anatawa12
diff --git a/‎.config/cypress-devcontainer.yml
+5 b/‎.config/cypress-devcontainer.yml
+5
diff --git a/‎.config/docker_example.yml
+5 b/‎.config/docker_example.yml
+5
diff --git a/‎.config/example.yml
+5 b/‎.config/example.yml
+5
diff --git a/‎.devcontainer/devcontainer.json
+3-1 b/‎.devcontainer/devcontainer.json
+3-1
diff --git a/‎.github/dependabot.yml
+2-2 b/‎.github/dependabot.yml
+2-2
diff --git a/‎.github/workflows/api-misskey-js.yml
+2-2 b/‎.github/workflows/api-misskey-js.yml
+2-2
diff --git a/‎.github/workflows/changelog-check.yml
+2-2 b/‎.github/workflows/changelog-check.yml
+2-2
diff --git a/‎.github/workflows/check-misskey-js-autogen.yml
+3-3 b/‎.github/workflows/check-misskey-js-autogen.yml
+3-3
diff --git a/‎.github/workflows/check-misskey-js-version.yml
+1-1 b/‎.github/workflows/check-misskey-js-version.yml
+1-1
diff --git a/‎.github/workflows/check-spdx-license-id.yml
+1-1 b/‎.github/workflows/check-spdx-license-id.yml
+1-1
diff --git a/‎.github/workflows/check_copyright_year.yml
+1-1 b/‎.github/workflows/check_copyright_year.yml
+1-1
diff --git a/‎.github/workflows/deploy-test-environment.yml
+1-1 b/‎.github/workflows/deploy-test-environment.yml
+1-1
diff --git a/‎.github/workflows/docker-develop.yml
+1-1 b/‎.github/workflows/docker-develop.yml
+1-1
diff --git a/‎.github/workflows/docker.yml
+1-1 b/‎.github/workflows/docker.yml
+1-1
diff --git a/‎.github/workflows/dockle.yml
+1-1 b/‎.github/workflows/dockle.yml
+1-1
diff --git a/‎.github/workflows/get-api-diff.yml
+2-2 b/‎.github/workflows/get-api-diff.yml
+2-2
diff --git a/‎.github/workflows/lint.yml
+7-7 b/‎.github/workflows/lint.yml
+7-7
diff --git a/‎.github/workflows/locale.yml
+2-2 b/‎.github/workflows/locale.yml
+2-2
diff --git a/‎.github/workflows/ok-to-test.yml
-36 b/‎.github/workflows/ok-to-test.yml
-36
diff --git a/‎.github/workflows/on-release-created.yml
+2-2 b/‎.github/workflows/on-release-created.yml
+2-2
@@ -220,5 +220,10 @@ allowedPrivateNetworks: [
   '127.0.0.1/32'
 ]
 
+# Disable automatic redirect for ActivityPub object lookup. (default: false)
+# This is a strong defense against potential impersonation attacks if the viewer instance has inadequate validation.
+# However it will make it impossible for other instances to lookup third-party user and notes through your URL.
+#disallowExternalApRedirect: true
+
 # Upload or download file size limits (bytes)
 #maxFileSize: 262144000
@@ -235,6 +235,11 @@ signToActivityPubGet: true
 #  '127.0.0.1/32'
 #]
 
+# Disable automatic redirect for ActivityPub object lookup. (default: false)
+# This is a strong defense against potential impersonation attacks if the viewer instance has inadequate validation.
+# However it will make it impossible for other instances to lookup third-party user and notes through your URL.
+#disallowExternalApRedirect: true
+
 # Upload or download file size limits (bytes)
 #maxFileSize: 262144000
 
 
@@ -334,6 +334,11 @@ signToActivityPubGet: true
 #  '127.0.0.1/32'
 #]
 
+# Disable automatic redirect for ActivityPub object lookup. (default: false)
+# This is a strong defense against potential impersonation attacks if the viewer instance has inadequate validation.
+# However it will make it impossible for other instances to lookup third-party user and notes through your URL.
+#disallowExternalApRedirect: true
+
 # Upload or download file size limits (bytes)
 #maxFileSize: 262144000
 
 
@@ -7,7 +7,9 @@
 		"ghcr.io/devcontainers/features/node:1": {
 			"version": "22.11.0"
 		},
-		"ghcr.io/devcontainers-contrib/features/corepack:1": {}
+		"ghcr.io/devcontainers-extra/features/corepack:1": {
+			"version": "0.31.0"
+		}
 	},
 	"forwardPorts": [3000],
 	"postCreateCommand": "/bin/bash .devcontainer/init.sh",
 
@@ -9,15 +9,15 @@ updates:
   directory: "/"
   schedule:
     interval: daily
-  open-pull-requests-limit: 100
+  open-pull-requests-limit: 0
 
 # Add only the root, not each workspace item
 # https://github.com/dependabot/dependabot-core/issues/4993#issuecomment-1289133027
 - package-ecosystem: npm
   directory: "/"
   schedule:
     interval: daily
-  open-pull-requests-limit: 10
+  open-pull-requests-limit: 0
   # List dependencies required to be updated together, sharing the same version numbers.
   # Those who simply have the common owner (e.g. @fastify) don't need to be listed.
   groups:
 
@@ -20,12 +20,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
 
       - run: corepack enable
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4.1.0
+        uses: actions/setup-node@v4.2.0
         with:
           node-version-file: '.node-version'
           cache: 'pnpm'
 
