Fedify changelog
Version 1.0.2
Released on September 27, 2024.
Fixed a bug of
Object.toJsonLd()
method where it had incorrectly compacted thename
property when it was not a language map.The
Delete(Application)
activities sent by thefedify inbox
command now embed the entire actor object instead of just the actor's URI so that the peers can verify the actor's signature without fetching the actor object.
Version 1.0.1
Released on September 26, 2024.
Fixed deprecation messages related to the
{handle}
variable in URL templates; they had had wrong placeholders in the message templates.Fixed a bug of
Object.toJsonLd()
method where it had not fall back to the proper compact form when the heuristic compact form was not available.
Version 1.0.0
Released on September 26, 2024.
The term
handle
for dispatching actors is deprecated in favor ofidentifier
.The URI template for the following methods now accepts variable
{identifier}
instead of{handle}
:Federation.setActorDispatcher()
Federation.setInboxDispatcher()
Federation.setOutboxDispatcher()
Federation.setFollowingDispatcher()
Federation.setFollowersDispatcher()
Federation.setLikedDispatcher()
Federation.setFeaturedDispatcher()
Federation.setFeaturedTagsDispatcher()
Federation.setInboxListeners()
The
{handle}
variable is deprecated, and it will be removed in the future.The type of
Federation.setActorDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setInboxDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setOutboxDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setFollowingDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setFollowersDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setLikedDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setFeaturedDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setFeaturedTagsDispatcher()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Federation.setInboxListeners()
method's first parameter became${string}{identifier}${string}` | `${string}{handle}${string}
(was${string}{handle}${string}
).The type of
Context.getDocumentLoader()
method's first parameter became{ identifier: string } | { username: string } | { handle: string } | { keyId: URL; privateKey: CryptoKey }
(was{ handle: string } | { keyId: URL; privateKey: CryptoKey }
).Passing
{ handle: string }
toContext.getDocumentLoader()
method is deprecated in favor of{ username: string }
.The type of
Context.sendActivity()
method's first parameter becameSenderKeyPair | SenderKeyPair[] | { identifier: string } | { username: string } | { handle: string }
(wasSenderKeyPair | SenderKeyPair[] | { handle: string }
).All properties of
ParseUriResult
type became readonly.Added
identifier
properties next tohandle
properties inParseUriResult
type.The
handle
properties ofParseUriResult
type are deprecated in favor ofidentifier
properties.The return type of
SharedInboxKeyDispatcher
callback type becameSenderKeyPair | { identifier: string } | { username: string } | { handle: string } | null | Promise<SenderKeyPair | { identifier: string } | { username: string } | { handle: string } | null>
(wasSenderKeyPair | { handle: string } | null | Promise<SenderKeyPair | { handle: string } | null>
).
Fedify now supports Linked Data Signatures, which is outdated but still widely used in the fediverse.
- A
Federation
object became to verify an activity's Linked Data Signatures if it has one. If Linked Data Signatures are verified, Object Integrity Proofs and HTTP Signatures are not verified. Context.sendActivity()
method became to sign an activity with Linked Data Signatures if there is at least one RSA-PKCS#1-v1.5 key pair.- Added
Signature
interface. - Added
signJsonLd()
function. - Added
SignJsonLdOptions
interface. - Added
createSignature()
function. - Added
CreateSignatureOptions
interface. - Added
verifyJsonLd()
function. - Added
VerifyJsonLdOptions
interface. - Added
verifySignature()
function. - Added
VerifySignatureOptions
interface. - Added
attachSignature()
function. - Added
detachSignature()
function.
- A
In inbox listeners, a received activity now can be forwarded to another server. [#137]
- Added
InboxContext
interface. - Added
ForwardActivityOptions
interface. - The first parameter of the
InboxListener
callback type becameInboxContext
(wasContext
).
- Added
Added
cat
property toActor
type in Activity Vocabulary API.- Added
Application.cat
property. new Application()
constructor now acceptscat
option.Application.clone()
method now acceptscat
option.- Added
Group.cat
property. new Group()
constructor now acceptscat
option.Group.clone()
method now acceptscat
option.- Added
Organization.cat
property. new Organization()
constructor now acceptscat
option.Organization.clone()
method now acceptscat
option.- Added
Person.cat
property. new Person()
constructor now acceptscat
option.Person.clone()
method now acceptscat
option.- Added
Service.cat
property. new Service()
constructor now acceptscat
option.Service.clone()
method now acceptscat
option.
- Added
The
Context.parseUri()
method's parameter type becameURL | null
(wasURL
).Context.sendActivity()
method now adds Object Integrity Proofs to the activity to be sent only once. It had added Object Integrity Proofs to the activity for every recipient before.The message queue is now able to be stopped manually by providing an
AbortSignal
object to theFederation.startQueue()
method.- Added the optional second parameter to
Federation.startQueue()
method, which is aFederationStartQueueOptions
object. - Added
FederationStartQueueOptions
interface. - Added the optional second parameter to
MessageQueue.listen()
method, which is aMessageQueueListenOptions
object. - Added
MessageQueueListenOptions
interface. - The return type of
MessageQueue.listen()
method becamePromise<void>
(wasvoid
).
- Added the optional second parameter to
Added
ParallelMessageQueue
class. [#106]WebFinger responses now include http://webfinger.net/rel/avatar links if the
Actor
object returned by the actor dispatcher hasicon
/icons
property.DenoKvMessageQueue
now implementsDisposable
interface.The
fedify inbox
command now sendsDelete(Application)
activities when it's terminated so that the peers can clean up data related to the temporary actor. [#135]Add options for PostgreSQL drivers to
fedify init
command.- Added
postgres
value to the-k
/--kv-store
option of thefedify init
command. - Added
postgres
value to the-q
/--message-queue
option of thefedify init
command.
- Added
The generated project by the
fedify init
command now enables dotenv by default.The
fedify init
command now generates .env file with default values.Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "sig", "ld"]
Version 0.15.2
Released on September 26, 2024.
- Fixed a bug of
Object.toJsonLd()
method where it had not fall back to the proper compact form when the heuristic compact form was not available.
Version 0.15.1
Released on September 15, 2024.
- Fixed a bug where even if the
ActorCallbackSetters.mapHandle()
method was called, a WebFinger username was used as an actor's handle. [#136]
Version 0.15.0
Released on September 11, 2024.
