@fedify/fedify 1.6.14 → 1.6.15

package/dist/middleware.js

@@ -1,301 +1,845 @@
 
       import { Temporal } from "@js-temporal/polyfill";
       import { URLPattern } from "urlpattern-polyfill";
-      globalThis.addEventListener = () => {};
     
-import { d as version, i as getDocumentLoader, s as kvCache, u as name } from "./docloader.js";
-import { t as getNodeInfo } from "./client.js";
-import { n as RouterError } from "./router.js";
-import { t as nodeInfoToJson } from "./types.js";
-import { _ as Object$1, b as OrderedCollectionPage, h as Multikey, m as Link, o as CryptographicKey, t as Activity, y as OrderedCollection } from "./vocab.js";
+import { r as getDefaultActivityTransformers } from "./transformers.js";
+import { d as name, f as version, i as getDocumentLoader, s as kvCache } from "./docloader.js";
+import { G as Multikey, Tt as getTypeId, V as Link, X as OrderedCollectionPage, Y as OrderedCollection, q as Object$1, s as Activity, y as CryptographicKey } from "./actor.js";
 import { t as lookupWebFinger } from "./lookup.js";
-import { t as getTypeId } from "./type.js";
 import { a as validateCryptoKey, i as importJwk, t as exportJwk } from "./key2.js";
-import { l as verifyRequest } from "./http.js";
+import { r as verifyRequest, t as doubleKnock } from "./http.js";
+import { a as doesActorOwnKey, d as signJsonLd, f as verifyJsonLd, l as detachSignature, n as signObject, o as getKeyOwner, r as verifyObject, u as hasSignature } from "./proof.js";
+import { n as getNodeInfo, t as nodeInfoToJson } from "./types.js";
 import { t as getAuthenticatedDocumentLoader } from "./authdocloader.js";
-import { a as signJsonLd, i as hasSignature, o as verifyJsonLd, r as detachSignature } from "./ld.js";
-import { n as getKeyOwner, t as doesActorOwnKey } from "./owner.js";
-import { n as signObject, r as verifyObject } from "./proof.js";
-import { n as traverseCollection, t as lookupObject } from "./lookup2.js";
-import { n as routeActivity } from "./inbox.js";
-import { t as FederationBuilderImpl } from "./builder.js";
-import { t as buildCollectionSynchronizationHeader } from "./collection.js";
-import { t as KvKeyCache } from "./keycache.js";
-import { t as createExponentialBackoffPolicy } from "./retry.js";
-import { n as sendActivity, t as extractInboxes } from "./send.js";
+import { n as lookupObject, r as traverseCollection } from "./vocab.js";
 import { getLogger, withContext } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
+import { encodeHex } from "byte-encodings/hex";
+import { cloneDeep } from "@es-toolkit/es-toolkit";
+import { Router } from "uri-template-router";
+import { parseTemplate } from "url-template";
 import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_HTTP_RESPONSE_HEADER, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_URL_FULL } from "@opentelemetry/semantic-conventions";
 import { domainToASCII } from "node:url";
 
-//#region compat/transformers.ts
-const logger$1 = getLogger([
-	"fedify",
-	"compat",
-	"transformers"
-]);
-/**
-* An activity transformer that assigns a new random ID to an activity if it
-* does not already have one.  This is useful for ensuring that activities
-* have an ID before they are sent to other servers.
-*
-* The generated ID is an origin URI with a fragment which contains an activity
-* type name with a random UUID:
-*
-* ```
-* https://example.com/#Follow/12345678-1234-5678-1234-567812345678
-* ```
-*
-* @typeParam TContextData The type of the context data.
-* @param activity The activity to assign an ID to.
-* @param context The context of the activity.
-* @return The activity with an ID assigned.
-* @since 1.4.0
-*/
-function autoIdAssigner(activity, context$1) {
-	if (activity.id != null) return activity;
-	const id = new URL(`/#${activity.constructor.name}/${crypto.randomUUID()}`, context$1.origin);
-	logger$1.warn("As the activity to send does not have an id, a new id {id} has been generated for it.  However, it is recommended to explicitly set the id for the activity.", { id: id.href });
-	return activity.clone({ id });
-}
-/**
-* An activity transformer that dehydrates the actor property of an activity
-* so that it only contains the actor's URI.  For example, suppose we have an
-* activity like this:
-*
-* ```typescript
-* import { Follow, Person } from "@fedify/fedify/vocab";
-* const input = new Follow({
-*   id: new URL("http://example.com/activities/1"),
-*   actor: new Person({
-*     id: new URL("http://example.com/actors/1"),
-*     name: "Alice",
-*     preferredUsername: "alice",
-*   }),
-*   object: new Person({
-*     id: new URL("http://example.com/actors/2"),
-*     name: "Bob",
-*     preferredUsername: "bob",
-*   }),
-* });
-* ```
-*
-* The result of applying this transformer would be:
-*
-* ```typescript
-* import { Follow, Person } from "@fedify/fedify/vocab";
-* const output = new Follow({
-*   id: new URL("http://example.com/activities/1"),
-*   actor: new URL("http://example.com/actors/1"),
-*   object: new Person({
-*     id: new URL("http://example.com/actors/2"),
-*     name: "Bob",
-*     preferredUsername: "bob",
-*   }),
-* });
-* ```
-*
-* As some ActivityPub implementations like Threads fail to deal with inlined
-* actor objects, this transformer can be used to work around this issue.
-* @typeParam TContextData The type of the context data.
-* @param activity The activity to dehydrate the actor property of.
-* @param context The context of the activity.
-* @returns The dehydrated activity.
-* @since 1.4.0
-*/
-function actorDehydrator(activity, _context) {
-	if (activity.actorIds.length < 1) return activity;
-	return activity.clone({ actors: activity.actorIds });
-}
-/**
-* Gets the default activity transformers that are applied to all outgoing
-* activities.
-* @typeParam TContextData The type of the context data.
-* @returns The default activity transformers.
-* @since 1.4.0
-*/
-function getDefaultActivityTransformers() {
-	return [autoIdAssigner, actorDehydrator];
+//#region federation/inbox.ts
+var InboxListenerSet = class InboxListenerSet {
+	#listeners;
+	constructor() {
+		this.#listeners = /* @__PURE__ */ new Map();
+	}
+	clone() {
+		const clone = new InboxListenerSet();
+		clone.#listeners = new Map(this.#listeners);
+		return clone;
+	}
+	add(type, listener) {
+		if (this.#listeners.has(type)) throw new TypeError("Listener already set for this type.");
+		this.#listeners.set(type, listener);
+	}
+	dispatchWithClass(activity) {
+		let cls = activity.constructor;
+		const inboxListeners = this.#listeners;
+		if (inboxListeners == null) return null;
+		while (true) {
+			if (inboxListeners.has(cls)) break;
+			if (cls === Activity) return null;
+			cls = globalThis.Object.getPrototypeOf(cls);
+		}
+		const listener = inboxListeners.get(cls);
+		return {
+			class: cls,
+			listener
+		};
+	}
+	dispatch(activity) {
+		return this.dispatchWithClass(activity)?.listener ?? null;
+	}
+};
+async function routeActivity({ context: ctx, json, activity, recipient, inboxListeners, inboxContextFactory, inboxErrorHandler, kv, kvPrefixes, queue, span, tracerProvider }) {
+	const logger$1 = getLogger([
+		"fedify",
+		"federation",
+		"inbox"
+	]);
+	const cacheKey = activity.id == null ? null : [
+		...kvPrefixes.activityIdempotence,
+		ctx.origin,
+		activity.id.href
+	];
+	if (cacheKey != null) {
+		if (await kv.get(cacheKey) === true) {
+			logger$1.debug("Activity {activityId} has already been processed.", {
+				activityId: activity.id?.href,
+				activity: json,
+				recipient
+			});
+			span.setStatus({
+				code: SpanStatusCode.UNSET,
+				message: `Activity ${activity.id?.href} has already been processed.`
+			});
+			return "alreadyProcessed";
+		}
+	}
+	if (activity.actorId == null) {
+		logger$1.error("Missing actor.", { activity: json });
+		span.setStatus({
+			code: SpanStatusCode.ERROR,
+			message: "Missing actor."
+		});
+		return "missingActor";
+	}
+	span.setAttribute("activitypub.actor.id", activity.actorId.href);
+	if (queue != null) {
+		const carrier = {};
+		propagation.inject(context.active(), carrier);
+		try {
+			await queue.enqueue({
+				type: "inbox",
+				id: crypto.randomUUID(),
+				baseUrl: ctx.origin,
+				activity: json,
+				identifier: recipient,
+				attempt: 0,
+				started: (/* @__PURE__ */ new Date()).toISOString(),
+				traceContext: carrier
+			});
+		} catch (error) {
+			logger$1.error("Failed to enqueue the incoming activity {activityId}:\n{error}", {
+				error,
+				activityId: activity.id?.href,
+				activity: json,
+				recipient
+			});
+			span.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: `Failed to enqueue the incoming activity ${activity.id?.href}.`
+			});
+			throw error;
+		}
+		logger$1.info("Activity {activityId} is enqueued.", {
+			activityId: activity.id?.href,
+			activity: json,
+			recipient
+		});
+		return "enqueued";
+	}
+	tracerProvider = tracerProvider ?? trace.getTracerProvider();
+	return await tracerProvider.getTracer(name, version).startActiveSpan("activitypub.dispatch_inbox_listener", { kind: SpanKind.INTERNAL }, async (span$1) => {
+		const dispatched = inboxListeners?.dispatchWithClass(activity);
+		if (dispatched == null) {
+			logger$1.error("Unsupported activity type:\n{activity}", {
+				activity: json,
+				recipient
+			});
+			span$1.setStatus({
+				code: SpanStatusCode.UNSET,
+				message: `Unsupported activity type: ${getTypeId(activity).href}`
+			});
+			span$1.end();
+			return "unsupportedActivity";
+		}
+		const { class: cls, listener } = dispatched;
+		span$1.updateName(`activitypub.dispatch_inbox_listener ${cls.name}`);
+		try {
+			await listener(inboxContextFactory(recipient, json, activity?.id?.href, getTypeId(activity).href), activity);
+		} catch (error) {
+			try {
+				await inboxErrorHandler?.(ctx, error);
+			} catch (error$1) {
+				logger$1.error("An unexpected error occurred in inbox error handler:\n{error}", {
+					error: error$1,
+					activityId: activity.id?.href,
+					activity: json,
+					recipient
+				});
+			}
+			logger$1.error("Failed to process the incoming activity {activityId}:\n{error}", {
+				error,
+				activityId: activity.id?.href,
+				activity: json,
+				recipient
+			});
+			span$1.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: String(error)
+			});
+			span$1.end();
+			return "error";
+		}
+		if (cacheKey != null) await kv.set(cacheKey, true, { ttl: Temporal.Duration.from({ days: 1 }) });
+		logger$1.info("Activity {activityId} has been processed.", {
+			activityId: activity.id?.href,
+			activity: json,
+			recipient
+		});
+		span$1.end();
+		return "success";
+	});
 }
 
 //#endregion
-//#region nodeinfo/handler.ts
-/**
-* Handles a NodeInfo request.  You would not typically call this function
-* directly, but instead use {@link Federation.handle} method.
