@fedify/fedify 1.5.7 → 1.5.9

package/CHANGES.md

@@ -3,6 +3,29 @@
 Fedify changelog
 ================
 
+Version 1.5.9
+-------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.5.8
+-------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+
 Version 1.5.7
 -------------
 
@@ -214,6 +237,29 @@ Released on March 28, 2025.
 [multibase]: https://github.com/multiformats/js-multibase
 
 
+Version 1.4.17
+--------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.4.16
+--------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+
 Version 1.4.15
 --------------
 
@@ -500,6 +546,29 @@ Released on February 5, 2025.
 [#195]: https://github.com/fedify-dev/fedify/issues/195
 
 
+Version 1.3.24
+--------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.3.23
+--------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+
 Version 1.3.22
 --------------
 
@@ -904,6 +973,29 @@ Released on November 30, 2024.
 [#193]: https://github.com/fedify-dev/fedify/issues/193
 
 
+Version 1.2.27
+--------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.2.26
+--------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+
 Version 1.2.25
 --------------
 
@@ -1341,6 +1433,29 @@ Released on October 31, 2024.
 [#118]: https://github.com/fedify-dev/fedify/issues/118
 
 
+Version 1.1.27
+--------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.1.26
+--------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+
 Version 1.1.25
 --------------
 
@@ -1819,6 +1934,31 @@ Released on October 20, 2024.
 [#150]: https://github.com/fedify-dev/fedify/issues/150
 
 
+Version 1.0.30
+--------------
+
+Released on September 17, 2025.
+
+ -  Improved the AT Protocol URI workaround to handle all DID methods and
+    edge cases. The fix now properly percent-encodes any authority component
+    in `at://` URIs, supporting `did:web`, `did:key`, and other DID methods
+    beyond just `did:plc`. Also handles URIs without path components
+    correctly.  [[#436]]
+
+
+Version 1.0.29
+--------------
+
+Released on September 17, 2025.
+
+ -  Added a temporary workaround for invalid AT Protocol URIs from BridgyFed.
+    URIs like `at://did:plc:...` that violate RFC 3986 URI syntax are now
+    automatically URL-encoded to `at://did%3Aplc%3A...` to prevent parsing
+    failures when processing bridged Bluesky content.  [[#436]]
+
+[#436]: https://github.com/fedify-dev/fedify/issues/436
+
+
 Version 1.0.28
 --------------
 

package/esm/deno.js

@@ -1,6 +1,6 @@
 export default {
     "name": "@fedify/fedify",
-    "version": "1.5.7",
+    "version": "1.5.9",
     "license": "MIT",
     "exports": {
         ".": "./mod.ts",

package/esm/runtime/key.js

@@ -94,11 +94,14 @@ export async function importMultibaseKey(key) {
             format: "der",
             type: "pkcs1",
         });
-        const spki = keyObject.export({ type: "spki", format: "der" }).buffer;
+        const exported = keyObject.export({ type: "spki", format: "der" }).buffer;
+        const spki = exported instanceof Uint8Array
+            ? exported
+            : new Uint8Array(exported);
         return await dntShim.crypto.subtle.importKey("spki", new Uint8Array(spki), { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, true, ["verify"]);
     }
     else if (code === 0xed) { // ed25519-pub
-        return await dntShim.crypto.subtle.importKey("raw", content, "Ed25519", true, ["verify"]);
+        return await dntShim.crypto.subtle.importKey("raw", content.slice(), "Ed25519", true, ["verify"]);
     }
     else {
         throw new TypeError("Unsupported key type: 0x" + code.toString(16));

package/esm/sig/ld.js

@@ -184,7 +184,7 @@ export async function verifySignature(jsonLd, options = {}) {
     const encoder = new TextEncoder();
     const message = sigOptsHash + docHash;
     const messageBytes = encoder.encode(message);
-    const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature, messageBytes);
+    const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes);
     if (verified)
         return key;
     if (cached) {
@@ -200,7 +200,7 @@ export async function verifySignature(jsonLd, options = {}) {
         });
         if (key == null)
             return null;
-        const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature, messageBytes);
+        const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes);
         return verified ? key : null;
     }
     logger.debug("Failed to verify with the fetched key {keyId}; " +

package/esm/sig/proof.js

@@ -209,7 +209,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
             "Ed25519 key:\n{keyId}", { proof, keyId: proof.verificationMethodId.href });
         return null;
     }
-    const verified = await dntShim.crypto.subtle.verify("Ed25519", publicKey.publicKey, proof.proofValue, digest);
+    const verified = await dntShim.crypto.subtle.verify("Ed25519", publicKey.publicKey, proof.proofValue.slice(), digest);
     if (!verified) {
         if (fetchedKey.cached) {
             logger.debug("Failed to verify the proof with the cached key {keyId}; retrying " +