npm - @fedify/fedify - Versions diffs - 2.2.0-pr.710.26 → 2.2.0-pr.715.27 - Mend

@fedify/fedify 2.2.0-pr.710.26 → 2.2.0-pr.715.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

package/dist/{builder-BG2fljmM.mjs → builder-DQtY9nHQ.mjs} +3 -3
package/dist/compat/transformers.test.mjs +2 -2
package/dist/{deno-Bg4eBr2D.mjs → deno-_fgAC2zJ.mjs} +1 -1
package/dist/{docloader-DNzzLpZS.mjs → docloader-vRYuv1jI.mjs} +2 -2
package/dist/federation/builder.test.mjs +2 -2
package/dist/federation/collection.test.mjs +1 -1
package/dist/federation/handler.test.mjs +4 -4
package/dist/federation/idempotency.test.mjs +3 -3
package/dist/federation/inbox.test.mjs +1 -1
package/dist/federation/keycache.test.mjs +2 -2
package/dist/federation/kv.test.mjs +1 -1
package/dist/federation/middleware.test.mjs +7 -17
package/dist/federation/mod.cjs +1 -1
package/dist/federation/mod.js +1 -1
package/dist/federation/negotiation.test.mjs +1 -1
package/dist/federation/retry.test.mjs +1 -1
package/dist/federation/send.test.mjs +3 -3
package/dist/federation/webfinger.test.mjs +2 -2
package/dist/{http-DWkREdt7.mjs → http-C8rif6ld.mjs} +2 -2
package/dist/{http-Dgit35mk.cjs → http-R-epZzZQ.cjs} +1 -1
package/dist/{http-Cbg9qm41.js → http-s3HaFg5o.js} +1 -1
package/dist/{key-DkuUQiqs.mjs → key-Ce0SDXK2.mjs} +1 -1
package/dist/{kv-cache-e9fvIFDA.cjs → kv-cache-Btpmwlb5.cjs} +1 -1
package/dist/{kv-cache-Bl6yhpBL.js → kv-cache-ChSAw77q.js} +1 -1
package/dist/{ld-1klZemqw.mjs → ld-BsDP9tTM.mjs} +2 -2
package/dist/{middleware-DRNKgUtw.js → middleware-C4ymcV-E.js} +3 -4
package/dist/{middleware-DY-mzSrv.cjs → middleware-CXG1M9Om.cjs} +1 -1
package/dist/{middleware-BDpu1OCd.mjs → middleware-DFQeBAbL.mjs} +1 -1
package/dist/{middleware-D1zxydrX.mjs → middleware-DtEWmK1Y.mjs} +15 -17
package/dist/{middleware-G6DmtY5H.cjs → middleware-vUbXbazq.cjs} +4 -5
package/dist/mod.cjs +4 -4
package/dist/mod.js +4 -4
package/dist/nodeinfo/client.test.mjs +1 -1
package/dist/nodeinfo/handler.test.mjs +2 -2
package/dist/nodeinfo/types.test.mjs +1 -1
package/dist/otel/exporter.test.mjs +1 -1
package/dist/{owner-ijaWLw_K.mjs → owner-CTfDotXM.mjs} +2 -2
package/dist/{proof-CP0GRqWY.cjs → proof-3RPJLWOU.cjs} +38 -221
package/dist/{proof-BbfBQytm.mjs → proof-UdlPVu_P.mjs} +31 -36
package/dist/{proof-CQJHVvjQ.js → proof-qQIVjzlw.js} +41 -218
package/dist/{send-CJyp2e8W.mjs → send-kudDOImz.mjs} +2 -2
package/dist/sig/http.test.mjs +2 -2
package/dist/sig/key.test.mjs +1 -1
package/dist/sig/ld.test.mjs +2 -2
package/dist/sig/mod.cjs +2 -2
package/dist/sig/mod.js +2 -2
package/dist/sig/owner.test.mjs +1 -1
package/dist/sig/proof.test.mjs +2 -60
package/dist/utils/docloader.test.mjs +2 -2
package/dist/utils/mod.cjs +1 -1
package/dist/utils/mod.js +1 -1
package/package.json +6 -6
package/dist/compat/public-audience.test.d.mts +0 -2
package/dist/compat/public-audience.test.mjs +0 -178
package/dist/public-audience-eovWqzOF.mjs +0 -181
/package/dist/{activity-listener-CFzUqoCS.mjs → activity-listener-Ck3JZ_hR.mjs} +0 -0
/package/dist/{client-DVu6Fmom.mjs → client-DEpOVgY1.mjs} +0 -0
/package/dist/{collection-BQRKGS7L.mjs → collection-BD6-SZ6O.mjs} +0 -0
/package/dist/{keycache-C2t1kvP5.mjs → keycache-CCSwkQcY.mjs} +0 -0
/package/dist/{kv-C-TG81Sv.mjs → kv-tL2TOE9X.mjs} +0 -0
/package/dist/{negotiation-xb0QR3u_.mjs → negotiation-DnsfFF8I.mjs} +0 -0
/package/dist/{retry-CJL0poaU.mjs → retry-B_E3V_Dx.mjs} +0 -0
/package/dist/{types-CGUnLkU3.mjs → types-DCP0WLdt.mjs} +0 -0

package/dist/compat/public-audience.test.mjs DELETED Viewed

@@ -1,178 +0,0 @@
-import "@js-temporal/polyfill";