-* @param request The NodeInfo request to handle.
-* @param parameters The parameters for handling the request.
-* @returns The response to the request.
-*/
-async function handleNodeInfo(_request, { context: context$1, nodeInfoDispatcher }) {
-	const promise = nodeInfoDispatcher(context$1);
-	const json = nodeInfoToJson(promise instanceof Promise ? await promise : promise);
-	return new Response(JSON.stringify(json), { headers: { "Content-Type": "application/json; profile=\"http://nodeinfo.diaspora.software/ns/schema/2.1#\"" } });
+//#region federation/router.ts
+function cloneInnerRouter(router) {
+	const clone = new Router();
+	clone.nid = router.nid;
+	clone.fsm = cloneDeep(router.fsm);
+	clone.routeSet = new Set(router.routeSet);
+	clone.templateRouteMap = new Map(router.templateRouteMap);
+	clone.valueRouteMap = new Map(router.valueRouteMap);
+	clone.hierarchy = cloneDeep(router.hierarchy);
+	return clone;
 }
 /**
-* Handles a request to `/.well-known/nodeinfo`.  You would not typically call
-* this function directly, but instead use {@link Federation.handle} method.
-* @param request The request to handle.
-* @param context The request context.
-* @returns The response to the request.
+* URL router and constructor based on URI Template
+* ([RFC 6570](https://tools.ietf.org/html/rfc6570)).
 */
-function handleNodeInfoJrd(_request, context$1) {
-	const links = [];
-	try {
-		links.push({
-			rel: "http://nodeinfo.diaspora.software/ns/schema/2.1",
-			href: context$1.getNodeInfoUri().href,
-			type: "application/json; profile=\"http://nodeinfo.diaspora.software/ns/schema/2.1#\""
-		});
-	} catch (e) {
-		if (!(e instanceof RouterError)) throw e;
+var Router$1 = class Router$1 {
+	#router;
+	#templates;
+	#templateStrings;
+	/**
+	* Whether to ignore trailing slashes when matching paths.
+	* @since 1.6.0
+	*/
+	trailingSlashInsensitive;
+	/**
+	* Create a new {@link Router}.
+	* @param options Options for the router.
+	*/
+	constructor(options = {}) {
+		this.#router = new Router();
+		this.#templates = {};
+		this.#templateStrings = {};
+		this.trailingSlashInsensitive = options.trailingSlashInsensitive ?? false;
+	}
+	clone() {
+		const clone = new Router$1({ trailingSlashInsensitive: this.trailingSlashInsensitive });
+		clone.#router = cloneInnerRouter(this.#router);
+		clone.#templates = { ...this.#templates };
+		clone.#templateStrings = { ...this.#templateStrings };
+		return clone;
+	}
+	/**
+	* Checks if a path name exists in the router.
+	* @param name The name of the path.
+	* @returns `true` if the path name exists, otherwise `false`.
+	*/
+	has(name$1) {
+		return name$1 in this.#templates;
+	}
+	/**
+	* Adds a new path rule to the router.
+	* @param template The path pattern.
+	* @param name The name of the path.
+	* @returns The names of the variables in the path pattern.
+	*/
+	add(template, name$1) {
+		if (!template.startsWith("/")) throw new RouterError("Path must start with a slash.");
+		const rule = this.#router.addTemplate(template, {}, name$1);
+		this.#templates[name$1] = parseTemplate(template);
+		this.#templateStrings[name$1] = template;
+		return new Set(rule.variables.map((v) => v.varname));
+	}
+	/**
+	* Resolves a path name and values from a URL, if any match.
+	* @param url The URL to resolve.
+	* @returns The name of the path and its values, if any match.  Otherwise,
+	*          `null`.
+	*/
+	route(url) {
+		let match = this.#router.resolveURI(url);
+		if (match == null) {
+			if (!this.trailingSlashInsensitive) return null;
+			url = url.endsWith("/") ? url.replace(/\/+$/, "") : `${url}/`;
+			match = this.#router.resolveURI(url);
+			if (match == null) return null;
+		}
+		return {
+			name: match.matchValue,
+			template: this.#templateStrings[match.matchValue],
+			values: match.params
+		};
 	}
-	const jrd = { links };
-	const response = new Response(JSON.stringify(jrd), { headers: { "Content-Type": "application/jrd+json" } });
-	return Promise.resolve(response);
-}
-
-//#endregion
-//#region vocab/constants.ts
+	/**
+	* Constructs a URL/path from a path name and values.
+	* @param name The name of the path.
+	* @param values The values to expand the path with.
+	* @returns The URL/path, if the name exists.  Otherwise, `null`.
+	*/
+	build(name$1, values) {
+		if (name$1 in this.#templates) return this.#templates[name$1].expand(values);
+		return null;
+	}
+};
 /**
-* The special public collection for [public addressing].  *Do not mutate this
-* object.*
-*
-* [public addressing]: https://www.w3.org/TR/activitypub/#public-addressing
-*
-* @since 0.7.0
+* An error thrown by the {@link Router}.
 */
-const PUBLIC_COLLECTION = new URL("https://www.w3.org/ns/activitystreams#Public");
+var RouterError = class extends Error {
+	/**
+	* Create a new {@link RouterError}.
+	* @param message The error message.
+	*/
+	constructor(message) {
+		super(message);
+		this.name = "RouterError";
+	}
+};
 
 //#endregion
-//#region webfinger/handler.ts
-const logger = getLogger([
-	"fedify",
-	"webfinger",
-	"server"
-]);
-/**
-* Handles a WebFinger request.  You would not typically call this function
-* directly, but instead use {@link Federation.fetch} method.
-* @param request The WebFinger request to handle.
-* @param parameters The parameters for handling the request.
-* @returns The response to the request.
-*/
-async function handleWebFinger(request, options) {
-	if (options.tracer == null) return await handleWebFingerInternal(request, options);
-	return await options.tracer.startActiveSpan("webfinger.handle", { kind: SpanKind.SERVER }, async (span) => {
-		try {
-			const response = await handleWebFingerInternal(request, options);
-			span.setStatus({ code: response.ok ? SpanStatusCode.UNSET : SpanStatusCode.ERROR });
-			return response;
-		} catch (error) {
-			span.setStatus({
-				code: SpanStatusCode.ERROR,
-				message: String(error)
+//#region federation/builder.ts
+var FederationBuilderImpl = class {
+	router;
+	actorCallbacks;
+	nodeInfoDispatcher;
+	objectCallbacks;
+	objectTypeIds;
+	inboxPath;
+	inboxCallbacks;
+	outboxCallbacks;
+	followingCallbacks;
+	followersCallbacks;
+	likedCallbacks;
+	featuredCallbacks;
+	featuredTagsCallbacks;
+	inboxListeners;
+	inboxErrorHandler;
+	sharedInboxKeyDispatcher;
+	constructor() {
+		this.router = new Router$1();
+		this.objectCallbacks = {};
+		this.objectTypeIds = {};
+	}
+	async build(options) {
+		const { FederationImpl: FederationImpl$1 } = await import("./middleware2.js");
+		const f = new FederationImpl$1(options);
+		const trailingSlashInsensitiveValue = f.router.trailingSlashInsensitive;
+		f.router = this.router.clone();
+		f.router.trailingSlashInsensitive = trailingSlashInsensitiveValue;
+		f._initializeRouter();
+		f.actorCallbacks = this.actorCallbacks == null ? void 0 : { ...this.actorCallbacks };
+		f.nodeInfoDispatcher = this.nodeInfoDispatcher;
+		f.objectCallbacks = { ...this.objectCallbacks };
+		f.objectTypeIds = { ...this.objectTypeIds };
+		f.inboxPath = this.inboxPath;
+		f.inboxCallbacks = this.inboxCallbacks == null ? void 0 : { ...this.inboxCallbacks };
+		f.outboxCallbacks = this.outboxCallbacks == null ? void 0 : { ...this.outboxCallbacks };
+		f.followingCallbacks = this.followingCallbacks == null ? void 0 : { ...this.followingCallbacks };
+		f.followersCallbacks = this.followersCallbacks == null ? void 0 : { ...this.followersCallbacks };
+		f.likedCallbacks = this.likedCallbacks == null ? void 0 : { ...this.likedCallbacks };
+		f.featuredCallbacks = this.featuredCallbacks == null ? void 0 : { ...this.featuredCallbacks };
+		f.featuredTagsCallbacks = this.featuredTagsCallbacks == null ? void 0 : { ...this.featuredTagsCallbacks };
+		f.inboxListeners = this.inboxListeners?.clone();
+		f.inboxErrorHandler = this.inboxErrorHandler;
+		f.sharedInboxKeyDispatcher = this.sharedInboxKeyDispatcher;
+		return f;
+	}
+	_getTracer() {
+		return trace.getTracer(name, version);
+	}
+	setActorDispatcher(path, dispatcher) {
+		if (this.router.has("actor")) throw new RouterError("Actor dispatcher already set.");
+		const variables = this.router.add(path, "actor");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for actor dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"actor"
+		]).warn("The {{handle}} variable in the actor dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher: async (context$1, identifier) => {
+			const actor = await this._getTracer().startActiveSpan("activitypub.dispatch_actor", {
+				kind: SpanKind.SERVER,
+				attributes: { "fedify.actor.identifier": identifier }
+			}, async (span) => {
+				try {
+					const actor$1 = await dispatcher(context$1, identifier);
+					span.setAttribute("activitypub.actor.id", (actor$1?.id ?? context$1.getActorUri(identifier)).href);
+					if (actor$1 == null) span.setStatus({ code: SpanStatusCode.ERROR });
+					else span.setAttribute("activitypub.actor.type", getTypeId(actor$1).href);
+					return actor$1;
+				} catch (error) {
+					span.setStatus({
+						code: SpanStatusCode.ERROR,
+						message: String(error)
+					});
+					throw error;
+				} finally {
+					span.end();
+				}
 			});
-			throw error;
-		} finally {
-			span.end();
+			if (actor == null) return null;
+			const logger$1 = getLogger([
+				"fedify",
+				"federation",
+				"actor"
+			]);
+			if (actor.id == null) logger$1.warn("Actor dispatcher returned an actor without an id property.  Set the property with Context.getActorUri(identifier).");
+			else if (actor.id.href != context$1.getActorUri(identifier).href) logger$1.warn("Actor dispatcher returned an actor with an id property that does not match the actor URI.  Set the property with Context.getActorUri(identifier).");
+			if (this.followingCallbacks != null && this.followingCallbacks.dispatcher != null) {
+				if (actor.followingId == null) logger$1.warn("You configured a following collection dispatcher, but the actor does not have a following property.  Set the property with Context.getFollowingUri(identifier).");
+				else if (actor.followingId.href != context$1.getFollowingUri(identifier).href) logger$1.warn("You configured a following collection dispatcher, but the actor's following property does not match the following collection URI.  Set the property with Context.getFollowingUri(identifier).");
+			}
+			if (this.followersCallbacks != null && this.followersCallbacks.dispatcher != null) {
+				if (actor.followersId == null) logger$1.warn("You configured a followers collection dispatcher, but the actor does not have a followers property.  Set the property with Context.getFollowersUri(identifier).");
