@fedify/fedify 2.0.0-pr.445.1694 → 2.0.0-pr.451.1730

package/dist/{docloader-Czl3xV10.js → kv-cache-ydIs4Ul6.js}

@@ -2,136 +2,58 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
+import { createActivityPubRequest, logRequest } from "./request-DKGQaofB.js";
+import { UrlError, validatePublicUrl } from "./lookup-BV3A9Zbc.js";
+import { doubleKnock, validateCryptoKey } from "./http-DcDb8r1W.js";
 import { getLogger } from "@logtape/logtape";
-import process from "node:process";
-import { lookup } from "node:dns/promises";
-import { isIP } from "node:net";
+import { getDocumentLoader, getRemoteDocument } from "@fedify/vocab-runtime";
+import { curry } from "@fxts/core";
 
-//#region deno.json
-var name = "@fedify/fedify";
-var version = "2.0.0-pr.445.1694+d0c7cd75";
-var license = "MIT";
-var exports = {
-	".": "./src/mod.ts",
-	"./compat": "./src/compat/mod.ts",
-	"./federation": "./src/federation/mod.ts",
-	"./nodeinfo": "./src/nodeinfo/mod.ts",
-	"./runtime": "./src/runtime/mod.ts",
-	"./sig": "./src/sig/mod.ts",
-	"./testing": "./src/testing/mod.ts",
-	"./vocab": "./src/vocab/mod.ts",
-	"./webfinger": "./src/webfinger/mod.ts",
-	"./x/cfworkers": "./src/x/cfworkers.ts",
-	"./x/denokv": "./src/x/denokv.ts",
-	"./x/fresh": "./src/x/fresh.ts",
-	"./x/hono": "./src/x/hono.ts",
-	"./x/sveltekit": "./src/x/sveltekit.ts"
-};
-var imports = {
-	"@cfworker/json-schema": "npm:@cfworker/json-schema@^4.1.1",
-	"@multiformats/base-x": "npm:@multiformats/base-x@^4.0.1",
-	"@opentelemetry/api": "npm:@opentelemetry/api@^1.9.0",
-	"@opentelemetry/semantic-conventions": "npm:@opentelemetry/semantic-conventions@^1.27.0",
-	"@std/assert": "jsr:@std/assert@^0.226.0",
-	"@std/testing": "jsr:@std/testing@^0.224.0",
-	"@std/url": "jsr:@std/url@^0.225.1",
-	"asn1js": "npm:asn1js@^3.0.5",
-	"byte-encodings": "npm:byte-encodings@^1.0.11",
-	"es-toolkit": "jsr:@es-toolkit/es-toolkit@^1.39.5",
-	"fast-check": "npm:fast-check@^3.22.0",
-	"fetch-mock": "npm:fetch-mock@^12.5.2",
-	"json-canon": "npm:json-canon@^1.0.1",
-	"jsonld": "npm:jsonld@^8.3.2",
-	"multicodec": "npm:multicodec@^3.2.1",
-	"pkijs": "npm:pkijs@^3.2.4",
-	"structured-field-values": "npm:structured-field-values@^2.0.4",
-	"uri-template-router": "npm:uri-template-router@^0.0.17",
-	"url-template": "npm:url-template@^3.1.1"
-};
-var include = ["src/vocab/vocab.ts"];
-var exclude = [
-	".test-report.xml",
-	"apidoc/",
-	"dist/",
-	"node_modules/",
-	"npm/",
-	"pnpm-lock.yaml",
-	"src/cfworkers/dist/",
-	"src/cfworkers/fixtures/",
-	"src/cfworkers/imports.ts",
-	"src/cfworkers/README.md",
-	"src/cfworkers/server.ts",
