top left and then clicking instance information. -->
+
+# **Instance**
+<!-- What instance of Sharkey are you using? -->
+
+# **Contribution Guidelines**
+By submitting this issue, you agree to follow our [Contribution Guidelines](https://activitypub.software/TransFem-org/Sharkey/-/blob/develop/CONTRIBUTING.md)
+- [ ] I agree to follow this project's Contribution Guidelines
+- [ ] I have searched the issue tracker for similar requests, and this is not a duplicate.

.gitlab/merge_request_templates/default.md

+<!-- Thanks for taking the time to make Sharkey better!  -->
+
+# **What does this MR do?**
+<!-- Please give us a brief description of what this PR does. -->
+
+%{all_commits}
+
+# **Contribution Guidelines**
+By submitting this merge request, you agree to follow our [Contribution Guidelines](https://activitypub.software/TransFem-org/Sharkey/-/blob/develop/CONTRIBUTING.md)
+- [ ] I agree to follow this project's Contribution Guidelines
+- [ ] I have made sure to test this merge request
+
+<!-- Uncomment if your merge request has multiple authors -->
+<!-- %{co_authored_by} -->

.gitmodules

-[submodule "misskey-assets"]
-	path = misskey-assets
-	url = https://github.com/misskey-dev/assets.git
 [submodule "fluent-emojis"]
 	path = fluent-emojis
 	url = https://github.com/misskey-dev/emojis.git
+[submodule "tossface-emojis"]
+	path = tossface-emojis
+	url = https://activitypub.software/TransFem-org/tossface-emojis.git

.node-version

-20.10.0
+22.11.0

.npmrc

+@transfem-org:registry=https://activitypub.software/api/v4/packages/npm/
+engine-strict = true

.vscode/extensions.json

@@ -3,9 +3,7 @@
 		"editorconfig.editorconfig",
 		"dbaeumer.vscode-eslint",
 		"Vue.volar",
-		"Vue.vscode-typescript-vue-plugin",
 		"Orta.vscode-jest",
-		"dbaeumer.vscode-eslint",
 		"mrmlnc.vscode-json5"
 	]
 }

.vscode/settings.json

 {
-    "search.exclude": {
-        "**/node_modules": true
-    },
-    "typescript.tsdk": "node_modules/typescript/lib",
-    "files.associations": {
-        "*.test.ts": "typescript"
-    },
-    "jest.jestCommandLine": "pnpm run jest",
-    "jest.autoRun": "off"
-}
\ No newline at end of file
+	"search.exclude": {
+		"**/node_modules": true
+	},
+	"typescript.tsdk": "node_modules/typescript/lib",
+	"files.associations": {
+		"*.test.ts": "typescript"
+	},
+	"jest.jestCommandLine": "pnpm run jest",
+	"jest.runMode": "on-demand",
+	"editor.codeActionsOnSave": {
+		"source.fixAll": "explicit"
+	},
+	"editor.formatOnSave": false
+}

COPYING

 Unless otherwise stated this repository is
-Copyright © 2014-2023 syuilo and contributers
+Copyright © 2014-2025 syuilo and contributors
 
 And is distributed under The GNU Affero General Public License Version 3, you should have received a copy of the license file as LICENSE.
 

Dockerfile

 # syntax = docker/dockerfile:1.4
 
-ARG NODE_VERSION=20.10.0-bullseye
+ARG NODE_VERSION=22.11.0-alpine3.20
 
-# build assets & compile TypeScript
+FROM node:${NODE_VERSION} as build
 
-FROM --platform=$BUILDPLATFORM node:${NODE_VERSION} AS native-builder
+RUN apk add git linux-headers alpine-sdk pixman pango cairo cairo-dev pango-dev pixman-dev
 
-RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
-	--mount=type=cache,target=/var/lib/apt,sharing=locked \
-	rm -f /etc/apt/apt.conf.d/docker-clean \
-	; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache \
-	&& apt-get update \
-	&& apt-get install -yqq --no-install-recommends \
-	build-essential
+ENV PYTHONUNBUFFERED=1
+ENV COREPACK_DEFAULT_TO_LATEST=0
+RUN apk add --update python3 && ln -sf python3 /usr/bin/python
+RUN apk add py3-pip py3-setuptools
 
