@fedify/fedify 2.0.0-pr.490.2 → 2.0.0-pr.559.4

package/dist/otel/mod.js

@@ -0,0 +1,255 @@
+
+          import { Temporal } from "@js-temporal/polyfill";
+          import { URLPattern } from "urlpattern-polyfill";
+        
+import { getLogger } from "@logtape/logtape";
+import { ExportResultCode } from "@opentelemetry/core";
+
+//#region src/otel/exporter.ts
+/**
+* A SpanExporter that persists ActivityPub activity traces to a
+* {@link KvStore}.  This enables distributed tracing across multiple
+* nodes in a Fedify deployment.
+*
+* The exporter captures activity data from OpenTelemetry span events
+* (`activitypub.activity.received` and `activitypub.activity.sent`)
+* and stores them in the KvStore with trace context preserved.
+*
+* @example Basic usage with MemoryKvStore
+* ```typescript ignore
+* import { MemoryKvStore } from "@fedify/fedify";
+* import { FedifySpanExporter } from "@fedify/fedify/otel";
+* import {
+*   BasicTracerProvider,
+*   SimpleSpanProcessor,
+* } from "@opentelemetry/sdk-trace-base";
+*
+* const kv = new MemoryKvStore();
+* const exporter = new FedifySpanExporter(kv, {
+*   ttl: Temporal.Duration.from({ hours: 1 }),
+* });
+*
+* const provider = new BasicTracerProvider({
+*   spanProcessors: [new SimpleSpanProcessor(exporter)],
+* });
+* ```
+*
+* @example Querying stored traces
+* ```typescript ignore
+* import { MemoryKvStore } from "@fedify/fedify";
+* import { FedifySpanExporter } from "@fedify/fedify/otel";
+*
+* const kv = new MemoryKvStore();
+* const exporter = new FedifySpanExporter(kv);
+* const traceId = "abc123";
+*
+* // Get all activities for a specific trace
+* const activities = await exporter.getActivitiesByTraceId(traceId);
+*
+* // Get recent traces
+* const recentTraces = await exporter.getRecentTraces({ limit: 100 });
+* ```
+*
+* @since 1.10.0
+*/
+var FedifySpanExporter = class {
+	#kv;
+	#ttl;
+	#keyPrefix;
+	/**
+	* Creates a new FedifySpanExporter.
+	*
+	* @param kv The KvStore to persist trace data to.
+	* @param options Configuration options.
+	*/
+	constructor(kv, options) {
+		this.#kv = kv;
+		this.#ttl = options?.ttl;
+		this.#keyPrefix = options?.keyPrefix ?? ["fedify", "traces"];
+	}
+	/**
+	* Exports spans to the KvStore.
+	*
+	* @param spans The spans to export.
+	* @param resultCallback Callback to invoke with the export result.
+	*/
+	export(spans, resultCallback) {
+		this.#exportAsync(spans).then(() => resultCallback({ code: ExportResultCode.SUCCESS })).catch((error) => {
+			getLogger([
+				"fedify",
+				"otel",
+				"exporter"
+			]).error("Failed to export spans to KvStore: {error}", { error });
+			resultCallback({ code: ExportResultCode.FAILED });
+		});
+	}
+	async #exportAsync(spans) {
+		const storeOperations = [];
+		for (const span of spans) {
+			const records = this.#extractRecords(span);
+			for (const record of records) storeOperations.push(this.#storeRecord(record));
+		}
+		const results = await Promise.allSettled(storeOperations);
+		const rejected = results.filter((r) => r.status === "rejected");
+		if (rejected.length > 0) throw new AggregateError(rejected.map((r) => r.reason), "Failed to store one or more trace activity records.");
+	}
+	#extractRecords(span) {
+		const records = [];
+		const spanContext = span.spanContext();
+		const traceId = spanContext.traceId;
+		const spanId = spanContext.spanId;
+		const parentSpanId = span.parentSpanContext?.spanId;
+		for (const event of span.events) if (event.name === "activitypub.activity.received") {
+			const record = this.#extractInboundRecord(event, traceId, spanId, parentSpanId);
+			if (record != null) records.push(record);
+		} else if (event.name === "activitypub.activity.sent") {
+			const record = this.#extractOutboundRecord(event, traceId, spanId, parentSpanId);
+			if (record != null) records.push(record);
+		}
+		return records;
+	}
+	#extractInboundRecord(event, traceId, spanId, parentSpanId) {
+		const attrs = event.attributes;
+		if (attrs == null) return null;
+		const activityJson = attrs["activitypub.activity.json"];
+		if (typeof activityJson !== "string") return null;
+		let activityType = "Unknown";
+		let activityId;
+		let actorId;
+		try {
+			const activity = JSON.parse(activityJson);
+			activityType = activity.type ?? "Unknown";
+			activityId = activity.id;
+			if (typeof activity.actor === "string") actorId = activity.actor;
+			else if (activity.actor != null && typeof activity.actor.id === "string") actorId = activity.actor.id;
+		} catch {}
+		const verified = attrs["activitypub.activity.verified"];
+		const httpSigVerified = attrs["http_signatures.verified"];
