@fedify/fedify 0.9.0-dev.177 → 0.9.0-dev.181

package/esm/deps/jsr.io/@std/semver/{0.224.0 → 0.224.1}/parse_range.js

@@ -325,6 +325,24 @@ function parseOperatorRanges(string) {
 }
 /**
  * Parses a range string into a Range object or throws a TypeError.
+ *
+ * @example Usage
+ * ```ts
+ * import { parseRange } from "@std/semver/parse-range";
+ * import { assertEquals } from "@std/assert/assert-equals";
+ *
+ * const range = parseRange(">=1.0.0 <2.0.0 || >=3.0.0");
+ * assertEquals(range, [
+ *   [
+ *     { operator: ">=", major: 1, minor: 0, patch: 0, prerelease: [], build: [] },
+ *     { operator: "<", major: 2, minor: 0, patch: 0, prerelease: [], build: [] },
+ *   ],
+ *   [
+ *     { operator: ">=", major: 3, minor: 0, patch: 0, prerelease: [], build: [] },
+ *   ]
+ * ]);
+ * ```
+ *
  * @param range The range set string
  * @returns A valid semantic range
  */

package/esm/deps/jsr.io/@std/semver/{0.224.0 → 0.224.1}/range_intersects.js

@@ -57,9 +57,24 @@ function comparatorsSatisfiable(comparators) {
 }
 /**
  * The ranges intersect every range of AND comparators intersects with a least one range of OR ranges.
+ *
+ * @example Usage
+ * ```ts
+ * import { parseRange, rangeIntersects } from "@std/semver";
+ * import { assert, assertFalse } from "@std/assert";
+ *
+ * const r0 = parseRange(">=1.0.0 <2.0.0");
+ * const r1 = parseRange(">=1.0.0 <1.2.3");
+ * const r2 = parseRange(">=1.2.3 <2.0.0");
+ *
+ * assert(rangeIntersects(r0, r1));
+ * assert(rangeIntersects(r0, r2));
+ * assertFalse(rangeIntersects(r1, r2));
+ * ```
+ *
  * @param r0 range 0
  * @param r1 range 1
- * @returns returns true if any
+ * @returns returns true if the given ranges intersect, false otherwise
  */
 export function rangeIntersects(r0, r1) {
     return rangesSatisfiable([r0, r1]) &&

package/esm/deps/jsr.io/@std/semver/{0.224.0 → 0.224.1}/range_max.js

@@ -42,15 +42,26 @@ function comparatorMax(comparator) {
     }
 }
 /**
+ * The maximum valid SemVer for a given range or INVALID
+ *
+ * @example Usage
+ * ```ts
+ * import { parseRange } from "@std/semver/parse-range";
+ * import { rangeMax } from "@std/semver/range-max";
+ * import { equals } from "@std/semver/equals";
+ * import { assert } from "@std/assert/assert";
+ *
+ * assert(equals(rangeMax(parseRange(">1.0.0 <=2.0.0")), { major: 2, minor: 0, patch: 0 }));
+ * ```
+ *
+ * @param range The range to calculate the max for
+ * @returns A valid SemVer or INVALID
+ *
  * @deprecated This will be removed in 1.0.0. Use {@linkcode greaterThanRange} or
- * {@linkcode lessThanRange} for comparing ranges and semvers. The maximum
+ * {@linkcode lessThanRange} for comparing ranges and SemVers. The maximum
  * version of a range is often not well defined, and therefore this API
  * shouldn't be used. See
  * {@link https://github.com/denoland/deno_std/issues/4365} for details.
- *
- * The maximum valid SemVer for a given range or INVALID
- * @param range The range to calculate the max for
- * @returns A valid SemVer or INVALID
  */
 export function rangeMax(range) {
     let max;

