@fedify/fedify 2.0.0-dev.1566 → 2.0.0-dev.158

package/dist/{inbox-CtcEN1S1.js → inbox-B7ybw6fk.js}

@@ -3,8 +3,9 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, deno_default, getTypeId } from "./type-B7_rMIU9.js";
+import { deno_default } from "./deno-CQV858ip.js";
 import { getLogger } from "@logtape/logtape";
+import { Activity, getTypeId } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
 
 //#region src/federation/inbox.ts
@@ -41,17 +42,34 @@ var InboxListenerSet = class InboxListenerSet {
 		return this.dispatchWithClass(activity)?.listener ?? null;
 	}
 };
-async function routeActivity({ context: ctx, json, activity, recipient, inboxListeners, inboxContextFactory, inboxErrorHandler, kv, kvPrefixes, queue, span, tracerProvider }) {
+async function routeActivity({ context: ctx, json, activity, recipient, inboxListeners, inboxContextFactory, inboxErrorHandler, kv, kvPrefixes, queue, span, tracerProvider, idempotencyStrategy }) {
 	const logger = getLogger([
 		"fedify",
 		"federation",
 		"inbox"
 	]);
-	const cacheKey = activity.id == null ? null : [
-		...kvPrefixes.activityIdempotence,
-		ctx.origin,
-		activity.id.href
-	];
+	let cacheKey = null;
+	if (activity.id != null) {
+		const inboxContext = inboxContextFactory(recipient, json, activity.id?.href, getTypeId(activity).href);
+		const strategy = idempotencyStrategy ?? "per-inbox";
+		let keyString;
+		if (typeof strategy === "function") {
+			const result = await strategy(inboxContext, activity);
+			keyString = result;
+		} else switch (strategy) {
+			case "global":
+				keyString = activity.id.href;
+				break;
+			case "per-origin":
+				keyString = `${ctx.origin}\n${activity.id.href}`;
+				break;
+			case "per-inbox":
+				keyString = `${ctx.origin}\n${activity.id.href}\n${recipient == null ? "sharedInbox" : `inbox\n${recipient}`}`;
+				break;
+			default: keyString = `${ctx.origin}\n${activity.id.href}`;
+		}
+		if (keyString != null) cacheKey = [...kvPrefixes.activityIdempotence, keyString];
+	}
 	if (cacheKey != null) {
 		const cached = await kv.get(cacheKey);
 		if (cached === true) {

package/dist/{key-q4xxkABj.js → key-C27c_yHR.js}

@@ -3,9 +3,10 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Object as Object$1, deno_default, getDocumentLoader } from "./type-B7_rMIU9.js";
-import { isActor } from "./actor-DI_YpFlI.js";
+import { deno_default } from "./deno-CQV858ip.js";
 import { getLogger } from "@logtape/logtape";
+import { CryptographicKey, Object as Object$1, isActor } from "@fedify/vocab";
+import { getDocumentLoader } from "@fedify/vocab-runtime";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 
 //#region src/sig/key.ts

package/dist/{keycache-CtCHz6HR.js → keycache-DRxpZ5r9.js}

@@ -3,7 +3,7 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Multikey } from "./type-B7_rMIU9.js";
+import { CryptographicKey, Multikey } from "@fedify/vocab";
 
 //#region src/federation/keycache.ts
 var KvKeyCache = class {

package/dist/{keys-BiuLoxwK.js → keys-ZbcByPg9.js}

@@ -3,7 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Multikey, importSpki } from "./type-B7_rMIU9.js";
+import { CryptographicKey, Multikey } from "@fedify/vocab";
+import { importSpki } from "@fedify/vocab-runtime";
 
