Merge branch 'develop' into multi-server

enhance(frontend): improve pref manager
init
2025-03-14 15:44:18 +09:00 · 2025-03-14 15:43:56 +09:00 · 2025-03-14 14:47:43 +09:00 · 2025-03-14 03:49:32 +00:00 · 2025-03-14 12:09:38 +09:00 · 2025-03-14 11:58:41 +09:00
710 changed files with 15294 additions and 8895 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -7,8 +7,8 @@
 		"ghcr.io/devcontainers/features/node:1": {
 			"version": "22.11.0"
 		},
-		"ghcr.io/devcontainers-extra/features/corepack:1": {
-			"version": "0.31.0"
+		"ghcr.io/devcontainers-extra/features/pnpm:2": {
+			"version": "10.6.1"
 		}
 	},
 	"forwardPorts": [3000],
--- a/.devcontainer/init.sh
+++ b/.devcontainer/init.sh
@@ -7,8 +7,6 @@ sudo apt-get update
 sudo apt-get -y install libgtk2.0-0 libgtk-3-0 libgbm-dev libnotify-dev libnss3 libxss1 libasound2 libxtst6 xauth xvfb
 git config --global --add safe.directory /workspace
 git submodule update --init
-corepack install
-corepack enable
 pnpm config set store-dir /home/node/.local/share/pnpm/store
 pnpm install --frozen-lockfile
 cp .devcontainer/devcontainer.yml .config/default.yml
--- a/.github/workflows/api-misskey-js.yml
+++ b/.github/workflows/api-misskey-js.yml
@@ -9,10 +9,6 @@ on:
    paths:
      - packages/misskey-js/**
      - .github/workflows/api-misskey-js.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  report:

@@ -22,7 +18,8 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v4.2.2

-      - run: corepack enable
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4.1.0

      - name: Setup Node.js
        uses: actions/setup-node@v4.2.0
--- a/.github/workflows/get-api-diff.yml
+++ b/.github/workflows/get-api-diff.yml
@@ -9,10 +9,6 @@ on:
    paths:
      - packages/backend/**
      - .github/workflows/get-api-diff.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  get-from-misskey:
    runs-on: ubuntu-latest
@@ -34,14 +30,13 @@ jobs:
      with:
        ref: ${{ matrix.ref }}
        submodules: true
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v4.2.0
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -28,10 +28,6 @@ on:
      - packages/misskey-reversi/**
      - packages/shared/eslint.config.js
      - .github/workflows/lint.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  pnpm_install:
    runs-on: ubuntu-latest
@@ -40,12 +36,12 @@ jobs:
      with:
        fetch-depth: 0
        submodules: true
-    - uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - uses: actions/setup-node@v4.2.0
      with:
        node-version-file: '.node-version'
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile

  lint:
@@ -71,15 +67,15 @@ jobs:
      with:
        fetch-depth: 0
        submodules: true
-    - uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - uses: actions/setup-node@v4.2.0
      with:
        node-version-file: '.node-version'
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Restore eslint cache
-      uses: actions/cache@v4.2.1
+      uses: actions/cache@v4.2.2
      with:
        path: ${{ env.eslint-cache-path }}
        key: eslint-${{ env.eslint-cache-version }}-${{ matrix.workspace }}-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ github.ref_name }}-${{ github.sha }}
@@ -101,12 +97,12 @@ jobs:
      with:
        fetch-depth: 0
        submodules: true
-    - uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - uses: actions/setup-node@v4.2.0
      with:
        node-version-file: '.node-version'
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - run: pnpm --filter misskey-js run build
      if: ${{ matrix.workspace == 'backend' || matrix.workspace == 'sw' }}
--- a/.github/workflows/locale.yml
+++ b/.github/workflows/locale.yml
@@ -9,10 +9,6 @@ on:
    paths:
      - locales/**
      - .github/workflows/locale.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  locale_verify:
    runs-on: ubuntu-latest
@@ -22,11 +18,11 @@ jobs:
      with:
        fetch-depth: 0
        submodules: true
-    - uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - uses: actions/setup-node@v4.2.0
      with:
        node-version-file: '.node-version'
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - run: cd locales && node verify.js
--- a/.github/workflows/on-release-created.yml
+++ b/.github/workflows/on-release-created.yml
@@ -6,9 +6,6 @@ on:

  workflow_dispatch:

-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  publish-misskey-js:
    name: Publish misskey-js
@@ -26,8 +23,8 @@ jobs:
      - uses: actions/checkout@v4.2.2
        with:
          submodules: true
-      - name: Install pnpm
-        uses: pnpm/action-setup@v4
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4.1.0
      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v4.2.0
        with:
@@ -36,7 +33,6 @@ jobs:
          registry-url: 'https://registry.npmjs.org'
      - name: Publish package
        run: |
-          corepack enable
          pnpm i --frozen-lockfile
          pnpm build
          pnpm --filter misskey-js publish --access public --no-git-checks --provenance
--- a/.github/workflows/storybook.yml
+++ b/.github/workflows/storybook.yml
@@ -13,9 +13,6 @@ on:
      # This is a waste of chromatic build quota, so we don't run storybook CI on pull requests targets master.
      - master

-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  build:
    # chromatic is not likely to be available for fork repositories, so we disable for fork repositories.
@@ -43,14 +40,13 @@ jobs:
      run: |
        echo "base=$(git rev-list --parents -n1 HEAD | cut -d" " -f2)" >> $GITHUB_OUTPUT
        git checkout $(git rev-list --parents -n1 HEAD | cut -d" " -f3)
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js 20.x
      uses: actions/setup-node@v4.2.0
      with:
        node-version-file: '.node-version'
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
--- a/.github/workflows/test-backend.yml
+++ b/.github/workflows/test-backend.yml
@@ -18,10 +18,6 @@ on:
      - packages/misskey-js/**
      - .github/workflows/test-backend.yml
      - .github/misskey/test.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  unit:
    name: Unit tests (backend)
@@ -48,8 +44,8 @@ jobs:
    - uses: actions/checkout@v4.2.2
      with:
        submodules: true
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Install FFmpeg
      run: |
        for i in {1..3}; do
@@ -70,7 +66,6 @@ jobs:
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
@@ -111,14 +106,13 @@ jobs:
      - uses: actions/checkout@v4.2.2
        with:
          submodules: true
-      - name: Install pnpm
-        uses: pnpm/action-setup@v4
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4.1.0
      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v4.2.0
        with:
          node-version: ${{ matrix.node-version }}
          cache: 'pnpm'
-      - run: corepack enable
      - run: pnpm i --frozen-lockfile
      - name: Check pnpm-lock.yaml
        run: git diff --exit-code pnpm-lock.yaml
--- a/.github/workflows/test-federation.yml
+++ b/.github/workflows/test-federation.yml
@@ -15,9 +15,6 @@ on:
      - packages/misskey-js/**
      - .github/workflows/test-federation.yml

-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  test:
    name: Federation test
@@ -29,8 +26,8 @@ jobs:
      - uses: actions/checkout@v4
        with:
          submodules: true
-      - name: Install pnpm
-        uses: pnpm/action-setup@v4
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4.1.0
      - name: Install FFmpeg
        run: |
          for i in {1..3}; do
@@ -53,7 +50,6 @@ jobs:
          cache: 'pnpm'
      - name: Build Misskey
        run: |
-          corepack enable && corepack prepare
          pnpm i --frozen-lockfile
          pnpm build
      - name: Setup
@@ -62,14 +58,30 @@ jobs:
          bash ./setup.sh
          sudo chmod 644 ./certificates/*.test.key
      - name: Start servers
+        id: start_servers
+        continue-on-error: true
        # https://github.com/docker/compose/issues/1294#issuecomment-374847206
        run: |
          cd packages/backend/test-federation
          docker compose up -d --scale tester=0
+      - name: Print start_servers error
+        if: ${{ steps.start_servers.outcome == 'failure' }}
+        run: |
+          cd packages/backend/test-federation
+          docker compose logs | tail -n 300
+          exit 1
      - name: Test
+        id: test
+        continue-on-error: true
        run: |
          cd packages/backend/test-federation
          docker compose run --no-deps tester
+      - name: Log
+        if: ${{ steps.test.outcome == 'failure' }}
+        run: |
+          cd packages/backend/test-federation
+          docker compose logs
+          exit 1
      - name: Stop servers
        run: |
          cd packages/backend/test-federation
--- a/.github/workflows/test-frontend.yml
+++ b/.github/workflows/test-frontend.yml
@@ -22,10 +22,6 @@ on:
      - packages/backend/**
      - .github/workflows/test-frontend.yml
      - .github/misskey/test.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  vitest:
    name: Unit tests (frontend)
@@ -39,14 +35,13 @@ jobs:
    - uses: actions/checkout@v4.2.2
      with:
        submodules: true
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v4.2.0
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
@@ -95,14 +90,13 @@ jobs:
    #  if: ${{ matrix.browser == 'firefox' }}
    #- uses: browser-actions/setup-firefox@latest
    #  if: ${{ matrix.browser == 'firefox' }}
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v4.2.0
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Copy Configure
      run: cp .github/misskey/test.yml .config
--- a/.github/workflows/test-misskey-js.yml
+++ b/.github/workflows/test-misskey-js.yml
@@ -14,10 +14,6 @@ on:
    paths:
      - packages/misskey-js/**
      - .github/workflows/test-misskey-js.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  test:
    name: Unit tests (misskey.js)
@@ -33,7 +29,8 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v4.2.2

-      - run: corepack enable
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4.1.0

      - name: Setup Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v4.2.0
--- a/.github/workflows/test-production.yml
+++ b/.github/workflows/test-production.yml
@@ -9,7 +9,6 @@ on:

 env:
  NODE_ENV: production
-  COREPACK_DEFAULT_TO_LATEST: 0

 jobs:
  production:
@@ -24,14 +23,13 @@ jobs:
    - uses: actions/checkout@v4.2.2
      with:
        submodules: true
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v4.2.0
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'pnpm'
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
--- a/.github/workflows/validate-api-json.yml
+++ b/.github/workflows/validate-api-json.yml
@@ -12,10 +12,6 @@ on:
    paths:
      - packages/backend/**
      - .github/workflows/validate-api-json.yml
-
-env:
-  COREPACK_DEFAULT_TO_LATEST: 0
-
 jobs:
  validate-api-json:
    runs-on: ubuntu-latest
@@ -28,8 +24,8 @@ jobs:
    - uses: actions/checkout@v4.2.2
      with:
        submodules: true
-    - name: Install pnpm
-      uses: pnpm/action-setup@v4
+    - name: Setup pnpm
+      uses: pnpm/action-setup@v4.1.0
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v4.2.0
      with:
@@ -37,7 +33,6 @@ jobs:
        cache: 'pnpm'
    - name: Install Redocly CLI
      run: npm i -g @redocly/cli
-    - run: corepack enable
    - run: pnpm i --frozen-lockfile
    - name: Check pnpm-lock.yaml
      run: git diff --exit-code pnpm-lock.yaml
--- a/.npmrc
+++ b/.npmrc
@@ -1 +1,3 @@
 engine-strict = true
+save-exact = true
+shell-emulator = true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,61 @@
+## 2025.3.2
+
+### General
+-
+
+### Client
+- Feat: 設定の管理が強化されました
+  - 自動でバックアップされるように
+	- 任意の設定項目をデバイス間で同期できるように(実験的)
+- Enhance: プラグインの管理が強化されました
+  - インストール/アンインストール/設定の変更時にリロード不要になりました
+- Enhance: ログアウト時、ブラウザに保存されたWebクライアントのデータを全て消去するように
+- Enhance: CWの注釈テキストが入力されていない場合, Postボタンを非アクティブに
+- Enhance: CWを無効にした場合, 注釈テキストが最大入力文字数を超えていても投稿できるように
+- Enhance: テーマ設定画面のデザインを改善
+- Fix: テーマ切り替え時に一部の色が変わらない問題を修正
+
+### Server
+- Fix: プロフィール追加情報で無効なURLに入力された場合に照会エラーを出るのを修正
+- Fix: ActivityPubリクエストURLチェック実装は仕様に従っていないのを修正
+
+## 2025.3.1
+
+### General
+- pnpmをv10に更新
+- Corepackを削除
+
+### Client
+- Feat: 設定の検索を追加(実験的)
+- Enhance: 設定項目の再配置
+
+### Server
+- Fix: DBマイグレーション際にシステムアカウントのユーザーID判定が正しくない問題を修正
+- Fix: user.featured列が状況によってJSON文字列になっていたのを修正
+
+
+## 2025.3.0
+
+### General
+- Enhance: プロキシアカウントをシステムアカウントとして作成するように
+- Enhance: OAuthで外部アプリからロゴが提供されている場合、それを表示できるように  
+  書式は https://indieauth.spec.indieweb.org/20220212/#example-2 に準じます。
+- Fix: システムアカウントが削除できる問題を修正
+
+### Client
+- Enhance: モデレーターがセンシティブ設定を変更する際に確認ダイアログを出すように
+- Enhance: 「UIのアニメーションを減らす」で画面上のエフェクトも減らせるように
+- Enhance: 投稿フォームにおける、メディアの添付可能個数のカウントを反転しました
+  - これまでの表示は`添付可能残り個数/上限数`でしたが、`添付個数/上限数`としました
+- Fix: フォローされたときのメッセージがちらつくことがある問題を修正
+- Fix: 投稿ダイアログがサイズ限界を超えた際にスクロールできない問題を修正
+
+### Server
+- Fix: 特定のケースでActivityPubの処理がデッドロックになることがあるのを修正
+- Fix: S3互換オブジェクトストレージでファイルのアップロードに失敗することがある問題を修正  
+  (Cherry-picked from https://github.com/MisskeyIO/misskey/pull/895)
+
+
 ## 2025.2.1

 ### General
--- a/22
+++ b/22
@@ -6,8 +6,6 @@ ARG NODE_VERSION=22.11.0-bookworm

 FROM --platform=$BUILDPLATFORM node:${NODE_VERSION} AS native-builder

-ENV COREPACK_DEFAULT_TO_LATEST=0
-
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
 	--mount=type=cache,target=/var/lib/apt,sharing=locked \
 	rm -f /etc/apt/apt.conf.d/docker-clean \
@@ -16,8 +14,6 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
 	&& apt-get install -yqq --no-install-recommends \
 	build-essential

-RUN corepack enable
-
 WORKDIR /misskey

 COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
@@ -33,6 +29,8 @@ COPY --link ["packages/misskey-bubble-game/package.json", "./packages/misskey-bu

 ARG NODE_ENV=production

+RUN node -e "console.log(JSON.parse(require('node:fs').readFileSync('./package.json')).packageManager)" | xargs npm install -g
+
 RUN --mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
 	pnpm i --frozen-lockfile --aggregate-output

@@ -46,14 +44,10 @@ RUN rm -rf .git/

 FROM --platform=$TARGETPLATFORM node:${NODE_VERSION} AS target-builder

-ENV COREPACK_DEFAULT_TO_LATEST=0
-
 RUN apt-get update \
 	&& apt-get install -yqq --no-install-recommends \
 	build-essential

-RUN corepack enable
-
 WORKDIR /misskey

 COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
@@ -65,6 +59,8 @@ COPY --link ["packages/misskey-bubble-game/package.json", "./packages/misskey-bu

 ARG NODE_ENV=production

+RUN node -e "console.log(JSON.parse(require('node:fs').readFileSync('./package.json')).packageManager)" | xargs npm install -g
+
 RUN --mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
 	pnpm i --frozen-lockfile --aggregate-output

@@ -72,13 +68,11 @@ FROM --platform=$TARGETPLATFORM node:${NODE_VERSION}-slim AS runner

 ARG UID="991"
 ARG GID="991"
-ENV COREPACK_DEFAULT_TO_LATEST=0

 RUN apt-get update \
 	&& apt-get install -y --no-install-recommends \
 	ffmpeg tini curl libjemalloc-dev libjemalloc2 \
 	&& ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so \
-	&& corepack enable \
 	&& groupadd -g "${GID}" misskey \
 	&& useradd -l -u "${UID}" -g "${GID}" -m -d /misskey misskey \
 	&& find / -type d -path /sys -prune -o -type d -path /proc -prune -o -type f -perm /u+s -ignore_readdir_race -exec chmod u-s {} \; \
@@ -86,13 +80,13 @@ RUN apt-get update \
 	&& apt-get clean \
 	&& rm -rf /var/lib/apt/lists

+# add package.json to add pnpm
+COPY ./package.json ./package.json
+RUN node -e "console.log(JSON.parse(require('node:fs').readFileSync('./package.json')).packageManager)" | xargs npm install -g
+
 USER misskey
 WORKDIR /misskey

-# add package.json to add pnpm
-COPY --chown=misskey:misskey ./package.json ./package.json
-RUN corepack install
-
 COPY --chown=misskey:misskey --from=target-builder /misskey/node_modules ./node_modules
 COPY --chown=misskey:misskey --from=target-builder /misskey/packages/backend/node_modules ./packages/backend/node_modules
 COPY --chown=misskey:misskey --from=target-builder /misskey/packages/misskey-js/node_modules ./packages/misskey-js/node_modules
--- a/assets/about/drive.png
+++ b/assets/about/drive.png
--- a/assets/about/post.png
+++ b/assets/about/post.png
--- a/assets/about/reaction.png
+++ b/assets/about/reaction.png
--- a/assets/about/ui.png
+++ b/assets/about/ui.png
--- a/assets/ss/explore.jpg
+++ b/assets/ss/explore.jpg
--- a/assets/ss/user.jpg
+++ b/assets/ss/user.jpg
--- a/cypress/e2e/basic.cy.ts
+++ b/cypress/e2e/basic.cy.ts
@@ -233,7 +233,7 @@ describe('After user setup', () => {
 		cy.get('[data-cy-post-form-text]').type('Hello, Misskey!');
 		cy.get('[data-cy-open-post-form-submit]').click();

-		cy.contains('Hello, Misskey!');
+		cy.contains('Hello, Misskey!', { timeout: 15000 });
  });

