@fedify/vocab-runtime 2.4.0-dev.1564 → 2.4.0-dev.1570

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/deno.json +1 -2
  2. package/dist/mod.cjs +190 -107
  3. package/dist/mod.d.cts +200 -18
  4. package/dist/mod.d.ts +200 -18
  5. package/dist/mod.js +184 -97
  6. package/dist/tests/decimal.test.cjs +2 -2
  7. package/dist/tests/decimal.test.mjs +2 -2
  8. package/dist/tests/{docloader-CYQvKbtL.mjs → docloader-C76ldE5C.mjs} +10 -97
  9. package/dist/tests/{docloader-UAdXnDwt.cjs → docloader-mvgIWKI7.cjs} +9 -102
  10. package/dist/tests/docloader.test.cjs +6 -58
  11. package/dist/tests/docloader.test.mjs +6 -58
  12. package/dist/tests/{request-DgAlI7RF.mjs → request-BEXkv1ul.mjs} +1 -1
  13. package/dist/tests/{request-DnzhAfki.cjs → request-SworbvLc.cjs} +1 -1
  14. package/dist/tests/request.test.cjs +1 -1
  15. package/dist/tests/request.test.mjs +1 -1
  16. package/dist/tests/{url-2XwVbUS_.cjs → url-C20FhC7p.cjs} +0 -108
  17. package/dist/tests/{url-YWJbnRlf.mjs → url-m9Qzxy-Y.mjs} +1 -85
  18. package/dist/tests/url.test.cjs +1 -104
  19. package/dist/tests/url.test.mjs +2 -105
  20. package/package.json +1 -11
  21. package/src/contexts.ts +0 -2
  22. package/src/docloader.test.ts +6 -102
  23. package/src/docloader.ts +8 -76
  24. package/src/mod.ts +0 -4
  25. package/src/url.test.ts +1 -252
  26. package/src/url.ts +0 -141
  27. package/tsdown.config.ts +1 -6
  28. package/dist/docloader-DnUMWHaJ.d.cts +0 -202
  29. package/dist/docloader-xRGn1azD.d.ts +0 -202
  30. package/dist/internal/jsonld-cache.cjs +0 -279
  31. package/dist/internal/jsonld-cache.d.cts +0 -48
  32. package/dist/internal/jsonld-cache.d.ts +0 -48
  33. package/dist/internal/jsonld-cache.js +0 -275
  34. package/dist/tests/jsonld-cache.test.cjs +0 -652
  35. package/dist/tests/jsonld-cache.test.d.cts +0 -1
  36. package/dist/tests/jsonld-cache.test.d.mts +0 -1
  37. package/dist/tests/jsonld-cache.test.mjs +0 -651
  38. package/dist/url-BAdyyqAa.cjs +0 -315
  39. package/dist/url-BuxPHxK2.js +0 -261
  40. package/src/contexts/fep-7aa9.json +0 -24
  41. package/src/internal/jsonld-cache.ts +0 -538
  42. package/src/jsonld-cache.test.ts +0 -554
package/deno.json CHANGED
@@ -1,10 +1,9 @@
1
1
  {
2
2
  "name": "@fedify/vocab-runtime",
3
- "version": "2.4.0-dev.1564+5a2c6c2c",
3
+ "version": "2.4.0-dev.1570+f1b6aaa3",
4
4
  "license": "MIT",
5
5
  "exports": {
6
6
  ".": "./src/mod.ts",
7
- "./internal/jsonld-cache": "./src/internal/jsonld-cache.ts",
8
7
  "./jsonld": "./src/jsonld.ts",
9
8
  "./temporal": "./src/temporal.ts"
10
9
  },
package/dist/mod.cjs CHANGED
@@ -1,11 +1,12 @@
1
1
 
2
2
  Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
3
3
  const require_chunk = require("./chunk-M78iaK0I.cjs");
4
- const require_url = require("./url-BAdyyqAa.cjs");
5
4
  let _logtape_logtape = require("@logtape/logtape");
6
5
  let _opentelemetry_api = require("@opentelemetry/api");
7
6
  let node_process = require("node:process");
8
7
  node_process = require_chunk.__toESM(node_process, 1);
8
+ let node_dns_promises = require("node:dns/promises");
9
+ let node_net = require("node:net");
9
10
  let asn1js = require("asn1js");
10
11
  let byte_encodings_base64 = require("byte-encodings/base64");
11
12
  let byte_encodings_base64url = require("byte-encodings/base64url");
@@ -4287,28 +4288,6 @@ const preloadedContexts = {
4287
4288
  "@type": "@id"
4288
4289
  }
4289
4290
  } },
4290
- "https://w3id.org/fep/7aa9": { "@context": {
4291
- "FeaturedCollection": "https://w3id.org/fep/7aa9#FeaturedCollection",
4292
- "FeaturedItem": "https://w3id.org/fep/7aa9#FeaturedItem",
4293
