@fedify/fedify 2.3.0-dev.1013 → 2.3.0-dev.1034

package/dist/{proof-BFyPVl1r.mjs → proof-iVfYyJpY.mjs}

@@ -1,10 +1,10 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-Ctd-K-t6.mjs";
-import { n as fetchKey, o as validateCryptoKey } from "./key-C1Oto4it.mjs";
-import { n as preloadedOnlyDocumentLoader } from "./public-audience-DYFHzm_c.mjs";
-import { r as normalizeOutgoingActivityJsonLd } from "./outgoing-jsonld-CNmZLixq.mjs";
+import { n as version, t as name } from "./deno-DB1H1VHx.mjs";
+import { n as fetchKey, o as validateCryptoKey } from "./key-CV57mOYH.mjs";
+import { n as preloadedOnlyDocumentLoader } from "./public-audience-PVTwU_Ex.mjs";
+import { r as normalizeOutgoingActivityJsonLd } from "./outgoing-jsonld-Bi7n-dEy.mjs";
 import { Activity, DataIntegrityProof, Multikey, getTypeId } from "@fedify/vocab";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { getLogger } from "@logtape/logtape";

package/dist/{proof-Dedf8md5.js → proof-k4mEvvdS.js}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { _ as version, d as validateCryptoKey, g as name, s as fetchKey } from "./http-1NL30qCe.js";
+import { _ as version, d as validateCryptoKey, g as name, s as fetchKey } from "./http-BUr93aO6.js";
 import { getLogger } from "@logtape/logtape";
 import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, PUBLIC_COLLECTION, getTypeId, isActor } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";

