@dwk/activitypub 0.1.0-beta.0

package/LICENSE

@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2026 David W. Keith
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1,135 @@
+# `@dwk/activitypub`
+
+> Edge-native ActivityPub actor: inbox/outbox, follower collections, signed
+> server-to-server federation. Endpoint package + Durable Object.
+
+Part of the [`@dwk` IndieWeb + Solid cohort](../../README.md). See the
+[package specification](../../spec/packages/activitypub.md) for the full
+requirements.
+
+A native [ActivityPub](https://www.w3.org/TR/activitypub/) actor rooted at the
+user's **own** domain — making the self-owned presence a first-class fediverse
+citizen (followers, replies, boosts) rather than a bridged guest. It mirrors the
+architecture proven in [`@dwk/solid-pod`](../solid-pod/README.md): a **stateless
+front door** (routing + edge HTTP-signature verification) over a **per-actor
+Durable Object** that is the consistency authority for activity-`id` dedup, the
+follower/following/outbox collections, and the signed outbound delivery queue.
+This is the second `@dwk` package to ship a Durable Object.
+
+## What v1 covers
+
+- **Actor document** (`Person`) served as `application/activity+json`, with the
+  public key embedded inline so peers can verify this actor's signatures.
+- **Collections** — `outbox`, `followers`, `following` as paged
+  `OrderedCollection`s; `inbox` is write-only to peers.
+- **Server-to-server (inbound)** `POST /inbox`: HTTP-signature verification at
+  the edge, dedup by activity `id`, and handling of `Follow` / `Undo` /
+  `Accept` / `Create` / `Update` / `Like` / `Announce` / `Delete`.
+- **Server-to-server (outbound)**: auto-`Accept` of follows and signed fan-out
+  delivery to follower inboxes, with retry/backoff driven by **DO alarms**.
+- **NodeInfo** — the `/.well-known/nodeinfo` discovery document and a
+  mostly-static `nodeinfo/2.1` document (live `usage` counts pulled from the DO).
+- **Owner publish endpoint** (`POST <actor>/outbox`, bearer-token gated) — the
+  publish → `Create` fan-out seam for [`@dwk/micropub`](../micropub/README.md).
+  Full client-to-server authoring is **out of scope for v1**.
+
+## Usage
+
+```ts
+import { createActivityPub, ActivityPubObject } from "@dwk/activitypub";
+
+const activitypub = createActivityPub({
+  baseUrl: "https://example.com",
+  actor: { username: "alice", name: "Alice", summary: "Hello, fediverse." },
+  publicKeyPem: env.AP_PUBLIC_KEY, // published in the actor document
+  privateKeyPem: env.AP_PRIVATE_KEY, // signs outbound deliveries (secret binding)
+  publishToken: env.AP_PUBLISH_TOKEN, // optional: enables POST <actor>/outbox
+  software: { name: "anglesite", version: "1.2.3" }, // NodeInfo
+});
+
+// In your Worker's fetch handler:
+//   GET  /users/alice                      → actor document
+//   GET  /users/alice/{outbox,followers,following}[?page=N]
+//   POST /users/alice/inbox                → signed S2S delivery
+//   GET  /.well-known/nodeinfo, /nodeinfo/2.1
+return activitypub(request, env, ctx);
+
+// Bind the Durable Object the package ships:
+export { ActivityPubObject };
+```
+
+```jsonc
+// wrangler.jsonc — the binding the package declares
+{
+  "durable_objects": {
+    "bindings": [{ "name": "ACTOR", "class_name": "ActivityPubObject" }],
+  },
+  "migrations": [{ "tag": "v1", "new_sqlite_classes": ["ActivityPubObject"] }],
+}
+```
+
+The actor IRI and every collection IRI are derived from `baseUrl` + `username`
+(`https://example.com/users/alice`, `…/inbox`, `…#main-key`). Mount the package
+under a path prefix by including it in `baseUrl` (e.g.
+`https://example.com/ap`) — the handler routes purely on the request URL.
+
+## Bindings (declared `Env` fragment)
+
+- `ACTOR` — the Durable Object namespace for the per-actor class
+  (`ActivityPubObject`). The single authoritative store for dedup, collections,
+  and the delivery queue. The handler **fails loudly** at startup if it is
+  missing.
+
+No KV is used for any authoritative state, per
+[`spec/non-functional-requirements.md`](../../spec/non-functional-requirements.md):
+follower lists, dedup, and the delivery queue all live in the DO's SQLite.
+
+## HTTP signatures
+
+Inbound `POST /inbox` deliveries are authenticated, and outbound deliveries are
+signed, with the de-facto fediverse `draft-cavage-http-signatures` profile
+(RSA-SHA256 over a covered header set, body integrity via `Digest`). The
+implementation is RSA-only with an explicit algorithm allow-list (no `none`, no
+symmetric algorithms), mirroring the [`@dwk/dpop`](../dpop/README.md) hardening
+posture.
