Loading CHANGES.md +24 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,14 @@ Version 1.1.22 To be released. - Fixed a bug where inbox handler had thrown a `jsonld.SyntaxError` which caused a `500 Internal Server Error` when the received activity had an invalid JSON-LD syntax. Now it logs the error and responds with a `400 Bad Request` error instead. [[#232]] - The `exportJwk()` function now populates the `alg` property of a returned `JsonWebKey` object with `"Ed25519"` if the input key is an Ed25519 key. Version 1.1.21 -------------- Loading Loading @@ -438,6 +446,22 @@ Released on October 20, 2024. [#150]: https://github.com/dahlia/fedify/issues/150 Version 1.0.25 -------------- Released on May 16, 2025. - Fixed a bug where inbox handler had thrown a `jsonld.SyntaxError` which caused a `500 Internal Server Error` when the received activity had an invalid JSON-LD syntax. Now it logs the error and responds with a `400 Bad Request` error instead. [[#232]] - The `exportJwk()` function now populates the `alg` property of a returned `JsonWebKey` object with `"Ed25519"` if the input key is an Ed25519 key. [#232]: https://github.com/fedify-dev/fedify/issues/232 Version 1.0.24 -------------- Loading src/codegen/__snapshots__/class.test.ts.snap +132 −0 File changed.Preview size limit exceeded, changes collapsed. Show changes src/codegen/inspector.ts +2 −0 Original line number Diff line number Diff line Loading @@ -73,6 +73,7 @@ export async function* generateInspector( return proxy; } // @ts-ignore: suppressing TS4127 ${emitOverride(typeUri, types)} [Symbol.for("Deno.customInspect")]( inspect: typeof Deno.inspect, options: Deno.InspectOptions, Loading @@ -81,6 +82,7 @@ export async function* generateInspector( return ${JSON.stringify(type.name + " ")} + inspect(proxy, options); } // @ts-ignore: suppressing TS4127 ${emitOverride(typeUri, types)} [Symbol.for("nodejs.util.inspect.custom")]( _depth: number, options: unknown, Loading src/federation/handler.test.ts +35 −0 Original line number Diff line number Diff line Loading @@ -1202,6 +1202,41 @@ test("handleInbox()", async () => { }); assertEquals(onNotFoundCalled, null); assertEquals(response.status, 202); const invalidRequest = new Request("https://example.com/", { method: "POST", body: JSON.stringify({ "@context": [ "https://www.w3.org/ns/activitystreams", true, 23, ], type: "Create", object: { type: "Note", content: "Hello, world!" }, actor: "https://example.com/users/alice", }), }); const signedInvalidRequest = await signRequest( invalidRequest, rsaPrivateKey3, rsaPublicKey3.id!, ); const signedInvalidContext = createRequestContext({ request: signedInvalidRequest, url: new URL(signedInvalidRequest.url), data: undefined, documentLoader: mockDocumentLoader, }); response = await handleInbox(signedInvalidRequest, { identifier: null, context: signedContext, inboxContextFactory(_activity) { return createInboxContext(signedInvalidContext); }, ...inboxOptions, }); assertEquals(onNotFoundCalled, null); assertEquals(response.status, 400); }); test("respondWithObject()", async () => { Loading src/federation/handler.ts +17 −5 Original line number Diff line number Diff line Loading @@ -445,11 +445,23 @@ export async function handleInbox<TContextData>( await kv.set([...kvPrefixes.publicKey, keyId.href], serialized); }, }; const ldSigVerified = await verifyJsonLd(json, { let ldSigVerified: boolean; try { ldSigVerified = await verifyJsonLd(json, { contextLoader: context.contextLoader, documentLoader: context.documentLoader, keyCache, }); } catch (error) { if (error instanceof Error && error.name === "jsonld.SyntaxError") { logger.error("Failed to parse JSON-LD:\n{error}", { identifier, error }); return new Response("Invalid JSON-LD.", { status: 400, headers: { "Content-Type": "text/plain; charset=utf-8" }, }); } ldSigVerified = false; } const jsonWithoutSig = detachSignature(json); let activity: Activity | null = null; if (ldSigVerified) { Loading Loading
