@fedify/fedify 1.9.5 → 1.9.6

package/dist/federation/mq.test.js

@@ -3,12 +3,12 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import "../type-CfOWb_f6.js";
+import "../type-COPv6pMi.js";
 import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import { assert } from "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
-import "../lookup-BY7ipa5A.js";
-import { test } from "../testing-D3joI56Q.js";
+import "../lookup-BMAWLsP2.js";
+import { test } from "../testing-RPOc_gVG.js";
 import { assertGreater, assertGreaterOrEqual } from "../std__assert-X-_kMxKM.js";
 import { assertFalse } from "../assert_rejects-DiIiJbZn.js";
 import "../assert_is_error-BPGph1Jx.js";

package/dist/federation/retry.test.js

@@ -3,11 +3,11 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import "../type-CfOWb_f6.js";
+import "../type-COPv6pMi.js";
 import { AssertionError, assertEquals } from "../assert_equals-DSbWqCm3.js";
-import "../lookup-BY7ipa5A.js";
+import "../lookup-BMAWLsP2.js";
 import { createExponentialBackoffPolicy } from "../retry-D4GJ670a.js";
-import { test } from "../testing-D3joI56Q.js";
+import { test } from "../testing-RPOc_gVG.js";
 import { assertNotEquals } from "../assert_not_equals-f3m3epl3.js";
 
 //#region src/federation/retry.test.ts

package/dist/federation/router.test.js

@@ -3,12 +3,12 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import "../type-CfOWb_f6.js";
+import "../type-COPv6pMi.js";
 import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import { assert } from "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
-import { Router, RouterError } from "../lookup-BY7ipa5A.js";
-import { test } from "../testing-D3joI56Q.js";
+import { Router, RouterError } from "../lookup-BMAWLsP2.js";
+import { test } from "../testing-RPOc_gVG.js";
 import "../std__assert-X-_kMxKM.js";
 import { assertFalse } from "../assert_rejects-DiIiJbZn.js";
 import "../assert_is_error-BPGph1Jx.js";

package/dist/federation/send.test.js

@@ -3,24 +3,24 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, Application, Endpoints, Group, Person, Service } from "../type-CfOWb_f6.js";
+import { Activity, Application, Endpoints, Group, Person, Service } from "../type-COPv6pMi.js";
 import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import { assert } from "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
-import "../lookup-BY7ipa5A.js";
-import "../actor-EEh71Njb.js";
-import "../key-s7VkHdD2.js";
-import { verifyRequest } from "../http-Ddo0ZppP.js";
-import { doesActorOwnKey } from "../owner-DwNbDv2o.js";
-import { extractInboxes, sendActivity } from "../send-CLRuMS0k.js";
-import { mockDocumentLoader, test } from "../testing-D3joI56Q.js";
+import "../lookup-BMAWLsP2.js";
+import "../actor-DbpZ6pzg.js";
+import "../key-CPJcJjp-.js";
+import { verifyRequest } from "../http-05HxN-lp.js";
+import { doesActorOwnKey } from "../owner-DDHsHYQO.js";
+import { extractInboxes, sendActivity } from "../send-BfMYakUE.js";
+import { mockDocumentLoader, test } from "../testing-RPOc_gVG.js";
 import "../std__assert-X-_kMxKM.js";
 import { assertFalse, assertRejects } from "../assert_rejects-DiIiJbZn.js";
 import "../assert_is_error-BPGph1Jx.js";
 import { assertNotEquals } from "../assert_not_equals-f3m3epl3.js";
 import "../assert_throws-BOO88avQ.js";
-import { ed25519Multikey, ed25519PrivateKey, rsaPrivateKey2, rsaPublicKey2 } from "../keys-CfyZsHFW.js";
-import { esm_default } from "../esm-CpGJtXU9.js";
+import { ed25519Multikey, ed25519PrivateKey, rsaPrivateKey2, rsaPublicKey2 } from "../keys-IZ5050fT.js";
+import { esm_default } from "../esm-C1EfGjSS.js";
 