-import "urlpattern-polyfill";
-globalThis.addEventListener = () => {};
-import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
-import { t as assertNotEquals } from "../assert_not_equals--wG9hV7u.mjs";
-import { t as normalizePublicAudience } from "../public-audience-eovWqzOF.mjs";
-import { test } from "@fedify/fixture";
-import { Create, Note, PUBLIC_COLLECTION } from "@fedify/vocab";
-import { getDocumentLoader, preloadedContexts } from "@fedify/vocab-runtime";
-//#region src/compat/public-audience.test.ts
-const PUBLIC_URI = PUBLIC_COLLECTION.href;
-const AS_CONTEXT = "https://www.w3.org/ns/activitystreams";
-test("normalizePublicAudience() rewrites every addressing field and both CURIE forms", async () => {
-	const output = await normalizePublicAudience({
-		"@context": AS_CONTEXT,
-		type: "Note",
-		id: "https://example.com/notes/1",
-		to: "as:Public",
-		cc: ["as:Public", "https://example.com/bob"],
-		bto: "Public",
-		bcc: ["Public"],
-		audience: ["as:Public", "Public"]
-	});
-	assertEquals(output.to, PUBLIC_URI);
-	assertEquals(output.cc, [PUBLIC_URI, "https://example.com/bob"]);
-	assertEquals(output.bto, PUBLIC_URI);
-	assertEquals(output.bcc, [PUBLIC_URI]);
-	assertEquals(output.audience, [PUBLIC_URI, PUBLIC_URI]);
-});
-test("normalizePublicAudience() normalises activities serialized by @fedify/vocab", async () => {
-	const compact = await new Create({
-		id: new URL("https://example.com/activities/1"),
-		actor: new URL("https://example.com/alice"),
-		object: new Note({
-			id: new URL("https://example.com/notes/1"),
-			content: "Hello, world!",
-			tos: [PUBLIC_COLLECTION]
-		}),
-		tos: [PUBLIC_COLLECTION],
-		ccs: [new URL("https://example.com/followers")]
-	}).toJsonLd({ format: "compact" });
-	assertEquals(compact.to, "as:Public");
-	const normalized = await normalizePublicAudience(compact, getDocumentLoader());
-	assertEquals(normalized.to, PUBLIC_URI);
-	const nestedObject = normalized.object;
-	assertEquals(nestedObject.to, PUBLIC_URI);
-});
-test("normalizePublicAudience() is a no-op without the CURIE", async () => {
-	const input = {
-		"@context": AS_CONTEXT,
-		type: "Note",
-		id: "https://example.com/notes/3",
-		to: PUBLIC_URI
-	};
-	assertEquals(await normalizePublicAudience(input), input);
-});
-test("normalizePublicAudience() leaves non-addressing fields untouched", async () => {
-	const output = await normalizePublicAudience({
-		"@context": AS_CONTEXT,
-		type: "Note",
-		id: "https://example.com/notes/4",
-		name: "as:Public",
-		to: "as:Public"
-	});
-	assertEquals(output.name, "as:Public");
-	assertEquals(output.to, PUBLIC_URI);
-});
-test("normalizePublicAudience() rewrites without canonicalization for known-safe contexts", async () => {
-	const rejecting = () => {
-		throw new Error("contextLoader should not be called for a known-safe @context");
-	};
-	assertEquals((await normalizePublicAudience({
-		"@context": AS_CONTEXT,
-		type: "Note",
-		id: "https://example.com/notes/fast1",
-		to: "as:Public"
-	}, rejecting)).to, PUBLIC_URI);
-	assertEquals((await normalizePublicAudience({
-		"@context": [AS_CONTEXT, "https://w3id.org/security/data-integrity/v1"],
-		type: "Note",
-		id: "https://example.com/notes/fast2",
-		to: "as:Public"
-	}, rejecting)).to, PUBLIC_URI);
-});
-test("normalizePublicAudience() falls back to canonicalization for unknown-URL contexts", async () => {
-	let loaderCalls = 0;
-	const loader = (url) => {
-		loaderCalls++;
-		return Promise.resolve({
-			contextUrl: null,
-			documentUrl: url,
-			document: preloadedContexts[AS_CONTEXT]
-		});
-	};