- "FeatureRequest": "https://w3id.org/fep/7aa9#FeatureRequest",
4294
- "FeatureAuthorization": "https://w3id.org/fep/7aa9#FeatureAuthorization",
4295
- "topic": {
4296
- "@id": "https://w3id.org/fep/7aa9#topic",
4297
- "@type": "@id"
4298
- },
4299
- "featuredObject": {
4300
- "@id": "https://w3id.org/fep/7aa9#featuredObject",
4301
- "@type": "@id"
4302
- },
4303
- "canFeature": {
4304
- "@id": "https://w3id.org/fep/7aa9#canFeature",
4305
- "@type": "@id"
4306
- },
4307
- "featureAuthorization": {
4308
- "@id": "https://w3id.org/fep/7aa9#featureAuthorization",
4309
- "@type": "@id"
4310
- }
4311
- } },
4312
4291
  "https://join-lemmy.org/context.json": { "@context": ["https://w3id.org/security/v1", {
4313
4292
  "as": "https://www.w3.org/ns/activitystreams#",
4314
4293
  "lemmy": "https://join-lemmy.org/ns#",
@@ -4367,7 +4346,7 @@ const preloadedContexts = {
4367
4346
  //#endregion
4368
4347
  //#region deno.json
4369
4348
  var name = "@fedify/vocab-runtime";
4370
- var version = "2.4.0-dev.1564+5a2c6c2c";
4349
+ var version = "2.4.0-dev.1570+f1b6aaa3";
4371
4350
  //#endregion
4372
4351
  //#region src/link.ts
4373
4352
  const parametersNeedLowerCase = ["rel", "type"];
@@ -4620,6 +4599,179 @@ function logRequest(logger, request) {
4620
4599
  });
4621
4600
  }
4622
4601
  //#endregion
4602
+ //#region src/url.ts
4603
+ var UrlError = class extends Error {
4604
+ constructor(message) {
4605
+ super(message);
4606
+ this.name = "UrlError";
4607
+ }
4608
+ };
4609
+ /**
4610
+ * Validates a URL to prevent SSRF attacks.
4611
+ */
4612
+ async function validatePublicUrl(url) {
4613
+ const parsed = new URL(url);
4614
+ if (parsed.protocol !== "http:" && parsed.protocol !== "https:") throw new UrlError(`Unsupported protocol: ${parsed.protocol}`);
4615
+ let hostname = parsed.hostname;
4616
+ if (hostname.startsWith("[") && hostname.endsWith("]")) hostname = hostname.slice(1, -1);
4617
+ if (hostname === "localhost") throw new UrlError("Localhost is not allowed");
4618
+ const hostnameFamily = (0, node_net.isIP)(hostname);
4619
+ if (hostnameFamily !== 0) {
4620
+ validatePublicIpAddress(hostname, hostnameFamily);
4621
+ return;
4622
+ }
4623
+ if ("Deno" in globalThis && !(0, node_net.isIP)(hostname)) {
4624
+ if ((await Deno.permissions.query({ name: "net" })).state !== "granted") return;
4625
+ }
4626
+ if ("Bun" in globalThis) {
4627
+ if (hostname === "example.com" || hostname.endsWith(".example.com")) return;
4628
+ else if (hostname === "fedify-test.internal") throw new UrlError("Invalid or private address: fedify-test.internal");
4629
+ }
4630
+ let addresses;
4631
+ try {
4632
+ addresses = await (0, node_dns_promises.lookup)(hostname, { all: true });
4633
+ } catch {
4634
+ addresses = [];
4635
+ }
4636
+ for (const { address, family } of addresses) validatePublicIpAddress(address, family);
4637
+ }
4638
+ function validatePublicIpAddress(address, family) {
4639
+ if (family === 4 && isValidPublicIPv4Address(address) || family === 6 && isValidPublicIPv6Address(address)) return;
4640
+ throw new UrlError(`Invalid or private address: ${address}`);
4641
+ }
4642
+ function isValidPublicIPv4Address(address) {
4643
+ const parts = parseIPv4Address(address);
4644
+ if (parts == null) return false;
4645
+ const value = ipv4PartsToNumber(parts);
4646
+ return !nonPublicIPv4Prefixes.some(({ base, prefix }) => matchesIPv4Prefix(value, base, prefix));
4647
+ }
4648
+ function isValidPublicIPv6Address(address) {
4649
+ const words = parseIPv6Address(address);
4650
+ if (words == null) return false;
4651