Actors, collections, and objects now can have their URIs that do not consist of a WebFinger username, which means actors can change their fediverse handles.
- Added
ActorCallbackSetters.mapHandle()
method. - Added
ActorHandleMapper
type.
- Added
Added
quoteUrl
property toArticle
,ChatMessage
,Note
, andQuestion
classes in Activity Vocabulary API.- Added
Article.quoteUrl
property. new Article()
constructor now acceptsquoteUrl
option.Article.clone()
method now acceptsquoteUrl
option.- Added
ChatMessage.quoteUrl
property. new ChatMessage()
constructor now acceptsquoteUrl
option.ChatMessage.clone()
method now acceptsquoteUrl
option.- Added
Note.quoteUrl
property. new Note()
constructor now acceptsquoteUrl
option.Note.clone()
method now acceptsquoteUrl
option.- Added
Question.quoteUrl
property. new Question()
constructor now acceptsquoteUrl
option.Question.clone()
method now acceptsquoteUrl
option.
- Added
The element type of the liked collection is now
Object
orURL
instead ofLike
.- Changed the type of
Federation.setLikedDispatcher()
method's second parameter toCollectionDispatcher<Object | URL, RequestContext<TContextData>, TContextData, void>
(wasCollectionDispatcher<Like, RequestContext<TContextData>, TContextData, void>
).
- Changed the type of
Removed
expand
option ofObject.toJsonLd()
method, which was deprecated in version 0.14.0. Useformat: "expand"
option instead.Added
Context.lookupObject()
method.Default document loaders now recognize ActivityStream objects in more ways:
- Loaders now recognize
alternate
ActivityStreams objects in theLink
header. - Loaders now recognize
alternate
ActivityStreams objects in the<link>
/<a>
HTML elements.
- Loaders now recognize
Added
allowPrivateAddress
option toCreateFederationOptions
interface.Fixed a bug where the WebFinger response had had a
subject
property with an unmatched URI to the requested resource when a non-acct:
URI was given.Renamed the short option
-c
for--compact
offedify lookup
command to-C
to avoid conflict with the short option-c
for--cache-dir
.Added
-r
/--raw
option tofedify lookup
command to output the raw JSON object.
Version 0.14.5
Released on September 26, 2024.
- Fixed a bug of
Object.toJsonLd()
method where it had not fall back to the proper compact form when the heuristic compact form was not available.
Version 0.14.4
Released on September 6, 2024.
- Fixed a bug of
Object.fromJsonLd()
method where it had thrown aTypeError
when the given JSON-LD object had an@id
property with an empty string.
Version 0.14.3
Released on September 1, 2024.
- Fixed
fedify inbox
command where it had ignored-a
/--accept-follow
options when no-f
/--follow
option was provided. [#132]
Version 0.14.2
Released on August 30, 2024.
- Fixed an incompatibility with Meta's Threads where sent activities had not been verified by their inbox. [#125]
Version 0.14.1
Released on August 29, 2024.
Fixed
fedify inbox
command that had not been able to parse activities even if they are valid JSON-LD. [#126]Fixed a bug where the Compact Activity tab of
fedify inbox
command's web interface had shown an expanded JSON-LD object instead of a compacted one.
Version 0.14.0
Released on August 27, 2024.
Removed the limitation that the
sendActivity({ handle: string }, "followers", Activity)
overload is only available forRequestContext
but not forContext
. Now it is available for both. [#115]- Added
Context.sendActivity({ handle: string }, "followers", Activity)
overload. - Added type parameter
TContext
toCollectionsDispatcher
type's first parameter to distinguish betweenRequestContext
andContext
. - The first parameter of
CollectionDispatcher
type becameTContext
(wasRequestContext
). - Added type parameter
TContext
toCollectionsCursor
type's first parameter to distinguish betweenRequestContext
andContext
. - The first parameter of
CollectionCursor
type becameTContext
(wasRequestContext
). - Added type parameter
TContext
toCollectionsCallbackSetters
type's first parameter to distinguish betweenRequestContext
andContext
.
- Added
Added
source
property toObject
class in Activity Vocabulary API. [#114]- Added
Object.source
property. new Object()
constructor now acceptssource
option.Object.clone()
method now acceptssource
option.
- Added
Added
aliases
property toActor
type in Activity Vocabulary API.- Added
Application.getAliases()
method. - Added
Application.getAlias()
method. new Application()
constructor now acceptsalias
option.new Application()
constructor now acceptsaliases
option.Application.clone()
method now acceptsalias
option.Application.clone()
method now acceptsaliases
option.- Added
Group.getAliases()
method. - Added
Group.getAlias()
method. new Group()
constructor now acceptsalias
option.new Group()
constructor now acceptsaliases
option.Group.clone()
method now acceptsalias
option.Group.clone()
method now acceptsaliases
option.- Added
Organization.getAliases()
method. - Added
Organization.getAlias()
method. new Organization()
constructor now acceptsalias
option.new Organization()
constructor now acceptsaliases
option.Organization.clone()
method now acceptsalias
option.Organization.clone()
method now acceptsaliases
option.- Added
Person.getAliases()
method. - Added
Person.getAlias()
method. new Person()
constructor now acceptsalias
option.new Person()
constructor now acceptsaliases
option.Person.clone()
method now acceptsalias
option.Person.clone()
method now acceptsaliases
option.- Added
Service.getAliases()
method. - Added
Service.getAlias()
method. new Service()
constructor now acceptsalias
option.new Service()
constructor now acceptsaliases
option.Service.clone()
method now acceptsalias
option.Service.clone()
method now acceptsaliases
option.
- Added
Improved the performance of
Object.toJsonLd()
method.Object.toJsonLd()
method no longer guarantees that the returned JSON-LD object is compacted unless theformat: "compact"
option is provided.- Added
format
option toObject.toJsonLd()
method. - Deprecated
expand
option ofObject.toJsonLd()
method. Useformat: "expand"
option instead. - The
context
option ofObject.toJsonLd()
method is now only applicable toformat: "compact"
. Otherwise, it throws aTypeError
.
The
getActorHandle()
function now supports cross-origin WebFinger resources.The
lookupWebFinger()
andgetActorHandle()
functions no more throw an error when they fail to reach the WebFinger resource.Collection dispatchers now set the
id
property of theOrderedCollection
/OrderedCollectionPage
objects that they return to the their canonical URI.Now
fedify init
generates a default tsconfig.json file on Node.js and Bun, and fills the deno.json file with the defaultcompilerOptions
on Deno.