 	it('open note form with hotkey', () => {
--- a/locales/ar-SA.yml
+++ b/locales/ar-SA.yml
@@ -1012,6 +1012,7 @@ sourceCode: "الشفرة المصدرية"
 flip: "اقلب"
 lastNDays: "آخر {n} أيام"
 surrender: "ألغِ"
+postForm: "أنشئ ملاحظة"
 _delivery:
  stop: "مُعلّق"
 _initialAccountSetting:
--- a/locales/bn-BD.yml
+++ b/locales/bn-BD.yml
@@ -852,6 +852,7 @@ replies: "জবাব"
 renotes: "রিনোট"
 sourceCode: "সোর্স কোড"
 flip: "উল্টান"
+postForm: "নোট লিখুন"
 _delivery:
  stop: "স্থগিত করা হয়েছে"
  _type:
--- a/locales/ca-ES.yml
+++ b/locales/ca-ES.yml
@@ -111,7 +111,7 @@ followRequests: "Peticions de seguiment"
 unfollow: "Deixar de seguir"
 followRequestPending: "Sol·licituds de seguiment pendents"
 enterEmoji: "Introduir un emoji"
-renote: "Impulsos"
+renote: "Impulsar"
 unrenote: "Anul·la l'impuls"
 renoted: "S'ha impulsat"
 renotedToX: "Impulsat per {name}."
@@ -260,7 +260,7 @@ noCustomEmojis: "No hi ha emojis personalitzats"
 noJobs: "No hi ha feines"
 federating: "Federant"
 blocked: "Bloquejat"
-suspended: "Suspés"
+suspended: "Anul·lar subscripció "
 all: "tot"
 subscribing: "Subscrit a"
 publishing: "S'està publicant"
@@ -1114,7 +1114,7 @@ forceShowAds: "Mostra els anuncis sempre "
 addMemo: "Afegir recordatori"
 editMemo: "Editar recordatori"
 reactionsList: "Reaccions"
-renotesList: "Impulsos"
+renotesList: "Llistat d'impulsos "
 notificationDisplay: "Notificacions"
 leftTop: "Dalt a l'esquerra "
 rightTop: "Dalt a la dreta "
@@ -1190,7 +1190,7 @@ pastAnnouncements: "Informes passats"
 youHaveUnreadAnnouncements: "Tens informes per llegir."
 useSecurityKey: "Segueix les instruccions del teu navegador O dispositiu per fer servir el teu passkey."
 replies: "Respostes"
-renotes: "Impulsos"
+renotes: "Impulsar"
 loadReplies: "Mostrar les respostes"
 loadConversation: "Mostrar la conversació "
 pinnedList: "Llista fixada"
@@ -1311,6 +1311,52 @@ federationSpecified: "Aquest servidor treballa amb una federació de llistes bla
 federationDisabled: "La unió es troba deshabilitada en aquest servidor. No es pot interactuar amb usuaris d'altres servidors."
 confirmOnReact: "Confirmar en reaccionar"
 reactAreYouSure: "Vols reaccionar amb \"{emoji}\"?"
+markAsSensitiveConfirm: "Vols marcar aquest contingut com a sensible?"
+unmarkAsSensitiveConfirm: "Vols deixar de marcar com a sensible aquest contingut?"
+preferences: "Preferències "
+accessibility: "Accessibilitat "
+preferencesProfile: "Perfil de configuració "
+copyPreferenceId: "Copiar l'ID de la configuració "
+resetToDefaultValue: "Restaura al valor per defecte "
+overrideByAccount: "Anul·lar per compte"
+untitled: "Sense títol "
+noName: "No hi ha un nom disponible "
+skip: "Ometre "
+restore: "Restaurar "
+syncBetweenDevices: "Sincronització entre dispositius"
+preferenceSyncConflictTitle: "Els valors de la configuració ja existeixen al dispositiu"
+preferenceSyncConflictText: "Un element de la configuració amb sincronització activada desa els seus valors al servidor, però s'ha trobat un valor a la configuració desat al servidor per aquest element de la configuració. Quin valor us sobreescriure?"
+postForm: "Formulari de publicació"
+_settings:
+  driveBanner: "Pots gestionar i configurar el Disc, comprovar el seu ús i establir una configuració per a la càrrega d'arxius."
+  pluginBanner: "Els complements poden fer-se servir per ampliar les funcionalitats del client. Els complements poden instal·lar-se, configurar-se individualment i gestionar-se."
+  notificationsBanner: "Pots configurar el tipus i l'abast de les notificacions que es rebran del servidor, també les notificacions emergents."
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "Relació entre serveis"
+  serviceConnectionBanner: "Pots configurar i gestionar tokens d'accés i webhooks per integrar serveis i aplicacions externes."
+  accountData: "Dades del compte"
+  accountDataBanner: "Exportació/Importació i gestió d'arxius amb dades del compte."
+  muteAndBlockBanner: "Pots configurar i gestionar els continguts que desitges amagar i restringir les accions de determinats usuaris."
+  accessibilityBanner: "Els clients poden personalitzar-se i configurar-se per un ús òptim en funció de la seva visió i comportament."
+  privacyBanner: "Pots establir la configuració de privacitat del compte, com el grau de visibilitat del teu contingut, la facilitat per trobar-ho i si es pot aprovar els seguidors."
+  securityBanner: "Configura les opcions relacionades amb la seguretat del teu compte com ara contrasenyes, mètodes per iniciar sessió, aplicacions d'autentificació i claus d'accés."
+  preferencesBanner: "Pots configurar el comportament general del client segons les teves preferències."
+  appearanceBanner: "Pots configurar les preferències relacionades amb la visualització i l'aspecte del client segons el teu parer."
+  soundsBanner: "Configuració dels sons que reproduirà el client."
+_preferencesProfile:
+  profileName: "Nom del perfil"
+  profileNameDescription: "Estableix un nom que identifiqui aquest dispositiu."
+  profileNameDescription2: "Per exemple: \"PC Principal\", \"Smartphone\", etc"
+_preferencesBackup:
+  autoBackup: "Còpia de seguretat automàtica "
+  restoreFromBackup: "Restaurar des d'una còpia de seguretat"
+  noBackupsFoundTitle: "No s'ha trobat cap còpia de seguretat"
+  noBackupsFoundDescription: "No s'han trobat còpies de seguretat creades automàticament, però si has desat, manualment, un arxiu de còpia de seguretat, pots importar-lo i carregar-lo."
+  selectBackupToRestore: "Seleccionar la còpia de seguretat que vols restaurar"
+  youNeedToNameYourProfileToEnableAutoBackup: "Has de posar-li un nom al teu perfil per poder activar les còpies de seguretat automàtiques."
+  autoPreferencesBackupIsNotEnabledForThisDevice: "La còpia de seguretat automàtica no es troba activada en aquest dispositiu."
+  backupFound: "Còpia de seguretat de la configuració trobada"
 _accountSettings:
  requireSigninToViewContents: "És obligatori l'inici de sessió per poder veure el contingut"
  requireSigninToViewContentsDescription1: "Es requereix l'inici de sessió per poder veure totes les notes i el contingut que has creat. Amb això esperem evitar que els rastrejadors recopilin informació."
@@ -1321,6 +1367,7 @@ _accountSettings:
  makeNotesHiddenBefore: "Fes que les notes antigues siguin privades"
  makeNotesHiddenBeforeDescription: "Mentres aquesta funció estigui activada les notes que hagin superat una data i hora fixada o hagi passat el temps establert només seran visibles per a tu. Si la desactives es restablirà també l'estat públic de les notes."
  mayNotEffectForFederatedNotes: "Això pot ser que no afecti les notes federades."
+  mayNotEffectSomeSituations: "Aquestes restriccions són simplificades. Pot ser que no s'apliquin en determinades situacions, com quan es modera o visualitza un servidor remot."
  notesHavePassedSpecifiedPeriod: "Notes publicades durant un període de temps especificat."
  notesOlderThanSpecifiedDateAndTime: "Notes més antigues de la data i temps especificat "
 _abuseUserReport:
@@ -1332,7 +1379,7 @@ _abuseUserReport:
  resolveTutorial: "Si l'informe és legítim selecciona \"Acceptar\" per resoldre'l positivament. Però si l'informe no és legítim selecciona \"Rebutjar\" per resoldre'l negativament."
 _delivery:
  status: "Estat d'entrega "
-  stop: "Suspés"
+  stop: "Anul·lar subscripció "
  resume: "Torna a enviar"
  _type:
    none: "S'està publicant"
@@ -1969,6 +2016,7 @@ _theme:
  installed: "{name} Instal·lat "
  installedThemes: "Temes instal·lats "
  builtinThemes: "Temes integrats"
+  instanceTheme: "Tema de la instància "
  alreadyInstalled: "Aquest tema ja es troba instal·lat "
  invalid: "El format d'aquest tema no és correcte"
  make: "Crear un tema"
@@ -2450,7 +2498,7 @@ _notification:
    follow: "Segueix-me"
    mention: "Menció"
    reply: "Respostes"
-    renote: "Renotar"
+    renote: "Impulsar"
    quote: "Citar"
    reaction: "Reaccions"
    pollEnded: "Enquesta terminada"
@@ -2465,7 +2513,7 @@ _notification:
  _actions:
    followBack: "També et segueix"
    reply: "Respondre"
-    renote: "Renotar"
+    renote: "Impulsos"
 _deck:
  alwaysShowMainColumn: "Mostrar sempre la columna principal"
  columnAlign: "Alinea les columnes"
@@ -2487,6 +2535,7 @@ _deck:
  useSimpleUiForNonRootPages: "Usa una interfície senzilla per a les pàgines navegades"
  usedAsMinWidthWhenFlexible: "L'amplada mínima es farà servir quan \"Ajust automàtic de l'amplada\" estigui activat"
  flexible: "Ajust automàtic de l'amplada"
+  enableSyncBetweenDevicesForProfiles: "Activar la sincronització de la informació de perfils de dispositiu a dispositiu"
  _columns:
    main: "Principal"
    widgets: "Ginys"
@@ -2594,6 +2643,7 @@ _moderationLogTypes:
  deletePage: "Esborrar la pàgina"
  deleteFlash: "Esborrar el guió"
  deleteGalleryPost: "Esborrar la publicació de la galeria"
+  updateProxyAccountDescription: "Actualitzar descripció del compte proxy"
 _fileViewer:
  title: "Detall del fitxer"
  type: "Tipus de fitxer"
--- a/locales/cs-CZ.yml
+++ b/locales/cs-CZ.yml
@@ -5,6 +5,7 @@ introMisskey: "Vítejte! Misskey je otevřený a decentralizovaný microblogový
 poweredByMisskeyDescription: "{name} je jeden ze serverů využívající open source platformu <b>Misskey<b> (nazývaná \"Misskey instance\")."
 monthAndDay: "{day}. {month}."
 search: "Vyhledávání"
+reset: "Obnovit"
 notifications: "Oznámení"
 username: "Uživatelské jméno"
 password: "Heslo"
@@ -365,8 +366,11 @@ hcaptcha: "hCaptcha"
 enableHcaptcha: "Aktivovat hCaptchu"
 hcaptchaSiteKey: "Klíč stránky"
 hcaptchaSecretKey: "Tajný Klíč (Secret Key)"
+mcaptcha: "mCaptcha"
+enableMcaptcha: "Aktivovat mCaptchu"
 mcaptchaSiteKey: "Klíč stránky"
 mcaptchaSecretKey: "Tajný Klíč (Secret Key)"
+mcaptchaInstanceUrl: "URL mCaptcha serveru"
 recaptcha: "reCAPTCHA"
 enableRecaptcha: "Zapnout ReCAPTCHu"
 recaptchaSiteKey: "Klíč stránky"
@@ -1094,6 +1098,7 @@ sourceCode: "Zdrojový kód"
 flip: "Otočit"
 lastNDays: "Posledních {n} dnů"
 surrender: "Zrušit"
+postForm: "Formulář pro odeslání"
 _delivery:
  stop: "Suspendováno"
  _type:
--- a/locales/de-DE.yml
+++ b/locales/de-DE.yml
@@ -863,7 +863,7 @@ administration: "Verwaltung"
 accounts: "Benutzerkonten"
 switch: "Wechseln"
 noMaintainerInformationWarning: "Betreiberinformationen sind nicht konfiguriert."
-noInquiryUrlWarning: "Keine gültige URL."
+noInquiryUrlWarning: "Keine gültige Kontakt-URL."
 noBotProtectionWarning: "Schutz vor Bots ist nicht konfiguriert."
 configure: "Konfigurieren"
 postToGallery: "Neuen Galeriebeitrag erstellen"
@@ -1308,6 +1308,9 @@ pleaseSelectAccount: "Bitte Konto auswählen"
 availableRoles: "Verfügbare Rollen"
 federationSpecified: "Dieser Server arbeitet mit Whitelist-Föderation. Er kann nicht mit anderen als den vom Administrator angegebenen Servern interagieren."
 federationDisabled: "Föderation ist auf diesem Server deaktiviert. Es ist nicht möglich, mit Benutzern auf anderen Servern zu interagieren."
+postForm: "Notizfenster"
+_settings:
+  webhook: "Webhook"
 _accountSettings:
  requireSigninToViewContents: "Anmeldung erfordern, um Inhalte anzuzeigen"
  requireSigninToViewContentsDescription1: "Erfordere eine Anmeldung, um alle Notizen und andere Inhalte anzuzeigen, die du erstellt hast. Dadurch wird verhindert, dass Crawler deine Informationen sammeln."
--- a/locales/el-GR.yml
+++ b/locales/el-GR.yml
@@ -288,6 +288,7 @@ cannotUploadBecauseNoFreeSpace: "Το ανέβασμα απέτυχε λόγω
 icon: "Εικονίδιο"
 replies: "Απάντηση"
 renotes: "Κοινοποίηση σημειώματος"
+postForm: "Φόρμα δημοσίευσης"
 _email:
  _follow:
    title: "Έχετε ένα νέο ακόλουθο"
--- a/locales/en-US.yml
+++ b/locales/en-US.yml
@@ -1311,6 +1311,49 @@ federationSpecified: "This server is operated in a whitelist federation. Interac
 federationDisabled: "Federation is disabled on this server. You cannot interact with users on other servers."
 confirmOnReact: "Confirm when reacting"
 reactAreYouSure: "Would you like to add a \"{emoji}\" reaction?"
+markAsSensitiveConfirm: "Do you want to set this media as sensitive?"
+unmarkAsSensitiveConfirm: "Do you want to remove the sensitive designation for this media?"
+preferences: "Preferences"
+accessibility: "Accessibility"
+preferencesProfile: "Preferences profile"
+copyPreferenceId: "Copy the proference ID"
+resetToDefaultValue: "Revert to default"
+overrideByAccount: "Override by the account"
+untitled: "Untitled"
+noName: "No name"
+skip: "Skip"
+restore: "Restore"
+postForm: "Posting form"
+_settings:
+  driveBanner: "You can manage and configure the drive, check usage, and configure file upload settings."
+  pluginBanner: "You can extend client features with plugins. You can install plugins, configure and manage individually."
+  notificationsBanner: "You can configure the types and range of notifications from the server and push notifications."
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "Service integration"
+  serviceConnectionBanner: "Manage and configure access tokens and Webhooks to integrate with external apps or services."
+  accountData: "Account data"
+  accountDataBanner: "Export and import to manage account data."
+  muteAndBlockBanner: "You can configure and manage settings to hide content and restrict actions from specific users."
+  accessibilityBanner: "You can personalize the client's visuals and behavior, and configure settings to optimize usage."
+  privacyBanner: "You can configure settings related to account privacy, such as content visibility, discoverability, and follow approval."
+  securityBanner: "You can configure settings related to account security, such as password, login methods, authentication apps, and Passkeys."
+  preferencesBanner: "You can configure the overall behavior of the client according to your preferences."
+  appearanceBanner: "You can configure the appearance and display settings for the client according to your preferences."
+  soundsBanner: "You can configure the sound settings for playback in the client."
+_preferencesProfile:
+  profileName: "Profile name"
+  profileNameDescription: "Set a name that identifies this device."
+  profileNameDescription2: "Example: \"Main PC\", \"Smartphone\""
+_preferencesBackup:
+  autoBackup: "Auto backup"
+  restoreFromBackup: "Restore from backup"
+  noBackupsFoundTitle: "No backups found"
+  noBackupsFoundDescription: "No auto-created backups were found, but if you have manually saved a backup file, you can import and restore it."
+  selectBackupToRestore: "Select a backup to restore"
+  youNeedToNameYourProfileToEnableAutoBackup: "A profile name must be set to enable auto backup."
+  autoPreferencesBackupIsNotEnabledForThisDevice: "Settings auto backup is not enabled on this device."
+  backupFound: "Settings backup is found"
 _accountSettings:
  requireSigninToViewContents: "Require sign-in to view contents"
  requireSigninToViewContentsDescription1: "Require login to view all notes and other content you have created. This will have the effect of preventing crawlers from collecting your information."
@@ -1321,6 +1364,7 @@ _accountSettings:
  makeNotesHiddenBefore: "Make past notes private"
  makeNotesHiddenBeforeDescription: "While this feature is enabled, notes that are past the set date and time or have been visible only to you. When it is deactivated, the note publication status will also be restored."
  mayNotEffectForFederatedNotes: "Notes federated to a remote server may not be affected."
+  mayNotEffectSomeSituations: "These restrictions are simplified. They may not apply in some situations, such as when viewing on a remote server or during moderation."
  notesHavePassedSpecifiedPeriod: "Note that the specified time has passed"
  notesOlderThanSpecifiedDateAndTime: "Notes before the specified date and time"
 _abuseUserReport:
@@ -1969,6 +2013,7 @@ _theme:
  installed: "{name} has been installed"
  installedThemes: "Installed themes"
  builtinThemes: "Built-in themes"
+  instanceTheme: "Server theme"
  alreadyInstalled: "This theme is already installed"
  invalid: "The format of this theme is invalid"
  make: "Make a theme"
@@ -2594,6 +2639,7 @@ _moderationLogTypes:
  deletePage: "Page deleted"
  deleteFlash: "Play deleted"
  deleteGalleryPost: "Gallery post deleted"
+  updateProxyAccountDescription: "Update the description of the proxy account"
 _fileViewer:
  title: "File details"
  type: "File type"
@@ -2649,7 +2695,7 @@ _dataSaver:
    description: "Prevents images/videos from being loaded automatically. Hidden images/videos will be loaded when tapped."
  _avatar:
    title: "Avatar image"
-    description: "Stop avatar image animation. Animated images can be larger in file size than normal  images, potentially leading to further reductions in data traffic."
+    description: "Stop avatar image animation. Animated images can be larger in file size than normal images, potentially leading to further reductions in data traffic."
  _urlPreview:
    title: "URL preview thumbnails"
    description: "URL preview thumbnail images will no longer be loaded."
@@ -2741,7 +2787,7 @@ _roleSelectDialog:
 _customEmojisManager:
  _gridCommon:
    copySelectionRows: "Copy selected rows"
-    copySelectionRanges: "Copy selected ranges"
+    copySelectionRanges: "Copy selection"
    deleteSelectionRows: "Delete selected rows"
    deleteSelectionRanges: "Delete rows in the selection"
    searchSettings: "Search settings"
@@ -2857,4 +2903,8 @@ _bootErrors:
 _search:
  searchScopeAll: "All"
  searchScopeLocal: "Local"
+  searchScopeServer: "Specific server"
  searchScopeUser: "Specific user"
+  pleaseEnterServerHost: "Enter the server host"
+  pleaseSelectUser: "Select user"
+  serverHostPlaceholder: "Example: misskey.example.com"
--- a/locales/es-ES.yml
+++ b/locales/es-ES.yml
@@ -1299,6 +1299,9 @@ messageToFollower: "Mensaje a seguidores"
 target: "Para"
 federationSpecified: "Este servidor opera en una federación de listas blancas. No puede interactuar con otros servidores que no sean los especificados por el administrador."
 federationDisabled: "La federación está desactivada en este servidor. No puede interactuar con usuarios de otros servidores"
+postForm: "Formulario"
+_settings:
+  webhook: "Webhook"
 _accountSettings:
  requireSigninToViewContents: "Se requiere iniciar sesión para ver el contenido"
  requireSigninToViewContentsDescription1: "Requiere iniciar sesión para ver todas las notas y otros contenidos que hayas creado. Se espera que esto evite que los rastreadores recopilen información."
--- a/locales/fr-FR.yml
+++ b/locales/fr-FR.yml
@@ -1277,6 +1277,7 @@ prohibitedWordsForNameOfUser: "Mots interdits pour les noms d'utilisateur·rices
 lockdown: "Verrouiller"
 pleaseSelectAccount: "Sélectionner un compte"
 availableRoles: "Rôles disponibles"
+postForm: "Formulaire de publication"
 _abuseUserReport:
  forward: "Transférer"
  forwardDescription: "Transférer le signalement vers une instance distante en tant qu'anonyme."
--- a/locales/id-ID.yml
+++ b/locales/id-ID.yml
@@ -1261,6 +1261,9 @@ performance: "Kinerja"
 modified: "Diubah"
 thereAreNChanges: "Ada {n} perubahan"
 prohibitedWordsForNameOfUser: "Kata yang dilarang untuk nama pengguna"
+postForm: "Buat catatan"
+_settings:
+  webhook: "Webhook"
 _abuseUserReport:
  accept: "Setuju"
  reject: "Tolak"
--- a/locales/index.d.ts
+++ b/locales/index.d.ts
@@ -4971,7 +4971,7 @@ export interface Locale extends ILocale {
     */
    "disableStreamingTimeline": string;
    /**
-     * 通知をグルーピングして表示する
+     * 通知をグルーピング
     */
    "useGroupedNotifications": string;
    /**
@@ -5262,6 +5262,226 @@ export interface Locale extends ILocale {
     * " {emoji} " をリアクションしますか？
     */
    "reactAreYouSure": ParameterizedString<"emoji">;
+    /**
+     * このメディアをセンシティブとして設定しますか？
+     */
+    "markAsSensitiveConfirm": string;
+    /**
+     * このメディアのセンシティブ指定を解除しますか？
+     */
+    "unmarkAsSensitiveConfirm": string;
+    /**
+     * 環境設定
+     */
+    "preferences": string;
+    /**
+     * アクセシビリティ
+     */
+    "accessibility": string;
+    /**
+     * 設定のプロファイル
+     */
+    "preferencesProfile": string;
+    /**
+     * 設定IDをコピー
+     */
+    "copyPreferenceId": string;
+    /**
+     * 初期値に戻す
+     */
+    "resetToDefaultValue": string;
+    /**
+     * アカウントで上書き
+     */
+    "overrideByAccount": string;
+    /**
+     * 無題
+     */
+    "untitled": string;
+    /**
+     * 名前はありません
+     */
+    "noName": string;
+    /**
+     * スキップ
+     */
+    "skip": string;
+    /**
+     * 復元
+     */
+    "restore": string;
+    /**
+     * デバイス間で同期
+     */
+    "syncBetweenDevices": string;
+    /**
+     * サーバーに設定値が存在します
+     */
+    "preferenceSyncConflictTitle": string;
+    /**
+     * 同期が有効にされた設定項目は設定値をサーバーに保存しますが、この設定項目のサーバーに保存された設定値が見つかりました。どちらの設定値で上書きしますか？
+     */
+    "preferenceSyncConflictText": string;
+    /**
+     * サーバーの設定値
+     */
+    "preferenceSyncConflictChoiceServer": string;
+    /**
+     * デバイスの設定値
+     */
+    "preferenceSyncConflictChoiceDevice": string;
+    /**
+     * 同期の有効化をキャンセル
+     */
+    "preferenceSyncConflictChoiceCancel": string;
+    /**
+     * ペースト
+     */
+    "paste": string;
+    /**
+     * 絵文字パレット
+     */
+    "emojiPalette": string;
+    /**
+     * 投稿フォーム
+     */
+    "postForm": string;
+    "_emojiPalette": {
+        /**
+         * パレット
+         */
+        "palettes": string;
+        /**
+         * パレットのデバイス間同期を有効にする
+         */
+        "enableSyncBetweenDevicesForPalettes": string;
+        /**
+         * メインで使用するパレット
+         */
+        "paletteForMain": string;
+        /**
+         * リアクションで使用するパレット
+         */
+        "paletteForReaction": string;
+    };
+    "_settings": {
+        /**
+         * ドライブの管理と設定、使用量の確認、ファイルをアップロードする際の設定を行えます。
+         */
+        "driveBanner": string;
+        /**
+         * プラグインを利用するとクライアントの機能を拡張することができます。プラグインのインストール、個別の設定と管理が行えます。
+         */
+        "pluginBanner": string;
+        /**
+         * サーバーからの受信する通知の種類と範囲や、プッシュ通知の設定が行えます。
+         */
+        "notificationsBanner": string;
+        /**
+         * API
+         */
+        "api": string;
+        /**
+         * Webhook
+         */
+        "webhook": string;
+        /**
+         * サービス連携
+         */
+        "serviceConnection": string;
+        /**
+         * 外部のアプリ・サービスと連携するためのアクセストークンやWebhookの管理と設定が行えます。
