@fedify/fedify 2.0.0-dev.1641 → 2.0.0-dev.1726

package/dist/{middleware-ByPnvMMS.js → middleware-HKKY6sAX.js}

@@ -3,22 +3,23 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, Collection, CollectionPage, CryptographicKey, Link, Multikey, Object as Object$1, OrderedCollection, OrderedCollectionPage, deno_default, getDocumentLoader, getTypeId, kvCache, lookupWebFinger } from "./type-B4NJkfVg.js";
-import { getNodeInfo } from "./client-BW4V0OJx.js";
-import { RouterError, lookupObject, traverseCollection } from "./lookup-CiU3QxQz.js";
+import { Activity, Collection, CollectionPage, CryptographicKey, Link, Multikey, Object as Object$1, OrderedCollection, OrderedCollectionPage, deno_default, getDocumentLoader, getTypeId, kvCache, lookupWebFinger } from "./type-D_8QzkEn.js";
+import { getNodeInfo } from "./client-BfzV3u96.js";
+import { RouterError, lookupObject, traverseCollection } from "./lookup-VSVPBU3J.js";
 import { nodeInfoToJson } from "./types-BSuWJsOm.js";
-import { exportJwk, importJwk, validateCryptoKey } from "./key-CfiBDu3o.js";
-import { verifyRequest } from "./http-Cox5GsED.js";
-import { getAuthenticatedDocumentLoader } from "./authdocloader-BkIZCKQv.js";
-import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-CxgmnSO3.js";
-import { doesActorOwnKey, getKeyOwner } from "./owner-Cxob5_PK.js";
-import { signObject, verifyObject } from "./proof-BiSQNUmQ.js";
-import { routeActivity } from "./inbox-BDdRbWNI.js";
-import { FederationBuilderImpl } from "./builder-E2Icrl_a.js";
+import { exportJwk, importJwk, validateCryptoKey } from "./key-CIIkeide.js";
+import { verifyRequest } from "./http-Danw_xTY.js";
+import { getAuthenticatedDocumentLoader } from "./authdocloader-DevmXsTo.js";
+import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-C7KL1MK2.js";
+import { doesActorOwnKey, getKeyOwner } from "./owner-COcyel6J.js";
+import { signObject, verifyObject } from "./proof-Cpk853lc.js";
+import { routeActivity } from "./inbox-Blp5F74G.js";
+import { FederationBuilderImpl } from "./builder-CGF1vv7G.js";
 import { buildCollectionSynchronizationHeader } from "./collection-CcnIw1qY.js";
-import { KvKeyCache } from "./keycache-CVBjz3xi.js";
-import { createExponentialBackoffPolicy } from "./retry-CfF8Gn4d.js";
-import { extractInboxes, sendActivity } from "./send-DSEhWIYD.js";
+import { KvKeyCache } from "./keycache-Covv8lvK.js";
+import { acceptsJsonLd } from "./negotiation-5NPJL6zp.js";
+import { createExponentialBackoffPolicy } from "./retry-D4GJ670a.js";
+import { extractInboxes, sendActivity } from "./send-C7A7_big.js";
 import { getLogger, withContext } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, context, propagation, trace } from "@opentelemetry/api";
 import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_HTTP_RESPONSE_HEADER, ATTR_HTTP_RESPONSE_STATUS_CODE, ATTR_URL_FULL } from "@opentelemetry/semantic-conventions";
@@ -297,73 +298,8 @@ async function handleWebFingerInternal(request, { context: context$1, host, acto
 	} });
 }
 