Version 0.13.5
Released on September 6, 2024.
- Fixed a bug of
Object.fromJsonLd()
method where it had thrown aTypeError
when the given JSON-LD object had an@id
property with an empty string.
Version 0.13.4
Released on September 1, 2024.
- Fixed
fedify inbox
command where it had ignored-a
/--accept-follow
options when no-f
/--follow
option was provided. [#132]
Version 0.13.3
Released on August 30, 2024.
- Fixed an incompatibility with Meta's Threads where sent activities had not been verified by their inbox. [#125]
Version 0.13.2
Released on August 29, 2024.
- Fixed
fedify inbox
command that had not been able to parse activities even if they are valid JSON-LD. [#126]
Version 0.13.1
Released on August 18, 2024.
- Fixed a vulnerability where the
getActorHandle()
function had trusted the hostname of WebFinger aliases that had not matched the hostname of the actor ID (URI).
Version 0.13.0
Released on August 7, 2024.
Added
closed
property toQuestion
class in Activity Vocabulary API.- Added
Question.closed
property. new Question()
constructor now acceptsclosed
option.Question.clone()
method now acceptsclosed
option.
- Added
Added
voters
property toQuestion
class in Activity Vocabulary API.- Added
Question.voters
property. new Question()
constructor now acceptsvoters
option.Question.clone()
method now acceptsvoters
option.
- Added
HTTP Signatures verification now can be optionally skipped for the sake of testing. [#110]
- The type of
CreateFederationOptions.signatureTimeWindow
property becameTemporal.DurationLike | false
(wasTemporal.DurationLike
). - The type of
VerifyRequestOptions.timeWindow
property becameTemporal.DurationLike | false
(wasTemporal.DurationLike
). - Added
CreateFederationOptions.skipSignatureVerification
property.
- The type of
Removed the singular actor key pair dispatcher APIs which were deprecated in version 0.10.0.
- Removed the last parameter of the
ActorDispatcher
callback type. UseContext.getActorKeyPairs()
method instead. - Removed
ActorKeyPairDispatcher
type. UseActorKeyPairsDispatcher
type instead. - Removed
ActorCallbackSetters.setKeyPairDispatcher()
method. UseActorCallbackSetters.setKeyPairsDispatcher()
method instead. - Removed
Context.getActorKey()
method. UseContext.getActorKeyPairs()
method instead.
- Removed the last parameter of the
The
Federation
is no more a class, but an interface, which has been planned since version 0.10.0. [#69]new Federation()
constructor is removed. UsecreateFederation()
function instead.- Removed
Federation.sendActivity()
method. UseContext.sendActivity()
method instead. - Removed
Federation
class. - Added
Federation
interface. - Removed
FederationParameters
interface.
Added
fedify tunnel
command to expose a local HTTP server to the public internet.A scaffold project generated by the
fedify init
command has several changes:- Added support for Express framework.
- Added support for Nitro framework.
- Now a scaffold project uses a x-forwarded-fetch middleware to support
X-Forwarded-Proto
andX-Forwarded-Host
headers. - Now a scaffold project has hot reloading by default.
- Now a scaffold project has logging configuration using the LogTape library.
Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "webfinger", "server"]
Version 0.12.3
Released on August 18, 2024.
- Fixed a vulnerability where the
getActorHandle()
function had trusted the hostname of WebFinger aliases that had not matched the hostname of the actor ID (URI).
Version 0.12.2
Released on July 31, 2024.
- Fixed a bug where incoming activities had not been enqueued even if the
queue
option was provided to thecreateFederation()
function.
Version 0.12.1
Released on July 27, 2024.
- Fixed a bug where
fedify init -w hono
had generated scaffold files without Fedify integration. - Fixed a bug where
fedify init -r bun -w hono
had generated scaffold files with a wrong port number (was 3000).
Version 0.12.0
Released on July 24, 2024.
The
fedify
command is now available on npm. [#104]Incoming activities are now queued before being dispatched to the inbox listener if the
queue
option is provided to thecreateFederation()
function. [#70]- The type of
InboxListener
callback type's first parameter becameContext
(wasRequestContext
). - The type of
InboxErrorHandler
callback type's first parameter becameContext
(wasRequestContext
). - The type of
SharedInboxKeyDispatcher
callback type's first parameter becameContext
(wasRequestContext
).
- The type of
Implemented fully customizable retry policy for failed tasks in the task queue. By default, the task queue retries the failed tasks with an exponential backoff policy with decorrelated jitter.
- Added
outboxRetryPolicy
option toCreateFederationOptions
interface. - Added
inboxRetryPolicy
option toCreateFederationOptions
interface. [#70] - Added
RetryPolicy
callback type. - Added
RetryContext
interface. - Added
createExponentialBackoffPolicy()
function. - Added
CreateExponentialBackoffPolicyOptions
interface.
- Added
Federation
object now allows its task queue to be started manually. [#53]- Added
manuallyStartQueue
option toCreateFederationOptions
interface. - Added
Federation.startQueue()
method.
- Added
Made the router able to be insensitive to trailing slashes in the URL paths. [#81]
- Added
trailingSlashInsensitive
option toCreateFederationOptions
interface. - Added
RouterOptions
interface. - Added an optional parameter to
new Router()
constructor.
- Added
Added
ChatMessage
class to Activity Vocabulary API. [#85]Added
Move
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Added
Read
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Added
Travel
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Added
View
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Added
TentativeAccept
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Added
TentativeReject
class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]Improved multitenancy (virtual hosting) support. [#66]
- Added
Context.hostname
property. - Added
Context.host
property. - Added
Context.origin
property. - The type of
ActorKeyPairsDispatcher<TContextData>
's first parameter becameContext
(wasTContextData
).
- Added
During verifying HTTP Signatures and Object Integrity Proofs, once fetched public keys are now cached. [#107]
- The
verifyRequest()
function now caches the fetched public keys when thekeyCache
option is provided. - The
verifyProof()
function now caches the fetched public keys when thekeyCache
option is provided. - The
verifyObject()
function now caches the fetched public keys when thekeyCache
option is provided. - Added
KeyCache
interface. - Added
VerifyRequestOptions.keyCache
property. - Added
VerifyProofOptions.keyCache
property. - Added
VerifyObjectOptions.keyCache
property. - Added
FederationKvPrefixes.publicKey
property.