-	"src/cfworkers/server.js",
-	"src/cfworkers/server.js.map",
-	"src/codegen/schema.yaml",
-	"src/vocab/*.yaml",
-	"!src/vocab/vocab.ts"
-];
-var tasks = {
-	"codegen": "GENPATH=vocab-$(deno eval \"console.log(crypto.randomUUID());\").ts && deno run --allow-read --allow-write --check src/codegen/main.ts src/vocab/ ../runtime/ src/vocab/$GENPATH && deno fmt src/vocab/$GENPATH && mv src/vocab/$GENPATH src/vocab/vocab.ts && deno cache src/vocab/vocab.ts && deno check src/vocab/vocab.ts",
-	"cache": {
-		"command": "deno cache src/mod.ts",
-		"dependencies": ["codegen"]
-	},
-	"check": {
-		"command": "deno fmt --check && deno lint && deno check src/**/*.ts",
-		"dependencies": ["codegen"]
-	},
-	"test": {
-		"command": "deno test --check --doc --allow-read --allow-write --allow-env --unstable-kv --trace-leaks --parallel",
-		"dependencies": ["codegen"]
-	},
-	"coverage": "deno task test --clean --coverage && deno coverage --html coverage",
-	"bench": {
-		"command": "deno bench --allow-read --allow-write --allow-net --allow-env --allow-run --unstable-kv",
-		"dependencies": ["codegen"]
-	},
-	"apidoc": {
-		"command": "deno doc --html --name=Fedify --output=apidoc/ src/mod.ts",
-		"dependencies": ["codegen"]
-	},
-	"publish": {
-		"command": "deno publish",
-		"dependencies": ["codegen"]
-	},
-	"pnpm:install": "pnpm install --silent",
-	"pnpm:build": {
-		"command": "pnpm exec tsdown",
-		"dependencies": ["codegen", "pnpm:install"]
-	},
-	"test:node": {
-		"command": "cd dist/ && node --test",
-		"dependencies": ["pnpm:build"]
-	},
-	"test:bun": {
-		"command": "cd dist/ && bun test --timeout 60000",
-		"dependencies": ["pnpm:build"]
-	},
-	"test:cfworkers": {
-		"command": "pnpm exec wrangler deploy --dry-run --outdir src/cfworkers && node --import=tsx src/cfworkers/client.ts",
-		"dependencies": ["pnpm:build"]
-	},
-	"test-all": { "dependencies": [
-		"check",
-		"test",
-		"test:node",
-		"test:bun",
-		"test:cfworkers"
-	] }
-};
-var deno_default = {
-	name,
-	version,
-	license,
-	exports,
-	imports,
-	include,
-	exclude,
-	tasks
-};
+//#region src/utils/docloader.ts
+const logger$1 = getLogger([
+	"fedify",
+	"utils",
+	"docloader"
+]);
+/**
+* Gets an authenticated {@link DocumentLoader} for the given identity.
+* Note that an authenticated document loader intentionally does not cache
+* the fetched documents.
+* @param identity The identity to get the document loader for.
+*                 The actor's key pair.
+* @param options The options for the document loader.
+* @returns The authenticated document loader.
+* @throws {TypeError} If the key is invalid or unsupported.