-//#endregion
-//#region src/federation/negotiation.ts
-function compareSpecs(a, b) {
-	return b.q - a.q || (b.s ?? 0) - (a.s ?? 0) || (a.o ?? 0) - (b.o ?? 0) || a.i - b.i || 0;
-}
-function isQuality(spec) {
-	return spec.q > 0;
-}
-const simpleMediaTypeRegExp = /^\s*([^\s\/;]+)\/([^;\s]+)\s*(?:;(.*))?$/;
-function splitKeyValuePair(str) {
-	const [key, value] = str.split("=");
-	return [key.toLowerCase(), value];
-}
-function parseMediaType(str, i) {
-	const match = simpleMediaTypeRegExp.exec(str);
-	if (!match) return;
-	const [, type, subtype, parameters] = match;
-	if (!type || !subtype) return;
-	const params = Object.create(null);
-	let q = 1;
-	if (parameters) {
-		const kvps = parameters.split(";").map((p) => p.trim()).map(splitKeyValuePair);
-		for (const [key, val] of kvps) {
-			const value = val && val[0] === `"` && val[val.length - 1] === `"` ? val.slice(1, val.length - 1) : val;
-			if (key === "q" && value) {
-				q = parseFloat(value);
-				break;
-			}
-			params[key] = value;
-		}
-	}
-	return {
-		type,
-		subtype,
-		params,
-		i,
-		o: void 0,
-		q,
-		s: void 0
-	};
-}
-function parseAccept(accept) {
-	const accepts = accept.split(",").map((p) => p.trim());
-	const mediaTypes = [];
-	for (const [index, accept$1] of accepts.entries()) {
-		const mediaType = parseMediaType(accept$1.trim(), index);
-		if (mediaType) mediaTypes.push(mediaType);
-	}
-	return mediaTypes;
-}
-function getFullType(spec) {
-	return `${spec.type}/${spec.subtype}`;
-}
-function preferredMediaTypes(accept) {
-	const accepts = parseAccept(accept === void 0 ? "*/*" : accept ?? "");
-	return accepts.filter(isQuality).sort(compareSpecs).map(getFullType);
-}
-
 //#endregion
 //#region src/federation/handler.ts
-function acceptsJsonLd(request) {
-	const accept = request.headers.get("Accept");
-	const types = accept ? preferredMediaTypes(accept) : ["*/*"];
-	if (types == null) return true;
-	if (types[0] === "text/html" || types[0] === "application/xhtml+xml") return false;
-	return types.includes("application/activity+json") || types.includes("application/ld+json") || types.includes("application/json");
-}
 /**
 * Handles an actor request.
 * @template TContextData The context data to pass to the context.
@@ -371,7 +307,7 @@ function acceptsJsonLd(request) {
 * @param parameters The parameters for handling the actor.
 * @returns A promise that resolves to an HTTP response.
 */
-async function handleActor(request, { identifier, context: context$1, actorDispatcher, authorizePredicate, onNotFound, onNotAcceptable, onUnauthorized }) {
+async function handleActor(request, { identifier, context: context$1, actorDispatcher, authorizePredicate, onNotFound, onUnauthorized }) {
 	const logger$2 = getLogger([
 		"fedify",
 		"federation",
@@ -386,7 +322,6 @@ async function handleActor(request, { identifier, context: context$1, actorDispa
 		logger$2.debug("Actor {identifier} not found.", { identifier });
 		return await onNotFound(request);
 	}
-	if (!acceptsJsonLd(request)) return await onNotAcceptable(request);
 	if (authorizePredicate != null) {
 		let key = await context$1.getSignedKey();
 		key = key?.clone({}, { $warning: {
@@ -421,11 +356,10 @@ async function handleActor(request, { identifier, context: context$1, actorDispa
 * @param parameters The parameters for handling the object.
 * @returns A promise that resolves to an HTTP response.
 */
-async function handleObject(request, { values, context: context$1, objectDispatcher, authorizePredicate, onNotFound, onNotAcceptable, onUnauthorized }) {
+async function handleObject(request, { values, context: context$1, objectDispatcher, authorizePredicate, onNotFound, onUnauthorized }) {
 	if (objectDispatcher == null) return await onNotFound(request);
 	const object = await objectDispatcher(context$1, values);
 	if (object == null) return await onNotFound(request);
-	if (!acceptsJsonLd(request)) return await onNotAcceptable(request);
 	if (authorizePredicate != null) {
 		let key = await context$1.getSignedKey();
 		key = key?.clone({}, { $warning: {
@@ -463,7 +397,7 @@ async function handleObject(request, { values, context: context$1, objectDispatc
 * @param parameters The parameters for handling the collection.
 * @returns A promise that resolves to an HTTP response.
 */
-async function handleCollection(request, { name, identifier, uriGetter, filter, filterPredicate, context: context$1, collectionCallbacks, tracerProvider, onUnauthorized, onNotFound, onNotAcceptable }) {