+
+Signing/verification sit behind the `verifyInboxSignature` config seam, so the
+forthcoming cross-standard `@dwk/http-signatures` package (RFC 9421 +
+draft-cavage; [#59](https://github.com/davidwkeith/workers/issues/59)) can be
+swapped in unchanged once it lands.
+
+## Delivery safety
+
+Outbound deliveries target attacker-influenced URLs (a follower's advertised
+inbox), so every target passes a syntactic SSRF guard before any request leaves:
+HTTPS only, and private / loopback / link-local / cloud-metadata hosts are
+refused. (DNS rebinding is out of scope — the Workers runtime does not expose
+name resolution to user code; same limitation as
+[`@dwk/webmention`](../webmention/README.md)'s safe-fetch.) A `4xx` from a peer
+is a permanent failure (dropped); `5xx`, `408`, `429`, and network errors are
+retried with exponential backoff up to `deliveryMaxAttempts`.
+
+## Design
+
+The front door is **stateless** and serves the static actor + NodeInfo documents
+directly; everything that touches authoritative state is routed to the per-actor
+Durable Object. Per the composition contract, the actor profile, key material,
+and delivery policy are all passed into `createActivityPub` — nothing is read
+from the global environment — so an actor can be instantiated multiple times and
+tested in isolation.
+
+ActivityStreams 2.0 documents are emitted in the **compact** JSON-LD form the
+fediverse interoperates over (Mastodon et al.), with the AS2 + security
+`@context`. Full RDF content-negotiation via [`@dwk/rdf`](../rdf/README.md) is a
+future enhancement (its v1 JSON-LD subset and the AS2 context are tracked in
+[`spec/open-questions.md`](../../spec/open-questions.md) §4).
+
+## Observability
+
+Federation events flow through the injected `@dwk/log` `Logger`/`Metrics` seams
+(default no-op): `activitypub.signature.{accepted,rejected}`,
+`activitypub.inbox.{accepted,duplicate}`,
+`activitypub.delivery.{succeeded,failed,blocked}`, and
+`activitypub.publish.rejected`. Per the redaction policy, only reason codes,
+activity types, and sanitized hosts are recorded — never key material, tokens,
+or bodies.

package/dist/as2.d.ts

@@ -0,0 +1,117 @@
+/**
+ * ActivityStreams 2.0 vocabulary helpers for `@dwk/activitypub`.
+ *
+ * ActivityStreams 2.0 documents are JSON-LD, but the entire fediverse interops
+ * over the **compact** form with a fixed `@context`, so this module emits and
+ * parses that compact JSON shape directly rather than running a full JSON-LD
+ * processor. (Whether `@dwk/rdf`'s v1 JSON-LD subset covers the AS2 context is
+ * an open question — see `spec/open-questions.md` §4 — so v1 stays on the
+ * compact form Mastodon and friends actually speak.)
+ *
+ * Pure data: every function takes plain values and returns plain JSON objects,
+ * so the vocabulary is unit-testable without a Workers runtime or any binding.
+ */
+/** The ActivityStreams 2.0 namespace IRI. */
+export declare const AS2_NS = "https://www.w3.org/ns/activitystreams";
+/** The W3C security vocabulary namespace (carries `publicKey`). */
+export declare const SECURITY_NS = "https://w3id.org/security/v1";
+/** The special "public" collection that marks an activity world-readable. */
+export declare const PUBLIC_AUDIENCE = "https://www.w3.org/ns/activitystreams#Public";
+/**
+ * The `@context` an actor document advertises: the AS2 base plus the security
+ * vocabulary (so `publicKey` resolves) and the handful of property aliases
+ * (`manuallyApprovesFollowers`, `discoverable`) the fediverse expects.
+ */
+export declare const ACTOR_CONTEXT: readonly unknown[];
+/** Media type for an ActivityStreams 2.0 / ActivityPub document. */
+export declare const AS2_CONTENT_TYPE = "application/activity+json; charset=utf-8";
+/**
+ * The JSON-LD profile variant of AS2. A strict client may content-negotiate for
+ * `application/ld+json` carrying the ActivityStreams profile rather than the
+ * `application/activity+json` alias the fediverse speaks; both name the same
+ * document (§3.2).
+ */
+export declare const AS2_LD_CONTENT_TYPE = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"; charset=utf-8";
+/** Whether an `Accept` header is asking for the ActivityStreams representation. */
+export declare function wantsActivityJson(accept: string | null): boolean;
+/**
+ * Pick the AS2 media type to serve for a given `Accept` (§3.2 content
+ * negotiation). A peer that asks specifically for the JSON-LD profile variant
+ * (`application/ld+json`, without also naming `application/activity+json`) gets
+ * {@link AS2_LD_CONTENT_TYPE}; everyone else — plain browsers, and the
+ * `application/activity+json` alias the fediverse speaks — gets
+ * {@link AS2_CONTENT_TYPE}.