+				else if (actor.followersId.href != context$1.getFollowersUri(identifier).href) logger$1.warn("You configured a followers collection dispatcher, but the actor's followers property does not match the followers collection URI.  Set the property with Context.getFollowersUri(identifier).");
+			}
+			if (this.outboxCallbacks != null && this.outboxCallbacks.dispatcher != null) {
+				if (actor?.outboxId == null) logger$1.warn("You configured an outbox collection dispatcher, but the actor does not have an outbox property.  Set the property with Context.getOutboxUri(identifier).");
+				else if (actor.outboxId.href != context$1.getOutboxUri(identifier).href) logger$1.warn("You configured an outbox collection dispatcher, but the actor's outbox property does not match the outbox collection URI.  Set the property with Context.getOutboxUri(identifier).");
+			}
+			if (this.likedCallbacks != null && this.likedCallbacks.dispatcher != null) {
+				if (actor?.likedId == null) logger$1.warn("You configured a liked collection dispatcher, but the actor does not have a liked property.  Set the property with Context.getLikedUri(identifier).");
+				else if (actor.likedId.href != context$1.getLikedUri(identifier).href) logger$1.warn("You configured a liked collection dispatcher, but the actor's liked property does not match the liked collection URI.  Set the property with Context.getLikedUri(identifier).");
+			}
+			if (this.featuredCallbacks != null && this.featuredCallbacks.dispatcher != null) {
+				if (actor?.featuredId == null) logger$1.warn("You configured a featured collection dispatcher, but the actor does not have a featured property.  Set the property with Context.getFeaturedUri(identifier).");
+				else if (actor.featuredId.href != context$1.getFeaturedUri(identifier).href) logger$1.warn("You configured a featured collection dispatcher, but the actor's featured property does not match the featured collection URI.  Set the property with Context.getFeaturedUri(identifier).");
+			}
+			if (this.featuredTagsCallbacks != null && this.featuredTagsCallbacks.dispatcher != null) {
+				if (actor?.featuredTagsId == null) logger$1.warn("You configured a featured tags collection dispatcher, but the actor does not have a featuredTags property.  Set the property with Context.getFeaturedTagsUri(identifier).");
+				else if (actor.featuredTagsId.href != context$1.getFeaturedTagsUri(identifier).href) logger$1.warn("You configured a featured tags collection dispatcher, but the actor's featuredTags property does not match the featured tags collection URI.  Set the property with Context.getFeaturedTagsUri(identifier).");
+			}
+			if (this.router.has("inbox")) {
+				if (actor.inboxId == null) logger$1.warn("You configured inbox listeners, but the actor does not have an inbox property.  Set the property with Context.getInboxUri(identifier).");
+				else if (actor.inboxId.href != context$1.getInboxUri(identifier).href) logger$1.warn("You configured inbox listeners, but the actor's inbox property does not match the inbox URI.  Set the property with Context.getInboxUri(identifier).");
+				if (actor.endpoints == null || actor.endpoints.sharedInbox == null) logger$1.warn("You configured inbox listeners, but the actor does not have a endpoints.sharedInbox property.  Set the property with Context.getInboxUri().");
+				else if (actor.endpoints.sharedInbox.href != context$1.getInboxUri().href) logger$1.warn("You configured inbox listeners, but the actor's endpoints.sharedInbox property does not match the shared inbox URI.  Set the property with Context.getInboxUri().");
+			}
+			if (callbacks.keyPairsDispatcher != null) {
+				if (actor.publicKeyId == null) logger$1.warn("You configured a key pairs dispatcher, but the actor does not have a publicKey property.  Set the property with Context.getActorKeyPairs(identifier).");
+				if (actor.assertionMethodId == null) logger$1.warn("You configured a key pairs dispatcher, but the actor does not have an assertionMethod property.  Set the property with Context.getActorKeyPairs(identifier).");
+			}
+			return actor;
+		} };
+		this.actorCallbacks = callbacks;
+		const setters = {
+			setKeyPairsDispatcher: (dispatcher$1) => {
+				callbacks.keyPairsDispatcher = (ctx, identifier) => this._getTracer().startActiveSpan("activitypub.dispatch_actor_key_pairs", {
+					kind: SpanKind.SERVER,
+					attributes: {
+						"activitypub.actor.id": ctx.getActorUri(identifier).href,
+						"fedify.actor.identifier": identifier
+					}
+				}, async (span) => {
+					try {
+						return await dispatcher$1(ctx, identifier);
+					} catch (e) {
+						span.setStatus({
+							code: SpanStatusCode.ERROR,
+							message: String(e)
+						});
+						throw e;
+					} finally {
+						span.end();
+					}
+				});
+				return setters;
+			},
+			mapHandle(mapper) {
+				callbacks.handleMapper = mapper;
+				return setters;
+			},
+			mapAlias(mapper) {
+				callbacks.aliasMapper = mapper;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
+	}
+	setNodeInfoDispatcher(path, dispatcher) {
+		if (this.router.has("nodeInfo")) throw new RouterError("NodeInfo dispatcher already set.");
+		if (this.router.add(path, "nodeInfo").size !== 0) throw new RouterError("Path for NodeInfo dispatcher must have no variables.");
+		this.nodeInfoDispatcher = dispatcher;
+	}
+	setObjectDispatcher(cls, path, dispatcher) {
+		const routeName = `object:${cls.typeId.href}`;
+		if (this.router.has(routeName)) throw new RouterError(`Object dispatcher for ${cls.name} already set.`);
+		const variables = this.router.add(path, routeName);
+		if (variables.size < 1) throw new RouterError("Path for object dispatcher must have at least one variable.");
+		const callbacks = {
+			dispatcher: (ctx, values) => {
+				return this._getTracer().startActiveSpan("activitypub.dispatch_object", {
+					kind: SpanKind.SERVER,
+					attributes: {
+						"fedify.object.type": cls.typeId.href,
+						...globalThis.Object.fromEntries(globalThis.Object.entries(values).map(([k, v]) => [`fedify.object.values.${k}`, v]))
+					}
+				}, async (span) => {
+					try {
+						const object = await dispatcher(ctx, values);
+						span.setAttribute("activitypub.object.id", (object?.id ?? ctx.getObjectUri(cls, values)).href);
+						if (object == null) span.setStatus({ code: SpanStatusCode.ERROR });
+						else span.setAttribute("activitypub.object.type", getTypeId(object).href);
+						return object;
+					} catch (e) {
+						span.setStatus({
+							code: SpanStatusCode.ERROR,
+							message: String(e)
+						});
+						throw e;
+					} finally {
+						span.end();
+					}
+				});
+			},
+			parameters: variables
+		};
+		this.objectCallbacks[cls.typeId.href] = callbacks;
+		this.objectTypeIds[cls.typeId.href] = cls;
+		const setters = { authorize(predicate) {
+			callbacks.authorizePredicate = predicate;
+			return setters;
+		} };
+		return setters;
+	}
+	setInboxDispatcher(path, dispatcher) {
+		if (this.inboxCallbacks != null) throw new RouterError("Inbox dispatcher already set.");
+		if (this.router.has("inbox")) {
+			if (this.inboxPath !== path) throw new RouterError("Inbox dispatcher path must match inbox listener path.");
+		} else {
+			const variables = this.router.add(path, "inbox");
+			if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for inbox dispatcher must have one variable: {identifier}");
+			if (variables.has("handle")) getLogger([
+				"fedify",
+				"federation",
+				"inbox"
+			]).warn("The {{handle}} variable in the inbox dispatcher path is deprecated. Use {{identifier}} instead.");
+			this.inboxPath = path;
 		}
-	});
-}
-async function handleWebFingerInternal(request, { context: context$1, host, actorDispatcher, actorHandleMapper, actorAliasMapper, onNotFound, span }) {
-	if (actorDispatcher == null) return await onNotFound(request);
-	const resource = context$1.url.searchParams.get("resource");
-	if (resource == null) return new Response("Missing resource parameter.", { status: 400 });
-	span?.setAttribute("webfinger.resource", resource);
-	let resourceUrl;
-	try {
-		resourceUrl = new URL(resource);
-	} catch (e) {
-		if (e instanceof TypeError) return new Response("Invalid resource URL.", { status: 400 });
-		throw e;
+		const callbacks = { dispatcher };
+		this.inboxCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
 	}
-	span?.setAttribute("webfinger.resource.scheme", resourceUrl.protocol.replace(/:$/, ""));
-	if (actorDispatcher == null) {
-		logger.error("Actor dispatcher is not set.");
-		return await onNotFound(request);
+	setOutboxDispatcher(path, dispatcher) {
+		if (this.router.has("outbox")) throw new RouterError("Outbox dispatcher already set.");
+		const variables = this.router.add(path, "outbox");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for outbox dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"outbox"
+		]).warn("The {{handle}} variable in the outbox dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.outboxCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
 	}
-	async function mapUsernameToIdentifier(username) {
-		if (actorHandleMapper == null) {
-			logger.error("No actor handle mapper is set; use the WebFinger username {username} as the actor's internal identifier.", { username });
-			return username;
-		}
-		const identifier$1 = await actorHandleMapper(context$1, username);
-		if (identifier$1 == null) {
-			logger.error("Actor {username} not found.", { username });
-			return null;
-		}
-		return identifier$1;
+	setFollowingDispatcher(path, dispatcher) {
+		if (this.router.has("following")) throw new RouterError("Following collection dispatcher already set.");
+		const variables = this.router.add(path, "following");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for following collection dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"collection"
+		]).warn("The {{handle}} variable in the following collection dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.followingCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
 	}
-	let identifier = null;
-	const uriParsed = context$1.parseUri(resourceUrl);
-	if (uriParsed?.type != "actor") {
-		const match = /^acct:([^@]+)@([^@]+)$/.exec(resource);
-		if (match == null) {
-			const result = await actorAliasMapper?.(context$1, resourceUrl);
-			if (result == null) return await onNotFound(request);
-			if ("identifier" in result) identifier = result.identifier;
-			else identifier = await mapUsernameToIdentifier(result.username);
-		} else {
-			const portMatch = /:\d+$/.exec(match[2]);
-			const normalizedHost = portMatch == null ? domainToASCII(match[2].toLowerCase()) : domainToASCII(match[2].substring(0, portMatch.index).toLowerCase()) + portMatch[0];