+         */
+        "serviceConnectionBanner": string;
+        /**
+         * アカウントのデータ
+         */
+        "accountData": string;
+        /**
+         * アカウントデータのアーカイブをエクスポート/インポートして管理できます。
+         */
+        "accountDataBanner": string;
+        /**
+         * 非表示にするコンテンツの設定や、特定のユーザーからのアクションを制限する設定と管理を行えます。
+         */
+        "muteAndBlockBanner": string;
+        /**
+         * クライアントの視覚や動作に関するパーソナライズを行い、より最適に使用できるように設定できます。
+         */
+        "accessibilityBanner": string;
+        /**
+         * コンテンツの公開範囲、見つけやすさ、フォローの承認制などアカウントのプライバシーに関する設定を行えます。
+         */
+        "privacyBanner": string;
+        /**
+         * パスワード、ログイン方法、認証アプリ、パスキーなどアカウントのセキュリティに関する設定を行えます。
+         */
+        "securityBanner": string;
+        /**
+         * 好みに応じた、クライアントの全体的な動作の設定が行えます。
+         */
+        "preferencesBanner": string;
+        /**
+         * 好みに応じた、クライアントの見た目・表示方法に関する設定が行えます。
+         */
+        "appearanceBanner": string;
+        /**
+         * クライアントで再生するサウンドの設定が行えます。
+         */
+        "soundsBanner": string;
+        /**
+         * タイムラインとノート
+         */
+        "timelineAndNote": string;
+    };
+    "_preferencesProfile": {
+        /**
+         * プロファイル名
+         */
+        "profileName": string;
+        /**
+         * このデバイスを識別する名前を設定してください。
+         */
+        "profileNameDescription": string;
+        /**
+         * 例: 「メインPC」、「スマホ」など
+         */
+        "profileNameDescription2": string;
+    };
+    "_preferencesBackup": {
+        /**
+         * 自動バックアップ
+         */
+        "autoBackup": string;
+        /**
+         * バックアップから復元
+         */
+        "restoreFromBackup": string;
+        /**
+         * バックアップが見つかりませんでした
+         */
+        "noBackupsFoundTitle": string;
+        /**
+         * 自動で作成されたバックアップは見つかりませんでしたが、バックアップファイルを手動で保存している場合、それをインポートして復元することはできます。
+         */
+        "noBackupsFoundDescription": string;
+        /**
+         * 復元するバックアップを選択してください
+         */
+        "selectBackupToRestore": string;
+        /**
+         * 自動バックアップを有効にするにはプロファイル名の設定が必要です。
+         */
+        "youNeedToNameYourProfileToEnableAutoBackup": string;
+        /**
+         * このデバイスで設定の自動バックアップは有効になっていません。
+         */
+        "autoPreferencesBackupIsNotEnabledForThisDevice": string;
+        /**
+         * 設定のバックアップが見つかりました
+         */
+        "backupFound": string;
+    };
    "_accountSettings": {
        /**
         * コンテンツの表示にログインを必須にする
@@ -5299,6 +5519,10 @@ export interface Locale extends ILocale {
         * リモートサーバーに連合されたノートには効果が及ばない場合があります。
         */
        "mayNotEffectForFederatedNotes": string;
+        /**
+         * これらの制限は簡易的なものです。リモートサーバーでの閲覧やモデレーション時など、一部のシチュエーションでは適用されない場合があります。
+         */
+        "mayNotEffectSomeSituations": string;
        /**
         * 指定した時間を経過しているノート
         */
@@ -7646,6 +7870,10 @@ export interface Locale extends ILocale {
         * 標準のテーマ
         */
        "builtinThemes": string;
+        /**
+         * サーバーのテーマ
+         */
+        "instanceTheme": string;
        /**
         * そのテーマは既にインストールされています
         */
@@ -9654,6 +9882,10 @@ export interface Locale extends ILocale {
         * 幅を自動調整
         */
        "flexible": string;
+        /**
+         * プロファイル情報のデバイス間同期を有効にする
+         */
+        "enableSyncBetweenDevicesForProfiles": string;
        "_columns": {
            /**
             * メイン
@@ -10058,6 +10290,10 @@ export interface Locale extends ILocale {
         * ギャラリーの投稿を削除
         */
        "deleteGalleryPost": string;
+        /**
+         * プロキシアカウントの説明を更新
+         */
+        "updateProxyAccountDescription": string;
    };
    "_fileViewer": {
        /**
--- a/locales/it-IT.yml
+++ b/locales/it-IT.yml
@@ -126,7 +126,7 @@ pinnedNote: "Nota in primo piano"
 pinned: "Fissa sul profilo"
 you: "Tu"
 clickToShow: "Contenuto occultato, cliccare solo se si intende vedere"
-sensitive: "Allegato esplicito"
+sensitive: "Esplicito"
 add: "Aggiungi"
 reaction: "Reazioni"
 reactions: "Reazioni"
@@ -228,7 +228,7 @@ jobQueue: "Coda di lavoro"
 cpuAndMemory: "CPU e Memoria"
 network: "Rete"
 disk: "Disco"
-instanceInfo: "Informazioni sull'istanza"
+instanceInfo: "Informazioni sul server"
 statistics: "Statistiche"
 clearQueue: "Svuota coda"
 clearQueueConfirmTitle: "Vuoi davvero svuotare la coda?"
@@ -445,7 +445,7 @@ exploreFediverse: "Esplora il Fediverso"
 popularTags: "Hashtag popolari"
 userList: "Liste"
 about: "Informazioni"
-aboutMisskey: "Informazioni di Misskey"
+aboutMisskey: "A proposito di Misskey"
 administrator: "Amministratore"
 token: "Token"
 2fa: "Autenticazione a due fattori"
@@ -606,7 +606,7 @@ scratchpad: "ScratchPad"
 scratchpadDescription: "Lo Scratchpad offre un ambiente per esperimenti di AiScript. È possibile scrivere, eseguire e confermare i risultati dell'interazione del codice con Misskey."
 uiInspector: "UI Inspector"
 uiInspectorDescription: "Puoi visualizzare un elenco di elementi UI presenti in memoria. I componenti dell'interfaccia utente vengono generati dalle funzioni Ui:C:."
-output: "Uscita"
+output: "Output"
 script: "Script"
 disablePagesScript: "Disabilita AiScript nelle pagine"
 updateRemoteUser: "Aggiorna dati dal profilo remoto"
@@ -766,7 +766,7 @@ driveUsage: "Utilizzazione del Drive"
 noCrawle: "Rifiuta l'indicizzazione dai robot."
 noCrawleDescription: "Richiedi che i motori di ricerca non indicizzino la tua pagina di profilo, le tue note, pagine, ecc."
 lockedAccountInfo: "A meno che non imposti la visibilità delle tue note su \"Solo ai follower\", le tue note sono visibili da tutti, anche se hai configurato l'account per confermare manualmente le richieste di follow."
-alwaysMarkSensitive: "Segnare gli allegati come espliciti come opzione predefinita"
+alwaysMarkSensitive: "Segnare automaticamente come espliciti gli allegati"
 loadRawImages: "Visualizza le intere immagini allegate invece delle miniature."
 disableShowingAnimatedImages: "Disabilita le immagini animate"
 highlightSensitiveMedia: "Evidenzia i media espliciti"
@@ -893,7 +893,7 @@ searchResult: "Risultati della Ricerca"
 hashtags: "Hashtag"
 troubleshooting: "Risoluzione problemi"
 useBlurEffect: "Utilizza effetto sfocatura"
-learnMore: "Più dettagli"
+learnMore: "Per saperne di più"
 misskeyUpdated: "Misskey è stato aggiornato!"
 whatIsNew: "Informazioni sull'aggiornamento"
 translate: "Traduci"
@@ -901,7 +901,7 @@ translatedFrom: "Traduzione da {x}"
 accountDeletionInProgress: "È in corso l'eliminazione del profilo"
 usernameInfo: "Un nome per identificare univocamente il tuo profilo sull'istanza. Puoi utilizzare caratteri alfanumerici maiuscoli, minuscoli e il trattino basso (_). Non potrai cambiare nome utente in seguito."
 aiChanMode: "Modalità Ai"
-devMode: "Modalità sviluppatori"
+devMode: "Modalità sviluppo"
 keepCw: "Mostra i contenuti espliciti"
 pubSub: "Publish/Subscribe del profilo"
 lastCommunication: "La comunicazione più recente"
@@ -1049,7 +1049,7 @@ permissionDeniedError: "Errore, attività non autorizzata"
 permissionDeniedErrorDescription: "Non si dispone dell'autorizzazione per eseguire questa operazione."
 preset: "Preimpostato"
 selectFromPresets: "Seleziona preimpostato"
-achievements: "Obiettivi raggiunti"
+achievements: "Conquiste"
 gotInvalidResponseError: "Risposta del server non valida"
 gotInvalidResponseErrorDescription: "Il server potrebbe essere irraggiungibile o in manutenzione. Riprova più tardi."
 thisPostMayBeAnnoying: "Questa nota potrebbe essere offensiva"
@@ -1090,7 +1090,7 @@ notesSearchNotAvailable: "Non è possibile cercare tra le Note."
 license: "Licenza"
 unfavoriteConfirm: "Vuoi davvero rimuovere la preferenza?"
 myClips: "Le mie Clip"
-drivecleaner: "Drive cleaner"
+drivecleaner: "Pulizia del Drive"
 retryAllQueuesNow: "Ritenta di consumare tutte le code"
 retryAllQueuesConfirmTitle: "Vuoi ritentare adesso?"
 retryAllQueuesConfirmText: "Potrebbe sovraccaricare il server temporaneamente."
@@ -1311,6 +1311,49 @@ federationSpecified: "Questo server è federato solo con istanze specifiche del
 federationDisabled: "Questo server ha la federazione disabilitata. Non puoi interagire con profili provenienti da altri server."
 confirmOnReact: "Confermare le reazioni"
 reactAreYouSure: "Vuoi davvero reagire con {emoji} ?"
+markAsSensitiveConfirm: "Vuoi davvero indicare questo contenuto multimediale come esplicito?"
+unmarkAsSensitiveConfirm: "Vuoi davvero indicare come non esplicito il contenuto multimediale?"
+preferences: "Preferenze"
+accessibility: "Accessibilità"
+preferencesProfile: "Profilo preferenze"
+copyPreferenceId: "Copia ID preferenze"
+resetToDefaultValue: "Ripristina a predefinito"
+overrideByAccount: "Sovrascrivere col profilo"
+untitled: "Senza titolo"
+noName: "Senza nome"
+skip: "Salta"
+restore: "Ripristina"
+postForm: "Finestra di pubblicazione"
+_settings:
+  driveBanner: "Permette di gestire e configurare il Drive, controllare il consumo di spazio e configurare il caricamento dei file."
+  pluginBanner: "Consentono di migliorare le funzionalità. Le estensioni si possono configurare e gestire singolarmente."
+  notificationsBanner: "Puoi impostare il tipo di notifiche da ricevere dal server e anche le notifiche push."
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "Integrazione servizi"
+  serviceConnectionBanner: "Puoi gestire i codici di accesso e i Webhook per collegare App o servizi esterni."
+  accountData: "Dati del profilo"
+  accountDataBanner: "Puoi gestire i dati del tuo profilo, esportando e importando."
+  muteAndBlockBanner: "Puoi configurare la visibiltà dei contenuti e limitare le attività provenienti da profili specifici."
+  accessibilityBanner: "Puoi personalizzare e migliorare la lettura sul tuo dispositivo in modo che sia più chiaro e reattivo."
+  privacyBanner: "Puoi configurare la privacy del tuo profilo, come la visibilità delle Note, la visibilità del profilo nelle ricerche e l'approvazione delle relazioni tra profili."
+  securityBanner: "Puoi gestire la sicurezza del tuo account, la password, i modi di accesso, la generazione di codici OTP per accesso multi fattore (MFA/2FA) e la passkey."
+  preferencesBanner: "Puoi personalizzare il comportamento del tuo dispositivo."
+  appearanceBanner: "Puoi personalizzare l'aspetto nel dispositivo, in base alle tue preferenze."
+  soundsBanner: "Puoi personalizzare i suoni emessi dagli eventi sul tuo dispositivo."
+_preferencesProfile:
+  profileName: "Nome del profilo"
+  profileNameDescription: "Impostare il nome che indentifica questo dispositivo."
+  profileNameDescription2: "Es: \"PC principale\" o \"Cellulare\""
+_preferencesBackup:
+  autoBackup: "Backup automatico"
+  restoreFromBackup: "Ripristinare da backup"
+  noBackupsFoundTitle: "Nessun backup trovato"
+  noBackupsFoundDescription: "Impossibile trovare un backup creato automaticamente. Se se hai salvato il file di backup manualmente, puoi importarlo e ripristinarlo."
+  selectBackupToRestore: "Seleziona un backup da ripristinare"
+  youNeedToNameYourProfileToEnableAutoBackup: "Per abilitare i backup automatici, è necessario indicare il nome del profilo."
+  autoPreferencesBackupIsNotEnabledForThisDevice: "Su questo dispositivo non è stato attivato il backup automatico delle preferenze."
+  backupFound: "Esiste il Backup delle preferenze"
 _accountSettings:
  requireSigninToViewContents: "Per vedere il contenuto, è necessaria l'iscrizione"
  requireSigninToViewContentsDescription1: "Richiedere l'iscrizione per visualizzare tutte le Note e gli altri contenuti che hai creato. Probabilmente l'effetto è impedire la raccolta di informazioni da parte dei bot crawler."
@@ -1321,6 +1364,7 @@ _accountSettings:
  makeNotesHiddenBefore: "Nascondi le Note pubblicate in precedenza"
  makeNotesHiddenBeforeDescription: "Mentre questa funzione è abilitata, le Note antecedenti al momento impostato, saranno visibili soltanto a te (private). Disabilitandola nuovamente, verrà ripristinata anche la visibilità pubblica della Nota."
  mayNotEffectForFederatedNotes: "Le Note già federate su server remoti potrebbero non essere modificate."
+  mayNotEffectSomeSituations: "Queste restrizioni sono semplificate. In alcuni casi, potrebbero anche non avvenire. Ad esempio visionando un server remoto o durante la moderazione."
  notesHavePassedSpecifiedPeriod: "Note antecedenti al periodo specificato"
  notesOlderThanSpecifiedDateAndTime: "Note antecedenti al momento specificato"
 _abuseUserReport:
@@ -1447,9 +1491,9 @@ _initialTutorial:
    description: "Queste sono solamente alcune delle funzionalità principali di Misskey. Per ulteriori informazioni, {link}."
 _timelineDescription:
  home: "Nella Timeline Home, la tua cronologia principale, puoi vedere le Note provenienti dai profili che segui (Following)."
-  local: "La Timeline Locale, è una cronologia di Note pubblicate da tutti i profili iscritti su questo server."
-  social: "La Timeline Sociale, unisce in ordine cronologico l'elenco di Note presenti nella Timeline Home e quella Locale."
-  global: "La Timeline Federata ti consente di vedere le Note pubblicate dai profili di tutti gli altri server federati a questo."
+  local: "La Timeline Locale è un flusso di Note pubblicate dai profili iscritti a questo server."
+  social: "La Timeline Sociale elenca, in ordine cronologico, il flusso di Note nella Timeline Home e Locale."
+  global: "Nella Timeline Federata trovi il flusso di Note provenienti da profili iscritti ad altri server, federati a questo."
 _serverRules:
  description: "In Europa è necessario mostrare l'informativa sul trattamento dei dati personali, prima della registrazione al servizio."
 _serverSettings:
@@ -1473,8 +1517,8 @@ _serverSettings:
 _accountMigration:
  moveFrom: "Migra un altro profilo dentro a questo"
  moveFromSub: "Crea un alias verso un altro profilo remoto"
-  moveFromLabel: "Profilo da cui migrare #{n}"
-  moveFromDescription: "Se desideri spostare i Follower da un altro profilo a questo, devi prima creare un alias qui. Assicurati averlo creato PRIMA di eseguire l'attività! Inserisci l'indirizzo del profilo mittente in questo modo: @persona@istanza.it"
+  moveFromLabel: "Profilo da cui migrare n. {n}"
+  moveFromDescription: "Se desideri spostare i Follower da un altro profilo a questo, devi prima creare un alias qui. Assicurati averlo creato PRIMA di eseguire l'attività! Inserisci l'indirizzo del profilo mittente in questo modo: @persona@vecchia.istanza.it"
  moveTo: "Migrare questo profilo verso un un altro"
  moveToLabel: "Profilo verso cui migrare"
  moveCannotBeUndone: "La migrazione è irreversibile, non può essere interrotta o annullata."
@@ -1550,13 +1594,13 @@ _achievements:
      title: "Principiante III"
      description: "Hai totalizzato 15 accessi!"
    _login30:
-      title: "Misskist I"
+      title: "Missalcolista I"
      description: "Hai totalizzato 30 accessi!"
    _login60:
-      title: "Misskeist II"
+      title: "Missalcolista II"
      description: "Hai totalizzato 60 accessi!"
    _login100:
-      title: "Misskeist III"
+      title: "Missalcolista III"
      description: "Hai totalizzato 100 accessi!"
      flavor: "Violent Misskeist"
    _login200:
@@ -1642,10 +1686,10 @@ _achievements:
      description: "Hai superato i 1.000 profili Follower"
    _collectAchievements30:
      title: "Collezionista di successi"
-      description: "Hai raggiunto 30 obiettivi"
+      description: "Hai raggiunto 30 conquiste"
    _viewAchievements3min:
      title: "Mi piacciono i risultati"
-      description: "Guarda la tua collezione di obiettivi per almeno 3 minuti"
+      description: "Ammira la tua collezione di conquiste per almeno 3 minuti"
    _iLoveMisskey:
      title: "I LOVE Misskey"
      description: "Pubblica «I ♥ #Misskey»"
@@ -1910,7 +1954,7 @@ _registry:
  domain: "Dominio"
  createKey: "Crea chiave"
 _aboutMisskey:
-  about: "Misskey è un software libero e open source, sviluppato da syuilo dal 2014."
+  about: "Misskey è software libero, open source, sviluppato da Syuilo fin dal lontano 2014."
  contributors: "Principali sostenitori"
  allContributors: "Tutti i sostenitori"
  source: "Codice sorgente"
@@ -1969,6 +2013,7 @@ _theme:
  installed: "{name} è installato"
  installedThemes: "Temi installati"
  builtinThemes: "Temi integrati"
+  instanceTheme: "Tema dell'istanza"
  alreadyInstalled: "Questo tema è già installato"
  invalid: "Il formato tema non è valido"
  make: "Crea un tema"
@@ -2237,7 +2282,7 @@ _widgets:
  userList: "Elenco utenti"
  _userList:
    chooseList: "Seleziona una lista"
-  clicker: "Cliccaggio"
+  clicker: "Cliccheria"
  birthdayFollowings: "Compleanni del giorno"
 _cw:
  hide: "Nascondere"
@@ -2300,7 +2345,7 @@ _profile:
  metadataContent: "Contenuto"
  changeAvatar: "Modifica immagine profilo"
  changeBanner: "Cambia intestazione"
-  verifiedLinkDescription: "Puoi verificare il tuo profilo mostrando una icona. Devi inserire la URL alla pagina che contiene un link al tuo profilo."
+  verifiedLinkDescription: "Puoi verificare il tuo profilo mostrando una icona. Devi inserire la URL alla pagina che contiene un link al tuo profilo.\nPer verificare il profilo tramite la spunta di conferma, devi inserire la url alla pagina che contiene un link al tuo profilo Misskey. Deve avere attributo rel='me'."
  avatarDecorationMax: "Puoi aggiungere fino a {max} decorazioni."
  followedMessage: "Messaggio, quando qualcuno ti segue"
  followedMessageDescription: "Puoi impostare un breve messaggio da mostrare agli altri profili quando ti seguono."
@@ -2505,8 +2550,8 @@ _disabledTimeline:
  title: "Timeline disabilitata"
  description: "Il ruolo in cui sei non ti permette di leggere questa timeline"
 _drivecleaner:
-  orderBySizeDesc: "Dal più grande al più piccolo"
-  orderByCreatedAtAsc: "Dal più vecchio al più recente"
+  orderBySizeDesc: "Dal file più grosso al più piccolo"
+  orderByCreatedAtAsc: "Dal file più vecchio al più recente"
 _webhookSettings:
  createWebhook: "Creazione Webhook"
  modifyWebhook: "Modifica Webhook"
@@ -2594,6 +2639,7 @@ _moderationLogTypes:
  deletePage: "Pagina eliminata"
  deleteFlash: "Play eliminato"
  deleteGalleryPost: "Eliminazione pubblicazione nella Galleria"
+  updateProxyAccountDescription: "Aggiornata la descrizione del profilo proxy"
 _fileViewer:
  title: "Dettagli del file"
  type: "Tipo di file"
@@ -2811,8 +2857,8 @@ _selfXssPrevention:
  description2: "Se non sai esattamente cosa stai facendo, %c smetti subito e chiudi questa finestra."
  description3: "Per favore, controlla questo collegamento per avere maggiori dettagli. {link}"
 _followRequest:
-  recieved: "Ricezione richiesta di Follow"
-  sent: "Richiesta di Follow, inviata"
+  recieved: "Richieste in ingresso"
+  sent: "Richieste in uscita"
 _remoteLookupErrors:
  _federationNotAllowed:
    title: "Server irraggiungibile"
@@ -2857,4 +2903,8 @@ _bootErrors:
 _search:
  searchScopeAll: "Tutte"
  searchScopeLocal: "Locale"
+  searchScopeServer: "Specifiche del server"
  searchScopeUser: "Profilo specifico"
+  pleaseEnterServerHost: "Inserire il nome host"
+  pleaseSelectUser: "Per favore, seleziona un profilo"
+  serverHostPlaceholder: "Es: misskey.example.com"
--- a/locales/ja-JP.yml
+++ b/locales/ja-JP.yml
@@ -1238,7 +1238,7 @@ releaseToRefresh: "離してリロード"
 refreshing: "リロード中"
 pullDownToRefresh: "引っ張ってリロード"
 disableStreamingTimeline: "タイムラインのリアルタイム更新を無効にする"
-useGroupedNotifications: "通知をグルーピングして表示する"
+useGroupedNotifications: "通知をグルーピング"
 signupPendingError: "メールアドレスの確認中に問題が発生しました。リンクの有効期限が切れている可能性があります。"
 cwNotationRequired: "「内容を隠す」がオンの場合は注釈の記述が必要です。"
 doReaction: "リアクションする"
@@ -1311,6 +1311,67 @@ federationSpecified: "このサーバーはホワイトリスト連合で運用
 federationDisabled: "このサーバーは連合が無効化されています。他のサーバーのユーザーとやり取りすることはできません。"
 confirmOnReact: "リアクションする際に確認する"
 reactAreYouSure: "\" {emoji} \" をリアクションしますか？"
+markAsSensitiveConfirm: "このメディアをセンシティブとして設定しますか？"
+unmarkAsSensitiveConfirm: "このメディアのセンシティブ指定を解除しますか？"
+preferences: "環境設定"
+accessibility: "アクセシビリティ"
+preferencesProfile: "設定のプロファイル"
+copyPreferenceId: "設定IDをコピー"
+resetToDefaultValue: "初期値に戻す"
+overrideByAccount: "アカウントで上書き"
+untitled: "無題"
+noName: "名前はありません"
+skip: "スキップ"
+restore: "復元"
+syncBetweenDevices: "デバイス間で同期"
+preferenceSyncConflictTitle: "サーバーに設定値が存在します"
+preferenceSyncConflictText: "同期が有効にされた設定項目は設定値をサーバーに保存しますが、この設定項目のサーバーに保存された設定値が見つかりました。どちらの設定値で上書きしますか？"
+preferenceSyncConflictChoiceServer: "サーバーの設定値"
+preferenceSyncConflictChoiceDevice: "デバイスの設定値"
+preferenceSyncConflictChoiceCancel: "同期の有効化をキャンセル"
+paste: "ペースト"
+emojiPalette: "絵文字パレット"
+postForm: "投稿フォーム"
+
+_emojiPalette:
+  palettes: "パレット"
+  enableSyncBetweenDevicesForPalettes: "パレットのデバイス間同期を有効にする"
+  paletteForMain: "メインで使用するパレット"
+  paletteForReaction: "リアクションで使用するパレット"
+
+_settings:
+  driveBanner: "ドライブの管理と設定、使用量の確認、ファイルをアップロードする際の設定を行えます。"
+  pluginBanner: "プラグインを利用するとクライアントの機能を拡張することができます。プラグインのインストール、個別の設定と管理が行えます。"
+  notificationsBanner: "サーバーからの受信する通知の種類と範囲や、プッシュ通知の設定が行えます。"
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "サービス連携"
+  serviceConnectionBanner: "外部のアプリ・サービスと連携するためのアクセストークンやWebhookの管理と設定が行えます。"
+  accountData: "アカウントのデータ"
+  accountDataBanner: "アカウントデータのアーカイブをエクスポート/インポートして管理できます。"
+  muteAndBlockBanner: "非表示にするコンテンツの設定や、特定のユーザーからのアクションを制限する設定と管理を行えます。"
+  accessibilityBanner: "クライアントの視覚や動作に関するパーソナライズを行い、より最適に使用できるように設定できます。"
+  privacyBanner: "コンテンツの公開範囲、見つけやすさ、フォローの承認制などアカウントのプライバシーに関する設定を行えます。"
+  securityBanner: "パスワード、ログイン方法、認証アプリ、パスキーなどアカウントのセキュリティに関する設定を行えます。"
+  preferencesBanner: "好みに応じた、クライアントの全体的な動作の設定が行えます。"
+  appearanceBanner: "好みに応じた、クライアントの見た目・表示方法に関する設定が行えます。"
+  soundsBanner: "クライアントで再生するサウンドの設定が行えます。"
+  timelineAndNote: "タイムラインとノート"
+
+_preferencesProfile:
+  profileName: "プロファイル名"
+  profileNameDescription: "このデバイスを識別する名前を設定してください。"
+  profileNameDescription2: "例: 「メインPC」、「スマホ」など"
+
+_preferencesBackup:
+  autoBackup: "自動バックアップ"
+  restoreFromBackup: "バックアップから復元"
+  noBackupsFoundTitle: "バックアップが見つかりませんでした"
+  noBackupsFoundDescription: "自動で作成されたバックアップは見つかりませんでしたが、バックアップファイルを手動で保存している場合、それをインポートして復元することはできます。"
+  selectBackupToRestore: "復元するバックアップを選択してください"
+  youNeedToNameYourProfileToEnableAutoBackup: "自動バックアップを有効にするにはプロファイル名の設定が必要です。"
+  autoPreferencesBackupIsNotEnabledForThisDevice: "このデバイスで設定の自動バックアップは有効になっていません。"
+  backupFound: "設定のバックアップが見つかりました"