+async function handleCollection(request, { name, identifier, uriGetter, filter, filterPredicate, context: context$1, collectionCallbacks, tracerProvider, onUnauthorized, onNotFound }) {
 	const spanName = name.trim().replace(/\s+/g, "_");
 	tracerProvider = tracerProvider ?? trace.getTracerProvider();
 	const tracer = tracerProvider.getTracer(deno_default.name, deno_default.version);
@@ -576,7 +510,6 @@ async function handleCollection(request, { name, identifier, uriGetter, filter,
 			partOf
 		});
 	}
-	if (!acceptsJsonLd(request)) return await onNotAcceptable(request);
 	if (collectionCallbacks.authorizePredicate != null) {
 		let key = await context$1.getSignedKey();
 		key = key?.clone({}, { $warning: {
@@ -671,7 +604,8 @@ async function handleInbox(request, options) {
 * @param span The OpenTelemetry span for tracing.
 * @returns A promise that resolves to an HTTP response.
 */
-async function handleInboxInternal(request, { recipient, context: ctx, inboxContextFactory, kv, kvPrefixes, queue, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, skipSignatureVerification, tracerProvider }, span) {
+async function handleInboxInternal(request, parameters, span) {
+	const { recipient, context: ctx, inboxContextFactory, kv, kvPrefixes, queue, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, skipSignatureVerification, tracerProvider } = parameters;
 	const logger$2 = getLogger([
 		"fedify",
 		"federation",
@@ -873,7 +807,8 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 		kvPrefixes,
 		queue,
 		span,
-		tracerProvider
+		tracerProvider,
+		idempotencyStrategy: parameters.idempotencyStrategy
 	});
 	if (routeResult === "alreadyProcessed") return new Response(`Activity <${activity.id}> has already been processed.`, {
 		status: 202,
@@ -903,7 +838,7 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 /**
 * Handles a custom collection request.
 * @template TItem The type of items in the collection.
-* @template TParams The parameter names of the requested URL.
+* @template TParam The parameter names of the requested URL.
 * @template TContext The type of the context, extending {@link RequestContext}.
 * @template TContextData The context data to pass to the `TContext`.
 * @param request The HTTP request.
@@ -914,7 +849,6 @@ async function handleInboxInternal(request, { recipient, context: ctx, inboxCont
 const handleCustomCollection = exceptWrapper(_handleCustomCollection);
 async function _handleCustomCollection(request, { name, values, context: context$1, tracerProvider, collectionCallbacks: callbacks, filterPredicate }) {
 	verifyDefined(callbacks);
-	verifyJsonLdRequest(request);
 	await authIfNeeded(context$1, values, callbacks);
 	const cursor = new URL(request.url).searchParams.get("cursor");
 	return await new CustomCollectionHandler(name, values, context$1, callbacks, tracerProvider, Collection, CollectionPage, filterPredicate).fetchCollection(cursor).toJsonLd().then(respondAsActivity);
@@ -922,7 +856,7 @@ async function _handleCustomCollection(request, { name, values, context: context
 /**
 * Handles an ordered collection request.
 * @template TItem The type of items in the collection.
-* @template TParams The parameter names of the requested URL.
+* @template TParam The parameter names of the requested URL.
 * @template TContext The type of the context, extending {@link RequestContext}.
 * @template TContextData The context data to pass to the `TContext`.
 * @param request The HTTP request.
@@ -933,7 +867,6 @@ async function _handleCustomCollection(request, { name, values, context: context
 const handleOrderedCollection = exceptWrapper(_handleOrderedCollection);
 async function _handleOrderedCollection(request, { name, values, context: context$1, tracerProvider, collectionCallbacks: callbacks, filterPredicate }) {
 	verifyDefined(callbacks);
-	verifyJsonLdRequest(request);
 	await authIfNeeded(context$1, values, callbacks);
 	const cursor = new URL(request.url).searchParams.get("cursor");
 	return await new CustomCollectionHandler(name, values, context$1, callbacks, tracerProvider, OrderedCollection, OrderedCollectionPage, filterPredicate).fetchCollection(cursor).toJsonLd().then(respondAsActivity);
@@ -943,7 +876,7 @@ async function _handleOrderedCollection(request, { name, values, context: contex
 * The main flow is on `getCollection`, `dispatch`.
 *
 * @template TItem The type of items in the collection.
-* @template TParams The parameter names of the requested URL.
+* @template TParam The parameter names of the requested URL.
 * @template TContext The type of the context. {@link Context} or {@link RequestContext}.