-	assertEquals((await normalizePublicAudience({
-		"@context": [AS_CONTEXT, "https://custom.example/ctx"],
-		type: "Note",
-		id: "https://example.com/notes/unknown",
-		to: "as:Public"
-	}, loader)).to, PUBLIC_URI);
-	assertEquals(loaderCalls > 0, true);
-});
-test("normalizePublicAudience() leaves @context subtrees untouched", async () => {
-	const inlineCtx = (await normalizePublicAudience({
-		"@context": [AS_CONTEXT, { "customTerm": "as:Public" }],
-		type: "Note",
-		id: "https://example.com/notes/context",
-		to: PUBLIC_URI
-	}))["@context"][1];
-	assertEquals(inlineCtx.customTerm, "as:Public");
-});
-test("normalizePublicAudience() does not traverse prototype-polluted keys", async () => {
-	const polluted = Object.create({ to: "as:Public" });
-	polluted["@context"] = AS_CONTEXT;
-	polluted.type = "Note";
-	polluted.id = "https://example.com/notes/proto";
-	const output = await normalizePublicAudience(polluted);
-	assertEquals(Object.hasOwn(output, "to"), false);
-});
-test("normalizePublicAudience() stops before blowing the stack on pathological nesting", async () => {
-	let deep = { to: "as:Public" };
-	for (let i = 0; i < 256; i++) deep = { nested: deep };
-	assertEquals(typeof await normalizePublicAudience({
-		"@context": AS_CONTEXT,
-		type: "Note",
-		id: "https://example.com/notes/deep",
-		to: "as:Public",
-		object: deep
-	}), "object");
-});
-test("normalizePublicAudience() does not poison the global prototype via a __proto__ key", async () => {
-	await normalizePublicAudience(JSON.parse(`{
-    "@context": "https://www.w3.org/ns/activitystreams",
-    "type": "Note",
-    "id": "https://example.com/notes/proto-pollution",
-    "to": "as:Public",
-    "__proto__": { "polluted": true }
-  }`));
-	assertEquals(Object.prototype.polluted, void 0);
-});
-test("normalizePublicAudience() bails out on nested @context that redefines as:", async () => {
-	const output = await normalizePublicAudience({
-		"@context": AS_CONTEXT,
-		type: "Create",
-		id: "https://example.com/activities/nested",
-		actor: "https://example.com/alice",
-		to: "as:Public",
-		object: {
-			"@context": { "as": "https://not-activitystreams.example/" },
-			type: "https://www.w3.org/ns/activitystreams#Note",
-			id: "https://example.com/objects/nested",
-			to: "as:Public"
-		}
-	});
-	assertEquals(output.to, "as:Public");
-	const nested = output.object;
-	assertEquals(nested.to, "as:Public");
-});
-test("normalizePublicAudience() bails out when the rewrite changes semantics", async () => {
-	const output = await normalizePublicAudience({
-		"@context": {
-			"as": "https://not-activitystreams.example/",
-			"to": {
-				"@id": "https://www.w3.org/ns/activitystreams#to",
-				"@type": "@id"
-			},
-			"type": "@type",
-			"id": "@id"
-		},
-		type: "https://www.w3.org/ns/activitystreams#Note",
-		id: "https://example.com/notes/5",
-		to: "as:Public"
-	});
-	assertEquals(output.to, "as:Public");
-	assertNotEquals(output.to, PUBLIC_URI);
-});
-//#endregion
-export {};

package/dist/public-audience-eovWqzOF.mjs DELETED Viewed

@@ -1,181 +0,0 @@
-import "@js-temporal/polyfill";
-import "urlpattern-polyfill";
-globalThis.addEventListener = () => {};
-import { PUBLIC_COLLECTION } from "@fedify/vocab";
-import { preloadedContexts } from "@fedify/vocab-runtime";
-import { getLogger } from "@logtape/logtape";
-import jsonld from "@fedify/vocab-runtime/jsonld";
-//#region src/compat/public-audience.ts
-const logger = getLogger([
-	"fedify",
-	"compat",
-	"public-audience"
-]);
-const PUBLIC_ADDRESSING_FIELDS = new Set([
-	"to",
-	"cc",
-	"bto",