+* @since 0.4.0
+*/
+function getAuthenticatedDocumentLoader(identity, { allowPrivateAddress, userAgent, specDeterminer, tracerProvider } = {}) {
+	validateCryptoKey(identity.privateKey);
+	async function load(url, options) {
+		if (!allowPrivateAddress) try {
+			await validatePublicUrl(url);
+		} catch (error) {
+			if (error instanceof UrlError) logger$1.error("Disallowed private URL: {url}", {
+				url,
+				error
+			});
+			throw error;
+		}
+		const originalRequest = createActivityPubRequest(url, { userAgent });
+		const response = await doubleKnock(originalRequest, identity, {
+			specDeterminer,
+			log: curry(logRequest)(logger$1),
+			tracerProvider,
+			signal: options?.signal
+		});
+		return getRemoteDocument(url, response, load);
+	}
+	return load;
+}
+const _fetchDocumentLoader = getDocumentLoader();
+const _fetchDocumentLoader_allowPrivateAddress = getDocumentLoader({ allowPrivateAddress: true });
 
 //#endregion
-//#region src/runtime/contexts.ts
+//#region src/utils/contexts.ts
 const preloadedContexts = {
 	"https://www.w3.org/ns/activitystreams": { "@context": {
 		"@vocab": "_:",
@@ -4273,450 +4195,15 @@ const preloadedContexts = {
 		}
 	} }
 };
-var contexts_default = preloadedContexts;
 
 //#endregion
-//#region src/runtime/link.ts
-const parametersNeedLowerCase = ["rel", "type"];
-const regexpLinkWhitespace = /[\n\r\s\t]/;
-function validateURI(uri) {
-	if (uri.includes("\n") || regexpLinkWhitespace.test(uri)) throw new SyntaxError(`\`${uri}\` is not a valid URI!`);
-}
-function* parseLinkFromString(input) {
-	const inputFmt = input.replaceAll("\xA0", "").replaceAll("", "");
-	for (let cursor = 0; cursor < inputFmt.length; cursor += 1) {
-		while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-		if (inputFmt.charAt(cursor) !== "<") throw new SyntaxError(`Unexpected character \`${inputFmt.charAt(cursor)}\` at position ${cursor}; Expect character \`<\`!`);
-		cursor += 1;
-		const cursorEndUri = inputFmt.indexOf(">", cursor);
-		if (cursorEndUri === -1) throw new SyntaxError(`Missing end of URI delimiter character \`>\` after position ${cursor}!`);
-		if (cursorEndUri === cursor) throw new SyntaxError(`Missing URI at position ${cursor}!`);
-		const uriSlice = inputFmt.slice(cursor, cursorEndUri);
-		validateURI(uriSlice);
-		const uri = decodeURI(uriSlice);
-		const parameters = {};
-		cursor = cursorEndUri + 1;
-		while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-		if (cursor === inputFmt.length || inputFmt.charAt(cursor) === ",") {
-			yield [uri, parameters];
-			continue;
-		}
-		if (inputFmt.charAt(cursor) !== ";") throw new SyntaxError(`Unexpected character \`${inputFmt.charAt(cursor)}\` at position ${cursor}; Expect character \`;\`!`);
-		cursor += 1;
-		while (cursor < inputFmt.length) {
-			while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-			const parameterKey = inputFmt.slice(cursor).match(/^[\w-]+\*?/)?.[0].toLowerCase();
-			if (typeof parameterKey === "undefined") throw new SyntaxError(`Unexpected character \`${inputFmt.charAt(cursor)}\` at position ${cursor}; Expect a valid parameter key!`);
-			cursor += parameterKey.length;
-			while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-			if (cursor === inputFmt.length || inputFmt.charAt(cursor) === ",") {
-				parameters[parameterKey] = "";
-				break;
-			}
-			if (inputFmt.charAt(cursor) === ";") {
-				parameters[parameterKey] = "";
-				cursor += 1;
-				continue;
-			}
-			if (inputFmt.charAt(cursor) !== "=") throw new SyntaxError(`Unexpected character \`${inputFmt.charAt(cursor)}\` at position ${cursor}; Expect character \`=\`!`);
-			cursor += 1;
-			while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-			let parameterValue = "";
-			if (inputFmt.charAt(cursor) === "\"") {
-				cursor += 1;
-				while (cursor < inputFmt.length) {
-					if (inputFmt.charAt(cursor) === "\"") {
-						cursor += 1;
-						break;
-					}
-					if (inputFmt.charAt(cursor) === "\\") cursor += 1;
-					parameterValue += inputFmt.charAt(cursor);
-					cursor += 1;
-				}
-			} else {
-				const cursorDiffParameterValue = inputFmt.slice(cursor).search(/[\s;,]/);
-				if (cursorDiffParameterValue === -1) {
-					parameterValue += inputFmt.slice(cursor);
-					cursor += parameterValue.length;
-				} else {
-					parameterValue += inputFmt.slice(cursor, cursorDiffParameterValue);
-					cursor += cursorDiffParameterValue;
-				}
-			}
-			parameters[parameterKey] = parametersNeedLowerCase.includes(parameterKey) ? parameterValue.toLowerCase() : parameterValue;
-			while (regexpLinkWhitespace.test(inputFmt.charAt(cursor))) cursor += 1;
-			if (cursor === inputFmt.length || inputFmt.charAt(cursor) === ",") break;
-			if (inputFmt.charAt(cursor) === ";") {
-				cursor += 1;
-				continue;
-			}
-			throw new SyntaxError(`Unexpected character \`${inputFmt.charAt(cursor)}\` at position ${cursor}; Expect character \`,\`, character \`;\`, or end of the string!`);
-		}
-		yield [uri, parameters];
-	}
-}
-/**
-* Handle the HTTP header `Link` according to the specification RFC 8288.