package/esm/deps/jsr.io/@std/semver/{0.224.0 → 0.224.1}/range_min.js

@@ -33,15 +33,26 @@ function comparatorMin(comparator) {
     }
 }
 /**
+ * The minimum valid SemVer for a given range or INVALID
+ *
+ * @example Usage
+ * ```ts
+ * import { parseRange } from "@std/semver/parse-range";
+ * import { rangeMin } from "@std/semver/range-min";
+ * import { equals } from "@std/semver/equals";
+ * import { assert } from "@std/assert/assert";
+ *
+ * assert(equals(rangeMin(parseRange(">=1.0.0 <2.0.0")), { major: 1, minor: 0, patch: 0 }));
+ * ```
+ *
+ * @param range The range to calculate the min for
+ * @returns A valid SemVer or INVALID
+ *
  * @deprecated This will be removed in 1.0.0. Use {@linkcode greaterThanRange} or
- * {@linkcode lessThanRange} for comparing ranges and semvers. The minimum
+ * {@linkcode lessThanRange} for comparing ranges and SemVers. The minimum
  * version of a range is often not well defined, and therefore this API
  * shouldn't be used. See
  * {@link https://github.com/denoland/deno_std/issues/4365} for details.
- *
- * The minimum valid SemVer for a given range or INVALID
- * @param range The range to calculate the min for
- * @returns A valid SemVer or INVALID
  */
 export function rangeMin(range) {
     let min;

package/esm/deps/jsr.io/@std/semver/0.224.1/satisfies.js

@@ -0,0 +1,26 @@
+// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
+import { testComparatorSet } from "./_test_comparator_set.js";
+/**
+ * Test to see if the version satisfies the range.
+ *
+ * @example Usage
+ * ```ts
+ * import { parse, parseRange, satisfies } from "@std/semver";
+ * import { assert, assertFalse } from "@std/assert";
+ *
+ * const version = parse("1.2.3");
+ * const range0 = parseRange(">=1.0.0 <2.0.0");
+ * const range1 = parseRange(">=1.0.0 <1.3.0");
+ * const range2 = parseRange(">=1.0.0 <1.2.3");
+ *
+ * assert(satisfies(version, range0));
+ * assert(satisfies(version, range1));
+ * assertFalse(satisfies(version, range2));
+ * ```
+ * @param version The version to test
+ * @param range The range to check
+ * @returns true if the version is in the range
+ */
+export function satisfies(version, range) {
+    return range.some((set) => testComparatorSet(version, set));
+}

package/esm/deps/jsr.io/@std/semver/0.224.1/test_range.js

@@ -0,0 +1,28 @@
+import { satisfies } from "./satisfies.js";
+/**
+ * Test to see if the version satisfies the range.
+ *
+ * @example Usage
+ * ```ts
+ * import { parse, parseRange, testRange } from "@std/semver";
+ * import { assert, assertFalse } from "@std/assert";
+ *
+ * const version = parse("1.2.3");
+ * const range0 = parseRange(">=1.0.0 <2.0.0");
+ * const range1 = parseRange(">=1.0.0 <1.3.0");
+ * const range2 = parseRange(">=1.0.0 <1.2.3");
+ *
+ * assert(testRange(version, range0));
+ * assert(testRange(version, range1));
+ * assertFalse(testRange(version, range2));
+ * ```
+ * @param version The version to test
+ * @param range The range to check
+ * @returns true if the version is in the range
+ *
+ * @deprecated This will be removed in 1.0.0. Use {@linkcode satisfies}
+ * instead. See https://github.com/denoland/deno_std/pull/4364.
+ */
+export function testRange(version, range) {
+    return satisfies(version, range);
+}

package/esm/deps/jsr.io/@std/semver/0.224.1/try_parse.js

@@ -0,0 +1,30 @@
+import { parse } from "./parse.js";
+/**
+ * Returns the parsed version, or undefined if it's not valid.
+ *
+ * @example Usage
+ * ```ts
+ * import { tryParse } from "@std/semver/try-parse";
+ * import { assertEquals } from "@std/assert/assert-equals";
+ *
+ * assertEquals(tryParse("1.2.3"), { major: 1, minor: 2, patch: 3, prerelease: [], build: [] });
+ * assertEquals(tryParse("1.2.3-alpha"), { major: 1, minor: 2, patch: 3, prerelease: ["alpha"], build: [] });
+ * assertEquals(tryParse("1.2.3+build"), { major: 1, minor: 2, patch: 3, prerelease: [], build: ["build"] });
+ * assertEquals(tryParse("1.2.3-alpha.1+build.1"), { major: 1, minor: 2, patch: 3, prerelease: ["alpha", 1], build: ["build", "1"] });
+ * assertEquals(tryParse(" invalid "), undefined);
+ * ```
+ *
+ * @param version The version string to parse
+ * @returns A valid SemVer or `undefined`
+ */
+export function tryParse(version) {
+    if (version === undefined) {
+        return undefined;
+    }
+    try {
+        return parse(version);
+    }
+    catch {
+        return undefined;
+    }
+}