+ */
+export declare function as2ContentType(accept: string | null): string;
+/** A minimal JSON value type for AS2 documents. */
+export type JsonValue = string | number | boolean | null | readonly JsonValue[] | {
+    readonly [key: string]: JsonValue;
+};
+/** A parsed ActivityStreams object/activity (compact JSON). */
+export interface ActivityObject {
+    readonly id?: string;
+    readonly type?: string;
+    readonly actor?: JsonValue;
+    readonly object?: JsonValue;
+    readonly target?: JsonValue;
+    readonly to?: JsonValue;
+    readonly cc?: JsonValue;
+    readonly [key: string]: JsonValue | undefined;
+}
+/** The derived IRI set that identifies one actor and its collections. */
+export interface ActorIris {
+    readonly id: string;
+    readonly inbox: string;
+    readonly outbox: string;
+    readonly followers: string;
+    readonly following: string;
+    readonly keyId: string;
+}
+/** The human-facing profile fields of an actor. */
+export interface ActorProfile {
+    /** `preferredUsername` — the local part of the `acct:` handle. */
+    readonly username: string;
+    /** Display name; defaults to {@link username}. */
+    readonly name?: string;
+    /** Short bio rendered as `summary` (may contain HTML). */
+    readonly summary?: string;
+    /** Avatar image URL, surfaced as the actor `icon`. */
+    readonly icon?: string;
+    /** Whether follows require manual approval. Defaults to `false` (auto-accept). */
+    readonly manuallyApprovesFollowers?: boolean;
+    /** Whether the actor opts into discovery/search (Mastodon `toot:discoverable`). */
+    readonly discoverable?: boolean;
+}
+/** Optional extras woven into the actor document. */
+export interface ActorDocumentOptions {
+    /**
+     * The instance-level shared inbox IRI, advertised under `endpoints` (§4.1 /
+     * §7.1.3) so large peers can batch-deliver to this actor. Omitted entirely
+     * when the deployment does not serve one.
+     */
+    readonly sharedInbox?: string;
+}
+/**
+ * Build the `Person` actor document served at the actor IRI. The public key is
+ * embedded inline (PEM) under the security vocabulary so verifiers can resolve
+ * `keyId` without a second fetch, exactly as Mastodon publishes it.
+ */
+export declare function buildActorDocument(iris: ActorIris, profile: ActorProfile, publicKeyPem: string, options?: ActorDocumentOptions): Record<string, JsonValue>;
+/**
+ * Build a paged `OrderedCollection` head document — the response to a bare
+ * collection `GET` (no `page` parameter). It advertises the total count and the
+ * `first`/`last` page links; the members live on the pages.
+ */
+export declare function buildCollection(id: string, totalItems: number, pageSize: number): Record<string, JsonValue>;
+/**
+ * Build one `OrderedCollectionPage` of members. `next` is present only when a
+ * further page exists, so a crawler walks `first → next → …` until it stops.
+ */
+export declare function buildCollectionPage(collectionId: string, page: number, pageSize: number, totalItems: number, items: readonly JsonValue[]): Record<string, JsonValue>;
+/** Read the `id` of an activity's `object`, whether it is an IRI or nested object. */
+export declare function objectId(value: JsonValue | undefined): string | undefined;
+/** Read the `type` of an activity's `object` when it is a nested object. */
+export declare function objectType(value: JsonValue | undefined): string | undefined;
+/** Coerce an actor reference (IRI string or embedded object) to its IRI. */
+export declare function actorIri(value: JsonValue | undefined): string | undefined;
+//# sourceMappingURL=as2.d.ts.map

package/dist/as2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"as2.d.ts","sourceRoot":"","sources":["../src/as2.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,6CAA6C;AAC7C,eAAO,MAAM,MAAM,0CAA0C,CAAC;AAE9D,mEAAmE;AACnE,eAAO,MAAM,WAAW,iCAAiC,CAAC;AAE1D,6EAA6E;AAC7E,eAAO,MAAM,eAAe,iDAAiD,CAAC;AAE9E;;;;GAIG;AACH,eAAO,MAAM,aAAa,EAAE,SAAS,OAAO,EAQ3C,CAAC;AAEF,oEAAoE;AACpE,eAAO,MAAM,gBAAgB,6CAA6C,CAAC;AAE3E;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,0FACuD,CAAC;AAaxF,mFAAmF;AACnF,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAIhE;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAW5D;AAED,mDAAmD;AACnD,MAAM,MAAM,SAAS,GACjB,MAAM,GACN,MAAM,GACN,OAAO,GACP,IAAI,GACJ,SAAS,SAAS,EAAE,GACpB;IAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,CAAA;CAAE,CAAC;AAE1C,+DAA+D;AAC/D,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,KAAK,CAAC,EAAE,SAAS,CAAC;IAC3B,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,CAAC;IAC5B,QAAQ,