-*/
-var HttpHeaderLink = class HttpHeaderLink {
-	get [Symbol.toStringTag]() {
-		return "HTTPHeaderLink";
-	}
-	#entries = [];
-	/**
-	* Handle the HTTP header `Link` according to the specification RFC 8288.
-	* @param {...(string | Headers | HttpHeaderLink | HttpHeaderLinkEntry[] | Response)} inputs Input.
-	*/
-	constructor(...inputs) {
-		if (inputs.length > 0) this.add(...inputs);
-	}
-	/**
-	* Add entries.
-	* @param {...(string | Headers | HttpHeaderLink | HttpHeaderLinkEntry[] | Response)} inputs Input.
-	* @returns {this}
-	*/
-	add(...inputs) {
-		for (const input of inputs) if (input instanceof HttpHeaderLink) this.#entries.push(...structuredClone(input.#entries));
-		else if (Array.isArray(input)) this.#entries.push(...input.map(([uri, parameters]) => {
-			validateURI(uri);
-			Object.entries(parameters).forEach(([key, value]) => {
-				if (key !== key.toLowerCase() || !/^[\w-]+\*?$/.test(key)) throw new SyntaxError(`\`${key}\` is not a valid parameter key!`);
-				if (parametersNeedLowerCase.includes(key) && value !== value.toLowerCase()) throw new SyntaxError(`\`${value}\` is not a valid parameter value!`);
-			});
-			return [uri, structuredClone(parameters)];
-		}));
-		else for (const entry of parseLinkFromString((input instanceof Headers || input instanceof Response ? (input instanceof Headers ? input : input.headers).get("Link") : input) ?? "")) this.#entries.push(entry);
-		return this;
-	}
-	/**
-	* Return all of the entries.
-	* @returns {HttpHeaderLinkEntry[]} Entries.
-	*/
-	entries() {
-		return structuredClone(this.#entries);
-	}
-	/**
-	* Get entries by parameter.
-	* @param {string} key Key of the parameter.
-	* @param {string} value Value of the parameter.
-	* @returns {HttpHeaderLinkEntry[]} Entries which match the parameter.
-	*/
-	getByParameter(key, value) {
-		if (key !== key.toLowerCase()) throw new SyntaxError(`\`${key}\` is not a valid parameter key!`);
-		if (key === "rel") return this.getByRel(value);
-		return structuredClone(this.#entries.filter((entry) => {
-			return entry[1][key] === value;
-		}));
-	}
-	/**
-	* Get entries by parameter `rel`.
-	* @param {string} value Value of the parameter `rel`.
-	* @returns {HttpHeaderLinkEntry[]} Entries which match the parameter.