- The
The built-in document loaders now recognize JSON-LD context provided in an HTTP
Link
header. [#6]- The
fetchDocumentLoader()
function now recognizes theLink
header with thehttp://www.w3.org/ns/json-ld#context
link relation. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that recognizes theLink
header with thehttp://www.w3.org/ns/json-ld#context
link relation.
- The
Deprecated
Federation.sendActivity()
method. UseContext.sendActivity()
method instead.The last parameter of
Federation.sendActivity()
method is no longer optional. Also, it now takes the requiredcontextData
option.Removed
Context.getHandleFromActorUri()
method which was deprecated in version 0.9.0. UseContext.parseUri()
method instead.Removed
@fedify/fedify/httpsig
module which was deprecated in version 0.9.0. Use@fedify/fedify/sig
module instead.- Removed
sign()
function. - Removed
verify()
function. - Removed
VerifyOptions
interface.
- Removed
Fixed a bug where the
lookupWebFinger()
function had incorrectly queried if the givenresource
was a URL starts withhttp:
or had a non-default port number.Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address. - Added an optional second parameter to the
fetchDocumentLoader()
function, which can be used to allow fetching private network addresses. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address. - Added an optional second parameter to the
getAuthenticatedDocumentLoader()
function, which can be used to allow fetching private network addresses.
- The
Added
fedify init
subcommand. [#105]Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "federation", "queue"]
Version 0.11.3
Released on July 15, 2024.
- Fixed a bug where use of
Federation.setInboxDispatcher()
afterFederation.setInboxListeners()
had caused aRouterError
to be thrown even if the paths match. [#101 by Fabien O'Carroll]
Version 0.11.2
Released on July 9, 2024.
Fixed a vulnerability of SSRF via DNS rebinding in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given domain name has any records referring to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given domain name has any records referring to a private network address.
- The
Version 0.11.1
Released on July 5, 2024.
Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
- The
Version 0.11.0
Released on June 29, 2024.
Improved runtime type error messages for Activity Vocabulary API. [#79]
Added
suppressError
option to dereferencing accessors of Activity Vocabulary classes.Added more collection dispatchers. [#78]
- Added
Federation.setInboxDispatcher()
method. [#71] - Added
Federation.setLikedDispatcher()
method. - Added
Context.getLikedUri()
method. - Added
{ type: "liked"; handle: string }
case toParseUriResult
type. - Renamed
linked
property (which was a typo) toliked
inApplication
,Group
,Organization
,Person
, andService
classes. - Added
Federation.setFeaturedDispatcher()
method. - Added
Context.getFeaturedUri()
method. - Added
{ type: "featured"; handle: string }
case toParseUriResult
type. - Added
Federation.setFeaturedTagsDispatcher()
method. - Added
Context.getFeaturedTagsUri()
method. - Added
{ type: "featuredTags"; handle: string }
case toParseUriResult
type.
- Added
Frequently used JSON-LD contexts are now preloaded. [#74]
The
fetchDocumentLoader()
function now preloads the following JSON-LD contexts:The default
rules
forkvCache()
function are now 5 minutes for all URLs.
Added
Invite
class to Activity Vocabulary API. [#65, #80 by Randy Wressell]Added
Join
class to Activity Vocabulary API. [#65, #80 by Randy Wressell]Added
Leave
class to Activity Vocabulary API. [#65, #80 by Randy Wressell]Added
Listen
class to Activity Vocabulary API. [#65, #80 by Randy Wressell]Added
Offer
class to Activity Vocabulary API. [#65, #76 by Lee Dogeon]The below properties of
Collection
andCollectionPage
in Activity Vocabulary API now do not acceptLink
objects:Collection.current
Collection.first
Collection.last
CollectionPage.partOf
CollectionPage.next
CollectionPage.prev
Added
featured
property toActor
types in Activity Vocabulary API. [#78]- Added
Application.getFeatured()
method. - Added
Application.featuredId
property. new Application()
constructor now acceptsfeatured
option.Application.clone()
method now acceptsfeatured
option.- Added
Group.getFeatured()
method. - Added
Group.featuredId
property. new Group()
constructor now acceptsfeatured
option.Group.clone()
method now acceptsfeatured
option.- Added
Organization.getFeatured()
method. - Added
Organization.featuredId
property. new Organization()
constructor now acceptsfeatured
option.Organization.clone()
method now acceptsfeatured
option.- Added
Person.getFeatured()
method. - Added
Person.featuredId
property. new Person()
constructor now acceptsfeatured
option.Person.clone()
method now acceptsfeatured
option.- Added
Service.getFeatured()
method. - Added
Service.featuredId
property. new Service()
constructor now acceptsfeatured
option.Service.clone()
method now acceptsfeatured
option.
- Added
Added
featuredTags
property toActor
types in Activity Vocabulary API. [#78]- Added
Application.getFeaturedTags()
method. - Added
Application.featuredTagsId
property. new Application()
constructor now acceptsfeaturedTags
option.Application.clone()
method now acceptsfeaturedTags
option.- Added
Group.getFeaturedTags()
method. - Added
Group.featuredTagsId
property. new Group()
constructor now acceptsfeaturedTags
option.Group.clone()
method now acceptsfeaturedTags
option.- Added
Organization.getFeaturedTags()
method. - Added
Organization.featuredTagsId
property. new Organization()
constructor now acceptsfeaturedTags
option.Organization.clone()
method now acceptsfeaturedTags
option.- Added
Person.getFeaturedTags()
method. - Added
Person.featuredTagsId
property. new Person()
constructor now acceptsfeaturedTags
option.Person.clone()
method now acceptsfeaturedTags
option.- Added
Service.getFeaturedTags()
method. - Added
Service.featuredTagsId
property. new Service()
constructor now acceptsfeaturedTags
option.Service.clone()
method now acceptsfeaturedTags
option.
- Added
Added
target
property toActivity
class in Activity Vocabulary API.- Added
Activity.getTarget()
method. - Added
Activity.getTargets()
method. - Added
Activity.targetId
property. - Added
Activity.targetIds
property. new Activity()
constructor now acceptstarget
option.new Activity()
constructor now acceptstargets
option.Activity.clone()
method now acceptstarget
option.Activity.clone()
method now acceptstargets
option.
