jon.recoil.org
commits
Build fixes:
- Change odoc extension library refs to odoc.extension_api
- Add missing assets field to extension result records
Documentation fixes:
- Fix cross-package references using documentation dependencies
- Fix reference syntax: {!Stdlib.String.escaped}, {!Webfinger.Jrd}, etc.
- Fix heading levels and anchor syntax (#→.)
- Add @canonical annotation for Loc0.t
- Escape braces in doc comments
- Add asset support via (files ...) in documentation stanza
Infrastructure:
- Remove dune subtree (now pinned to jonludlam/dune#odoc-assets-support)
- Add dune-workspace with fatal odoc warnings
- Remove conflicting odoc-config.sexp install stanzas
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add explicit unix library dependency to dune files (html5rw, tomlt)
- Fix odoc heading levels ({0 -> {1) in imap subject.mli and thread.mli
- Fix code block indentation in subject.mli and h2_stream.mli
- Change unresolved module references to plain text (Bytesrw_unix,
Bytesrw_eio, Webfinger.Jrd.t)
- Fix @raise tags to use Error instead of Error.t
- Escape @mention/@mentions text in poe docs to avoid unknown tag warnings
- Remove unreachable flag_perm rule and redundant list_mailbox production
from IMAP grammar
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
HTTP Message Signatures now use an explicit Eio clock for time validation
instead of Ptime_clock.now(), making the code testable and consistent with
Eio's capability-passing design.
Time validations now performed:
- Signatures with `expires` in the past are rejected
- Signatures with `created` in the future (beyond 60s clock skew) are rejected
- If `max_age` is specified and `created` is older, signature is rejected
API changes:
- sign/sign_with_digest now require ~clock parameter
- verify/verify_all now require ~clock parameter
- Auth.apply_signature now requires ~clock parameter
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
HTTP/2 Implementation:
- Add h2_frame module for RFC 7540 frame parsing/serialization
- Add h2_hpack module for RFC 7541 header compression (HPACK)
- Add h2_stream for HTTP/2 stream state machine
- Add h2_connection for multiplexed connection management
- Add h2_client high-level API matching HTTP/1.1 interface
- Add h2_adapter for protocol version abstraction
URI Library Migration:
- Replace custom Huri.t with Uri.t from uri opam package
- Keep Huri.write for efficient Buf_write serialization
- Remove Uri module shadowing from requests and apubt libraries
- Use Uri.* functions directly throughout codebase
Requests Library Reorganization:
- core/: fundamental types (body, headers, status, method, error)
- features/: optional functionality (auth, cache, retry, signature)
- h1/: HTTP/1.1 client implementation
- h2/: HTTP/2 client implementation
- parsing/: header and structured field parsers
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement OAuth 2.0 authentication for Mastodon instances alongside the
existing HTTP signature auth for ActivityPub federation.
New features:
- `apub auth login user@instance.social` - OAuth login with PKCE
- Commands (post, follow, like, boost) use Mastodon REST API when OAuth
credentials are available, falling back to ActivityPub federation
New files:
- apub_mastodon_oauth.ml - OAuth flow (app registration, PKCE, token exchange)
- apub_mastodon_api.ml - Mastodon REST API client (statuses, follows, etc.)
Session type changes:
- key_id and private_key_pem now optional (for OAuth-only sessions)
- New optional fields: oauth_instance, oauth_access_token, oauth_client_id,
oauth_client_secret
- Backwards compatible JSON codec
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add authentication system for the apub CLI following the atp-auth pattern:
- New apub_auth library (lib/auth/) with session persistence
- Store actor credentials in ~/.config/apub/profiles/<profile>/session.json
- Support multiple profiles for different ActivityPub accounts
- Auto-load credentials for write commands (post, follow, like, boost)
CLI commands:
- apub auth setup <actor-uri> -k <key.pem> Import actor credentials
- apub auth status Show current profile
- apub auth logout Clear saved credentials
- apub auth profile list/switch/current Profile management
Write commands now work without explicit --actor/--key-file/--key-id
when credentials are saved via 'apub auth setup'.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Integrate ocaml-webfinger library for RFC 7033/7565 compliant discovery
- Add ActivityPub WebFinger spec to spec/ directory
- Add location and preview fields to Object type
- Add Question activity support (one_of, any_of, closed fields)
- Add CLI commands: post, follow, like, boost
- Fix Signing.from_pem to properly handle string PEM input
- Update PLAN.md marking all phases complete
- Update README.md with CLI documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes warning 69 (unused-field) by exposing the record fields via
accessor functions in the public interface.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Prepare the package for publication to aoah-opam-repo with proper
metadata including license, authors, homepage, and CI configuration.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Mark completed phases: HTTP signatures, activity delivery, outbox
operations, follow protocol, NodeInfo, and most proto properties.