+		const httpSigKeyId = attrs["http_signatures.key_id"];
+		const ldSigVerified = attrs["ld_signatures.verified"];
+		let signatureDetails;
+		if (typeof httpSigVerified === "boolean" || typeof ldSigVerified === "boolean") signatureDetails = {
+			httpSignaturesVerified: httpSigVerified === true,
+			httpSignaturesKeyId: typeof httpSigKeyId === "string" && httpSigKeyId !== "" ? httpSigKeyId : void 0,
+			ldSignaturesVerified: ldSigVerified === true
+		};
+		return {
+			traceId,
+			spanId,
+			parentSpanId,
+			direction: "inbound",
+			activityType,
+			activityId,
+			actorId,
+			activityJson,
+			verified: typeof verified === "boolean" ? verified : void 0,
+			signatureDetails,
+			timestamp: (/* @__PURE__ */ new Date(event.time[0] * 1e3 + event.time[1] / 1e6)).toISOString()
+		};
+	}
+	#extractOutboundRecord(event, traceId, spanId, parentSpanId) {
+		const attrs = event.attributes;
+		if (attrs == null) return null;
+		const activityJson = attrs["activitypub.activity.json"];
+		if (typeof activityJson !== "string") return null;
+		let activityType = "Unknown";
+		let activityId;
+		let actorId;
+		try {
+			const activity = JSON.parse(activityJson);
+			activityType = activity.type ?? "Unknown";
+			activityId = activity.id;
+			if (typeof activity.actor === "string") actorId = activity.actor;
+			else if (activity.actor != null && typeof activity.actor.id === "string") actorId = activity.actor.id;
+		} catch {}
+		const inboxUrl = attrs["activitypub.inbox.url"];
+		const explicitActivityId = attrs["activitypub.activity.id"];
+		return {
+			traceId,
+			spanId,
+			parentSpanId,
+			direction: "outbound",
+			activityType,
+			activityId: activityId ?? (typeof explicitActivityId === "string" && explicitActivityId !== "" ? explicitActivityId : void 0),
+			actorId,
+			activityJson,
+			timestamp: (/* @__PURE__ */ new Date(event.time[0] * 1e3 + event.time[1] / 1e6)).toISOString(),
+			inboxUrl: typeof inboxUrl === "string" ? inboxUrl : void 0
+		};
+	}
+	async #storeRecord(record) {
+		const options = this.#ttl != null ? { ttl: this.#ttl } : void 0;
+		const key = [
+			...this.#keyPrefix,
+			record.traceId,
+			record.spanId
+		];
+		await this.#kv.set(key, record, options);
+		await this.#updateTraceSummary(record, options);
+	}
+	async #setWithCasRetry(key, transform, options) {
+		if (this.#kv.cas != null) for (let attempt = 0; attempt < 3; attempt++) {
+			const existing$1 = await this.#kv.get(key);
+			const newValue$1 = transform(existing$1);
+			if (await this.#kv.cas(key, existing$1, newValue$1, options)) return;
+		}
+		const existing = await this.#kv.get(key);
+		const newValue = transform(existing);
+		await this.#kv.set(key, newValue, options);
+	}
+	async #updateTraceSummary(record, options) {
+		const summaryKey = [
+			...this.#keyPrefix,
+			"_summaries",
+			record.traceId
+		];
+		await this.#setWithCasRetry(summaryKey, (existing) => {
+			const activityCount = existing != null ? existing.activityCount + 1 : 1;
+			const activityTypes = existing != null ? existing.activityTypes.includes(record.activityType) ? existing.activityTypes : [...existing.activityTypes, record.activityType] : [record.activityType];
+			return {
+				traceId: existing?.traceId ?? record.traceId,
+				timestamp: existing?.timestamp ?? record.timestamp,
+				activityCount,
+				activityTypes
+			};
+		}, options);
+	}
+	/**
+	* Gets all activity records for a specific trace ID.
+	*
+	* @param traceId The trace ID to query.
+	* @returns An array of activity records belonging to the trace.
+	*/
+	async getActivitiesByTraceId(traceId) {
+		const prefix = [...this.#keyPrefix, traceId];
+		const records = [];
+		for await (const entry of this.#kv.list(prefix)) records.push(entry.value);
+		return records;
+	}
+	/**
+	* Gets recent traces with summary information.
+	*
+	* @param options Options for the query.
+	* @returns An array of trace summaries.
+	*/
+	async getRecentTraces(options) {
+		const summaryPrefix = [...this.#keyPrefix, "_summaries"];
+		const summaries = [];
+		for await (const entry of this.#kv.list(summaryPrefix)) summaries.push(entry.value);
+		summaries.sort((a, b) => b.timestamp.localeCompare(a.timestamp));
+		if (options?.limit != null) return summaries.slice(0, options.limit);
+		return summaries;
+	}
+	/**
+	* Forces the exporter to flush any buffered data.
+	* This is a no-op because we write directly to the KvStore without buffering.
+	*/
+	async forceFlush() {}
+	/**
+	* Shuts down the exporter.
+	*/
+	async shutdown() {}
+};
+
+//#endregion
+export { FedifySpanExporter };

