@fedify/fedify 1.1.0-dev.446 → 1.1.0

package/CHANGES.md

@@ -6,7 +6,7 @@ Fedify changelog
 Version 1.1.0
 -------------
 
-To be released.
+Released on October 20, 2024.
 
  -  Added utility functions for traversing remote collections. [[#150]]
 
@@ -16,6 +16,25 @@ To be released.
 
  -  Added `EmojiReact` class to Activity Vocabulary API.  [[FEP-c0e0]]
 
+ -  Added `successor` property to the `Actor` types in the Activity
+    Vocabulary API.
+
+     -  Added `Application.getSuccessor()` method.
+     -  `new Application()` constructor now accepts `successor` option.
+     -  `Application.clone()` method now accepts `successor` option.
+     -  Added `Group.getSuccessor()` method.
+     -  `new Group()` constructor now accepts `successor` option.
+     -  `Group.clone()` method now accepts `successor` option.
+     -  Added `Organization.getSuccessor()` method.
+     -  `new Organization()` constructor now accepts `successor` option.
+     -  `Organization.clone()` method now accepts `successor` option.
+     -  Added `Person.getSuccessor()` method.
+     -  `new Person()` constructor now accepts `successor` option.
+     -  `Person.clone()` method now accepts `successor` option.
+     -  Added `Service.getSuccessor()` method.
+     -  `new Service()` constructor now accepts `successor` option.
+     -  `Service.clone()` method now accepts `successor` option.
+
  -  Added `DidService` class to Activity Vocabulary API.
     [[FEP-9091], [#146]]
 
@@ -56,11 +75,30 @@ To be released.
      -  `Service.clone()` method now accepts `service` option.
      -  `Service.clone()` method now accepts `services` option.
 
+ -  The default time window for verifying HTTP Signatures of incoming requests
+    is now an hour (was a minute).  This new default window is according to
+    the [ActivityPub and HTTP Signatures] document.
+
+     -  The default value of `VerifyRequestOptions.timeWindow` option became
+        `{ hours: 1 }` (was `{ minutes: 1 }`).
+
+     -  The default value of `CreateFederationOptions.signatureTimeWindow`
+        option became `{ hours: 1 }` (was `{ minutes: 1 }`).
+
+     -  The type of `VerifyRequestOptions.timeWindow` property became
+        `Temporal.Duration | Temporal.DurationLike | false`
+        (was `Temporal.DurationLike | false`).
+
+     -  The type of `CreateFederationOptions.signatureTimeWindow` property
+        became `Temporal.Duration | Temporal.DurationLike | false`
+        (was `Temporal.DurationLike | false`).
+
  -  In the `fedify inbox` command's web interface, the *Raw Activity* tab is
     added to show the raw JSON object of the received activity.
 
 [FEP-c0e0]: https://w3id.org/fep/c0e0
 [FEP-9091]: https://w3id.org/fep/9091
+[ActivityPub and HTTP Signatures]: https://swicg.github.io/activitypub-http-signature/
 [#146]: https://github.com/dahlia/fedify/issues/146
 [#150]: https://github.com/dahlia/fedify/issues/150
 

package/esm/federation/middleware.js

@@ -101,7 +101,7 @@ export class FederationImpl {
                     ? (identity) => getAuthenticatedDocumentLoader(identity, true)
                     : getAuthenticatedDocumentLoader);
         this.onOutboxError = options.onOutboxError;
-        this.signatureTimeWindow = options.signatureTimeWindow ?? { minutes: 1 };
+        this.signatureTimeWindow = options.signatureTimeWindow ?? { hours: 1 };
         this.skipSignatureVerification = options.skipSignatureVerification ?? false;
         this.outboxRetryPolicy = options.outboxRetryPolicy ??
             createExponentialBackoffPolicy();

package/esm/sig/http.js

@@ -131,7 +131,8 @@ export async function verifyRequest(request, { documentLoader, contextLoader, ti
     const date = dntShim.Temporal.Instant.from(new Date(dateHeader).toISOString());
     const now = currentTime ?? dntShim.Temporal.Now.instant();
     if (timeWindow !== false) {
-        const tw = timeWindow ?? { minutes: 1 };
+        const tw = timeWindow ??
+            { hours: 1 };
         if (dntShim.Temporal.Instant.compare(date, now.add(tw)) > 0) {
             logger.debug("Failed to verify; Date is too far in the future.", { date: date.toString(), now: now.toString() });
             return null;

package/esm/vocab/application.yaml

@@ -15,6 +15,9 @@ defaultContext:
     "@id": "as:alsoKnownAs"
     "@type": "@id"
   manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
+  movedTo:
+    "@id": "as:movedTo"
+    "@type": "@id"
   toot: "http://joinmastodon.org/ns#"
   featured:
     "@id": "toot:featured"
@@ -248,6 +251,23 @@ properties:
   range:
   - "http://www.w3.org/2001/XMLSchema#boolean"
 