 //#region src/testing/keys.ts
 const rsaPublicKey1 = new CryptographicKey({

package/dist/{kv-C7sopW2E.d.ts → kv-CtOmTRNc.d.ts}

@@ -19,6 +19,21 @@ interface KvStoreSetOptions {
    */
   ttl?: Temporal.Duration;
 }
+/**
+ * An entry returned by the {@link KvStore.list} method.
+ *
+ * @since 1.10.0
+ */
+interface KvStoreListEntry {
+  /**
+   * The key of the entry.
+   */
+  key: KvKey;
+  /**
+   * The value of the entry.
+   */
+  value: unknown;
+}
 /**
  * An abstract interface for a key–value store.
  *
@@ -54,6 +69,16 @@ interface KvStore {
    * @since 1.8.0
    */
   cas?: (key: KvKey, expectedValue: unknown, newValue: unknown, options?: KvStoreSetOptions) => Promise<boolean>;
+  /**
+   * Lists all entries in the store that match the given prefix.
+   * If no prefix is given, all entries are returned.
+   * @param prefix The prefix to filter keys by.  If not specified, all entries
+   *               are returned.
+   * @returns An async iterable of entries matching the prefix.
+   * @since 1.10.0
+   * @since 2.0.0 This method is now required instead of optional.
+   */
+  list(prefix?: KvKey): AsyncIterable<KvStoreListEntry>;
 }
 /**
  * A key–value store that stores values in memory.
@@ -79,6 +104,10 @@ declare class MemoryKvStore implements KvStore {
    * {@inheritDoc KvStore.cas}
    */
   cas(key: KvKey, expectedValue: unknown, newValue: unknown, options?: KvStoreSetOptions): Promise<boolean>;
+  /**
+   * {@inheritDoc KvStore.list}
+   */
+  list(prefix?: KvKey): AsyncIterable<KvStoreListEntry>;
 }
 //#endregion
-export { KvKey, KvStore, KvStoreSetOptions, MemoryKvStore };
+export { KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore };

package/dist/kv-D8q9fLkA.d.cts

@@ -0,0 +1,110 @@
+//#region src/federation/kv.d.ts
+/**
+ * A key for a key–value store.  An array of one or more strings.
+ *
+ * @since 0.5.0
+ */
+type KvKey = readonly [string] | readonly [string, ...string[]];
+/**
+ * Additional options for setting a value in a key–value store.
+ *
+ * @since 0.5.0
+ */
+interface KvStoreSetOptions {
+  /**
+   * The time-to-live (TTL) for the value.
+   */
+  ttl?: Temporal.Duration;
+}
+/**
+ * An entry returned by the {@link KvStore.list} method.
+ *
+ * @since 1.10.0
+ */
+interface KvStoreListEntry {
+  /**
+   * The key of the entry.
+   */
+  key: KvKey;
+  /**
+   * The value of the entry.
+   */
+  value: unknown;
+}
+/**
+ * An abstract interface for a key–value store.
+ *
+ * @since 0.5.0
+ */
+interface KvStore {
+  /**
+   * Gets the value for the given key.
+   * @param key The key to get the value for.
+   * @returns The value for the key, or `undefined` if the key does not exist.
+   * @template T The type of the value to get.
+   */
+  get<T = unknown>(key: KvKey): Promise<T | undefined>;
+  /**
+   * Sets the value for the given key.
+   * @param key The key to set the value for.
+   * @param value The value to set.
+   * @param options Additional options for setting the value.
+   */
+  set(key: KvKey, value: unknown, options?: KvStoreSetOptions): Promise<void>;
+  /**
+   * Deletes the value for the given key.
+   * @param key The key to delete.
+   */
+  delete(key: KvKey): Promise<void>;
+  /**
+   * Compare-and-swap (CAS) operation for the key–value store.
+   * @param key The key to perform the CAS operation on.
+   * @param expectedValue The expected value for the key.
+   * @param newValue The new value to set if the expected value matches.
+   * @param options Additional options for setting the value.
+   * @return `true` if the CAS operation was successful, `false` otherwise.
+   * @since 1.8.0
+   */
+  cas?: (key: KvKey, expectedValue: unknown, newValue: unknown, options?: KvStoreSetOptions) => Promise<boolean>;
+  /**
+   * Lists all entries in the store that match the given prefix.
+   * If no prefix is given, all entries are returned.
+   * @param prefix The prefix to filter keys by.  If not specified, all entries
+   *               are returned.
+   * @returns An async iterable of entries matching the prefix.
+   * @since 1.10.0
+   * @since 2.0.0 This method is now required instead of optional.
+   */
+  list(prefix?: KvKey): AsyncIterable<KvStoreListEntry>;
+}
+/**
+ * A key–value store that stores values in memory.
+ * Do not use this in production as it does not persist values.
+ *
+ * @since 0.5.0
+ */
+declare class MemoryKvStore implements KvStore {
+  #private;
+  /**
+   * {@inheritDoc KvStore.get}
+   */
+  get<T = unknown>(key: KvKey): Promise<T | undefined>;
+  /**
+   * {@inheritDoc KvStore.set}
+   */
+  set(key: KvKey, value: unknown, options?: KvStoreSetOptions): Promise<void>;
+  /**
+   * {@inheritDoc KvStore.delete}
+   */
+  delete(key: KvKey): Promise<void>;
+  /**
+   * {@inheritDoc KvStore.cas}
+   */
+  cas(key: KvKey, expectedValue: unknown, newValue: unknown, options?: KvStoreSetOptions): Promise<boolean>;
+  /**
+   * {@inheritDoc KvStore.list}
+   */
+  list(prefix?: KvKey): AsyncIterable<KvStoreListEntry>;
+}
+//#endregion
+export { KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore };

package/dist/{kv-CRZrzyXm.js → kv-QzKcOQgP.js}

@@ -68,6 +68,28 @@ var MemoryKvStore = class {
 		this.#values[encodedKey] = [newValue, expiration];
 		return Promise.resolve(true);
 	}
+	/**
+	* {@inheritDoc KvStore.list}
+	*/
+	async *list(prefix) {
+		const now = Temporal.Now.instant();
+		for (const [encodedKey, entry] of Object.entries(this.#values)) {
+			const key = JSON.parse(encodedKey);
+			if (prefix != null) {
+				if (key.length < prefix.length) continue;
+				if (!prefix.every((p, i) => key[i] === p)) continue;
+			}
+			const [value, expiration] = entry;
+			if (expiration != null && now.until(expiration).sign < 0) {
+				delete this.#values[encodedKey];
+				continue;
+			}
+			yield {
+				key,
+				value
+			};
+		}
+	}
 };
 
 //#endregion

package/dist/kv-cache-B7dwGQFA.js

@@ -0,0 +1,122 @@
+
+          import { Temporal } from "@js-temporal/polyfill";
+          import { URLPattern } from "urlpattern-polyfill";
+        
+import { doubleKnock, validateCryptoKey } from "./http-BizGfAHd.js";
+import { getLogger } from "@logtape/logtape";
+import { curry } from "es-toolkit";
+import { UrlError, createActivityPubRequest, getDocumentLoader, getRemoteDocument, logRequest, preloadedContexts, validatePublicUrl } from "@fedify/vocab-runtime";
+
+//#region src/utils/docloader.ts
+const logger$1 = getLogger([
+	"fedify",
+	"utils",
+	"docloader"
+]);
+/**
+* Gets an authenticated {@link DocumentLoader} for the given identity.
+* Note that an authenticated document loader intentionally does not cache
+* the fetched documents.
+* @param identity The identity to get the document loader for.
+*                 The actor's key pair.
+* @param options The options for the document loader.
+* @returns The authenticated document loader.
+* @throws {TypeError} If the key is invalid or unsupported.
+* @since 0.4.0
+*/
+function getAuthenticatedDocumentLoader(identity, { allowPrivateAddress, userAgent, specDeterminer, tracerProvider } = {}) {
+	validateCryptoKey(identity.privateKey);
+	async function load(url, options) {
+		if (!allowPrivateAddress) try {
+			await validatePublicUrl(url);
+		} catch (error) {
+			if (error instanceof UrlError) logger$1.error("Disallowed private URL: {url}", {
+				url,
+				error
+			});
+			throw error;
+		}
+		const originalRequest = createActivityPubRequest(url, { userAgent });
+		const response = await doubleKnock(originalRequest, identity, {
+			specDeterminer,
+			log: curry(logRequest)(logger$1),
+			tracerProvider,
+			signal: options?.signal
+		});
+		return getRemoteDocument(url, response, load);
+	}
+	return load;
+}
+const _fetchDocumentLoader = getDocumentLoader();
+const _fetchDocumentLoader_allowPrivateAddress = getDocumentLoader({ allowPrivateAddress: true });
+
+//#endregion
+//#region src/utils/kv-cache.ts
+const logger = getLogger([
+	"fedify",
+	"utils",
+	"kv-cache"
+]);
+/**
+* Decorates a {@link DocumentLoader} with a cache backed by a {@link Deno.Kv}.
+* @param parameters The parameters for the cache.
+* @returns The decorated document loader which is cache-enabled.
+*/
+function kvCache({ loader, kv, prefix, rules }) {
+	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
+	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
+	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	return async (url, options) => {
+		if (url in preloadedContexts) {
+			logger.debug("Using preloaded context: {url}.", { url });
+			return {
+				contextUrl: null,
+				document: preloadedContexts[url],
+				documentUrl: url
+			};
+		}
+		const match = matchRule(url, rules);
+		if (match == null) return await loader(url, options);
+		const key = [...keyPrefix, url];
+		let cache = void 0;
+		try {
+			cache = await kv.get(key);
+		} catch (error) {
+			if (error instanceof Error) logger.warn("Failed to get the document of {url} from the KV cache: {error}", {
+				url,
+				error
+			});
+		}
+		if (cache == null) {
+			const remoteDoc = await loader(url, options);
+			try {
+				await kv.set(key, remoteDoc, { ttl: match });
+			} catch (error) {
+				logger.warn("Failed to save the document of {url} to the KV cache: {error}", {
+					url,
+					error
+				});
+			}
+			return remoteDoc;
+		}
+		return cache;
+	};
+}
+function matchRule(url, rules) {
+	for (const [pattern, d] of rules) {
+		const duration = d instanceof Temporal.Duration ? d : Temporal.Duration.from(d);
+		if (typeof pattern === "string") {
+			if (url === pattern) return duration;
+			continue;
+		}
+		if (pattern instanceof URL) {
+			if (pattern.href == url) return duration;
+			continue;
+		}
+		if (pattern.test(url)) return duration;
+	}
+	return null;
+}
+
+//#endregion
+export { getAuthenticatedDocumentLoader, kvCache };