+ if (nonPublicIPv6Prefixes.some(({ words: prefixWords, prefix }) => matchesIPv6Prefix(words, prefixWords, prefix))) return false;
4652
+ for (const { extractIPv4, prefix, words: prefixWords } of ipv6WithIPv4Prefixes) {
4653
+ if (!matchesIPv6Prefix(words, prefixWords, prefix)) continue;
4654
+ const ipv4Address = extractIPv4(words);
4655
+ if (ipv4Address != null && !isValidPublicIPv4Address(ipv4Address)) return false;
4656
+ }
4657
+ return true;
4658
+ }
4659
+ function expandIPv6Address(address) {
4660
+ address = address.toLowerCase();
4661
+ const ipv4Delimiter = address.lastIndexOf(":");
4662
+ if (address.includes(".") && ipv4Delimiter >= 0) {
4663
+ const ipv4Parts = parseIPv4Address(address.substring(ipv4Delimiter + 1));
4664
+ if (ipv4Parts == null) return address;
4665
+ const high = (ipv4Parts[0] << 8) + ipv4Parts[1];
4666
+ const low = (ipv4Parts[2] << 8) + ipv4Parts[3];
4667
+ address = address.substring(0, ipv4Delimiter + 1) + high.toString(16) + ":" + low.toString(16);
4668
+ }
4669
+ if (address === "::") return "0000:0000:0000:0000:0000:0000:0000:0000";
4670
+ if (address.startsWith("::")) address = "0000" + address;
4671
+ if (address.endsWith("::")) address = address + "0000";
4672
+ address = address.replace("::", ":0000".repeat(8 - (address.match(/:/g) || []).length) + ":");
4673
+ return address.split(":").map((part) => part.padStart(4, "0")).join(":");
4674
+ }
4675
+ const nonPublicIPv4Prefixes = [
4676
+ ipv4Prefix("0.0.0.0/8", "RFC 6890"),
4677
+ ipv4Prefix("10.0.0.0/8", "RFC 1918"),
4678
+ ipv4Prefix("100.64.0.0/10", "RFC 6598"),
4679
+ ipv4Prefix("127.0.0.0/8", "RFC 1122"),
4680
+ ipv4Prefix("169.254.0.0/16", "RFC 3927"),
4681
+ ipv4Prefix("172.16.0.0/12", "RFC 1918"),
4682
+ ipv4Prefix("192.0.0.0/24", "RFC 6890"),
4683
+ ipv4Prefix("192.0.2.0/24", "RFC 5737"),
4684
+ ipv4Prefix("192.88.99.0/24", "RFC 7526"),
4685
+ ipv4Prefix("192.168.0.0/16", "RFC 1918"),
4686
+ ipv4Prefix("198.18.0.0/15", "RFC 2544"),
4687
+ ipv4Prefix("198.51.100.0/24", "RFC 5737"),
4688
+ ipv4Prefix("203.0.113.0/24", "RFC 5737"),
4689
+ ipv4Prefix("224.0.0.0/4", "RFC 5771"),
4690
+ ipv4Prefix("240.0.0.0/4", "RFC 1112")
4691
+ ];
4692
+ const nonPublicIPv6Prefixes = [
4693
+ ipv6Prefix("::/16", "RFC 4291"),
4694
+ ipv6Prefix("2001::/32", "RFC 4380"),
4695
+ ipv6Prefix("2002::/16", "RFC 3056"),
4696
+ ipv6Prefix("64:ff9b:1::/48", "RFC 8215"),
4697
+ ipv6Prefix("fc00::/7", "RFC 4193"),
4698
+ ipv6Prefix("fe80::/10", "RFC 4291"),
4699
+ ipv6Prefix("ff00::/8", "RFC 4291")
4700
+ ];
4701
+ const ipv6WithIPv4Prefixes = [{
4702
+ ...ipv6Prefix("64:ff9b::/96", "RFC 6052"),
4703
+ extractIPv4: (words) => ipv4FromWords(words[6], words[7])
4704
+ }];
4705
+ function ipv4Prefix(cidr, rfc) {
4706
+ const [address, prefixText] = cidr.split("/");
4707
+ const prefix = parseInt(prefixText, 10);
4708
+ const parts = parseIPv4Address(address);
4709
+ if (parts == null || !Number.isInteger(prefix) || prefix < 0 || prefix > 32) throw new Error(`Invalid IPv4 prefix: ${cidr}`);
4710
+ return {
4711
+ cidr,
4712
+ base: ipv4PartsToNumber(parts),
4713
+ prefix,
4714
+ rfc
4715
+ };
4716
+ }
4717
+ function ipv6Prefix(cidr, rfc) {
4718
+ const [address, prefixText] = cidr.split("/");
4719
+ const prefix = parseInt(prefixText, 10);
4720
+ const words = parseIPv6Address(address);
4721
+ if (words == null || !Number.isInteger(prefix) || prefix < 0 || prefix > 128) throw new Error(`Invalid IPv6 prefix: ${cidr}`);
4722
+ return {
4723
+ cidr,
4724
+ words,
4725
+ prefix,
4726
+ rfc
4727
+ };
4728
+ }
4729
+ function parseIPv4Address(address) {
4730
+ const parts = address.split(".").map((part) => {
4731
+ if (!/^\d+$/.test(part)) return NaN;
