Skip to content

Fedify 2.1.5

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 08 Apr 06:26
· 133 commits to main since this release
2.1.5
This tag was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Verified
Learn about vigilant mode.
ea03b77
This commit was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Verified
Learn about vigilant mode.

Released on April 8, 2026.

@fedify/fedify

  • Fixed Context.getActorKeyPairs() assigning the same key ID to both the CryptographicKey (used for HTTP Signatures and Linked Data Signatures) and the Multikey (used for Object Integrity Proofs) within an ActorKeyPair. The Multikey now receives a distinct ID (#multikey-1, #multikey-2, …) so that the actor document no longer contains two objects sharing the same id, which was invalid JSON-LD. Object Integrity Proof signatures now reference the correct Multikey ID instead of the CryptographicKey ID. [#663]

  • Object Integrity Proofs signing now takes place before activity fanout, so all recipients receive the same pre-signed activity. Previously, OIP signing was deferred until after fanout, meaning each fanout worker would re-sign independently with potentially different timestamps and the fanout message itself contained an unsigned activity.

@fedify/cfworkers

  • Fixed a remaining TypeScript type mismatch for Cloudflare Workers users who pass wrangler types or @cloudflare/vite-plugin generated KV bindings to WorkersKvStore. The package now accepts a minimal structural KV binding interface for WorkersKvStore and WorkersMessageQueue's orderingKv option instead of requiring the nominal KVNamespace type imported from @cloudflare/workers-types, so generated local declarations compile without casts or @ts-expect-error. [#665]
Assets 35
Loading