package/dist/{owner-kQRGVXG1.d.ts → owner-BgI8C-VY.d.ts}

@@ -1,7 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { Activity, CryptographicKey } from "./vocab-BCWe1Ih5.js";
-import { Actor } from "./actor-DqFajh9s.js";
+import { Activity, Actor, CryptographicKey } from "@fedify/vocab";
 import { TracerProvider } from "@opentelemetry/api";
 import { DocumentLoader } from "@fedify/vocab-runtime";
 

package/dist/{owner-B4HbyP8s.d.cts → owner-C-zfmVAD.d.cts}

@@ -1,5 +1,4 @@
-import { Activity, CryptographicKey } from "./vocab-CeDBzu-f.cjs";
-import { Actor } from "./actor-f2NtjyCg.cjs";
+import { Activity, Actor, CryptographicKey } from "@fedify/vocab";
 import { DocumentLoader } from "@fedify/vocab-runtime";
 import { TracerProvider } from "@opentelemetry/api";
 

package/dist/{owner-CIWnopkT.js → owner-Cejm-F7S.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { CryptographicKey, Object as Object$1, deno_default } from "./lookup-Dj9-mgOn.js";
-import { isActor } from "./actor-BT-e5fn9.js";
+import { deno_default } from "./deno-DGx1JZHr.js";
+import { CryptographicKey, Object as Object$1, isActor } from "@fedify/vocab";
 import { getDocumentLoader } from "@fedify/vocab-runtime";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 