package/dist/kv-cache-BEeqyGER.js

@@ -0,0 +1,107 @@
+
+      import { Temporal } from "@js-temporal/polyfill";
+      import { URLPattern } from "urlpattern-polyfill";
+      globalThis.addEventListener = () => {};
+    
+import { getLogger } from "@logtape/logtape";
+import { preloadedContexts } from "@fedify/vocab-runtime";
+
+//#region src/utils/kv-cache.ts
+const logger = getLogger([
+	"fedify",
+	"utils",
+	"kv-cache"
+]);
+/**
+* A mock implementation of a key–value store for testing purposes.
+*/
+var MockKvStore = class {
+	#values = {};
+	get(key) {
+		return Promise.resolve(this.#values[JSON.stringify(key)]);
+	}
+	set(key, value, _options) {
+		this.#values[JSON.stringify(key)] = value;
+		return Promise.resolve();
+	}
+	async delete(_) {}
+	cas(..._) {
+		return Promise.resolve(false);
+	}
+	async *list(prefix) {
+		for (const [encodedKey, value] of Object.entries(this.#values)) {
+			const key = JSON.parse(encodedKey);
+			if (prefix != null) {
+				if (key.length < prefix.length) continue;
+				if (!prefix.every((p, i) => key[i] === p)) continue;
+			}
+			yield {
+				key,
+				value
+			};
+		}
+	}
+};
+/**
+* Decorates a {@link DocumentLoader} with a cache backed by a {@link Deno.Kv}.
+* @param parameters The parameters for the cache.
+* @returns The decorated document loader which is cache-enabled.
+*/
+function kvCache({ loader, kv, prefix, rules }) {
+	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
+	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
+	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	return async (url, options) => {
+		if (url in preloadedContexts) {
+			logger.debug("Using preloaded context: {url}.", { url });
+			return {
+				contextUrl: null,
+				document: preloadedContexts[url],
+				documentUrl: url
+			};
+		}
+		const match = matchRule(url, rules);
+		if (match == null) return await loader(url, options);
+		const key = [...keyPrefix, url];
+		let cache = void 0;
+		try {
+			cache = await kv.get(key);
+		} catch (error) {
+			if (error instanceof Error) logger.warn("Failed to get the document of {url} from the KV cache: {error}", {
+				url,
+				error
+			});
+		}
+		if (cache == null) {
+			const remoteDoc = await loader(url, options);
+			try {
+				await kv.set(key, remoteDoc, { ttl: match });
+			} catch (error) {
+				logger.warn("Failed to save the document of {url} to the KV cache: {error}", {
+					url,
+					error
+				});
+			}
+			return remoteDoc;
+		}
+		return cache;
+	};
+}
+function matchRule(url, rules) {
+	for (const [pattern, d] of rules) {
+		const duration = d instanceof Temporal.Duration ? d : Temporal.Duration.from(d);
+		if (typeof pattern === "string") {
+			if (url === pattern) return duration;
+			continue;
+		}
+		if (pattern instanceof URL) {
+			if (pattern.href == url) return duration;
+			continue;
+		}
+		if (pattern.test(url)) return duration;
+	}
+	return null;
+}
+
+//#endregion
+export { MockKvStore, kvCache };