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC;IACxB,QAAQ,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC;IACxB,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;CAC/C;AAED,yEAAyE;AACzE,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAED,mDAAmD;AACnD,MAAM,WAAW,YAAY;IAC3B,kEAAkE;IAClE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,kDAAkD;IAClD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,0DAA0D;IAC1D,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,sDAAsD;IACtD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,kFAAkF;IAClF,QAAQ,CAAC,yBAAyB,CAAC,EAAE,OAAO,CAAC;IAC7C,mFAAmF;IACnF,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;CACjC;AAED,qDAAqD;AACrD,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,SAAS,EACf,OAAO,EAAE,YAAY,EACrB,YAAY,EAAE,MAAM,EACpB,OAAO,GAAE,oBAAyB,GACjC,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CA2B3B;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAC7B,EAAE,EAAE,MAAM,EACV,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAY3B;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,SAAS,SAAS,EAAE,GAC1B,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAc3B;AAED,sFAAsF;AACtF,wBAAgB,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAOzE;AAED,4EAA4E;AAC5E,wBAAgB,UAAU,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAM3E;AAED,4EAA4E;AAC5E,wBAAgB,QAAQ,CAAC,KAAK,EAAE,SAAS,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAEzE"}

package/dist/as2.js

@@ -0,0 +1,174 @@
+/**
+ * ActivityStreams 2.0 vocabulary helpers for `@dwk/activitypub`.
+ *
+ * ActivityStreams 2.0 documents are JSON-LD, but the entire fediverse interops
+ * over the **compact** form with a fixed `@context`, so this module emits and
+ * parses that compact JSON shape directly rather than running a full JSON-LD
+ * processor. (Whether `@dwk/rdf`'s v1 JSON-LD subset covers the AS2 context is
+ * an open question — see `spec/open-questions.md` §4 — so v1 stays on the
+ * compact form Mastodon and friends actually speak.)
+ *
+ * Pure data: every function takes plain values and returns plain JSON objects,
+ * so the vocabulary is unit-testable without a Workers runtime or any binding.
+ */
+/** The ActivityStreams 2.0 namespace IRI. */
+export const AS2_NS = "https://www.w3.org/ns/activitystreams";
+/** The W3C security vocabulary namespace (carries `publicKey`). */
+export const SECURITY_NS = "https://w3id.org/security/v1";
+/** The special "public" collection that marks an activity world-readable. */
+export const PUBLIC_AUDIENCE = "https://www.w3.org/ns/activitystreams#Public";
+/**
+ * The `@context` an actor document advertises: the AS2 base plus the security
+ * vocabulary (so `publicKey` resolves) and the handful of property aliases
+ * (`manuallyApprovesFollowers`, `discoverable`) the fediverse expects.
+ */
+export const ACTOR_CONTEXT = [
+    AS2_NS,
+    SECURITY_NS,
+    {
+        manuallyApprovesFollowers: "as:manuallyApprovesFollowers",
+        toot: "http://joinmastodon.org/ns#",
+        discoverable: "toot:discoverable",
+    },
+];
+/** Media type for an ActivityStreams 2.0 / ActivityPub document. */
+export const AS2_CONTENT_TYPE = "application/activity+json; charset=utf-8";
+/**
+ * The JSON-LD profile variant of AS2. A strict client may content-negotiate for
+ * `application/ld+json` carrying the ActivityStreams profile rather than the
+ * `application/activity+json` alias the fediverse speaks; both name the same
+ * document (§3.2).
+ */
+export const AS2_LD_CONTENT_TYPE = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
+/**
+ * The media types a federation peer uses to request AS2. A `GET` whose `Accept`
+ * names any of these (or the matching `profile`) wants the activity JSON rather
+ * than an HTML profile page.
+ */
+const AS2_ACCEPT_TOKENS = [
+    "application/activity+json",
+    "application/ld+json",
+    'profile="https://www.w3.org/ns/activitystreams"',
+];
+/** Whether an `Accept` header is asking for the ActivityStreams representation. */
+export function wantsActivityJson(accept) {
+    if (!accept)
+        return false;
+    const lower = accept.toLowerCase();
+    return AS2_ACCEPT_TOKENS.some((token) => lower.includes(token));
+}
+/**
+ * Pick the AS2 media type to serve for a given `Accept` (§3.2 content
+ * negotiation). A peer that asks specifically for the JSON-LD profile variant
+ * (`application/ld+json`, without also naming `application/activity+json`) gets
+ * {@link AS2_LD_CONTENT_TYPE}; everyone else — plain browsers, and the
+ * `application/activity+json` alias the fediverse speaks — gets
+ * {@link AS2_CONTENT_TYPE}.