-	*/
-	getByRel(value) {
-		if (value !== value.toLowerCase()) throw new SyntaxError(`\`${value}\` is not a valid parameter \`rel\` value!`);
-		return structuredClone(this.#entries.filter((entity) => {
-			return entity[1].rel?.toLowerCase() === value;
-		}));
-	}
-	/**
-	* Whether have entries that match parameter.
-	* @param {string} key Key of the parameter.
-	* @param {string} value Value of the parameter.
-	* @returns {boolean} Determine result.
-	*/
-	hasParameter(key, value) {
-		return this.getByParameter(key, value).length > 0;
-	}
-	/**
-	* Stringify entries.
-	* @returns {string} Stringified entries.
-	*/
-	toString() {
-		return this.#entries.map(([uri, parameters]) => {
-			return [`<${encodeURI(uri)}>`, ...Object.entries(parameters).map(([key, value]) => {
-				return value.length > 0 ? `${key}="${value.replaceAll("\"", "\\\"")}"` : key;
-			})].join("; ");
-		}).join(", ");
-	}
-	/**
-	* Parse the HTTP header `Link` according to the specification RFC 8288.
-	* @param {...(string | Headers | HttpHeaderLink | HttpHeaderLinkEntry[] | Response)} inputs Input.
-	* @returns {HttpHeaderLink}
-	*/
-	static parse(...inputs) {
-		return new this(...inputs);
-	}
-	/**
-	* Stringify as the HTTP header `Link` according to the specification RFC 8288.
-	* @param {...(string | Headers | HttpHeaderLink | HttpHeaderLinkEntry[] | Response)} inputs Input.
-	* @returns {string}
-	*/
-	static stringify(...inputs) {
-		return new this(...inputs).toString();
-	}
-};
-
-//#endregion
-//#region src/runtime/url.ts
-var UrlError = class extends Error {
-	constructor(message) {
-		super(message);
-		this.name = "UrlError";
-	}
-};
-/**
-* Validates a URL to prevent SSRF attacks.
-*/
-async function validatePublicUrl(url) {
-	const parsed = new URL(url);
-	if (parsed.protocol !== "http:" && parsed.protocol !== "https:") throw new UrlError(`Unsupported protocol: ${parsed.protocol}`);
-	let hostname = parsed.hostname;
-	if (hostname.startsWith("[") && hostname.endsWith("]")) hostname = hostname.substring(1, hostname.length - 2);
-	if (hostname === "localhost") throw new UrlError("Localhost is not allowed");
-	if ("Deno" in globalThis && !isIP(hostname)) {
-		const netPermission = await Deno.permissions.query({ name: "net" });
-		if (netPermission.state !== "granted") return;
-	}
-	if ("Bun" in globalThis) {
-		if (hostname === "example.com" || hostname.endsWith(".example.com")) return;
-		else if (hostname === "fedify-test.internal") throw new UrlError("Invalid or private address: fedify-test.internal");
-	}
-	let addresses;
-	try {
-		addresses = await lookup(hostname, { all: true });
-	} catch {
-		addresses = [];
-	}
-	for (const { address, family } of addresses) if (family === 4 && !isValidPublicIPv4Address(address) || family === 6 && !isValidPublicIPv6Address(address) || family < 4 || family === 5 || family > 6) throw new UrlError(`Invalid or private address: ${address}`);
-}
-function isValidPublicIPv4Address(address) {
-	const parts = address.split(".");
-	const first = parseInt(parts[0]);
-	if (first === 0 || first === 10 || first === 127) return false;
-	const second = parseInt(parts[1]);
-	if (first === 169 && second === 254) return false;
-	if (first === 172 && second >= 16 && second <= 31) return false;
-	if (first === 192 && second === 168) return false;
-	return true;
-}
-function isValidPublicIPv6Address(address) {
-	address = expandIPv6Address(address);
-	if (address.at(4) !== ":") return false;
-	const firstWord = parseInt(address.substring(0, 4), 16);
-	return !(firstWord >= 64512 && firstWord <= 65023 || firstWord >= 65152 && firstWord <= 65215 || firstWord === 0 || firstWord >= 65280);
-}
-function expandIPv6Address(address) {
-	address = address.toLowerCase();
-	if (address === "::") return "0000:0000:0000:0000:0000:0000:0000:0000";
-	if (address.startsWith("::")) address = "0000" + address;
-	if (address.endsWith("::")) address = address + "0000";
-	address = address.replace("::", ":0000".repeat(8 - (address.match(/:/g) || []).length) + ":");
-	const parts = address.split(":");
-	return parts.map((part) => part.padStart(4, "0")).join(":");
-}
-
-//#endregion
-//#region src/runtime/docloader.ts
+//#region src/utils/kv-cache.ts
 const logger = getLogger([
 	"fedify",
-	"runtime",
-	"docloader"
+	"utils",
+	"kv-cache"
 ]);
 /**
-* Error thrown when fetching a JSON-LD document failed.