 RUN corepack enable
 
-WORKDIR /misskey
+WORKDIR /sharkey
 
-COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
-COPY --link ["scripts", "./scripts"]
-COPY --link ["packages/backend/package.json", "./packages/backend/"]
-COPY --link ["packages/frontend/package.json", "./packages/frontend/"]
-COPY --link ["packages/sw/package.json", "./packages/sw/"]
-COPY --link ["packages/misskey-js/package.json", "./packages/misskey-js/"]
+COPY --link . ./
 
+RUN git submodule update --init --recursive
+RUN pnpm config set fetch-retries 5
 RUN --mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
 	pnpm i --frozen-lockfile --aggregate-output
-
-COPY --link . ./
-
-ARG NODE_ENV=production
-
-RUN git submodule update --init
 RUN pnpm build
-RUN rm -rf .git/
-
-# build native dependencies for target platform
-
-FROM --platform=$TARGETPLATFORM node:${NODE_VERSION} AS target-builder
-
-RUN apt-get update \
-	&& apt-get install -yqq --no-install-recommends \
-	build-essential
-
-RUN corepack enable
-
-WORKDIR /misskey
-
-COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
-COPY --link ["scripts", "./scripts"]
-COPY --link ["packages/backend/package.json", "./packages/backend/"]
-
+RUN node scripts/trim-deps.mjs
+RUN mv packages/frontend/assets sharkey-assets
+RUN mv packages/frontend-embed/assets sharkey-embed-assets
 RUN --mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
-	pnpm i --frozen-lockfile --aggregate-output
+	pnpm prune
+RUN rm -r node_modules packages/frontend packages/frontend-shared packages/frontend-embed packages/sw
+RUN --mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
+	pnpm i --prod --frozen-lockfile --aggregate-output
+RUN rm -rf .git
 
-FROM --platform=$TARGETPLATFORM node:${NODE_VERSION}-slim AS runner
+FROM node:${NODE_VERSION}
 