Note remaining work: location/preview fields, Question activity, and
CLI commands for post/follow/like/boost.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Proto layer additions:
- Actor: also_known_as, discoverable, suspended, moved_to, featured, featured_tags
- Object: conversation (for threading), audience (additional addressing)
Client layer implementations:
- HTTP Signatures via requests library (RFC 9421)
- Signing.from_pem to parse PEM private keys
- Auto-sign POST requests with Content-Digest
- NodeInfo discovery (well-known + schema 2.0/2.1)
- Inbox delivery with signature support
- Outbox operations:
- create_note, public_note, followers_only_note, direct_note
- like/unlike, announce/unannounce
- delete (with Tombstone), update_note
- Follow protocol:
- follow, unfollow
- accept_follow, reject_follow
Also adds PLAN.md documenting implementation status.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major restructuring of the ActivityPub library:
- Rename from activitypub to apubt
- Add W3C ActivityPub spec as git submodule in spec/activitypub
- Split into two subpackages:
- apubt.proto: Wire format types with jsont codecs
- apubt: Eio-based HTTP client using ocaml-requests
- Add apub CLI with cmdliner subcommands:
- webfinger: Look up accounts via Webfinger
- actor: Fetch ActivityPub actors
- outbox: Fetch actor outbox activities
- Fix ActivityPub JSON compatibility:
- Handle single values or arrays (one_or_many helper)
- Handle null values (nullable helper)
- Support replies as URI or inline Collection
- Use compact JSON-LD form (id/type vs @id/@type)
- Handle both items and orderedItems in collections
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build fixes:
- Change odoc extension library refs to odoc.extension_api
- Add missing assets field to extension result records
Documentation fixes:
- Fix cross-package references using documentation dependencies
- Fix reference syntax: {!Stdlib.String.escaped}, {!Webfinger.Jrd}, etc.
- Fix heading levels and anchor syntax (#→.)
- Add @canonical annotation for Loc0.t
- Escape braces in doc comments
- Add asset support via (files ...) in documentation stanza
Infrastructure:
- Remove dune subtree (now pinned to jonludlam/dune#odoc-assets-support)
- Add dune-workspace with fatal odoc warnings
- Remove conflicting odoc-config.sexp install stanzas
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add explicit unix library dependency to dune files (html5rw, tomlt)
- Fix odoc heading levels ({0 -> {1) in imap subject.mli and thread.mli
- Fix code block indentation in subject.mli and h2_stream.mli
- Change unresolved module references to plain text (Bytesrw_unix,
Bytesrw_eio, Webfinger.Jrd.t)
- Fix @raise tags to use Error instead of Error.t
- Escape @mention/@mentions text in poe docs to avoid unknown tag warnings
- Remove unreachable flag_perm rule and redundant list_mailbox production
from IMAP grammar
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
HTTP Message Signatures now use an explicit Eio clock for time validation
instead of Ptime_clock.now(), making the code testable and consistent with
Eio's capability-passing design.