package/esm/deps/jsr.io/@std/semver/{0.224.0 → 0.224.1}/try_parse_range.js

@@ -2,7 +2,22 @@
 // This module is browser compatible.
 import { parseRange } from "./parse_range.js";
 /**
- * A tries to parse a valid Range string or returns undefined
+ * Parses the given range string and returns a Range object. If the range string
+ * is invalid, `undefined` is returned.
+ *
+ * @example Usage
+ * ```ts
+ * import { tryParseRange } from "@std/semver";
+ * import { assertEquals } from "@std/assert";
+ *
+ * assertEquals(tryParseRange(">=1.2.3 <1.2.4"), [
+ *  [
+ *    { operator: ">=", major: 1, minor: 2, patch: 3, prerelease: [], build: [] },
+ *    { operator: "<", major: 1, minor: 2, patch: 4, prerelease: [], build: [] },
+ *  ],
+ * ]);
+ * ```
+ *
  * @param range The range string
  * @returns A Range object if valid otherwise `undefined`
  */

package/esm/federation/collection.js

@@ -1,5 +1,5 @@
 import * as dntShim from "../_dnt.shims.js";
-import { encodeHex } from "../deps/jsr.io/@std/encoding/0.224.2/hex.js";
+import { encodeHex } from "../deps/jsr.io/@std/encoding/0.224.3/hex.js";
 /**
  * Calculates the [partial follower collection digest][1].
  *

package/esm/federation/handler.js

@@ -1,6 +1,6 @@
 import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
-import { accepts } from "../deps/jsr.io/@std/http/0.224.1/negotiation.js";
+import { accepts } from "../deps/jsr.io/@std/http/0.224.2/negotiation.js";
 import { doesActorOwnKey, verify } from "../httpsig/mod.js";
 import { Activity, Link, Object, OrderedCollection, OrderedCollectionPage, } from "../vocab/vocab.js";
 export function acceptsJsonLd(request) {

package/esm/federation/middleware.js

@@ -1,7 +1,8 @@
 import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
-import { exportJwk, importJwk, validateCryptoKey } from "../httpsig/key.js";
-import { getKeyOwner, verify } from "../httpsig/mod.js";
+import { verifyRequest } from "../sig/http.js";
+import { exportJwk, importJwk, validateCryptoKey } from "../sig/key.js";
+import { getKeyOwner } from "../sig/owner.js";
 import { handleNodeInfo, handleNodeInfoJrd } from "../nodeinfo/handler.js";
 import { fetchDocumentLoader, getAuthenticatedDocumentLoader, kvCache, } from "../runtime/docloader.js";
 import { Activity, CryptographicKey } from "../vocab/mod.js";
@@ -381,7 +382,10 @@ export class Federation {
             async getSignedKey() {
                 if (signedKey !== undefined)
                     return signedKey;
-                return signedKey = await verify(request, { ...context, timeWindow });
+                return signedKey = await verifyRequest(request, {
+                    ...context,
+                    timeWindow,
+                });
             },
             async getSignedKeyOwner() {
                 if (signedKeyOwner !== undefined)