 ARG UID="991"
 ARG GID="991"
+ENV COREPACK_DEFAULT_TO_LATEST=0
 
-RUN apt-get update \
-	&& apt-get install -y --no-install-recommends \
-	ffmpeg tini curl libjemalloc-dev libjemalloc2 \
-	&& ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so \
+RUN apk add ffmpeg tini jemalloc pixman pango cairo libpng \
 	&& corepack enable \
-	&& groupadd -g "${GID}" misskey \
-	&& useradd -l -u "${UID}" -g "${GID}" -m -d /misskey misskey \
-	&& find / -type d -path /sys -prune -o -type d -path /proc -prune -o -type f -perm /u+s -ignore_readdir_race -exec chmod u-s {} \; \
-	&& find / -type d -path /sys -prune -o -type d -path /proc -prune -o -type f -perm /g+s -ignore_readdir_race -exec chmod g-s {} \; \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists
-
-USER misskey
-WORKDIR /misskey
-
-COPY --chown=misskey:misskey --from=target-builder /misskey/node_modules ./node_modules
-COPY --chown=misskey:misskey --from=target-builder /misskey/packages/backend/node_modules ./packages/backend/node_modules
-COPY --chown=misskey:misskey --from=native-builder /misskey/built ./built
-COPY --chown=misskey:misskey --from=native-builder /misskey/packages/backend/built ./packages/backend/built
-COPY --chown=misskey:misskey --from=native-builder /misskey/fluent-emojis /misskey/fluent-emojis
-COPY --chown=misskey:misskey . ./
-
-ENV LD_PRELOAD=/usr/local/lib/libjemalloc.so
+	&& addgroup -g "${GID}" sharkey \
+	&& adduser -D -u "${UID}" -G sharkey -h /sharkey sharkey \
+	&& mkdir /sharkey/files \
+	&& chown sharkey:sharkey /sharkey/files \
+	&& find / -type d -path /sys -prune -o -type d -path /proc -prune -o -type f -perm /u+s -exec chmod u-s {} \; \
+	&& find / -type d -path /sys -prune -o -type d -path /proc -prune -o -type f -perm /g+s -exec chmod g-s {} \;
+
+USER sharkey
+WORKDIR /sharkey
+
+# add package.json to add pnpm
+COPY --chown=sharkey:sharkey ./package.json ./package.json
+RUN corepack install
+
+COPY --chown=sharkey:sharkey --from=build /sharkey/node_modules ./node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/backend/node_modules ./packages/backend/node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-js/node_modules ./packages/misskey-js/node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-reversi/node_modules ./packages/misskey-reversi/node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-bubble-game/node_modules ./packages/misskey-bubble-game/node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/megalodon/node_modules ./packages/megalodon/node_modules
+COPY --chown=sharkey:sharkey --from=build /sharkey/built ./built
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-js/built ./packages/misskey-js/built
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-reversi/built ./packages/misskey-reversi/built
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/misskey-bubble-game/built ./packages/misskey-bubble-game/built
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/backend/built ./packages/backend/built
+COPY --chown=sharkey:sharkey --from=build /sharkey/packages/megalodon/lib ./packages/megalodon/lib
+COPY --chown=sharkey:sharkey --from=build /sharkey/fluent-emojis ./fluent-emojis
+COPY --chown=sharkey:sharkey --from=build /sharkey/tossface-emojis/dist ./tossface-emojis/dist
+COPY --chown=sharkey:sharkey --from=build /sharkey/sharkey-assets ./packages/frontend/assets
+COPY --chown=sharkey:sharkey --from=build /sharkey/sharkey-embed-assets ./packages/frontend-embed/assets
+
+COPY --chown=sharkey:sharkey pnpm-workspace.yaml ./pnpm-workspace.yaml
+COPY --chown=sharkey:sharkey packages/backend/package.json ./packages/backend/package.json
+COPY --chown=sharkey:sharkey packages/backend/scripts/check_connect.js ./packages/backend/scripts/check_connect.js
+COPY --chown=sharkey:sharkey packages/backend/ormconfig.js ./packages/backend/ormconfig.js
+COPY --chown=sharkey:sharkey packages/backend/migration ./packages/backend/migration
+COPY --chown=sharkey:sharkey packages/backend/assets ./packages/backend/assets
+COPY --chown=sharkey:sharkey packages/megalodon/package.json ./packages/megalodon/package.json
+COPY --chown=sharkey:sharkey packages/misskey-js/package.json ./packages/misskey-js/package.json
+COPY --chown=sharkey:sharkey packages/misskey-reversi/package.json ./packages/misskey-reversi/package.json
+COPY --chown=sharkey:sharkey packages/misskey-bubble-game/package.json ./packages/misskey-bubble-game/package.json
+
+ENV LD_PRELOAD=/usr/lib/libjemalloc.so.2
 ENV NODE_ENV=production
-HEALTHCHECK --interval=5s --retries=20 CMD ["/bin/bash", "/misskey/healthcheck.sh"]
-ENTRYPOINT ["/usr/bin/tini", "--"]
+ENTRYPOINT ["/sbin/tini", "--"]
 CMD ["pnpm", "run", "migrateandstart"]

IMPORTANT_NOTES.md

+# Basic Precautions
+
+When using a service with Sharkey, there are several important points to keep in mind.
+
+1. Because it is decentralized, there is no guarantee that data you upload will be deleted from all other servers even if you delete it once. (However, this applies to the internet in general.)
+
+2. Even for posts made in private, there is no guarantee that the recipient's server will treat them as private in the same way. Please exercise caution when posting personal or confidential information. (Again, this applies to the internet in general.)
+
+3. The "Drive" feature is NOT secure cloud storage. This feature exists for easier managing of your uploaded files.
+Any data uploaded, whether shared via post or not, will be publicly accessible. Please use 3rd party cloud storage providers if you need to upload data with sensitive information of any kind. 
+
+4. Account deletion can be a resource-intensive process and may take a long time. In cases with a lot of uploaded data, it may even be impossible to delete an account.
+
+5. Please disable ad blockers. Some servers may rely on advertising revenue to cover operating costs. Additionally, ad blockers can mistakenly block content and features unrelated to ads, potentially causing issues with the client's functionality and preventing normal use of Sharkey. Therefore, we recommend turning off ad blockers and similar features when using Sharkey.
+
+Please understand these points and enjoy using the service.