Time validations now performed:
- Signatures with `expires` in the past are rejected
- Signatures with `created` in the future (beyond 60s clock skew) are rejected
- If `max_age` is specified and `created` is older, signature is rejected
API changes:
- sign/sign_with_digest now require ~clock parameter
- verify/verify_all now require ~clock parameter
- Auth.apply_signature now requires ~clock parameter
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
HTTP/2 Implementation:
- Add h2_frame module for RFC 7540 frame parsing/serialization
- Add h2_hpack module for RFC 7541 header compression (HPACK)
- Add h2_stream for HTTP/2 stream state machine
- Add h2_connection for multiplexed connection management
- Add h2_client high-level API matching HTTP/1.1 interface
- Add h2_adapter for protocol version abstraction
URI Library Migration:
- Replace custom Huri.t with Uri.t from uri opam package
- Keep Huri.write for efficient Buf_write serialization
- Remove Uri module shadowing from requests and apubt libraries
- Use Uri.* functions directly throughout codebase
Requests Library Reorganization:
- core/: fundamental types (body, headers, status, method, error)
- features/: optional functionality (auth, cache, retry, signature)
- h1/: HTTP/1.1 client implementation
- h2/: HTTP/2 client implementation
- parsing/: header and structured field parsers
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement OAuth 2.0 authentication for Mastodon instances alongside the
existing HTTP signature auth for ActivityPub federation.
New features:
- `apub auth login user@instance.social` - OAuth login with PKCE
- Commands (post, follow, like, boost) use Mastodon REST API when OAuth
credentials are available, falling back to ActivityPub federation
New files:
- apub_mastodon_oauth.ml - OAuth flow (app registration, PKCE, token exchange)
- apub_mastodon_api.ml - Mastodon REST API client (statuses, follows, etc.)
Session type changes:
- key_id and private_key_pem now optional (for OAuth-only sessions)
- New optional fields: oauth_instance, oauth_access_token, oauth_client_id,
oauth_client_secret
- Backwards compatible JSON codec
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add authentication system for the apub CLI following the atp-auth pattern:
- New apub_auth library (lib/auth/) with session persistence
- Store actor credentials in ~/.config/apub/profiles/<profile>/session.json
- Support multiple profiles for different ActivityPub accounts
- Auto-load credentials for write commands (post, follow, like, boost)
CLI commands:
- apub auth setup <actor-uri> -k <key.pem> Import actor credentials
- apub auth status Show current profile
- apub auth logout Clear saved credentials
- apub auth profile list/switch/current Profile management
Write commands now work without explicit --actor/--key-file/--key-id
when credentials are saved via 'apub auth setup'.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Integrate ocaml-webfinger library for RFC 7033/7565 compliant discovery
- Add ActivityPub WebFinger spec to spec/ directory
- Add location and preview fields to Object type
- Add Question activity support (one_of, any_of, closed fields)
- Add CLI commands: post, follow, like, boost
- Fix Signing.from_pem to properly handle string PEM input
- Update PLAN.md marking all phases complete
- Update README.md with CLI documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Proto layer additions:
- Actor: also_known_as, discoverable, suspended, moved_to, featured, featured_tags
- Object: conversation (for threading), audience (additional addressing)
Client layer implementations:
- HTTP Signatures via requests library (RFC 9421)
- Signing.from_pem to parse PEM private keys
- Auto-sign POST requests with Content-Digest
- NodeInfo discovery (well-known + schema 2.0/2.1)
- Inbox delivery with signature support
- Outbox operations:
- create_note, public_note, followers_only_note, direct_note
- like/unlike, announce/unannounce
- delete (with Tombstone), update_note
- Follow protocol:
- follow, unfollow
- accept_follow, reject_follow
Also adds PLAN.md documenting implementation status.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major restructuring of the ActivityPub library:
- Rename from activitypub to apubt
- Add W3C ActivityPub spec as git submodule in spec/activitypub
- Split into two subpackages:
- apubt.proto: Wire format types with jsont codecs
- apubt: Eio-based HTTP client using ocaml-requests
- Add apub CLI with cmdliner subcommands:
- webfinger: Look up accounts via Webfinger
- actor: Fetch ActivityPub actors
- outbox: Fetch actor outbox activities
- Fix ActivityPub JSON compatibility:
- Handle single values or arrays (one_or_many helper)
- Handle null values (nullable helper)
- Support replies as URI or inline Collection
- Use compact JSON-LD form (id/type vs @id/@type)
- Handle both items and orderedItems in collections
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>