package/dist/{proof-D-5ri6rf.js → proof-BOQBHd-i.js}

@@ -3,9 +3,10 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { Activity, DataIntegrityProof, Multikey, deno_default, getTypeId } from "./lookup-Dj9-mgOn.js";
-import { fetchKey, validateCryptoKey } from "./key-x7E5PYI0.js";
+import { deno_default } from "./deno-DGx1JZHr.js";
+import { fetchKey, validateCryptoKey } from "./key-BCtt1Ugy.js";
 import { getLogger } from "@logtape/logtape";
+import { Activity, DataIntegrityProof, Multikey, getTypeId } from "@fedify/vocab";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { encodeHex } from "byte-encodings/hex";
 import serialize from "json-canon";

package/dist/{proof-fEwcA7LA.cjs → proof-Bmi8ZIcW.cjs}

@@ -3,15 +3,14 @@
           const { URLPattern } = require("urlpattern-polyfill");
         
 const require_chunk = require('./chunk-DqRYRqnO.cjs');
-const require_lookup = require('./lookup-BTqtVATt.cjs');
-const require_actor = require('./actor-CBfPjuWj.cjs');
-const require_http = require('./http-Dxpqz4hE.cjs');
+const require_http = require('./http-DKBUv5zZ.cjs');
 const __logtape_logtape = require_chunk.__toESM(require("@logtape/logtape"));
+const __fedify_vocab = require_chunk.__toESM(require("@fedify/vocab"));
 const __opentelemetry_api = require_chunk.__toESM(require("@opentelemetry/api"));
-const jsonld = require_chunk.__toESM(require("jsonld"));
-const __fedify_vocab_runtime = require_chunk.__toESM(require("@fedify/vocab-runtime"));
 const byte_encodings_hex = require_chunk.__toESM(require("byte-encodings/hex"));
 const byte_encodings_base64 = require_chunk.__toESM(require("byte-encodings/base64"));
+const __fedify_vocab_runtime = require_chunk.__toESM(require("@fedify/vocab-runtime"));
+const jsonld = require_chunk.__toESM(require("jsonld"));
 const json_canon = require_chunk.__toESM(require("json-canon"));
 