-			if (normalizedHost != context$1.url.host && normalizedHost != host) return await onNotFound(request);
-			else {
-				identifier = await mapUsernameToIdentifier(match[1]);
-				resourceUrl = new URL(`acct:${match[1]}@${normalizedHost}`);
+	setFollowersDispatcher(path, dispatcher) {
+		if (this.router.has("followers")) throw new RouterError("Followers collection dispatcher already set.");
+		const variables = this.router.add(path, "followers");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for followers collection dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"collection"
+		]).warn("The {{handle}} variable in the followers collection dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.followersCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
 			}
-		}
-	} else identifier = uriParsed.identifier;
-	if (identifier == null) return await onNotFound(request);
-	const actor = await actorDispatcher(context$1, identifier);
-	if (actor == null) {
-		logger.error("Actor {identifier} not found.", { identifier });
-		return await onNotFound(request);
+		};
+		return setters;
 	}
-	const links = [{
-		rel: "self",
-		href: context$1.getActorUri(identifier).href,
-		type: "application/activity+json"
-	}];
-	for (const url of actor.urls) if (url instanceof Link && url.href != null) links.push({
-		rel: url.rel ?? "http://webfinger.net/rel/profile-page",
-		href: url.href.href,
-		type: url.mediaType == null ? void 0 : url.mediaType
-	});
-	else if (url instanceof URL) links.push({
-		rel: "http://webfinger.net/rel/profile-page",
-		href: url.href
-	});
-	for await (const image of actor.getIcons()) {
-		if (image.url?.href == null) continue;
-		const link = {
-			rel: "http://webfinger.net/rel/avatar",
-			href: image.url.href.toString()
+	setLikedDispatcher(path, dispatcher) {
+		if (this.router.has("liked")) throw new RouterError("Liked collection dispatcher already set.");
+		const variables = this.router.add(path, "liked");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for liked collection dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"collection"
+		]).warn("The {{handle}} variable in the liked collection dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.likedCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
 		};
-		if (image.mediaType != null) link.type = image.mediaType;
-		links.push(link);
+		return setters;
+	}
+	setFeaturedDispatcher(path, dispatcher) {
+		if (this.router.has("featured")) throw new RouterError("Featured collection dispatcher already set.");
+		const variables = this.router.add(path, "featured");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for featured collection dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"collection"
+		]).warn("The {{handle}} variable in the featured collection dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.featuredCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
+	}
+	setFeaturedTagsDispatcher(path, dispatcher) {
+		if (this.router.has("featuredTags")) throw new RouterError("Featured tags collection dispatcher already set.");
+		const variables = this.router.add(path, "featuredTags");
+		if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for featured tags collection dispatcher must have one variable: {identifier}");
+		if (variables.has("handle")) getLogger([
+			"fedify",
+			"federation",
+			"collection"
+		]).warn("The {{handle}} variable in the featured tags collection dispatcher path is deprecated. Use {{identifier}} instead.");
+		const callbacks = { dispatcher };
+		this.featuredTagsCallbacks = callbacks;
+		const setters = {
+			setCounter(counter) {
+				callbacks.counter = counter;
+				return setters;
+			},
+			setFirstCursor(cursor) {
+				callbacks.firstCursor = cursor;
+				return setters;
+			},
+			setLastCursor(cursor) {
+				callbacks.lastCursor = cursor;
+				return setters;
+			},
+			authorize(predicate) {
+				callbacks.authorizePredicate = predicate;
+				return setters;
+			}
+		};
+		return setters;
+	}
+	setInboxListeners(inboxPath, sharedInboxPath) {
+		if (this.inboxListeners != null) throw new RouterError("Inbox listeners already set.");
+		if (this.router.has("inbox")) {
+			if (this.inboxPath !== inboxPath) throw new RouterError("Inbox listener path must match inbox dispatcher path.");
+		} else {
+			const variables = this.router.add(inboxPath, "inbox");
+			if (variables.size !== 1 || !(variables.has("identifier") || variables.has("handle"))) throw new RouterError("Path for inbox must have one variable: {identifier}");
+			this.inboxPath = inboxPath;
+			if (variables.has("handle")) getLogger([
+				"fedify",
+				"federation",
+				"inbox"
+			]).warn("The {{handle}} variable in the inbox path is deprecated. Use {{identifier}} instead.");
+		}
+		if (sharedInboxPath != null) {
+			if (this.router.add(sharedInboxPath, "sharedInbox").size !== 0) throw new RouterError("Path for shared inbox must have no variables.");
+		}
+		const listeners = this.inboxListeners = new InboxListenerSet();
+		const setters = {
+			on(type, listener) {
+				listeners.add(type, listener);
+				return setters;
+			},
+			onError: (handler) => {
+				this.inboxErrorHandler = handler;
+				return setters;
+			},
+			setSharedKeyDispatcher: (dispatcher) => {
+				this.sharedInboxKeyDispatcher = dispatcher;
+				return setters;
+			}
+		};
+		return setters;
+	}
+};
+/**
+* Creates a new {@link FederationBuilder} instance.
+* @returns A new {@link FederationBuilder} instance.
+* @since 1.6.0
+*/
+function createFederationBuilder() {
+	return new FederationBuilderImpl();
+}
+
+//#endregion
+//#region federation/collection.ts
+/**
+* Calculates the [partial follower collection digest][1].
+*
+* [1]: https://w3id.org/fep/8fcf#partial-follower-collection-digest
+* @param uris The URIs to calculate the digest.  Duplicate URIs are ignored.
+* @returns The digest.
+*/
+async function digest(uris) {
+	const processed = /* @__PURE__ */ new Set();
+	const encoder = new TextEncoder();
+	const result = new Uint8Array(32);
+	for (const uri of uris) {
+		const u = uri instanceof URL ? uri.href : uri;
+		if (processed.has(u)) continue;
+		processed.add(u);
+		const encoded = encoder.encode(u);
+		const digest$1 = new Uint8Array(await crypto.subtle.digest("SHA-256", encoded));
+		for (let i = 0; i < 32; i++) result[i] ^= digest$1[i];
+	}
+	return result;
+}
+/**
+* Builds [`Collection-Synchronization`][1] header content.
+*
+* [1]: https://w3id.org/fep/8fcf#the-collection-synchronization-http-header
+*
+* @param collectionId The sender's followers collection URI.
+* @param actorIds The actor URIs to digest.
+* @returns The header content.
+*/
+async function buildCollectionSynchronizationHeader(collectionId, actorIds) {
+	const [anyActorId] = actorIds;
+	const baseUrl = new URL(anyActorId);
+	const url = new URL(collectionId);
+	url.searchParams.set("base-url", `${baseUrl.origin}/`);
+	return `collectionId="${collectionId}", url="${url}", digest="${encodeHex(await digest(actorIds))}"`;
+}
+
+//#endregion
+//#region federation/keycache.ts
+var KvKeyCache = class {
+	kv;
+	prefix;
+	options;
+	nullKeys;
+	constructor(kv, prefix, options = {}) {
+		this.kv = kv;
+		this.prefix = prefix;
+		this.nullKeys = /* @__PURE__ */ new Set();
+		this.options = options;
 	}
-	const aliases = [];
-	if (resourceUrl.protocol != "acct:" && actor.preferredUsername != null) {
-		aliases.push(`acct:${actor.preferredUsername}@${host ?? context$1.url.host}`);
-		if (host != null && host !== context$1.url.host) aliases.push(`acct:${actor.preferredUsername}@${context$1.url.host}`);
+	async get(keyId) {
+		if (this.nullKeys.has(keyId.href)) return null;
+		const serialized = await this.kv.get([...this.prefix, keyId.href]);
+		if (serialized == null) return void 0;
+		try {
+			return await CryptographicKey.fromJsonLd(serialized, this.options);
+		} catch {
+			try {
+				return await Multikey.fromJsonLd(serialized, this.options);
+			} catch {
+				await this.kv.delete([...this.prefix, keyId.href]);
+				return;
+			}
+		}
 	}
-	if (resourceUrl.href !== context$1.getActorUri(identifier).href) aliases.push(context$1.getActorUri(identifier).href);
-	if (resourceUrl.protocol === "acct:" && host != null && host !== context$1.url.host && !resourceUrl.href.endsWith(`@${host}`)) {
-		const username = resourceUrl.href.replace(/^acct:/, "").replace(/@.*$/, "");
-		aliases.push(`acct:${username}@${host}`);
+	async set(keyId, key) {
+		if (key == null) {
+			this.nullKeys.add(keyId.href);
+			await this.kv.delete([...this.prefix, keyId.href]);
+			return;
+		}
+		this.nullKeys.delete(keyId.href);
+		const serialized = await key.toJsonLd(this.options);
+		await this.kv.set([...this.prefix, keyId.href], serialized);
 	}
-	const jrd = {
-		subject: resourceUrl.href,
-		aliases,
-		links
-	};
-	return new Response(JSON.stringify(jrd), { headers: {
-		"Content-Type": "application/jrd+json",
-		"Access-Control-Allow-Origin": "*"
-	} });
-}
+};
 
 //#endregion
 //#region federation/negotiation.ts
@@ -364,18 +908,18 @@ function acceptsJsonLd(request) {
 	return types.includes("application/activity+json") || types.includes("application/ld+json") || types.includes("application/json");
 }
 async function handleActor(request, { identifier, context: context$1, actorDispatcher, authorizePredicate, onNotFound, onNotAcceptable, onUnauthorized }) {
-	const logger$2 = getLogger([
+	const logger$1 = getLogger([
 		"fedify",
 		"federation",
 		"actor"
 	]);
 	if (actorDispatcher == null) {
-		logger$2.debug("Actor dispatcher is not set.", { identifier });
+		logger$1.debug("Actor dispatcher is not set.", { identifier });
 		return await onNotFound(request);
 	}
 	const actor = await actorDispatcher(context$1, identifier);
 	if (actor == null) {
-		logger$2.debug("Actor {identifier} not found.", { identifier });
+		logger$1.debug("Actor {identifier} not found.", { identifier });
 		return await onNotFound(request);
 	}
 	if (!acceptsJsonLd(request)) return await onNotAcceptable(request);
@@ -621,13 +1165,13 @@ async function handleInbox(request, options) {
 	});
 }
 async function handleInboxInternal(request, { recipient, context: ctx, inboxContextFactory, kv, kvPrefixes, queue, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, skipSignatureVerification, tracerProvider }, span) {
-	const logger$2 = getLogger([
+	const logger$1 = getLogger([
 		"fedify",
 		"federation",
 		"inbox"
 	]);
 	if (actorDispatcher == null) {
-		logger$2.error("Actor dispatcher is not set.", { recipient });
+		logger$1.error("Actor dispatcher is not set.", { recipient });
 		span.setStatus({
 			code: SpanStatusCode.ERROR,
 			message: "Actor dispatcher is not set."