+ */
+export function as2ContentType(accept) {
+    if (accept && wantsActivityJson(accept)) {
+        const lower = accept.toLowerCase();
+        if (lower.includes("application/ld+json") &&
+            !lower.includes("application/activity+json")) {
+            return AS2_LD_CONTENT_TYPE;
+        }
+    }
+    return AS2_CONTENT_TYPE;
+}
+/**
+ * Build the `Person` actor document served at the actor IRI. The public key is
+ * embedded inline (PEM) under the security vocabulary so verifiers can resolve
+ * `keyId` without a second fetch, exactly as Mastodon publishes it.
+ */
+export function buildActorDocument(iris, profile, publicKeyPem, options = {}) {
+    const doc = {
+        "@context": ACTOR_CONTEXT,
+        id: iris.id,
+        type: "Person",
+        preferredUsername: profile.username,
+        name: profile.name ?? profile.username,
+        inbox: iris.inbox,
+        outbox: iris.outbox,
+        followers: iris.followers,
+        following: iris.following,
+        manuallyApprovesFollowers: profile.manuallyApprovesFollowers ?? false,
+        discoverable: profile.discoverable ?? true,
+        publicKey: {
+            id: iris.keyId,
+            owner: iris.id,
+            publicKeyPem,
+        },
+    };
+    if (profile.summary !== undefined)
+        doc.summary = profile.summary;
+    if (profile.icon !== undefined) {
+        doc.icon = { type: "Image", url: profile.icon };
+    }
+    if (options.sharedInbox !== undefined) {
+        doc.endpoints = { sharedInbox: options.sharedInbox };
+    }
+    return doc;
+}
+/**
+ * Build a paged `OrderedCollection` head document — the response to a bare
+ * collection `GET` (no `page` parameter). It advertises the total count and the
+ * `first`/`last` page links; the members live on the pages.
+ */
+export function buildCollection(id, totalItems, pageSize) {
+    const doc = {
+        "@context": AS2_NS,
+        id,
+        type: "OrderedCollection",
+        totalItems,
+    };
+    if (totalItems > 0) {
+        doc.first = `${id}?page=1`;
+        doc.last = `${id}?page=${Math.max(1, Math.ceil(totalItems / pageSize))}`;
+    }
+    return doc;
+}
+/**
+ * Build one `OrderedCollectionPage` of members. `next` is present only when a
+ * further page exists, so a crawler walks `first → next → …` until it stops.
+ */
+export function buildCollectionPage(collectionId, page, pageSize, totalItems, items) {
+    const doc = {
+        "@context": AS2_NS,
+        id: `${collectionId}?page=${page}`,
+        type: "OrderedCollectionPage",
+        partOf: collectionId,
+        totalItems,
+        orderedItems: items,
+    };
+    if (page * pageSize < totalItems) {
+        doc.next = `${collectionId}?page=${page + 1}`;
+    }
+    if (page > 1)
+        doc.prev = `${collectionId}?page=${page - 1}`;
+    return doc;
+}
+/** Read the `id` of an activity's `object`, whether it is an IRI or nested object. */
+export function objectId(value) {
+    if (typeof value === "string")
+        return value;
+    if (value && typeof value === "object" && !Array.isArray(value)) {
+        const id = value.id;
+        if (typeof id === "string")
+            return id;
+    }
+    return undefined;
+}
+/** Read the `type` of an activity's `object` when it is a nested object. */
+export function objectType(value) {
+    if (value && typeof value === "object" && !Array.isArray(value)) {
+        const type = value.type;
+        if (typeof type === "string")
+            return type;
+    }
+    return undefined;
+}
+/** Coerce an actor reference (IRI string or embedded object) to its IRI. */
+export function actorIri(value) {
+    return objectId(value);
+}
+//# sourceMappingURL=as2.js.map