 //#region src/sig/ld.ts
@@ -82,7 +81,7 @@ async function createSignature(jsonLd, privateKey, keyId, { contextLoader, creat
 */
 async function signJsonLd(jsonLd, privateKey, keyId, options) {
 	const tracerProvider = options.tracerProvider ?? __opentelemetry_api.trace.getTracerProvider();
-	const tracer = tracerProvider.getTracer(require_lookup.deno_default.name, require_lookup.deno_default.version);
+	const tracer = tracerProvider.getTracer(require_http.deno_default.name, require_http.deno_default.version);
 	return await tracer.startActiveSpan("ld_signatures.sign", { attributes: { "ld_signatures.key_id": keyId.href } }, async (span) => {
 		try {
 			const signature = await createSignature(jsonLd, privateKey, keyId, options);
@@ -151,7 +150,7 @@ async function verifySignature(jsonLd, options = {}) {
 		});
 		return null;
 	}
-	const { key, cached } = await require_http.fetchKey(new URL(sig.creator), require_actor.CryptographicKey, options);
+	const { key, cached } = await require_http.fetchKey(new URL(sig.creator), __fedify_vocab.CryptographicKey, options);
 	if (key == null) return null;
 	const sigOpts = {
 		...sig,
@@ -192,7 +191,7 @@ async function verifySignature(jsonLd, options = {}) {
 			keyId: sig.creator,
 			...sig
 		});
-		const { key: key$1 } = await require_http.fetchKey(new URL(sig.creator), require_actor.CryptographicKey, {
+		const { key: key$1 } = await require_http.fetchKey(new URL(sig.creator), __fedify_vocab.CryptographicKey, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),
@@ -221,19 +220,19 @@ async function verifySignature(jsonLd, options = {}) {
 */
 async function verifyJsonLd(jsonLd, options = {}) {
 	const tracerProvider = options.tracerProvider ?? __opentelemetry_api.trace.getTracerProvider();
-	const tracer = tracerProvider.getTracer(require_lookup.deno_default.name, require_lookup.deno_default.version);
+	const tracer = tracerProvider.getTracer(require_http.deno_default.name, require_http.deno_default.version);
 	return await tracer.startActiveSpan("ld_signatures.verify", async (span) => {
 		try {
-			const object = await require_actor.Object.fromJsonLd(jsonLd, options);
+			const object = await __fedify_vocab.Object.fromJsonLd(jsonLd, options);
 			if (object.id != null) span.setAttribute("activitypub.object.id", object.id.href);
-			span.setAttribute("activitypub.object.type", require_actor.getTypeId(object).href);
+			span.setAttribute("activitypub.object.type", (0, __fedify_vocab.getTypeId)(object).href);
 			if (typeof jsonLd === "object" && jsonLd != null && "signature" in jsonLd && typeof jsonLd.signature === "object" && jsonLd.signature != null) {
 				if ("creator" in jsonLd.signature && typeof jsonLd.signature.creator === "string") span.setAttribute("ld_signatures.key_id", jsonLd.signature.creator);
 				if ("signatureValue" in jsonLd.signature && typeof jsonLd.signature.signatureValue === "string") span.setAttribute("ld_signatures.signature", jsonLd.signature.signatureValue);
 				if ("type" in jsonLd.signature && typeof jsonLd.signature.type === "string") span.setAttribute("ld_signatures.type", jsonLd.signature.type);
 			}
 			const attributions = new Set(object.attributionIds.map((uri) => uri.href));
-			if (object instanceof require_actor.Activity) for (const uri of object.actorIds) attributions.add(uri.href);
+			if (object instanceof __fedify_vocab.Activity) for (const uri of object.actorIds) attributions.add(uri.href);
 			const key = await verifySignature(jsonLd, options);
 			if (key == null) return false;
 			if (key.ownerId == null) {
@@ -278,7 +277,7 @@ async function hashJsonLd(jsonLd, contextLoader) {
 */
 async function doesActorOwnKey(activity, key, options) {
 	const tracerProvider = options.tracerProvider ?? __opentelemetry_api.trace.getTracerProvider();
-	const tracer = tracerProvider.getTracer(require_lookup.deno_default.name, require_lookup.deno_default.version);
+	const tracer = tracerProvider.getTracer(require_http.deno_default.name, require_http.deno_default.version);
 	return await tracer.startActiveSpan("activitypub.verify_key_ownership", {
 		kind: __opentelemetry_api.SpanKind.INTERNAL,
 		attributes: {
@@ -294,7 +293,7 @@ async function doesActorOwnKey(activity, key, options) {
 				return owns;
 			}
 			const actor = await activity.getActor(options);
-			if (actor == null || !require_actor.isActor(actor)) {
+			if (actor == null || !(0, __fedify_vocab.isActor)(actor)) {
 				span.setAttribute("activitypub.key_ownership.verified", false);
 				span.setAttribute("activitypub.key_ownership.method", "actor_fetch");
 				return false;
@@ -334,7 +333,7 @@ async function getKeyOwner(keyId, options) {
 	const documentLoader = options.documentLoader ?? (0, __fedify_vocab_runtime.getDocumentLoader)();