@@ -635,7 +1179,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 		return await onNotFound(request);
 	} else if (recipient != null) {
 		if (await actorDispatcher(ctx, recipient) == null) {
-			logger$2.error("Actor {recipient} not found.", { recipient });
+			logger$1.error("Actor {recipient} not found.", { recipient });
 			span.setStatus({
 				code: SpanStatusCode.ERROR,
 				message: `Actor ${recipient} not found.`
@@ -644,7 +1188,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 		}
 	}
 	if (request.bodyUsed) {
-		logger$2.error("Request body has already been read.", { recipient });
+		logger$1.error("Request body has already been read.", { recipient });
 		span.setStatus({
 			code: SpanStatusCode.ERROR,
 			message: "Request body has already been read."
@@ -654,7 +1198,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 			headers: { "Content-Type": "text/plain; charset=utf-8" }
 		});
 	} else if (request.body?.locked) {
-		logger$2.error("Request body is locked.", { recipient });
+		logger$1.error("Request body is locked.", { recipient });
 		span.setStatus({
 			code: SpanStatusCode.ERROR,
 			message: "Request body is locked."
@@ -668,14 +1212,14 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 	try {
 		json = await request.clone().json();
 	} catch (error) {
-		logger$2.error("Failed to parse JSON:\n{error}", {
+		logger$1.error("Failed to parse JSON:\n{error}", {
 			recipient,
 			error
 		});
 		try {
 			await inboxErrorHandler?.(ctx, error);
 		} catch (error$1) {
-			logger$2.error("An unexpected error occurred in inbox error handler:\n{error}", {
+			logger$1.error("An unexpected error occurred in inbox error handler:\n{error}", {
 				error: error$1,
 				activity: json,
 				recipient
@@ -701,7 +1245,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 		});
 	} catch (error) {
 		if (error instanceof Error && error.name === "jsonld.SyntaxError") {
-			logger$2.error("Failed to parse JSON-LD:\n{error}", {
+			logger$1.error("Failed to parse JSON-LD:\n{error}", {
 				recipient,
 				error
 			});
@@ -715,13 +1259,13 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 	const jsonWithoutSig = detachSignature(json);
 	let activity = null;
 	if (ldSigVerified) {
-		logger$2.debug("Linked Data Signatures are verified.", {
+		logger$1.debug("Linked Data Signatures are verified.", {
 			recipient,
 			json
 		});
 		activity = await Activity.fromJsonLd(jsonWithoutSig, ctx);
 	} else {
-		logger$2.debug("Linked Data Signatures are not verified.", {
+		logger$1.debug("Linked Data Signatures are not verified.", {
 			recipient,
 			json
 		});
@@ -733,7 +1277,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 				tracerProvider
 			});
 		} catch (error) {
-			logger$2.error("Failed to parse activity:\n{error}", {
+			logger$1.error("Failed to parse activity:\n{error}", {
 				recipient,
 				activity: json,
 				error
@@ -741,7 +1285,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 			try {
 				await inboxErrorHandler?.(ctx, error);
 			} catch (error$1) {
-				logger$2.error("An unexpected error occurred in inbox error handler:\n{error}", {
+				logger$1.error("An unexpected error occurred in inbox error handler:\n{error}", {
 					error: error$1,
 					activity: json,
 					recipient
@@ -756,11 +1300,11 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 				headers: { "Content-Type": "text/plain; charset=utf-8" }
 			});
 		}
-		if (activity == null) logger$2.debug("Object Integrity Proofs are not verified.", {
+		if (activity == null) logger$1.debug("Object Integrity Proofs are not verified.", {
 			recipient,
 			activity: json
 		});
-		else logger$2.debug("Object Integrity Proofs are verified.", {
+		else logger$1.debug("Object Integrity Proofs are verified.", {
 			recipient,
 			activity: json
 		});
@@ -776,7 +1320,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 				tracerProvider
 			});
 			if (key == null) {
-				logger$2.error("Failed to verify the request's HTTP Signatures.", { recipient });
+				logger$1.error("Failed to verify the request's HTTP Signatures.", { recipient });
 				span.setStatus({
 					code: SpanStatusCode.ERROR,
 					message: `Failed to verify the request's HTTP Signatures.`
@@ -785,7 +1329,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 					status: 401,
 					headers: { "Content-Type": "text/plain; charset=utf-8" }
 				});
-			} else logger$2.debug("HTTP Signatures are verified.", { recipient });
+			} else logger$1.debug("HTTP Signatures are verified.", { recipient });
 			httpSigKey = key;
 		}
 		activity = await Activity.fromJsonLd(jsonWithoutSig, ctx);
@@ -793,7 +1337,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 	if (activity.id != null) span.setAttribute("activitypub.activity.id", activity.id.href);
 	span.setAttribute("activitypub.activity.type", getTypeId(activity).href);
 	if (httpSigKey != null && !await doesActorOwnKey(activity, httpSigKey, ctx)) {
-		logger$2.error("The signer ({keyId}) and the actor ({actorId}) do not match.", {
+		logger$1.error("The signer ({keyId}) and the actor ({actorId}) do not match.", {
 			activity: json,
 			recipient,
 			keyId: httpSigKey.id?.href,
@@ -874,6 +1418,320 @@ async function respondWithObjectIfAcceptable(object, request, options) {
 	return response;
 }
 
+//#endregion
+//#region nodeinfo/handler.ts
+/**
+* Handles a NodeInfo request.  You would not typically call this function
+* directly, but instead use {@link Federation.handle} method.
+* @param request The NodeInfo request to handle.
+* @param parameters The parameters for handling the request.
+* @returns The response to the request.
+*/
+async function handleNodeInfo(_request, { context: context$1, nodeInfoDispatcher }) {
+	const promise = nodeInfoDispatcher(context$1);
+	const json = nodeInfoToJson(promise instanceof Promise ? await promise : promise);
+	return new Response(JSON.stringify(json), { headers: { "Content-Type": "application/json; profile=\"http://nodeinfo.diaspora.software/ns/schema/2.1#\"" } });
+}
+/**
+* Handles a request to `/.well-known/nodeinfo`.  You would not typically call
+* this function directly, but instead use {@link Federation.handle} method.
+* @param request The request to handle.
+* @param context The request context.
+* @returns The response to the request.
+*/
+function handleNodeInfoJrd(_request, context$1) {
+	const links = [];
+	try {
+		links.push({
+			rel: "http://nodeinfo.diaspora.software/ns/schema/2.1",
+			href: context$1.getNodeInfoUri().href,
+			type: "application/json; profile=\"http://nodeinfo.diaspora.software/ns/schema/2.1#\""
+		});
+	} catch (e) {
+		if (!(e instanceof RouterError)) throw e;
+	}
+	const jrd = { links };
+	const response = new Response(JSON.stringify(jrd), { headers: { "Content-Type": "application/jrd+json" } });
+	return Promise.resolve(response);
+}
+
+//#endregion
+//#region webfinger/handler.ts
+const logger = getLogger([
+	"fedify",
+	"webfinger",
+	"server"
+]);
+/**
+* Handles a WebFinger request.  You would not typically call this function
+* directly, but instead use {@link Federation.fetch} method.
+* @param request The WebFinger request to handle.
+* @param parameters The parameters for handling the request.
+* @returns The response to the request.
+*/
+async function handleWebFinger(request, options) {
+	if (options.tracer == null) return await handleWebFingerInternal(request, options);
+	return await options.tracer.startActiveSpan("webfinger.handle", { kind: SpanKind.SERVER }, async (span) => {
+		try {
+			const response = await handleWebFingerInternal(request, options);
+			span.setStatus({ code: response.ok ? SpanStatusCode.UNSET : SpanStatusCode.ERROR });
+			return response;
+		} catch (error) {
+			span.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: String(error)
+			});
+			throw error;
+		} finally {
+			span.end();
+		}
+	});
+}
+async function handleWebFingerInternal(request, { context: context$1, host, actorDispatcher, actorHandleMapper, actorAliasMapper, onNotFound, span }) {
+	if (actorDispatcher == null) return await onNotFound(request);
+	const resource = context$1.url.searchParams.get("resource");
+	if (resource == null) return new Response("Missing resource parameter.", { status: 400 });
+	span?.setAttribute("webfinger.resource", resource);
+	let resourceUrl;
+	try {
+		resourceUrl = new URL(resource);
+	} catch (e) {
+		if (e instanceof TypeError) return new Response("Invalid resource URL.", { status: 400 });
+		throw e;
+	}
+	span?.setAttribute("webfinger.resource.scheme", resourceUrl.protocol.replace(/:$/, ""));
+	if (actorDispatcher == null) {
+		logger.error("Actor dispatcher is not set.");
+		return await onNotFound(request);
+	}
+	async function mapUsernameToIdentifier(username) {
+		if (actorHandleMapper == null) {
+			logger.error("No actor handle mapper is set; use the WebFinger username {username} as the actor's internal identifier.", { username });
+			return username;
+		}
+		const identifier$1 = await actorHandleMapper(context$1, username);
+		if (identifier$1 == null) {
+			logger.error("Actor {username} not found.", { username });
+			return null;
+		}
+		return identifier$1;
+	}
+	let identifier = null;
+	const uriParsed = context$1.parseUri(resourceUrl);
+	if (uriParsed?.type != "actor") {
+		const match = /^acct:([^@]+)@([^@]+)$/.exec(resource);
+		if (match == null) {
+			const result = await actorAliasMapper?.(context$1, resourceUrl);
+			if (result == null) return await onNotFound(request);
+			if ("identifier" in result) identifier = result.identifier;
+			else identifier = await mapUsernameToIdentifier(result.username);
+		} else {
+			const portMatch = /:\d+$/.exec(match[2]);
+			const normalizedHost = portMatch == null ? domainToASCII(match[2].toLowerCase()) : domainToASCII(match[2].substring(0, portMatch.index).toLowerCase()) + portMatch[0];
+			if (normalizedHost != context$1.url.host && normalizedHost != host) return await onNotFound(request);
+			else {
+				identifier = await mapUsernameToIdentifier(match[1]);
+				resourceUrl = new URL(`acct:${match[1]}@${normalizedHost}`);
+			}
+		}
+	} else identifier = uriParsed.identifier;
+	if (identifier == null) return await onNotFound(request);
+	const actor = await actorDispatcher(context$1, identifier);
+	if (actor == null) {
+		logger.error("Actor {identifier} not found.", { identifier });
+		return await onNotFound(request);
+	}
+	const links = [{
+		rel: "self",
+		href: context$1.getActorUri(identifier).href,
+		type: "application/activity+json"
+	}];
+	for (const url of actor.urls) if (url instanceof Link && url.href != null) links.push({
+		rel: url.rel ?? "http://webfinger.net/rel/profile-page",
+		href: url.href.href,
+		type: url.mediaType == null ? void 0 : url.mediaType
+	});
+	else if (url instanceof URL) links.push({
+		rel: "http://webfinger.net/rel/profile-page",
+		href: url.href
+	});
+	for await (const image of actor.getIcons()) {
+		if (image.url?.href == null) continue;
+		const link = {
+			rel: "http://webfinger.net/rel/avatar",
+			href: image.url.href.toString()
+		};
+		if (image.mediaType != null) link.type = image.mediaType;
+		links.push(link);
+	}
+	const aliases = [];
+	if (resourceUrl.protocol != "acct:" && actor.preferredUsername != null) {
+		aliases.push(`acct:${actor.preferredUsername}@${host ?? context$1.url.host}`);
+		if (host != null && host !== context$1.url.host) aliases.push(`acct:${actor.preferredUsername}@${context$1.url.host}`);
+	}
+	if (resourceUrl.href !== context$1.getActorUri(identifier).href) aliases.push(context$1.getActorUri(identifier).href);
+	if (resourceUrl.protocol === "acct:" && host != null && host !== context$1.url.host && !resourceUrl.href.endsWith(`@${host}`)) {
+		const username = resourceUrl.href.replace(/^acct:/, "").replace(/@.*$/, "");
+		aliases.push(`acct:${username}@${host}`);
+	}
+	const jrd = {
+		subject: resourceUrl.href,
+		aliases,
+		links
+	};
+	return new Response(JSON.stringify(jrd), { headers: {
+		"Content-Type": "application/jrd+json",
+		"Access-Control-Allow-Origin": "*"
+	} });
+}
+
+//#endregion
+//#region federation/retry.ts
+/**
+* Creates an exponential backoff retry policy.  The delay between retries
+* starts at the `initialDelay` and is multiplied by the `factor` for each
+* subsequent retry, up to the `maxDelay`.  The policy will give up after
+* `maxAttempts` attempts.  The actual delay is randomized to avoid
+* synchronization (jitter).