 * @template TContextData The context data to pass to the `TContext`.
 * @template TCollection The type of the collection, extending {@link Collection}.
@@ -977,14 +910,14 @@ var CustomCollectionHandler = class {
 	#collection = null;
 	/**
 	* Creates a new CustomCollection instance.
-	* @param {string} name The name of the collection.
-	* @param {TParams} values The parameter values for the collection.
-	* @param {TContext} context The request context.
-	* @param {CustomCollectionCallbacks} callbacks The collection callbacks.
-	* @param {TracerProvider} tracerProvider The tracer provider for telemetry.
-	* @param {ConstructorWithTypeId<TCollection>} Collection The Collection constructor.
-	* @param {ConstructorWithTypeId<TCollectionPage>} CollectionPage The CollectionPage constructor.
-	* @param {(item: TItem) => boolean} filterPredicate Optional filter predicate for items.
+	* @param name The name of the collection.
+	* @param values The parameter values for the collection.
+	* @param context The request context.
+	* @param callbacks The collection callbacks.
+	* @param tracerProvider The tracer provider for telemetry.
+	* @param Collection The Collection constructor.
+	* @param CollectionPage The CollectionPage constructor.
+	* @param filterPredicate Optional filter predicate for items.
 	*/
 	constructor(name, values, context$1, callbacks, tracerProvider = trace.getTracerProvider(), Collection$1, CollectionPage$1, filterPredicate) {
 		this.name = name;
@@ -1109,7 +1042,7 @@ var CustomCollectionHandler = class {
 	/**
 	* Creates a function to wrap the dispatcher so tracing can be applied.
 	* @param params Parameters including cursor and total items.
-	* @returns {(span: Span) => Promise<PageItems<TItem>>} A function that handles the span operation.
+	* @returns A function that handles the span operation.
 	*/
 	spanPages = ({ totalItems = null, cursor = null }) => async (span) => {
 		try {
@@ -1130,23 +1063,23 @@ var CustomCollectionHandler = class {
 	};
 	/**
 	* Dispatches the collection request to get items.
-	* @param {string | null} cursor The cursor for pagination, or null for the first page.
-	* @returns {Promise<PageItems<TItem>>} A promise that resolves to the page items.
+	* @param cursor The cursor for pagination, or null for the first page.
+	* @returns A promise that resolves to the page items.
 	*/
 	async dispatch(cursor = null) {
 		return await this.#dispatcher(this.context, this.values, cursor) ?? new ItemsNotFoundError().throw();
 	}
 	/**
 	* Filters the items in the collection.
-	* @param {TItem[]} items The items to filter.
-	* @returns {(Object | Link | URL)[]} The filtered items.
+	* @param items The items to filter.
+	* @returns The filtered items.
 	*/
 	filterItems(items) {
 		return filterCollectionItems(items, this.name, this.filterPredicate);
 	}
 	/**
 	* Appends a cursor to the URL if it exists.
-	* @param {string | null | undefined} cursor The cursor to append, or null/undefined.
+	* @param cursor The cursor to append, or null/undefined.
 	* @returns The URL with cursor appended, or null if cursor is null/undefined.
 	*/
 	appendToUrl(cursor) {
@@ -1154,8 +1087,7 @@ var CustomCollectionHandler = class {
 	}
 	/**
 	* Gets the stored collection or collection page.
-	* @returns {Promise<TCollection | TCollectionPage>} A promise that resolves to
-	the collection or collection page.
+	* @returns A promise that resolves to the collection or collection page.
 	*/
 	get collection() {
 		if (this.#collection === null) this.#collection = this.getCollection();
@@ -1163,8 +1095,8 @@ var CustomCollectionHandler = class {
 	}
 	/**
 	* Gets the total number of items in the collection.
-	* @returns {Promise<number | null>} A promise that
-	resolves to the total items count, or null if not available.
+	* @returns A promise that resolves to the total items count,
+	*          or null if not available.
 	*/
 	get totalItems() {
 		if (this.#totalItems === void 0) this.totalItems = this.callbacks.counter?.(this.context, this.values);
@@ -1180,8 +1112,8 @@ var CustomCollectionHandler = class {
 	}
 	/**
 	* Gets the first cursor for pagination.
-	* @returns {Promise<string | null>} A promise that resolves to the first cursor,
-	or null if not available.
+	* @returns A promise that resolves to the first cursor,
+	*          or null if not available.
 	*/
 	get firstCursor() {
 		const cursor = this.callbacks.firstCursor?.(this.context, this.values);
@@ -1211,10 +1143,9 @@ function exceptWrapper(handler) {
 		try {
