@fedify/fedify 2.1.0-dev.565 → 2.1.0-dev.599

package/dist/accept-D7sAxyNa.js

@@ -0,0 +1,143 @@
+
+      import { Temporal } from "@js-temporal/polyfill";
+      import { URLPattern } from "urlpattern-polyfill";
+      globalThis.addEventListener = () => {};
+    
+import { getLogger } from "@logtape/logtape";
+import { Item, decodeDict, encodeDict } from "structured-field-values";
+
+//#region src/sig/accept.ts
+/**
+* Parses an `Accept-Signature` header value (RFC 9421 §5.1) into an
+* array of {@link AcceptSignatureMember} objects.
+*
+* The `Accept-Signature` field is a Dictionary Structured Field
+* (RFC 8941 §3.2).  Each dictionary member describes a single
+* requested message signature.
+*
+* On parse failure (malformed or empty header), returns an empty array.
+*
+* @param header The raw `Accept-Signature` header value string.
+* @returns An array of parsed members.  Empty if the header is
+*          malformed or empty.
+* @since 2.1.0
+*/
+function parseAcceptSignature(header) {
+	try {
+		return parseEachSignature(decodeDict(header));
+	} catch {
+		getLogger([
+			"fedify",
+			"sig",
+			"http"
+		]).warn("Failed to parse Accept-Signature header: {header}", { header });
+		return [];
+	}
+}
+const compactObject = (obj) => Object.fromEntries(Object.entries(obj).filter(([_, v]) => v !== void 0));
+const parseEachSignature = (dict) => Object.entries(dict).filter(([_, item]) => Array.isArray(item.value)).map(([label, item]) => ({
+	label,
+	components: item.value.filter((subitem) => typeof subitem.value === "string").map((subitem) => ({
+		value: subitem.value,
+		params: subitem.params ?? {}
+	})),
+	parameters: compactParams(item)
+}));
+const compactParams = (item) => {
+	const { keyid, alg, created, expires, nonce, tag } = item.params ?? {};
+	return compactObject({
+		keyid: stringOrUndefined(keyid),
+		alg: stringOrUndefined(alg),
+		created: trueOrUndefined(created),
+		expires: trueOrUndefined(expires),
+		nonce: stringOrUndefined(nonce),
+		tag: stringOrUndefined(tag)
+	});
+};
+const stringOrUndefined = (v) => typeof v === "string" ? v : void 0;
+const trueOrUndefined = (v) => v === true ? true : void 0;
+/**
+* Serializes an array of {@link AcceptSignatureMember} objects into an
+* `Accept-Signature` header value string (RFC 9421 §5.1).
+*
+* The output is a Dictionary Structured Field (RFC 8941 §3.2).
+*
+* @param members The members to serialize.
+* @returns The serialized header value string.
+* @since 2.1.0
+*/
+function formatAcceptSignature(members) {
+	const items = members.map((member) => [member.label, new Item(compToItems(member), compactParameters(member))]);
+	return encodeDict(Object.fromEntries(items));
+}
+const compToItems = (member) => member.components.map((c) => new Item(c.value, c.params));
+const compactParameters = (member) => {
+	const { keyid, alg, created, expires, nonce, tag } = member.parameters;
+	return compactObject({
+		keyid,
+		alg,
+		created,
+		expires,
+		nonce,
+		tag
+	});
+};
+/**
+* Filters out {@link AcceptSignatureMember} entries whose covered
+* components include response-only identifiers (`@status`) that are
+* not applicable to request-target messages, as required by
+* [RFC 9421 §5](https://www.rfc-editor.org/rfc/rfc9421#section-5).
+*
+* A warning is logged for each discarded entry.
+*
+* @param members The parsed `Accept-Signature` entries to validate.
+* @returns Only entries that are valid for request-target messages.
+* @since 2.1.0
+*/
+function validateAcceptSignature(members) {
+	const logger = getLogger([
+		"fedify",
+		"sig",
+		"http"
+	]);
+	return members.filter((member) => {
+		if (member.components.every((c) => c.value !== "@status")) return true;
+		logLabel(logger, member.label);
+		return false;
+	});
+}
+const logLabel = (logger, label) => logger.warn("Discarding Accept-Signature member {label}: covered components include response-only identifier @status.", { label });
+/**
+* Attempts to translate an {@link AcceptSignatureMember} challenge into
+* RFC 9421 signing options that the local signer can fulfill.
+*
+* Returns `null` if the challenge cannot be fulfilled—for example, if
+* the requested `alg` or `keyid` is incompatible with the local key.
+*
+* Safety constraints:
+* - `alg`: only honored if it matches `localAlg`.
+* - `keyid`: only honored if it matches `localKeyId`.
+* - `components`: passed through exactly as requested, per RFC 9421 §5.2.
+* - `nonce`, `tag`, and `expires` are passed through directly.
+*
+* @param entry The challenge entry from the `Accept-Signature` header.
+* @param localKeyId The local key identifier (e.g., the actor key URL).
+* @param localAlg The algorithm of the local private key
+*                 (e.g., `"rsa-v1_5-sha256"`).
+* @returns Signing options if the challenge can be fulfilled, or `null`.
+* @since 2.1.0
+*/
+function fulfillAcceptSignature(entry, localKeyId, localAlg) {
+	if (entry.parameters.alg != null && entry.parameters.alg !== localAlg) return null;
+	if (entry.parameters.keyid != null && entry.parameters.keyid !== localKeyId) return null;
+	return {
+		label: entry.label,
+		components: entry.components,
+		nonce: entry.parameters.nonce,
+		tag: entry.parameters.tag,
+		expires: entry.parameters.expires
+	};
+}
+
+//#endregion
+export { formatAcceptSignature, fulfillAcceptSignature, parseAcceptSignature, validateAcceptSignature };