-*/
-var FetchError = class extends Error {
-	/**
-	* The URL that failed to fetch.
-	*/
-	url;
-	/**
-	* Constructs a new `FetchError`.
-	*
-	* @param url The URL that failed to fetch.
-	* @param message Error message.
-	*/
-	constructor(url, message) {
-		super(message == null ? url.toString() : `${url}: ${message}`);
-		this.name = "FetchError";
-		this.url = typeof url === "string" ? new URL(url) : url;
-	}
-};
-/**
-* Creates a request for the given URL.
-* @param url The URL to create the request for.
-* @param options The options for the request.
-* @returns The created request.
-* @internal
-*/
-function createRequest(url, options = {}) {
-	return new Request(url, {
-		headers: {
-			Accept: "application/activity+json, application/ld+json",
-			"User-Agent": typeof options.userAgent === "string" ? options.userAgent : getUserAgent(options.userAgent)
-		},
-		redirect: "manual"
-	});
-}
-/**
-* Logs the request.
-* @param request The request to log.
-* @internal
-*/
-function logRequest(request) {
-	logger.debug("Fetching document: {method} {url} {headers}", {
-		method: request.method,
-		url: request.url,
-		headers: Object.fromEntries(request.headers.entries())
-	});
-}
-/**
-* Gets a {@link RemoteDocument} from the given response.
-* @param url The URL of the document to load.
-* @param response The response to get the document from.
-* @param fetch The function to fetch the document.
-* @returns The loaded remote document.
-* @throws {FetchError} If the response is not OK.
-* @internal
-*/
-async function getRemoteDocument(url, response, fetch$1) {
-	const documentUrl = response.url === "" ? url : response.url;
-	const docUrl = new URL(documentUrl);
-	if (!response.ok) {
-		logger.error("Failed to fetch document: {status} {url} {headers}", {
-			status: response.status,
-			url: documentUrl,
-			headers: Object.fromEntries(response.headers.entries())
-		});
-		throw new FetchError(documentUrl, `HTTP ${response.status}: ${documentUrl}`);
-	}
-	const contentType = response.headers.get("Content-Type");
-	const jsonLd = contentType == null || contentType === "application/activity+json" || contentType.startsWith("application/activity+json;") || contentType === "application/ld+json" || contentType.startsWith("application/ld+json;");
-	const linkHeader = response.headers.get("Link");
-	let contextUrl = null;
-	if (linkHeader != null) {
-		let link;
-		try {
-			link = new HttpHeaderLink(linkHeader);
-		} catch (e) {
-			if (e instanceof SyntaxError) link = new HttpHeaderLink();
-			else throw e;
-		}
-		if (jsonLd) {
-			const entries = link.getByRel("http://www.w3.org/ns/json-ld#context");
-			for (const [uri, params] of entries) if ("type" in params && params.type === "application/ld+json") {