-	"bcc",
-	"audience"
-]);
-const preloadedOnlyDocumentLoader = (url) => {
-	if (Object.hasOwn(preloadedContexts, url)) return Promise.resolve({
-		contextUrl: null,
-		documentUrl: url,
-		document: preloadedContexts[url]
-	});
-	return Promise.reject(/* @__PURE__ */ new Error("Refusing to fetch a non-preloaded JSON-LD context: " + url));
-};
-const AS_CONTEXT_URL = "https://www.w3.org/ns/activitystreams";
-const MAX_TRAVERSAL_DEPTH = 64;
-const KNOWN_SAFE_CONTEXT_URLS = new Set(Object.keys(preloadedContexts));
-function hasPublicCurieInAddressing(value, parentKey, depth = 0) {
-	if (typeof value === "string") return parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public");
-	if (depth >= MAX_TRAVERSAL_DEPTH) return false;
-	if (Array.isArray(value)) return value.some((item) => hasPublicCurieInAddressing(item, parentKey, depth + 1));
-	if (typeof value !== "object" || value == null) return false;
-	const record = value;
-	for (const key of Object.keys(record)) {
-		if (key === "@context") continue;
-		if (hasPublicCurieInAddressing(record[key], key, depth + 1)) return true;
-	}
-	return false;
-}
-function rewritePublicAudience(value, parentKey, depth = 0) {
-	if (typeof value === "string" && parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public")) return PUBLIC_COLLECTION.href;
-	if (depth >= MAX_TRAVERSAL_DEPTH) return value;
-	if (Array.isArray(value)) {
-		let changed = false;
-		const mapped = value.map((item) => {
-			const rewritten = rewritePublicAudience(item, parentKey, depth + 1);
-			if (rewritten !== item) changed = true;
-			return rewritten;
-		});
-		return changed ? mapped : value;
-	}
-	if (typeof value !== "object" || value == null) return value;
-	const record = value;
-	let changed = false;
-	const normalized = Object.create(null);
-	for (const key of Object.keys(record)) {
-		const rewritten = key === "@context" ? record[key] : rewritePublicAudience(record[key], key, depth + 1);
-		if (rewritten !== record[key]) changed = true;
-		normalized[key] = rewritten;
-	}
-	return changed ? normalized : value;
-}
-/**
-* Reports whether `value` carries an `@context` property anywhere inside
-* its subtree (not counting the value itself).  A nested `@context` can
-* introduce a local term-definition scope that redefines `as:` or `Public`
-* even when the top-level `@context` is safe, so the fast path must defer
-* to the URDNA2015 equivalence check whenever one is present.
-*/
-function hasNestedContext(value, depth = 0) {
-	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
-	if (Array.isArray(value)) return value.some((item) => hasNestedContext(item, depth + 1));
-	if (typeof value !== "object" || value == null) return false;
-	const record = value;
-	for (const key of Object.keys(record)) {
-		if (key === "@context") return true;
-		if (hasNestedContext(record[key], depth + 1)) return true;
-	}
-	return false;
-}
-/**
-* Checks whether the `@context` of a JSON-LD document is guaranteed not
-* to redefine the `as:` prefix or the bare `Public` term.  Only documents
-* whose `@context` is a string, or an array of strings, drawn from Fedify's
-* preloaded context set AND including the ActivityStreams URL qualify,
-* AND no nested subtree carries its own `@context` that might redefine
-* those terms within a local scope.  When all of that holds the rewrite
-* is provably semantics-preserving and the URDNA2015 equivalence check
-* can be skipped.  Any other shape (unknown external URLs, inline
-* objects at the top level, nested `@context` blocks) is treated as
-* potentially unsafe.