4732
+ return parseInt(part, 10);
4733
+ });
4734
+ if (parts.length !== 4 || parts.some((part) => !Number.isInteger(part) || part < 0 || part > 255)) return null;
4735
+ return parts;
4736
+ }
4737
+ function parseIPv6Address(address) {
4738
+ const parts = expandIPv6Address(address).split(":");
4739
+ if (parts.length !== 8) return null;
4740
+ const words = parts.map((part) => {
4741
+ if (!/^[0-9a-f]{1,4}$/i.test(part)) return NaN;
4742
+ return parseInt(part, 16);
4743
+ });
4744
+ if (words.some((word) => !Number.isInteger(word) || word < 0 || word > 65535)) return null;
4745
+ return words;
4746
+ }
4747
+ function ipv4PartsToNumber(parts) {
4748
+ return parts[0] * 2 ** 24 + parts[1] * 2 ** 16 + parts[2] * 2 ** 8 + parts[3];
4749
+ }
4750
+ function ipv4FromWords(highWord, lowWord) {
4751
+ return [
4752
+ highWord >> 8,
4753
+ highWord & 255,
4754
+ lowWord >> 8,
4755
+ lowWord & 255
4756
+ ].join(".");
4757
+ }
4758
+ function matchesIPv4Prefix(address, prefixBase, prefixLength) {
4759
+ const blockSize = 2 ** (32 - prefixLength);
4760
+ return Math.floor(address / blockSize) === Math.floor(prefixBase / blockSize);
4761
+ }
4762
+ function matchesIPv6Prefix(address, prefixWords, prefixLength) {
4763
+ let remaining = prefixLength;
4764
+ for (let i = 0; i < 8 && remaining > 0; i++) if (remaining >= 16) {
4765
+ if (address[i] !== prefixWords[i]) return false;
4766
+ remaining -= 16;
4767
+ } else {
4768
+ const mask = 65535 << 16 - remaining & 65535;
4769
+ if ((address[i] & mask) !== (prefixWords[i] & mask)) return false;
4770
+ remaining = 0;
4771
+ }
4772
+ return true;
4773
+ }
4774
+ //#endregion
4623
4775
  //#region src/docloader.ts
4624
4776
  const logger = (0, _logtape_logtape.getLogger)([
4625
4777
  "fedify",
@@ -4627,66 +4779,6 @@ const logger = (0, _logtape_logtape.getLogger)([
4627
4779
  "docloader"
4628
4780
  ]);
4629
4781
  const DEFAULT_MAX_REDIRECTION = 20;
4630
- const MAX_HTML_SIZE = 1024 * 1024;
4631
- function createResponseMetadata(response) {
4632
- return new Response(null, {
4633
- headers: response.headers,
4634
- status: response.status,
4635
- statusText: response.statusText
4636
- });
4637
- }
4638
- async function cancelResponseBody(response) {
4639
- if (response.body != null) await response.body.cancel();
4640
- }
4641
- async function readBoundedText(response, maxBytes) {
4642
- const contentLength = response.headers.get("Content-Length");
4643
- if (contentLength != null) {
4644
- const size = Number(contentLength);
4645
- if (size > maxBytes) {
4646
- await cancelResponseBody(response);
4647
- return {
4648
- text: "",
4649
- size,
4650
- tooLarge: true
4651
- };
4652
- }
4653
- }
4654
- if (response.body == null) return {
4655
- text: "",
4656
- size: 0,
4657
- tooLarge: false
4658
- };
4659
- const reader = response.body.getReader();
4660
- const decoder = new TextDecoder();
4661
- let text = "";
4662
- let size = 0;
4663
- try {
4664
- while (true) {
4665
- const result = await reader.read();
4666
- if (result.done) break;
4667
- const chunkSize = result.value.byteLength;
4668
- if (size + chunkSize > maxBytes) {
4669
- size += chunkSize;
4670
- await reader.cancel();
4671
- return {
4672
- text: "",
4673
- size,
4674
- tooLarge: true
4675
- };
4676
- }
4677
- size += chunkSize;
4678
- text += decoder.decode(result.value, { stream: true });
4679
- }
4680
- text += decoder.decode();
4681
- return {
4682
- text,
4683
- size,
4684
- tooLarge: false
4685
- };
4686
- } finally {
4687
- reader.releaseLock();
4688
- }
4689
- }
4690
4782
  /**
4691
4783
  * Gets a {@link RemoteDocument} from the given response.