 //#region src/federation/send.test.ts
 test("extractInboxes()", () => {

package/dist/{http-Ddo0ZppP.js → http-05HxN-lp.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, deno_default } from "./type-CfOWb_f6.js";
-import { fetchKey, validateCryptoKey } from "./key-s7VkHdD2.js";
+import { CryptographicKey, FetchError, deno_default } from "./type-COPv6pMi.js";
+import { fetchKey, validateCryptoKey } from "./key-CPJcJjp-.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_URL_FULL } from "@opentelemetry/semantic-conventions";
@@ -13,6 +13,7 @@ import { encodeHex } from "byte-encodings/hex";
 import { Item, decodeDict, encodeItem } from "structured-field-values";
 
 //#region src/sig/http.ts
+const DEFAULT_MAX_REDIRECTION = 20;
 /**
 * Signs a request using the given private key.
 * @param request The request to sign.
@@ -724,7 +725,11 @@ function createRedirectRequest(request, location, body) {
 * @since 1.6.0
 */
 async function doubleKnock(request, identity, options = {}) {
+	return await doubleKnockInternal(request, identity, options);
+}
+async function doubleKnockInternal(request, identity, options, redirected = 0, visited = /* @__PURE__ */ new Set()) {
 	const { specDeterminer, log, tracerProvider, signal } = options;
+	visited.add(request.url);
 	const origin = new URL(request.url).origin;
 	const firstTrySpec = specDeterminer == null ? "rfc9421" : await specDeterminer.determineSpec(origin);
 	const body = options.body !== void 0 ? options.body : request.method !== "GET" && request.method !== "HEAD" ? await request.clone().arrayBuffer() : null;
@@ -739,11 +744,14 @@ async function doubleKnock(request, identity, options = {}) {
 		signal
 	});
 	if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+		if (redirected >= DEFAULT_MAX_REDIRECTION) throw new FetchError(request.url, `Too many redirections (${redirected + 1})`);
 		const location = response.headers.get("Location");
-		return doubleKnock(createRedirectRequest(request, location, body), identity, {
+		const redirectRequest = createRedirectRequest(request, location, body);
+		if (visited.has(redirectRequest.url)) throw new FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+		return doubleKnockInternal(redirectRequest, identity, {
 			...options,
 			body
-		});
+		}, redirected + 1, visited);
 	} else if (response.status === 400 || response.status === 401 || response.status > 401) {
 		const spec = firstTrySpec === "draft-cavage-http-signatures-12" ? "rfc9421" : "draft-cavage-http-signatures-12";
 		getLogger([
@@ -767,11 +775,14 @@ async function doubleKnock(request, identity, options = {}) {
 			signal
 		});
 		if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+			if (redirected >= DEFAULT_MAX_REDIRECTION) throw new FetchError(request.url, `Too many redirections (${redirected + 1})`);
 			const location = response.headers.get("Location");
-			return doubleKnock(createRedirectRequest(request, location, body), identity, {
+			const redirectRequest = createRedirectRequest(request, location, body);
+			if (visited.has(redirectRequest.url)) throw new FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+			return doubleKnockInternal(redirectRequest, identity, {
 				...options,
 				body
-			});
+			}, redirected + 1, visited);
 		} else if (response.status !== 400 && response.status !== 401) await specDeterminer?.rememberSpec(origin, spec);
 	} else await specDeterminer?.rememberSpec(origin, firstTrySpec);
 	return response;

package/dist/{http-BvRfZYTf.cjs → http-BgopPF-8.cjs}

@@ -3,9 +3,9 @@
           const { URLPattern } = require("urlpattern-polyfill");
         