+* @param options The options for the policy.
+* @returns The retry policy.
+* @since 0.12.0
+*/
+function createExponentialBackoffPolicy(options = {}) {
+	const initialDelay = Temporal.Duration.from(options.initialDelay ?? { seconds: 1 });
+	const maxDelay = Temporal.Duration.from(options.maxDelay ?? { hours: 12 });
+	const maxAttempts = options.maxAttempts ?? 10;
+	const factor = options.factor ?? 2;
+	const jitter = options.jitter ?? true;
+	return ({ attempts }) => {
+		if (attempts >= maxAttempts) return null;
+		let milliseconds = initialDelay.total("millisecond");
+		milliseconds *= factor ** attempts;
+		if (jitter) {
+			milliseconds *= 1 + Math.random();
+			milliseconds = Math.round(milliseconds);
+		}
+		const delay$1 = Temporal.Duration.from({ milliseconds });
+		return Temporal.Duration.compare(delay$1, maxDelay) > 0 ? maxDelay : delay$1;
+	};
+}
+
+//#endregion
+//#region federation/send.ts
+/**
+* Extracts the inbox URLs from recipients.
+* @param parameters The parameters to extract the inboxes.
+*                   See also {@link ExtractInboxesParameters}.
+* @returns The inboxes as a map of inbox URL to actor URIs.
+*/
+function extractInboxes({ recipients, preferSharedInbox, excludeBaseUris }) {
+	const inboxes = {};
+	for (const recipient of recipients) {
+		let inbox;
+		let sharedInbox = false;
+		if (preferSharedInbox && recipient.endpoints?.sharedInbox != null) {
+			inbox = recipient.endpoints.sharedInbox;
+			sharedInbox = true;
+		} else inbox = recipient.inboxId;
+		if (inbox != null && recipient.id != null) {
+			if (excludeBaseUris != null && excludeBaseUris.some((u) => u.origin === inbox?.origin)) continue;
+			inboxes[inbox.href] ??= {
+				actorIds: /* @__PURE__ */ new Set(),
+				sharedInbox
+			};
+			inboxes[inbox.href].actorIds.add(recipient.id.href);
+		}
+	}
+	return inboxes;
+}
+/**
+* Sends an {@link Activity} to an inbox.
+*
+* @param parameters The parameters for sending the activity.
+*                   See also {@link SendActivityParameters}.
+* @throws {Error} If the activity fails to send.
+*/
+function sendActivity(options) {
+	const tracerProvider = options.tracerProvider ?? trace.getTracerProvider();
+	return tracerProvider.getTracer(name, version).startActiveSpan("activitypub.send_activity", {
+		kind: SpanKind.CLIENT,
+		attributes: { "activitypub.shared_inbox": options.sharedInbox ?? false }
+	}, async (span) => {
+		if (options.activityId != null) span.setAttribute("activitypub.activity.id", options.activityId);
+		if (options.activityType != null) span.setAttribute("activitypub.activity.type", options.activityType);
+		try {
+			await sendActivityInternal({
+				...options,
+				tracerProvider
+			});
+		} catch (e) {
+			span.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: String(e)
+			});
+			throw e;
+		} finally {
+			span.end();
+		}
+	});
+}
+async function sendActivityInternal({ activity, activityId, keys, inbox, headers, specDeterminer, tracerProvider }) {
+	const logger$1 = getLogger([
+		"fedify",
+		"federation",
+		"outbox"
+	]);
+	headers = new Headers(headers);
+	headers.set("Content-Type", "application/activity+json");
+	const request = new Request(inbox, {
+		method: "POST",
+		headers,
+		body: JSON.stringify(activity)
+	});
+	let rsaKey = null;
+	for (const key of keys) if (key.privateKey.algorithm.name === "RSASSA-PKCS1-v1_5") {
+		rsaKey = key;
+		break;
+	}
+	if (rsaKey == null) logger$1.warn("No supported key found to sign the request to {inbox}.  The request will be sent without a signature.  In order to sign the request, at least one RSASSA-PKCS1-v1_5 key must be provided.", {
+		inbox: inbox.href,
+		keys: keys.map((pair) => ({
+			keyId: pair.keyId.href,
+			privateKey: pair.privateKey
+		}))
+	});
+	let response;
+	try {
+		response = rsaKey == null ? await fetch(request) : await doubleKnock(request, rsaKey, {
+			tracerProvider,
+			specDeterminer
+		});
+	} catch (error) {
+		logger$1.error("Failed to send activity {activityId} to {inbox}:\n{error}", {
+			activityId,
+			inbox: inbox.href,
+			error
+		});
+		throw error;
+	}
+	if (!response.ok) {
+		let error;
+		try {
+			error = await response.text();
+		} catch (_) {
+			error = "";
+		}
+		logger$1.error("Failed to send activity {activityId} to {inbox} ({status} {statusText}):\n{error}", {
+			activityId,
+			inbox: inbox.href,
+			status: response.status,
+			statusText: response.statusText,
+			error
+		});
+		throw new Error(`Failed to send activity ${activityId} to ${inbox.href} (${response.status} ${response.statusText}):\n${error}`);
+	}
+}
+
 //#endregion
 //#region federation/middleware.ts
 /**
@@ -910,7 +1768,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 	tracerProvider;
 	constructor(options) {
 		super();
-		const logger$2 = getLogger(["fedify", "federation"]);
+		const logger$1 = getLogger(["fedify", "federation"]);
 		this.kv = options.kv;
 		this.kvPrefixes = {
 			activityIdempotence: ["_fedify", "activityIdempotence"],
@@ -967,7 +1825,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		if (options.documentLoader != null) {
 			if (options.documentLoaderFactory != null) throw new TypeError("Cannot set both documentLoader and documentLoaderFactory options at a time; use documentLoaderFactory only.");
 			this.documentLoaderFactory = () => options.documentLoader;
-			logger$2.warn("The documentLoader option is deprecated; use documentLoaderFactory option instead.");
+			logger$1.warn("The documentLoader option is deprecated; use documentLoaderFactory option instead.");
 		} else this.documentLoaderFactory = options.documentLoaderFactory ?? ((opts) => {
 			return kvCache({
 				loader: getDocumentLoader({
@@ -981,7 +1839,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		if (options.contextLoader != null) {
 			if (options.contextLoaderFactory != null) throw new TypeError("Cannot set both contextLoader and contextLoaderFactory options at a time; use contextLoaderFactory only.");
 			this.contextLoaderFactory = () => options.contextLoader;
-			logger$2.warn("The contextLoader option is deprecated; use contextLoaderFactory option instead.");
+			logger$1.warn("The contextLoader option is deprecated; use contextLoaderFactory option instead.");
 		} else this.contextLoaderFactory = options.contextLoaderFactory ?? this.documentLoaderFactory;
 		this.authenticatedDocumentLoaderFactory = options.authenticatedDocumentLoaderFactory ?? ((identity) => getAuthenticatedDocumentLoader(identity, {
 			allowPrivateAddress,
@@ -1007,24 +1865,24 @@ var FederationImpl = class extends FederationBuilderImpl {
 	}
 	async _startQueueInternal(ctxData, signal, queue) {
 		if (this.inboxQueue == null && this.outboxQueue == null) return;
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"queue"
 		]);
 		const promises = [];
 		if (this.inboxQueue != null && (queue == null || queue === "inbox") && !this.inboxQueueStarted) {
-			logger$2.debug("Starting an inbox task worker.");
+			logger$1.debug("Starting an inbox task worker.");
 			this.inboxQueueStarted = true;
 			promises.push(this.inboxQueue.listen((msg) => this.processQueuedTask(ctxData, msg), { signal }));
 		}
 		if (this.outboxQueue != null && this.outboxQueue !== this.inboxQueue && (queue == null || queue === "outbox") && !this.outboxQueueStarted) {
-			logger$2.debug("Starting an outbox task worker.");
+			logger$1.debug("Starting an outbox task worker.");
 			this.outboxQueueStarted = true;
 			promises.push(this.outboxQueue.listen((msg) => this.processQueuedTask(ctxData, msg), { signal }));
 		}
 		if (this.fanoutQueue != null && this.fanoutQueue !== this.inboxQueue && this.fanoutQueue !== this.outboxQueue && (queue == null || queue === "fanout") && !this.fanoutQueueStarted) {
-			logger$2.debug("Starting a fanout task worker.");
+			logger$1.debug("Starting a fanout task worker.");
 			this.fanoutQueueStarted = true;
 			promises.push(this.fanoutQueue.listen((msg) => this.processQueuedTask(ctxData, msg), { signal }));
 		}
@@ -1123,7 +1981,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		});
 	}
 	async #listenOutboxMessage(_, message, span) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"outbox"
@@ -1172,34 +2030,34 @@ var FederationImpl = class extends FederationBuilderImpl {
 			try {
 				this.onOutboxError?.(error, activity);
 			} catch (error$1) {
-				logger$2.error("An unexpected error occurred in onError handler:\n{error}", {
+				logger$1.error("An unexpected error occurred in onError handler:\n{error}", {
 					...logData,
 					error: error$1
 				});
 			}
-			const delay = this.outboxRetryPolicy({
+			const delay$1 = this.outboxRetryPolicy({
 				elapsedTime: Temporal.Instant.from(message.started).until(Temporal.Now.instant()),
 				attempts: message.attempt
 			});
-			if (delay != null) {
-				logger$2.error("Failed to send activity {activityId} to {inbox} (attempt #{attempt}); retry...:\n{error}", {
+			if (delay$1 != null) {
+				logger$1.error("Failed to send activity {activityId} to {inbox} (attempt #{attempt}); retry...:\n{error}", {
 					...logData,
 					error
 				});
 				await this.outboxQueue?.enqueue({
 					...message,
 					attempt: message.attempt + 1
-				}, { delay: Temporal.Duration.compare(delay, { seconds: 0 }) < 0 ? Temporal.Duration.from({ seconds: 0 }) : delay });
-			} else logger$2.error("Failed to send activity {activityId} to {inbox} after {attempt} attempts; giving up:\n{error}", {
+				}, { delay: Temporal.Duration.compare(delay$1, { seconds: 0 }) < 0 ? Temporal.Duration.from({ seconds: 0 }) : delay$1 });
+			} else logger$1.error("Failed to send activity {activityId} to {inbox} after {attempt} attempts; giving up:\n{error}", {
 				...logData,
 				error
 			});
 			return;
 		}
-		logger$2.info("Successfully sent activity {activityId} to {inbox}.", { ...logData });
+		logger$1.info("Successfully sent activity {activityId} to {inbox}.", { ...logData });
 	}
 	async #listenInboxMessage(ctxData, message, span) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"inbox"
@@ -1221,7 +2079,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		];
 		if (cacheKey != null) {
 			if (await this.kv.get(cacheKey) === true) {
-				logger$2.debug("Activity {activityId} has already been processed.", {
+				logger$1.debug("Activity {activityId} has already been processed.", {
 					activityId: activity.id?.href,
 					activity: message.activity,
 					recipient: message.identifier