README.md

 <div align="center">
-<a href="https://misskey-hub.net">
-	<img src="./assets/title_float.svg" alt="Misskey logo" style="border-radius:50%" width="400"/>
+<a href="https://joinsharkey.org/">
+	<img src="https://activitypub.software/TransFem-org/Sharkey/-/raw/develop/packages/frontend/assets/sharkey.svg" alt="Sharkey logo" style="border-radius:50%" width="300"/>
 </a>
 
-**🌎 **[Misskey](https://misskey-hub.net/)** is an open source, decentralized social media platform that's free forever! 🚀**
+**🌎 **[Sharkey](https://joinsharkey.org/)** is an open source, decentralized social media platform that's free forever! 🚀**
 
 ---
 
-<a href="https://misskey-hub.net/instances.html">
-		<img src="https://custom-icon-badges.herokuapp.com/badge/find_an-instance-acea31?logoColor=acea31&style=for-the-badge&logo=misskey&labelColor=363B40" alt="find an instance"/></a>
-
-<a href="https://misskey-hub.net/docs/install.html">
+<a href="https://docs.joinsharkey.org/docs/install/fresh/">
 		<img src="https://custom-icon-badges.herokuapp.com/badge/create_an-instance-FBD53C?logoColor=FBD53C&style=for-the-badge&logo=server&labelColor=363B40" alt="create an instance"/></a>
 
 <a href="./CONTRIBUTING.md">
 		<img src="https://custom-icon-badges.herokuapp.com/badge/become_a-contributor-A371F7?logoColor=A371F7&style=for-the-badge&logo=git-merge&labelColor=363B40" alt="become a contributor"/></a>
 
-<a href="https://discord.gg/Wp8gVStHW3">
+<a href="https://discord.gg/6VgKmEqHNk">
 		<img src="https://custom-icon-badges.herokuapp.com/badge/join_the-community-5865F2?logoColor=5865F2&style=for-the-badge&logo=discord&labelColor=363B40" alt="join the community"/></a>
 
-<a href="https://www.patreon.com/syuilo">
-		<img src="https://custom-icon-badges.herokuapp.com/badge/become_a-patron-F96854?logoColor=F96854&style=for-the-badge&logo=patreon&labelColor=363B40" alt="become a patron"/></a>
+<a href="https://opencollective.com/sharkey">
+		<img src="https://custom-icon-badges.herokuapp.com/badge/donate-81ACF4?logoColor=81ACF4&style=for-the-badge&logo=opencollective&labelColor=363B40" alt="donate"/></a>
 
 ---
 
-[![codecov](https://codecov.io/gh/misskey-dev/misskey/branch/develop/graph/badge.svg?token=R6IQZ3QJOL)](https://codecov.io/gh/misskey-dev/misskey)
-
 </div>
 
 <div>
 
-<a href="https://xn--931a.moe/"><img src="https://github.com/misskey-dev/misskey/blob/develop/assets/ai.png?raw=true" align="right" height="320px"/></a>
+<a href="https://joinsharkey.org/"><img src="https://cdn.shonk.social/files/b671c81c-58cf-4f13-bc96-af0b0c96c667.webp" align="right" height="520px"/></a>
 