 const require_chunk = require('./chunk-DqRYRqnO.cjs');
-const require_docloader = require('./docloader-D_YsJgEb.cjs');
-const require_actor = require('./actor-Bpeh1XeR.cjs');
-const require_key = require('./key-daNTxBaX.cjs');
+const require_docloader = require('./docloader-BIFI3OS7.cjs');
+const require_actor = require('./actor-DlS-Q8hE.cjs');
+const require_key = require('./key-DjS1X9TG.cjs');
 const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
 const byte_encodings_base64 = require_chunk.__toESM(require("byte-encodings/base64"));
@@ -14,6 +14,7 @@ const __opentelemetry_semantic_conventions = require_chunk.__toESM(require("@ope
 const structured_field_values = require_chunk.__toESM(require("structured-field-values"));
 
 //#region src/sig/http.ts
+const DEFAULT_MAX_REDIRECTION = 20;
 /**
 * Signs a request using the given private key.
 * @param request The request to sign.
@@ -725,7 +726,11 @@ function createRedirectRequest(request, location, body) {
 * @since 1.6.0
 */
 async function doubleKnock(request, identity, options = {}) {
+	return await doubleKnockInternal(request, identity, options);
+}
+async function doubleKnockInternal(request, identity, options, redirected = 0, visited = /* @__PURE__ */ new Set()) {
 	const { specDeterminer, log, tracerProvider, signal } = options;
+	visited.add(request.url);
 	const origin = new URL(request.url).origin;
 	const firstTrySpec = specDeterminer == null ? "rfc9421" : await specDeterminer.determineSpec(origin);
 	const body = options.body !== void 0 ? options.body : request.method !== "GET" && request.method !== "HEAD" ? await request.clone().arrayBuffer() : null;
@@ -740,11 +745,14 @@ async function doubleKnock(request, identity, options = {}) {
 		signal
 	});
 	if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+		if (redirected >= DEFAULT_MAX_REDIRECTION) throw new require_docloader.FetchError(request.url, `Too many redirections (${redirected + 1})`);
 		const location = response.headers.get("Location");
-		return doubleKnock(createRedirectRequest(request, location, body), identity, {
+		const redirectRequest = createRedirectRequest(request, location, body);
+		if (visited.has(redirectRequest.url)) throw new require_docloader.FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+		return doubleKnockInternal(redirectRequest, identity, {
 			...options,
 			body
-		});
+		}, redirected + 1, visited);
 	} else if (response.status === 400 || response.status === 401 || response.status > 401) {
 		const spec = firstTrySpec === "draft-cavage-http-signatures-12" ? "rfc9421" : "draft-cavage-http-signatures-12";
 		(0, __logtape_logtape.getLogger)([
@@ -768,11 +776,14 @@ async function doubleKnock(request, identity, options = {}) {
 			signal
 		});
 		if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+			if (redirected >= DEFAULT_MAX_REDIRECTION) throw new require_docloader.FetchError(request.url, `Too many redirections (${redirected + 1})`);
 			const location = response.headers.get("Location");
-			return doubleKnock(createRedirectRequest(request, location, body), identity, {
+			const redirectRequest = createRedirectRequest(request, location, body);
+			if (visited.has(redirectRequest.url)) throw new require_docloader.FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+			return doubleKnockInternal(redirectRequest, identity, {
 				...options,
 				body
-			});
+			}, redirected + 1, visited);
 		} else if (response.status !== 400 && response.status !== 401) await specDeterminer?.rememberSpec(origin, spec);
 	} else await specDeterminer?.rememberSpec(origin, firstTrySpec);
 	return response;

package/dist/{http-Cstrlwgg.js → http-CR-Eg1Uq.js}

@@ -2,9 +2,9 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
-import { deno_default } from "./docloader-ygR0HOEb.js";
-import { CryptographicKey } from "./actor-BScoqM7M.js";
-import { fetchKey, validateCryptoKey } from "./key-i1AKuYo2.js";
+import { FetchError, deno_default } from "./docloader-fJgJeqiX.js";
+import { CryptographicKey } from "./actor-CEGEmRll.js";
+import { fetchKey, validateCryptoKey } from "./key-ibMO03_0.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
@@ -13,6 +13,7 @@ import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_URL_FULL } fro
 import { Item, decodeDict, encodeItem } from "structured-field-values";
 