 _accountSettings:
  requireSigninToViewContents: "コンテンツの表示にログインを必須にする"
@@ -1322,6 +1383,7 @@ _accountSettings:
  makeNotesHiddenBefore: "過去のノートを非公開化する"
  makeNotesHiddenBeforeDescription: "この機能が有効になっている間、設定された日時より過去、または設定された時間を経過しているノートが自分のみ表示可能(非公開化)になります。無効に戻すと、ノートの公開状態も元に戻ります。"
  mayNotEffectForFederatedNotes: "リモートサーバーに連合されたノートには効果が及ばない場合があります。"
+  mayNotEffectSomeSituations: "これらの制限は簡易的なものです。リモートサーバーでの閲覧やモデレーション時など、一部のシチュエーションでは適用されない場合があります。"
  notesHavePassedSpecifiedPeriod: "指定した時間を経過しているノート"
  notesOlderThanSpecifiedDateAndTime: "指定した日時より前のノート"

@@ -2003,6 +2065,7 @@ _theme:
  installed: "{name}をインストールしました"
  installedThemes: "インストールされたテーマ"
  builtinThemes: "標準のテーマ"
+  instanceTheme: "サーバーのテーマ"
  alreadyInstalled: "そのテーマは既にインストールされています"
  invalid: "テーマの形式が間違っています"
  make: "テーマを作る"
@@ -2550,6 +2613,7 @@ _deck:
  useSimpleUiForNonRootPages: "非ルートページは簡易UIで表示"
  usedAsMinWidthWhenFlexible: "「幅を自動調整」が有効の場合、これが幅の最小値となります"
  flexible: "幅を自動調整"
+  enableSyncBetweenDevicesForProfiles: "プロファイル情報のデバイス間同期を有効にする"

  _columns:
    main: "メイン"
@@ -2664,6 +2728,7 @@ _moderationLogTypes:
  deletePage: "ページを削除"
  deleteFlash: "Playを削除"
  deleteGalleryPost: "ギャラリーの投稿を削除"
+  updateProxyAccountDescription: "プロキシアカウントの説明を更新"

 _fileViewer:
  title: "ファイルの詳細"
--- a/locales/ja-KS.yml
+++ b/locales/ja-KS.yml
@@ -1311,6 +1311,9 @@ federationSpecified: "このサーバーはホワイトリスト連合で運用
 federationDisabled: "このサーバーは連合が無効化されてるで。他のサーバーのユーザーとやり取りすることはできひんで。"
 confirmOnReact: "ツッコむときに確認とる"
 reactAreYouSure: "\" {emoji} \" でツッコむ？"
+postForm: "投稿フォーム"
+_settings:
+  webhook: "Webhook"
 _accountSettings:
  requireSigninToViewContents: "ログインしてもらってからコンテンツ見てもらう"
  requireSigninToViewContentsDescription1: "あなたが作成した全部のノートとかのコンテンツを見れるようにするのにログインがいるようにするで。クローラーにいろいろ収集されるんを防げるかもしれん。"
--- a/locales/ko-KR.yml
+++ b/locales/ko-KR.yml
@@ -1309,6 +1309,49 @@ availableRoles: "사용 가능한 역할"
 acknowledgeNotesAndEnable: "활성화 하기 전에 주의 사항을 확인했습니다."
 federationSpecified: "이 서버는 화이트 리스트 제도로 운영 중 입니다. 정해진 리모트 서버가 아닌 경우 연합되지 않습니다."
 federationDisabled: "이 서버는 연합을 하지 않고 있습니다. 리모트 서버 유저와 통신을 할 수 없습니다."
+confirmOnReact: "리액션할 때 확인"
+reactAreYouSure: "\" {emoji} \"로 리액션하시겠습니까?"
+markAsSensitiveConfirm: "이 미디어를 민감한 미디어로 설정하시겠습니까?"
+unmarkAsSensitiveConfirm: "이 미디어의 민감한 미디어 지정을 해제하시겠습니까?"
+preferences: "환경설정"
+accessibility: "접근성"
+preferencesProfile: "설정 프로필"
+copyPreferenceId: "설정한 ID를 복사"
+resetToDefaultValue: "기본값으로 되돌리기"
+overrideByAccount: "계정으로 덮어쓰기"
+untitled: "제목 없음"
+noName: "이름이 없습니다."
+skip: "건너뛰기"
+restore: "복원"
+syncBetweenDevices: "장치간 동기화"
+preferenceSyncConflictTitle: "서버에 설정값이 존재합니다."
+preferenceSyncConflictChoiceServer: "서버 설정값"
+preferenceSyncConflictChoiceDevice: "장치 설정값"
+paste: "붙여넣기"
+emojiPalette: "이모지 팔레트"
+postForm: "글 입력란"
+_emojiPalette:
+  palettes: "팔레트"
+  paletteForMain: "메인으로 사용할 팔레트"
+  paletteForReaction: "리액션으로 사용할 팔레트"
+_settings:
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "서비스 연동"
+  accountData: "계정 데이터"
+_preferencesProfile:
+  profileName: "프로필 이름"
+  profileNameDescription: "이 디바이스를 식별할 이름을 설정해 주세요."
+  profileNameDescription2: "예: '메인PC', '스마트폰' 등"
+_preferencesBackup:
+  autoBackup: "자동 백업"
+  restoreFromBackup: "백업으로 복구"
+  noBackupsFoundTitle: "백업을 찾을 수 없습니다"
+  noBackupsFoundDescription: "자동으로 생성된 백업은 찾을 수 없었지만, 수동으로 백업 파일을 저장한 경우 해당 파일을 가져와 복원할 수 있습니다."
+  selectBackupToRestore: "복원할 백업을 선택하세요"
+  youNeedToNameYourProfileToEnableAutoBackup: "자동 백업을 활성화하려면 프로필 이름을 설정해야 합니다."
+  autoPreferencesBackupIsNotEnabledForThisDevice: "이 장치에서 설정 자동 백업이 활성화되어 있지 않습니다."
+  backupFound: "설정 백업이 발견되었습니다"
 _accountSettings:
  requireSigninToViewContents: "콘텐츠 열람을 위해 로그인을 필수로 설정하기"
  requireSigninToViewContentsDescription1: "자신이 작성한 모든 노트 등의 콘텐츠를 보기 위해 로그인을 필수로 설정합니다. 크롤러가 정보 수집하는 것을 방지하는 효과를 기대할 수 있습니다."
@@ -1967,6 +2010,7 @@ _theme:
  installed: "{name} 테마가 설치되었습니다"
  installedThemes: "설치된 테마"
  builtinThemes: "표준 테마"
+  instanceTheme: "서버 테마"
  alreadyInstalled: "이미 설치된 테마입니다"
  invalid: "테마 형식이 올바르지 않습니다"
  make: "테마 만들기"
@@ -2440,6 +2484,8 @@ _notification:
  flushNotification: "알림 이력을 초기화"
  exportOfXCompleted: "{x} 추출에 성공했습니다."
  login: "로그인 알림이 있습니다"
+  createToken: "액세스 토큰이 생성되었습니다"
+  createTokenDescription: "만약 기억이 나지 않는다면 '{text}'를 통해 액세스 토큰을 삭제해 주세요."
  _types:
    all: "전부"
    note: "사용자의 새 글"
@@ -2590,6 +2636,7 @@ _moderationLogTypes:
  deletePage: "페이지를 삭제"
  deleteFlash: "Play를 삭제"
  deleteGalleryPost: "갤러리 포스트를 삭제"
+  updateProxyAccountDescription: "프록시 계정의 설명 업데이트"
 _fileViewer:
  title: "파일 상세"
  type: "파일 유형"
@@ -2840,8 +2887,21 @@ _captcha:
      text: "알 수 없는 에러가 발생했습니다."
 _bootErrors:
  title: "로딩이 실패함"
+  serverError: "잠시 기다렸다가 다시 로드해도 여전히 문제가 해결되지 않으면 아래 Error ID와 함께 서버 관리자에게 연락해 주세요."
+  solution: "다음과 같은 방법으로 해결할 수 있습니다."
+  solution1: "브라우저 및 OS를 최신 버전으로 업데이트하기"
+  solution2: "광고 차단 비활성화하기"
+  solution3: "브라우저 캐시 지우기"
  solution4: "(Tor Browser) dom.webaudio.enabled를 true로 설정하세요"
+  otherOption: "기타 옵션"
+  otherOption1: "클라이언트 설정 및 캐시 삭제"
+  otherOption2: "간편 클라이언트 실행"
+  otherOption3: "복구 툴 실행"
 _search:
  searchScopeAll: "전체"
  searchScopeLocal: "로컬"
+  searchScopeServer: "서버 지정"
  searchScopeUser: "사용자 지정"
+  pleaseEnterServerHost: "서버의 호스트를 입력해 주세요."
+  pleaseSelectUser: "유저를 선택해주세요"
+  serverHostPlaceholder: "예: misskey.example.com"
--- a/locales/pl-PL.yml
+++ b/locales/pl-PL.yml
@@ -1044,6 +1044,7 @@ flip: "Odwróć"
 lastNDays: "W ciągu ostatnich {n} dni"
 surrender: "Odrzuć"
 gameRetry: "Spróbuj ponownie"
+postForm: "Formularz tworzenia wpisu"
 _delivery:
  stop: "Zawieszono"
  _type:
--- a/locales/pt-PT.yml
+++ b/locales/pt-PT.yml
@@ -1301,6 +1301,9 @@ lockdown: "Lockdown"
 pleaseSelectAccount: "Selecione uma conta"
 availableRoles: "Cargos disponíveis"
 acknowledgeNotesAndEnable: "Ative após compreender as precauções."
+postForm: "Campo de postagem"
+_settings:
+  webhook: "Webhook"
 _accountSettings:
  requireSigninToViewContents: "Exigir cadastro para ver o conteúdo"
  requireSigninToViewContentsDescription1: "Exigir cadastro para ver todas as notas e outro conteúdo que você criou. Isso previne 'crawlers' de coletar os seus dados."
--- a/locales/ru-RU.yml
+++ b/locales/ru-RU.yml
@@ -1181,6 +1181,9 @@ keepOriginalFilenameDescription: "Если вы выключите данную
 alwaysConfirmFollow: "Всегда подтверждать подписку"
 inquiry: "Связаться"
 messageToFollower: "Сообщение подписчикам"
+postForm: "Форма отправки"
+_settings:
+  webhook: "Вебхук"
 _delivery:
  stop: "Заморожено"
  _type:
--- a/locales/sk-SK.yml
+++ b/locales/sk-SK.yml
@@ -917,6 +917,7 @@ renotes: "Preposlať"
 sourceCode: "Zdrojový kód"
 flip: "Preklopiť"
 lastNDays: "Posledných {n} dní"
+postForm: "Napísať poznámku"
 _delivery:
  stop: "Zmrazené"
  _type:
--- a/locales/th-TH.yml
+++ b/locales/th-TH.yml
@@ -1292,6 +1292,9 @@ prohibitedWordsForNameOfUser: "คำนี้ไม่สามารถใช
 prohibitedWordsForNameOfUserDescription: "หากมีสตริงใดๆ ในรายการนี้ปรากฏอยู่ในชื่อของผู้ใช้ ชื่อนั้นจะถูกปฏิเสธ ผู้ใช้ที่มีสิทธิ์แต่ผู้ดูแลระบบนั้นจะไม่ได้รับผลกระทบใดๆจากข้อจำกัดนี้ค่ะ"
 yourNameContainsProhibitedWords: "ชื่อของคุณนั้นมีคำที่ต้องห้าม"
 yourNameContainsProhibitedWordsDescription: "ถ้าหากคุณต้องการใช้ชื่อนี้ กรุณาติดต่อผู้ดูแลระบบของเซิร์ฟเวอร์นะค่ะ"
+postForm: "แบบฟอร์มการโพสต์"
+_settings:
+  webhook: "Webhook"
 _abuseUserReport:
  forward: "ส่งต่อ"
  forwardDescription: "ส่งรายงานไปยังเซิร์ฟเวอร์ระยะไกลโดยใช้บัญชีระบบที่ไม่ระบุตัวตน"
--- a/locales/uk-UA.yml
+++ b/locales/uk-UA.yml
@@ -909,6 +909,7 @@ renotes: "Поширити"
 sourceCode: "Вихідний код"
 flip: "Перевернути"
 lastNDays: "Останні {n} днів"
+postForm: "Створення нотатки"
 _delivery:
  stop: "Призупинено"
  _type:
--- a/locales/vi-VN.yml
+++ b/locales/vi-VN.yml
@@ -1119,6 +1119,7 @@ pullDownToRefresh: "Kéo xuống để làm mới"
 cwNotationRequired: "Nếu \"Ẩn nội dung\" được bật thì cần phải có chú thích."
 lastNDays: "{n} ngày trước"
 surrender: "Từ chối"
+postForm: "Mẫu đăng"
 _delivery:
  stop: "Đã vô hiệu hóa"
  _type:
--- a/locales/zh-CN.yml
+++ b/locales/zh-CN.yml
@@ -1311,6 +1311,54 @@ federationSpecified: "此服务器已开启联合白名单。只能与管理员
 federationDisabled: "此服务器已禁用联合。无法与其它服务器上的用户通信。"
 confirmOnReact: "发送回应前需要确认"
 reactAreYouSure: "要用「{emoji}」进行回应吗？"
+markAsSensitiveConfirm: "要将此媒体标记为敏感吗？"
+unmarkAsSensitiveConfirm: "要将此媒体解除敏感标记吗？"
+preferences: "设置"
+accessibility: "辅助功能"
+preferencesProfile: "设置的配置"
+copyPreferenceId: "复制设置 ID"
+resetToDefaultValue: "重置为默认值"
+overrideByAccount: "用账户覆盖"
+untitled: "未命名"
+noName: "没有名字"
+skip: "跳过"
+restore: "恢复"
+syncBetweenDevices: "设备间同步"
+preferenceSyncConflictTitle: "服务器上已存在设定值"
+preferenceSyncConflictText: "服务器上已有此设置的设定值。要覆盖哪个设定值？"
+preferenceSyncConflictChoiceServer: "服务器上的设定值"
+preferenceSyncConflictChoiceDevice: "设备上的设定值"
+preferenceSyncConflictChoiceCancel: "取消同步"
+paste: "粘贴"
+emojiPalette: "表情符号调色板"
+postForm: "投稿窗口"
+_emojiPalette:
+  palettes: "调色板"
+  enableSyncBetweenDevicesForPalettes: "启用调色板的设备间同步"
+  paletteForMain: "主调色板"
+  paletteForReaction: "回应用调色板"
+_settings:
+  driveBanner: "可在此管理和设置网盘、确认使用量及配置上传文件的设置。"
+  api: "API"
+  webhook: "Webhook"
+  privacyBanner: "可在此设置如内容可见性、可发现性、批准关注请求等账户隐私设置。"
+  securityBanner: "可在此设置如密码、登入方式、验证器、Passkey 等账户安全性设置。"
+  preferencesBanner: "可在此设置客户端的整体运作行为。"
+  appearanceBanner: "可在此设置客户端的外观及显示方式。"
+  soundsBanner: "可在此设置客户端播放的声音。"
+_preferencesProfile:
+  profileName: "配置名"
+  profileNameDescription: "请指定用于识别此设备的名称"
+  profileNameDescription2: "如「PC」、「手机」等"
+_preferencesBackup:
+  autoBackup: "自动备份"
+  restoreFromBackup: "从备份恢复"
+  noBackupsFoundTitle: "没有找到备份"
+  noBackupsFoundDescription: "没有找到自动备份。若有手动保存备份文件，可将其导入来恢复。"
+  selectBackupToRestore: "请选择要恢复的备份"
+  youNeedToNameYourProfileToEnableAutoBackup: "需指定配置名以开启自动备份。"
+  autoPreferencesBackupIsNotEnabledForThisDevice: "此设备未开启自动备份"
+  backupFound: "已找到备份"
 _accountSettings:
  requireSigninToViewContents: "需要登录才能显示内容"
  requireSigninToViewContentsDescription1: "您发布的所有帖子将变成需要登入后才会显示。有望防止爬虫收集各种信息。"
@@ -1321,6 +1369,7 @@ _accountSettings:
  makeNotesHiddenBefore: "将过去的帖子设为私密"
  makeNotesHiddenBeforeDescription: "开启此设定时，超过设定的时间或日期后，帖子将变为仅自己可见。关闭后帖子的公开状态将恢复成原本的设定。"
  mayNotEffectForFederatedNotes: "与远程服务器联合的帖子在远端可能会没有效果。"
+  mayNotEffectSomeSituations: "此限制功能非常简单，在与远程服务器联合等情形时可能不适用。"
  notesHavePassedSpecifiedPeriod: "超过指定时间的帖子"
  notesOlderThanSpecifiedDateAndTime: "指定日期前的帖子"
 _abuseUserReport:
@@ -1969,6 +2018,7 @@ _theme:
  installed: "{name} 已安装"
  installedThemes: "已安装的主题"
  builtinThemes: "标准主题"
+  instanceTheme: "服务器主题"
  alreadyInstalled: "此主题已经安装"
  invalid: "主题格式错误"
  make: "制作主题"
@@ -2487,6 +2537,7 @@ _deck:
  useSimpleUiForNonRootPages: "用简易UI表示非根页面"
  usedAsMinWidthWhenFlexible: "「自适应宽度」被启用的时候，这就是最小的宽度"
  flexible: "自适应宽度"
+  enableSyncBetweenDevicesForProfiles: "启用个人资料信息跨设备同步"
  _columns:
    main: "主列"
    widgets: "小工具"
@@ -2594,6 +2645,7 @@ _moderationLogTypes:
  deletePage: "删除了页面"
  deleteFlash: "删除了 Play"
  deleteGalleryPost: "删除了图库稿件"
+  updateProxyAccountDescription: "更新代理账户的简介"
 _fileViewer:
  title: "文件信息"
  type: "文件类型"
@@ -2857,4 +2909,8 @@ _bootErrors:
 _search:
  searchScopeAll: "全部"
  searchScopeLocal: "本地"
-  searchScopeUser: "用户指定"
+  searchScopeServer: "指定服务器"
+  searchScopeUser: "指定用户"
+  pleaseEnterServerHost: "请填写服务器主机名"
+  pleaseSelectUser: "请选择用户"
+  serverHostPlaceholder: "如：misskey.example.com"
--- a/locales/zh-TW.yml
+++ b/locales/zh-TW.yml
@@ -103,7 +103,7 @@ serverIsDead: "伺服器沒有回應。請稍等片刻再試。"
 youShouldUpgradeClient: "請重新載入以使用新版客戶端顯示此頁面。"
 enterListName: "輸入清單名稱"
 privacy: "隱私"
-makeFollowManuallyApprove: "手動審核追隨請求"
+makeFollowManuallyApprove: "追隨需要核准"
 defaultNoteVisibility: "預設可見性"
 follow: "追隨"
 followRequest: "追隨請求"
@@ -459,13 +459,13 @@ moderationNoteDescription: "您可以編寫僅在審查員之間共用的註解
 addModerationNote: "新增管理筆記"
 moderationLogs: "管理日誌"
 nUsersMentioned: "被 {n} 個人提及"
-securityKeyAndPasskey: "安全金鑰、Passkey"
+securityKeyAndPasskey: "安全金鑰、通行金鑰"
 securityKey: "安全金鑰"
 lastUsed: "上次使用"
 lastUsedAt: "上次使用：{t}"
 unregister: "註銷"
 passwordLessLogin: "無密碼登入"
-passwordLessLoginDescription: "不使用密碼，以安全金鑰或 Passkey 登入"
+passwordLessLoginDescription: "不使用密碼，以安全金鑰或通行金鑰登入"
 resetPassword: "重設密碼"
 newPasswordIs: "新密碼為「{password}」"
 reduceUiAnimation: "減少介面的動態視覺"
@@ -765,7 +765,7 @@ driveFilesCount: "雲端硬碟檔案數量"
 driveUsage: "雲端硬碟使用量"
 noCrawle: "拒絕搜尋引擎索引"
 noCrawleDescription: "要求網路搜尋引擎不要索引你的個人資料頁、貼文及頁面等。"
-lockedAccountInfo: "即使你通過了追隨者請求，除非你將貼文的可見性設定為 「追隨者」，否則任何人都能看見你的貼文。"
+lockedAccountInfo: "即使追隨需要核准，除非你將貼文的可見性設定為 「追隨者」，否則任何人都能看見你的貼文。"
 alwaysMarkSensitive: "預設標記檔案為敏感內容"
 loadRawImages: "以原始圖檔顯示附件圖檔的縮圖"
 disableShowingAnimatedImages: "不播放動態圖檔"
@@ -1188,7 +1188,7 @@ forYou: "給您"
 currentAnnouncements: "最新公告"
 pastAnnouncements: "歷史公告"
 youHaveUnreadAnnouncements: "有未讀的公告。"
-useSecurityKey: "請按照瀏覽器或裝置上的說明來使用安全金鑰或 Passkey。"
+useSecurityKey: "請按照瀏覽器或裝置上的說明來使用安全金鑰或通行金鑰。"
 replies: "回覆"
 renotes: "轉發"
 loadReplies: "閱覽回覆"
@@ -1205,7 +1205,7 @@ showRenotes: "顯示其他人的轉發貼文"
 edited: "已編輯"
 notificationRecieveConfig: "接受通知的設定"
 mutualFollow: "互相追隨"
-followingOrFollower: "追隨中或者追隨者"
+followingOrFollower: "追隨中或追隨者"
 fileAttachedOnly: "只顯示包含附件的貼文"
 showRepliesToOthersInTimeline: "在時間軸上顯示給其他人的回覆"
 hideRepliesToOthersInTimeline: "在時間軸上隱藏給其他人的回覆"
@@ -1291,10 +1291,10 @@ performance: "性能"
 modified: "已變更"
 discard: "取消"
 thereAreNChanges: "有 {n} 處的變更"
-signinWithPasskey: "使用密碼金鑰登入"
-unknownWebAuthnKey: "未註冊的金鑰。"
-passkeyVerificationFailed: "驗證金鑰失敗。"
-passkeyVerificationSucceededButPasswordlessLoginDisabled: "雖然驗證金鑰成功，但是無密碼登入的方式是停用的。"
+signinWithPasskey: "使用通行金鑰登入"
+unknownWebAuthnKey: "未註冊的通行金鑰。"
+passkeyVerificationFailed: "驗證通行金鑰失敗。"
+passkeyVerificationSucceededButPasswordlessLoginDisabled: "雖然驗證通行金鑰成功，但是無密碼登入的方式是停用的。"
 messageToFollower: "給追隨者的訊息"
 target: "目標 "
 testCaptchaWarning: "此功能用於 CAPTCHA 的測試。<strong>請勿在正式環境中使用。</strong>"
@@ -1311,6 +1311,63 @@ federationSpecified: "此伺服器以白名單聯邦的方式運作。除了管
 federationDisabled: "此伺服器未開啟站台聯邦。無法與其他伺服器上的使用者互動。"
 confirmOnReact: "反應時確認"
 reactAreYouSure: "用「 {emoji} 」反應嗎？"
+markAsSensitiveConfirm: "要將這個媒體設定為敏感嗎？"
+unmarkAsSensitiveConfirm: "要解除這個媒體的敏感設定嗎？"
+preferences: "環境設定"
+accessibility: "輔助工具"
+preferencesProfile: "設定檔案"
+copyPreferenceId: "複製設定 ID"
+resetToDefaultValue: "還原成預設值"
+overrideByAccount: "覆寫帳號"
+untitled: "無標題"
+noName: "沒有名稱"
+skip: "跳過"
+restore: "還原"
+syncBetweenDevices: "裝置之間的同步化"
+preferenceSyncConflictTitle: "伺服器上存在設定值"
+preferenceSyncConflictText: "已啟用同步的設定項目會將設定值儲存至伺服器，並已找到該設定項目在伺服器上儲存的設定值。請選擇要使用哪個設定值進行覆寫。"
+preferenceSyncConflictChoiceServer: "伺服器設定值"
+preferenceSyncConflictChoiceDevice: "裝置的設定值"
+preferenceSyncConflictChoiceCancel: "取消啟用同步"
+paste: "貼上"
+emojiPalette: "表情符號調色盤"
+postForm: "發文視窗"
+_emojiPalette:
+  palettes: "調色盤"
+  enableSyncBetweenDevicesForPalettes: "啟用裝置與裝置之間的調色盤同步化"
+  paletteForMain: "主要使用的調色盤"
+  paletteForReaction: "反應用的調色盤"
+_settings:
+  driveBanner: "您可以管理和設定雲端硬碟、確認使用量，以及調整上傳檔案時的設定。"
+  pluginBanner: "可使用外掛擴充用戶端的功能。您可以安裝外掛，實施個別的設定與管理。"
+  notificationsBanner: "您可以設定從伺服器接收通知的類型和範圍，以及推送通知。"
+  api: "API"
+  webhook: "Webhook"
+  serviceConnection: "服務整合"
+  serviceConnectionBanner: "您可以管理和設定存取權杖與 Webhooks，以便與外部應用程式和服務整合。"
+  accountData: "帳戶資料"
+  accountDataBanner: "您可以管理帳戶資料的匯出 / 匯入。"
+  muteAndBlockBanner: "您可以設定和管理要隱藏的內容，並限制特定使用者的行動。"
+  accessibilityBanner: "可針對客戶端的視覺和行為進行個人化設定，以達到更佳的使用效果。"
+  privacyBanner: "您可以調整帳戶的隱私設定，例如內容的可見性、尋找內容的容易程度，以及追隨是否需要核准。"
+  securityBanner: "您可以設定與帳戶安全性相關的設定，例如密碼、登入方式、驗證應用程式和通行金鑰。"
+  preferencesBanner: "您可以根據喜好設定用戶端的整體行為。"
+  appearanceBanner: "您可以根據喜好設定與用戶端外觀和顯示方式相關的設定。"
+  soundsBanner: "您可以調整用戶端播放的聲音設定。"
+  timelineAndNote: "時間軸及貼文"
+_preferencesProfile:
+  profileName: "設定檔案名稱"
+  profileNameDescription: "設定一個名稱來識別此裝置。"
+  profileNameDescription2: "例如：「主要個人電腦」、「智慧型手機」等"
+_preferencesBackup:
+  autoBackup: "自動備份"
+  restoreFromBackup: "從備份還原"
+  noBackupsFoundTitle: "找不到備份檔"
+  noBackupsFoundDescription: "沒有找到自動建立的備份，但如果您手動儲存了備份檔案，則可以匯入並還原。"
+  selectBackupToRestore: "選擇要還原的備份"
+  youNeedToNameYourProfileToEnableAutoBackup: "要啟用自動備份，必須設定檔案名稱。"
+  autoPreferencesBackupIsNotEnabledForThisDevice: "此裝置未啟用自動備份設定。"
+  backupFound: "找到設定的備份"
 _accountSettings:
  requireSigninToViewContents: "須登入以顯示內容"
  requireSigninToViewContentsDescription1: "必須登入才會顯示您建立的貼文等內容。可望有效防止資訊被爬蟲蒐集。"
@@ -1321,6 +1378,7 @@ _accountSettings:
  makeNotesHiddenBefore: "隱藏過去的貼文"
  makeNotesHiddenBeforeDescription: "啟用此功能後，超過設定的日期和時間或超過設定時間的貼文將僅對自己顯示（私密化）。 如果您再次停用它，貼文的公開狀態也會恢復原狀。"
  mayNotEffectForFederatedNotes: "聯邦發送至遠端伺服器的貼文可能會不受影響。"
+  mayNotEffectSomeSituations: "這些限制已經簡化。它們可能不適用於某些情況，例如在遠端伺服器上檢視或管理時。"
  notesHavePassedSpecifiedPeriod: "早於指定時間的貼文"
  notesOlderThanSpecifiedDateAndTime: "指定時間和日期之前的貼文"
 _abuseUserReport:
@@ -1969,6 +2027,7 @@ _theme:
  installed: "{name}已安裝"
  installedThemes: "已經安裝的佈景主題"
  builtinThemes: "標準佈景主題"
+  instanceTheme: "伺服器的主題"
  alreadyInstalled: "已安裝此佈景主題"
  invalid: "佈景主題格式錯誤"
  make: "製作佈景主題"
@@ -2078,11 +2137,11 @@ _2fa:
  setupCompleted: "設定完成"
  step4: "從現在開始，任何登入操作都將要求您提供權杖。"
  securityKeyNotSupported: "您的瀏覽器不支援安全金鑰。"
-  registerTOTPBeforeKey: "如要註冊安全金鑰或 Passkey，請先設定驗證應用程式。"
-  securityKeyInfo: "您可以設定使用支援 FIDO2 的硬體安全金鑰，以及裝置上的生物辨識、PIN 碼和密碼等來登入。"
-  registerSecurityKey: "註冊安全金鑰或 Passkey"
+  registerTOTPBeforeKey: "如要註冊安全金鑰或通行金鑰，請先設定驗證應用程式。"
+  securityKeyInfo: "註冊 WebAuthn 衍生的金鑰，例如支援 FIDO2 的硬體安全金鑰、裝置生物識別、PIN 鎖和通行金鑰。"
+  registerSecurityKey: "註冊安全金鑰或通行金鑰"
  securityKeyName: "輸入金鑰名稱"
-  tapSecurityKey: "按照瀏覽器的說明註冊安全金鑰或 Passkey。"
+  tapSecurityKey: "按照瀏覽器的說明註冊安全金鑰或通行金鑰。"
  removeKey: "刪除安全金鑰"
  removeKeyConfirm: "要刪除{name}嗎？"
  whyTOTPOnlyRenew: "如果註冊了安全金鑰，則無法解除驗證應用程式的設定。"
@@ -2304,7 +2363,7 @@ _profile:
  avatarDecorationMax: "最多可以設置 {max} 個裝飾。"
  followedMessage: "被追隨時的訊息"
  followedMessageDescription: "可以設定被追隨時顯示給對方的訊息。"
-  followedMessageDescriptionForLockedAccount: "如果追隨是需要審核的話，在允許追隨請求之後顯示。"
+  followedMessageDescriptionForLockedAccount: "如果追隨需要核准的話，將在通過追隨請求之後顯示。"
 _exportOrImport:
  allNotes: "所有貼文"
  favoritedNotes: "「我的最愛」貼文"
@@ -2424,7 +2483,7 @@ _notification:
  youRenoted: "{name} 轉發了你的貼文"
  youWereFollowed: "您有新的追隨者"
  youReceivedFollowRequest: "您有新的追隨請求"
-  yourFollowRequestAccepted: "您的追隨請求已通過"
+  yourFollowRequestAccepted: "您的追隨請求已被核准"
  pollEnded: "問卷調查已產生結果"
  newNote: "新的貼文"
  unreadAntennaNote: "天線 {name}"
@@ -2487,6 +2546,7 @@ _deck:
  useSimpleUiForNonRootPages: "用簡易介面顯示非根頁面"
  usedAsMinWidthWhenFlexible: "如果啟用「自動調整寬度」，此為最小寬度"
  flexible: "自動調整寬度"
+  enableSyncBetweenDevicesForProfiles: "啟用裝置與裝置之間的設定檔資料同步化"
  _columns:
    main: "主列"
    widgets: "小工具"
@@ -2594,6 +2654,7 @@ _moderationLogTypes:
  deletePage: "刪除頁面"
  deleteFlash: "刪除 Play"
  deleteGalleryPost: "刪除相簿的貼文"
+  updateProxyAccountDescription: "更新代理帳戶的說明"
 _fileViewer:
  title: "檔案詳細資訊"
  type: "檔案類型 "
@@ -2857,4 +2918,8 @@ _bootErrors:
 _search:
  searchScopeAll: "全部"
  searchScopeLocal: "本地"
+  searchScopeServer: "指定伺服器"
  searchScopeUser: "指定使用者"
+  pleaseEnterServerHost: "請輸入伺服器的主機名稱"
+  pleaseSelectUser: "請選擇使用者"
+  serverHostPlaceholder: "例：misskey.example.com"
--- a/package.json
+++ b/package.json
@@ -1,12 +1,12 @@
 {
 	"name": "misskey",
-	"version": "2025.2.1",
+	"version": "2025.3.2-beta.0",
 	"codename": "nasubi",
 	"repository": {
 		"type": "git",
 		"url": "https://github.com/misskey-dev/misskey.git"
 	},
-	"packageManager": "pnpm@9.15.4",
+	"packageManager": "pnpm@10.6.1",
 	"workspaces": [
 		"packages/frontend-shared",
 		"packages/frontend",
@@ -24,8 +24,9 @@
 		"build": "pnpm build-pre && pnpm -r build && pnpm build-assets",
 		"build-storybook": "pnpm --filter frontend build-storybook",
 		"build-misskey-js-with-types": "pnpm build-pre && pnpm --filter backend... --filter=!misskey-js build && pnpm --filter backend generate-api-json --no-build && ncp packages/backend/built/api.json packages/misskey-js/generator/api.json && pnpm --filter misskey-js update-autogen-code && pnpm --filter misskey-js build && pnpm --filter misskey-js api",
+		"build-frontend-search-index": "pnpm --filter frontend build-search-index",
 		"start": "pnpm check:connect && cd packages/backend && node ./built/boot/entry.js",
-		"start:test": "cd packages/backend && cross-env NODE_ENV=test node ./built/boot/entry.js",
+		"start:test": "ncp ./.github/misskey/test.yml ./.config/test.yml && cd packages/backend && cross-env NODE_ENV=test node ./built/boot/entry.js",
 		"init": "pnpm migrate",
 		"migrate": "cd packages/backend && pnpm migrate",
 		"revert": "cd packages/backend && pnpm revert",
@@ -37,7 +38,7 @@
 		"cy:open": "pnpm cypress open --browser --e2e --config-file=cypress.config.ts",
 		"cy:run": "pnpm cypress run",
 		"e2e": "pnpm start-server-and-test start:test http://localhost:61812 cy:run",
-		"e2e-dev-container": "cp ./.config/cypress-devcontainer.yml ./.config/test.yml && pnpm start-server-and-test start:test http://localhost:61812 cy:run",
+		"e2e-dev-container": "ncp ./.config/cypress-devcontainer.yml ./.config/test.yml && pnpm start-server-and-test start:test http://localhost:61812 cy:run",
 		"jest": "cd packages/backend && pnpm jest",
 		"jest-and-coverage": "cd packages/backend && pnpm jest-and-coverage",
 		"test": "pnpm -r test",
@@ -47,35 +48,44 @@
 		"cleanall": "pnpm clean-all"
 	},
 	"resolutions": {
-		"chokidar": "3.6.0",
+		"chokidar": "4.0.3",
 		"lodash": "4.17.21"
 	},
 	"dependencies": {
 		"cssnano": "7.0.6",
-		"execa": "8.0.1",
+		"execa": "9.5.2",
 		"fast-glob": "3.3.3",
-		"ignore-walk": "6.0.5",
+		"ignore-walk": "7.0.0",
 		"js-yaml": "4.1.0",
-		"postcss": "8.5.2",
-		"tar": "6.2.1",
+		"postcss": "8.5.3",
+		"tar": "7.4.3",
 		"terser": "5.39.0",
-		"typescript": "5.7.3",
+		"typescript": "5.8.2",
 		"esbuild": "0.25.0",
 		"glob": "11.0.1"
 	},
 	"devDependencies": {
 		"@misskey-dev/eslint-plugin": "2.1.0",
-		"@types/node": "22.13.4",
-		"@typescript-eslint/eslint-plugin": "8.24.0",
-		"@typescript-eslint/parser": "8.24.0",
+		"@types/node": "22.13.10",
+		"@typescript-eslint/eslint-plugin": "8.26.0",
+		"@typescript-eslint/parser": "8.26.0",
 		"cross-env": "7.0.3",
-		"cypress": "14.0.3",
-		"eslint": "9.20.1",
-		"globals": "15.15.0",
+		"cypress": "14.1.0",
+		"eslint": "9.22.0",
+		"globals": "16.0.0",
 		"ncp": "2.0.0",
+		"pnpm": "10.6.1",
 		"start-server-and-test": "2.0.10"
 	},
 	"optionalDependencies": {
 		"@tensorflow/tfjs-core": "4.22.0"
+	},
+	"pnpm": {
+		"overrides": {
+			"@aiscript-dev/aiscript-languageserver": "-"
+		},
+		"patchedDependencies": {
+			"re2": "scripts/dependency-patches/re2.patch"
+		}
 	}
 }
--- a/packages/backend/migration/1740121393164-system-accounts.js
+++ b/packages/backend/migration/1740121393164-system-accounts.js
@@ -0,0 +1,37 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class SystemAccounts1740121393164 {
+    name = 'SystemAccounts1740121393164'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE TABLE "system_account" ("id" character varying(32) NOT NULL, "userId" character varying(32) NOT NULL, "type" character varying(256) NOT NULL, CONSTRAINT "PK_edb56f4aaf9ddd50ee556da97ba" PRIMARY KEY ("id"))`);
+        await queryRunner.query(`CREATE INDEX "IDX_41a3c87a37aea616ee459369e1" ON "system_account" ("userId") `);
+        await queryRunner.query(`CREATE UNIQUE INDEX "IDX_c362033aee0ea51011386a5a7e" ON "system_account" ("type") `);
+        await queryRunner.query(`ALTER TABLE "system_account" ADD CONSTRAINT "FK_41a3c87a37aea616ee459369e12" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+
+				const instanceActor = await queryRunner.query(`SELECT "id" FROM "user" WHERE "username" = 'instance.actor'`);
+				if (instanceActor.length > 0) {
+					await queryRunner.query(`INSERT INTO "system_account" ("id", "userId", "type") VALUES ('${instanceActor[0].id}', '${instanceActor[0].id}', 'actor')`);
+				}
+
+				const relayActor = await queryRunner.query(`SELECT "id" FROM "user" WHERE "username" = 'relay.actor'`);
+				if (relayActor.length > 0) {
+					await queryRunner.query(`INSERT INTO "system_account" ("id", "userId", "type") VALUES ('${relayActor[0].id}', '${relayActor[0].id}', 'relay')`);
+				}
+
+				const meta = await queryRunner.query(`SELECT "proxyAccountId" FROM "meta" ORDER BY "id" DESC LIMIT 1`);
+				if (!meta && meta.length >= 1 && meta[0].proxyAccountId) {
+					await queryRunner.query(`INSERT INTO "system_account" ("id", "userId", "type") VALUES ('${meta[0].proxyAccountId}', '${meta[0].proxyAccountId}', 'proxy')`);
+				}
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "system_account" DROP CONSTRAINT "FK_41a3c87a37aea616ee459369e12"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_c362033aee0ea51011386a5a7e"`);
+        await queryRunner.query(`DROP INDEX "public"."IDX_41a3c87a37aea616ee459369e1"`);
+        await queryRunner.query(`DROP TABLE "system_account"`);
+    }
+}
--- a/packages/backend/migration/1740129169650-system-accounts-2.js
+++ b/packages/backend/migration/1740129169650-system-accounts-2.js
@@ -0,0 +1,22 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class SystemAccounts21740129169650 {
+    name = 'SystemAccounts21740129169650'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP CONSTRAINT "FK_ab1bc0c1e209daa77b8e8d212ad"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "proxyAccountId"`);
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" ADD "proxyAccountId" character varying(32)`);
+        const proxyAccountId = await queryRunner.query(`SELECT "userId" FROM "system_account" WHERE "type" = 'proxy' ORDER BY "id" DESC LIMIT 1`);
+        if (proxyAccountId && proxyAccountId.length >= 1) {
+            await queryRunner.query(`UPDATE "meta" SET "proxyAccountId" = '${proxyAccountId[0].userId}'`);
+        }
+        await queryRunner.query(`ALTER TABLE "meta" ADD CONSTRAINT "FK_ab1bc0c1e209daa77b8e8d212ad" FOREIGN KEY ("proxyAccountId") REFERENCES "user"("id") ON DELETE SET NULL ON UPDATE NO ACTION`);
+    }
+}
--- a/packages/backend/migration/1740133121105-system-accounts-3.js
+++ b/packages/backend/migration/1740133121105-system-accounts-3.js
@@ -0,0 +1,23 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class SystemAccounts31740133121105 {
+    name = 'SystemAccounts31740133121105'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" ADD "rootUserId" character varying(32)`);
+        await queryRunner.query(`ALTER TABLE "meta" ADD CONSTRAINT "FK_c80e4079d632f95eac06a9d28cc" FOREIGN KEY ("rootUserId") REFERENCES "user"("id") ON DELETE SET NULL ON UPDATE NO ACTION`);
+
+        const users = await queryRunner.query(`SELECT "id" FROM "user" WHERE "isRoot" = true LIMIT 1`);
+        if (users.length > 0) {
+            await queryRunner.query(`UPDATE "meta" SET "rootUserId" = $1`, [users[0].id]);
+        }
+    }
+
+    async down(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "meta" DROP CONSTRAINT "FK_c80e4079d632f95eac06a9d28cc"`);
+        await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "rootUserId"`);
+    }
+}
--- a/packages/backend/migration/1740993126937-system-accounts-4.js
+++ b/packages/backend/migration/1740993126937-system-accounts-4.js
@@ -0,0 +1,17 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class SystemAccounts41740993126937 {
+    name = 'SystemAccounts41740993126937'
+
+    async up(queryRunner) {
+        await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "isRoot"`);
+    }
+
+    async down(queryRunner) {
+        // down 実行時は isRoot = true のユーザーが存在しなくなるため手動で対応する必要あり
+        await queryRunner.query(`ALTER TABLE "user" ADD "isRoot" boolean NOT NULL DEFAULT false`);
+    }
+}
--- a/packages/backend/migration/1741279404074-system-accounts-fixup.js
+++ b/packages/backend/migration/1741279404074-system-accounts-fixup.js
@@ -0,0 +1,26 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class SystemAccounts1741279404074 {
+    name = 'SystemAccounts1741279404074'
+
+    async up(queryRunner) {
+        const instanceActor = await queryRunner.query(`SELECT "id" FROM "user" WHERE "username" = 'instance.actor' AND "host" IS NULL AND "id" NOT IN (SELECT "userId" FROM "system_account" WHERE "type" = 'actor')`);
+        if (instanceActor.length > 0) {
+            console.warn('instance.actor was incorrect, updating...');
+            await queryRunner.query(`UPDATE "system_account" SET "id" = '${instanceActor[0].id}', "userId" = '${instanceActor[0].id}' WHERE "type" = 'actor'`);
+        }
+
+        const relayActor = await queryRunner.query(`SELECT "id" FROM "user" WHERE "username" = 'relay.actor' AND "host" IS NULL AND "id" NOT IN (SELECT "userId" FROM "system_account" WHERE "type" = 'relay')`);
+        if (relayActor.length > 0) {
+            console.warn('relay.actor was incorrect, updating...');
+            await queryRunner.query(`UPDATE "system_account" SET "id" = '${relayActor[0].id}', "userId" = '${relayActor[0].id}' WHERE "type" = 'relay'`);
+        }
+    }
+
+    async down(queryRunner) {
+        // fixup migration, no down migration
+    }
+}
--- a/packages/backend/migration/1741424411879-user-featured-fixup.js
+++ b/packages/backend/migration/1741424411879-user-featured-fixup.js
@@ -0,0 +1,26 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class UserFeaturedFixup1741424411879 {
+    name = 'UserFeaturedFixup1741424411879'
+
+    async up(queryRunner) {
+        await queryRunner.query(`CREATE OR REPLACE FUNCTION pg_temp.extract_ap_id(text) RETURNS text AS $$
+            SELECT
+                CASE
+                    WHEN $1 ~ '^https?://' THEN $1
+                    WHEN $1 LIKE '{%' THEN COALESCE(jsonb_extract_path_text($1::jsonb, 'id'), null)
+                    ELSE null
+                END;
+        $$ LANGUAGE sql IMMUTABLE;`);
+
+        // "host" is NOT NULL is not needed but just in case add it to prevent overwriting irreplaceable data
+        await queryRunner.query(`UPDATE "user" SET "featured" = pg_temp.extract_ap_id("featured") WHERE "host" IS NOT NULL`);
+    }
+
+    async down(queryRunner) {
+        // fixup migration, no down migration
+    }
+}
--- a/packages/backend/src/GlobalModule.ts
+++ b/packages/backend/src/GlobalModule.ts
@@ -133,7 +133,7 @@ const $meta: Provider = {
 						for (const key in body.after) {
 							(meta as any)[key] = (body.after as any)[key];
 						}
-						meta.proxyAccount = null; // joinなカラムは通常取ってこないので
+						meta.rootUser = null; // joinなカラムは通常取ってこないので
 						break;
 					}
 					default:
--- a/packages/backend/src/core/AbuseReportService.ts
+++ b/packages/backend/src/core/AbuseReportService.ts
@@ -10,9 +10,9 @@ import { bindThis } from '@/decorators.js';
 import type { AbuseUserReportsRepository, MiAbuseUserReport, MiUser, UsersRepository } from '@/models/_.js';
 import { AbuseReportNotificationService } from '@/core/AbuseReportNotificationService.js';
 import { QueueService } from '@/core/QueueService.js';
-import { InstanceActorService } from '@/core/InstanceActorService.js';
 import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
 import { ModerationLogService } from '@/core/ModerationLogService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';
 import { IdService } from './IdService.js';