 	const contextLoader = options.contextLoader ?? (0, __fedify_vocab_runtime.getDocumentLoader)();
 	let object;
-	if (keyId instanceof require_actor.CryptographicKey) {
+	if (keyId instanceof __fedify_vocab.CryptographicKey) {
 		object = keyId;
 		if (object.id == null) return null;
 		keyId = object.id;
@@ -347,7 +346,7 @@ async function getKeyOwner(keyId, options) {
 			return null;
 		}
 		try {
-			object = await require_actor.Object.fromJsonLd(keyDoc, {
+			object = await __fedify_vocab.Object.fromJsonLd(keyDoc, {
 				documentLoader,
 				contextLoader,
 				tracerProvider
@@ -355,7 +354,7 @@ async function getKeyOwner(keyId, options) {
 		} catch (e) {
 			if (!(e instanceof TypeError)) throw e;
 			try {
-				object = await require_actor.CryptographicKey.fromJsonLd(keyDoc, {
+				object = await __fedify_vocab.CryptographicKey.fromJsonLd(keyDoc, {
 					documentLoader,
 					contextLoader,
 					tracerProvider
@@ -367,14 +366,14 @@ async function getKeyOwner(keyId, options) {
 		}
 	}
 	let owner = null;
-	if (object instanceof require_actor.CryptographicKey) {
+	if (object instanceof __fedify_vocab.CryptographicKey) {
 		if (object.ownerId == null) return null;
 		owner = await object.getOwner({
 			documentLoader,
 			contextLoader,
 			tracerProvider
 		});
-	} else if (require_actor.isActor(object)) owner = object;
+	} else if ((0, __fedify_vocab.isActor)(object)) owner = object;
 	else return null;
 	if (owner == null) return null;
 	for (const kid of owner.publicKeyIds) if (kid.href === keyId.href) return owner;
@@ -427,7 +426,7 @@ async function createProof(object, privateKey, keyId, { contextLoader, context,
 	digest.set(new Uint8Array(proofDigest), 0);
 	digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
 	const sig = await crypto.subtle.sign("Ed25519", privateKey, digest);
-	return new require_actor.DataIntegrityProof({
+	return new __fedify_vocab.DataIntegrityProof({
 		cryptosuite: "eddsa-jcs-2022",
 		verificationMethod: keyId,
 		proofPurpose: "assertionMethod",
@@ -447,8 +446,8 @@ async function createProof(object, privateKey, keyId, { contextLoader, context,
 */
 async function signObject(object, privateKey, keyId, options = {}) {
 	const tracerProvider = options.tracerProvider ?? __opentelemetry_api.trace.getTracerProvider();
-	const tracer = tracerProvider.getTracer(require_lookup.deno_default.name, require_lookup.deno_default.version);
-	return await tracer.startActiveSpan("object_integrity_proofs.sign", { attributes: { "activitypub.object.type": require_actor.getTypeId(object).href } }, async (span) => {
+	const tracer = tracerProvider.getTracer(require_http.deno_default.name, require_http.deno_default.version);
+	return await tracer.startActiveSpan("object_integrity_proofs.sign", { attributes: { "activitypub.object.type": (0, __fedify_vocab.getTypeId)(object).href } }, async (span) => {
 		try {
 			if (object.id != null) span.setAttribute("activitypub.object.id", object.id.href);
 			const existingProofs = [];
@@ -483,7 +482,7 @@ async function signObject(object, privateKey, keyId, options = {}) {
 */
 async function verifyProof(jsonLd, proof, options = {}) {
 	const tracerProvider = options.tracerProvider ?? __opentelemetry_api.trace.getTracerProvider();
-	const tracer = tracerProvider.getTracer(require_lookup.deno_default.name, require_lookup.deno_default.version);
+	const tracer = tracerProvider.getTracer(require_http.deno_default.name, require_http.deno_default.version);
 	return await tracer.startActiveSpan("object_integrity_proofs.verify", async (span) => {
 		if (span.isRecording()) {
 			if (proof.cryptosuite != null) span.setAttribute("object_integrity_proofs.cryptosuite", proof.cryptosuite);
@@ -507,7 +506,7 @@ async function verifyProof(jsonLd, proof, options = {}) {
 }
 async function verifyProofInternal(jsonLd, proof, options) {
 	if (typeof jsonLd !== "object" || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
-	const publicKeyPromise = require_http.fetchKey(proof.verificationMethodId, require_actor.Multikey, options);
+	const publicKeyPromise = require_http.fetchKey(proof.verificationMethodId, __fedify_vocab.Multikey, options);
 	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
@@ -612,7 +611,7 @@ async function verifyObject(cls, jsonLd, options = {}) {
 	]);
 	const object = await cls.fromJsonLd(jsonLd, options);
 	const attributions = new Set(object.attributionIds.map((uri) => uri.href));
-	if (object instanceof require_actor.Activity) for (const uri of object.actorIds) attributions.add(uri.href);
+	if (object instanceof __fedify_vocab.Activity) for (const uri of object.actorIds) attributions.add(uri.href);
 	for await (const proof of object.getProofs(options)) {
 		const key = await verifyProof(jsonLd, proof, options);
 		if (key === null) return null;