 //#region src/sig/http.ts
+const DEFAULT_MAX_REDIRECTION = 20;
 /**
 * Signs a request using the given private key.
 * @param request The request to sign.
@@ -724,7 +725,11 @@ function createRedirectRequest(request, location, body) {
 * @since 1.6.0
 */
 async function doubleKnock(request, identity, options = {}) {
+	return await doubleKnockInternal(request, identity, options);
+}
+async function doubleKnockInternal(request, identity, options, redirected = 0, visited = /* @__PURE__ */ new Set()) {
 	const { specDeterminer, log, tracerProvider, signal } = options;
+	visited.add(request.url);
 	const origin = new URL(request.url).origin;
 	const firstTrySpec = specDeterminer == null ? "rfc9421" : await specDeterminer.determineSpec(origin);
 	const body = options.body !== void 0 ? options.body : request.method !== "GET" && request.method !== "HEAD" ? await request.clone().arrayBuffer() : null;
@@ -739,11 +744,14 @@ async function doubleKnock(request, identity, options = {}) {
 		signal
 	});
 	if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+		if (redirected >= DEFAULT_MAX_REDIRECTION) throw new FetchError(request.url, `Too many redirections (${redirected + 1})`);
 		const location = response.headers.get("Location");
-		return doubleKnock(createRedirectRequest(request, location, body), identity, {
+		const redirectRequest = createRedirectRequest(request, location, body);
+		if (visited.has(redirectRequest.url)) throw new FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+		return doubleKnockInternal(redirectRequest, identity, {
 			...options,
 			body
-		});
+		}, redirected + 1, visited);
 	} else if (response.status === 400 || response.status === 401 || response.status > 401) {
 		const spec = firstTrySpec === "draft-cavage-http-signatures-12" ? "rfc9421" : "draft-cavage-http-signatures-12";
 		getLogger([
@@ -767,11 +775,14 @@ async function doubleKnock(request, identity, options = {}) {
 			signal
 		});
 		if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) {
+			if (redirected >= DEFAULT_MAX_REDIRECTION) throw new FetchError(request.url, `Too many redirections (${redirected + 1})`);
 			const location = response.headers.get("Location");
-			return doubleKnock(createRedirectRequest(request, location, body), identity, {
+			const redirectRequest = createRedirectRequest(request, location, body);
+			if (visited.has(redirectRequest.url)) throw new FetchError(request.url, `Redirect loop detected: ${redirectRequest.url}`);
+			return doubleKnockInternal(redirectRequest, identity, {
 				...options,
 				body
-			});
+			}, redirected + 1, visited);
 		} else if (response.status !== 400 && response.status !== 401) await specDeterminer?.rememberSpec(origin, spec);
 	} else await specDeterminer?.rememberSpec(origin, firstTrySpec);
 	return response;

package/dist/{inbox-D2vwgPg3.js → inbox-DcJN1cxM.js}

@@ -3,7 +3,7 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, deno_default, getTypeId } from "./type-CfOWb_f6.js";
+import { Activity, deno_default, getTypeId } from "./type-COPv6pMi.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
 

package/dist/{key--6LDhz4H.js → key-BCUd8FWp.js}

@@ -2,9 +2,9 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
-import "./docloader-ygR0HOEb.js";
-import "./actor-BScoqM7M.js";
-import "./lookup-DKLV3BDT.js";
-import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, validateCryptoKey } from "./key-i1AKuYo2.js";
+import "./docloader-fJgJeqiX.js";
+import "./actor-CEGEmRll.js";
+import "./lookup-CKZfuyxA.js";
+import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, validateCryptoKey } from "./key-ibMO03_0.js";
 