@Injectable()
@@ -27,7 +27,7 @@ export class AbuseReportService {
 		private idService: IdService,
 		private abuseReportNotificationService: AbuseReportNotificationService,
 		private queueService: QueueService,
-		private instanceActorService: InstanceActorService,
+		private systemAccountService: SystemAccountService,
 		private apRendererService: ApRendererService,
 		private moderationLogService: ModerationLogService,
 	) {
@@ -136,7 +136,7 @@ export class AbuseReportService {
 			forwarded: true,
 		});

-		const actor = await this.instanceActorService.getInstanceActor();
+		const actor = await this.systemAccountService.fetch('actor');
 		const targetUser = await this.usersRepository.findOneByOrFail({ id: report.targetUserId });

 		const flag = this.apRendererService.renderFlag(actor, targetUser.uri!, report.comment);
--- a/packages/backend/src/core/AccountMoveService.ts
+++ b/packages/backend/src/core/AccountMoveService.ts
@@ -20,10 +20,10 @@ import { ApPersonService } from '@/core/activitypub/models/ApPersonService.js';
 import { ApDeliverManagerService } from '@/core/activitypub/ApDeliverManagerService.js';
 import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
-import { ProxyAccountService } from '@/core/ProxyAccountService.js';
 import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
 import InstanceChart from '@/core/chart/charts/instance.js';
 import PerUserFollowingChart from '@/core/chart/charts/per-user-following.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';

@Injectable()
 export class AccountMoveService {
@@ -55,12 +55,12 @@ export class AccountMoveService {
 		private apRendererService: ApRendererService,
 		private apDeliverManagerService: ApDeliverManagerService,
 		private globalEventService: GlobalEventService,
-		private proxyAccountService: ProxyAccountService,
 		private perUserFollowingChart: PerUserFollowingChart,
 		private federatedInstanceService: FederatedInstanceService,
 		private instanceChart: InstanceChart,
 		private relayService: RelayService,
 		private queueService: QueueService,
+		private systemAccountService: SystemAccountService,
 	) {
 	}

@@ -126,11 +126,11 @@ export class AccountMoveService {
 		}

 		// follow the new account
-		const proxy = await this.proxyAccountService.fetch();
+		const proxy = await this.systemAccountService.fetch('proxy');
 		const followings = await this.followingsRepository.findBy({
 			followeeId: src.id,
 			followerHost: IsNull(), // follower is local
-			followerId: proxy ? Not(proxy.id) : undefined,
+			followerId: Not(proxy.id),
 		});
 		const followJobs = followings.map(following => ({
 			from: { id: following.followerId },
@@ -250,10 +250,8 @@ export class AccountMoveService {

 		// Have the proxy account follow the new account in the same way as UserListService.push
 		if (this.userEntityService.isRemoteUser(dst)) {
-			const proxy = await this.proxyAccountService.fetch();
-			if (proxy) {
-				this.queueService.createFollowJob([{ from: { id: proxy.id }, to: { id: dst.id } }]);
-			}
+			const proxy = await this.systemAccountService.fetch('proxy');
+			this.queueService.createFollowJob([{ from: { id: proxy.id }, to: { id: dst.id } }]);
 		}
 	}