- Added
Added
result
property toActivity
class in Activity Vocabulary API.- Added
Activity.getResult()
method. - Added
Activity.getResults()
method. - Added
Activity.resultId
property. - Added
Activity.resultIds
property. new Activity()
constructor now acceptsresult
option.new Activity()
constructor now acceptsresults
option.Activity.clone()
method now acceptsresult
option.Activity.clone()
method now acceptsresults
option.
- Added
Added
origin
property toActivity
class in Activity Vocabulary API.- Added
Activity.getOrigin()
method. - Added
Activity.getOrigins()
method. - Added
Activity.originId
property. - Added
Activity.originIds
property. new Activity()
constructor now acceptsorigin
option.new Activity()
constructor now acceptsorigins
option.Activity.clone()
method now acceptsorigin
option.Activity.clone()
method now acceptsorigins
option.
- Added
Added
instrument
property toActivity
class in Activity Vocabulary API.- Added
Activity.getInstrument()
method. - Added
Activity.getInstruments()
method. - Added
Activity.instrumentId
property. - Added
Activity.instrumentIds
property. new Activity()
constructor now acceptsinstrument
option.new Activity()
constructor now acceptsinstruments
option.Activity.clone()
method now acceptsinstrument
option.Activity.clone()
method now acceptsinstruments
option.
- Added
The
items
property ofOrderedCollection
andOrderedCollectionPage
in Activity Vocabulary API is now represented asorderedItems
(wasitems
) in JSON-LD.The key pair or the key pair for signing outgoing HTTP requests made from the shared inbox now can be configured. This improves the compatibility with other ActivityPub implementations that require authorized fetches (i.e., secure mode).
- Added
SharedInboxKeyDispatcher
type. - Renamed
InboxListenerSetter
interface toInboxListenerSetters
. - Added
InboxListenerSetters.setSharedKeyDispatcher()
method.
- Added
Followed up the change in
eddsa-jcs-2022
specification for Object Integrity Proofs. [FEP-8b32, #54]
Version 0.10.2
Released on July 9, 2024.
Fixed a vulnerability of SSRF via DNS rebinding in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given domain name has any records referring to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given domain name has any records referring to a private network address.
- The
Version 0.10.1
Released on July 5, 2024.
Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
- The
Version 0.10.0
Released on June 18, 2024.
Starting with this release, Fedify, previously distributed under AGPL 3.0, is now distributed under the MIT License to encourage wider adoption.
Besides RSA-PKCS#1-v1.5, Fedify now supports Ed25519 for signing and verifying the activities. [#55]
- Added an optional parameter to
generateCryptoKeyPair()
function,algorithm
, which can be either"RSASSA-PKCS1-v1_5"
or"Ed25519"
. - The
importJwk()
function now accepts Ed25519 keys. - The
exportJwk()
function now exports Ed25519 keys. - The
importSpki()
function now accepts Ed25519 keys. - The
exportJwk()
function now exports Ed25519 keys.
- Added an optional parameter to
Now multiple key pairs can be registered for an actor. [FEP-521a, #55]
- Added
Context.getActorKeyPairs()
method. - Deprecated
Context.getActorKey()
method. UseContext.getActorKeyPairs()
method instead. - Added
ActorKeyPair
interface. - Added
ActorCallbackSetters.setKeyPairsDispatcher()
method. - Added
ActorKeyPairsDispatcher
type. - Deprecated
ActorCallbackSetters.setKeyPairDispatcher()
method. - Deprecated
ActorKeyPairDispatcher
type. - Deprecated the third parameter of the
ActorDispatcher
callback type. UseContext.getActorKeyPairs()
method instead.
- Added
Added
Multikey
class to Activity Vocabulary API. [FEP-521a, #55]- Added
importMultibaseKey()
function. - Added
exportMultibaseKey()
function.
- Added
Added
assertionMethod
property to theActor
types in the Activity Vocabulary API. [FEP-521a, #55]- Added
Application.getAssertionMethod()
method. - Added
Application.getAssertionMethods()
method. new Application()
constructor now acceptsassertionMethod
option.new Application()
constructor now acceptsassertionMethods
option.Application.clone()
method now acceptsassertionMethod
option.Application.clone()
method now acceptsassertionMethods
option.- Added
Group.getAssertionMethod()
method. - Added
Group.getAssertionMethods()
method. new Group()
constructor now acceptsassertionMethod
option.new Group()
constructor now acceptsassertionMethods
option.Group.clone()
method now acceptsassertionMethod
option.Group.clone()
method now acceptsassertionMethods
option.- Added
Organization.getAssertionMethod()
method. - Added
Organization.getAssertionMethods()
method. new Organization()
constructor now acceptsassertionMethod
option.new Organization()
constructor now acceptsassertionMethods
option.Organization.clone()
method now acceptsassertionMethod
option.Organization.clone()
method now acceptsassertionMethods
option.- Added
Person.getAssertionMethod()
method. - Added
Person.getAssertionMethods()
method. new Person()
constructor now acceptsassertionMethod
option.new Person()
constructor now acceptsassertionMethods
option.Person.clone()
method now acceptsassertionMethod
option.Person.clone()
method now acceptsassertionMethods
option.- Added
Service.getAssertionMethod()
method. - Added
Service.getAssertionMethods()
method. new Service()
constructor now acceptsassertionMethod
option.new Service()
constructor now acceptsassertionMethods
option.Service.clone()
method now acceptsassertionMethod
option.Service.clone()
method now acceptsassertionMethods
option.
- Added
Added
DataIntegrityProof
class to Activity Vocabulary API. [FEP-8b32, #54]Added
proof
property to theObject
class in the Activity Vocabulary API. [FEP-8b32, #54]- Added
Object.getProof()
method. - Added
Object.getProofs()
method. new Object()
constructor now acceptsproof
option.new Object()
constructor now acceptsproofs
option.Object.clone()
method now acceptsproof
option.Object.clone()
method now acceptsproofs
option.
- Added
Implemented Object Integrity Proofs. [FEP-8b32, #54]
- If there are any Ed25519 key pairs, the
Context.sendActivity()
andFederation.sendActivity()
methods now make Object Integrity Proofs for the activity to be sent. - If the incoming activity has Object Integrity Proofs, the inbox listener now verifies them and ignores HTTP Signatures (if any).