 ## ✨ Features
 - **ActivityPub support**\
-Not on Misskey? No problem! Not only can Misskey instances talk to each other, but you can make friends with people on other networks like Mastodon and Pixelfed!
-- **Reactions**\
-You can add emoji reactions to any post! No longer are you bound by a like button, show everyone exactly how you feel with the tap of a button.
-- **Drive**\
-With Misskey's built in drive, you get cloud storage right in your social media, where you can upload any files, make folders, and find media from posts you've made!
+Not on Sharkey? No problem! Not only can Sharkey instances talk to each other, but you can make friends with people on other networks like Mastodon and Pixelfed!
+- **Federated Backgrounds and Music status**\
+You can add a background to your profile as well as a music status via ListenBrainz, show everyone what music you are currently listening to
+- **Mastodon API**\
+Sharkey implements the Mastodon API unlike normal Misskey
+- **UI/UX Improvements**\
+Sharkey makes some UI/UX improvements to make it easier to navigate
+- **Sign-Up Approval**\
+With Sharkey, you can enable sign-ups, subject to manual moderator approval and mandatory user-provided reasons for joining.
 - **Rich Web UI**\
-	Misskey has a rich and easy to use Web UI!
-	It is highly customizable, from changing the layout and adding widgets to making custom themes.
-	Furthermore, plugins can be created using AiScript, an original programming language.
+       Sharkey has a rich and easy to use Web UI!
+       It is highly customizable, from changing the layout and adding widgets to making custom themes.
+       Furthermore, plugins can be created using AiScript, an original programming language.
 - And much more...
 
 </div>
@@ -51,28 +50,4 @@ With Misskey's built in drive, you get cloud storage right in your social media,
 
 ## Documentation
 
-Misskey Documentation can be found at [Misskey Hub](https://misskey-hub.net/), some of the links and graphics above also lead to specific portions of it.
-
-## Sponsors
-
-<div align="center">
-	<a class="rss3" title="RSS3" href="https://rss3.io/" target="_blank"><img src="https://rss3.mypinata.cloud/ipfs/QmUG6H3Z7D5P511shn7sB4CPmpjH5uZWu4m5mWX7U3Gqbu" alt="RSS3" height="60"></a>
-</div>
-
-## Thanks
-
-<a href="https://www.chromatic.com/"><img src="https://user-images.githubusercontent.com/321738/84662277-e3db4f80-af1b-11ea-88f5-91d67a5e59f6.png" height="30" alt="Chromatic" /></a>
-
-Thanks to [Chromatic](https://www.chromatic.com/) for providing the visual testing platform that helps us review UI changes and catch visual regressions.
-
-<a href="https://about.codecov.io/for/open-source/"><img src="https://about.codecov.io/wp-content/themes/codecov/assets/brand/sentry-cobranding/logos/codecov-by-sentry-logo.svg" height="30" alt="Codecov" /></a>
-
-Thanks to [Codecov](https://about.codecov.io/for/open-source/) for providing the code coverage platform that helps us improve our test coverage.
-
-<a href="https://crowdin.com/"><img src="https://user-images.githubusercontent.com/20679825/230709597-1299a011-171a-4294-a91e-355a9b37c672.svg" height="30" alt="Crowdin" /></a>
-
-Thanks to [Crowdin](https://crowdin.com/) for providing the localization platform that helps us translate Misskey into many languages.
-
-<a href="https://hub.docker.com/"><img src="https://user-images.githubusercontent.com/20679825/230148221-f8e73a32-a49b-47c3-9029-9a15c3824f92.png" height="30" alt="Docker" /></a>
-
-Thanks to [Docker](https://hub.docker.com/) for providing the container platform that helps us run Misskey in production.
+Sharkey Documentation can be found at [Sharkey Documentation](https://docs.joinsharkey.org/docs/install/fresh/)

ROADMAP.md

@@ -6,6 +6,7 @@ Also, the later tasks are more indefinite and are subject to change as developme
 This is the phase we are at now. We need to make a high-maintenance environment that can withstand future development.
 