package/esm/httpsig/mod.js

@@ -1,18 +1,7 @@
-/**
- * The implementation of the [HTTP
- * Signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12).
- *
- * @module
- */
-import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
-import { equals } from "../deps/jsr.io/@std/bytes/0.224.0/mod.js";
-import { decodeBase64, encodeBase64 } from "../deps/jsr.io/@std/encoding/0.224.2/base64.js";
-import { fetchDocumentLoader, } from "../runtime/docloader.js";
-import { isActor } from "../vocab/actor.js";
-import { CryptographicKey, Object as ASObject, } from "../vocab/vocab.js";
-import { validateCryptoKey } from "./key.js";
-export { exportJwk, generateCryptoKeyPair, importJwk } from "./key.js";
+import { signRequest, verifyRequest, } from "../sig/http.js";
+import { exportJwk as newExportJwk, generateCryptoKeyPair as newGenerateCryptoKeyPair, importJwk as newImportJwk, } from "../sig/key.js";
+import { doesActorOwnKey as newDoesActorOwnKey, getKeyOwner as newGetKeyOwner, } from "../sig/owner.js";
 /**
  * Signs a request using the given private key.
  * @param request The request to sign.
@@ -21,45 +10,12 @@ export { exportJwk, generateCryptoKeyPair, importJwk } from "./key.js";
  *              verifier.
  * @returns The signed request.
  * @throws {TypeError} If the private key is invalid or unsupported.
+ * @deprecated
  */
-export async function sign(request, privateKey, keyId) {
-    validateCryptoKey(privateKey, "private");
-    const url = new URL(request.url);
-    const body = request.method !== "GET" && request.method !== "HEAD"
-        ? await request.arrayBuffer()
-        : null;
-    const headers = new Headers(request.headers);
-    if (!headers.has("Host")) {
-        headers.set("Host", url.host);
-    }
-    if (!headers.has("Digest") && body != null) {
-        const digest = await dntShim.crypto.subtle.digest("SHA-256", body);
-        headers.set("Digest", `sha-256=${encodeBase64(digest)}`);
-    }
-    if (!headers.has("Date")) {
-        headers.set("Date", new Date().toUTCString());
-    }
-    const serialized = [
-        ["(request-target)", `${request.method.toLowerCase()} ${url.pathname}`],
-        ...headers,
-    ];
-    const headerNames = serialized.map(([name]) => name);
-    const message = serialized
-        .map(([name, value]) => `${name}: ${value.trim()}`).join("\n");
-    // TODO: support other than RSASSA-PKCS1-v1_5:
-    const signature = await dntShim.crypto.subtle.sign("RSASSA-PKCS1-v1_5", privateKey, new TextEncoder().encode(message));
-    const sigHeader = `keyId="${keyId.href}",headers="${headerNames.join(" ")}",signature="${encodeBase64(signature)}"`;
-    headers.set("Signature", sigHeader);
-    return new Request(request, {
-        headers,
-        body,
-    });
+export function sign(request, privateKey, keyId) {
+    getLogger(["fedify", "httpsig", "sign"]).warn("The sign() function is deprecated.  Use signRequest() instead.");
+    return signRequest(request, privateKey, keyId);
 }
-const supportedHashAlgorithms = {
-    "sha": "SHA-1",
-    "sha-256": "SHA-256",
-    "sha-512": "SHA-512",
-};
 /**
  * Verifies the signature of a request.
  *
@@ -72,167 +28,11 @@ const supportedHashAlgorithms = {
  * @param options Options for verifying the request.
  * @returns The public key of the verified signature, or `null` if the signature
  *          could not be verified.
+ * @deprecated
  */
-export async function verify(request, { documentLoader, contextLoader, timeWindow, currentTime } = {}) {
-    const logger = getLogger(["fedify", "httpsig", "verify"]);
-    request = request.clone();
-    const dateHeader = request.headers.get("Date");
-    if (dateHeader == null) {
-        logger.debug("Failed to verify; no Date header found.", { headers: Object.fromEntries(request.headers.entries()) });
-        return null;
-    }
-    const sigHeader = request.headers.get("Signature");
-    if (sigHeader == null) {
-        logger.debug("Failed to verify; no Signature header found.", { headers: Object.fromEntries(request.headers.entries()) });
-        return null;
-    }
-    const digestHeader = request.headers.get("Digest");
-    if (request.method !== "GET" && request.method !== "HEAD" &&
-        digestHeader == null) {
-        logger.debug("Failed to verify; no Digest header found.", { headers: Object.fromEntries(request.headers.entries()) });
-        return null;
-    }
-    let body = null;
-    if (digestHeader != null) {
-        body = await request.arrayBuffer();
-        const digests = digestHeader.split(",").map((pair) => pair.includes("=") ? pair.split("=", 2) : [pair, ""]);
-        let matched = false;
-        for (let [algo, digestBase64] of digests) {
-            algo = algo.trim().toLowerCase();
-            if (!(algo in supportedHashAlgorithms))
-                continue;
-            const digest = decodeBase64(digestBase64);
-            const expectedDigest = await dntShim.crypto.subtle.digest(supportedHashAlgorithms[algo], body);
-            if (!equals(digest, new Uint8Array(expectedDigest))) {
-                logger.debug("Failed to verify; digest mismatch ({algorithm}): " +
-                    "{digest} != {expectedDigest}.", {
-                    algorithm: algo,