- Added
signObject()
function. - Added
SignObjectOptions
interface. - Added
createProof()
function. - Added
CreateProofOptions
interface. - Added
verifyObject()
function. - Added
VerifyObjectOptions
interface. - Added
verifyProof()
function. - Added
VerifyProofOptions
interface. - Added
fetchKey()
function. - Added
FetchKeyOptions
interface. - Added
SenderKeyPair
interface. - The type of
Federation.sendActivity()
method's first parameter becameSenderKeyPair[]
(was{ keyId: URL; privateKey: CryptoKey }
). - The
Context.sendActivity()
method's first parameter now acceptsSenderKeyPair[]
as well.
- If there are any Ed25519 key pairs, the
In the future,
Federation
class will become an interface. For the forward compatibility, the following changes are made:- Added
createFederation()
function. - Added
CreateFederationOptions
interface. - Deprecated
new Federation()
constructor. UsecreateFederation()
function instead. - Deprecated
FederationParameters
interface.
- Added
Added
Arrive
class to Activity Vocabulary API. [#65, #68 by Randy Wressell]Added
Question
class to Activity Vocabulary API.Added
context
option toObject.toJsonLd()
method. This applies to any subclasses of theObject
class too.Deprecated
treatHttps
option inFederationParameters
interface. Instead, use the x-forwarded-fetch library to recognize theX-Forwarded-Host
andX-Forwarded-Proto
headers.Removed the
Federation.handle()
method which was deprecated in version 0.6.0.Removed the
integrateHandlerOptions()
function from@fedify/fedify/x/fresh
which was deprecated in version 0.6.0.Ephemeral actors and inboxes that the
fedify inbox
command spawns are now more interoperable with other ActivityPub implementations.- Ephemeral actors now have the following properties:
summary
,following
,followers
,outbox
,manuallyApprovesFollowers
, andurl
. - Improved the compatibility of the
fedify inbox
command with Misskey and Mitra.
- Ephemeral actors now have the following properties:
Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "sig", "proof"]
["fedify", "sig", "key"]
["fedify", "vocab", "lookup"]
["fedify", "webfinger", "lookup"]
Version 0.9.3
Released on July 9, 2024.
Fixed a vulnerability of SSRF via DNS rebinding in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given domain name has any records referring to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given domain name has any records referring to a private network address.
- The
Version 0.9.2
Released on July 5, 2024.
Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]
- The
fetchDocumentLoader()
function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address. - The
getAuthenticatedDocumentLoader()
function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
- The
Version 0.9.1
Released on June 13, 2024.
- Fixed a bug of Activity Vocabulary API that
clone()
method of Vocabulary classes had not cloned theid
property from the source object.
Version 0.9.0
Released on June 2, 2024.
Added
Tombstone
class to Activity Vocabulary API.Added an actor handle normalization function.
- Added
normalizeActorHandle()
function. - Added
NormalizeActorHandleOptions
interface. - The
getActorHandle()
function now guarantees that the returned actor handle is normalized. - Added the second optional parameter to
getActorHandle()
function. - The return type of
getActorHandle()
function becamePromise<`@${string}@${string}` | `${string}@${string}`>
(wasPromise<`@${string}@${string}`>
).
- Added
Added
excludeBaseUris
option toContext.sendActivity()
andFederation.sendActivity()
methods.- Added
SendActivityOptions.excludeBaseUris
property. - Added
ExtractInboxesParameters.excludeBaseUris
property.
- Added
The
Context
now can parse URIs of objects, inboxes, and collections as well as actors.- Added
Context.parseUri()
method. - Added
ParseUriResult
type. - Deprecated
Context.getHandleFromActorUri()
method.
- Added
The time window for signature verification is now configurable. [#52]
- The default time window for signature verification is now a minute (was 30 seconds).
- Added
signatureTimeWindow
option toFederationParameters
interface. - Added
VerifyOptions
interface. - The signature of the
verify()
function is revamped; it now optionally takes aVerifyOptions
object as the second parameter.
Renamed the
@fedify/fedify/httpsig
module to@fedify/fedify/sig
, and also:- Deprecated
sign()
function. UsesignRequest()
instead. - Deprecated
verify()
function. UseverifyRequest()
instead. - Deprecated
VerifyOptions
interface. UseVerifyRequestOptions
instead.
- Deprecated
When signing an HTTP request, the
algorithm
parameter is now added to theSignature
header. This change improves the compatibility with Misskey and other implementations that require thealgorithm
parameter.Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "federation", "actor"]
["fedify", "federation", "http"]
["fedify", "sig", "http"]
["fedify", "sig", "key"]
["fedify", "sig", "owner"]
Version 0.8.0
Released on May 6, 2024.
The CLI toolchain for testing and debugging is now available on JSR: @fedify/cli. You can install it with
deno install -A --unstable-fs --unstable-kv --unstable-temporal -n fedify jsr:@fedify/cli
, or download a standalone executable from the releases page.- Added
fedify
command. - Added
fedify lookup
subcommand. - Added
fedify inbox
subcommand.
- Added
Implemented followers collection synchronization mechanism.
- Added
RequestContext.sendActivity()
overload that takes"followers"
as the second parameter. - Added the second type parameter to
CollectionCallbackSetters
interface. - Added the second type parameter to
CollectionDispatcher
type. - Added the fourth parameter to
CollectionDispatcher
type. - Added the second type parameter to
CollectionCounter
type. - Added the third parameter to
CollectionCounter
type. - Added the second type parameter to
CollectionCursor
type. - Added the third parameter to
CollectionCursor
type.
- Added
Relaxed the required type for activity recipients.
- Added
Recipient
interface. - The type of the second parameter of
Context.sendActivity()
method becameRecipient | Recipient[]
(wasActor | Actor[]
). However, sinceRecipient
is a supertype ofActor
, the existing code should work without any change.
- Added
Followers collection now has to consist of
Recipient
objects only. (It could consist ofURL
s as well asActor
s before.)- The type of
Federation.setFollowersDispatcher()
method's second parameter becameCollectionDispatcher<Recipient, TContextData, URL>
(wasCollectionDispatcher<Actor | URL, TContextData>
).
- The type of
Some of the responsibility of a document loader was separated to a context loader and a document loader.