-*/
-function hasKnownSafeContext(jsonLd) {
-	if (typeof jsonLd !== "object" || jsonLd == null) return false;
-	const record = jsonLd;
-	if (!Object.hasOwn(record, "@context")) return false;
-	const ctx = record["@context"];
-	const entries = typeof ctx === "string" ? [ctx] : Array.isArray(ctx) ? ctx : null;
-	if (entries == null || entries.length === 0) return false;
-	let hasAs = false;
-	for (const entry of entries) {
-		if (typeof entry !== "string") return false;
-		if (!KNOWN_SAFE_CONTEXT_URLS.has(entry)) return false;
-		if (entry === AS_CONTEXT_URL) hasAs = true;
-	}
-	if (!hasAs) return false;
-	for (const key of Object.keys(record)) {
-		if (key === "@context") continue;
-		if (hasNestedContext(record[key])) return false;
-	}
-	return true;
-}
-/**
-* Rewrites the compact `as:Public` / `Public` CURIE appearing in activity
-* addressing fields (`to`, `cc`, `bto`, `bcc`, `audience`) to the fully
-* expanded `https://www.w3.org/ns/activitystreams#Public` URI.
-*
-* Several ActivityPub implementations, Lemmy among them, match these
-* fields as plain URLs without running JSON-LD expansion, and silently
-* drop activities whose public addressing appears in CURIE form.  This
-* helper works around that gap.
-*
-* For documents whose `@context` is drawn entirely from Fedify's
-* preloaded context set and includes the ActivityStreams URL, the
-* rewrite is applied directly: the content of every preloaded non-AS
-* context is known not to redefine the `as:` prefix or the bare `Public`
-* term, so the semantics are preserved by construction.  Any other
-* shape (an inline object, an unknown external URL, and so on) is
-* treated as potentially unsafe and gated on a JSON-LD equivalence
-* check; both forms are canonicalized with URDNA2015 and the resulting
-* N-Quads are compared.  When they differ, the original document is
-* returned unchanged.  Canonicalization failures also fall back to the
-* original document.
-*
-* When no `contextLoader` is supplied the helper falls back to an
-* internal loader that resolves only the URLs in Fedify's
-* preloaded-contexts set and rejects every other URL without issuing a
-* network request.  That behaviour is deliberately narrower than
-* `@fedify/vocab-runtime`'s `getDocumentLoader()`, which after its
-* `validatePublicUrl` check will happily fetch non-preloaded URLs: the
-* helper is reached from verification paths (`verifyProof()` /
-* `verifyObject()`) that operate on inbound, potentially adversarial
-* JSON-LD, and a default loader that fetches attacker-supplied
-* `@context` URLs on the caller's behalf would be an SSRF vector.
-* Canonicalization failures against the restricted loader fall back to
-* the original document, same as any other canonicalization error.
-* Callers that genuinely need the remote-fetch loader (for example
-* applications that sign local JSON-LD against a custom vocabulary)
-* should pass a `contextLoader` explicitly.
-*
-* Must be called before any signing step that canonicalizes the
-* compact form byte-for-byte (for example, Object Integrity Proofs
-* using the `eddsa-jcs-2022` cryptosuite), so the signed payload
-* matches what is sent on the wire.
-*/
-async function normalizePublicAudience(jsonLd, contextLoader) {
-	if (!hasPublicCurieInAddressing(jsonLd)) return jsonLd;
-	const normalized = rewritePublicAudience(jsonLd);
-	if (hasKnownSafeContext(jsonLd)) return normalized;
-	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
-	try {
-		const [before, after] = await Promise.all([jsonld.canonize(jsonLd, {
-			format: "application/n-quads",
-			documentLoader: loader
-		}), jsonld.canonize(normalized, {
-			format: "application/n-quads",
-			documentLoader: loader
-		})]);
-		if (before === after) return normalized;
-		logger.warn("Expanding the public audience CURIE to its full URI would change the canonical form of the activity; sending the activity as is.  This usually means the active JSON-LD context redefines the `as:` prefix or the bare `Public` term.");
-	} catch (error) {
-		logger.debug("Failed to verify public audience normalization equivalence via JSON-LD canonicalization; sending the activity as is.\n{error}", { error });
-	}
-	return jsonLd;
-}
-//#endregion
-export { normalizePublicAudience as t };