package/dist/as2.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"as2.js","sourceRoot":"","sources":["../src/as2.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,6CAA6C;AAC7C,MAAM,CAAC,MAAM,MAAM,GAAG,uCAAuC,CAAC;AAE9D,mEAAmE;AACnE,MAAM,CAAC,MAAM,WAAW,GAAG,8BAA8B,CAAC;AAE1D,6EAA6E;AAC7E,MAAM,CAAC,MAAM,eAAe,GAAG,8CAA8C,CAAC;AAE9E;;;;GAIG;AACH,MAAM,CAAC,MAAM,aAAa,GAAuB;IAC/C,MAAM;IACN,WAAW;IACX;QACE,yBAAyB,EAAE,8BAA8B;QACzD,IAAI,EAAE,6BAA6B;QACnC,YAAY,EAAE,mBAAmB;KAClC;CACF,CAAC;AAEF,oEAAoE;AACpE,MAAM,CAAC,MAAM,gBAAgB,GAAG,0CAA0C,CAAC;AAE3E;;;;;GAKG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAC9B,qFAAqF,CAAC;AAExF;;;;GAIG;AACH,MAAM,iBAAiB,GAAG;IACxB,2BAA2B;IAC3B,qBAAqB;IACrB,iDAAiD;CAClD,CAAC;AAEF,mFAAmF;AACnF,MAAM,UAAU,iBAAiB,CAAC,MAAqB;IACrD,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACnC,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AAClE,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,IAAI,MAAM,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QACnC,IACE,KAAK,CAAC,QAAQ,CAAC,qBAAqB,CAAC;YACrC,CAAC,KAAK,CAAC,QAAQ,CAAC,2BAA2B,CAAC,EAC5C,CAAC;YACD,OAAO,mBAAmB,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AA2DD;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAChC,IAAe,EACf,OAAqB,EACrB,YAAoB,EACpB,UAAgC,EAAE;IAElC,MAAM,GAAG,GAA8B;QACrC,UAAU,EAAE,aAA0B;QACtC,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,iBAAiB,EAAE,OAAO,CAAC,QAAQ;QACnC,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ;QACtC,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,yBAAyB,EAAE,OAAO,CAAC,yBAAyB,IAAI,KAAK;QACrE,YAAY,EAAE,OAAO,CAAC,YAAY,IAAI,IAAI;QAC1C,SAAS,EAAE;YACT,EAAE,EAAE,IAAI,CAAC,KAAK;YACd,KAAK,EAAE,IAAI,CAAC,EAAE;YACd,YAAY;SACb;KACF,CAAC;IACF,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS;QAAE,GAAG,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IACjE,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,GAAG,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC;IAClD,CAAC;IACD,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;QACtC,GAAG,CAAC,SAAS,GAAG,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;IACvD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC7B,EAAU,EACV,UAAkB,EAClB,QAAgB;IAEhB,MAAM,GAAG,GAA8B;QACrC,UAAU,EAAE,MAAM;QAClB,EAAE;QACF,IAAI,EAAE,mBAAmB;QACzB,UAAU;KACX,CAAC;IACF,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;QACnB,GAAG,CAAC,KAAK,GAAG,GAAG,EAAE,SAAS,CAAC;QAC3B,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,SAAS,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,QAAQ,CAAC,CAAC,EAAE,CAAC;IAC3E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,YAAoB,EACpB,IAAY,EACZ,QAAgB,EAChB,UAAkB,EAClB,KAA2B;IAE3B,MAAM,GAAG,GAA8B;QACrC,UAAU,EAAE,MAAM;QAClB,EAAE,EAAE,GAAG,YAAY,SAAS,IAAI,EAAE;QAClC,IAAI,EAAE,uBAAuB;QAC7B,MAAM,EAAE,YAAY;QACpB,UAAU;QACV,YAAY,EAAE,KAAkB;KACjC,CAAC;IACF,IAAI,IAAI,GAAG,QAAQ,GAAG,UAAU,EAAE,CAAC;QACjC,GAAG,CAAC,IAAI,GAAG,GAAG,YAAY,SAAS,IAAI,GAAG,CAAC,EAAE,CAAC;IAChD,CAAC;IACD,IAAI,IAAI,GAAG,CAAC;QAAE,GAAG,CAAC,IAAI,GAAG,GAAG,YAAY,SAAS,IAAI,GAAG,CAAC,EAAE,CAAC;IAC5D,OAAO,GAAG,CAAC;AACb,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,QAAQ,CAAC,KAA4B;IACnD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,EAAE,GAAI,KAAmC,CAAC,EAAE,CAAC;QACnD,IAAI,OAAO,EAAE,KAAK,QAAQ;YAAE,OAAO,EAAE,CAAC;IACxC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,UAAU,CAAC,KAA4B;IACrD,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,IAAI,GAAI,KAAmC,CAAC,IAAI,CAAC;QACvD,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;IAC5C,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,QAAQ,CAAC,KAA4B;IACnD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,148 @@
+/**
+ * Configuration, the declared Cloudflare `Env` fragment, and config resolution
+ * for `@dwk/activitypub`.
+ *
+ * Per the composition contract the package never reads the global environment
+ * directly: the actor profile, key material, and delivery policy are all passed
+ * into {@link createActivityPub}, so an actor can be instantiated multiple times
+ * and unit-tested in isolation. The only runtime coupling is the per-actor
+ * Durable Object namespace, and a missing binding fails loudly at startup.