- Added
contextLoader
option to constructors,fromJsonLd()
static methods,clone()
methods, and all non-scalar accessors (get*()
) of Activity Vocabulary classes. - Renamed
documentLoader
option tocontextLoader
intoJsonLd()
methods of Activity Vocabulary objects. - Added
contextLoader
option toLookupObjectOptions
interface. - Added
contextLoader
property toContext
interface. - Added
contextLoader
option toFederationParameters
interface. - Renamed
documentLoader
option tocontextLoader
inRespondWithObjectOptions
interface. - Added
GetKeyOwnerOptions
interface. - The type of the second parameter of
getKeyOwner()
function becameGetKeyOwnerOptions
(wasDocumentLoader
). - Added
DoesActorOwnKeyOptions
interface. - The type of the third parameter of
doesActorOwnKey()
function becameDoesActorOwnKeyOptions
(wasDocumentLoader
).
- Added
Added
width
andheight
properties toDocument
class for better compatibility with Mastodon. [#47]- Added
Document.width
property. - Added
Document.height
property. new Document()
constructor now acceptswidth
option.new Document()
constructor now acceptsheight
option.Document.clone()
method now acceptswidth
option.Document.clone()
method now acceptsheight
option.
- Added
Removed the dependency on @js-temporal/polyfill on Deno, and Fedify now requires
--unstable-temporal
flag. On other runtime, it still depends on @js-temporal/polyfill.Added more log messages using the LogTape library. Currently the below logger categories are used:
["fedify", "federation", "collection"]
["fedify", "httpsig", "verify"]
["fedify", "runtime", "docloader"]
Fixed a bug where the authenticated document loader had thrown
InvalidUrl
error when the URL redirection was involved in Bun.Fixed a bug of
lookupObject()
that it had failed to look up the actor object when WebFinger response had no links with"type": "application/activity+json"
but had"type": "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\""
.
Version 0.7.0
Released on April 23, 2024.
Added
PUBLIC_COLLECTION
constant for public addressing.Federation
now supports authorized fetch for actor dispatcher and collection dispatchers.- Added
ActorCallbackSetters.authorize()
method. - Added
CollectionCallbackSetters.authorize()
method. - Added
AuthorizedPredicate
type. - Added
RequestContext.getSignedKey()
method. - Added
RequestContext.getSignedKeyOwner()
method. - Added
FederationFetchOptions.onUnauthorized
option for handling unauthorized fetches. - Added
getKeyOwner()
function.
- Added
The default implementation of
FederationFetchOptions.onNotAcceptable
option now responds withVary: Accept, Signature
header.Added log messages using the LogTape library. Currently the below logger categories are used:
["fedify"]
["fedify", "federation"]
["fedify", "federation", "inbox"]
["fedify", "federation", "outbox"]
Added
RequestContext.getActor()
method.Activity Vocabulary classes now have
typeId
static property.Dispatcher setters and inbox listener setters in
Federation
now take a path as`${string}{handle}${string}`
instead ofstring
so that it is more type-safe.Added generalized object dispatchers. [#33]
- Added
Federation.setObjectDispatcher()
method. - Added
ObjectDispatcher
type. - Added
ObjectAuthorizePredicate
type. - Added
Context.getObjectUri()
method. - Added
RequestContext.getObject()
method.
- Added
Version 0.6.1
Released on April 17, 2024.
- Fixed a bug of
new Federation()
constructor that if it is once called the process will never exit. [#39]
Version 0.6.0
Released on April 9, 2024.
DocumentLoader
is now propagated to the loaded remote objects from Activity Vocabulary objects. [#27]- Added
options
parameter to Activity Vocabulary constructors. - Added
options
parameter toclone()
method of Activity Vocabulary objects. - The Activity Vocabulary object passed to
InboxListener
now implicitly loads remote object with an authenticatedDocumentLoader
.
- Added
Added
Federation.fetch()
method.- Deprecated
Federation.handle()
method. UseFederation.fetch()
method instead. - Renamed
FederationHandlerParameters
type toFederationFetchOptions
. - Added
integrateFetchOptions()
function. - Deprecated
integrateHandlerOptions()
function.
- Deprecated
Added
@fedify/fedify/x/hono
module for integrating with Hono middleware. [#25]- Added
federation()
function. - Added
ContextDataFactory
type.
- Added
Context.sendActivity()
method now throwsTypeError
instead of silently failing when the givenActivity
object lacks the actor property.Context.sendActivity()
method now uses an authenticated document loader under the hood.Added outbox error handler to
Federation
.- Added
onOutboxError
option tonew Federation()
constructor. - Added
OutboxErrorHandler
type.
- Added
Version 0.5.2
Released on April 17, 2024.
- Fixed a bug of
new Federation()
constructor that if it is once called the process will never exit. [#39]
Version 0.5.1
Released on April 5, 2024.
- Fixed a bug of
Federation
that its actor/collection dispatchers had done content negotiation before determining if the resource exists or not. It also fixed a bug thatintegrateHandler()
from@fedify/fedify/x/fresh
had responded with406 Not Acceptable
instead of404 Not Found
when the resource does not exist in the web browser. [#34]
Version 0.5.0
Released on April 2, 2024.
Fedify is now available on npm: @fedify/fedify. [#24]
Abstract key-value store for caching.
- Added
KvStore
interface. - Added
KvStoreSetOptions
interface. - Added
KvKey
type. - Added
DenoKvStore
class. KvCacheParameters.kv
option now accepts aKvStore
instead ofDeno.Kv
.KvCacheParameters.prefix
option now accepts aKvKey
instead ofDeno.KvKey
.FederationParameters.kv
option now accepts aKvStore
instead ofDeno.Kv
.FederationKvPrefixes.activityIdempotence
option now accepts aKvKey
instead ofDeno.KvKey
.FederationKvPrefixes.remoteDocument
option now accepts aKvKey
instead ofDeno.KvKey
.
- Added
Abstract message queue for outgoing activities.
- Added
MessageQueue
interface. - Added
MessageQueueEnqueueOptions
interface. - Added
InProcessMessageQueue
class. - Added
FederationParameters.queue
option.
- Added
Added
@fedify/fedify/x/denokv
module for adaptingDeno.Kv
toKvStore
andMessageQueue
. It is only available in Deno runtime.- Added
DenoKvStore
class. - Added
DenoKvMessageQueue
class.