 - ~~Make the number of type errors zero (backend)~~ → Done ✔️
+- Make the number of type errors zero (frontend)
 - Improve CI
 	- ~~Fix tests~~ → Done ✔️
 	- Fix random test failures - https://github.com/misskey-dev/misskey/issues/7985 and https://github.com/misskey-dev/misskey/issues/7986

SECURITY.md

 # Reporting Security Issues
 
-If you discover a security issue in Misskey, please report it by sending an
-email to [syuilotan@yahoo.co.jp](mailto:syuilotan@yahoo.co.jp).
+If you discover a security issue in Sharkey, please report it by sending an
+email to [admin@transfem.org](mailto:admin@transfem.org).
 
 This will allow us to assess the risk, and make a fix available before we add a
-bug report to the GitHub repository.
+bug report to the GitLab repository.
 
-Thanks for helping make Misskey safe for everyone.
+Thanks for helping make Sharkey safe for everyone.
+
+> [!note]
+> CNA [requires](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_5-2_Description) that CVEs include a description in English for inclusion in the CVE Catalog.
+> 
+> When creating a security advisory, all content must be written in English (it is acceptable to include a non-English description along with the English one).
+
+## When create a patch
+
+If you can also create a patch to fix the vulnerability, please create a PR on the private fork.
+
+> [!note]
+> There is a GitHub bug that prevents merging if a PR not following the develop branch of upstream, so please keep follow the develop branch.

UPGRADE_NOTES.md

+# Upgrade Notes
+
+## 2025.X.X
+
+### Authorized Fetch
+
+This version retires the configuration entry `checkActivityPubGetSignature`, which is now replaced with the new "Authorized Fetch" settings under Control Panel/Security.
+The database migrations will automatically import the value of this configuration file, but it will never be read again after upgrading.
+To avoid confusion and possible mis-configuration, please remove the entry **after** completing the upgrade.
+Do not remove it before migration, or else the setting will reset to default (disabled)!
+
+## 2024.10.0
+
+### Hellspawns
+
+Sharkey versions before 2024.10 suffered from a bug in the "Mark instance as NSFW" feature.
+When a user from such an instance boosted a note, the boost would be converted to a hellspawn (pure renote with Content Warning).
+Hellspawns are buggy and do not properly federate, so it may be desirable to correct any that already exist in the database.
+The following script will correct any local or remote hellspawns in the database.
+
+```postgresql
+/* Remove "instance is marked as NSFW" hellspawns */
+UPDATE "note"
+SET "cw" = null
+WHERE
+	"renoteId" IS NOT NULL
+	AND "text" IS NULL
+	AND "cw" = 'Instance is marked as NSFW'
+	AND "replyId" IS NULL
+	AND "hasPoll" = false
+	AND "fileIds" = '{}';
+
+/* Fix legacy / user-created hellspawns */
+UPDATE "note"
+SET "text" = '.'
+WHERE
+	"renoteId" IS NOT NULL
+	AND "text" IS NULL
+	AND "cw" IS NOT NULL
+	AND "replyId" IS NULL
+	AND "hasPoll" = false
+	AND "fileIds" = '{}';
+```
+
+## 2024.9.0
+
+### Following Feed
+
+When upgrading an existing instance to version 2024.9.0, the Following Feed will initially be empty.
+The feed will gradually fill as new posts federate, but it may be desirable to back-fill the feed with existing data.
+This database script will populate the feed with the latest post of each type for all users, ensuring that data is fully populated after the update.
+Run this after migrations but before starting the instance.
+Warning: the script may take a long time to execute!
+
+```postgresql
+INSERT INTO latest_note (user_id, note_id, is_public, is_reply, is_quote)
+SELECT
+	"userId" as user_id,
+	id as note_id,
+	visibility = 'public' AS is_public,
+	"replyId" IS NOT NULL AS is_reply,
+	(
+		"renoteId" IS NOT NULL
+			AND (
+			text IS NOT NULL
+				OR cw IS NOT NULL
+				OR "replyId" IS NOT NULL
+				OR "hasPoll"
+				OR "fileIds" != '{}'
+			)
+		) AS is_quote
+FROM note
+WHERE ( -- Exclude pure renotes (boosts)
+				"renoteId" IS NULL
+					OR text IS NOT NULL
+					OR cw IS NOT NULL
+					OR "replyId" IS NOT NULL
+					OR "hasPoll"
+					OR "fileIds" != '{}'
+				)
+ORDER BY id DESC -- This part is very important: it ensures that we only load the *latest* notes of each type. Do not remove it!
+ON CONFLICT DO NOTHING; -- Any conflicts are guaranteed to be older notes that we can ignore.
+```

