Skip to content

Fedify 0.12.0
Compare
Choose a tag to compare
@github-actions github-actions released this 24 Jul 07:24
· 774 commits to main since this release
0.12.0
This tag was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Verified
Learn about vigilant mode.
eb16b11
This commit was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Verified
Learn about vigilant mode.

Released on July 24, 2024.

  • The fedify command is now available on npm. [#104]

  • Incoming activities are now queued before being dispatched to the inbox listener if the queue option is provided to the createFederation() function. [#70]

    • The type of InboxListener callback type's first parameter became Context (was RequestContext).
    • The type of InboxErrorHandler callback type's first parameter became Context (was RequestContext).
    • The type of SharedInboxKeyDispatcher callback type's first parameter became Context (was RequestContext).

  • Implemented fully customizable retry policy for failed tasks in the task queue. By default, the task queue retries the failed tasks with an exponential backoff policy with decorrelated jitter.

    • Added outboxRetryPolicy option to CreateFederationOptions interface.
    • Added inboxRetryPolicy option to CreateFederationOptions interface. [#70]
    • Added RetryPolicy callback type.
    • Added RetryContext interface.
    • Added createExponentialBackoffPolicy() function.
    • Added CreateExponentialBackoffPolicyOptions interface.

  • Federation object now allows its task queue to be started manually. [#53]

    • Added manuallyStartQueue option to CreateFederationOptions interface.
    • Added Federation.startQueue() method.

  • Made the router able to be insensitive to trailing slashes in the URL paths. [#81]

    • Added trailingSlashInsensitive option to CreateFederationOptions interface.
    • Added RouterOptions interface.
    • Added an optional parameter to new Router() constructor.

  • Added ChatMessage class to Activity Vocabulary API. [#85]

  • Added Move class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Added Read class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Added Travel class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Added View class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Added TentativeAccept class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Added TentativeReject class to Activity Vocabulary API. [#65, #92 by Lee Dogeon]

  • Improved multitenancy (virtual hosting) support. [#66]

    • Added Context.hostname property.
    • Added Context.host property.
    • Added Context.origin property.
    • The type of ActorKeyPairsDispatcher<TContextData>'s first parameter became Context (was TContextData).

  • During verifying HTTP Signatures and Object Integrity Proofs, once fetched public keys are now cached. [#107]

    • The verifyRequest() function now caches the fetched public keys when the keyCache option is provided.
    • The verifyProof() function now caches the fetched public keys when the keyCache option is provided.
    • The verifyObject() function now caches the fetched public keys when the keyCache option is provided.
    • Added KeyCache interface.
    • Added VerifyRequestOptions.keyCache property.
    • Added VerifyProofOptions.keyCache property.
    • Added VerifyObjectOptions.keyCache property.
    • Added FederationKvPrefixes.publicKey property.

  • The built-in document loaders now recognize JSON-LD context provided in an HTTP Link header. [#6]

    • The fetchDocumentLoader() function now recognizes the Link header with the http://www.w3.org/ns/json-ld#context link relation.
    • The getAuthenticatedDocumentLoader() function now returns a document loader that recognizes the Link header with the http://www.w3.org/ns/json-ld#context link relation.

  • Deprecated Federation.sendActivity() method. Use Context.sendActivity() method instead.

  • The last parameter of Federation.sendActivity() method is no longer optional. Also, it now takes the required contextData option.

  • Removed Context.getHandleFromActorUri() method which was deprecated in version 0.9.0. Use Context.parseUri() method instead.

  • Removed @fedify/fedify/httpsig module which was deprecated in version 0.9.0. Use @fedify/fedify/sig module instead.

    • Removed sign() function.
    • Removed verify() function.
    • Removed VerifyOptions interface.

  • Fixed a bug where the lookupWebFinger() function had incorrectly queried if the given resource was a URL starts with http: or had a non-default port number.

  • Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]

    • The fetchDocumentLoader() function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
    • Added an optional second parameter to the fetchDocumentLoader() function, which can be used to allow fetching private network addresses.
    • The getAuthenticatedDocumentLoader() function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
    • Added an optional second parameter to the getAuthenticatedDocumentLoader() function, which can be used to allow fetching private network addresses.

  • Added fedify init subcommand. [#105]

  • Added more log messages using the LogTape library. Currently the below logger categories are used:

    • ["fedify", "federation", "queue"]
Assets 9
Loading
0 Join discussion