package/dist/{assert_rejects-Ce45JcFg.js → assert_rejects-0h7I2Esa.js}

@@ -4,7 +4,7 @@
       globalThis.addEventListener = () => {};
     
 import { AssertionError } from "./assert_equals-DSbWqCm3.js";
-import { assertIsError } from "./assert_throws-BNXdRGWP.js";
+import { assertIsError } from "./assert_throws-rjdMBf31.js";
 
 //#region ../../node_modules/.pnpm/@jsr+std__assert@0.226.0/node_modules/@jsr/std__assert/assert_false.js
 /**

package/dist/{builder-Deoi2N2z.js → builder-rlJT9XsH.js}

@@ -3,9 +3,9 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { deno_default } from "./deno-CEdy89j9.js";
+import { deno_default } from "./deno-BYv1FXyT.js";
 import { Router, RouterError } from "./router-D9eI0s4b.js";
-import { InboxListenerSet } from "./inbox-CMtnW0RE.js";
+import { InboxListenerSet } from "./inbox-gPJ0RaKj.js";
 import { getTypeId } from "@fedify/vocab";
 import { getLogger } from "@logtape/logtape";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
@@ -46,7 +46,7 @@ var FederationBuilderImpl = class {
 		this.collectionTypeIds = {};
 	}
 	async build(options) {
-		const { FederationImpl } = await import("./middleware-BZ8WpBo6.js");
+		const { FederationImpl } = await import("./middleware-nfE7By0g.js");
 		const f = new FederationImpl(options);
 		const trailingSlashInsensitiveValue = f.router.trailingSlashInsensitive;
 		f.router = this.router.clone();

package/dist/compat/mod.d.cts

@@ -1,7 +1,7 @@
 import "../client-C97KOq3x.cjs";
-import "../http-DsqqmkXi.cjs";
+import "../http-BudnHZE2.cjs";
 import "../owner-1AbPBOOZ.cjs";
-import { ActivityTransformer } from "../context-DL0cPpPV.cjs";
+import { ActivityTransformer } from "../context-BcqA-0BL.cjs";
 import "../kv-BL4nlICN.cjs";
-import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "../mod-DE8MYisy.cjs";
+import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "../mod-B7QkWzrL.cjs";
 export { ActivityTransformer, actorDehydrator, autoIdAssigner, getDefaultActivityTransformers };

package/dist/compat/mod.d.ts

@@ -1,9 +1,9 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import "../client-BxMZiQaD.js";
-import "../http-BbfOqHGG.js";
+import "../http-Dax_FIBo.js";
 import "../owner-gd0Q9FuU.js";
-import { ActivityTransformer } from "../context--RwChtri.js";
+import { ActivityTransformer } from "../context-DyJjQQ_H.js";
 import "../kv-DXEUEP6z.js";
-import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "../mod-Z7lIaCfo.js";
+import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "../mod-SMHOMNpZ.js";
 export { ActivityTransformer, actorDehydrator, autoIdAssigner, getDefaultActivityTransformers };