 export { validateCryptoKey };

package/dist/key-BUardnTH.cjs

@@ -0,0 +1,10 @@
+
+          const { Temporal } = require("@js-temporal/polyfill");
+          const { URLPattern } = require("urlpattern-polyfill");
+        
+require('./docloader-BIFI3OS7.cjs');
+require('./actor-DlS-Q8hE.cjs');
+require('./lookup-C4_dVYz7.cjs');
+const require_key = require('./key-DjS1X9TG.cjs');
+
+exports.validateCryptoKey = require_key.validateCryptoKey;

package/dist/{key-s7VkHdD2.js → key-CPJcJjp-.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Object as Object$1, deno_default, getDocumentLoader } from "./type-CfOWb_f6.js";
-import { isActor } from "./actor-EEh71Njb.js";
+import { CryptographicKey, Object as Object$1, deno_default, getDocumentLoader } from "./type-COPv6pMi.js";
+import { isActor } from "./actor-DbpZ6pzg.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 

package/dist/{key-daNTxBaX.cjs → key-DjS1X9TG.cjs}

@@ -3,8 +3,8 @@
           const { URLPattern } = require("urlpattern-polyfill");
         
 const require_chunk = require('./chunk-DqRYRqnO.cjs');
-const require_docloader = require('./docloader-D_YsJgEb.cjs');
-const require_actor = require('./actor-Bpeh1XeR.cjs');
+const require_docloader = require('./docloader-BIFI3OS7.cjs');
+const require_actor = require('./actor-DlS-Q8hE.cjs');
 const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
 

package/dist/{key-iV9rIe_w.js → key-Dr6H_e3K.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import "./type-CfOWb_f6.js";
-import "./actor-EEh71Njb.js";
-import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, validateCryptoKey } from "./key-s7VkHdD2.js";
+import "./type-COPv6pMi.js";
+import "./actor-DbpZ6pzg.js";
+import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, validateCryptoKey } from "./key-CPJcJjp-.js";
 
 export { validateCryptoKey };

package/dist/{key-i1AKuYo2.js → key-ibMO03_0.js}

@@ -2,8 +2,8 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
-import { deno_default, getDocumentLoader } from "./docloader-ygR0HOEb.js";
-import { CryptographicKey, Object as Object$1, isActor } from "./actor-BScoqM7M.js";
+import { deno_default, getDocumentLoader } from "./docloader-fJgJeqiX.js";
+import { CryptographicKey, Object as Object$1, isActor } from "./actor-CEGEmRll.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 

package/dist/{keycache-D-5tZgkF.js → keycache-CMUfqYqr.js}

@@ -3,9 +3,14 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Multikey } from "./type-CfOWb_f6.js";
+import { CryptographicKey, Multikey } from "./type-COPv6pMi.js";
 
 //#region src/federation/keycache.ts
+const NULL_KEY_CACHE_VALUE = { _fedify: "key-unavailable" };
+const NULL_KEY_CACHE_TTL = Temporal.Duration.from({ minutes: 5 });
+function isNullKeyCacheValue(value) {
+	return typeof value === "object" && value != null && "_fedify" in value && value._fedify === NULL_KEY_CACHE_VALUE._fedify;
+}
 var KvKeyCache = class {
 	kv;
 	prefix;
@@ -21,6 +26,10 @@ var KvKeyCache = class {
 		if (this.nullKeys.has(keyId.href)) return null;
 		const serialized = await this.kv.get([...this.prefix, keyId.href]);
 		if (serialized == null) return void 0;
+		if (isNullKeyCacheValue(serialized)) {
+			this.nullKeys.add(keyId.href);
+			return null;
+		}
 		try {
 			return await CryptographicKey.fromJsonLd(serialized, this.options);
 		} catch {
@@ -35,7 +44,7 @@ var KvKeyCache = class {
 	async set(keyId, key) {
 		if (key == null) {
 			this.nullKeys.add(keyId.href);
-			await this.kv.delete([...this.prefix, keyId.href]);
+			await this.kv.set([...this.prefix, keyId.href], NULL_KEY_CACHE_VALUE, { ttl: NULL_KEY_CACHE_TTL });
 			return;
 		}
 		this.nullKeys.delete(keyId.href);