-				contextUrl = uri;
-				break;
-			}
-		} else {
-			const entries = link.getByRel("alternate");
-			for (const [uri, params] of entries) {
-				const altUri = new URL(uri, docUrl);
-				if ("type" in params && (params.type === "application/activity+json" || params.type === "application/ld+json" || params.type.startsWith("application/ld+json;")) && altUri.href !== docUrl.href) {
-					logger.debug("Found alternate document: {alternateUrl} from {url}", {
-						alternateUrl: altUri.href,
-						url: documentUrl
-					});
-					return await fetch$1(altUri.href);
-				}
-			}
-		}
-	}
-	let document;
-	if (!jsonLd && (contentType === "text/html" || contentType?.startsWith("text/html;") || contentType === "application/xhtml+xml" || contentType?.startsWith("application/xhtml+xml;"))) {
-		const p = /<(a|link)((\s+[a-z][a-z:_-]*=("[^"]*"|'[^']*'|[^\s>]+))+)\s*\/?>/gi;
-		const p2 = /\s+([a-z][a-z:_-]*)=("([^"]*)"|'([^']*)'|([^\s>]+))/gi;
-		const html = await response.text();
-		let m;
-		const rawAttribs = [];
-		while ((m = p.exec(html)) !== null) rawAttribs.push(m[2]);
-		for (const rawAttrs of rawAttribs) {
-			let m2;
-			const attribs = {};
-			while ((m2 = p2.exec(rawAttrs)) !== null) {
-				const key = m2[1].toLowerCase();
-				const value = m2[3] ?? m2[4] ?? m2[5] ?? "";
-				attribs[key] = value;
-			}
-			if (attribs.rel === "alternate" && "type" in attribs && (attribs.type === "application/activity+json" || attribs.type === "application/ld+json" || attribs.type.startsWith("application/ld+json;")) && "href" in attribs && new URL(attribs.href, docUrl).href !== docUrl.href) {
-				logger.debug("Found alternate document: {alternateUrl} from {url}", {
-					alternateUrl: attribs.href,
-					url: documentUrl
-				});
-				return await fetch$1(new URL(attribs.href, docUrl).href);
-			}
-		}
-		document = JSON.parse(html);
-	} else document = await response.json();
-	logger.debug("Fetched document: {status} {url} {headers}", {
-		status: response.status,
-		url: documentUrl,
-		headers: Object.fromEntries(response.headers.entries())
-	});
-	return {
-		contextUrl,
-		document,
-		documentUrl
-	};
-}
-/**
-* Creates a JSON-LD document loader that utilizes the browser's `fetch` API.
-*
-* The created loader preloads the below frequently used contexts by default
-* (unless `options.ignorePreloadedContexts` is set to `true`):
-*
-* - <https://www.w3.org/ns/activitystreams>
-* - <https://w3id.org/security/v1>
-* - <https://w3id.org/security/data-integrity/v1>
-* - <https://www.w3.org/ns/did/v1>
-* - <https://w3id.org/security/multikey/v1>
-* - <https://purl.archive.org/socialweb/webfinger>
-* - <http://schema.org/>
-* @param options Options for the document loader.
-* @returns The document loader.