package/dist/{proof-C8-2l0zH.js → proof-CnaEQ_Ev.js}

@@ -2,15 +2,14 @@
           import { Temporal } from "@js-temporal/polyfill";
           import { URLPattern } from "urlpattern-polyfill";
         
-import { deno_default } from "./lookup-DOSnR912.js";
-import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, getTypeId, isActor } from "./actor-B_gRMloq.js";
-import { fetchKey, validateCryptoKey } from "./http-YhR_TMMQ.js";
+import { deno_default, fetchKey, validateCryptoKey } from "./http-CL3G0rnf.js";
 import { getLogger } from "@logtape/logtape";
+import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, getTypeId, isActor } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
-import jsonld from "jsonld";
-import { getDocumentLoader } from "@fedify/vocab-runtime";
 import { encodeHex } from "byte-encodings/hex";
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
+import { getDocumentLoader } from "@fedify/vocab-runtime";
+import jsonld from "jsonld";
 import serialize from "json-canon";
 
 //#region src/sig/ld.ts

package/dist/router-D9eI0s4b.js

@@ -0,0 +1,118 @@
+
+      import { Temporal } from "@js-temporal/polyfill";
+      import { URLPattern } from "urlpattern-polyfill";
+      globalThis.addEventListener = () => {};
+    
+import { cloneDeep } from "es-toolkit";
+import { Router } from "uri-template-router";
+import { parseTemplate } from "url-template";
+
+//#region src/federation/router.ts
+function cloneInnerRouter(router) {
+	const clone = new Router();
+	clone.nid = router.nid;
+	clone.fsm = cloneDeep(router.fsm);
+	clone.routeSet = new Set(router.routeSet);
+	clone.templateRouteMap = new Map(router.templateRouteMap);
+	clone.valueRouteMap = new Map(router.valueRouteMap);
+	clone.hierarchy = cloneDeep(router.hierarchy);
+	return clone;
+}
+/**
+* URL router and constructor based on URI Template
+* ([RFC 6570](https://tools.ietf.org/html/rfc6570)).
+*/
+var Router$1 = class Router$1 {
+	#router;
+	#templates;
+	#templateStrings;
+	/**
+	* Whether to ignore trailing slashes when matching paths.
+	* @since 1.6.0
+	*/
+	trailingSlashInsensitive;
+	/**
+	* Create a new {@link Router}.
+	* @param options Options for the router.
+	*/
+	constructor(options = {}) {
+		this.#router = new Router();
+		this.#templates = {};
+		this.#templateStrings = {};
+		this.trailingSlashInsensitive = options.trailingSlashInsensitive ?? false;
+	}
+	clone() {
+		const clone = new Router$1({ trailingSlashInsensitive: this.trailingSlashInsensitive });
+		clone.#router = cloneInnerRouter(this.#router);
+		clone.#templates = { ...this.#templates };
+		clone.#templateStrings = { ...this.#templateStrings };
+		return clone;
+	}
+	/**
+	* Checks if a path name exists in the router.
+	* @param name The name of the path.
+	* @returns `true` if the path name exists, otherwise `false`.
+	*/
+	has(name) {
+		return name in this.#templates;
+	}
+	/**
+	* Adds a new path rule to the router.
+	* @param template The path pattern.
+	* @param name The name of the path.
+	* @returns The names of the variables in the path pattern.
+	*/
+	add(template, name) {
+		if (!template.startsWith("/")) throw new RouterError("Path must start with a slash.");
+		const rule = this.#router.addTemplate(template, {}, name);
+		this.#templates[name] = parseTemplate(template);
+		this.#templateStrings[name] = template;
+		return new Set(rule.variables.map((v) => v.varname));
+	}
+	/**
+	* Resolves a path name and values from a URL, if any match.
+	* @param url The URL to resolve.
+	* @returns The name of the path and its values, if any match.  Otherwise,
+	*          `null`.
+	*/
+	route(url) {
+		let match = this.#router.resolveURI(url);
+		if (match == null) {
+			if (!this.trailingSlashInsensitive) return null;
+			url = url.endsWith("/") ? url.replace(/\/+$/, "") : `${url}/`;
+			match = this.#router.resolveURI(url);
+			if (match == null) return null;
+		}
+		return {
+			name: match.matchValue,
+			template: this.#templateStrings[match.matchValue],
+			values: match.params
+		};
+	}
+	/**
+	* Constructs a URL/path from a path name and values.
+	* @param name The name of the path.
+	* @param values The values to expand the path with.
+	* @returns The URL/path, if the name exists.  Otherwise, `null`.
+	*/
+	build(name, values) {
+		if (name in this.#templates) return this.#templates[name].expand(values);
+		return null;
+	}
+};
+/**
+* An error thrown by the {@link Router}.
+*/
+var RouterError = class extends Error {
+	/**
+	* Create a new {@link RouterError}.
+	* @param message The error message.
+	*/
+	constructor(message) {
+		super(message);
+		this.name = "RouterError";
+	}
+};
+
+//#endregion
+export { Router$1 as Router, RouterError };