-                    digest: digestBase64,
-                    expectedDigest: encodeBase64(expectedDigest),
-                });
-                return null;
-            }
-            matched = true;
-        }
-        if (!matched) {
-            logger.debug("Failed to verify; no supported digest algorithm found.  " +
-                "Supported: {supportedAlgorithms}; found: {algorithms}.", {
-                supportedAlgorithms: Object.keys(supportedHashAlgorithms),
-                algorithms: digests.map(([algo]) => algo),
-            });
-            return null;
-        }
-    }
-    const date = dntShim.Temporal.Instant.from(new Date(dateHeader).toISOString());
-    const now = currentTime ?? dntShim.Temporal.Now.instant();
-    const tw = timeWindow ?? { minutes: 1 };
-    if (dntShim.Temporal.Instant.compare(date, now.add(tw)) > 0) {
-        logger.debug("Failed to verify; Date is too far in the future.", { date: date.toString(), now: now.toString() });
-        return null;
-    }
-    else if (dntShim.Temporal.Instant.compare(date, now.subtract(tw)) < 0) {
-        logger.debug("Failed to verify; Date is too far in the past.", { date: date.toString(), now: now.toString() });
-        return null;
-    }
-    const sigValues = Object.fromEntries(sigHeader.split(",").map((pair) => pair.match(/^\s*([A-Za-z]+)="([^"]*)"\s*$/)).filter((m) => m != null).map((m) => m.slice(1, 3)));
-    if (!("keyId" in sigValues)) {
-        logger.debug("Failed to verify; no keyId field found in the Signature header.", { signature: sigHeader });
-        return null;
-    }
-    else if (!("headers" in sigValues)) {
-        logger.debug("Failed to verify; no headers field found in the Signature header.", { signature: sigHeader });
-        return null;
-    }
-    else if (!("signature" in sigValues)) {
-        logger.debug("Failed to verify; no signature field found in the Signature header.", { signature: sigHeader });
-        return null;
-    }
-    const { keyId, headers, signature } = sigValues;
-    logger.debug("Fetching key {keyId} to verify signature...", { keyId });
-    let document;
-    try {
-        const remoteDocument = await (documentLoader ?? fetchDocumentLoader)(keyId);
-        document = remoteDocument.document;
-    }
-    catch (_) {
-        logger.debug("Failed to fetch key {keyId}.", { keyId });
-        return null;
-    }
-    let object;
-    try {
-        object = await ASObject.fromJsonLd(document, {
-            documentLoader,
-            contextLoader,
-        });
-    }
-    catch (e) {
-        if (!(e instanceof TypeError))
-            throw e;
-        try {
-            object = await CryptographicKey.fromJsonLd(document, {
-                documentLoader,
-                contextLoader,
-            });
-        }
-        catch (e) {
-            if (e instanceof TypeError) {
-                logger.debug("Failed to verify; key {keyId} returned an invalid object.", { keyId });
-                return null;
-            }
-            throw e;
-        }
-    }
-    let key = null;
-    if (object instanceof CryptographicKey)
-        key = object;
-    else if (isActor(object)) {
-        for await (const k of object.getPublicKeys({ documentLoader, contextLoader })) {
-            if (k.id?.href === keyId) {
-                key = k;
-                break;
-            }
-        }
-        if (key == null) {
-            logger.debug("Failed to verify; object {keyId} returned an {actorType}, " +
-                "but has no key matching {keyId}.", { keyId, actorType: object.constructor.name });
-            return null;
-        }
-    }
-    else {
-        logger.debug("Failed to verify; key {keyId} returned an invalid object.", { keyId });
-        return null;
-    }
-    if (key.publicKey == null) {
-        logger.debug("Failed to verify; key {keyId} has no publicKeyPem field.", { keyId });
-        return null;
-    }
-    const headerNames = headers.split(/\s+/g);
-    if (!headerNames.includes("(request-target)") || !headerNames.includes("date")) {
-        logger.debug("Failed to verify; required headers missing in the Signature header: " +
-            "{headers}.", { headers });
-        return null;
-    }
-    if (body != null && !headerNames.includes("digest")) {
-        logger.debug("Failed to verify; required headers missing in the Signature header: " +
-            "{headers}.", { headers });
-        return null;
-    }
-    const message = headerNames.map((name) => `${name}: ` +
-        (name == "(request-target)"
-            ? `${request.method.toLowerCase()} ${new URL(request.url).pathname}`
-            : name == "host"
-                ? request.headers.get("host") ?? new URL(request.url).host
-                : request.headers.get(name))).join("\n");
-    const sig = decodeBase64(signature);
-    // TODO: support other than RSASSA-PKCS1-v1_5:
-    const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, sig, new TextEncoder().encode(message));
-    if (!verified) {
-        logger.debug("Failed to verify; signature {signature} is invalid.  " +
-            "Check if the key is correct or if the signed message is correct.  " +