package/dist/send-D-vYdfC6.mjs

@@ -0,0 +1,306 @@
+import "@js-temporal/polyfill";
+import "urlpattern-polyfill";
+globalThis.addEventListener = () => {};
+import { n as version, t as name } from "./deno-DB1H1VHx.mjs";
+import { n as doubleKnock } from "./http-D9zG-L9N.mjs";
+import { SpanKind, SpanStatusCode, metrics, trace } from "@opentelemetry/api";
+import { getLogger } from "@logtape/logtape";
+//#region src/federation/metrics.ts
+var FederationMetrics = class {
+	deliverySent;
+	deliveryPermanentFailure;
+	signatureVerificationFailure;
+	deliveryDuration;
+	inboxProcessingDuration;
+	constructor(meterProvider) {
+		const meter = meterProvider.getMeter(name, version);
+		this.deliverySent = meter.createCounter("activitypub.delivery.sent", {
+			description: "ActivityPub delivery attempts.",
+			unit: "{attempt}"
+		});
+		this.deliveryPermanentFailure = meter.createCounter("activitypub.delivery.permanent_failure", {
+			description: "ActivityPub deliveries abandoned as permanent failures.",
+			unit: "{failure}"
+		});
+		this.signatureVerificationFailure = meter.createCounter("activitypub.signature.verification_failure", {
+			description: "ActivityPub signature verification failures.",
+			unit: "{failure}"
+		});
+		this.deliveryDuration = meter.createHistogram("activitypub.delivery.duration", {
+			description: "Duration of ActivityPub delivery attempts.",
+			unit: "ms"
+		});
+		this.inboxProcessingDuration = meter.createHistogram("activitypub.inbox.processing_duration", {
+			description: "Duration of ActivityPub inbox listener processing.",
+			unit: "ms"
+		});
+	}
+	recordDelivery(inbox, durationMs, success, activityType) {
+		const deliveryAttributes = {
+			"activitypub.remote.host": getRemoteHost(inbox),
+			"activitypub.delivery.success": success
+		};
+		if (activityType != null) deliveryAttributes["activitypub.activity.type"] = activityType;
+		this.deliverySent.add(1, deliveryAttributes);
+		this.deliveryDuration.record(durationMs, deliveryAttributes);
+	}
+	recordPermanentFailure(inbox, statusCode) {
+		this.deliveryPermanentFailure.add(1, {
+			"activitypub.remote.host": getRemoteHost(inbox),
+			"http.response.status_code": statusCode
+		});
+	}
+	recordSignatureVerificationFailure(reason, remoteHost) {
+		const attributes = { "activitypub.verification.failure_reason": reason };
+		if (remoteHost != null) attributes["activitypub.remote.host"] = remoteHost;
+		this.signatureVerificationFailure.add(1, attributes);
+	}
+	recordInboxProcessingDuration(activityType, durationMs) {
+		this.inboxProcessingDuration.record(durationMs, { "activitypub.activity.type": activityType });
+	}
+};
+const federationMetrics = /* @__PURE__ */ new WeakMap();
+/**
+* Gets the cached Fedify metric instruments for a meter provider.
+* @since 2.3.0
+*/
+function getFederationMetrics(meterProvider = metrics.getMeterProvider()) {
+	let instruments = federationMetrics.get(meterProvider);
+	if (instruments == null) {
+		instruments = new FederationMetrics(meterProvider);
+		federationMetrics.set(meterProvider, instruments);
+	}
+	return instruments;
+}
+/**
+* Gets the bounded remote host attribute value for a URL.
+* @since 2.3.0
+*/
+function getRemoteHost(url) {
+	return url.hostname;
+}
+/**
+* Gets an elapsed duration in milliseconds from a `performance.now()` value.
+* @since 2.3.0
+*/
+function getDurationMs(start) {
+	return Math.max(0, performance.now() - start);
+}
+//#endregion
+//#region src/federation/send.ts
+/**
+* Extracts the inbox URLs from recipients.
+* @param parameters The parameters to extract the inboxes.
+*                   See also {@link ExtractInboxesParameters}.
+* @returns The inboxes as a map of inbox URL to actor URIs.
+*/
+function extractInboxes({ recipients, preferSharedInbox, excludeBaseUris }) {
+	const inboxes = {};
+	for (const recipient of recipients) {
+		let inbox;
+		let sharedInbox = false;
+		if (preferSharedInbox && recipient.endpoints?.sharedInbox != null) {
+			inbox = recipient.endpoints.sharedInbox;
+			sharedInbox = true;
+		} else inbox = recipient.inboxId;
+		if (inbox != null && recipient.id != null) {
+			if (excludeBaseUris != null && excludeBaseUris.some((u) => u.origin === inbox?.origin)) continue;
+			inboxes[inbox.href] ??= {
+				actorIds: /* @__PURE__ */ new Set(),
+				sharedInbox
+			};
+			inboxes[inbox.href].actorIds.add(recipient.id.href);
+		}
+	}
+	return inboxes;
+}
+/**
+* Sends an {@link Activity} to an inbox.
+*
+* @param parameters The parameters for sending the activity.
+*                   See also {@link SendActivityParameters}.
+* @throws {Error} If the activity fails to send.
+*/
+function sendActivity(options) {
+	const tracerProvider = options.tracerProvider ?? trace.getTracerProvider();
+	return tracerProvider.getTracer(name, version).startActiveSpan("activitypub.send_activity", {
+		kind: SpanKind.CLIENT,
+		attributes: { "activitypub.shared_inbox": options.sharedInbox ?? false }
+	}, async (span) => {
+		if (options.activityId != null) span.setAttribute("activitypub.activity.id", options.activityId);
+		if (options.activityType != null) span.setAttribute("activitypub.activity.type", options.activityType);
+		try {
+			await sendActivityInternal({
+				...options,
+				tracerProvider
+			}, span);
+		} catch (e) {
+			span.setStatus({
+				code: SpanStatusCode.ERROR,
+				message: String(e)
+			});
+			throw e;