 			return await handler(request, handlerParams);
 		} catch (error) {
-			const { onNotFound, onNotAcceptable, onUnauthorized } = handlerParams;
+			const { onNotFound, onUnauthorized } = handlerParams;
 			switch (error?.constructor) {
 				case ItemsNotFoundError: return await onNotFound(request);
-				case NotAcceptableError: return await onNotAcceptable(request);
 				case UnauthorizedError: return await onUnauthorized(request);
 				default: throw error;
 			}
@@ -1232,15 +1163,6 @@ const verifyDefined = (callbacks) => {
 	if (callbacks === void 0) throw new ItemsNotFoundError();
 };
 /**
-* Verifies that a request accepts JSON-LD content type.
-* @param request The HTTP request to verify.
-* @throws {NotAcceptableError} If the request doesn't accept JSON-LD.
-* @since 1.8.0
-*/
-const verifyJsonLdRequest = (request) => {
-	if (!acceptsJsonLd(request)) throw new NotAcceptableError();
-};
-/**
 * Performs authorization if needed based on the authorization predicate.
 * @template TContextData The context data type.
 * @param {RequestContext<TContextData>} context The request context.
@@ -1324,15 +1246,6 @@ var ItemsNotFoundError = class extends HandlerError {
 	}
 };
 /**
-* Error thrown when the request is not acceptable (e.g., wrong content type).
-* @since 1.8.0
-*/
-var NotAcceptableError = class extends HandlerError {
-	constructor() {
-		super("The request is not acceptable.");
-	}
-};
-/**
 * Error thrown when access to a collection is unauthorized.
 * @since 1.8.0
 */
@@ -1405,7 +1318,6 @@ var FederationImpl = class extends FederationBuilderImpl {
 	firstKnock;
 	constructor(options) {
 		super();
-		const logger$2 = getLogger(["fedify", "federation"]);
 		this.kv = options.kv;
 		this.kvPrefixes = {
 			activityIdempotence: ["_fedify", "activityIdempotence"],
@@ -1453,8 +1365,9 @@ var FederationImpl = class extends FederationBuilderImpl {
 		this.router.trailingSlashInsensitive = options.trailingSlashInsensitive ?? false;
 		this._initializeRouter();
 		if (options.allowPrivateAddress || options.userAgent != null) {
-			if (options.contextLoader != null) throw new TypeError("Cannot set contextLoader with allowPrivateAddress or userAgent options.");
-			else if (options.authenticatedDocumentLoaderFactory != null) throw new TypeError("Cannot set authenticatedDocumentLoaderFactory with allowPrivateAddress or userAgent options.");
+			if (options.documentLoaderFactory != null) throw new TypeError("Cannot set documentLoaderFactory with allowPrivateAddress or userAgent options.");
+			if (options.contextLoaderFactory != null) throw new TypeError("Cannot set contextLoaderFactory with allowPrivateAddress or userAgent options.");
+			if (options.authenticatedDocumentLoaderFactory != null) throw new TypeError("Cannot set authenticatedDocumentLoaderFactory with allowPrivateAddress or userAgent options.");
 		}
 		const { allowPrivateAddress, userAgent } = options;
 		this.allowPrivateAddress = allowPrivateAddress ?? false;
@@ -1468,11 +1381,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				prefix: this.kvPrefixes.remoteDocument
 			});
 		});
-		if (options.contextLoader != null) {
-			if (options.contextLoaderFactory != null) throw new TypeError("Cannot set both contextLoader and contextLoaderFactory options at a time; use contextLoaderFactory only.");
-			this.contextLoaderFactory = () => options.contextLoader;
-			logger$2.warn("The contextLoader option is deprecated; use contextLoaderFactory option instead.");
-		} else this.contextLoaderFactory = options.contextLoaderFactory ?? this.documentLoaderFactory;
+		this.contextLoaderFactory = options.contextLoaderFactory ?? this.documentLoaderFactory;
 		this.authenticatedDocumentLoaderFactory = options.authenticatedDocumentLoaderFactory ?? ((identity) => getAuthenticatedDocumentLoader(identity, {
 			allowPrivateAddress,
 			userAgent,
@@ -2011,6 +1920,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 						span,
 						tracer
 					});
+					if (acceptsJsonLd(request)) response.headers.set("Vary", "Accept");
 				} catch (error) {
 					span.setStatus({
 						code: SpanStatusCode.ERROR,
@@ -2074,6 +1984,9 @@ var FederationImpl = class extends FederationBuilderImpl {
 				context: context$1,
 				nodeInfoDispatcher: this.nodeInfoDispatcher
 			});
+		}
+		if (request.method !== "POST" && !acceptsJsonLd(request)) return await onNotAcceptable(request);
+		switch (routeName) {
 			case "actor":
 				context$1 = this.#createContext(request, contextData, { invokedFromActorDispatcher: { identifier: route.values.identifier ?? route.values.handle } });