-            "The message to sign is:\n{message}", { signature, message });
-        return null;
-    }
-    return key;
+export function verify(request, options = {}) {
+    getLogger(["fedify", "httpsig", "verify"]).warn("The verify() function is deprecated.  Use verifyRequest() instead.");
+    return verifyRequest(request, options);
 }
 /**
  * Checks if the actor of the given activity owns the specified key.
@@ -240,19 +40,12 @@ export async function verify(request, { documentLoader, contextLoader, timeWindo
  * @param key The public key to check.
  * @param options Options for checking the key ownership.
  * @returns Whether the actor is the owner of the key.
+ * @deprecated
  */
-export async function doesActorOwnKey(activity, key, options) {
-    if (key.ownerId != null) {
-        return key.ownerId.href === activity.actorId?.href;
-    }
-    const actor = await activity.getActor(options);
-    if (actor == null || !isActor(actor))
-        return false;
-    for (const publicKeyId of actor.publicKeyIds) {
-        if (key.id != null && publicKeyId.href === key.id.href)
-            return true;
-    }
-    return false;
+export function doesActorOwnKey(activity, key, options) {
+    getLogger(["fedify", "httpsig"]).warn("The doesActorOwnKey() function from @fedify/fedify/httpsig is deprecated.  " +
+        "Use doesActorOwnKey() from @fedify/fedify/sig instead.");
+    return newDoesActorOwnKey(activity, key, options);
 }
 /**
  * Gets the actor that owns the specified key.  Returns `null` if the key has no
@@ -263,65 +56,49 @@ export async function doesActorOwnKey(activity, key, options) {
  * @returns The actor that owns the key, or `null` if the key has no known
  *          owner.
  * @since 0.7.0
+ * @deprecated
+ */
+export function getKeyOwner(keyId, options) {
+    getLogger(["fedify", "httpsig"]).warn("The getKeyOwner() function from @fedify/fedify/httpsig is deprecated.  " +
+        "Use getKeyOwner() from @fedify/fedify/sig instead.");
+    return newGetKeyOwner(keyId, options);
+}
+/**
+ * Generates a key pair which is appropriate for Fedify.
+ * @returns The generated key pair.
+ * @since 0.3.0
+ * @deprecated
+ */
+export function generateCryptoKeyPair() {
+    getLogger(["fedify", "httpsig", "key"]).warn("The generateCryptoKeyPair() from @fedify/fedify/httpsig is deprecated.  " +
+        "Please use generateKeyPair() from @fedify/fedify/sig instead.");
+    return newGenerateCryptoKeyPair();
+}
+/**
+ * Exports a key in JWK format.
+ * @param key The key to export.  Either public or private key.
+ * @returns The exported key in JWK format.  The key is suitable for
+ *          serialization and storage.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.3.0
+ * @deprecated
+ */
+export function exportJwk(key) {
+    getLogger(["fedify", "httpsig", "key"]).warn("The exportJwk() function from @fedify/fedify/httpsig is deprecated.  " +
+        "Please use exportJwk() from @fedify/fedify/sig instead.");
+    return newExportJwk(key);
+}
+/**
+ * Imports a key from JWK format.
+ * @param jwk The key in JWK format.
+ * @param type Which type of key to import, either `"public"`" or `"private"`".
+ * @returns The imported key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.3.0
+ * @deprecated
  */
-export async function getKeyOwner(keyId, options) {
-    const documentLoader = options.documentLoader ?? fetchDocumentLoader;
-    const contextLoader = options.contextLoader ?? fetchDocumentLoader;
-    let object;
-    if (keyId instanceof CryptographicKey) {
-        object = keyId;
-        if (object.id == null)
-            return null;
-        keyId = object.id;
-    }
-    else {
-        let keyDoc;
-        try {
-            const { document } = await documentLoader(keyId.href);
-            keyDoc = document;
-        }
-        catch (_) {
-            return null;
-        }
-        try {
-            object = await ASObject.fromJsonLd(keyDoc, {
-                documentLoader,
-                contextLoader,
-            });
-        }
-        catch (e) {
-            if (!(e instanceof TypeError))
-                throw e;
-            try {
-                object = await CryptographicKey.fromJsonLd(keyDoc, {
-                    documentLoader,
-                    contextLoader,
-                });
-            }
-            catch (e) {
-                if (e instanceof TypeError)
-                    return null;
-                throw e;
-            }
-        }
-    }
-    let owner = null;
-    if (object instanceof CryptographicKey) {
-        if (object.ownerId == null)
-            return null;
-        owner = await object.getOwner({ documentLoader, contextLoader });
-    }
-    else if (isActor(object)) {
-        owner = object;
-    }
-    else {
-        return null;
-    }
-    if (owner == null)
-        return null;
-    for (const kid of owner.publicKeyIds) {
-        if (kid.href === keyId.href)
-            return owner;
-    }
-    return null;
+export function importJwk(jwk, type) {
+    getLogger(["fedify", "httpsig", "key"]).warn("The importJwk() function from @fedify/fedify/httpsig is deprecated.  " +
+        "Please use importJwk() from @fedify/fedify/sig instead.");
+    return newImportJwk(jwk, type);
 }