+ */
+import { type Logger, type Metrics } from "@dwk/log";
+import type { ActorIris, ActorProfile } from "./as2";
+import type { KeyResolver, VerifyResult, InboxRequest } from "./signature";
+import type { SoftwareInfo } from "./nodeinfo";
+import type { ActivityPubObject } from "./object";
+/** Cloudflare bindings required by the ActivityPub handler and Durable Object. */
+export interface ActivityPubEnv {
+    /**
+     * Durable Object namespace for the per-actor class
+     * ({@link ActivityPubObject}). The single authoritative store for the inbox,
+     * outbox, follower/following collections, activity-`id` dedup, and the
+     * delivery queue.
+     */
+    readonly ACTOR: DurableObjectNamespace<ActivityPubObject>;
+}
+/** An override for inbound signature verification (see `@dwk/http-signatures`, #59). */
+export type InboxVerifier = (request: InboxRequest) => Promise<VerifyResult> | VerifyResult;
+/** Configuration passed to {@link createActivityPub}. */
+export interface ActivityPubConfig {
+    /**
+     * The actor's identity root / base URL, e.g. `https://example.com`. The actor
+     * IRI and every collection IRI are derived from it. No trailing slash. Mount
+     * the package under a path prefix by including it here (e.g.
+     * `https://example.com/ap`).
+     */
+    readonly baseUrl: string;
+    /** The single actor this deployment serves (v1 is one actor per `baseUrl`). */
+    readonly actor: ActorProfile;
+    /**
+     * PEM-encoded SPKI **public** key, published inline in the actor document so
+     * peers can verify this actor's outbound signatures.
+     */
+    readonly publicKeyPem: string;
+    /**
+     * PEM-encoded PKCS#8 **private** key (a secret binding's value) used to sign
+     * outbound deliveries. Required to federate outbound (e.g. `Accept` a follow);
+     * omit it for a read-only actor that never delivers.
+     */
+    readonly privateKeyPem?: string;
+    /**
+     * Bearer token authorizing the owner-only publish endpoint
+     * (`POST <actor>/outbox`). When unset, that endpoint is disabled. This is the
+     * `@dwk/micropub` publish → `Create` fan-out seam; full C2S is out of scope
+     * for v1.
+     */
+    readonly publishToken?: string;
+    /**
+     * Whether to serve and advertise an instance-level **shared inbox** at
+     * `${baseUrl}/inbox` (ActivityPub §4.1 / §7.1.3), letting large peers
+     * batch-deliver to this actor. Defaults to `true`; set `false` to publish no
+     * `endpoints.sharedInbox` and serve no shared-inbox route.
+     */
+    readonly sharedInbox?: boolean;
+    /** Members served per `OrderedCollection` page. Defaults to 50. */
+    readonly pageSize?: number;
+    /** Max delivery attempts before a queued activity is dropped. Defaults to 8. */
+    readonly deliveryMaxAttempts?: number;
+    /** Base backoff (ms) for delivery retries (doubled per attempt). Defaults to 60_000. */
+    readonly deliveryBaseDelayMs?: number;
+    /** Accepted clock skew (seconds) on inbound signed `Date` headers. Defaults to 300. */
+    readonly clockSkewSeconds?: number;
+    /** Software identity for the NodeInfo document. Defaults to this package. */
+    readonly software?: SoftwareInfo;
+    /**
+     * Resolve a `keyId` to its owner + PEM key for inbound verification. Defaults
+     * to fetching the `keyId` (an actor or key IRI) as AS2 and reading
+     * `publicKey`. Supply your own to add caching or a key store.
+     */
+    readonly keyResolver?: KeyResolver;
+    /**
+     * Override inbound signature verification entirely (e.g. to plug in
+     * `@dwk/http-signatures`). When set, the built-in draft-cavage verifier and
+     * {@link keyResolver} are bypassed.
+     */
+    readonly verifyInboxSignature?: InboxVerifier;
+    /** `fetch` used for key resolution and outbound delivery. Defaults to global `fetch`. */
+    readonly fetch?: typeof fetch;
+    /** Injectable clock (epoch ms) for deterministic tests. Defaults to `Date.now`. */
+    readonly now?: () => number;
+    /** Structured-logging seam; defaults to a no-op. */
+    readonly logger?: Logger;
+    /** Metrics seam; defaults to a no-op. */
+    readonly metrics?: Metrics;
+}
+/** Fully-resolved configuration with defaults applied and IRIs derived. */
+export interface ResolvedConfig {
+    readonly baseUrl: string;
+    readonly actor: ActorProfile;
+    readonly iris: ActorIris;
+    /** Instance-level shared inbox IRI, or `undefined` when not served. */
+    readonly sharedInbox?: string;
+    readonly publicKeyPem: string;
+    readonly privateKeyPem?: string;
+    readonly publishToken?: string;
+    readonly pageSize: number;
+    readonly deliveryMaxAttempts: number;
+    readonly deliveryBaseDelayMs: number;
+    readonly clockSkewSeconds: number;
+    readonly software: SoftwareInfo;
+    readonly keyResolver: KeyResolver;
+    readonly verifyInboxSignature?: InboxVerifier;
+    readonly fetch: typeof fetch;
+    readonly now: () => number;
+    readonly logger: Logger;
+    readonly metrics: Metrics;
+}
+/**
+ * Internal headers the trusted front door uses to hand verified facts and the
+ * config subset the DO needs (including signing key material, which never leaves
+ * Cloudflare's network) to the Durable Object.