+		} finally {
+			span.end();
+		}
+	});
+}
+const MAX_ERROR_RESPONSE_BODY_BYTES = 1024;
+function getActivityActorId(activity) {
+	if (!isRecord(activity)) return void 0;
+	return getIdValue(activity.actor);
+}
+function getIdValue(value) {
+	if (typeof value === "string" && value !== "") return value;
+	if (value instanceof URL) return value.href;
+	if (Array.isArray(value)) {
+		for (const item of value) {
+			const id = getIdValue(item);
+			if (id != null) return id;
+		}
+		return;
+	}
+	if (isRecord(value)) return getIdValue(value.id);
+}
+function isRecord(value) {
+	return typeof value === "object" && value != null;
+}
+async function readLimitedResponseBody(response, maxBytes) {
+	if (response.body == null) return "";
+	const reader = response.body.getReader();
+	const decoder = new TextDecoder();
+	const chunks = [];
+	let totalBytes = 0;
+	let truncated = false;
+	try {
+		while (true) {
+			const { done, value } = await reader.read();
+			if (done) break;
+			if (totalBytes + value.length > maxBytes) {
+				const remaining = maxBytes - totalBytes;
+				if (remaining > 0) chunks.push(decoder.decode(value.slice(0, remaining), { stream: true }));
+				truncated = true;
+				break;
+			}
+			chunks.push(decoder.decode(value, { stream: true }));
+			totalBytes += value.length;
+		}
+	} finally {
+		reader.releaseLock();
+	}
+	let result = chunks.join("");
+	if (truncated) result += "… (truncated)";
+	return result;
+}
+async function sendActivityInternal({ activity, activityId, activityType, keys, inbox, headers, specDeterminer, meterProvider, tracerProvider }, span) {
+	const logger = getLogger([
+		"fedify",
+		"federation",
+		"outbox"
+	]);
+	const federationMetrics = getFederationMetrics(meterProvider);
+	const started = performance.now();
+	let deliverySuccess = false;
+	headers = new Headers(headers);
+	headers.set("Content-Type", "application/activity+json");
+	const request = new Request(inbox, {
+		method: "POST",
+		headers,
+		body: JSON.stringify(activity)
+	});
+	let rsaKey = null;
+	for (const key of keys) if (key.privateKey.algorithm.name === "RSASSA-PKCS1-v1_5") {
+		rsaKey = key;
+		break;
+	}
+	if (rsaKey == null) logger.warn("No supported key found to sign the request to {inbox}.  The request will be sent without a signature.  In order to sign the request, at least one RSASSA-PKCS1-v1_5 key must be provided.", {
+		inbox: inbox.href,
+		keys: keys.map((pair) => ({
+			keyId: pair.keyId.href,
+			privateKey: pair.privateKey
+		}))
+	});
+	let response;
+	try {
+		response = rsaKey == null ? await fetch(request) : await doubleKnock(request, rsaKey, {
+			tracerProvider,
+			specDeterminer
+		});
+	} catch (error) {
+		logger.error("Failed to send activity {activityId} to {inbox}:\n{error}", {
+			activityId,
+			inbox: inbox.href,
+			error
+		});
+		federationMetrics.recordDelivery(inbox, getDurationMs(started), false, activityType);
+		throw error;
+	}
+	try {
+		if (!response.ok) {
+			let error;
+			try {
+				error = await readLimitedResponseBody(response, MAX_ERROR_RESPONSE_BODY_BYTES);
+			} catch (_) {
+				error = "";
+			}
+			logger.error("Failed to send activity {activityId} to {inbox} ({status} {statusText}):\n{error}", {
+				activityId,
+				inbox: inbox.href,
+				status: response.status,
+				statusText: response.statusText,
+				error
+			});
+			throw new SendActivityError(inbox, response.status, `Failed to send activity ${activityId} to ${inbox.href} (${response.status} ${response.statusText}):\n${error}`, error);
+		}
+		deliverySuccess = true;
+		const eventAttributes = {
+			"activitypub.inbox.url": inbox.href,
+			"activitypub.activity.id": activityId ?? ""
+		};
+		if (activityType != null) eventAttributes["activitypub.activity.type"] = activityType;
+		const actorId = getActivityActorId(activity);
+		if (actorId != null) eventAttributes["activitypub.actor.id"] = actorId;
+		span.addEvent("activitypub.activity.sent", eventAttributes);
+	} finally {
+		federationMetrics.recordDelivery(inbox, getDurationMs(started), deliverySuccess, activityType);
+	}
+}
+/**
+* An error that is thrown when an activity fails to send to a remote inbox.
+* It contains structured information about the failure, including the HTTP
+* status code, the inbox URL, and the response body.
+* @since 2.0.0
+*/
+var SendActivityError = class extends Error {
+	/**
+	* The inbox URL that the activity was being sent to.
+	*/
+	inbox;
+	/**
+	* The HTTP status code returned by the inbox.
+	*/
+	statusCode;
+	/**
+	* The response body from the inbox, if any.  Note that this may be
+	* truncated to a maximum of 1 KiB to prevent excessive memory consumption
+	* when remote servers return large error pages (e.g., Cloudflare error pages).
+	* If truncated, the string will end with `"… (truncated)"`.
+	*/
+	responseBody;
+	/**
+	* Creates a new {@link SendActivityError}.
+	* @param inbox The inbox URL.
+	* @param statusCode The HTTP status code.
+	* @param message The error message.
+	* @param responseBody The response body.
+	*/
+	constructor(inbox, statusCode, message, responseBody) {
+		super(message);
+		this.name = "SendActivityError";
+		this.inbox = inbox;
+		this.statusCode = statusCode;
+		this.responseBody = responseBody;
+	}
+};
+//#endregion
+export { getFederationMetrics as a, getDurationMs as i, extractInboxes as n, getRemoteHost as o, sendActivity as r, SendActivityError as t };