package/esm/nodeinfo/types.js

@@ -1,4 +1,4 @@
-import { format } from "../deps/jsr.io/@std/semver/0.224.0/mod.js";
+import { format } from "../deps/jsr.io/@std/semver/0.224.1/mod.js";
 /**
  * Converts a {@link NodeInfo} object to a JSON value.
  * @param nodeInfo The {@link NodeInfo} object to convert.

package/esm/runtime/docloader.js

@@ -1,7 +1,7 @@
 import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
-import { validateCryptoKey } from "../httpsig/key.js";
-import { sign } from "../httpsig/mod.js";
+import { signRequest } from "../sig/http.js";
+import { validateCryptoKey } from "../sig/key.js";
 const logger = getLogger(["fedify", "runtime", "docloader"]);
 /**
  * Error thrown when fetching a JSON-LD document failed.
@@ -94,7 +94,7 @@ export function getAuthenticatedDocumentLoader(identity) {
     validateCryptoKey(identity.privateKey);
     async function load(url) {
         let request = createRequest(url);
-        request = await sign(request, identity.privateKey, identity.keyId);
+        request = await signRequest(request, identity.privateKey, identity.keyId);
         logRequest(request);
         const response = await fetch(request, {
             // Since Bun has a bug that ignores the `Request.redirect` option,