4692
4784
  * @param url The URL of the document to load.
@@ -4741,19 +4833,19 @@ async function getRemoteDocument(url, response, fetch) {
4741
4833
  }
4742
4834
  let document;
4743
4835
  if (!jsonLd && (contentType === "text/html" || contentType?.startsWith("text/html;") || contentType === "application/xhtml+xml" || contentType?.startsWith("application/xhtml+xml;"))) {
4744
- const errorResponse = createResponseMetadata(response);
4745
- const html = await readBoundedText(response, MAX_HTML_SIZE);
4746
- if (html.tooLarge) {
4836
+ const MAX_HTML_SIZE = 1024 * 1024;
4837
+ const html = await response.text();
4838
+ if (html.length > MAX_HTML_SIZE) {
4747
4839
  logger.warn("HTML response too large, skipping alternate link discovery: {url}", {
4748
4840
  url: documentUrl,
4749
- size: html.size
4841
+ size: html.length
4750
4842
  });
4751
- throw new FetchError(documentUrl, `HTML document is too large to scan for an ActivityPub alternate link (Content-Type: ${contentType})`, errorResponse);
4843
+ document = JSON.parse(html);
4752
4844
  } else {
4753
4845
  const tagPattern = /<(a|link)\s+([^>]*?)\s*\/?>/gi;
4754
4846
  const attrPattern = /([a-z][a-z:_-]*)=(?:"([^"]*)"|'([^']*)'|([^\s>]+))/gi;
4755
4847
  let tagMatch;
4756
- while ((tagMatch = tagPattern.exec(html.text)) !== null) {
4848
+ while ((tagMatch = tagPattern.exec(html)) !== null) {
4757
4849
  const tagContent = tagMatch[2];
4758
4850
  let attrMatch;
4759
4851
  const attribs = {};
@@ -4770,12 +4862,7 @@ async function getRemoteDocument(url, response, fetch) {
4770
4862
  return await fetch(new URL(attribs.href, docUrl).href);
4771
4863
  }
4772
4864
  }
4773
- try {
4774
- document = JSON.parse(html.text);
4775
- } catch (error) {
4776
- if (!(error instanceof SyntaxError)) throw error;
4777
- throw new FetchError(documentUrl, `HTML document has no ActivityPub alternate link (Content-Type: ${contentType})`, errorResponse);
4778
- }
4865
+ document = JSON.parse(html);
4779
4866
  }
4780
4867
  } else document = await response.json();
4781
4868
  logger.debug("Fetched document: {status} {url} {headers}", {
@@ -4821,9 +4908,9 @@ function getDocumentLoader({ allowPrivateAddress, maxRedirection, skipPreloadedC
4821
4908
  };
4822
4909
  }
4823
4910
  if (!allowPrivateAddress) try {
4824
- await require_url.validatePublicUrl(currentUrl);
4911
+ await validatePublicUrl(currentUrl);
4825
4912
  } catch (error) {
4826
- if (error instanceof require_url.UrlError) logger.error("Disallowed private URL: {url}", {
4913
+ if (error instanceof UrlError) logger.error("Disallowed private URL: {url}", {
4827
4914
  url: currentUrl,
4828
4915
  error
4829
4916
  });
@@ -5482,30 +5569,26 @@ LanguageString.prototype[Symbol.for("nodejs.util.inspect.custom")] = function(_d
5482
5569
  //#endregion
5483
5570
  exports.FetchError = FetchError;
5484
5571
  exports.LanguageString = LanguageString;
5485
- exports.UrlError = require_url.UrlError;
5572
+ exports.UrlError = UrlError;
5486
5573
  exports.canParseDecimal = canParseDecimal;
5487
5574
  exports.createActivityPubRequest = createActivityPubRequest;
5488
5575
  exports.decodeMultibase = decodeMultibase;
5489
5576
  exports.encodeMultibase = encodeMultibase;
5490
5577
  exports.encodingFromBaseData = encodingFromBaseData;
5491
- exports.expandIPv6Address = require_url.expandIPv6Address;
5578
+ exports.expandIPv6Address = expandIPv6Address;
5492
5579
  exports.exportMultibaseKey = exportMultibaseKey;
5493
5580