 				return await handleActor(request, {
@@ -2082,8 +1995,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					actorDispatcher: this.actorCallbacks?.dispatcher,
 					authorizePredicate: this.actorCallbacks?.authorizePredicate,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 			case "object": {
 				const typeId = route.name.replace(/^object:/, "");
@@ -2099,8 +2011,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					objectDispatcher: callbacks?.dispatcher,
 					authorizePredicate: callbacks?.authorizePredicate,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 			}
 			case "outbox": return await handleCollection(request, {
@@ -2111,8 +2022,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				collectionCallbacks: this.outboxCallbacks,
 				tracerProvider: this.tracerProvider,
 				onUnauthorized,
-				onNotFound,
-				onNotAcceptable
+				onNotFound
 			});
 			case "inbox":
 				if (request.method !== "POST") return await handleCollection(request, {
@@ -2123,8 +2033,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					collectionCallbacks: this.inboxCallbacks,
 					tracerProvider: this.tracerProvider,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 				context$1 = this.#createContext(request, contextData, { documentLoader: await context$1.getDocumentLoader({ identifier: route.values.identifier ?? route.values.handle }) });
 			case "sharedInbox":
@@ -2146,7 +2055,8 @@ var FederationImpl = class extends FederationBuilderImpl {
 					onNotFound,
 					signatureTimeWindow: this.signatureTimeWindow,
 					skipSignatureVerification: this.skipSignatureVerification,
-					tracerProvider: this.tracerProvider
+					tracerProvider: this.tracerProvider,
+					idempotencyStrategy: this.idempotencyStrategy
 				});
 			case "following": return await handleCollection(request, {
 				name: "following",
@@ -2156,8 +2066,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				collectionCallbacks: this.followingCallbacks,
 				tracerProvider: this.tracerProvider,
 				onUnauthorized,
-				onNotFound,
-				onNotAcceptable
+				onNotFound
 			});
 			case "followers": {
 				let baseUrl = url.searchParams.get("base-url");
@@ -2180,8 +2089,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					collectionCallbacks: this.followersCallbacks,
 					tracerProvider: this.tracerProvider,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 			}
 			case "liked": return await handleCollection(request, {
@@ -2192,8 +2100,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				collectionCallbacks: this.likedCallbacks,
 				tracerProvider: this.tracerProvider,
 				onUnauthorized,
-				onNotFound,
-				onNotAcceptable
+				onNotFound
 			});
 			case "featured": return await handleCollection(request, {
 				name: "featured",
@@ -2203,8 +2110,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				collectionCallbacks: this.featuredCallbacks,
 				tracerProvider: this.tracerProvider,
 				onUnauthorized,
-				onNotFound,
-				onNotAcceptable
+				onNotFound
 			});
 			case "featuredTags": return await handleCollection(request, {
 				name: "featured tags",
@@ -2214,8 +2120,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 				collectionCallbacks: this.featuredTagsCallbacks,
 				tracerProvider: this.tracerProvider,
 				onUnauthorized,
-				onNotFound,
-				onNotAcceptable
+				onNotFound
 			});
 			case "collection": {
 				const name = route.name.replace(/^collection:/, "");
@@ -2227,8 +2132,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					collectionCallbacks: callbacks,
 					tracerProvider: this.tracerProvider,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 			}
 			case "orderedCollection": {
@@ -2241,8 +2145,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					collectionCallbacks: callbacks,
 					tracerProvider: this.tracerProvider,
 					onUnauthorized,
-					onNotFound,
-					onNotAcceptable
+					onNotFound
 				});
 			}
 			default: {
@@ -2896,7 +2799,8 @@ var ContextImpl = class ContextImpl {
 			kvPrefixes: this.federation.kvPrefixes,
 			queue: this.federation.inboxQueue,
 			span,
-			tracerProvider: options.tracerProvider ?? this.tracerProvider
+			tracerProvider: options.tracerProvider ?? this.tracerProvider,
+			idempotencyStrategy: this.federation.idempotencyStrategy
 		});
 		return routeResult === "alreadyProcessed" || routeResult === "enqueued" || routeResult === "unsupportedActivity" || routeResult === "success";
 	}
@@ -3210,4 +3114,4 @@ function getRequestId(request) {
 }
 