CHANGES.md +24 −0 Original line number Diff line number Diff line Loading @@ -8,6 +8,14 @@ Version 1.1.22 To be released. - Fixed a bug where inbox handler had thrown a `jsonld.SyntaxError` which caused a `500 Internal Server Error` when the received activity had an invalid JSON-LD syntax. Now it logs the error and responds with a `400 Bad Request` error instead. [[#232]] - The `exportJwk()` function now populates the `alg` property of a returned `JsonWebKey` object with `"Ed25519"` if the input key is an Ed25519 key. Version 1.1.21 -------------- Loading Loading @@ -438,6 +446,22 @@ Released on October 20, 2024. [#150]: https://github.com/dahlia/fedify/issues/150 Version 1.0.25 -------------- Released on May 16, 2025. - Fixed a bug where inbox handler had thrown a `jsonld.SyntaxError` which caused a `500 Internal Server Error` when the received activity had an invalid JSON-LD syntax. Now it logs the error and responds with a `400 Bad Request` error instead. [[#232]] - The `exportJwk()` function now populates the `alg` property of a returned `JsonWebKey` object with `"Ed25519"` if the input key is an Ed25519 key. [#232]: https://github.com/fedify-dev/fedify/issues/232 Version 1.0.24 -------------- Loading
src/codegen/__snapshots__/class.test.ts.snap +132 −0 File changed.Preview size limit exceeded, changes collapsed. Show changes
src/codegen/inspector.ts +2 −0 Original line number Diff line number Diff line Loading @@ -73,6 +73,7 @@ export async function* generateInspector( return proxy; } // @ts-ignore: suppressing TS4127 ${emitOverride(typeUri, types)} [Symbol.for("Deno.customInspect")]( inspect: typeof Deno.inspect, options: Deno.InspectOptions, Loading @@ -81,6 +82,7 @@ export async function* generateInspector( return ${JSON.stringify(type.name + " ")} + inspect(proxy, options); } // @ts-ignore: suppressing TS4127 ${emitOverride(typeUri, types)} [Symbol.for("nodejs.util.inspect.custom")]( _depth: number, options: unknown, Loading
src/federation/handler.test.ts +35 −0 Original line number Diff line number Diff line Loading @@ -1202,6 +1202,41 @@ test("handleInbox()", async () => { }); assertEquals(onNotFoundCalled, null); assertEquals(response.status, 202); const invalidRequest = new Request("https://example.com/", { method: "POST", body: JSON.stringify({ "@context": [ "https://www.w3.org/ns/activitystreams", true, 23, ], type: "Create", object: { type: "Note", content: "Hello, world!" }, actor: "https://example.com/users/alice", }), }); const signedInvalidRequest = await signRequest( invalidRequest, rsaPrivateKey3, rsaPublicKey3.id!, ); const signedInvalidContext = createRequestContext({ request: signedInvalidRequest, url: new URL(signedInvalidRequest.url), data: undefined, documentLoader: mockDocumentLoader, }); response = await handleInbox(signedInvalidRequest, { identifier: null, context: signedContext, inboxContextFactory(_activity) { return createInboxContext(signedInvalidContext); }, ...inboxOptions, }); assertEquals(onNotFoundCalled, null); assertEquals(response.status, 400); }); test("respondWithObject()", async () => { Loading
src/federation/handler.ts +17 −5 Original line number Diff line number Diff line Loading @@ -445,11 +445,23 @@ export async function handleInbox<TContextData>( await kv.set([...kvPrefixes.publicKey, keyId.href], serialized); }, }; const ldSigVerified = await verifyJsonLd(json, { let ldSigVerified: boolean; try { ldSigVerified = await verifyJsonLd(json, { contextLoader: context.contextLoader, documentLoader: context.documentLoader, keyCache, }); } catch (error) { if (error instanceof Error && error.name === "jsonld.SyntaxError") { logger.error("Failed to parse JSON-LD:\n{error}", { identifier, error }); return new Response("Invalid JSON-LD.", { status: 400, headers: { "Content-Type": "text/plain; charset=utf-8" }, }); } ldSigVerified = false; } const jsonWithoutSig = detachSignature(json); let activity: Activity | null = null; if (ldSigVerified) { Loading