package/dist/kv-cache-rPOPQdj9.cjs

@@ -0,0 +1,134 @@
+
+          const { Temporal } = require("@js-temporal/polyfill");
+          const { URLPattern } = require("urlpattern-polyfill");
+        
+const require_chunk = require('./chunk-DqRYRqnO.cjs');
+const require_http = require('./http-DbACqYyq.cjs');
+const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
+const es_toolkit = require_chunk.__toESM(require("es-toolkit"));
+const __fedify_vocab_runtime = require_chunk.__toESM(require("@fedify/vocab-runtime"));
+
+//#region src/utils/docloader.ts
+const logger$1 = (0, __logtape_logtape.getLogger)([
+	"fedify",
+	"utils",
+	"docloader"
+]);
+/**
+* Gets an authenticated {@link DocumentLoader} for the given identity.
+* Note that an authenticated document loader intentionally does not cache
+* the fetched documents.
+* @param identity The identity to get the document loader for.
+*                 The actor's key pair.
+* @param options The options for the document loader.
+* @returns The authenticated document loader.
+* @throws {TypeError} If the key is invalid or unsupported.
+* @since 0.4.0
+*/
+function getAuthenticatedDocumentLoader(identity, { allowPrivateAddress, userAgent, specDeterminer, tracerProvider } = {}) {
+	require_http.validateCryptoKey(identity.privateKey);
+	async function load(url, options) {
+		if (!allowPrivateAddress) try {
+			await (0, __fedify_vocab_runtime.validatePublicUrl)(url);
+		} catch (error) {
+			if (error instanceof __fedify_vocab_runtime.UrlError) logger$1.error("Disallowed private URL: {url}", {
+				url,
+				error
+			});
+			throw error;
+		}
+		const originalRequest = (0, __fedify_vocab_runtime.createActivityPubRequest)(url, { userAgent });
+		const response = await require_http.doubleKnock(originalRequest, identity, {
+			specDeterminer,
+			log: (0, es_toolkit.curry)(__fedify_vocab_runtime.logRequest)(logger$1),
+			tracerProvider,
+			signal: options?.signal
+		});
+		return (0, __fedify_vocab_runtime.getRemoteDocument)(url, response, load);
+	}
+	return load;
+}
+const _fetchDocumentLoader = (0, __fedify_vocab_runtime.getDocumentLoader)();
+const _fetchDocumentLoader_allowPrivateAddress = (0, __fedify_vocab_runtime.getDocumentLoader)({ allowPrivateAddress: true });
+
+//#endregion
+//#region src/utils/kv-cache.ts
+const logger = (0, __logtape_logtape.getLogger)([
+	"fedify",
+	"utils",
+	"kv-cache"
+]);
+/**
+* Decorates a {@link DocumentLoader} with a cache backed by a {@link Deno.Kv}.
+* @param parameters The parameters for the cache.
+* @returns The decorated document loader which is cache-enabled.
+*/
+function kvCache({ loader, kv, prefix, rules }) {
+	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
+	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
+	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	return async (url, options) => {
+		if (url in __fedify_vocab_runtime.preloadedContexts) {
+			logger.debug("Using preloaded context: {url}.", { url });
+			return {
+				contextUrl: null,
+				document: __fedify_vocab_runtime.preloadedContexts[url],
+				documentUrl: url
+			};
+		}
+		const match = matchRule(url, rules);
+		if (match == null) return await loader(url, options);
+		const key = [...keyPrefix, url];
+		let cache = void 0;
+		try {
+			cache = await kv.get(key);
+		} catch (error) {
+			if (error instanceof Error) logger.warn("Failed to get the document of {url} from the KV cache: {error}", {
+				url,
+				error
+			});
+		}
+		if (cache == null) {
+			const remoteDoc = await loader(url, options);
+			try {
+				await kv.set(key, remoteDoc, { ttl: match });
+			} catch (error) {
+				logger.warn("Failed to save the document of {url} to the KV cache: {error}", {
+					url,
+					error
+				});
+			}
+			return remoteDoc;
+		}
+		return cache;
+	};
+}
+function matchRule(url, rules) {
+	for (const [pattern, d] of rules) {
+		const duration = d instanceof Temporal.Duration ? d : Temporal.Duration.from(d);
+		if (typeof pattern === "string") {
+			if (url === pattern) return duration;
+			continue;
+		}
+		if (pattern instanceof URL) {
+			if (pattern.href == url) return duration;
+			continue;
+		}
+		if (pattern.test(url)) return duration;
+	}
+	return null;
+}
+
+//#endregion
+Object.defineProperty(exports, 'getAuthenticatedDocumentLoader', {
+  enumerable: true,
+  get: function () {
+    return getAuthenticatedDocumentLoader;
+  }
+});
+Object.defineProperty(exports, 'kvCache', {
+  enumerable: true,
+  get: function () {
+    return kvCache;
+  }
+});