package/dist/compat/transformers.test.js

@@ -7,25 +7,26 @@ import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import { assert } from "../assert-MZs1qjMx.js";
 import { assertInstanceOf } from "../assert_instance_of-DHz7EHNU.js";
 import { MemoryKvStore } from "../kv-QzKcOQgP.js";
-import "../deno-CEdy89j9.js";
-import { FederationImpl, actorDehydrator, autoIdAssigner } from "../middleware-Cldp2YSv.js";
+import "../deno-BYv1FXyT.js";
+import { FederationImpl, actorDehydrator, autoIdAssigner } from "../middleware-CWItYNUL.js";
 import "../client-CoCIaTNO.js";
 import "../router-D9eI0s4b.js";
 import "../types-CPz01LGH.js";
-import "../key-B0yADkL8.js";
-import "../http-Dm9n1mRe.js";
-import "../ld-BBmbv1nb.js";
-import "../owner-C1ZyG4NL.js";
-import "../proof-wclcUq0C.js";
-import "../docloader-CL1QPJzN.js";
-import "../kv-cache-El7We5sy.js";
-import "../inbox-CMtnW0RE.js";
-import "../builder-Deoi2N2z.js";
-import "../collection-CcnIw1qY.js";
-import "../keycache-C7k8s1Bk.js";
-import "../negotiation-5NPJL6zp.js";
-import "../retry-D4GJ670a.js";
-import "../send-DNJyYRVU.js";
+import "../accept-D7sAxyNa.js";
+import "../key-BSOrewQw.js";
+import "../http-SDJbghtm.js";
+import "../ld-8UNDFIO0.js";
+import "../owner-D1i3Gz1q.js";
+import "../proof-Blm7rPHe.js";
+import "../docloader-D3dGL8MN.js";
+import "../kv-cache-Bw2F2ABq.js";
+import "../inbox-gPJ0RaKj.js";
+import "../builder-rlJT9XsH.js";
+import "../collection-CSzG2j1P.js";
+import "../keycache-CpGWAUbj.js";
+import "../negotiation-BlAuS_nr.js";
+import "../retry-mqLf4b-R.js";
+import "../send-Ban_thmx.js";
 import { test } from "@fedify/fixture";
 import { Follow, Person } from "@fedify/vocab";
 

package/dist/{context-DL0cPpPV.d.cts → context-BcqA-0BL.d.cts}

@@ -1,5 +1,5 @@
 import { GetNodeInfoOptions, JsonValue, NodeInfo } from "./client-C97KOq3x.cjs";
-import { HttpMessageSignaturesSpec, VerifyRequestFailureReason } from "./http-DsqqmkXi.cjs";
+import { HttpMessageSignaturesSpec, VerifyRequestFailureReason } from "./http-BudnHZE2.cjs";
 import { GetKeyOwnerOptions } from "./owner-1AbPBOOZ.cjs";
 import { KvKey, KvStore } from "./kv-BL4nlICN.cjs";
 import { Activity, Actor, Collection, CryptographicKey, Hashtag, Link, LookupObjectOptions, Multikey, Object as Object$1, Recipient, TraverseCollectionOptions } from "@fedify/vocab";
@@ -837,6 +837,13 @@ interface FederationKvPrefixes {
   * @since 1.6.0
   */
   readonly httpMessageSignaturesSpec: KvKey;
+  /**
+  * The key prefix used for storing `Accept-Signature` challenge nonces.
+  * Only used when {@link InboxChallengePolicy.requestNonce} is `true`.
+  * @default `["_fedify", "acceptSignatureNonce"]`
+  * @since 2.1.0
+  */
+  readonly acceptSignatureNonce: KvKey;
 }
 /**
 * Options for {@link FederationOptions.origin} when it is not a string.
@@ -1321,6 +1328,39 @@ interface FederationBuilder<TContextData> extends Federatable<TContextData> {
   build(options: FederationOptions<TContextData>): Promise<Federation<TContextData>>;
 }
 /**
+* Policy for emitting `Accept-Signature` challenges on inbox `401`
+* responses, as defined in
+* [RFC 9421 §5](https://www.rfc-editor.org/rfc/rfc9421#section-5).
+* @since 2.1.0
+*/
+interface InboxChallengePolicy {
+  /**
+  * Whether to emit `Accept-Signature` headers on `401` responses
+  * caused by HTTP Signature verification failures.
+  */
+  enabled: boolean;
+  /**
+  * The covered component identifiers to request.  Only request-applicable
+  * identifiers should be used (`@status` is automatically excluded).
+  * @default `["@method", "@target-uri", "@authority", "content-digest"]`
+  */
+  components?: string[];
+  /**
+  * Whether to generate and require a one-time nonce for replay protection.
+  * When enabled, a cryptographically random nonce is included in each
+  * challenge and verified on subsequent requests.  Requires a
+  * {@link KvStore}.
+  * @default `false`
+  */
+  requestNonce?: boolean;
+  /**
+  * The time-to-live (in seconds) for stored nonces.  After this period,
+  * nonces expire and are no longer accepted.
+  * @default `300` (5 minutes)
+  */
+  nonceTtlSeconds?: number;
+}
+/**
 * Options for creating a {@link Federation} object.
 * @template TContextData The context data to pass to the {@link Context}.
 * @since 1.6.0
@@ -1462,6 +1502,16 @@ interface FederationOptions<TContextData> {
   */
   firstKnock?: HttpMessageSignaturesSpec;
   /**
+  * The policy for emitting `Accept-Signature` challenges on inbox `401`
+  * responses (RFC 9421 §5).  When enabled, failed HTTP Signature
+  * verification responses will include an `Accept-Signature` header
+  * telling the sender which components and parameters to include.
+  *
+  * Disabled by default (no `Accept-Signature` header is emitted).
+  * @since 2.1.0
+  */
+  inboxChallengePolicy?: InboxChallengePolicy;
+  /**
   * The retry policy for sending activities to recipients' inboxes.
   * By default, this uses an exponential backoff strategy with a maximum of
   * 10 attempts and a maximum delay of 12 hours.
@@ -2543,4 +2593,4 @@ interface ActorKeyPair extends CryptoKeyPair {
   readonly multikey: Multikey;
 }
 //#endregion
-export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable };
+export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxChallengePolicy, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable };

package/dist/{context--RwChtri.d.ts → context-DyJjQQ_H.d.ts}

@@ -1,7 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { GetNodeInfoOptions, JsonValue, NodeInfo } from "./client-BxMZiQaD.js";
-import { HttpMessageSignaturesSpec, VerifyRequestFailureReason } from "./http-BbfOqHGG.js";
+import { HttpMessageSignaturesSpec, VerifyRequestFailureReason } from "./http-Dax_FIBo.js";
 import { GetKeyOwnerOptions } from "./owner-gd0Q9FuU.js";
 import { KvKey, KvStore } from "./kv-DXEUEP6z.js";
 import { Activity, Actor, Collection, CryptographicKey, Hashtag, Link, LookupObjectOptions, Multikey, Object as Object$1, Recipient, TraverseCollectionOptions } from "@fedify/vocab";
@@ -839,6 +839,13 @@ interface FederationKvPrefixes {
   * @since 1.6.0
   */
   readonly httpMessageSignaturesSpec: KvKey;
+  /**
+  * The key prefix used for storing `Accept-Signature` challenge nonces.
+  * Only used when {@link InboxChallengePolicy.requestNonce} is `true`.
+  * @default `["_fedify", "acceptSignatureNonce"]`
+  * @since 2.1.0
+  */
+  readonly acceptSignatureNonce: KvKey;
 }
 /**
 * Options for {@link FederationOptions.origin} when it is not a string.
@@ -1323,6 +1330,39 @@ interface FederationBuilder<TContextData> extends Federatable<TContextData> {
   build(options: FederationOptions<TContextData>): Promise<Federation<TContextData>>;
 }
 /**
+* Policy for emitting `Accept-Signature` challenges on inbox `401`
+* responses, as defined in
+* [RFC 9421 §5](https://www.rfc-editor.org/rfc/rfc9421#section-5).
+* @since 2.1.0
+*/
+interface InboxChallengePolicy {
+  /**
+  * Whether to emit `Accept-Signature` headers on `401` responses
+  * caused by HTTP Signature verification failures.
+  */
+  enabled: boolean;
+  /**
+  * The covered component identifiers to request.  Only request-applicable
+  * identifiers should be used (`@status` is automatically excluded).
+  * @default `["@method", "@target-uri", "@authority", "content-digest"]`
+  */
+  components?: string[];
+  /**
+  * Whether to generate and require a one-time nonce for replay protection.
+  * When enabled, a cryptographically random nonce is included in each
+  * challenge and verified on subsequent requests.  Requires a
+  * {@link KvStore}.
+  * @default `false`
+  */
+  requestNonce?: boolean;
+  /**
+  * The time-to-live (in seconds) for stored nonces.  After this period,
+  * nonces expire and are no longer accepted.
+  * @default `300` (5 minutes)
+  */
+  nonceTtlSeconds?: number;
+}
+/**
 * Options for creating a {@link Federation} object.
 * @template TContextData The context data to pass to the {@link Context}.
 * @since 1.6.0
@@ -1464,6 +1504,16 @@ interface FederationOptions<TContextData> {
   */
   firstKnock?: HttpMessageSignaturesSpec;
   /**
+  * The policy for emitting `Accept-Signature` challenges on inbox `401`
+  * responses (RFC 9421 §5).  When enabled, failed HTTP Signature
+  * verification responses will include an `Accept-Signature` header
+  * telling the sender which components and parameters to include.
+  *
+  * Disabled by default (no `Accept-Signature` header is emitted).
+  * @since 2.1.0
+  */
+  inboxChallengePolicy?: InboxChallengePolicy;
+  /**
   * The retry policy for sending activities to recipients' inboxes.
   * By default, this uses an exponential backoff strategy with a maximum of
   * 10 attempts and a maximum delay of 12 hours.
@@ -2545,4 +2595,4 @@ interface ActorKeyPair extends CryptoKeyPair {
   readonly multikey: Multikey;
 }
 //#endregion
-export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable };
+export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxChallengePolicy, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable };

package/dist/{deno-CEdy89j9.js → deno-BYv1FXyT.js}

@@ -5,7 +5,7 @@
     
 //#region deno.json
 var name = "@fedify/fedify";
-var version = "2.1.0-dev.565+b4d238a9";
+var version = "2.1.0-dev.599+1ff26884";
 var license = "MIT";
 var exports = {
 	".": "./src/mod.ts",
@@ -27,7 +27,6 @@ var imports = {
 	"fetch-mock": "npm:fetch-mock@^12.5.2",
 	"json-canon": "npm:json-canon@^1.0.1",
 	"jsonld": "npm:jsonld@^9.0.0",
-	"multicodec": "npm:multicodec@^3.2.1",
 	"pkijs": "npm:pkijs@^3.3.3",
 	"structured-field-values": "npm:structured-field-values@^2.0.4",
 	"uri-template-router": "npm:uri-template-router@^1.0.0",

package/dist/{docloader-CL1QPJzN.js → docloader-D3dGL8MN.js}

@@ -3,8 +3,8 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { validateCryptoKey } from "./key-B0yADkL8.js";
-import { doubleKnock } from "./http-Dm9n1mRe.js";
+import { validateCryptoKey } from "./key-BSOrewQw.js";
+import { doubleKnock } from "./http-SDJbghtm.js";
 import { curry } from "es-toolkit";
 import { UrlError, createActivityPubRequest, getRemoteDocument, logRequest, validatePublicUrl } from "@fedify/vocab-runtime";
 import { getLogger } from "@logtape/logtape";

package/dist/federation/builder.test.js

@@ -7,14 +7,14 @@ import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
 import { MemoryKvStore } from "../kv-QzKcOQgP.js";
-import "../deno-CEdy89j9.js";
+import "../deno-BYv1FXyT.js";
 import "../router-D9eI0s4b.js";
-import "../inbox-CMtnW0RE.js";
-import { createFederationBuilder } from "../builder-Deoi2N2z.js";
-import { assertExists } from "../std__assert-DWivtrGR.js";
-import "../assert_rejects-Ce45JcFg.js";
-import { assertThrows } from "../assert_throws-BNXdRGWP.js";
-import "../assert_not_equals-C80BG-_5.js";
+import "../inbox-gPJ0RaKj.js";
+import { createFederationBuilder } from "../builder-rlJT9XsH.js";
+import { assertExists } from "../std__assert-X-_kMxKM.js";
+import "../assert_rejects-0h7I2Esa.js";
+import { assertThrows } from "../assert_throws-rjdMBf31.js";
+import "../assert_not_equals-f3m3epl3.js";
 import { test } from "@fedify/fixture";
 import { Activity, Note, Person } from "@fedify/vocab";
 

package/dist/federation/collection.test.js

@@ -6,11 +6,11 @@
 import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
-import { buildCollectionSynchronizationHeader, digest } from "../collection-CcnIw1qY.js";
-import "../std__assert-DWivtrGR.js";
-import "../assert_rejects-Ce45JcFg.js";
-import "../assert_throws-BNXdRGWP.js";
-import "../assert_not_equals-C80BG-_5.js";
+import { buildCollectionSynchronizationHeader, digest } from "../collection-CSzG2j1P.js";
+import "../std__assert-X-_kMxKM.js";
+import "../assert_rejects-0h7I2Esa.js";
+import "../assert_throws-rjdMBf31.js";
+import "../assert_not_equals-f3m3epl3.js";
 import { test } from "@fedify/fixture";
 import { decodeHex } from "byte-encodings/hex";