  exports.exportSpki = exportSpki;
5494
- exports.formatIri = require_url.formatIri;
5495
5581
  exports.getDocumentLoader = getDocumentLoader;
5496
5582
  exports.getRemoteDocument = getRemoteDocument;
5497
5583
  exports.getUserAgent = getUserAgent;
5498
- exports.haveSameIriOrigin = require_url.haveSameIriOrigin;
5499
5584
  exports.importMultibaseKey = importMultibaseKey;
5500
5585
  exports.importPem = importPem;
5501
5586
  exports.importPkcs1 = importPkcs1;
5502
5587
  exports.importSpki = importSpki;
5503
5588
  exports.isDecimal = isDecimal;
5504
- exports.isValidPublicIPv4Address = require_url.isValidPublicIPv4Address;
5505
- exports.isValidPublicIPv6Address = require_url.isValidPublicIPv6Address;
5589
+ exports.isValidPublicIPv4Address = isValidPublicIPv4Address;
5590
+ exports.isValidPublicIPv6Address = isValidPublicIPv6Address;
5506
5591
  exports.logRequest = logRequest;
5507
5592
  exports.parseDecimal = parseDecimal;
5508
- exports.parseIri = require_url.parseIri;
5509
- exports.parseJsonLdId = require_url.parseJsonLdId;
5510
5593
  exports.preloadedContexts = preloadedContexts;
5511
- exports.validatePublicUrl = require_url.validatePublicUrl;
5594
+ exports.validatePublicUrl = validatePublicUrl;
package/dist/mod.d.cts CHANGED
@@ -1,10 +1,208 @@
1
1
  /// <reference lib="esnext.temporal" />
2
- import { a as DocumentLoaderOptions, c as getDocumentLoader, d as FetchError, f as GetUserAgentOptions, h as logRequest, i as DocumentLoaderFactoryOptions, l as getRemoteDocument, m as getUserAgent, n as DocumentLoader, o as GetDocumentLoaderOptions, p as createActivityPubRequest, r as DocumentLoaderFactory, s as RemoteDocument, t as AuthenticatedDocumentLoaderFactory, u as CreateRequestOptions } from "./docloader-DnUMWHaJ.cjs";
2
+ import { Logger } from "@logtape/logtape";
3
3
  import { TracerProvider } from "@opentelemetry/api";
4
4
 
5
5
  //#region src/contexts.d.ts
6
6
  declare const preloadedContexts: Record<string, unknown>;
7
7
  //#endregion
8
+ //#region src/request.d.ts
9
+ /**
10
+ * Error thrown when fetching a JSON-LD document failed.
11
+ */
12
+ declare class FetchError extends Error {
13
+ /**
14
+ * The URL that failed to fetch.
15
+ */
16
+ url: URL;
17
+ /**
18
+ * The HTTP response that failed, if available.
19
+ */
20
+ response?: Response;
21
+ /**
22
+ * Constructs a new `FetchError`.
23
+ *
24
+ * @param url The URL that failed to fetch.
25
+ * @param message Error message.
26
+ * @param response The failed HTTP response, if available.
27
+ */
28
+ constructor(url: URL | string, message?: string, response?: Response);
29
+ }
30
+ /**
31
+ * Options for creating a request.
32
+ * @internal
33
+ */
34
+ interface CreateRequestOptions {
35
+ userAgent?: GetUserAgentOptions | string;
36
+ }
37
+ /**
38
+ * Creates a request for the given URL.
39
+ * @param url The URL to create the request for.
40
+ * @param options The options for the request.
41
+ * @returns The created request.
42
+ * @internal
43
+ */
44
+ declare function createActivityPubRequest(url: string, options?: CreateRequestOptions): Request;
45
+ /**
46
+ * Options for making `User-Agent` string.
47
+ * @see {@link getUserAgent}
48
+ * @since 1.3.0
49
+ */
50
+ interface GetUserAgentOptions {
51
+ /**
52
+ * An optional software name and version, e.g., `"Hollo/1.0.0"`.
53
+ */
54
+ software?: string | null;
55
+ /**
56
+ * An optional URL to append to the user agent string.
57
+ * Usually the URL of the ActivityPub instance.