--- a/packages/backend/src/core/CoreModule.ts
+++ b/packages/backend/src/core/CoreModule.ts
@@ -24,7 +24,6 @@ import { AppLockService } from './AppLockService.js';
 import { AchievementService } from './AchievementService.js';
 import { AvatarDecorationService } from './AvatarDecorationService.js';
 import { CaptchaService } from './CaptchaService.js';
-import { CreateSystemUserService } from './CreateSystemUserService.js';
 import { CustomEmojiService } from './CustomEmojiService.js';
 import { DeleteAccountService } from './DeleteAccountService.js';
 import { DownloadService } from './DownloadService.js';
@@ -37,7 +36,7 @@ import { HashtagService } from './HashtagService.js';
 import { HttpRequestService } from './HttpRequestService.js';
 import { IdService } from './IdService.js';
 import { ImageProcessingService } from './ImageProcessingService.js';
-import { InstanceActorService } from './InstanceActorService.js';
+import { SystemAccountService } from './SystemAccountService.js';
 import { InternalStorageService } from './InternalStorageService.js';
 import { MetaService } from './MetaService.js';
 import { MfmService } from './MfmService.js';
@@ -69,7 +68,6 @@ import { UserSuspendService } from './UserSuspendService.js';
 import { UserAuthService } from './UserAuthService.js';
 import { VideoProcessingService } from './VideoProcessingService.js';
 import { UserWebhookService } from './UserWebhookService.js';
-import { ProxyAccountService } from './ProxyAccountService.js';
 import { UtilityService } from './UtilityService.js';
 import { FileInfoService } from './FileInfoService.js';
 import { SearchService } from './SearchService.js';
@@ -167,7 +165,6 @@ const $AppLockService: Provider = { provide: 'AppLockService', useExisting: AppL
 const $AchievementService: Provider = { provide: 'AchievementService', useExisting: AchievementService };
 const $AvatarDecorationService: Provider = { provide: 'AvatarDecorationService', useExisting: AvatarDecorationService };
 const $CaptchaService: Provider = { provide: 'CaptchaService', useExisting: CaptchaService };
-const $CreateSystemUserService: Provider = { provide: 'CreateSystemUserService', useExisting: CreateSystemUserService };
 const $CustomEmojiService: Provider = { provide: 'CustomEmojiService', useExisting: CustomEmojiService };
 const $DeleteAccountService: Provider = { provide: 'DeleteAccountService', useExisting: DeleteAccountService };
 const $DownloadService: Provider = { provide: 'DownloadService', useExisting: DownloadService };
@@ -180,7 +177,6 @@ const $HashtagService: Provider = { provide: 'HashtagService', useExisting: Hash
 const $HttpRequestService: Provider = { provide: 'HttpRequestService', useExisting: HttpRequestService };
 const $IdService: Provider = { provide: 'IdService', useExisting: IdService };
 const $ImageProcessingService: Provider = { provide: 'ImageProcessingService', useExisting: ImageProcessingService };
-const $InstanceActorService: Provider = { provide: 'InstanceActorService', useExisting: InstanceActorService };
 const $InternalStorageService: Provider = { provide: 'InternalStorageService', useExisting: InternalStorageService };
 const $MetaService: Provider = { provide: 'MetaService', useExisting: MetaService };
 const $MfmService: Provider = { provide: 'MfmService', useExisting: MfmService };
@@ -191,7 +187,7 @@ const $NotePiningService: Provider = { provide: 'NotePiningService', useExisting
 const $NoteReadService: Provider = { provide: 'NoteReadService', useExisting: NoteReadService };
 const $NotificationService: Provider = { provide: 'NotificationService', useExisting: NotificationService };
 const $PollService: Provider = { provide: 'PollService', useExisting: PollService };
-const $ProxyAccountService: Provider = { provide: 'ProxyAccountService', useExisting: ProxyAccountService };
+const $SystemAccountService: Provider = { provide: 'SystemAccountService', useExisting: SystemAccountService };
 const $PushNotificationService: Provider = { provide: 'PushNotificationService', useExisting: PushNotificationService };
 const $QueryService: Provider = { provide: 'QueryService', useExisting: QueryService };
 const $ReactionService: Provider = { provide: 'ReactionService', useExisting: ReactionService };
@@ -318,7 +314,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		AchievementService,
 		AvatarDecorationService,
 		CaptchaService,
-		CreateSystemUserService,
 		CustomEmojiService,
 		DeleteAccountService,
 		DownloadService,
@@ -331,7 +326,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		HttpRequestService,
 		IdService,
 		ImageProcessingService,
-		InstanceActorService,
 		InternalStorageService,
 		MetaService,
 		MfmService,
@@ -342,7 +336,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		NoteReadService,
 		NotificationService,
 		PollService,
-		ProxyAccountService,
+		SystemAccountService,
 		PushNotificationService,
 		QueryService,
 		ReactionService,
@@ -465,7 +459,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$AchievementService,
 		$AvatarDecorationService,
 		$CaptchaService,
-		$CreateSystemUserService,
 		$CustomEmojiService,
 		$DeleteAccountService,
 		$DownloadService,
@@ -478,7 +471,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$HttpRequestService,
 		$IdService,
 		$ImageProcessingService,
-		$InstanceActorService,
 		$InternalStorageService,
 		$MetaService,
 		$MfmService,
@@ -489,7 +481,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$NoteReadService,
 		$NotificationService,
 		$PollService,
-		$ProxyAccountService,
+		$SystemAccountService,
 		$PushNotificationService,
 		$QueryService,
 		$ReactionService,
@@ -613,7 +605,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		AchievementService,
 		AvatarDecorationService,
 		CaptchaService,
-		CreateSystemUserService,
 		CustomEmojiService,
 		DeleteAccountService,
 		DownloadService,
@@ -626,7 +617,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		HttpRequestService,
 		IdService,
 		ImageProcessingService,
-		InstanceActorService,
 		InternalStorageService,
 		MetaService,
 		MfmService,
@@ -637,7 +627,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		NoteReadService,
 		NotificationService,
 		PollService,
-		ProxyAccountService,
+		SystemAccountService,
 		PushNotificationService,
 		QueryService,
 		ReactionService,
@@ -759,7 +749,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$AchievementService,
 		$AvatarDecorationService,
 		$CaptchaService,
-		$CreateSystemUserService,
 		$CustomEmojiService,
 		$DeleteAccountService,
 		$DownloadService,
@@ -772,7 +761,6 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$HttpRequestService,
 		$IdService,
 		$ImageProcessingService,
-		$InstanceActorService,
 		$InternalStorageService,
 		$MetaService,
 		$MfmService,
@@ -783,7 +771,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$NoteReadService,
 		$NotificationService,
 		$PollService,
-		$ProxyAccountService,
+		$SystemAccountService,
 		$PushNotificationService,
 		$QueryService,
 		$ReactionService,
--- a/packages/backend/src/core/CreateSystemUserService.ts
+++ b/packages/backend/src/core/CreateSystemUserService.ts
@@ -1,86 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and misskey-project
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-import { randomUUID } from 'node:crypto';
-import { Inject, Injectable } from '@nestjs/common';
-import bcrypt from 'bcryptjs';
-import { IsNull, DataSource } from 'typeorm';
-import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
-import { MiUser } from '@/models/User.js';
-import { MiUserProfile } from '@/models/UserProfile.js';
-import { IdService } from '@/core/IdService.js';
-import { MiUserKeypair } from '@/models/UserKeypair.js';
-import { MiUsedUsername } from '@/models/UsedUsername.js';
-import { DI } from '@/di-symbols.js';
-import generateNativeUserToken from '@/misc/generate-native-user-token.js';
-import { bindThis } from '@/decorators.js';
-
-@Injectable()
-export class CreateSystemUserService {
-	constructor(
-		@Inject(DI.db)
-		private db: DataSource,
-
-		private idService: IdService,
-	) {
-	}
-
-	@bindThis
-	public async createSystemUser(username: string): Promise<MiUser> {
-		const password = randomUUID();
-
-		// Generate hash of password
-		const salt = await bcrypt.genSalt(8);
-		const hash = await bcrypt.hash(password, salt);
-
-		// Generate secret
-		const secret = generateNativeUserToken();
-
-		const keyPair = await genRsaKeyPair();
-
-		let account!: MiUser;
-
-		// Start transaction
-		await this.db.transaction(async transactionalEntityManager => {
-			const exist = await transactionalEntityManager.findOneBy(MiUser, {
-				usernameLower: username.toLowerCase(),
-				host: IsNull(),
-			});
-
-			if (exist) throw new Error('the user is already exists');
-
-			account = await transactionalEntityManager.insert(MiUser, {
-				id: this.idService.gen(),
-				username: username,
-				usernameLower: username.toLowerCase(),
-				host: null,
-				token: secret,
-				isRoot: false,
-				isLocked: true,
-				isExplorable: false,
-				isBot: true,
-			}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));
-
-			await transactionalEntityManager.insert(MiUserKeypair, {
-				publicKey: keyPair.publicKey,
-				privateKey: keyPair.privateKey,
-				userId: account.id,
-			});
-
-			await transactionalEntityManager.insert(MiUserProfile, {
-				userId: account.id,
-				autoAcceptFollowed: false,
-				password: hash,
-			});
-
-			await transactionalEntityManager.insert(MiUsedUsername, {
-				createdAt: new Date(),
-				username: username.toLowerCase(),
-			});
-		});
-
-		return account;
-	}
-}
--- a/packages/backend/src/core/DeleteAccountService.ts
+++ b/packages/backend/src/core/DeleteAccountService.ts
@@ -5,7 +5,7 @@

 import { Inject, Injectable } from '@nestjs/common';
 import { Not, IsNull } from 'typeorm';
-import type { FollowingsRepository, MiUser, UsersRepository } from '@/models/_.js';
+import type { FollowingsRepository, MiMeta, MiUser, UsersRepository } from '@/models/_.js';
 import { QueueService } from '@/core/QueueService.js';
 import { DI } from '@/di-symbols.js';
 import { bindThis } from '@/decorators.js';
@@ -13,10 +13,14 @@ import { GlobalEventService } from '@/core/GlobalEventService.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
 import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
 import { ModerationLogService } from '@/core/ModerationLogService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';

@Injectable()
 export class DeleteAccountService {
 	constructor(
+		@Inject(DI.meta)
+		private meta: MiMeta,
+
 		@Inject(DI.usersRepository)
 		private usersRepository: UsersRepository,

@@ -28,6 +32,7 @@ export class DeleteAccountService {
 		private queueService: QueueService,
 		private globalEventService: GlobalEventService,
 		private moderationLogService: ModerationLogService,
+		private systemAccountService: SystemAccountService,
 	) {
 	}

@@ -36,8 +41,13 @@ export class DeleteAccountService {
 		id: string;
 		host: string | null;
 	}, moderator?: MiUser): Promise<void> {
+		if (this.meta.rootUserId === user.id) throw new Error('cannot delete a root account');
+
 		const _user = await this.usersRepository.findOneByOrFail({ id: user.id });
-		if (_user.isRoot) throw new Error('cannot delete a root account');
+
+		if (user.host === null && _user.username.includes('.')) {
+			throw new Error('cannot delete a system account');
+		}

 		if (moderator != null) {
 			this.moderationLogService.log(moderator, 'deleteAccount', {
--- a/packages/backend/src/core/FileInfoService.ts
+++ b/packages/backend/src/core/FileInfoService.ts
@@ -268,7 +268,6 @@ export class FileInfoService {
 	private async *asyncIterateFrames(cwd: string, command: FFmpeg.FfmpegCommand): AsyncGenerator<string, void> {
 		const watcher = new FSWatcher({
 			cwd,
-			disableGlobbing: true,
 		});
 		let finished = false;
 		command.once('end', () => {
--- a/packages/backend/src/core/HttpRequestService.ts
+++ b/packages/backend/src/core/HttpRequestService.ts
@@ -16,7 +16,7 @@ import type { Config } from '@/config.js';
 import { StatusError } from '@/misc/status-error.js';
 import { bindThis } from '@/decorators.js';
 import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
-import { assertActivityMatchesUrls, FetchAllowSoftFailMask } from '@/core/activitypub/misc/check-against-url.js';
+import { assertActivityMatchesUrl, FetchAllowSoftFailMask } from '@/core/activitypub/misc/check-against-url.js';
 import type { IObject } from '@/core/activitypub/type.js';
 import type { Response } from 'node-fetch';
 import type { URL } from 'node:url';
@@ -265,7 +265,7 @@ export class HttpRequestService {
 		const finalUrl = res.url; // redirects may have been involved
 		const activity = await res.json() as IObject;

-		assertActivityMatchesUrls(url, activity, [finalUrl], allowSoftfail);
+		assertActivityMatchesUrl(url, activity, finalUrl, allowSoftfail);

 		return activity;
 	}
--- a/packages/backend/src/core/InstanceActorService.ts
+++ b/packages/backend/src/core/InstanceActorService.ts
@@ -1,57 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and misskey-project
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-import { Inject, Injectable } from '@nestjs/common';
-import { IsNull, Not } from 'typeorm';
-import type { MiLocalUser } from '@/models/User.js';
-import type { UsersRepository } from '@/models/_.js';
-import { MemorySingleCache } from '@/misc/cache.js';
-import { DI } from '@/di-symbols.js';
-import { CreateSystemUserService } from '@/core/CreateSystemUserService.js';
-import { bindThis } from '@/decorators.js';
-
-const ACTOR_USERNAME = 'instance.actor' as const;
-
-@Injectable()
-export class InstanceActorService {
-	private cache: MemorySingleCache<MiLocalUser>;
-
-	constructor(
-		@Inject(DI.usersRepository)
-		private usersRepository: UsersRepository,
-
-		private createSystemUserService: CreateSystemUserService,
-	) {
-		this.cache = new MemorySingleCache<MiLocalUser>(Infinity);
-	}
-
-	@bindThis
-	public async realLocalUsersPresent(): Promise<boolean> {
-		return await this.usersRepository.existsBy({
-			host: IsNull(),
-			username: Not(ACTOR_USERNAME),
-		});
-	}
-
-	@bindThis
-	public async getInstanceActor(): Promise<MiLocalUser> {
-		const cached = this.cache.get();
-		if (cached) return cached;
-
-		const user = await this.usersRepository.findOneBy({
-			host: IsNull(),
-			username: ACTOR_USERNAME,
-		}) as MiLocalUser | undefined;
-
-		if (user) {
-			this.cache.set(user);
-			return user;
-		} else {
-			const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME) as MiLocalUser;
-			this.cache.set(created);
-			return created;
-		}
-	}
-}
--- a/packages/backend/src/core/MetaService.ts
+++ b/packages/backend/src/core/MetaService.ts
@@ -53,7 +53,7 @@ export class MetaService implements OnApplicationShutdown {
 				case 'metaUpdated': {
 					this.cache = { // TODO: このあたりのデシリアライズ処理は各modelファイル内に関数としてexportしたい
 						...(body.after),
-						proxyAccount: null, // joinなカラムは通常取ってこないので
+						rootUser: null, // joinなカラムは通常取ってこないので
 					};
 					break;
 				}
@@ -113,17 +113,20 @@ export class MetaService implements OnApplicationShutdown {

 			if (before) {
 				await transactionalEntityManager.update(MiMeta, before.id, data);
-
-				const metas = await transactionalEntityManager.find(MiMeta, {
-					order: {
-						id: 'DESC',
-					},
-				});
-
-				return metas[0];
 			} else {
-				return await transactionalEntityManager.save(MiMeta, data);
+				await transactionalEntityManager.save(MiMeta, {
+					...data,
+					id: 'x',
+				});
 			}
+
+			const afters = await transactionalEntityManager.find(MiMeta, {
+				order: {
+					id: 'DESC',
+				},
+			});
+
+			return afters[0];
 		});

 		if (data.hiddenTags) {
--- a/packages/backend/src/core/ProxyAccountService.ts
+++ b/packages/backend/src/core/ProxyAccountService.ts
@@ -1,28 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and misskey-project
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-import { Inject, Injectable } from '@nestjs/common';
-import type { MiMeta, UsersRepository } from '@/models/_.js';
-import type { MiLocalUser } from '@/models/User.js';
-import { DI } from '@/di-symbols.js';
-import { bindThis } from '@/decorators.js';
-
-@Injectable()
-export class ProxyAccountService {
-	constructor(
-		@Inject(DI.meta)
-		private meta: MiMeta,
-
-		@Inject(DI.usersRepository)
-		private usersRepository: UsersRepository,
-	) {
-	}
-
-	@bindThis
-	public async fetch(): Promise<MiLocalUser | null> {
-		if (this.meta.proxyAccountId == null) return null;
-		return await this.usersRepository.findOneByOrFail({ id: this.meta.proxyAccountId }) as MiLocalUser;
-	}
-}
--- a/packages/backend/src/core/RelayService.ts
+++ b/packages/backend/src/core/RelayService.ts
@@ -4,53 +4,34 @@
 */

 import { Inject, Injectable } from '@nestjs/common';
-import { IsNull } from 'typeorm';
-import type { MiLocalUser, MiUser } from '@/models/User.js';
-import type { RelaysRepository, UsersRepository } from '@/models/_.js';
+import type { MiUser } from '@/models/User.js';
+import type { RelaysRepository } from '@/models/_.js';
 import { IdService } from '@/core/IdService.js';
 import { MemorySingleCache } from '@/misc/cache.js';
 import type { MiRelay } from '@/models/Relay.js';
 import { QueueService } from '@/core/QueueService.js';
-import { CreateSystemUserService } from '@/core/CreateSystemUserService.js';
 import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
 import { DI } from '@/di-symbols.js';
 import { deepClone } from '@/misc/clone.js';
 import { bindThis } from '@/decorators.js';
-
-const ACTOR_USERNAME = 'relay.actor' as const;
+import { SystemAccountService } from '@/core/SystemAccountService.js';

@Injectable()
 export class RelayService {
 	private relaysCache: MemorySingleCache<MiRelay[]>;

 	constructor(
-		@Inject(DI.usersRepository)
-		private usersRepository: UsersRepository,
-
 		@Inject(DI.relaysRepository)
 		private relaysRepository: RelaysRepository,

 		private idService: IdService,
 		private queueService: QueueService,
-		private createSystemUserService: CreateSystemUserService,
+		private systemAccountService: SystemAccountService,
 		private apRendererService: ApRendererService,
 	) {
 		this.relaysCache = new MemorySingleCache<MiRelay[]>(1000 * 60 * 10); // 10m
 	}

-	@bindThis
-	private async getRelayActor(): Promise<MiLocalUser> {
-		const user = await this.usersRepository.findOneBy({
-			host: IsNull(),
-			username: ACTOR_USERNAME,
-		});
-
-		if (user) return user as MiLocalUser;
-
-		const created = await this.createSystemUserService.createSystemUser(ACTOR_USERNAME);
-		return created as MiLocalUser;
-	}
-
 	@bindThis
 	public async addRelay(inbox: string): Promise<MiRelay> {
 		const relay = await this.relaysRepository.insertOne({
@@ -59,8 +40,8 @@ export class RelayService {
 			status: 'requesting',
 		});

-		const relayActor = await this.getRelayActor();
-		const follow = await this.apRendererService.renderFollowRelay(relay, relayActor);
+		const relayActor = await this.systemAccountService.fetch('relay');
+		const follow = this.apRendererService.renderFollowRelay(relay, relayActor);
 		const activity = this.apRendererService.addContext(follow);
 		this.queueService.deliver(relayActor, activity, relay.inbox, false);

@@ -77,7 +58,7 @@ export class RelayService {
 			throw new Error('relay not found');
 		}

-		const relayActor = await this.getRelayActor();
+		const relayActor = await this.systemAccountService.fetch('relay');
 		const follow = this.apRendererService.renderFollowRelay(relay, relayActor);
 		const undo = this.apRendererService.renderUndo(follow, relayActor);
 		const activity = this.apRendererService.addContext(undo);
--- a/packages/backend/src/core/RoleService.ts
+++ b/packages/backend/src/core/RoleService.ts
@@ -101,7 +101,6 @@ export const DEFAULT_POLICIES: RolePolicies = {

@Injectable()
 export class RoleService implements OnApplicationShutdown, OnModuleInit {
-	private rootUserIdCache: MemorySingleCache<MiUser['id']>;
 	private rolesCache: MemorySingleCache<MiRole[]>;
 	private roleAssignmentByUserIdCache: MemoryKVCache<MiRoleAssignment[]>;
 	private notificationService: NotificationService;
@@ -137,7 +136,6 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
 		private moderationLogService: ModerationLogService,
 		private fanoutTimelineService: FanoutTimelineService,
 	) {
-		this.rootUserIdCache = new MemorySingleCache<MiUser['id']>(1000 * 60 * 60 * 24 * 7); // 1week. rootユーザのIDは不変なので長めに
 		this.rolesCache = new MemorySingleCache<MiRole[]>(1000 * 60 * 60); // 1h
 		this.roleAssignmentByUserIdCache = new MemoryKVCache<MiRoleAssignment[]>(1000 * 60 * 5); // 5m

@@ -406,15 +404,15 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
 	}

 	@bindThis
-	public async isModerator(user: { id: MiUser['id']; isRoot: MiUser['isRoot'] } | null): Promise<boolean> {
+	public async isModerator(user: { id: MiUser['id'] } | null): Promise<boolean> {
 		if (user == null) return false;
-		return user.isRoot || (await this.getUserRoles(user.id)).some(r => r.isModerator || r.isAdministrator);
+		return (this.meta.rootUserId === user.id) || (await this.getUserRoles(user.id)).some(r => r.isModerator || r.isAdministrator);
 	}

 	@bindThis
-	public async isAdministrator(user: { id: MiUser['id']; isRoot: MiUser['isRoot'] } | null): Promise<boolean> {
+	public async isAdministrator(user: { id: MiUser['id'] } | null): Promise<boolean> {
 		if (user == null) return false;
-		return user.isRoot || (await this.getUserRoles(user.id)).some(r => r.isAdministrator);
+		return (this.meta.rootUserId === user.id) || (await this.getUserRoles(user.id)).some(r => r.isAdministrator);
 	}

 	@bindThis
@@ -463,16 +461,8 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
 				.map(a => a.userId),
 		);

-		if (includeRoot) {
-			const rootUserId = await this.rootUserIdCache.fetch(async () => {
-				const it = await this.usersRepository.createQueryBuilder('users')
-					.select('id')
-					.where({ isRoot: true })
-					.getRawOne<{ id: string }>();
-				// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-				return it!.id;
-			});
-			resultSet.add(rootUserId);
+		if (includeRoot && this.meta.rootUserId) {
+			resultSet.add(this.meta.rootUserId);
 		}

 		return [...resultSet].sort((x, y) => x.localeCompare(y));
--- a/packages/backend/src/core/S3Service.ts
+++ b/packages/backend/src/core/S3Service.ts
@@ -46,6 +46,8 @@ export class S3Service {
 			tls: meta.objectStorageUseSSL,
 			forcePathStyle: meta.objectStorageEndpoint ? meta.objectStorageS3ForcePathStyle : false, // AWS with endPoint omitted
 			requestHandler: new NodeHttpHandler(handlerOption),
+			requestChecksumCalculation: 'WHEN_REQUIRED',
+			responseChecksumValidation: 'WHEN_REQUIRED',
 		});
 	}

--- a/packages/backend/src/core/SignupService.ts
+++ b/packages/backend/src/core/SignupService.ts
@@ -14,13 +14,14 @@ import { MiUserProfile } from '@/models/UserProfile.js';
 import { IdService } from '@/core/IdService.js';
 import { MiUserKeypair } from '@/models/UserKeypair.js';
 import { MiUsedUsername } from '@/models/UsedUsername.js';
-import generateUserToken from '@/misc/generate-native-user-token.js';
+import { generateNativeUserToken } from '@/misc/token.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
-import { InstanceActorService } from '@/core/InstanceActorService.js';
 import { bindThis } from '@/decorators.js';
 import UsersChart from '@/core/chart/charts/users.js';
 import { UtilityService } from '@/core/UtilityService.js';
 import { UserService } from '@/core/UserService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';
+import { MetaService } from '@/core/MetaService.js';