+- singularName: successor
+  functional: true
+  compactName: movedTo
+  uri: "https://www.w3.org/ns/activitystreams#movedTo"
+  description: >-
+    Signifies that an actor has been moved to a different ID.
+    Used in Mastodon-style data portability with the {@link Move} activity;
+    see [ActivityPub Data Portability/Move
+    Action](https://swicg.github.io/activitypub-data-portability/#move-action)
+    for more details. 
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
 - pluralName: aliases
   singularName: alias
   singularAccessor: true

package/esm/vocab/group.yaml

@@ -15,6 +15,9 @@ defaultContext:
     "@id": "as:alsoKnownAs"
     "@type": "@id"
   manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
+  movedTo:
+    "@id": "as:movedTo"
+    "@type": "@id"
   toot: "http://joinmastodon.org/ns#"
   featured:
     "@id": "toot:featured"
@@ -248,6 +251,23 @@ properties:
   range:
   - "http://www.w3.org/2001/XMLSchema#boolean"
 
+- singularName: successor
+  functional: true
+  compactName: movedTo
+  uri: "https://www.w3.org/ns/activitystreams#movedTo"
+  description: >-
+    Signifies that an actor has been moved to a different ID.
+    Used in Mastodon-style data portability with the {@link Move} activity;
+    see [ActivityPub Data Portability/Move
+    Action](https://swicg.github.io/activitypub-data-portability/#move-action)
+    for more details. 
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
 - pluralName: aliases
   singularName: alias
   singularAccessor: true

package/esm/vocab/organization.yaml

@@ -15,6 +15,9 @@ defaultContext:
     "@id": "as:alsoKnownAs"
     "@type": "@id"
   manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
+  movedTo:
+    "@id": "as:movedTo"
+    "@type": "@id"
   toot: "http://joinmastodon.org/ns#"
   featured:
     "@id": "toot:featured"
@@ -248,6 +251,23 @@ properties:
   range:
   - "http://www.w3.org/2001/XMLSchema#boolean"
 
+- singularName: successor
+  functional: true
+  compactName: movedTo
+  uri: "https://www.w3.org/ns/activitystreams#movedTo"
+  description: >-
+    Signifies that an actor has been moved to a different ID.
+    Used in Mastodon-style data portability with the {@link Move} activity;
+    see [ActivityPub Data Portability/Move
+    Action](https://swicg.github.io/activitypub-data-portability/#move-action)
+    for more details. 
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
 - pluralName: aliases
   singularName: alias
   singularAccessor: true

package/esm/vocab/person.yaml

@@ -15,6 +15,9 @@ defaultContext:
     "@id": "as:alsoKnownAs"
     "@type": "@id"
   manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
+  movedTo:
+    "@id": "as:movedTo"
+    "@type": "@id"
   toot: "http://joinmastodon.org/ns#"
   featured:
     "@id": "toot:featured"
@@ -248,6 +251,23 @@ properties:
   range:
   - "http://www.w3.org/2001/XMLSchema#boolean"
 
+- singularName: successor
+  functional: true
+  compactName: movedTo
+  uri: "https://www.w3.org/ns/activitystreams#movedTo"
+  description: >-
+    Signifies that an actor has been moved to a different ID.
+    Used in Mastodon-style data portability with the {@link Move} activity;
+    see [ActivityPub Data Portability/Move
+    Action](https://swicg.github.io/activitypub-data-portability/#move-action)
+    for more details. 
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
 - pluralName: aliases
   singularName: alias
   singularAccessor: true

package/esm/vocab/service.yaml

@@ -15,6 +15,9 @@ defaultContext:
     "@id": "as:alsoKnownAs"
     "@type": "@id"
   manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
+  movedTo:
+    "@id": "as:movedTo"
+    "@type": "@id"
   toot: "http://joinmastodon.org/ns#"
   featured:
     "@id": "toot:featured"
@@ -248,6 +251,23 @@ properties:
   range:
   - "http://www.w3.org/2001/XMLSchema#boolean"
 
+- singularName: successor
+  functional: true
+  compactName: movedTo
+  uri: "https://www.w3.org/ns/activitystreams#movedTo"
+  description: >-
+    Signifies that an actor has been moved to a different ID.
+    Used in Mastodon-style data portability with the {@link Move} activity;
+    see [ActivityPub Data Portability/Move
+    Action](https://swicg.github.io/activitypub-data-portability/#move-action)
+    for more details. 
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
 - pluralName: aliases
   singularName: alias
   singularAccessor: true