58
+ */
59
+ url?: string | URL | null;
60
+ }
61
+ /**
62
+ * Gets the user agent string for the given application and URL.
63
+ * @param options The options for making the user agent string.
64
+ * @returns The user agent string.
65
+ * @since 1.3.0
66
+ */
67
+ declare function getUserAgent({
68
+ software,
69
+ url
70
+ }?: GetUserAgentOptions): string;
71
+ /**
72
+ * Logs the request.
73
+ * @param request The request to log.
74
+ * @internal
75
+ */
76
+ declare function logRequest(logger: Logger, request: Request): void;
77
+ //#endregion
78
+ //#region src/docloader.d.ts
79
+ /**
80
+ * A remote JSON-LD document and its context fetched by
81
+ * a {@link DocumentLoader}.
82
+ */
83
+ interface RemoteDocument {
84
+ /**
85
+ * The URL of the context document.
86
+ */
87
+ contextUrl: string | null;
88
+ /**
89
+ * The fetched JSON-LD document.
90
+ */
91
+ document: unknown;
92
+ /**
93
+ * The URL of the fetched document.
94
+ */
95
+ documentUrl: string;
96
+ }
97
+ /**
98
+ * Options for {@link DocumentLoader}.
99
+ * @since 1.8.0
100
+ */
101
+ interface DocumentLoaderOptions {
102
+ /**
103
+ * An `AbortSignal` for cancellation.
104
+ * @since 1.8.0
105
+ */
106
+ signal?: AbortSignal;
107
+ }
108
+ /**
109
+ * A JSON-LD document loader that fetches documents from the Web.
110
+ * @param url The URL of the document to load.
111
+ * @param options The options for the document loader.
112
+ * @returns The loaded remote document.
113
+ */
114
+ type DocumentLoader = (url: string, options?: DocumentLoaderOptions) => Promise<RemoteDocument>;
115
+ /**
116
+ * A factory function that creates a {@link DocumentLoader} with options.
117
+ * @param options The options for the document loader.
118
+ * @returns The document loader.
119
+ * @since 1.4.0
120
+ */
121
+ type DocumentLoaderFactory = (options?: DocumentLoaderFactoryOptions) => DocumentLoader;
122
+ /**
123
+ * Options for {@link DocumentLoaderFactory}.
124
+ * @see {@link DocumentLoaderFactory}
125
+ * @see {@link AuthenticatedDocumentLoaderFactory}
126
+ * @since 1.4.0
127
+ */
128
+ interface DocumentLoaderFactoryOptions {
129
+ /**
130
+ * Whether to allow fetching private network addresses.
131
+ * Turned off by default.
132
+ * @default `false``
133
+ */
134
+ allowPrivateAddress?: boolean;
135
+ /**
136
+ * Options for making `User-Agent` string.
137
+ * If a string is given, it is used as the `User-Agent` header value.
138
+ * If an object is given, it is passed to {@link getUserAgent} function.
139
+ */
140
+ userAgent?: GetUserAgentOptions | string;
141
+ /**
142
+ * The maximum number of redirections to follow.
143
+ * @default `20`
144
+ * @since 2.2.0
145
+ */
146
+ maxRedirection?: number;
147
+ }
148
+ /**
149
+ * A factory function that creates an authenticated {@link DocumentLoader} for
150
+ * a given identity. This is used for fetching documents that require
151
+ * authentication.
152
+ * @param identity The identity to create the document loader for.
153
+ * The actor's key pair.
154
+ * @param options The options for the document loader.
155
+ * @returns The authenticated document loader.
156
+ * @since 0.4.0
157
+ */
158
+ type AuthenticatedDocumentLoaderFactory = (identity: {
159
+ keyId: URL;
160
+ privateKey: CryptoKey;
161
+ }, options?: DocumentLoaderFactoryOptions) => DocumentLoader;
162
+ /**
163
+ * Gets a {@link RemoteDocument} from the given response.
164
+ * @param url The URL of the document to load.
165
+ * @param response The response to get the document from.
166
+ * @param fetch The function to fetch the document.
167
+ * @returns The loaded remote document.
168
+ * @throws {FetchError} If the response is not OK.
169
+ * @internal
170
+ */
171
+ declare function getRemoteDocument(url: string, response: Response, fetch: (url: string, options?: DocumentLoaderOptions) => Promise<RemoteDocument>): Promise<RemoteDocument>;
172
+ /**
173
+ * Options for {@link getDocumentLoader}.
174
+ * @since 1.3.0
175
+ */
176
+ interface GetDocumentLoaderOptions extends DocumentLoaderFactoryOptions {
177
+ /**
178
+ * Whether to preload the frequently used contexts.