chart/files/default.yml

@@ -124,6 +124,14 @@ redis:
 #  #prefix: example-prefix
 #  #db: 1
 
+#redisForReactions:
+#  host: redis
+#  port: 6379
+#  #family: 0  # 0=Both, 4=IPv4, 6=IPv6
+#  #pass: example-pass
+#  #prefix: example-prefix
+#  #db: 1
+
 #   ┌───────────────────────────┐
 #───┘ MeiliSearch configuration └─────────────────────────────
 
@@ -152,6 +160,22 @@ redis:
 # ID SETTINGS AFTER THAT!
 
 id: "aidx"
+
+#   ┌────────────────┐
+#───┘ Error tracking └──────────────────────────────────────────
+
+# Sentry is available for error tracking.
+# See the Sentry documentation for more details on options.
+
+#sentryForBackend:
+#  enableNodeProfiling: true
+#  options:
+#    dsn: 'https://examplePublicKey@o0.ingest.sentry.io/0'
+
+#sentryForFrontend:
+#  options:
+#    dsn: 'https://examplePublicKey@o0.ingest.sentry.io/0'
+
 #   ┌─────────────────────┐
 #───┘ Other configuration └─────────────────────────────────────
 
@@ -176,6 +200,19 @@ id: "aidx"
 # IP address family used for outgoing request (ipv4, ipv6 or dual)
 #outgoingAddressFamily: ipv4
 
+# Amount of characters that can be used when writing notes. Longer notes will be rejected. (minimum: 1)
+#maxNoteLength: 3000
+# Amount of characters that will be saved for remote notes. Longer notes will be truncated to this length. (minimum: 1)
+#maxRemoteNoteLength: 100000
+# Amount of characters that can be used when writing content warnings. Longer warnings will be rejected. (minimum: 1)
+#maxCwLength: 500
+# Amount of characters that will be saved for remote content warnings. Longer warnings will be truncated to this length. (minimum: 1)
+#maxRemoteCwLength: 5000
+# Amount of characters that can be used when writing media descriptions (alt text). Longer descriptions will be rejected. (minimum: 1)
+#maxAltTextLength: 20000
+# Amount of characters that will be saved for remote media descriptions (alt text). Longer descriptions will be truncated to this length. (minimum: 1)
+#maxRemoteAltTextLength: 100000
+
 # Proxy for HTTP/HTTPS
 #proxy: http://127.0.0.1:3128
 
@@ -192,12 +229,44 @@ id: "aidx"
 # Media Proxy
 #mediaProxy: https://example.com/proxy
 
-# Sign to ActivityPub GET request (default: true)
+# Sign outgoing ActivityPub GET request (default: true)
 signToActivityPubGet: true
+# Sign outgoing ActivityPub Activities (default: true)
+# Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+# When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+# This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
+attachLdSignatureForRelays: true
+# check that inbound ActivityPub GET requests are signed ("authorized fetch")
+checkActivityPubGetSignature: false
 
 #allowedPrivateNetworks: [
 #  '127.0.0.1/32'
 #]
 