package/dist/{keys-CfyZsHFW.js → keys-IZ5050fT.js}

@@ -3,7 +3,7 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Multikey, importSpki } from "./type-CfOWb_f6.js";
+import { CryptographicKey, Multikey, importSpki } from "./type-COPv6pMi.js";
 
 //#region src/testing/keys.ts
 const rsaPublicKey1 = new CryptographicKey({

package/dist/{ld-D08-gVSY.js → ld-DHNA2RSQ.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, CryptographicKey, Object as Object$1, deno_default, getDocumentLoader, getTypeId } from "./type-CfOWb_f6.js";
-import { fetchKey, validateCryptoKey } from "./key-s7VkHdD2.js";
+import { Activity, CryptographicKey, Object as Object$1, deno_default, getDocumentLoader, getTypeId } from "./type-COPv6pMi.js";
+import { fetchKey, validateCryptoKey } from "./key-CPJcJjp-.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";

package/dist/{lookup-BY7ipa5A.js → lookup-BMAWLsP2.js}

@@ -3,7 +3,7 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Object as Object$1, deno_default, getDocumentLoader, getTypeId, lookupWebFinger } from "./type-CfOWb_f6.js";
+import { Object as Object$1, deno_default, getDocumentLoader, getTypeId, lookupWebFinger } from "./type-COPv6pMi.js";
 import { cloneDeep, delay } from "es-toolkit";
 import { getLogger } from "@logtape/logtape";
 import { SpanStatusCode, trace } from "@opentelemetry/api";

package/dist/{lookup-B8OwEXPT.cjs → lookup-C4_dVYz7.cjs}

@@ -3,7 +3,7 @@
           const { URLPattern } = require("urlpattern-polyfill");
         
 const require_chunk = require('./chunk-DqRYRqnO.cjs');
-const require_docloader = require('./docloader-D_YsJgEb.cjs');
+const require_docloader = require('./docloader-BIFI3OS7.cjs');
 const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
 

package/dist/{lookup-DKLV3BDT.js → lookup-CKZfuyxA.js}

@@ -2,7 +2,7 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
-import { UrlError, deno_default, getUserAgent, validatePublicUrl } from "./docloader-ygR0HOEb.js";
+import { UrlError, deno_default, getUserAgent, validatePublicUrl } from "./docloader-fJgJeqiX.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 

package/dist/middleware-BJ83veqi.js

@@ -0,0 +1,26 @@
+
+      import { Temporal } from "@js-temporal/polyfill";
+      import { URLPattern } from "urlpattern-polyfill";
+      globalThis.addEventListener = () => {};
+    
+import "./type-COPv6pMi.js";
+import { ContextImpl, FederationImpl, InboxContextImpl, KvSpecDeterminer, createFederation } from "./middleware-DrhEvfTo.js";
+import "./semver-dArNLkR9.js";
+import "./client-UG5wpNhG.js";
+import "./lookup-BMAWLsP2.js";
+import "./types-BIgY6c-l.js";
+import "./actor-DbpZ6pzg.js";
+import "./key-CPJcJjp-.js";
+import "./http-05HxN-lp.js";
+import "./authdocloader-BLqMyboS.js";
+import "./ld-DHNA2RSQ.js";
+import "./owner-DDHsHYQO.js";
+import "./proof-exgGRW88.js";
+import "./inbox-DcJN1cxM.js";
+import "./builder-BO61xeXE.js";
+import "./collection-CSzG2j1P.js";
+import "./keycache-CMUfqYqr.js";
+import "./retry-D4GJ670a.js";
+import "./send-BfMYakUE.js";
+
+export { FederationImpl };