@@ -1232,7 +2090,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		await this._getTracer().startActiveSpan("activitypub.dispatch_inbox_listener", { kind: SpanKind.INTERNAL }, async (span$1) => {
 			const dispatched = this.inboxListeners?.dispatchWithClass(activity);
 			if (dispatched == null) {
-				logger$2.error("Unsupported activity type:\n{activity}", {
+				logger$1.error("Unsupported activity type:\n{activity}", {
 					activityId: activity.id?.href,
 					activity: message.activity,
 					recipient: message.identifier,
@@ -1253,7 +2111,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				try {
 					await this.inboxErrorHandler?.(context$1, error);
 				} catch (error$1) {
-					logger$2.error("An unexpected error occurred in inbox error handler:\n{error}", {
+					logger$1.error("An unexpected error occurred in inbox error handler:\n{error}", {
 						error: error$1,
 						trial: message.attempt,
 						activityId: activity.id?.href,
@@ -1261,12 +2119,12 @@ var FederationImpl = class extends FederationBuilderImpl {
 						recipient: message.identifier
 					});
 				}
-				const delay = this.inboxRetryPolicy({
+				const delay$1 = this.inboxRetryPolicy({
 					elapsedTime: Temporal.Instant.from(message.started).until(Temporal.Now.instant()),
 					attempts: message.attempt
 				});
-				if (delay != null) {
-					logger$2.error("Failed to process the incoming activity {activityId} (attempt #{attempt}); retry...:\n{error}", {
+				if (delay$1 != null) {
+					logger$1.error("Failed to process the incoming activity {activityId} (attempt #{attempt}); retry...:\n{error}", {
 						error,
 						attempt: message.attempt,
 						activityId: activity.id?.href,
@@ -1276,8 +2134,8 @@ var FederationImpl = class extends FederationBuilderImpl {
 					await this.inboxQueue?.enqueue({
 						...message,
 						attempt: message.attempt + 1
-					}, { delay: Temporal.Duration.compare(delay, { seconds: 0 }) < 0 ? Temporal.Duration.from({ seconds: 0 }) : delay });
-				} else logger$2.error("Failed to process the incoming activity {activityId} after {trial} attempts; giving up:\n{error}", {
+					}, { delay: Temporal.Duration.compare(delay$1, { seconds: 0 }) < 0 ? Temporal.Duration.from({ seconds: 0 }) : delay$1 });
+				} else logger$1.error("Failed to process the incoming activity {activityId} after {trial} attempts; giving up:\n{error}", {
 					error,
 					activityId: activity.id?.href,
 					activity: message.activity,
@@ -1291,7 +2149,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				return;
 			}
 			if (cacheKey != null) await this.kv.set(cacheKey, true, { ttl: Temporal.Duration.from({ days: 1 }) });
-			logger$2.info("Activity {activityId} has been processed.", {
+			logger$1.info("Activity {activityId} has been processed.", {
 				activityId: activity.id?.href,
 				activity: message.activity,
 				recipient: message.identifier
@@ -1340,7 +2198,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		};
 	}
 	async sendActivity(keys, inboxes, activity, options) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"outbox"
@@ -1374,7 +2232,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 			format: "compact",
 			contextLoader
 		});
-		if (rsaKey == null) logger$2.warn("No supported key found to create a Linked Data signature for the activity {activityId}.  The activity will be sent without a Linked Data signature.  In order to create a Linked Data signature, at least one RSASSA-PKCS1-v1_5 key must be provided.", {
+		if (rsaKey == null) logger$1.warn("No supported key found to create a Linked Data signature for the activity {activityId}.  The activity will be sent without a Linked Data signature.  In order to create a Linked Data signature, at least one RSASSA-PKCS1-v1_5 key must be provided.", {
 			activityId,
 			keys: keys.map((pair) => ({
 				keyId: pair.keyId.href,
@@ -1385,7 +2243,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 			contextLoader,
 			tracerProvider: this.tracerProvider
 		});
-		if (!proofCreated) logger$2.warn("No supported key found to create a proof for the activity {activityId}.  The activity will be sent without a proof.  In order to create a proof, at least one Ed25519 key must be provided.", {
+		if (!proofCreated) logger$1.warn("No supported key found to create a proof for the activity {activityId}.  The activity will be sent without a proof.  In order to create a proof, at least one Ed25519 key must be provided.", {
 			activityId,
 			keys: keys.map((pair) => ({
 				keyId: pair.keyId.href,
@@ -1393,11 +2251,11 @@ var FederationImpl = class extends FederationBuilderImpl {
 			}))
 		});
 		if (immediate || this.outboxQueue == null) {
-			if (immediate) logger$2.debug("Sending activity immediately without queue since immediate option is set.", {
+			if (immediate) logger$1.debug("Sending activity immediately without queue since immediate option is set.", {
 				activityId: activity.id.href,
 				activity: jsonLd
 			});
-			else logger$2.debug("Sending activity immediately without queue since queue is not set.", {
+			else logger$1.debug("Sending activity immediately without queue since queue is not set.", {
 				activityId: activity.id.href,
 				activity: jsonLd
 			});
@@ -1416,7 +2274,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 			await Promise.all(promises);
 			return;
 		}
-		logger$2.debug("Enqueuing activity {activityId} to send later.", {
+		logger$1.debug("Enqueuing activity {activityId} to send later.", {
 			activityId: activity.id.href,
 			activity: jsonLd
 		});
@@ -1455,7 +2313,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 			const promises = messages.map((m) => outboxQueue.enqueue(m));
 			const errors = (await Promise.allSettled(promises)).filter((r) => r.status === "rejected").map((r) => r.reason);
 			if (errors.length > 0) {
-				logger$2.error("Failed to enqueue activity {activityId} to send later: {errors}", {
+				logger$1.error("Failed to enqueue activity {activityId} to send later: {errors}", {
 					activityId: activity.id.href,
 					errors
 				});
@@ -1465,7 +2323,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 		} else try {
 			await outboxQueue.enqueueMany(messages);
 		} catch (error) {
-			logger$2.error("Failed to enqueue activity {activityId} to send later: {error}", {
+			logger$1.error("Failed to enqueue activity {activityId} to send later: {error}", {
 				activityId: activity.id.href,
 				error
 			});
@@ -1482,7 +2340,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					[ATTR_URL_FULL]: request.url
 				}
 			}, async (span) => {
-				const logger$2 = getLogger([
+				const logger$1 = getLogger([
 					"fedify",
 					"federation",
 					"http"
@@ -1501,7 +2359,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 						message: `${error}`
 					});
 					span.end();
-					logger$2.error("An error occurred while serving request {method} {url}: {error}", {
+					logger$1.error("An error occurred while serving request {method} {url}: {error}", {
 						method: request.method,
 						url: request.url,
 						error
@@ -1525,9 +2383,9 @@ var FederationImpl = class extends FederationBuilderImpl {
 					url: request.url,
 					status: response.status
 				};
-				if (response.status >= 500) logger$2.error(logTpl, values);
-				else if (response.status >= 400) logger$2.warn(logTpl, values);
-				else logger$2.info(logTpl, values);
+				if (response.status >= 500) logger$1.error(logTpl, values);
+				else if (response.status >= 400) logger$1.warn(logTpl, values);
+				else logger$1.info(logTpl, values);
 				return response;
 			});
 		});
@@ -1844,13 +2702,13 @@ var ContextImpl = class ContextImpl {
 		if (uri == null) return null;
 		if (uri.origin !== this.origin && uri.origin !== this.canonicalOrigin) return null;
 		const route = this.federation.router.route(uri.pathname);
-		const logger$2 = getLogger(["fedify", "federation"]);
+		const logger$1 = getLogger(["fedify", "federation"]);
 		if (route == null) return null;
 		else if (route.name === "sharedInbox") return {
 			type: "inbox",
 			identifier: void 0,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 			}
 		};
 		const identifier = "identifier" in route.values ? route.values.identifier : route.values.handle;
@@ -1858,7 +2716,7 @@ var ContextImpl = class ContextImpl {
 			type: "actor",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1874,7 +2732,7 @@ var ContextImpl = class ContextImpl {
 			type: "inbox",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1882,7 +2740,7 @@ var ContextImpl = class ContextImpl {
 			type: "outbox",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1890,7 +2748,7 @@ var ContextImpl = class ContextImpl {
 			type: "following",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1898,7 +2756,7 @@ var ContextImpl = class ContextImpl {
 			type: "followers",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1906,7 +2764,7 @@ var ContextImpl = class ContextImpl {
 			type: "liked",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1914,7 +2772,7 @@ var ContextImpl = class ContextImpl {
 			type: "featured",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
@@ -1922,19 +2780,19 @@ var ContextImpl = class ContextImpl {
 			type: "featuredTags",
 			identifier,
 			get handle() {
-				logger$2.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
+				logger$1.warn("The ParseUriResult.handle property is deprecated; use ParseUriResult.identifier instead.");
 				return identifier;
 			}
 		};
 		return null;
 	}
 	async getActorKeyPairs(identifier) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"actor"
 		]);
-		if (this.invokedFromActorKeyPairsDispatcher != null) logger$2.warn("Context.getActorKeyPairs({getActorKeyPairsIdentifier}) method is invoked from the actor key pairs dispatcher ({actorKeyPairsDispatcherIdentifier}); this may cause an infinite loop.", {
+		if (this.invokedFromActorKeyPairsDispatcher != null) logger$1.warn("Context.getActorKeyPairs({getActorKeyPairsIdentifier}) method is invoked from the actor key pairs dispatcher ({actorKeyPairsDispatcherIdentifier}); this may cause an infinite loop.", {
 			getActorKeyPairsIdentifier: identifier,
 			actorKeyPairsDispatcherIdentifier: this.invokedFromActorKeyPairsDispatcher.identifier
 		});
@@ -1942,7 +2800,7 @@ var ContextImpl = class ContextImpl {
 		try {
 			keyPairs = await this.getKeyPairsFromIdentifier(identifier);
 		} catch (_) {