- Added
Added
PropertyValue
to Activity Vocabulary API. [#29]- Added
PropertyValue
class. new Object()
constructor'sattachments
option now acceptsPropertyValue
objects.new Object()
constructor'sattachment
option now accepts aPropertyValue
object.Object.getAttachments()
method now yieldsPropertyValue
objects besidesObject
andLink
objects.Object.getAttachment()
method now returns aPropertyValue
object besides anObject
and aLink
object.Object.clone()
method'sattachments
option now acceptsPropertyValue
objects.Object.clone()
method'sattachment
option now accepts aPropertyValue
object.
- Added
Removed dependency on jose.
- Added
exportSpki()
function. - Added
importSpki()
function.
- Added
Fixed a bug that
Application.manuallyApprovesFollowers
,Group.manuallyApprovesFollowers
,Organization.manuallyApprovesFollowers
,Person.manuallyApprovesFollowers
, andService.manuallyApprovesFollowers
properties were not properly displayed in Mastodon.
Version 0.4.0
Released on March 26, 2024.
Added
@fedify/fedify/x/fresh
module for integrating with Fresh middleware.- Added
integrateHandler()
function. - Added
integrateHandlerOptions()
function.
- Added
Added
getActorHandle()
function.Fedify now has authenticated document loader. [#12]
- Added
Context.getDocumentLoader()
method. - Added
getAuthenticatedDocumentLoader()
function. - Added
AuthenticatedDocumentLoaderFactory
type. - Added
authenticatedDocumentLoaderFactory
option tonew Federation()
constructor. Context.documentLoader
property now returns an authenticated document loader in personal inbox listeners. (Note that it's not affected in shared inbox listeners.)
- Added
Added singular accessors to
Object
'sicon
andimage
properties.new Object()
constructor now acceptsicon
option.new Object()
constructor now acceptsimage
option.- Added
Object.getIcon()
method. - Added
Object.getImage()
method. Object.clone()
method now acceptsicon
option.Object.clone()
method now acceptsimage
option.
Object
'sicon
andimage
properties no more acceptLink
objects.new Object()
constructor'sicons
option no more acceptsLink
objects.new Object()
constructor'simages
option no more acceptsLink
objects.Object.getIcons()
method no more yieldsLink
objects.Object.getImages()
method no more yieldsLink
objects.Object.clone()
method'sicons
option no more acceptsLink
objects.Object.clone()
method'simages
option no more acceptsLink
objects.
Object
'sattributedTo
property was renamed toattribution
.new Object()
constructor'sattributedTo
option was renamed toattribution
.new Object()
constructor'sattributedTos
option was renamed toattributions
.Object.getAttributedTo()
method is renamed toObject.getAttribution()
.Object.getAttributedTos()
method is renamed toObject.getAttributions()
.Object.clone()
method'sattributedTo
option is renamed toattribution
.Object.clone()
method'sattributedTos
option is renamed toattributions
.
Object
'sattribution
property (wasattributedTo
) now accepts onlyActor
objects.new Object()
constructor'sattribution
option (wasattributedTo
) now accepts only anActor
object.new Object()
constructor'sattributions
option (wasattributedTos
) now accepts onlyActor
objects.Object.getAttribution()
method (wasgetAttributedTo()
) now returns only anActor
object.Object.getAttributions()
method (wasgetAttributedTos()
) now returns onlyActor
objects.Object.clone()
method'sattribution
option (attributedTo
) now accepts only anActor
object.Object.clone()
method'sattributions
option (attributedTos
) now accepts onlyActor
objects.
Activity
'sobject
property no more acceptsLink
objects.new Activity()
constructor'sobject
option no more accepts aLink
object.new Activity()
constructor'sobjects
option no more acceptsLink
objects.Activity.getObject()
method no more returns aLink
object.Activity.getObjects()
method no more returnsLink
objects.Activity.clone()
method'sobject
option no more accepts aLink
object.Activity.clone()
method'sobjects
option no more acceptsLink
objects.
Activity
'sactor
property now accepts onlyActor
objects.new Activity()
constructor'sactor
option now accepts only anActor
object.new Activity()
constructor'sactors
option now accepts onlyActor
objects.Activity.getActor()
method now returns only anActor
object.Activity.getActors()
method now returns onlyActor
objects.Activity.clone()
method'sactor
option now accepts only anActor
object.Activity.clone()
method'sactors
option now accepts onlyActor
objects.
Added
sensitive
property toObject
class.new Object()
constructor now acceptssensitive
option.- Added
Object.sensitive
attribute. Object.clone()
method now acceptssensitive
option.
Now
lookupWebFinger()
follows redirections.The
http://webfinger.net/rel/profile-page
links in WebFinger responses now omittype
property.
Version 0.3.0
Released on March 15, 2024.
Added utility functions for responding with an ActivityPub object:
- Added
respondWithObject()
function. - Added
respondWithObjectIfAcceptable()
function. - Added
RespondWithObjectOptions
interface.
- Added
Added utility functions for generating and exporting cryptographic keys which are compatible with popular ActivityPub software:
- Added
generateCryptoKeyPair()
function. - Added
exportJwk()
function. - Added
importJwk()
function.
- Added
The following functions and methods now throw
TypeError
if the specifiedCryptoKey
is notextractable
:Context.getActorKey()
methodContext.sendActivity()
methodFederation.sendActivity()
method
Added
immediate
option toContext.sendActivity()
andFederation.sendActivity()
methods.Added
SendActivityOptions
interface.Now
onNotFound
/onNotAcceptable
options are optional forFederation.handle()
method. [#9]
Version 0.2.0
Released on March 10, 2024.
Implemented NodeInfo 2.1 protocol. [#1]
- Now
Federation.handle()
accepts requests for /.well-known/nodeinfo. - Added
Federation.setNodeInfoDispatcher()
method. - Added
Context.getNodeInfoUri()
method. - Added
NodeInfo
interface. - Added
Software
interface. - Added
Protocol
type. - Added
Services
interface. - Added
InboundService
type. - Added
OutboundService
type. - Added
Usage
interface. - Added
NodeInfoDispatcher
type. - Added
nodeInfoToJson()
function.
- Now
Implemented WebFinger client.
- Added
lookupObject()
function. - Added
lookupWebFinger()
function.
- Added
Federation.handle()
now responds withAccess-Control-Allow-Origin: *
header for WebFinger requests.fetchDocumentLoader()
, the default document loader, now sendsAccept: application/activity+json, application/ld+json
header (wasAccept: application/ld+json
only).
Version 0.1.0
Initial release. Released on March 8, 2024.