 //#endregion
-export { ContextImpl, FederationImpl, InboxContextImpl, KvSpecDeterminer, acceptsJsonLd, actorDehydrator, autoIdAssigner, createFederation, handleActor, handleCollection, handleCustomCollection, handleInbox, handleNodeInfo, handleNodeInfoJrd, handleObject, handleWebFinger, respondWithObject, respondWithObjectIfAcceptable };
+export { ContextImpl, FederationImpl, InboxContextImpl, KvSpecDeterminer, actorDehydrator, autoIdAssigner, createFederation, handleActor, handleCollection, handleCustomCollection, handleInbox, handleNodeInfo, handleNodeInfoJrd, handleObject, handleWebFinger, respondWithObject, respondWithObjectIfAcceptable };

package/dist/{mod-Drmz72EK.d.ts → mod-BhUKmBJD.d.ts}

@@ -1,8 +1,8 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { DocumentLoader } from "./docloader-CxWcuWqQ.js";
-import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-SOE1ifCr.js";
-import { KeyCache } from "./http-DqSNLFNY.js";
+import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-BI0Ak5lL.js";
+import { KeyCache } from "./http-D6Uj2x2y.js";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/sig/ld.d.ts

package/dist/{mod-TFoH2Ql8.d.ts → mod-CerN_Sza.d.ts}

@@ -1,7 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { DocumentLoader, DocumentLoaderFactoryOptions } from "./docloader-CxWcuWqQ.js";
-import { HttpMessageSignaturesSpecDeterminer } from "./http-DqSNLFNY.js";
+import { HttpMessageSignaturesSpecDeterminer } from "./http-D6Uj2x2y.js";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/runtime/authdocloader.d.ts

package/dist/{mod-Dc_-mf8s.d.cts → mod-Cj1tHXBR.d.cts}

@@ -1,5 +1,5 @@
 import { DocumentLoader, DocumentLoaderFactoryOptions } from "./docloader-D-MrRyHl.cjs";
-import { HttpMessageSignaturesSpecDeterminer } from "./http-BS6766zs.cjs";
+import { HttpMessageSignaturesSpecDeterminer } from "./http-D-e6AFwR.cjs";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/runtime/authdocloader.d.ts