+ */
+export declare const INTERNAL_HEADERS: {
+    /** The verified actor IRI that signed an inbound `POST /inbox` (absent ⇒ unverified). */
+    readonly signedActor: "x-ap-signed-actor";
+    /** JSON config subset the DO needs (IRIs, delivery policy, signing key). */
+    readonly config: "x-ap-config";
+    /** Marks an owner-authorized publish request (`POST <actor>/outbox`). */
+    readonly publish: "x-ap-publish";
+};
+/** The config subset the front door forwards to the DO via {@link INTERNAL_HEADERS.config}. */
+export interface ForwardedConfig {
+    readonly iris: ActorIris;
+    readonly actorName: string;
+    /** Shared inbox IRI the DO should also accept inbound `POST`s on, if served. */
+    readonly sharedInbox?: string;
+    readonly manuallyApprovesFollowers: boolean;
+    readonly pageSize: number;
+    readonly deliveryMaxAttempts: number;
+    readonly deliveryBaseDelayMs: number;
+    readonly keyId: string;
+    /** Private key (PKCS#8 PEM) so the DO can sign deliveries from its alarm. */
+    readonly privateKeyPem?: string;
+}
+/** Derive the actor + collection IRIs from a base URL and username. */
+export declare function deriveIris(baseUrl: string, username: string): ActorIris;
+/** Apply defaults and derive IRIs from raw {@link ActivityPubConfig}. */
+export declare function resolveConfig(config: ActivityPubConfig): ResolvedConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAA2B,KAAK,MAAM,EAAE,KAAK,OAAO,EAAE,MAAM,UAAU,CAAC;AAE9E,OAAO,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AACrD,OAAO,KAAK,EACV,WAAW,EAEX,YAAY,EACZ,YAAY,EACb,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC/C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAElD,kFAAkF;AAClF,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,QAAQ,CAAC,KAAK,EAAE,sBAAsB,CAAC,iBAAiB,CAAC,CAAC;CAC3D;AAED,wFAAwF;AACxF,MAAM,MAAM,aAAa,GAAG,CAC1B,OAAO,EAAE,YAAY,KAClB,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAAC;AAE1C,yDAAyD;AACzD,MAAM,WAAW,iBAAiB;IAChC;;;;;OAKG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IAEzB,+EAA+E;IAC/E,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAE7B;;;OAGG;IACH,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAE9B;;;;OAIG;IACH,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAEhC;;;;;OAKG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;;OAKG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;IAE/B,mEAAmE;IACnE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAE3B,gFAAgF;IAChF,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAEtC,wFAAwF;IACxF,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAEtC,uFAAuF;IACvF,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAEnC,6EAA6E;IAC7E,QAAQ,CAAC,QAAQ,CAAC,EAAE,YAAY,CAAC;IAEjC;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,WAAW,CAAC;IAEnC;;;;OAIG;IACH,QAAQ,CAAC,oBAAoB,CAAC,EAAE,aAAa,CAAC;IAE9C,yFAAyF;IACzF,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;IAE9B,mFAAmF;IACnF,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IAE5B,oDAAoD;IACpD,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,yCAAyC;IACzC,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,2EAA2E;AAC3E,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC;IACzB,uEAAuE;IACvE,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC;IAChC,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,aAAa,CAAC;IAC9C,QAAQ,CAAC,KAAK,EAAE,OAAO,KAAK,CAAC;IAC7B,QAAQ,CAAC,GAAG,EAAE,MAAM,MAAM,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,eAAO,MAAM,gBAAgB;IAC3B,yFAAyF;;IAEzF,4EAA4E;;IAE5E,yEAAyE;;CAEjE,CAAC;AAEX,+FAA+F;AAC/F,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,gFAAgF;IAChF,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,yBAAyB,EAAE,OAAO,CAAC;IAC5C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,6EAA6E;IAC7E,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;CACjC;AAiBD,uEAAuE;AACvE,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,SAAS,CAUvE;AAsDD,yEAAyE;AACzE,wBAAgB,aAAa,CAAC,MAAM,EAAE,iBAAiB,GAAG,cAAc,CAmCvE"}