package/dist/{send-CPGk9QKZ.js → send-jFxXfsN8.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { deno_default } from "./lookup-Dj9-mgOn.js";
-import { doubleKnock } from "./http-DH47B-h3.js";
+import { deno_default } from "./deno-DGx1JZHr.js";
+import { doubleKnock } from "./http-LGtYlSfN.js";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 
@@ -120,7 +120,7 @@ async function sendActivityInternal({ activity, activityId, keys, inbox, headers
 			statusText: response.statusText,
 			error
 		});
-		throw new Error(`Failed to send activity ${activityId} to ${inbox.href} (${response.status} ${response.statusText}):\n${error}`);
+		throw new SendActivityError(inbox, response.status, `Failed to send activity ${activityId} to ${inbox.href} (${response.status} ${response.statusText}):\n${error}`, error);
 	}
 	span.addEvent("activitypub.activity.sent", {
 		"activitypub.activity.json": JSON.stringify(activity),
@@ -128,6 +128,40 @@ async function sendActivityInternal({ activity, activityId, keys, inbox, headers
 		"activitypub.activity.id": activityId ?? ""
 	});
 }
+/**
+* An error that is thrown when an activity fails to send to a remote inbox.
+* It contains structured information about the failure, including the HTTP
+* status code, the inbox URL, and the response body.
+* @since 2.0.0
+*/
+var SendActivityError = class extends Error {
+	/**
+	* The inbox URL that the activity was being sent to.
+	*/
+	inbox;
+	/**
+	* The HTTP status code returned by the inbox.
+	*/
+	statusCode;
+	/**
+	* The response body from the inbox, if any.
+	*/
+	responseBody;
+	/**
+	* Creates a new {@link SendActivityError}.
+	* @param inbox The inbox URL.
+	* @param statusCode The HTTP status code.
+	* @param message The error message.
+	* @param responseBody The response body.
+	*/
+	constructor(inbox, statusCode, message, responseBody) {
+		super(message);
+		this.name = "SendActivityError";
+		this.inbox = inbox;
+		this.statusCode = statusCode;
+		this.responseBody = responseBody;
+	}
+};
 
 //#endregion
-export { extractInboxes, sendActivity };
+export { SendActivityError, extractInboxes, sendActivity };