package/dist/{ld-PkXepnwg.js → ld-D_Jn1aGa.js}

@@ -3,9 +3,11 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, CryptographicKey, Object as Object$1, deno_default, getDocumentLoader, getTypeId } from "./type-B7_rMIU9.js";
-import { fetchKey, validateCryptoKey } from "./key-q4xxkABj.js";
+import { deno_default } from "./deno-CQV858ip.js";
+import { fetchKey, validateCryptoKey } from "./key-C27c_yHR.js";
 import { getLogger } from "@logtape/logtape";
+import { Activity, CryptographicKey, Object as Object$1, getTypeId } from "@fedify/vocab";
+import { getDocumentLoader } from "@fedify/vocab-runtime";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
 import { encodeHex } from "byte-encodings/hex";
@@ -182,7 +184,7 @@ async function verifySignature(jsonLd, options = {}) {
 	const encoder = new TextEncoder();
 	const message = sigOptsHash + docHash;
 	const messageBytes = encoder.encode(message);
-	const verified = await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature, messageBytes);
+	const verified = await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes);
 	if (verified) return key;
 	if (cached) {
 		logger.debug("Failed to verify with the cached key {keyId}; signature {signatureValue} is invalid.  Retrying with the freshly fetched key...", {
@@ -197,7 +199,7 @@ async function verifySignature(jsonLd, options = {}) {
 			}
 		});
 		if (key$1 == null) return null;
-		const verified$1 = await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key$1.publicKey, signature, messageBytes);
+		const verified$1 = await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key$1.publicKey, signature.slice(), messageBytes);
 		return verified$1 ? key$1 : null;
 	}
 	logger.debug("Failed to verify with the fetched key {keyId}; signature {signatureValue} is invalid.  Check if the key is correct or if the signed message is correct.  The message to sign is:\n{message}", {

package/dist/middleware-BVqYHBWm.cjs

@@ -0,0 +1,12 @@
+
+          const { Temporal } = require("@js-temporal/polyfill");
+          const { URLPattern } = require("urlpattern-polyfill");
+        
+require('./transformers-BjBg6Lag.cjs');
+require('./http-DbACqYyq.cjs');
+const require_middleware = require('./middleware-CAJR7KGo.cjs');
+require('./proof-Bx2JqJ-D.cjs');
+require('./types-Q-qkJXBV.cjs');
+require('./kv-cache-rPOPQdj9.cjs');
+
+exports.FederationImpl = require_middleware.FederationImpl;