package/dist/sig/accept.test.mjs

@@ -1,7 +1,7 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { i as validateAcceptSignature, n as fulfillAcceptSignature, r as parseAcceptSignature, t as formatAcceptSignature } from "../accept-CPkZzmGN.mjs";
+import { i as validateAcceptSignature, n as fulfillAcceptSignature, r as parseAcceptSignature, t as formatAcceptSignature } from "../accept-CceiKpCy.mjs";
 import { test } from "@fedify/fixture";
 import { deepStrictEqual, strictEqual } from "node:assert/strict";
 //#region src/sig/accept.test.ts

package/dist/sig/http.test.mjs

@@ -1,15 +1,15 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { t as esm_default } from "../esm-DVILvP5e.mjs";
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import { i as assertExists, t as assertStringIncludes } from "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
 import { t as assert } from "../assert-DikXweDx.mjs";
-import { t as exportJwk } from "../key-C1Oto4it.mjs";
-import { a as parseRfc9421Signature, c as timingSafeEqual, i as formatRfc9421SignatureParameters, l as verifyRequest, n as doubleKnock, o as parseRfc9421SignatureInput, r as formatRfc9421Signature, s as signRequest, t as createRfc9421SignatureBase, u as verifyRequestDetailed } from "../http-CX_zHeOD.mjs";
-import { i as rsaPrivateKey2, l as rsaPublicKey5, o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-DGu1NFwu.mjs";
+import { t as esm_default } from "../esm-DhnRLoG9.mjs";
+import { t as exportJwk } from "../key-CV57mOYH.mjs";
+import { a as parseRfc9421Signature, c as timingSafeEqual, i as formatRfc9421SignatureParameters, l as verifyRequest, n as doubleKnock, o as parseRfc9421SignatureInput, r as formatRfc9421Signature, s as signRequest, t as createRfc9421SignatureBase, u as verifyRequestDetailed } from "../http-D9zG-L9N.mjs";
+import { i as rsaPrivateKey2, l as rsaPublicKey5, o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-C3kae-6B.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { FetchError, exportSpki } from "@fedify/vocab-runtime";
 import { encodeBase64 } from "byte-encodings/base64";

package/dist/sig/key.test.mjs

@@ -5,8 +5,8 @@ import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import "../std__assert-CRDpx_HF.mjs";
 import { t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
-import { a as importJwk, i as generateCryptoKeyPair, n as fetchKey, o as validateCryptoKey, r as fetchKeyDetailed, t as exportJwk } from "../key-C1Oto4it.mjs";
-import { c as rsaPublicKey3, i as rsaPrivateKey2, o as rsaPublicKey1, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
+import { a as importJwk, i as generateCryptoKeyPair, n as fetchKey, o as validateCryptoKey, r as fetchKeyDetailed, t as exportJwk } from "../key-CV57mOYH.mjs";
+import { c as rsaPublicKey3, i as rsaPrivateKey2, o as rsaPublicKey1, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-C3kae-6B.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { CryptographicKey, Multikey } from "@fedify/vocab";
 import { FetchError } from "@fedify/vocab-runtime";

package/dist/sig/ld.test.mjs

@@ -5,9 +5,9 @@ import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
 import { t as assert } from "../assert-DikXweDx.mjs";
-import { i as generateCryptoKeyPair } from "../key-C1Oto4it.mjs";
-import { a as rsaPrivateKey3, c as rsaPublicKey3, i as rsaPrivateKey2, n as ed25519PrivateKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
-import { a as signJsonLd, i as hasSignatureLike, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-Dl1HIB1a.mjs";
+import { i as generateCryptoKeyPair } from "../key-CV57mOYH.mjs";
+import { a as rsaPrivateKey3, c as rsaPublicKey3, i as rsaPrivateKey2, n as ed25519PrivateKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-C3kae-6B.mjs";
+import { a as signJsonLd, i as hasSignatureLike, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-sUf94RJ8.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { CryptographicKey } from "@fedify/vocab";
 import { encodeBase64 } from "byte-encodings/base64";

package/dist/sig/mod.cjs

@@ -1,8 +1,8 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const require_http = require("../http-Du1Jgf2P.cjs");
-const require_proof = require("../proof-CDA3f-i5.cjs");
+const require_http = require("../http-FnUTcdMf.cjs");
+const require_proof = require("../proof-BhJpq_J9.cjs");
 exports.attachSignature = require_proof.attachSignature;
 exports.createProof = require_proof.createProof;
 exports.createSignature = require_proof.createSignature;

package/dist/sig/mod.js

@@ -1,5 +1,5 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-1NL30qCe.js";
-import { a as verifyProof, c as getKeyOwner, d as detachSignature, f as hasSignatureLike, h as verifySignature, i as verifyObject, l as attachSignature, m as verifyJsonLd, n as hasProofLike, p as signJsonLd, r as signObject, s as doesActorOwnKey, t as createProof, u as createSignature } from "../proof-Dedf8md5.js";
+import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-BUr93aO6.js";
+import { a as verifyProof, c as getKeyOwner, d as detachSignature, f as hasSignatureLike, h as verifySignature, i as verifyObject, l as attachSignature, m as verifyJsonLd, n as hasProofLike, p as signJsonLd, r as signObject, s as doesActorOwnKey, t as createProof, u as createSignature } from "../proof-k4mEvvdS.js";
 export { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, hasProofLike, hasSignatureLike, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/sig/owner.test.mjs

@@ -5,8 +5,8 @@ import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assert } from "../assert-DikXweDx.mjs";
-import { o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-DGu1NFwu.mjs";
-import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-CEWFJlqo.mjs";
+import { o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-C3kae-6B.mjs";
+import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-DsPgl527.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { Create, CryptographicKey, lookupObject } from "@fedify/vocab";
 //#region src/sig/owner.test.ts

package/dist/sig/proof.test.mjs

@@ -6,9 +6,9 @@ import "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertInstanceOf } from "../assert_instance_of-C4Ri6VuN.mjs";
 import { t as assert } from "../assert-DikXweDx.mjs";
-import { i as rsaPrivateKey2, n as ed25519PrivateKey, r as ed25519PublicKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
-import { r as normalizeOutgoingActivityJsonLd } from "../outgoing-jsonld-CNmZLixq.mjs";
-import { a as verifyProof, i as verifyObject, n as hasProofLike, r as signObject, t as createProof } from "../proof-BFyPVl1r.mjs";
+import { i as rsaPrivateKey2, n as ed25519PrivateKey, r as ed25519PublicKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-C3kae-6B.mjs";
+import { r as normalizeOutgoingActivityJsonLd } from "../outgoing-jsonld-Bi7n-dEy.mjs";
+import { a as verifyProof, i as verifyObject, n as hasProofLike, r as signObject, t as createProof } from "../proof-iVfYyJpY.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { Create, DataIntegrityProof, Document, Multikey, Note, PUBLIC_COLLECTION, Place } from "@fedify/vocab";
 import { decodeMultibase, importMultibaseKey } from "@fedify/vocab-runtime";

package/dist/testing/mod.d.mts

@@ -3,7 +3,7 @@ import { URLPattern } from "urlpattern-polyfill";
 import { testDefinitions } from "@fedify/fixture";
 import { Activity, Actor, Collection, CryptographicKey, Hashtag, Link, LookupObjectOptions, Multikey, Object as Object$1, Recipient, Tombstone, TraverseCollectionOptions } from "@fedify/vocab";
 import { Link as Link$1, LookupWebFingerOptions, ResourceDescriptor } from "@fedify/webfinger";
-import { TracerProvider } from "@opentelemetry/api";
+import { MeterProvider, TracerProvider } from "@opentelemetry/api";
 import { DocumentLoader, GetUserAgentOptions } from "@fedify/vocab-runtime";
 
 //#region src/nodeinfo/types.d.ts
@@ -1137,6 +1137,18 @@ interface ActorCallbackSetters<TContextData> {
    * @since 1.4.0
    */
   mapAlias(mapper: ActorAliasMapper<TContextData>): ActorCallbackSetters<TContextData>;
+  /**
+   * Maps a fixed path to a sentinel identifier.  It is useful for exposing
+   * a single, instance-level actor at a fixed path, such as `/actor` for
+   * a relay or `/bot` for a bot.
+   * @param path The fixed path to map to the identifier.
+   * @param identifier The sentinel identifier to map the path to.
+   * @returns The setters object so that settings can be chained.
+   * @throws {RouterError} If the provided path or identifier is invalid or fails
+   *                       runtime validation.
+   * @since 2.3.0
+   */
+  mapActorAlias(path: `/${string}`, identifier: string): ActorCallbackSetters<TContextData>;
   /**
    * Specifies the conditions under which requests are authorized.
    * @param predicate A callback that returns whether a request is authorized.
@@ -1495,6 +1507,11 @@ interface Context<TContextData> {
    * @since 1.3.0
    */
   readonly tracerProvider: TracerProvider;
+  /**
+   * The OpenTelemetry meter provider.
+   * @since 2.3.0
+   */
+  readonly meterProvider?: MeterProvider;
   /**
    * The document loader for loading remote JSON-LD documents.
    */

package/dist/testing/mod.mjs

@@ -1,6 +1,6 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as createOutboxContext, r as createRequestContext, t as createInboxContext } from "../context-Dk_tacqz.mjs";
+import { n as createOutboxContext, r as createRequestContext, t as createInboxContext } from "../context-7Azky82W.mjs";
 import { testDefinitions } from "@fedify/fixture";
 export { createInboxContext, createOutboxContext, createRequestContext, testDefinitions };

package/dist/utils/docloader.test.mjs

@@ -1,13 +1,13 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { t as esm_default } from "../esm-DVILvP5e.mjs";
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import "../std__assert-CRDpx_HF.mjs";
 import { t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
-import { l as verifyRequest } from "../http-CX_zHeOD.mjs";
-import { i as rsaPrivateKey2 } from "../keys-DGu1NFwu.mjs";
-import { t as getAuthenticatedDocumentLoader } from "../docloader-q9QT51g3.mjs";
+import { t as esm_default } from "../esm-DhnRLoG9.mjs";
+import { l as verifyRequest } from "../http-D9zG-L9N.mjs";
+import { i as rsaPrivateKey2 } from "../keys-C3kae-6B.mjs";
+import { t as getAuthenticatedDocumentLoader } from "../docloader-3HwiWeYL.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { UrlError } from "@fedify/vocab-runtime";
 //#region src/utils/docloader.test.ts

package/dist/utils/kv-cache.test.mjs

@@ -1,7 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as kvCache, t as MockKvStore } from "../kv-cache-U__xU4qR.mjs";
+import { n as kvCache, t as MockKvStore } from "../kv-cache-Bmv7tUzz.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { deepStrictEqual, throws } from "node:assert";
 import { preloadedContexts } from "@fedify/vocab-runtime";

package/dist/utils/mod.cjs

@@ -1,6 +1,6 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const require_kv_cache = require("../kv-cache-aGOwL6Vj.cjs");
+const require_kv_cache = require("../kv-cache-BG9O8wVV.cjs");
 exports.getAuthenticatedDocumentLoader = require_kv_cache.getAuthenticatedDocumentLoader;
 exports.kvCache = require_kv_cache.kvCache;

package/dist/utils/mod.js

@@ -1,4 +1,4 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { n as getAuthenticatedDocumentLoader, t as kvCache } from "../kv-cache-CsC3P4uu.js";
+import { n as getAuthenticatedDocumentLoader, t as kvCache } from "../kv-cache-C3esyJFP.js";
 export { getAuthenticatedDocumentLoader, kvCache };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fedify/fedify",
-  "version": "2.3.0-dev.1013+4aa6a88c",
+  "version": "2.3.0-dev.1034+b85b5daa",
   "description": "An ActivityPub server framework",
   "keywords": [
     "ActivityPub",
@@ -153,11 +153,12 @@
     "uri-template-router": "^1.0.0",
     "url-template": "^3.1.1",
     "urlpattern-polyfill": "^10.1.0",
-    "@fedify/vocab": "2.3.0-dev.1013+4aa6a88c",
-    "@fedify/vocab-runtime": "2.3.0-dev.1013+4aa6a88c",
-    "@fedify/webfinger": "2.3.0-dev.1013+4aa6a88c"
+    "@fedify/vocab-runtime": "2.3.0-dev.1034+b85b5daa",
+    "@fedify/vocab": "2.3.0-dev.1034+b85b5daa",
+    "@fedify/webfinger": "2.3.0-dev.1034+b85b5daa"
   },
   "devDependencies": {
+    "@opentelemetry/sdk-metrics": "2.5.0",
     "@std/assert": "npm:@jsr/std__assert@^0.226.0",
     "@std/path": "npm:@jsr/std__path@^1.0.6",
     "@types/node": "^24.2.1",
@@ -167,8 +168,8 @@
     "tsx": "^4.19.4",
     "typescript": "^5.9.2",
     "wrangler": "^4.17.0",
-    "@fedify/vocab-tools": "^2.3.0-dev.1013+4aa6a88c",
-    "@fedify/fixture": "2.0.0"
+    "@fedify/fixture": "2.0.0",
+    "@fedify/vocab-tools": "^2.3.0-dev.1034+b85b5daa"
   },
   "scripts": {
     "build:self": "tsdown",