@@ -12,9 +12,9 @@ jobs:
 
     steps:
       - name: Checkout head
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
       - name: Setup Node.js
-        uses: actions/setup-node@v4.1.0
+        uses: actions/setup-node@v4.2.0
         with:
           node-version-file: '.node-version'
 
 
@@ -18,7 +18,7 @@ jobs:
     if: ${{ github.event.pull_request.mergeable == null || github.event.pull_request.mergeable == true }}
     steps:
       - name: checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
         with:
           submodules: true
           persist-credentials: false
@@ -29,7 +29,7 @@ jobs:
 
       - name: setup node
         id: setup-node
-        uses: actions/setup-node@v4.1.0
+        uses: actions/setup-node@v4.2.0
         with:
           node-version-file: '.node-version'
           cache: pnpm
@@ -66,7 +66,7 @@ jobs:
     if: ${{ github.event.pull_request.mergeable == null || github.event.pull_request.mergeable == true }}
     steps:
       - name: checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
         with:
           submodules: true
           persist-credentials: false
 
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
       - name: Check version
         run: |
           if [ "$(jq -r '.version' package.json)" != "$(jq -r '.version' packages/misskey-js/package.json)" ]; then
 
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
       - name: Check
         run: |
           counter=0
 
@@ -10,7 +10,7 @@ jobs:
   check_copyright_year:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
     - run: |
         if [ "$(grep Copyright COPYING | sed -e 's/.*2014-\([0-9]*\) .*/\1/g')" -ne "$(date +%Y)" ]; then
           echo "Please change copyright year!"
 
@@ -28,7 +28,7 @@ jobs:
       wait_time: ${{ steps.get-wait-time.outputs.wait_time }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
 
       - name: Check allowed users
         id: check-allowed-users
 
@@ -27,7 +27,7 @@ jobs:
           platform=${{ matrix.platform }}
           echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
       - name: Check out the repo
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Log in to Docker Hub
 
@@ -32,7 +32,7 @@ jobs:
           platform=${{ matrix.platform }}
           echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
       - name: Check out the repo
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.2.2
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Docker meta
 
@@ -15,7 +15,7 @@ jobs:
       DOCKER_CONTENT_TRUST: 1
       DOCKLE_VERSION: 0.4.14
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.2.2
       - name: Download and install dockle v${{ env.DOCKLE_VERSION }}
         run: |
           curl -L -o dockle.deb "https://github.com/goodwithtech/dockle/releases/download/v${DOCKLE_VERSION}/dockle_${DOCKLE_VERSION}_Linux-64bit.deb"
 
@@ -30,14 +30,14 @@ jobs:
             ref: refs/pull/${{ github.event.number }}/merge
 
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
       with:
         ref: ${{ matrix.ref }}
         submodules: true
     - name: Install pnpm
       uses: pnpm/action-setup@v4
     - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v4.1.0
+      uses: actions/setup-node@v4.2.0
       with:
         node-version: ${{ matrix.node-version }}
         cache: 'pnpm'
 
@@ -36,12 +36,12 @@ jobs:
   pnpm_install:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
       with:
         fetch-depth: 0
         submodules: true
     - uses: pnpm/action-setup@v4
-    - uses: actions/setup-node@v4.1.0
+    - uses: actions/setup-node@v4.2.0
       with:
         node-version-file: '.node-version'
         cache: 'pnpm'
@@ -67,19 +67,19 @@ jobs:
       eslint-cache-version: v1
       eslint-cache-path: ${{ github.workspace }}/node_modules/.cache/eslint-${{ matrix.workspace }}
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
       with:
         fetch-depth: 0
         submodules: true
     - uses: pnpm/action-setup@v4
-    - uses: actions/setup-node@v4.1.0
+    - uses: actions/setup-node@v4.2.0
       with:
         node-version-file: '.node-version'
         cache: 'pnpm'
     - run: corepack enable
     - run: pnpm i --frozen-lockfile
     - name: Restore eslint cache
-      uses: actions/cache@v4.2.0
+      uses: actions/cache@v4.2.1
       with:
         path: ${{ env.eslint-cache-path }}
         key: eslint-${{ env.eslint-cache-version }}-${{ matrix.workspace }}-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ github.ref_name }}-${{ github.sha }}
@@ -97,12 +97,12 @@ jobs:
         - sw
         - misskey-js
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
       with:
         fetch-depth: 0
         submodules: true
     - uses: pnpm/action-setup@v4
-    - uses: actions/setup-node@v4.1.0
+    - uses: actions/setup-node@v4.2.0
       with:
         node-version-file: '.node-version'
         cache: 'pnpm'
 
@@ -18,12 +18,12 @@ jobs:
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.2.2
       with:
         fetch-depth: 0
         submodules: true
     - uses: pnpm/action-setup@v4
-    - uses: actions/setup-node@v4.1.0
+    - uses: actions/setup-node@v4.2.0
       with:
         node-version-file: '.node-version'
         cache: 'pnpm'
 
@@ -23,13 +23,13 @@ jobs:
         node-version: [22.11.0]
 
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.2.2
         with:
           submodules: true
       - name: Install pnpm
         uses: pnpm/action-setup@v4
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v4.1.0
+        uses: actions/setup-node@v4.2.0
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'pnpm'