+#customMOTD: ['Hello World', 'The sharks rule all', 'Shonks']
+
 # Upload or download file size limits (bytes)
 #maxFileSize: 262144000
+
+# timeout (in milliseconds) and maximum size for imports (e.g. note imports)
+#import:
+#  downloadTimeout: 30000
+#  maxFileSize: 262144000
+
+# PID File of master process
+#pidFile: /tmp/misskey.pid
+
+# CHMod-style permission bits to apply to uploaded files.
+# Permission bits are specified as a base-8 string representing User/Group/Other permissions.
+# This setting is only useful for custom deployments, such as using a reverse proxy to serve media.
+#filePermissionBits: '644'
+
+# Log settings
+# logging:
+#   sql:
+#     # Outputs query parameters during SQL execution to the log.
+#     # default: false
+#     enableQueryParamLogging: false
+#     # Disable query truncation. If set to true, the full text of the query will be output to the log.
+#     # default: false
+#     disableQueryTruncation: false

chart/templates/Deployment.yml

@@ -27,7 +27,7 @@ spec:
           ports:
             - containerPort: 3000
         - name: postgres
-          image: postgres:14-alpine
+          image: postgres:15-alpine
           env:
             - name: POSTGRES_USER
               value: "example-misskey-user"
@@ -38,7 +38,7 @@ spec:
           ports:
             - containerPort: 5432
         - name: redis
-          image: redis:alpine
+          image: redis:7-alpine
           ports:
             - containerPort: 6379
       volumes:

docker-compose.local-db.yml → compose.local-db.yml

-version: "3"
-
 # このconfigは、 dockerでMisskey本体を起動せず、 redisとpostgresql などだけを起動します
 
 services:

docker-compose_example.yml → compose_example.yml

-version: "3"
-
 services:
   web:
+#   image: registry.activitypub.software/transfem-org/sharkey:latest
     build: .
     restart: always
     links:
       - db
       - redis
+#     - mcaptcha
 #     - meilisearch
     depends_on:
       db:
@@ -16,17 +16,20 @@ services:
     ports:
       - "3000:3000"
     networks:
-      - internal_network
-      - external_network
+      - shonk
+    # env_file:
+    #   - .config/docker.env
+    environment:
+      - NODE_OPTIONS="--max-old-space-size=8192"
     volumes:
-      - ./files:/misskey/files
-      - ./.config:/misskey/.config:ro
+      - ./files:/sharkey/files
+      - ./.config:/sharkey/.config:ro
 
   redis:
     restart: always
     image: redis:7-alpine
     networks:
-      - internal_network
+      - shonk
     volumes:
       - ./redis:/data
     healthcheck:
@@ -36,9 +39,9 @@ services:
 
   db:
     restart: always
-    image: postgres:15-alpine
+    image: groonga/pgroonga:4.0.1-alpine-17
     networks:
-      - internal_network
+      - shonk
     env_file:
       - .config/docker.env
     volumes:
@@ -48,20 +51,49 @@ services:
       interval: 5s
       retries: 20
 
+#  mcaptcha:
+#    restart: always
+#    image: mcaptcha/mcaptcha:latest
+#    networks:
+#      shonk:
+#        aliases:
+#          - localhost
+#    ports:
+#      - 7493:7493
+#    env_file:
+#      - .config/docker.env
+#    environment:
+#      PORT: 7493
+#      MCAPTCHA_redis_URL: "redis://mcaptcha_redis/"
+#      MCAPTCHA_allow_registration: true
+#      MCAPTCHA_server_DOMAIN: "example.tld"
+#    depends_on:
+#      db:
+#        condition: service_healthy
+#      mcaptcha_redis:
+#        condition: service_healthy
+#
+#  mcaptcha_redis:
+#    image: mcaptcha/cache:latest
+#    networks:
+#      - shonk
+#    healthcheck:
+#      test: "redis-cli ping"
+#      interval: 5s
+#      retries: 20
+
 #  meilisearch:
 #    restart: always
-#    image: getmeili/meilisearch:v1.3.4
+#    image: getmeili/meilisearch:v1.13.0
 #    environment:
 #      - MEILI_NO_ANALYTICS=true
 #      - MEILI_ENV=production
-#    env_file:
-#      - .config/meilisearch.env
+#      - MEILI_MASTER_KEY=ChangeThis
 #    networks:
-#      - internal_network
+#      - shonk
 #    volumes:
 #      - ./meili_data:/meili_data
 
+
 networks:
-  internal_network:
-    internal: true
-  external_network:
+  shonk: