@fedify/fedify 2.3.0-dev.1114 → 2.3.0-dev.1131

package/dist/{http-CpzZ9zsb.js → http-cqujdCRz.js}

@@ -10,7 +10,7 @@ import { ATTR_HTTP_REQUEST_HEADER, ATTR_HTTP_REQUEST_METHOD, ATTR_URL_FULL } fro
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
 //#region deno.json
 var name = "@fedify/fedify";
-var version = "2.3.0-dev.1114+15a3316d";
+var version = "2.3.0-dev.1131+553b59b8";
 //#endregion
 //#region src/sig/accept.ts
 /**
@@ -168,6 +168,14 @@ var FederationMetrics = class {
 	queueTaskFailed;
 	queueTaskDuration;
 	queueTaskInFlight;
+	fanoutRecipients;
+	inboxActivity;
+	outboxActivity;
+	keyLookup;
+	keyLookupDuration;
+	documentFetch;
+	documentFetchDuration;
+	documentCache;
 	constructor(meterProvider) {
 		const meter = meterProvider.getMeter(name, version);
 		this.deliverySent = meter.createCounter("activitypub.delivery.sent", {
@@ -262,6 +270,70 @@ var FederationMetrics = class {
 			description: "Queue tasks currently being processed in this Fedify process.",
 			unit: "{task}"
 		});
+		this.fanoutRecipients = meter.createHistogram("activitypub.fanout.recipients", {
+			description: "Number of recipient inboxes produced by an ActivityPub fanout task.",
+			unit: "{recipient}"
+		});
+		this.inboxActivity = meter.createCounter("activitypub.inbox.activity", {
+			description: "ActivityPub activities observed at the inbox lifecycle level: queued, processed, retried, rejected, or abandoned.",
+			unit: "{activity}"
+		});
+		this.outboxActivity = meter.createCounter("activitypub.outbox.activity", {
+			description: "ActivityPub activities observed at the outbox lifecycle level: queued, retried, or abandoned.  Per-recipient delivery counters live on `activitypub.delivery.*`.",
+			unit: "{activity}"
+		});
+		this.keyLookup = meter.createCounter("activitypub.key.lookup", {
+			description: "Public-key lookup attempts performed by Fedify, including both cache hits and remote fetches.",
+			unit: "{lookup}"
+		});
+		this.keyLookupDuration = meter.createHistogram("activitypub.key.lookup.duration", {
+			description: "Duration of public-key lookups performed by Fedify, including any remote fetch.",
+			unit: "ms",
+			advice: { explicitBucketBoundaries: [
+				5,
+				10,
+				25,
+				50,
+				75,
+				100,
+				250,
+				500,
+				750,
+				1e3,
+				2500,
+				5e3,
+				7500,
+				1e4
+			] }
+		});
+		this.documentFetch = meter.createCounter("activitypub.document.fetch", {
+			description: "Remote JSON-LD document loader invocations made by Fedify-wrapped loaders.",
+			unit: "{fetch}"
+		});
+		this.documentFetchDuration = meter.createHistogram("activitypub.document.fetch.duration", {
+			description: "Duration of remote JSON-LD document loader invocations made by Fedify-wrapped loaders.",
+			unit: "ms",
+			advice: { explicitBucketBoundaries: [
+				5,
+				10,
+				25,
+				50,
+				75,
+				100,
+				250,
+				500,
+				750,
+				1e3,
+				2500,
+				5e3,
+				7500,
+				1e4
+			] }
+		});
+		this.documentCache = meter.createCounter("activitypub.document.cache", {
+			description: "KV-backed document loader cache lookups, with `hit` or `miss` classification.",
+			unit: "{lookup}"
+		});
 	}
 	recordDelivery(inbox, durationMs, success, activityType) {
 		const deliveryAttributes = {
@@ -334,7 +406,53 @@ var FederationMetrics = class {
 		else if (result === "failed") this.queueTaskFailed.add(1, attributes);
 		this.queueTaskDuration.record(durationMs, attributes);
 	}
+	recordFanoutRecipients(recipientCount, activityType) {
+		const attributes = {};
+		if (activityType != null) attributes["activitypub.activity.type"] = activityType;
+		this.fanoutRecipients.record(recipientCount, attributes);
+	}
+	recordInboxActivity(result, activityType) {
+		this.inboxActivity.add(1, buildActivityLifecycleAttributes(result, activityType));
+	}
+	recordOutboxActivity(result, activityType) {
+		this.outboxActivity.add(1, buildActivityLifecycleAttributes(result, activityType));
+	}
+	recordKeyLookup(attrs) {
+		const attributes = {
+			"activitypub.lookup.kind": "public_key",
+			"activitypub.lookup.result": attrs.result,
+			"activitypub.cache.enabled": attrs.cacheEnabled
+		};
+		if (attrs.remoteUrl != null) attributes["activitypub.remote.host"] = getRemoteHost(attrs.remoteUrl);
+		if (attrs.statusCode != null) attributes["http.response.status_code"] = attrs.statusCode;
+		this.keyLookup.add(1, attributes);
+		this.keyLookupDuration.record(attrs.durationMs, attributes);
+	}
+	recordDocumentFetch(attrs) {
+		const attributes = {
+			"activitypub.lookup.kind": attrs.kind,
+			"activitypub.lookup.result": attrs.result
+		};
+		if (attrs.remoteUrl != null) attributes["activitypub.remote.host"] = getRemoteHost(attrs.remoteUrl);
+		if (attrs.cacheEnabled != null) attributes["activitypub.cache.enabled"] = attrs.cacheEnabled;
+		if (attrs.statusCode != null) attributes["http.response.status_code"] = attrs.statusCode;
+		this.documentFetch.add(1, attributes);
+		this.documentFetchDuration.record(attrs.durationMs, attributes);
+	}
+	recordDocumentCache(attrs) {
+		const attributes = {
+			"activitypub.lookup.kind": attrs.kind,
+			"activitypub.lookup.result": attrs.result
+		};
+		if (attrs.remoteUrl != null) attributes["activitypub.remote.host"] = getRemoteHost(attrs.remoteUrl);
+		this.documentCache.add(1, attributes);
+	}
 };
+function buildActivityLifecycleAttributes(result, activityType) {
+	const attributes = { "activitypub.processing.result": result };
+	if (activityType != null) attributes["activitypub.activity.type"] = activityType;
+	return attributes;
+}
 function buildQueueTaskAttributes(common) {
 	const attributes = { "fedify.queue.role": common.role };
 	const backend = getQueueBackend(common.queue);
@@ -364,20 +482,176 @@ function getQueueBackend(queue) {
 	return name;
 }
 /**
-* Records `fedify.queue.task.enqueued` for an outgoing outbox enqueue.
+* Records `fedify.queue.task.enqueued` for an outgoing outbox enqueue and,
+* for the initial attempt, also records
+* `activitypub.outbox.activity{queued}`.
 *
 * Both `Context.sendActivity()` and `OutboxContext.forwardActivity()` enqueue
 * outbox messages with the same metric attributes (role, queue, activity
 * type, attempt), so they share this helper rather than each defining a local
-* closure.
+* closure.  Retry enqueues (attempt > 0) intentionally do not record a
+* second `activitypub.outbox.activity{queued}`; retries are reported as
+* `result=retried` from the retry-scheduling site, which has the failure
+* context.
 * @since 2.3.0
 */
 function recordOutboxEnqueue(meterProvider, outboxQueue, message) {
-	getFederationMetrics(meterProvider).recordQueueTaskEnqueued({
+	const metrics = getFederationMetrics(meterProvider);
+	metrics.recordQueueTaskEnqueued({
 		role: "outbox",
 		queue: outboxQueue,
 		activityType: message.activityType
 	}, message.attempt);
+	if (message.attempt === 0) metrics.recordOutboxActivity("queued", message.activityType);
+}
+/**
+* Records `activitypub.fanout.recipients` with the number of recipient
+* inboxes a single fanout produced.  The histogram is unitless count
+* (one measurement per fanout enqueue).  Recipient URLs are deliberately
+* not recorded; only the activity type, when known.
+* @since 2.3.0
+*/
+function recordFanoutRecipients(meterProvider, recipientCount, activityType) {
+	getFederationMetrics(meterProvider).recordFanoutRecipients(recipientCount, activityType);
+}
+/**
+* Records one `activitypub.inbox.activity` measurement.  The
+* `activitypub.processing.result` attribute is always present;
+* `activitypub.activity.type` is recorded only when Fedify already knows
+* the activity type.
+* @since 2.3.0
+*/
+function recordInboxActivity(meterProvider, result, activityType) {
+	getFederationMetrics(meterProvider).recordInboxActivity(result, activityType);
+}
+/**
+* Records one `activitypub.outbox.activity` measurement.  The
+* `activitypub.processing.result` attribute is always present;
+* `activitypub.activity.type` is recorded only when Fedify already knows
+* the activity type (it is always known for outbox lifecycle events).
+* @since 2.3.0
+*/
+function recordOutboxActivity(meterProvider, result, activityType) {
+	getFederationMetrics(meterProvider).recordOutboxActivity(result, activityType);
+}
+/**
+* Records one measurement on `activitypub.key.lookup` (counter) and
+* `activitypub.key.lookup.duration` (histogram) for a public-key lookup.
+*
+* `activitypub.lookup.kind` is always recorded as `public_key`; the result
+* classification, remote host, HTTP status code (when an HTTP response was
+* received), and `activitypub.cache.enabled` are recorded as attributes on
+* both measurements.  Full key URLs and key IDs are deliberately omitted to
+* keep cardinality bounded.
+* @since 2.3.0
+*/
+function recordKeyLookup(meterProvider, attrs) {
+	getFederationMetrics(meterProvider).recordKeyLookup(attrs);
+}
+/**
+* Records one measurement each on `activitypub.document.fetch` (counter)
+* and `activitypub.document.fetch.duration` (histogram) for one remote
+* JSON-LD document loader invocation, with bounded
+* `activitypub.lookup.kind` and `activitypub.lookup.result` attributes
+* plus the optional remote-host, cache-enabled, and HTTP status-code
+* attributes.  Counter and histogram are always recorded together so
+* aggregate rate and latency views stay in sync.
+* @since 2.3.0
+*/
+function recordDocumentFetch(meterProvider, attrs) {
+	getFederationMetrics(meterProvider).recordDocumentFetch(attrs);
+}
+/**
+* Records one `activitypub.document.cache` measurement, classifying the
+* lookup as `hit` (the cache returned an entry) or `miss` (the cache was
+* consulted and returned nothing, prompting a delegate fetch).
+* @since 2.3.0
+*/
+function recordDocumentCache(meterProvider, attrs) {
+	getFederationMetrics(meterProvider).recordDocumentCache(attrs);
+}
+/**
+* Classifies a thrown value from a key or document fetch into the bounded
+* {@link LookupResult} taxonomy and, when an HTTP response was received,
+* surfaces its status code.
+*
+*  -  `FetchError` with a `Response` whose status is `404` or `410`:
+*     `result=not_found` and the response status code.
+*  -  `FetchError` with any other `Response`: `result=error` and the
+*     response status code.
+*  -  `FetchError` without a `Response`: `result=network_error`.
+*  -  An `AbortError` (typically from a cancelled fetch): `result=network_error`.
+*  -  A bare `TypeError` (the shape native `fetch()` raises on DNS, connect,
+*     and TLS failures before any response is observed):
+*     `result=network_error`.
+*  -  Any other value: `result=error`.
+* @since 2.3.0
+*/
+function classifyFetchError(error) {
+	if (error instanceof FetchError) {
+		if (error.response != null) {
+			const status = error.response.status;
+			return {
+				result: status === 404 || status === 410 ? "not_found" : "error",
+				statusCode: status
+			};
+		}
+		return { result: "network_error" };
+	}
+	if (isAbortError$1(error)) return { result: "network_error" };
+	if (error instanceof TypeError) return { result: "network_error" };
+	return { result: "error" };
+}
+/**
+* Wraps a {@link DocumentLoader} so each invocation records one
+* measurement on `activitypub.document.fetch` (counter) and one on
+* `activitypub.document.fetch.duration` (histogram), classifying the
+* outcome via {@link classifyFetchError} when the wrapped loader throws
+* and as `fetched` on success.  The wrapper rethrows whatever the
+* wrapped loader throws so caller behavior is unchanged.
+*
+* The wrapper records the hostname of the requested URL on
+* `activitypub.remote.host` when the URL parses; full URLs, paths, and
+* query strings are deliberately excluded to keep cardinality bounded.
+* HTTP status codes are recorded only when the failure carries a
+* `Response` (currently, when the wrapped loader throws a
+* {@link FetchError} with a non-`null` `response`).
+* @since 2.3.0
+*/
+function instrumentDocumentLoader(loader, options) {
+	const meterProvider = options.meterProvider;
+	if (meterProvider == null) return loader;
+	return async (url, opts) => {
+		const start = performance.now();
+		let remoteUrl;
+		try {
+			remoteUrl = new URL(url);
+		} catch {
+			remoteUrl = void 0;
+		}
+		try {
+			const result = await loader(url, opts);
+			recordDocumentFetch(meterProvider, {
+				durationMs: getDurationMs(start),
+				kind: options.kind,
+				result: "fetched",
+				remoteUrl,
+				cacheEnabled: options.cacheEnabled
+			});
+			return result;
+		} catch (error) {
+			const classified = classifyFetchError(error);
+			recordDocumentFetch(meterProvider, {
+				durationMs: getDurationMs(start),
+				kind: options.kind,
+				result: classified.result,
+				remoteUrl,
+				cacheEnabled: options.cacheEnabled,
+				statusCode: classified.statusCode
+			});
+			throw error;
+		}
+	};
 }
 /**
 * Times an awaited public key fetch and records exactly one
@@ -759,24 +1033,48 @@ async function resolveFetchedKey(document, cacheKey, keyId, cls, { documentLoade
 	};
 }
 async function fetchKeyWithResult(cacheKey, cls, options, onCachedUnavailable, onFetchError) {
-	const logger = getLogger([
-		"fedify",
-		"sig",
-		"key"
-	]);
-	const keyId = cacheKey.href;
-	const keyCache = options.keyCache;
-	const cached = await getCachedFetchKey(cacheKey, keyId, cls, keyCache, logger);
-	if (cached?.key === null && cached.cached) return await onCachedUnavailable(cacheKey, keyId, keyCache, logger);
-	if (cached != null) return cached;
-	logger.debug("Fetching key {keyId} to verify signature...", { keyId });
-	let document;
+	const start = performance.now();
+	let outcome = { result: "error" };
 	try {
-		document = (await (options.documentLoader ?? getDocumentLoader())(keyId)).document;
-	} catch (error) {
-		return await onFetchError(error, cacheKey, keyId, keyCache, logger);
+		const logger = getLogger([
+			"fedify",
+			"sig",
+			"key"
+		]);
+		const keyId = cacheKey.href;
+		const keyCache = options.keyCache;
+		const cached = await getCachedFetchKey(cacheKey, keyId, cls, keyCache, logger);
+		if (cached?.key === null && cached.cached) {
+			const cachedUnavailable = await onCachedUnavailable(cacheKey, keyId, keyCache, logger);
+			outcome = { result: "hit" };
+			return cachedUnavailable;
+		}
+		if (cached != null) {
+			outcome = { result: "hit" };
+			return cached;
+		}
+		logger.debug("Fetching key {keyId} to verify signature...", { keyId });
+		let document;
+		try {
+			document = (await (options.documentLoader ?? getDocumentLoader())(keyId)).document;
+		} catch (error) {
+			const classified = classifyFetchError(error);
+			const errored = await onFetchError(error, cacheKey, keyId, keyCache, logger);
+			outcome = classified;
+			return errored;
+		}
+		const resolved = await resolveFetchedKey(document, cacheKey, keyId, cls, options, logger);
+		outcome = { result: resolved.key != null ? "fetched" : "invalid" };
+		return resolved;
+	} finally {
+		recordKeyLookup(options.meterProvider, {
+			durationMs: getDurationMs(start),
+			result: outcome.result,
+			remoteUrl: cacheKey,
+			cacheEnabled: options.keyCache != null,
+			statusCode: outcome.statusCode
+		});
 	}
-	return await resolveFetchedKey(document, cacheKey, keyId, cls, options, logger);
 }
 async function fetchKeyInternal(keyId, cls, options = {}) {
 	return await fetchKeyWithResult(typeof keyId === "string" ? new URL(keyId) : keyId, cls, options, (_cacheKey, _keyId, _keyCache, _logger) => {
@@ -1358,7 +1656,8 @@ async function verifyRequestDraft(request, span, metricsContext, { documentLoade
 		documentLoader,
 		contextLoader,
 		keyCache,
-		tracerProvider
+		tracerProvider,
+		meterProvider
 	}));
 	if (fetchError != null) return keyFetchErrorResult(keyIdUrl, fetchError);
 	if (key == null) return invalidSignatureResult(keyIdUrl);
@@ -1573,7 +1872,8 @@ async function verifyRequestRfc9421(request, span, metricsContext, { documentLoa
 			documentLoader,
 			contextLoader,
 			keyCache,
-			tracerProvider
+			tracerProvider,
+			meterProvider
 		}));
 		if (fetchError != null) {
 			setFailure(keyFetchErrorResult(keyId, fetchError));
@@ -1876,4 +2176,4 @@ function timingSafeEqual(a, b) {
 	return result === 0;
 }
 //#endregion
-export { version as C, name as S, recordOutboxEnqueue as _, verifyRequestDetailed as a, parseAcceptSignature as b, fetchKeyDetailed as c, validateCryptoKey as d, getDurationMs as f, measureSignatureKeyFetch as g, isAbortError$1 as h, verifyRequest as i, generateCryptoKeyPair as l, getRemoteHost as m, parseRfc9421SignatureInput as n, exportJwk as o, getFederationMetrics as p, signRequest as r, fetchKey as s, doubleKnock as t, importJwk as u, formatAcceptSignature as v, validateAcceptSignature as x, fulfillAcceptSignature as y };
+export { formatAcceptSignature as C, name as D, validateAcceptSignature as E, version as O, recordOutboxEnqueue as S, parseAcceptSignature as T, measureSignatureKeyFetch as _, verifyRequestDetailed as a, recordInboxActivity as b, fetchKeyDetailed as c, validateCryptoKey as d, getDurationMs as f, isAbortError$1 as g, instrumentDocumentLoader as h, verifyRequest as i, generateCryptoKeyPair as l, getRemoteHost as m, parseRfc9421SignatureInput as n, exportJwk as o, getFederationMetrics as p, signRequest as r, fetchKey as s, doubleKnock as t, importJwk as u, recordDocumentCache as v, fulfillAcceptSignature as w, recordOutboxActivity as x, recordFanoutRecipients as y };

package/dist/{http-D6aw3j2U.d.cts → http-lf8Hsd91.d.ts}

@@ -1,7 +1,7 @@
 /// <reference lib="esnext.temporal" />
 import { CryptographicKey, Multikey } from "@fedify/vocab";
-import { DocumentLoader } from "@fedify/vocab-runtime";
 import { MeterProvider, TracerProvider } from "@opentelemetry/api";
+import { DocumentLoader } from "@fedify/vocab-runtime";
 
 //#region src/sig/key.d.ts
 /**
@@ -52,6 +52,13 @@ interface FetchKeyOptions {
   * @since 1.3.0
   */
   tracerProvider?: TracerProvider;
+  /**
+  * The OpenTelemetry meter provider to use for recording
+  * `activitypub.key.lookup` and `activitypub.key.lookup.duration`.  If
+  * omitted, the global meter provider is used.
+  * @since 2.3.0
+  */
+  meterProvider?: MeterProvider;
 }
 /**
 * The result of {@link fetchKey}.

package/dist/{key-B4I8H5Lc.mjs → key-Df3tMleh.mjs}

@@ -1,7 +1,8 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-CF3jMgip.mjs";
+import { n as version, t as name } from "./deno--CS-SBS9.mjs";
+import { f as recordKeyLookup, n as getDurationMs, t as classifyFetchError } from "./metrics-BTOMkW8C.mjs";
 import { getLogger } from "@logtape/logtape";
 import { CryptographicKey, Object as Object$1, isActor } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
@@ -306,24 +307,48 @@ async function resolveFetchedKey(document, cacheKey, keyId, cls, { documentLoade
 	};
 }
 async function fetchKeyWithResult(cacheKey, cls, options, onCachedUnavailable, onFetchError) {
-	const logger = getLogger([
-		"fedify",
-		"sig",
-		"key"
-	]);
-	const keyId = cacheKey.href;
-	const keyCache = options.keyCache;
-	const cached = await getCachedFetchKey(cacheKey, keyId, cls, keyCache, logger);
-	if (cached?.key === null && cached.cached) return await onCachedUnavailable(cacheKey, keyId, keyCache, logger);
-	if (cached != null) return cached;
-	logger.debug("Fetching key {keyId} to verify signature...", { keyId });
-	let document;
+	const start = performance.now();
+	let outcome = { result: "error" };
 	try {
-		document = (await (options.documentLoader ?? getDocumentLoader())(keyId)).document;
-	} catch (error) {
-		return await onFetchError(error, cacheKey, keyId, keyCache, logger);
+		const logger = getLogger([
+			"fedify",
+			"sig",
+			"key"
+		]);
+		const keyId = cacheKey.href;
+		const keyCache = options.keyCache;
+		const cached = await getCachedFetchKey(cacheKey, keyId, cls, keyCache, logger);
+		if (cached?.key === null && cached.cached) {
+			const cachedUnavailable = await onCachedUnavailable(cacheKey, keyId, keyCache, logger);
+			outcome = { result: "hit" };
+			return cachedUnavailable;
+		}
+		if (cached != null) {
+			outcome = { result: "hit" };
+			return cached;
+		}
+		logger.debug("Fetching key {keyId} to verify signature...", { keyId });
+		let document;
+		try {
+			document = (await (options.documentLoader ?? getDocumentLoader())(keyId)).document;
+		} catch (error) {
+			const classified = classifyFetchError(error);
+			const errored = await onFetchError(error, cacheKey, keyId, keyCache, logger);
+			outcome = classified;
+			return errored;
+		}
+		const resolved = await resolveFetchedKey(document, cacheKey, keyId, cls, options, logger);
+		outcome = { result: resolved.key != null ? "fetched" : "invalid" };
+		return resolved;
+	} finally {
+		recordKeyLookup(options.meterProvider, {
+			durationMs: getDurationMs(start),
+			result: outcome.result,
+			remoteUrl: cacheKey,
+			cacheEnabled: options.keyCache != null,
+			statusCode: outcome.statusCode
+		});
 	}
-	return await resolveFetchedKey(document, cacheKey, keyId, cls, options, logger);
 }
 async function fetchKeyInternal(keyId, cls, options = {}) {
 	return await fetchKeyWithResult(typeof keyId === "string" ? new URL(keyId) : keyId, cls, options, (_cacheKey, _keyId, _keyCache, _logger) => {

package/dist/{kv-cache-DY-XWOqM.cjs → kv-cache-L0SMQkcd.cjs}

@@ -1,7 +1,7 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 require("./chunk-DDcVe30Y.cjs");
-const require_http = require("./http-CKCgOPkX.cjs");
+const require_http = require("./http-CJfvRL7D.cjs");
 let _logtape_logtape = require("@logtape/logtape");
 let es_toolkit = require("es-toolkit");
 let _fedify_vocab_runtime = require("@fedify/vocab-runtime");
@@ -56,10 +56,25 @@ const logger = (0, _logtape_logtape.getLogger)([
 * @param parameters The parameters for the cache.
 * @returns The decorated document loader which is cache-enabled.
 */
-function kvCache({ loader, kv, prefix, rules }) {
+function kvCache({ loader, kv, prefix, rules, meterProvider, kind }) {
 	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
 	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
 	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	const lookupKind = kind ?? "object";
+	function emitCacheMetric(url, result) {
+		if (meterProvider == null) return;
+		let remoteUrl;
+		try {
+			remoteUrl = new URL(url);
+		} catch {
+			remoteUrl = void 0;
+		}
+		require_http.recordDocumentCache(meterProvider, {
+			kind: lookupKind,
+			result,
+			remoteUrl
+		});
+	}
 	return async (url, options) => {
 		if (url in _fedify_vocab_runtime.preloadedContexts) {
 			logger.debug("Using preloaded context: {url}.", { url });
@@ -82,6 +97,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			});
 		}
 		if (cache == null) {
+			emitCacheMetric(url, "miss");
 			const remoteDoc = await loader(url, options);
 			try {
 				await kv.set(key, remoteDoc, { ttl: match });
@@ -93,6 +109,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			}
 			return remoteDoc;
 		}
+		emitCacheMetric(url, "hit");
 		return cache;
 	};
 }