package/dist/{middleware-BPgbdjdi.cjs → middleware-CGbvIGvy.cjs}

@@ -4,15 +4,15 @@
         
 const require_chunk = require('./chunk-DqRYRqnO.cjs');
 const require_transformers = require('./transformers-CoBS-oFG.cjs');
-const require_docloader = require('./docloader-D_YsJgEb.cjs');
-const require_actor = require('./actor-Bpeh1XeR.cjs');
-const require_lookup = require('./lookup-B8OwEXPT.cjs');
-const require_key = require('./key-daNTxBaX.cjs');
-const require_http = require('./http-BvRfZYTf.cjs');
-const require_proof = require('./proof-Cf8y40Qt.cjs');
-const require_types = require('./types-CUQq-S-s.cjs');
-const require_authdocloader = require('./authdocloader-Cln84bGw.cjs');
-const require_vocab = require('./vocab-tt4hGhXv.cjs');
+const require_docloader = require('./docloader-BIFI3OS7.cjs');
+const require_actor = require('./actor-DlS-Q8hE.cjs');
+const require_lookup = require('./lookup-C4_dVYz7.cjs');
+const require_key = require('./key-DjS1X9TG.cjs');
+const require_http = require('./http-BgopPF-8.cjs');
+const require_proof = require('./proof-CX7ujFFX.cjs');
+const require_types = require('./types-CGnM1vft.cjs');
+const require_authdocloader = require('./authdocloader-CT_V4Z7G.cjs');
+const require_vocab = require('./vocab-BFy1CS5L.cjs');
 const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
 const byte_encodings_hex = require_chunk.__toESM(require("byte-encodings/hex"));
@@ -345,7 +345,7 @@ var FederationBuilderImpl = class {
 		this.collectionTypeIds = {};
 	}
 	async build(options) {
-		const { FederationImpl: FederationImpl$1 } = await Promise.resolve().then(() => require("./middleware-DGlXFNnB.cjs"));
+		const { FederationImpl: FederationImpl$1 } = await Promise.resolve().then(() => require("./middleware-CJ4W2ir5.cjs"));
 		const f = new FederationImpl$1(options);
 		const trailingSlashInsensitiveValue = f.router.trailingSlashInsensitive;
 		f.router = this.router.clone();
@@ -913,6 +913,11 @@ async function buildCollectionSynchronizationHeader(collectionId, actorIds) {
 
 //#endregion
 //#region src/federation/keycache.ts
+const NULL_KEY_CACHE_VALUE = { _fedify: "key-unavailable" };
+const NULL_KEY_CACHE_TTL = Temporal.Duration.from({ minutes: 5 });
+function isNullKeyCacheValue(value) {
+	return typeof value === "object" && value != null && "_fedify" in value && value._fedify === NULL_KEY_CACHE_VALUE._fedify;
+}
 var KvKeyCache = class {
 	kv;
 	prefix;
@@ -928,6 +933,10 @@ var KvKeyCache = class {
 		if (this.nullKeys.has(keyId.href)) return null;
 		const serialized = await this.kv.get([...this.prefix, keyId.href]);
 		if (serialized == null) return void 0;
+		if (isNullKeyCacheValue(serialized)) {
+			this.nullKeys.add(keyId.href);
+			return null;
+		}
 		try {
 			return await require_actor.CryptographicKey.fromJsonLd(serialized, this.options);
 		} catch {
@@ -942,7 +951,7 @@ var KvKeyCache = class {
 	async set(keyId, key) {
 		if (key == null) {
 			this.nullKeys.add(keyId.href);
-			await this.kv.delete([...this.prefix, keyId.href]);
+			await this.kv.set([...this.prefix, keyId.href], NULL_KEY_CACHE_VALUE, { ttl: NULL_KEY_CACHE_TTL });
 			return;
 		}
 		this.nullKeys.delete(keyId.href);