179
+ */
180
+ skipPreloadedContexts?: boolean;
181
+ }
182
+ /**
183
+ * Creates a JSON-LD document loader that utilizes the browser's `fetch` API.
184
+ *
185
+ * The created loader preloads the below frequently used contexts by default
186
+ * (unless `options.skipPreloadedContexts` is set to `true`):
187
+ *
188
+ * - <https://www.w3.org/ns/activitystreams>
189
+ * - <https://w3id.org/security/v1>
190
+ * - <https://w3id.org/security/data-integrity/v1>
191
+ * - <https://www.w3.org/ns/did/v1>
192
+ * - <https://w3id.org/security/multikey/v1>
193
+ * - <https://purl.archive.org/socialweb/webfinger>
194
+ * - <http://schema.org/>
195
+ * @param options Options for the document loader.
196
+ * @returns The document loader.
197
+ * @since 1.3.0
198
+ */
199
+ declare function getDocumentLoader({
200
+ allowPrivateAddress,
201
+ maxRedirection,
202
+ skipPreloadedContexts,
203
+ userAgent
204
+ }?: GetDocumentLoaderOptions): DocumentLoader;
205
+ //#endregion
8
206
  //#region src/key.d.ts
9
207
  /**
10
208
  * Imports a PEM-SPKI formatted public key.
@@ -263,22 +461,6 @@ declare class UrlError extends Error {
263
461
  constructor(message: string);
264
462
  }
265
463
  /**
266
- * Parses a JSON-LD `@id` value as an IRI.
267
- */
268
- declare function parseJsonLdId(id: string | undefined, base?: string | URL): URL | undefined;
269
- /**
270
- * Parses an IRI as a URL, including FEP-ef61 portable ActivityPub IRIs.
271
- */
272
- declare function parseIri(iri: string | URL, base?: string | URL): URL;
273
- /**
274
- * Formats a URL as an IRI, including FEP-ef61 portable ActivityPub IRIs.
275
- */
276
- declare function formatIri(iri: string | URL): string;
277
- /**
278
- * Checks whether two IRIs have the same origin.
279
- */
280
- declare function haveSameIriOrigin(left: URL, right: URL): boolean;
281
- /**
282
464
  * Validates a URL to prevent SSRF attacks.
283
465
  */
284
466
  declare function validatePublicUrl(url: string): Promise<void>;
@@ -286,4 +468,4 @@ declare function isValidPublicIPv4Address(address: string): boolean;
286
468
  declare function isValidPublicIPv6Address(address: string): boolean;
287
469
  declare function expandIPv6Address(address: string): string;
288
470
  //#endregion
289
- export { type AuthenticatedDocumentLoaderFactory, type CreateRequestOptions, type Decimal, type DocumentLoader, type DocumentLoaderFactory, type DocumentLoaderFactoryOptions, type DocumentLoaderOptions, FetchError, type GetDocumentLoaderOptions, type GetUserAgentOptions, type Json, LanguageString, type PropertyPreprocessor, type PropertyPreprocessorContext, type RemoteDocument, UrlError, canParseDecimal, createActivityPubRequest, decodeMultibase, encodeMultibase, encodingFromBaseData, expandIPv6Address, exportMultibaseKey, exportSpki, formatIri, getDocumentLoader, getRemoteDocument, getUserAgent, haveSameIriOrigin, importMultibaseKey, importPem, importPkcs1, importSpki, isDecimal, isValidPublicIPv4Address, isValidPublicIPv6Address, logRequest, parseDecimal, parseIri, parseJsonLdId, preloadedContexts, validatePublicUrl };
471
+ export { type AuthenticatedDocumentLoaderFactory, type CreateRequestOptions, type Decimal, type DocumentLoader, type DocumentLoaderFactory, type DocumentLoaderFactoryOptions, type DocumentLoaderOptions, FetchError, type GetDocumentLoaderOptions, type GetUserAgentOptions, type Json, LanguageString, type PropertyPreprocessor, type PropertyPreprocessorContext, type RemoteDocument, UrlError, canParseDecimal, createActivityPubRequest, decodeMultibase, encodeMultibase, encodingFromBaseData, expandIPv6Address, exportMultibaseKey, exportSpki, getDocumentLoader, getRemoteDocument, getUserAgent, importMultibaseKey, importPem, importPkcs1, importSpki, isDecimal, isValidPublicIPv4Address, isValidPublicIPv6Address, logRequest, parseDecimal, preloadedContexts, validatePublicUrl };