@Injectable()
 export class SignupService {
@@ -41,7 +42,8 @@ export class SignupService {
 		private userService: UserService,
 		private userEntityService: UserEntityService,
 		private idService: IdService,
-		private instanceActorService: InstanceActorService,
+		private systemAccountService: SystemAccountService,
+		private metaService: MetaService,
 		private usersChart: UsersChart,
 	) {
 	}
@@ -74,7 +76,7 @@ export class SignupService {
 		}

 		// Generate secret
-		const secret = generateUserToken();
+		const secret = generateNativeUserToken();

 		// Check username duplication
 		if (await this.usersRepository.exists({ where: { usernameLower: username.toLowerCase(), host: IsNull() } })) {
@@ -86,9 +88,7 @@ export class SignupService {
 			throw new Error('USED_USERNAME');
 		}

-		const isTheFirstUser = !await this.instanceActorService.realLocalUsersPresent();
-
-		if (!opts.ignorePreservedUsernames && !isTheFirstUser) {
+		if (!opts.ignorePreservedUsernames && this.meta.rootUserId != null) {
 			const isPreserved = this.meta.preservedUsernames.map(x => x.toLowerCase()).includes(username.toLowerCase());
 			if (isPreserved) {
 				throw new Error('USED_USERNAME');
@@ -129,7 +129,6 @@ export class SignupService {
 				usernameLower: username.toLowerCase(),
 				host: this.utilityService.toPunyNullable(host),
 				token: secret,
-				isRoot: isTheFirstUser,
 			}));

 			await transactionalEntityManager.save(new MiUserKeypair({
@@ -153,6 +152,10 @@ export class SignupService {
 		this.usersChart.update(account, true);
 		this.userService.notifySystemWebhook(account, 'userCreated');

+		if (this.meta.rootUserId == null) {
+			await this.metaService.update({ rootUserId: account.id });
+		}
+
 		return { account, secret };
 	}
 }
--- a/packages/backend/src/core/SystemAccountService.ts
+++ b/packages/backend/src/core/SystemAccountService.ts
@@ -0,0 +1,172 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+import { randomUUID } from 'node:crypto';
+import { Inject, Injectable } from '@nestjs/common';
+import { DataSource, IsNull } from 'typeorm';
+import bcrypt from 'bcryptjs';
+import { MiLocalUser, MiUser } from '@/models/User.js';
+import { MiSystemAccount, MiUsedUsername, MiUserKeypair, MiUserProfile, type UsersRepository, type SystemAccountsRepository } from '@/models/_.js';
+import type { MiMeta, UserProfilesRepository } from '@/models/_.js';
+import { MemoryKVCache } from '@/misc/cache.js';
+import { DI } from '@/di-symbols.js';
+import { bindThis } from '@/decorators.js';
+import { generateNativeUserToken } from '@/misc/token.js';
+import { IdService } from '@/core/IdService.js';
+import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
+
+export const SYSTEM_ACCOUNT_TYPES = ['actor', 'relay', 'proxy'] as const;
+
+@Injectable()
+export class SystemAccountService {
+	private cache: MemoryKVCache<MiLocalUser>;
+
+	constructor(
+		@Inject(DI.db)
+		private db: DataSource,
+
+		@Inject(DI.meta)
+		private meta: MiMeta,
+
+		@Inject(DI.systemAccountsRepository)
+		private systemAccountsRepository: SystemAccountsRepository,
+
+		@Inject(DI.usersRepository)
+		private usersRepository: UsersRepository,
+
+		@Inject(DI.userProfilesRepository)
+		private userProfilesRepository: UserProfilesRepository,
+
+		private idService: IdService,
+	) {
+		this.cache = new MemoryKVCache<MiLocalUser>(1000 * 60 * 10); // 10m
+	}
+
+	@bindThis
+	public async list(): Promise<MiSystemAccount[]> {
+		const accounts = await this.systemAccountsRepository.findBy({});
+
+		return accounts;
+	}
+
+	@bindThis
+	public async fetch(type: typeof SYSTEM_ACCOUNT_TYPES[number]): Promise<MiLocalUser> {
+		const cached = this.cache.get(type);
+		if (cached) return cached;
+
+		const systemAccount = await this.systemAccountsRepository.findOne({
+			where: { type: type },
+			relations: ['user'],
+		});
+
+		if (systemAccount) {
+			this.cache.set(type, systemAccount.user as MiLocalUser);
+			return systemAccount.user as MiLocalUser;
+		} else {
+			const created = await this.createCorrespondingUser(type, {
+				username: `system.${type}`, // NOTE: (できれば避けたいが) . が含まれるかどうかでシステムアカウントかどうかを判定している処理もあるので変えないように
+				name: this.meta.name,
+			});
+			this.cache.set(type, created);
+			return created;
+		}
+	}
+
+	@bindThis
+	private async createCorrespondingUser(type: typeof SYSTEM_ACCOUNT_TYPES[number], extra: {
+		username: MiUser['username'];
+		name?: MiUser['name'];
+	}): Promise<MiLocalUser> {
+		const password = randomUUID();
+
+		// Generate hash of password
+		const salt = await bcrypt.genSalt(8);
+		const hash = await bcrypt.hash(password, salt);
+
+		// Generate secret
+		const secret = generateNativeUserToken();
+
+		const keyPair = await genRsaKeyPair();
+
+		let account!: MiUser;
+
+		// Start transaction
+		await this.db.transaction(async transactionalEntityManager => {
+			const exist = await transactionalEntityManager.findOneBy(MiUser, {
+				usernameLower: extra.username.toLowerCase(),
+				host: IsNull(),
+			});
+
+			if (exist) {
+				account = exist;
+				return;
+			}
+
+			account = await transactionalEntityManager.insert(MiUser, {
+				id: this.idService.gen(),
+				username: extra.username,
+				usernameLower: extra.username.toLowerCase(),
+				host: null,
+				token: secret,
+				isLocked: true,
+				isExplorable: false,
+				isBot: true,
+				name: extra.name,
+			}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));
+
+			await transactionalEntityManager.insert(MiUserKeypair, {
+				publicKey: keyPair.publicKey,
+				privateKey: keyPair.privateKey,
+				userId: account.id,
+			});
+
+			await transactionalEntityManager.insert(MiUserProfile, {
+				userId: account.id,
+				autoAcceptFollowed: false,
+				password: hash,
+			});
+
+			await transactionalEntityManager.insert(MiUsedUsername, {
+				createdAt: new Date(),
+				username: extra.username.toLowerCase(),
+			});
+
+			await transactionalEntityManager.insert(MiSystemAccount, {
+				id: this.idService.gen(),
+				userId: account.id,
+				type: type,
+			});
+		});
+
+		return account as MiLocalUser;
+	}
+
+	@bindThis
+	public async updateCorrespondingUserProfile(type: typeof SYSTEM_ACCOUNT_TYPES[number], extra: {
+		name?: string;
+		description?: MiUserProfile['description'];
+	}): Promise<MiLocalUser> {
+		const user = await this.fetch(type);
+
+		const updates = {} as Partial<MiUser>;
+		if (extra.name !== undefined) updates.name = extra.name;
+
+		if (Object.keys(updates).length > 0) {
+			await this.usersRepository.update(user.id, updates);
+		}
+
+		const profileUpdates = {} as Partial<MiUserProfile>;
+		if (extra.description !== undefined) profileUpdates.description = extra.description;
+
+		if (Object.keys(profileUpdates).length > 0) {
+			await this.userProfilesRepository.update(user.id, profileUpdates);
+		}
+
+		const updated = await this.usersRepository.findOneByOrFail({ id: user.id }) as MiLocalUser;
+		this.cache.set(type, updated);
+
+		return updated;
+	}
+}
--- a/packages/backend/src/core/UserListService.ts
+++ b/packages/backend/src/core/UserListService.ts
@@ -15,11 +15,11 @@ import type { GlobalEvents } from '@/core/GlobalEventService.js';
 import { GlobalEventService } from '@/core/GlobalEventService.js';
 import { DI } from '@/di-symbols.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
-import { ProxyAccountService } from '@/core/ProxyAccountService.js';
 import { bindThis } from '@/decorators.js';
 import { QueueService } from '@/core/QueueService.js';
 import { RedisKVCache } from '@/misc/cache.js';
 import { RoleService } from '@/core/RoleService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';

@Injectable()
 export class UserListService implements OnApplicationShutdown, OnModuleInit {
@@ -43,8 +43,8 @@ export class UserListService implements OnApplicationShutdown, OnModuleInit {
 		private userEntityService: UserEntityService,
 		private idService: IdService,
 		private globalEventService: GlobalEventService,
-		private proxyAccountService: ProxyAccountService,
 		private queueService: QueueService,
+		private systemAccountService: SystemAccountService,
 	) {
 		this.membersCache = new RedisKVCache<Set<string>>(this.redisClient, 'userListMembers', {
 			lifetime: 1000 * 60 * 30, // 30m
@@ -111,10 +111,8 @@ export class UserListService implements OnApplicationShutdown, OnModuleInit {

 		// このインスタンス内にこのリモートユーザーをフォローしているユーザーがいなくても投稿を受け取るためにダミーのユーザーがフォローしたということにする
 		if (this.userEntityService.isRemoteUser(target)) {
-			const proxy = await this.proxyAccountService.fetch();
-			if (proxy) {
-				this.queueService.createFollowJob([{ from: { id: proxy.id }, to: { id: target.id } }]);
-			}
+			const proxy = await this.systemAccountService.fetch('proxy');
+			this.queueService.createFollowJob([{ from: { id: proxy.id }, to: { id: target.id } }]);
 		}
 	}

--- a/packages/backend/src/core/WebhookTestService.ts
+++ b/packages/backend/src/core/WebhookTestService.ts
@@ -73,7 +73,6 @@ function generateDummyUser(override?: Partial<MiUser>): MiUser {
 		isLocked: false,
 		isBot: false,
 		isCat: true,
-		isRoot: false,
 		isExplorable: true,
 		isHibernated: false,
 		isDeleted: false,
--- a/packages/backend/src/core/activitypub/ApInboxService.ts
+++ b/packages/backend/src/core/activitypub/ApInboxService.ts
@@ -507,19 +507,12 @@ export class ApInboxService {
 			return `skip: delete actor ${actor.uri} !== ${uri}`;
 		}

-		const user = await this.usersRepository.findOneBy({ id: actor.id });
-		if (user == null) {
-			return 'skip: actor not found';
-		} else if (user.isDeleted) {
-			return 'skip: already deleted';
+		if (!(await this.usersRepository.update({ id: actor.id, isDeleted: false }, { isDeleted: true })).affected) {
+			return 'skip: already deleted or actor not found';
 		}

 		const job = await this.queueService.createDeleteAccountJob(actor);

-		await this.usersRepository.update(actor.id, {
-			isDeleted: true,
-		});
-
 		this.globalEventService.publishInternalEvent('remoteUserUpdated', { id: actor.id });

 		return `ok: queued ${job.name} ${job.id}`;
--- a/packages/backend/src/core/activitypub/ApRendererService.ts
+++ b/packages/backend/src/core/activitypub/ApRendererService.ts
@@ -23,7 +23,7 @@ import { MfmService } from '@/core/MfmService.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
 import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
 import type { MiUserKeypair } from '@/models/UserKeypair.js';
-import type { UsersRepository, UserProfilesRepository, NotesRepository, DriveFilesRepository, PollsRepository } from '@/models/_.js';
+import type { UsersRepository, UserProfilesRepository, NotesRepository, DriveFilesRepository, PollsRepository, MiMeta } from '@/models/_.js';
 import { bindThis } from '@/decorators.js';
 import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 import { IdService } from '@/core/IdService.js';
@@ -39,6 +39,9 @@ export class ApRendererService {
 		@Inject(DI.config)
 		private config: Config,

+		@Inject(DI.meta)
+		private meta: MiMeta,
+
 		@Inject(DI.usersRepository)
 		private usersRepository: UsersRepository,

@@ -186,7 +189,7 @@ export class ApRendererService {
 				url: emoji.publicUrl || emoji.originalUrl,
 			},
 			_misskey_license: {
-				freeText: emoji.license
+				freeText: emoji.license,
 			},
 		};
 	}
@@ -255,6 +258,38 @@ export class ApRendererService {
 		};
 	}

+	@bindThis
+	public renderIdenticon(user: MiLocalUser): IApImage {
+		return {
+			type: 'Image',
+			url: this.userEntityService.getIdenticonUrl(user),
+			sensitive: false,
+			name: null,
+		};
+	}
+
+	@bindThis
+	public renderSystemAvatar(user: MiLocalUser): IApImage {
+		if (this.meta.iconUrl == null) return this.renderIdenticon(user);
+		return {
+			type: 'Image',
+			url: this.meta.iconUrl,
+			sensitive: false,
+			name: null,
+		};
+	}
+
+	@bindThis
+	public renderSystemBanner(): IApImage | null {
+		if (this.meta.bannerUrl == null) return null;
+		return {
+			type: 'Image',
+			url: this.meta.bannerUrl,
+			sensitive: false,
+			name: null,
+		};
+	}
+
 	@bindThis
 	public renderKey(user: MiLocalUser, key: MiUserKeypair, postfix?: string): IKey {
 		return {
@@ -464,11 +499,28 @@ export class ApRendererService {
 			this.userProfilesRepository.findOneByOrFail({ userId: user.id }),
 		]);

+		const tryRewriteUrl = (maybeUrl: string) => {
+			const urlSafeRegex = /^(?:http[s]?:\/\/.)?(?:www\.)?[-a-zA-Z0-9@%._\+~#=]{2,256}\.[a-z]{2,6}\b(?:[-a-zA-Z0-9@:%_\+.~#?&\/\/=]*)/;
+			try {
+				const match = maybeUrl.match(urlSafeRegex);
+				if (!match) {
+					return maybeUrl;
+				}
+				const urlPart = match[0];
+				const urlPartParsed = new URL(urlPart);
+				const restPart = maybeUrl.slice(match[0].length);
+				
+				return `<a href="${urlPartParsed.href}" rel="me nofollow noopener" target="_blank">${urlPart}</a>${restPart}`;
+			} catch (e) {
+				return maybeUrl;
+			}
+		};
+
 		const attachment = profile.fields.map(field => ({
 			type: 'PropertyValue',
 			name: field.name,
 			value: (field.value.startsWith('http://') || field.value.startsWith('https://'))
-				? `<a href="${new URL(field.value).href}" rel="me nofollow noopener" target="_blank">${new URL(field.value).href}</a>`
+				? tryRewriteUrl(field.value)
 				: field.value,
 		}));

@@ -503,8 +555,8 @@ export class ApRendererService {
 			_misskey_requireSigninToViewContents: user.requireSigninToViewContents,
 			_misskey_makeNotesFollowersOnlyBefore: user.makeNotesFollowersOnlyBefore,
 			_misskey_makeNotesHiddenBefore: user.makeNotesHiddenBefore,
-			icon: avatar ? this.renderImage(avatar) : null,
-			image: banner ? this.renderImage(banner) : null,
+			icon: avatar ? this.renderImage(avatar) : isSystem ? this.renderSystemAvatar(user) : this.renderIdenticon(user),
+			image: banner ? this.renderImage(banner) : isSystem ? this.renderSystemBanner() : null,
 			tag,
 			manuallyApprovesFollowers: user.isLocked,
 			discoverable: user.isExplorable,
--- a/packages/backend/src/core/activitypub/ApRequestService.ts
+++ b/packages/backend/src/core/activitypub/ApRequestService.ts
@@ -17,7 +17,7 @@ import { LoggerService } from '@/core/LoggerService.js';
 import { bindThis } from '@/decorators.js';
 import type Logger from '@/logger.js';
 import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
-import { assertActivityMatchesUrls, FetchAllowSoftFailMask as FetchAllowSoftFailMask } from '@/core/activitypub/misc/check-against-url.js';
+import { assertActivityMatchesUrl, FetchAllowSoftFailMask as FetchAllowSoftFailMask } from '@/core/activitypub/misc/check-against-url.js';
 import type { IObject } from './type.js';

 type Request = {
@@ -258,7 +258,7 @@ export class ApRequestService {
 		const finalUrl = res.url; // redirects may have been involved
 		const activity = await res.json() as IObject;

-		assertActivityMatchesUrls(url, activity, [finalUrl], allowSoftfail);
+		assertActivityMatchesUrl(url, activity, finalUrl, allowSoftfail);

 		return activity;
 	}
--- a/packages/backend/src/core/activitypub/ApResolverService.ts
+++ b/packages/backend/src/core/activitypub/ApResolverService.ts
@@ -6,7 +6,6 @@
 import { Inject, Injectable } from '@nestjs/common';
 import { IsNull, Not } from 'typeorm';
 import type { MiLocalUser, MiRemoteUser } from '@/models/User.js';
-import { InstanceActorService } from '@/core/InstanceActorService.js';
 import type { NotesRepository, PollsRepository, NoteReactionsRepository, UsersRepository, FollowRequestsRepository, MiMeta } from '@/models/_.js';
 import type { Config } from '@/config.js';
 import { HttpRequestService } from '@/core/HttpRequestService.js';
@@ -15,13 +14,14 @@ import { UtilityService } from '@/core/UtilityService.js';
 import { bindThis } from '@/decorators.js';
 import { LoggerService } from '@/core/LoggerService.js';
 import type Logger from '@/logger.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';
+import { IdentifiableError } from '@/misc/identifiable-error.js';
 import { isCollectionOrOrderedCollection } from './type.js';
 import { ApDbResolverService } from './ApDbResolverService.js';
 import { ApRendererService } from './ApRendererService.js';
 import { ApRequestService } from './ApRequestService.js';
-import type { IObject, ICollection, IOrderedCollection } from './type.js';
-import { IdentifiableError } from '@/misc/identifiable-error.js';
 import { FetchAllowSoftFailMask } from './misc/check-against-url.js';
+import type { IObject, ICollection, IOrderedCollection } from './type.js';

 export class Resolver {
 	private history: Set<string>;
@@ -37,7 +37,7 @@ export class Resolver {
 		private noteReactionsRepository: NoteReactionsRepository,
 		private followRequestsRepository: FollowRequestsRepository,
 		private utilityService: UtilityService,
-		private instanceActorService: InstanceActorService,
+		private systemAccountService: SystemAccountService,
 		private apRequestService: ApRequestService,
 		private httpRequestService: HttpRequestService,
 		private apRendererService: ApRendererService,
@@ -105,7 +105,7 @@ export class Resolver {
 		}

 		if (this.config.signToActivityPubGet && !this.user) {
-			this.user = await this.instanceActorService.getInstanceActor();
+			this.user = await this.systemAccountService.fetch('actor');
 		}

 		const object = (this.user
@@ -119,7 +119,7 @@ export class Resolver {
 		) {
 			throw new IdentifiableError('72180409-793c-4973-868e-5a118eb5519b', 'invalid response');
 		}
-		
+
 		return object;
 	}

@@ -202,7 +202,7 @@ export class ApResolverService {
 		private followRequestsRepository: FollowRequestsRepository,

 		private utilityService: UtilityService,
-		private instanceActorService: InstanceActorService,
+		private systemAccountService: SystemAccountService,
 		private apRequestService: ApRequestService,
 		private httpRequestService: HttpRequestService,
 		private apRendererService: ApRendererService,
@@ -222,7 +222,7 @@ export class ApResolverService {
 			this.noteReactionsRepository,
 			this.followRequestsRepository,
 			this.utilityService,
-			this.instanceActorService,
+			this.systemAccountService,
 			this.apRequestService,
 			this.httpRequestService,
 			this.apRendererService,
--- a/packages/backend/src/core/activitypub/misc/check-against-url.ts
+++ b/packages/backend/src/core/activitypub/misc/check-against-url.ts
@@ -75,7 +75,7 @@ function normalizeSynonymousSubdomain(url: URL | string): URL {
 	return new URL(urlParsed.toString().replace(host, normalizedHost));
 }

-export function assertActivityMatchesUrls(requestUrl: string | URL, activity: IObject, candidateUrls: (string | URL)[], allowSoftfail: FetchAllowSoftFailMask): FetchAllowSoftFailMask {
+export function assertActivityMatchesUrl(requestUrl: string | URL, activity: IObject, finalUrl: string | URL, allowSoftfail: FetchAllowSoftFailMask): FetchAllowSoftFailMask {
 	// must have a unique identifier to verify authority
 	if (!activity.id) {
 		throw new Error('bad Activity: missing id field');
@@ -95,26 +95,32 @@ export function assertActivityMatchesUrls(requestUrl: string | URL, activity: IO
 	const requestUrlParsed = normalizeSynonymousSubdomain(requestUrl);
 	const idParsed = normalizeSynonymousSubdomain(activity.id);

-	const candidateUrlsParsed = candidateUrls.map(it => normalizeSynonymousSubdomain(it));
+	const finalUrlParsed = normalizeSynonymousSubdomain(finalUrl);
+
+	// mastodon sends activities with hash in the URL
+	// currently it only happens with likes, deletes etc.
+	// but object ID never has hash
+	requestUrlParsed.hash = '';
+	finalUrlParsed.hash = '';

 	const requestUrlSecure = requestUrlParsed.protocol === 'https:';
-	const finalUrlSecure = candidateUrlsParsed.every(it => it.protocol === 'https:');
+	const finalUrlSecure = finalUrlParsed.protocol === 'https:';
 	if (requestUrlSecure && !finalUrlSecure) {
 		throw new Error(`bad Activity: id(${activity.id}) is not allowed to have http:// in the url`);
 	}

 	// Compare final URL to the ID
-	if (!candidateUrlsParsed.some(it => it.href === idParsed.href)) {
-		requireSoftfail(FetchAllowSoftFailMask.NonCanonicalId, `bad Activity: id(${activity.id}) does not match response url(${candidateUrlsParsed.map(it => it.toString())})`);
+	if (finalUrlParsed.href !== idParsed.href) {
+		requireSoftfail(FetchAllowSoftFailMask.NonCanonicalId, `bad Activity: id(${activity.id}) does not match response url(${finalUrlParsed.toString()})`);

 		// at lease host need to match exactly (ActivityPub requirement)
-		if (!candidateUrlsParsed.some(it => idParsed.host === it.host)) {
-			throw new Error(`bad Activity: id(${activity.id}) does not match response host(${candidateUrlsParsed.map(it => it.host)})`);
+		if (idParsed.host !== finalUrlParsed.host) {
+			throw new Error(`bad Activity: id(${activity.id}) does not match response host(${finalUrlParsed.host})`);
 		}
 	}

 	// Compare request URL to the ID
-	if (!requestUrlParsed.href.includes(idParsed.href)) {
+	if (requestUrlParsed.href !== idParsed.href) {
 		requireSoftfail(FetchAllowSoftFailMask.NonCanonicalId, `bad Activity: id(${activity.id}) does not match request url(${requestUrlParsed.toString()})`);

 		// if cross-origin lookup is allowed, we can accept some variation between the original request URL to the final object ID (but not between the final URL and the object ID)
--- a/packages/backend/src/core/activitypub/models/ApPersonService.ts
+++ b/packages/backend/src/core/activitypub/models/ApPersonService.ts
@@ -560,7 +560,7 @@ export class ApPersonService implements OnModuleInit {
 			inbox: person.inbox,
 			sharedInbox: person.sharedInbox ?? person.endpoints?.sharedInbox ?? null,
 			followersUri: person.followers ? getApId(person.followers) : undefined,
-			featured: person.featured,
+			featured: person.featured ? getApId(person.featured) : undefined,
 			emojis: emojiNames,
 			name: truncate(person.name, nameLength),
 			tags,
@@ -594,7 +594,9 @@ export class ApPersonService implements OnModuleInit {
 		if (moving) updates.movedAt = new Date();