package/dist/{mod-evzlRVZq.d.cts → mod-CxkWO3Mg.d.cts}

@@ -1,5 +1,5 @@
 import { DocumentLoader, GetUserAgentOptions } from "./docloader-D-MrRyHl.cjs";
-import { Collection, Link, Object as Object$1 } from "./vocab-DJTYMqyU.cjs";
+import { Collection, Link, Object as Object$1 } from "./vocab-Dw1-yVGg.cjs";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/vocab/lookup.d.ts
@@ -18,6 +18,24 @@ interface LookupObjectOptions {
    * @since 0.8.0
    */
   contextLoader?: DocumentLoader;
+  /**
+   * Whether to allow fetching an object with an `@id` having a different
+   * origin than the object's URL.  This is not recommended, as it may
+   * lead to security issues.  Only use this option if you know what you
+   * are doing.
+   *
+   * How to handle the case when an object's `@id` has a different origin
+   * than the object's URL:
+   *
+   *  -  `"ignore"` (default): Do not return the object, and log a warning.
+   *  -  `"throw"`: Throw an error.
+   *  -  `"trust"`: Bypass the check and return the object anyway.  This
+   *     is not recommended, as it may lead to security issues.  Only use
+   *     this option if you know what you are doing.
+   *
+   * @since 1.9.0
+   */
+  crossOrigin?: "ignore" | "throw" | "trust";
   /**
    * The options for making `User-Agent` header.
    * If a string is given, it is used as the `User-Agent` header value.

package/dist/{mod-RI3-KvUI.d.ts → mod-DcKxhFQ8.d.ts}

@@ -1,7 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { Activity } from "./vocab-SOE1ifCr.js";
-import { ActivityTransformer, Context } from "./context-CDSZdQHD.js";
+import { Activity } from "./vocab-BI0Ak5lL.js";
+import { ActivityTransformer, Context } from "./context-B1X8-X33.js";
 
 //#region src/compat/transformers.d.ts
 

package/dist/{mod-BClfg3ej.d.cts → mod-Djzcw2ry.d.cts}

@@ -1,6 +1,6 @@
 import { DocumentLoader } from "./docloader-D-MrRyHl.cjs";
-import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-DJTYMqyU.cjs";
-import { KeyCache } from "./http-BS6766zs.cjs";
+import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-Dw1-yVGg.cjs";
+import { KeyCache } from "./http-D-e6AFwR.cjs";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/sig/ld.d.ts

package/dist/{mod-Cxt4Kpf6.d.ts → mod-DlU8ISoa.d.ts}

@@ -1,7 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { DocumentLoader, GetUserAgentOptions } from "./docloader-CxWcuWqQ.js";
-import { Collection, Link, Object as Object$1 } from "./vocab-SOE1ifCr.js";
+import { Collection, Link, Object as Object$1 } from "./vocab-BI0Ak5lL.js";
 import { TracerProvider } from "@opentelemetry/api";
 
 //#region src/vocab/lookup.d.ts
@@ -20,6 +20,24 @@ interface LookupObjectOptions {
    * @since 0.8.0
    */
   contextLoader?: DocumentLoader;
+  /**
+   * Whether to allow fetching an object with an `@id` having a different
+   * origin than the object's URL.  This is not recommended, as it may
+   * lead to security issues.  Only use this option if you know what you
+   * are doing.
+   *
+   * How to handle the case when an object's `@id` has a different origin
+   * than the object's URL:
+   *
+   *  -  `"ignore"` (default): Do not return the object, and log a warning.
+   *  -  `"throw"`: Throw an error.
+   *  -  `"trust"`: Bypass the check and return the object anyway.  This
+   *     is not recommended, as it may lead to security issues.  Only use
+   *     this option if you know what you are doing.
+   *
+   * @since 1.9.0
+   */
+  crossOrigin?: "ignore" | "throw" | "trust";
   /**
    * The options for making `User-Agent` header.
    * If a string is given, it is used as the `User-Agent` header value.

package/dist/{mod-BhMnAkFX.d.cts → mod-twdvV2hR.d.cts}

@@ -1,5 +1,5 @@
-import { Activity } from "./vocab-DJTYMqyU.cjs";
-import { ActivityTransformer, Context } from "./context-Dq8aCtMH.cjs";
+import { Activity } from "./vocab-Dw1-yVGg.cjs";
+import { ActivityTransformer, Context } from "./context-DYCJXr7J.cjs";
 
 //#region src/compat/transformers.d.ts