-			logger$2.warn("No actor key pairs dispatcher registered.");
+			logger$1.warn("No actor key pairs dispatcher registered.");
 			return [];
 		}
 		const owner = this.getActorUri(identifier);
@@ -1966,7 +2824,7 @@ var ContextImpl = class ContextImpl {
 		return result;
 	}
 	async getKeyPairsFromIdentifier(identifier) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"actor"
@@ -1977,7 +2835,7 @@ var ContextImpl = class ContextImpl {
 			handle: identifier
 		});
 		if (path == null) {
-			logger$2.warn("No actor dispatcher registered.");
+			logger$1.warn("No actor dispatcher registered.");
 			return [];
 		}
 		const actorUri = new URL(path, this.canonicalOrigin);
@@ -1985,7 +2843,7 @@ var ContextImpl = class ContextImpl {
 			...this,
 			invokedFromActorKeyPairsDispatcher: { identifier }
 		}), identifier);
-		if (keyPairs.length < 1) logger$2.warn("No key pairs found for actor {identifier}.", { identifier });
+		if (keyPairs.length < 1) logger$1.warn("No key pairs found for actor {identifier}.", { identifier });
 		let i = 0;
 		const result = [];
 		for (const keyPair of keyPairs) {
@@ -2100,7 +2958,7 @@ var ContextImpl = class ContextImpl {
 		});
 	}
 	async sendActivityInternal(sender, recipients, activity, options, span) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"outbox"
@@ -2114,7 +2972,7 @@ var ContextImpl = class ContextImpl {
 				if ("username" in sender) username = sender.username;
 				else {
 					username = sender.handle;
-					logger$2.warn("The \"handle\" property for the sender parameter is deprecated; use \"identifier\" or \"username\" instead.", { sender });
+					logger$1.warn("The \"handle\" property for the sender parameter is deprecated; use \"identifier\" or \"username\" instead.", { sender });
 				}
 				if (this.federation.actorCallbacks?.handleMapper == null) identifier = username;
 				else {
@@ -2151,7 +3009,7 @@ var ContextImpl = class ContextImpl {
 		for (const activityTransformer of this.federation.activityTransformers) activity = activityTransformer(activity, this);
 		span?.setAttribute("activitypub.activity.id", activity?.id?.href ?? "");
 		if (activity.actorId == null) {
-			logger$2.error("Activity {activityId} to send does not have an actor.", {
+			logger$1.error("Activity {activityId} to send does not have an actor.", {
 				activity,
 				activityId: activity?.id?.href
 			});
@@ -2162,7 +3020,7 @@ var ContextImpl = class ContextImpl {
 			preferSharedInbox: options.preferSharedInbox,
 			excludeBaseUris: options.excludeBaseUris
 		});
-		logger$2.debug("Sending activity {activityId} to inboxes:\n{inboxes}", {
+		logger$1.debug("Sending activity {activityId} to inboxes:\n{inboxes}", {
 			inboxes: globalThis.Object.keys(inboxes),
 			activityId: activity.id?.href,
 			activity
@@ -2248,7 +3106,7 @@ var ContextImpl = class ContextImpl {
 		});
 	}
 	async routeActivityInternal(recipient, activity, options = {}, span) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"inbox"
@@ -2262,12 +3120,12 @@ var ContextImpl = class ContextImpl {
 			tracerProvider: options.tracerProvider ?? this.tracerProvider,
 			keyCache
 		}) == null) {
-			logger$2.debug("Object Integrity Proofs are not verified.", {
+			logger$1.debug("Object Integrity Proofs are not verified.", {
 				recipient,
 				activity: json
 			});
 			if (activity.id == null) {
-				logger$2.debug("Activity is missing an ID; unable to fetch.", {
+				logger$1.debug("Activity is missing an ID; unable to fetch.", {
 					recipient,
 					activity: json
 				});
@@ -2275,26 +3133,26 @@ var ContextImpl = class ContextImpl {
 			}
 			const fetched = await this.lookupObject(activity.id, options);
 			if (fetched == null) {
-				logger$2.debug("Failed to fetch the remote activity object {activityId}.", {
+				logger$1.debug("Failed to fetch the remote activity object {activityId}.", {
 					recipient,
 					activity: json,
 					activityId: activity.id.href
 				});
 				return false;
 			} else if (!(fetched instanceof Activity)) {
-				logger$2.debug("Fetched object is not an Activity.", {
+				logger$1.debug("Fetched object is not an Activity.", {
 					recipient,
 					activity: await fetched.toJsonLd({ contextLoader })
 				});
 				return false;
 			} else if (fetched.id?.href !== activity.id.href) {
-				logger$2.debug("Fetched activity object has a different ID; failed to verify.", {
+				logger$1.debug("Fetched activity object has a different ID; failed to verify.", {
 					recipient,
 					activity: await fetched.toJsonLd({ contextLoader })
 				});
 				return false;
 			} else if (fetched.actorIds.length < 1) {
-				logger$2.debug("Fetched activity object is missing an actor; unable to verify.", {
+				logger$1.debug("Fetched activity object is missing an actor; unable to verify.", {
 					recipient,
 					activity: await fetched.toJsonLd({ contextLoader })
 				});
@@ -2302,15 +3160,15 @@ var ContextImpl = class ContextImpl {
 			}
 			const activityId = fetched.id;
 			if (!fetched.actorIds.every((actor) => actor.origin === activityId.origin)) {
-				logger$2.debug("Fetched activity object has actors from different origins; unable to verify.", {
+				logger$1.debug("Fetched activity object has actors from different origins; unable to verify.", {
 					recipient,
 					activity: await fetched.toJsonLd({ contextLoader })
 				});
 				return false;
 			}
-			logger$2.debug("Successfully fetched the remote activity object {activityId}; ignore the original activity and use the fetched one, which is trustworthy.");
+			logger$1.debug("Successfully fetched the remote activity object {activityId}; ignore the original activity and use the fetched one, which is trustworthy.");
 			activity = fetched;
-		} else logger$2.debug("Object Integrity Proofs are verified.", {
+		} else logger$1.debug("Object Integrity Proofs are verified.", {
 			recipient,
 			activity: json
 		});
@@ -2454,7 +3312,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 		});
 	}
 	async forwardActivityInternal(forwarder, recipients, options) {
-		const logger$2 = getLogger([
+		const logger$1 = getLogger([
 			"fedify",
 			"federation",
 			"inbox"
@@ -2468,7 +3326,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 				if ("username" in forwarder) username = forwarder.username;
 				else {
 					username = forwarder.handle;
-					logger$2.warn("The \"handle\" property for the forwarder parameter is deprecated; use \"identifier\" or \"username\" instead.", { forwarder });
+					logger$1.warn("The \"handle\" property for the forwarder parameter is deprecated; use \"identifier\" or \"username\" instead.", { forwarder });
 				}
 				if (this.federation.actorCallbacks?.handleMapper == null) identifier = username;
 				else {
@@ -2492,7 +3350,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 			}
 			if (!hasProof) {
 				if (options?.skipIfUnsigned) return;
-				logger$2.warn("The received activity {activityId} is not signed; even if it is forwarded to other servers as is, it may not be accepted by them due to the lack of a signature/proof.");
+				logger$1.warn("The received activity {activityId} is not signed; even if it is forwarded to other servers as is, it may not be accepted by them due to the lack of a signature/proof.");
 			}
 		}
 		if (recipients === "followers") {
@@ -2506,14 +3364,14 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 			preferSharedInbox: options?.preferSharedInbox,
 			excludeBaseUris: options?.excludeBaseUris
 		});
-		logger$2.debug("Forwarding activity {activityId} to inboxes:\n{inboxes}", {
+		logger$1.debug("Forwarding activity {activityId} to inboxes:\n{inboxes}", {
 			inboxes: globalThis.Object.keys(inboxes),
 			activityId: this.activityId,
 			activity: this.activity
 		});
 		if (options?.immediate || this.federation.outboxQueue == null) {
-			if (options?.immediate) logger$2.debug("Forwarding activity immediately without queue since immediate option is set.");
-			else logger$2.debug("Forwarding activity immediately without queue since queue is not set.");
+			if (options?.immediate) logger$1.debug("Forwarding activity immediately without queue since immediate option is set.");
+			else logger$1.debug("Forwarding activity immediately without queue since queue is not set.");
 			const promises = [];
 			for (const inbox in inboxes) promises.push(sendActivity({
 				keys,
@@ -2528,7 +3386,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 			await Promise.all(promises);
 			return;
 		}
-		logger$2.debug("Enqueuing activity {activityId} to forward later.", {
+		logger$1.debug("Enqueuing activity {activityId} to forward later.", {
 			activityId: this.activityId,
 			activity: this.activity
 		});
@@ -2566,7 +3424,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 			const promises = messages.map((m) => outboxQueue.enqueue(m));
 			const errors = (await Promise.allSettled(promises)).filter((r) => r.status === "rejected").map((r) => r.reason);
 			if (errors.length > 0) {
-				logger$2.error("Failed to enqueue activity {activityId} to forward later:\n{errors}", {
+				logger$1.error("Failed to enqueue activity {activityId} to forward later:\n{errors}", {
 					activityId: this.activityId,
 					errors
 				});
@@ -2576,7 +3434,7 @@ var InboxContextImpl = class InboxContextImpl extends ContextImpl {
 		} else try {
 			await outboxQueue.enqueueMany(messages);
 		} catch (error) {
-			logger$2.error("Failed to enqueue activity {activityId} to forward later:\n{error}", {
+			logger$1.error("Failed to enqueue activity {activityId} to forward later:\n{error}", {
 				activityId: this.activityId,
 				error
 			});
@@ -2635,4 +3493,4 @@ function getRequestId(request) {
 }
 
 //#endregion
-export { autoIdAssigner as _, createFederation as a, handleCollection as c, respondWithObject as d, respondWithObjectIfAcceptable as f, actorDehydrator as g, handleNodeInfoJrd as h, KvSpecDeterminer as i, handleInbox as l, handleNodeInfo as m, FederationImpl as n, acceptsJsonLd as o, handleWebFinger as p, InboxContextImpl as r, handleActor as s, ContextImpl as t, handleObject as u };
+export { createFederation as a, respondWithObjectIfAcceptable as c, createFederationBuilder as d, Router$1 as f, KvSpecDeterminer as i, buildCollectionSynchronizationHeader as l, FederationImpl as n, createExponentialBackoffPolicy as o, RouterError as p, InboxContextImpl as r, respondWithObject as s, ContextImpl as t, digest as u };