 		// Update user
-		await this.usersRepository.update(exist.id, updates);
+		if (!(await this.usersRepository.update({ id: exist.id, isDeleted: false }, updates)).affected) {
+			return 'skip';
+		}

 		if (person.publicKey) {
 			await this.userPublickeysRepository.update({ userId: exist.id }, {
@@ -699,7 +701,7 @@ export class ApPersonService implements OnModuleInit {

 	@bindThis
 	public async updateFeatured(userId: MiUser['id'], resolver?: Resolver): Promise<void> {
-		const user = await this.usersRepository.findOneByOrFail({ id: userId });
+		const user = await this.usersRepository.findOneByOrFail({ id: userId, isDeleted: false });
 		if (!this.userEntityService.isRemoteUser(user)) return;
 		if (!user.featured) return;

--- a/packages/backend/src/core/entities/MetaEntityService.ts
+++ b/packages/backend/src/core/entities/MetaEntityService.ts
@@ -11,8 +11,7 @@ import type { MiMeta } from '@/models/Meta.js';
 import type { AdsRepository } from '@/models/_.js';
 import { MAX_NOTE_TEXT_LENGTH } from '@/const.js';
 import { bindThis } from '@/decorators.js';
-import { UserEntityService } from '@/core/entities/UserEntityService.js';
-import { InstanceActorService } from '@/core/InstanceActorService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';
 import type { Config } from '@/config.js';
 import { DI } from '@/di-symbols.js';
 import { DEFAULT_POLICIES } from '@/core/RoleService.js';
@@ -29,8 +28,7 @@ export class MetaEntityService {
 		@Inject(DI.adsRepository)
 		private adsRepository: AdsRepository,

-		private userEntityService: UserEntityService,
-		private instanceActorService: InstanceActorService,
+		private systemAccountService: SystemAccountService,
 	) { }

 	@bindThis
@@ -149,14 +147,14 @@ export class MetaEntityService {

 		const packed = await this.pack(instance);

-		const proxyAccount = instance.proxyAccountId ? await this.userEntityService.pack(instance.proxyAccountId).catch(() => null) : null;
+		const proxyAccount = await this.systemAccountService.fetch('proxy');

 		const packDetailed: Packed<'MetaDetailed'> = {
 			...packed,
 			cacheRemoteFiles: instance.cacheRemoteFiles,
 			cacheRemoteSensitiveFiles: instance.cacheRemoteSensitiveFiles,
-			requireSetup: !await this.instanceActorService.realLocalUsersPresent(),
-			proxyAccountName: proxyAccount ? proxyAccount.username : null,
+			requireSetup: this.meta.rootUserId == null,
+			proxyAccountName: proxyAccount.username,
 			features: {
 				localTimeline: instance.policies.ltlAvailable,
 				globalTimeline: instance.policies.gtlAvailable,
--- a/packages/backend/src/core/entities/UserEntityService.ts
+++ b/packages/backend/src/core/entities/UserEntityService.ts
@@ -28,6 +28,7 @@ import type {
 	FollowingsRepository,
 	FollowRequestsRepository,
 	MiFollowing,
+	MiMeta,
 	MiUserNotePining,
 	MiUserProfile,
 	MutingsRepository,
@@ -100,6 +101,9 @@ export class UserEntityService implements OnModuleInit {
 		@Inject(DI.config)
 		private config: Config,

+		@Inject(DI.meta)
+		private meta: MiMeta,
+
 		@Inject(DI.redis)
 		private redisClient: Redis.Redis,

@@ -381,7 +385,11 @@ export class UserEntityService implements OnModuleInit {

 	@bindThis
 	public getIdenticonUrl(user: MiUser): string {
-		return `${this.config.url}/identicon/${user.username.toLowerCase()}@${user.host ?? this.config.host}`;
+		if ((user.host == null || user.host === this.config.host) && user.username.includes('.') && this.meta.iconUrl) { // ローカルのシステムアカウントの場合
+			return this.meta.iconUrl;
+		} else {
+			return `${this.config.url}/identicon/${user.username.toLowerCase()}@${user.host ?? this.config.host}`;
+		}
 	}

 	@bindThis
--- a/packages/backend/src/di-symbols.ts
+++ b/packages/backend/src/di-symbols.ts
@@ -74,6 +74,7 @@ export const DI = {
 	registryItemsRepository: Symbol('registryItemsRepository'),
 	webhooksRepository: Symbol('webhooksRepository'),
 	systemWebhooksRepository: Symbol('systemWebhooksRepository'),
+	systemAccountsRepository: Symbol('systemAccountsRepository'),
 	adsRepository: Symbol('adsRepository'),
 	passwordResetRequestsRepository: Symbol('passwordResetRequestsRepository'),
 	retentionAggregationsRepository: Symbol('retentionAggregationsRepository'),
--- a/packages/backend/src/misc/is-native-token.ts
+++ b/packages/backend/src/misc/is-native-token.ts
@@ -1,7 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and misskey-project
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-// eslint-disable-next-line import/no-default-export
-export default (token: string) => token.length === 16;
--- a/packages/backend/src/misc/generate-native-user-token.ts
+++ b/packages/backend/src/misc/generate-native-user-token.ts
@@ -5,5 +5,6 @@

 import { secureRndstr } from '@/misc/secure-rndstr.js';

-// eslint-disable-next-line import/no-default-export
-export default () => secureRndstr(16);
+export const generateNativeUserToken = () => secureRndstr(16);
+
+export const isNativeUserToken = (token: string) => token.length === 16;
--- a/packages/backend/src/models/Meta.ts
+++ b/packages/backend/src/models/Meta.ts
@@ -3,7 +3,7 @@
 * SPDX-License-Identifier: AGPL-3.0-only
 */

-import { Entity, Column, PrimaryColumn, ManyToOne, JoinColumn } from 'typeorm';
+import { Entity, Column, PrimaryColumn, ManyToOne } from 'typeorm';
 import { id } from './util/id.js';
 import { MiUser } from './User.js';

@@ -15,6 +15,18 @@ export class MiMeta {
 	})
 	public id: string;

+	@Column({
+		...id(),
+		nullable: true,
+	})
+	public rootUserId: MiUser['id'] | null;
+
+	@ManyToOne(type => MiUser, {
+		onDelete: 'SET NULL',
+		nullable: true,
+	})
+	public rootUser: MiUser | null;
+
 	@Column('varchar', {
 		length: 1024, nullable: true,
 	})
@@ -172,18 +184,6 @@ export class MiMeta {
 	})
 	public cacheRemoteSensitiveFiles: boolean;

-	@Column({
-		...id(),
-		nullable: true,
-	})
-	public proxyAccountId: MiUser['id'] | null;
-
-	@ManyToOne(type => MiUser, {
-		onDelete: 'SET NULL',
-	})
-	@JoinColumn()
-	public proxyAccount: MiUser | null;
-
 	@Column('boolean', {
 		default: false,
 	})
--- a/packages/backend/src/models/RepositoryModule.ts
+++ b/packages/backend/src/models/RepositoryModule.ts
@@ -3,7 +3,6 @@
 * SPDX-License-Identifier: AGPL-3.0-only
 */

-import type { Provider } from '@nestjs/common';
 import { Module } from '@nestjs/common';
 import { DI } from '@/di-symbols.js';
 import {
@@ -63,6 +62,7 @@ import {
 	MiRoleAssignment,
 	MiSignin,
 	MiSwSubscription,
+	MiSystemAccount,
 	MiSystemWebhook,
 	MiUsedUsername,
 	MiUser,
@@ -77,8 +77,9 @@ import {
 	MiUserProfile,
 	MiUserPublickey,
 	MiUserSecurityKey,
-	MiWebhook
+	MiWebhook,
 } from './_.js';
+import type { Provider } from '@nestjs/common';
 import type { DataSource } from 'typeorm';

 const $usersRepository: Provider = {
@@ -285,6 +286,12 @@ const $swSubscriptionsRepository: Provider = {
 	inject: [DI.db],
 };

+const $systemAccountsRepository: Provider = {
+	provide: DI.systemAccountsRepository,
+	useFactory: (db: DataSource) => db.getRepository(MiSystemAccount),
+	inject: [DI.db],
+};
+
 const $hashtagsRepository: Provider = {
 	provide: DI.hashtagsRepository,
 	useFactory: (db: DataSource) => db.getRepository(MiHashtag).extend(miRepository as MiRepository<MiHashtag>),
@@ -532,6 +539,7 @@ const $reversiGamesRepository: Provider = {
 		$renoteMutingsRepository,
 		$blockingsRepository,
 		$swSubscriptionsRepository,
+		$systemAccountsRepository,
 		$hashtagsRepository,
 		$abuseUserReportsRepository,
 		$abuseReportNotificationRecipientRepository,
@@ -603,6 +611,7 @@ const $reversiGamesRepository: Provider = {
 		$renoteMutingsRepository,
 		$blockingsRepository,
 		$swSubscriptionsRepository,
+		$systemAccountsRepository,
 		$hashtagsRepository,
 		$abuseUserReportsRepository,
 		$abuseReportNotificationRecipientRepository,
--- a/packages/backend/src/models/SystemAccount.ts
+++ b/packages/backend/src/models/SystemAccount.ts
@@ -0,0 +1,31 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+import { Column, Entity, Index, JoinColumn, ManyToOne, PrimaryColumn } from 'typeorm';
+import { Serialized } from '@/types.js';
+import { id } from './util/id.js';
+import { MiUser } from './User.js';
+
+@Entity('system_account')
+@Index(['type'], { unique: true })
+export class MiSystemAccount {
+	@PrimaryColumn(id())
+	public id: string;
+
+	@Index()
+	@Column(id())
+	public userId: MiUser['id'];
+
+	@ManyToOne(type => MiUser, {
+		onDelete: 'CASCADE',
+	})
+	@JoinColumn()
+	public user: MiUser | null;
+
+	@Column('varchar', {
+		length: 256,
+	})
+	public type: string;
+}
--- a/packages/backend/src/models/User.ts
+++ b/packages/backend/src/models/User.ts
@@ -184,12 +184,6 @@ export class MiUser {
 	})
 	public isCat: boolean;

-	@Column('boolean', {
-		default: false,
-		comment: 'Whether the User is the root.',
-	})
-	public isRoot: boolean;
-
 	@Index()
 	@Column('boolean', {
 		default: true,
--- a/packages/backend/src/models/_.ts
+++ b/packages/backend/src/models/_.ts
@@ -56,6 +56,7 @@ import { MiRegistryItem } from '@/models/RegistryItem.js';
 import { MiRelay } from '@/models/Relay.js';
 import { MiSignin } from '@/models/Signin.js';
 import { MiSwSubscription } from '@/models/SwSubscription.js';
+import { MiSystemAccount } from '@/models/SystemAccount.js';
 import { MiUsedUsername } from '@/models/UsedUsername.js';
 import { MiUser } from '@/models/User.js';
 import { MiUserIp } from '@/models/UserIp.js';
@@ -171,6 +172,7 @@ export {
 	MiRelay,
 	MiSignin,
 	MiSwSubscription,
+	MiSystemAccount,
 	MiUsedUsername,
 	MiUser,
 	MiUserIp,
@@ -242,6 +244,7 @@ export type RegistryItemsRepository = Repository<MiRegistryItem> & MiRepository<
 export type RelaysRepository = Repository<MiRelay> & MiRepository<MiRelay>;
 export type SigninsRepository = Repository<MiSignin> & MiRepository<MiSignin>;
 export type SwSubscriptionsRepository = Repository<MiSwSubscription> & MiRepository<MiSwSubscription>;
+export type SystemAccountsRepository = Repository<MiSystemAccount> & MiRepository<MiSystemAccount>;
 export type UsedUsernamesRepository = Repository<MiUsedUsername> & MiRepository<MiUsedUsername>;
 export type UsersRepository = Repository<MiUser> & MiRepository<MiUser>;
 export type UserIpsRepository = Repository<MiUserIp> & MiRepository<MiUserIp>;
--- a/packages/backend/src/postgres.ts
+++ b/packages/backend/src/postgres.ts
@@ -82,6 +82,7 @@ import { MiReversiGame } from '@/models/ReversiGame.js';
 import { Config } from '@/config.js';
 import MisskeyLogger from '@/logger.js';
 import { bindThis } from '@/decorators.js';
+import { MiSystemAccount } from './models/SystemAccount.js';

 pg.types.setTypeParser(20, Number);

@@ -206,6 +207,7 @@ export const entities = [
 	MiEmoji,
 	MiHashtag,
 	MiSwSubscription,
+	MiSystemAccount,
 	MiAbuseUserReport,
 	MiAbuseReportNotificationRecipient,
 	MiRegistrationTicket,
--- a/packages/backend/src/server/ActivityPubServerService.ts
+++ b/packages/backend/src/server/ActivityPubServerService.ts
@@ -751,7 +751,7 @@ export class ActivityPubServerService {
 		});

 		// follow
-		fastify.get<{ Params: { followRequestId: string ; } }>('/follows/:followRequestId', async (request, reply) => {
+		fastify.get<{ Params: { followRequestId: string; } }>('/follows/:followRequestId', async (request, reply) => {
 			// This may be used before the follow is completed, so we do not
 			// check if the following exists and only check if the follow request exists.

--- a/packages/backend/src/server/FileServerService.ts
+++ b/packages/backend/src/server/FileServerService.ts
@@ -497,7 +497,7 @@ export class FileServerService {

 	@bindThis
 	private async downloadAndDetectTypeFromUrl(url: string): Promise<
-		{ state: 'remote' ; mime: string; ext: string | null; path: string; cleanup: () => void; filename: string; }
+		{ state: 'remote'; mime: string; ext: string | null; path: string; cleanup: () => void; filename: string; }
 	> {
 		const [path, cleanup] = await createTemp();
 		try {
--- a/packages/backend/src/server/NodeinfoServerService.ts
+++ b/packages/backend/src/server/NodeinfoServerService.ts
@@ -9,11 +9,11 @@ import type { Config } from '@/config.js';
 import { MetaService } from '@/core/MetaService.js';
 import { MAX_NOTE_TEXT_LENGTH } from '@/const.js';
 import { MemorySingleCache } from '@/misc/cache.js';
-import { UserEntityService } from '@/core/entities/UserEntityService.js';
 import { bindThis } from '@/decorators.js';
 import NotesChart from '@/core/chart/charts/notes.js';
 import UsersChart from '@/core/chart/charts/users.js';
 import { DEFAULT_POLICIES } from '@/core/RoleService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';
 import type { FastifyInstance, FastifyPluginOptions } from 'fastify';

 const nodeinfo2_1path = '/nodeinfo/2.1';
@@ -26,7 +26,7 @@ export class NodeinfoServerService {
 		@Inject(DI.config)
 		private config: Config,

-		private userEntityService: UserEntityService,
+		private systemAccountService: SystemAccountService,
 		private metaService: MetaService,
 		private notesChart: NotesChart,
 		private usersChart: UsersChart,
@@ -70,7 +70,7 @@ export class NodeinfoServerService {
 			const activeHalfyear = null;
 			const activeMonth = null;

-			const proxyAccount = meta.proxyAccountId ? await this.userEntityService.pack(meta.proxyAccountId).catch(() => null) : null;
+			const proxyAccount = await this.systemAccountService.fetch('proxy');

 			const basePolicies = { ...DEFAULT_POLICIES, ...meta.policies };

@@ -123,7 +123,7 @@ export class NodeinfoServerService {
 					maxNoteTextLength: MAX_NOTE_TEXT_LENGTH,
 					enableEmail: meta.enableEmail,
 					enableServiceWorker: meta.enableServiceWorker,
-					proxyAccountName: proxyAccount ? proxyAccount.username : null,
+					proxyAccountName: proxyAccount.username,
 					themeColor: meta.themeColor ?? '#86b300',
 				},
 			};
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@@ -371,7 +371,7 @@ export class ApiCallService implements OnApplicationShutdown {
 			}
 		}

-		if ((ep.meta.requireModerator || ep.meta.requireAdmin) && !user!.isRoot) {
+		if ((ep.meta.requireModerator || ep.meta.requireAdmin) && (this.meta.rootUserId !== user!.id)) {
 			const myRoles = await this.roleService.getUserRoles(user!.id);
 			if (ep.meta.requireModerator && !myRoles.some(r => r.isModerator || r.isAdministrator)) {
 				throw new ApiError({
@@ -391,7 +391,7 @@ export class ApiCallService implements OnApplicationShutdown {
 			}
 		}

-		if (ep.meta.requireRolePolicy != null && !user!.isRoot) {
+		if (ep.meta.requireRolePolicy != null && (this.meta.rootUserId !== user!.id)) {
 			const myRoles = await this.roleService.getUserRoles(user!.id);
 			const policies = await this.roleService.getUserPolicies(user!.id);
 			if (!policies[ep.meta.requireRolePolicy] && !myRoles.some(r => r.isAdministrator)) {
--- a/packages/backend/src/server/api/AuthenticateService.ts
+++ b/packages/backend/src/server/api/AuthenticateService.ts
@@ -11,7 +11,7 @@ import type { MiAccessToken } from '@/models/AccessToken.js';
 import { MemoryKVCache } from '@/misc/cache.js';
 import type { MiApp } from '@/models/App.js';
 import { CacheService } from '@/core/CacheService.js';
-import isNativeToken from '@/misc/is-native-token.js';
+import { isNativeUserToken } from '@/misc/token.js';
 import { bindThis } from '@/decorators.js';

 export class AuthenticationError extends Error {
@@ -46,7 +46,7 @@ export class AuthenticateService implements OnApplicationShutdown {
 			return [null, null];
 		}

-		if (isNativeToken(token)) {
+		if (isNativeUserToken(token)) {
 			const user = await this.cacheService.localUserByNativeTokenCache.fetch(token,
 				() => this.usersRepository.findOneBy({ token }) as Promise<MiLocalUser | null>);

--- a/packages/backend/src/server/api/endpoint-list.ts
+++ b/packages/backend/src/server/api/endpoint-list.ts
@@ -100,6 +100,7 @@ export * as 'admin/unset-user-banner' from './endpoints/admin/unset-user-banner.
 export * as 'admin/unsuspend-user' from './endpoints/admin/unsuspend-user.js';
 export * as 'admin/update-abuse-user-report' from './endpoints/admin/update-abuse-user-report.js';
 export * as 'admin/update-meta' from './endpoints/admin/update-meta.js';
+export * as 'admin/update-proxy-account' from './endpoints/admin/update-proxy-account.js';
 export * as 'admin/update-user-note' from './endpoints/admin/update-user-note.js';
 export * as 'announcements' from './endpoints/announcements.js';
 export * as 'announcements/show' from './endpoints/announcements/show.js';
--- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
@@ -4,12 +4,10 @@
 */

 import { Inject, Injectable } from '@nestjs/common';
-import { IsNull } from 'typeorm';
 import { Endpoint } from '@/server/api/endpoint-base.js';
-import type { UsersRepository } from '@/models/_.js';
+import type { MiMeta, UsersRepository } from '@/models/_.js';
 import { SignupService } from '@/core/SignupService.js';
 import { UserEntityService } from '@/core/entities/UserEntityService.js';
-import { InstanceActorService } from '@/core/InstanceActorService.js';
 import { localUsernameSchema, passwordSchema } from '@/models/User.js';
 import { DI } from '@/di-symbols.js';
 import type { Config } from '@/config.js';
@@ -62,18 +60,19 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 		@Inject(DI.config)
 		private config: Config,

+		@Inject(DI.meta)
+		private serverSettings: MiMeta,
+
 		@Inject(DI.usersRepository)
 		private usersRepository: UsersRepository,

 		private userEntityService: UserEntityService,
 		private signupService: SignupService,
-		private instanceActorService: InstanceActorService,
 	) {
 		super(meta, paramDef, async (ps, _me, token) => {
 			const me = _me ? await this.usersRepository.findOneByOrFail({ id: _me.id }) : null;
-			const realUsers = await this.instanceActorService.realLocalUsersPresent();

-			if (!realUsers && me == null && token == null) {
+			if (this.serverSettings.rootUserId == null && me == null && token == null) {
 				// 初回セットアップの場合
 				if (this.config.setupPassword != null) {
 					// 初期パスワードが設定されている場合
@@ -85,7 +84,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 					// 初期パスワードが設定されていないのに初期パスワードが入力された場合
 					throw new ApiError(meta.errors.wrongInitialPassword);
 				}
-			} else if ((realUsers && !me?.isRoot) || token !== null) {
+			} else if ((this.serverSettings.rootUserId != null && (this.serverSettings.rootUserId !== me?.id)) || token !== null) {
 				// 初回セットアップではなく、管理者でない場合 or 外部トークンを使用している場合
 				throw new ApiError(meta.errors.accessDenied);
 			}
--- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
@@ -42,10 +42,6 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				throw new Error('user not found');
 			}

-			if (user.isRoot) {
-				throw new Error('cannot delete a root account');
-			}
-
 			await this.deleteAccoountService.deleteAccount(user, me);
 		});
 	}
--- a/packages/backend/src/server/api/endpoints/admin/meta.ts
+++ b/packages/backend/src/server/api/endpoints/admin/meta.ts
@@ -9,6 +9,7 @@ import { MetaService } from '@/core/MetaService.js';
 import type { Config } from '@/config.js';
 import { DI } from '@/di-symbols.js';
 import { DEFAULT_POLICIES } from '@/core/RoleService.js';
+import { SystemAccountService } from '@/core/SystemAccountService.js';

 export const meta = {
 	tags: ['meta'],
@@ -237,7 +238,7 @@ export const meta = {
 			},
 			proxyAccountId: {
 				type: 'string',
-				optional: false, nullable: true,
+				optional: false, nullable: false,
 				format: 'id',
 			},
 			email: {
@@ -545,10 +546,13 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 		private config: Config,

 		private metaService: MetaService,
+		private systemAccountService: SystemAccountService,
 	) {
 		super(meta, paramDef, async () => {
 			const instance = await this.metaService.fetch(true);

+			const proxy = await this.systemAccountService.fetch('proxy');
+
 			return {
 				maintainerName: instance.maintainerName,
 				maintainerEmail: instance.maintainerEmail,
@@ -613,7 +617,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				sensitiveMediaDetectionSensitivity: instance.sensitiveMediaDetectionSensitivity,
 				setSensitiveFlagAutomatically: instance.setSensitiveFlagAutomatically,
 				enableSensitiveMediaDetectionForVideos: instance.enableSensitiveMediaDetectionForVideos,
-				proxyAccountId: instance.proxyAccountId,
+				proxyAccountId: proxy.id,
 				email: instance.email,
 				smtpSecure: instance.smtpSecure,
 				smtpHost: instance.smtpHost,
--- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts
+++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts
@@ -6,7 +6,7 @@
 import { Inject, Injectable } from '@nestjs/common';
 import bcrypt from 'bcryptjs';
 import { Endpoint } from '@/server/api/endpoint-base.js';
-import type { UsersRepository, UserProfilesRepository } from '@/models/_.js';
+import type { UsersRepository, UserProfilesRepository, MiMeta } from '@/models/_.js';
 import { DI } from '@/di-symbols.js';
 import { secureRndstr } from '@/misc/secure-rndstr.js';
 import { ModerationLogService } from '@/core/ModerationLogService.js';
@@ -43,6 +43,9 @@ export const paramDef = {
@Injectable()
 export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
 	constructor(
+		@Inject(DI.meta)
+		private serverSettings: MiMeta,
+
 		@Inject(DI.usersRepository)
 		private usersRepository: UsersRepository,

@@ -58,7 +61,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				throw new Error('user not found');
 			}

-			if (user.isRoot) {
+			if (this.serverSettings.rootUserId === user.id) {
 				throw new Error('cannot reset password of root');
 			}

--- a/Show More
+++ b/Show More