package/dist/middleware-CJ4W2ir5.cjs

@@ -0,0 +1,17 @@
+
+          const { Temporal } = require("@js-temporal/polyfill");
+          const { URLPattern } = require("urlpattern-polyfill");
+        
+require('./transformers-CoBS-oFG.cjs');
+require('./docloader-BIFI3OS7.cjs');
+require('./actor-DlS-Q8hE.cjs');
+const require_middleware = require('./middleware-CGbvIGvy.cjs');
+require('./lookup-C4_dVYz7.cjs');
+require('./key-DjS1X9TG.cjs');
+require('./http-BgopPF-8.cjs');
+require('./proof-CX7ujFFX.cjs');
+require('./types-CGnM1vft.cjs');
+require('./authdocloader-CT_V4Z7G.cjs');
+require('./vocab-BFy1CS5L.cjs');
+
+exports.FederationImpl = require_middleware.FederationImpl;

package/dist/{middleware-BU1AB564.js → middleware-DrhEvfTo.js}

@@ -3,22 +3,22 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, Collection, CollectionPage, CryptographicKey, Link, Multikey, Object as Object$1, OrderedCollection, OrderedCollectionPage, deno_default, getDocumentLoader, getTypeId, kvCache, lookupWebFinger } from "./type-CfOWb_f6.js";
-import { getNodeInfo } from "./client-BjEfcq0Q.js";
-import { RouterError, lookupObject, traverseCollection } from "./lookup-BY7ipa5A.js";
+import { Activity, Collection, CollectionPage, CryptographicKey, Link, Multikey, Object as Object$1, OrderedCollection, OrderedCollectionPage, deno_default, getDocumentLoader, getTypeId, kvCache, lookupWebFinger } from "./type-COPv6pMi.js";
+import { getNodeInfo } from "./client-UG5wpNhG.js";
+import { RouterError, lookupObject, traverseCollection } from "./lookup-BMAWLsP2.js";
 import { nodeInfoToJson } from "./types-BIgY6c-l.js";
-import { exportJwk, importJwk, validateCryptoKey } from "./key-s7VkHdD2.js";
-import { verifyRequest } from "./http-Ddo0ZppP.js";
-import { getAuthenticatedDocumentLoader } from "./authdocloader-zA6GeFTV.js";
-import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-D08-gVSY.js";
-import { doesActorOwnKey, getKeyOwner } from "./owner-DwNbDv2o.js";
-import { signObject, verifyObject } from "./proof-CesqsPsI.js";
-import { routeActivity } from "./inbox-D2vwgPg3.js";
-import { FederationBuilderImpl } from "./builder-vhQAUB_c.js";
+import { exportJwk, importJwk, validateCryptoKey } from "./key-CPJcJjp-.js";
+import { verifyRequest } from "./http-05HxN-lp.js";
+import { getAuthenticatedDocumentLoader } from "./authdocloader-BLqMyboS.js";
+import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-DHNA2RSQ.js";
+import { doesActorOwnKey, getKeyOwner } from "./owner-DDHsHYQO.js";
+import { signObject, verifyObject } from "./proof-exgGRW88.js";
+import { routeActivity } from "./inbox-DcJN1cxM.js";
+import { FederationBuilderImpl } from "./builder-BO61xeXE.js";
 import { buildCollectionSynchronizationHeader } from "./collection-CSzG2j1P.js";
-import { KvKeyCache } from "./keycache-D-5tZgkF.js";
+import { KvKeyCache } from "./keycache-CMUfqYqr.js";
 import { createExponentialBackoffPolicy } from "./retry-D4GJ670a.js";
-import { extractInboxes, sendActivity } from "./send-CLRuMS0k.js";
+import { extractInboxes, sendActivity } from "./send-BfMYakUE.js";
 import { getLogger, withContext } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
 import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_HTTP_RESPONSE_HEADER, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_URL_FULL } from "@opentelemetry/semantic-conventions";