-* @since 1.3.0
-*/
-function getDocumentLoader({ allowPrivateAddress, skipPreloadedContexts, userAgent } = {}) {
-	async function load(url, options) {
-		options?.signal?.throwIfAborted();
-		if (!skipPreloadedContexts && url in contexts_default) {
-			logger.debug("Using preloaded context: {url}.", { url });
-			return {
-				contextUrl: null,
-				document: contexts_default[url],
-				documentUrl: url
-			};
-		}
-		if (!allowPrivateAddress) try {
-			await validatePublicUrl(url);
-		} catch (error) {
-			if (error instanceof UrlError) logger.error("Disallowed private URL: {url}", {
-				url,
-				error
-			});
-			throw error;
-		}
-		const request = createRequest(url, { userAgent });
-		logRequest(request);
-		const response = await fetch(request, {
-			redirect: "manual",
-			signal: options?.signal
-		});
-		if (response.status >= 300 && response.status < 400 && response.headers.has("Location")) return load(response.headers.get("Location"), options);
-		return getRemoteDocument(url, response, load);
-	}
-	return load;
-}
-const _fetchDocumentLoader = getDocumentLoader();
-const _fetchDocumentLoader_allowPrivateAddress = getDocumentLoader({ allowPrivateAddress: true });
-function fetchDocumentLoader(url, arg = false) {
-	const allowPrivateAddress = typeof arg === "boolean" ? arg : false;
-	logger.warn("fetchDocumentLoader() function is deprecated.  Use getDocumentLoader() function instead.");
-	const loader = allowPrivateAddress ? _fetchDocumentLoader_allowPrivateAddress : _fetchDocumentLoader;
-	return loader(url);
-}
-/**
 * Decorates a {@link DocumentLoader} with a cache backed by a {@link Deno.Kv}.
 * @param parameters The parameters for the cache.
 * @returns The decorated document loader which is cache-enabled.
@@ -4725,30 +4212,16 @@ function kvCache({ loader, kv, prefix, rules }) {
 	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
 	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
 	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
-	function matchRule(url) {
-		for (const [pattern, duration] of rules) {
-			if (typeof pattern === "string") {
-				if (url === pattern) return duration;
-				continue;
-			}
-			if (pattern instanceof URL) {
-				if (pattern.href == url) return duration;
-				continue;
-			}
-			if (pattern.test(url)) return duration;
-		}
-		return null;
-	}
 	return async (url, options) => {
-		if (url in contexts_default) {
+		if (url in preloadedContexts) {
 			logger.debug("Using preloaded context: {url}.", { url });
 			return {
 				contextUrl: null,
-				document: contexts_default[url],
+				document: preloadedContexts[url],
 				documentUrl: url
 			};
 		}
-		const match = matchRule(url);
+		const match = matchRule(url, rules);
 		if (match == null) return await loader(url, options);
 		const key = [...keyPrefix, url];
 		let cache = void 0;
@@ -4775,21 +4248,20 @@ function kvCache({ loader, kv, prefix, rules }) {
 		return cache;
 	};
 }
-/**
-* Gets the user agent string for the given application and URL.
-* @param options The options for making the user agent string.
-* @returns The user agent string.
-* @since 1.3.0
-*/
-function getUserAgent({ software, url } = {}) {
-	const fedify = `Fedify/${deno_default.version}`;
-	const runtime = globalThis.Deno?.version?.deno != null ? `Deno/${Deno.version.deno}` : globalThis.process?.versions?.bun != null ? `Bun/${process.versions.bun}` : "navigator" in globalThis && navigator.userAgent === "Cloudflare-Workers" ? navigator.userAgent : globalThis.process?.versions?.node != null ? `Node.js/${process.versions.node}` : null;
-	const userAgent = software == null ? [fedify] : [software, fedify];
-	if (runtime != null) userAgent.push(runtime);
-	if (url != null) userAgent.push(`+${url.toString()}`);
-	const first = userAgent.shift();
-	return `${first} (${userAgent.join("; ")})`;
+function matchRule(url, rules) {
+	for (const [pattern, duration] of rules) {
+		if (typeof pattern === "string") {
+			if (url === pattern) return duration;
+			continue;
+		}
+		if (pattern instanceof URL) {
+			if (pattern.href == url) return duration;
+			continue;
+		}
+		if (pattern.test(url)) return duration;
+	}
+	return null;
 }
 
 //#endregion
-export { FetchError, UrlError, createRequest, deno_default, fetchDocumentLoader, getDocumentLoader, getRemoteDocument, getUserAgent, kvCache, logRequest, validatePublicUrl };
+export { getAuthenticatedDocumentLoader, kvCache };