package/dist/{kv-cache-Wc5ezcVW.js → kv-cache-pEejzYq4.js}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { d as validateCryptoKey, t as doubleKnock } from "./http-CpzZ9zsb.js";
+import { d as validateCryptoKey, t as doubleKnock, v as recordDocumentCache } from "./http-cqujdCRz.js";
 import { getLogger } from "@logtape/logtape";
 import { curry } from "es-toolkit";
 import { UrlError, createActivityPubRequest, getRemoteDocument, logRequest, preloadedContexts, validatePublicUrl } from "@fedify/vocab-runtime";
@@ -55,10 +55,25 @@ const logger = getLogger([
 * @param parameters The parameters for the cache.
 * @returns The decorated document loader which is cache-enabled.
 */
-function kvCache({ loader, kv, prefix, rules }) {
+function kvCache({ loader, kv, prefix, rules, meterProvider, kind }) {
 	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
 	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
 	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	const lookupKind = kind ?? "object";
+	function emitCacheMetric(url, result) {
+		if (meterProvider == null) return;
+		let remoteUrl;
+		try {
+			remoteUrl = new URL(url);
+		} catch {
+			remoteUrl = void 0;
+		}
+		recordDocumentCache(meterProvider, {
+			kind: lookupKind,
+			result,
+			remoteUrl
+		});
+	}
 	return async (url, options) => {
 		if (url in preloadedContexts) {
 			logger.debug("Using preloaded context: {url}.", { url });
@@ -81,6 +96,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			});
 		}
 		if (cache == null) {
+			emitCacheMetric(url, "miss");
 			const remoteDoc = await loader(url, options);
 			try {
 				await kv.set(key, remoteDoc, { ttl: match });
@@ -92,6 +108,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			}
 			return remoteDoc;
 		}
+		emitCacheMetric(url, "hit");
 		return cache;
 	};
 }

package/dist/{kv-cache-DihufyAQ.mjs → kv-cache-q9Ec2ryS.mjs}

@@ -1,6 +1,7 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
+import { c as recordDocumentCache } from "./metrics-BTOMkW8C.mjs";
 import { getLogger } from "@logtape/logtape";
 import { preloadedContexts } from "@fedify/vocab-runtime";
 //#region src/utils/kv-cache.ts
@@ -44,10 +45,25 @@ var MockKvStore = class {
 * @param parameters The parameters for the cache.
 * @returns The decorated document loader which is cache-enabled.
 */
-function kvCache({ loader, kv, prefix, rules }) {
+function kvCache({ loader, kv, prefix, rules, meterProvider, kind }) {
 	const keyPrefix = prefix ?? ["_fedify", "remoteDocument"];
 	rules ??= [[new URLPattern({}), Temporal.Duration.from({ minutes: 5 })]];
 	for (const [p, duration] of rules) if (Temporal.Duration.compare(duration, { days: 30 }) > 0) throw new TypeError("The maximum cache duration is 30 days: " + (p instanceof URLPattern ? `${p.protocol}://${p.username}:${p.password}@${p.hostname}:${p.port}/${p.pathname}?${p.search}#${p.hash}` : p.toString()));
+	const lookupKind = kind ?? "object";
+	function emitCacheMetric(url, result) {
+		if (meterProvider == null) return;
+		let remoteUrl;
+		try {
+			remoteUrl = new URL(url);
+		} catch {
+			remoteUrl = void 0;
+		}
+		recordDocumentCache(meterProvider, {
+			kind: lookupKind,
+			result,
+			remoteUrl
+		});
+	}
 	return async (url, options) => {
 		if (url in preloadedContexts) {
 			logger.debug("Using preloaded context: {url}.", { url });
@@ -70,6 +86,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			});
 		}
 		if (cache == null) {
+			emitCacheMetric(url, "miss");
 			const remoteDoc = await loader(url, options);
 			try {
 				await kv.set(key, remoteDoc, { ttl: match });
@@ -81,6 +98,7 @@ function kvCache({ loader, kv, prefix, rules }) {
 			}
 			return remoteDoc;
 		}
+		emitCacheMetric(url, "hit");
 		return cache;
 	};
 }

package/dist/{ld-B5D5THhl.mjs → ld-BGwiJpl3.mjs}

@@ -1,9 +1,9 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-CF3jMgip.mjs";
-import { a as measureSignatureKeyFetch, n as getFederationMetrics, t as getDurationMs } from "./metrics-ek3ilf6c.mjs";
-import { n as fetchKey, o as validateCryptoKey } from "./key-B4I8H5Lc.mjs";
+import { n as version, t as name } from "./deno--CS-SBS9.mjs";
+import { n as getDurationMs, r as getFederationMetrics, s as measureSignatureKeyFetch } from "./metrics-BTOMkW8C.mjs";
+import { n as fetchKey, o as validateCryptoKey } from "./key-Df3tMleh.mjs";
 import { getLogger } from "@logtape/logtape";
 import { Activity, CryptographicKey, Object as Object$1, getTypeId } from "@fedify/vocab";
 import { SpanStatusCode, trace } from "@opentelemetry/api";