[bugfix] Normalize status content (don't parse status content as IRI) (#1665)

* start fannying about * finish up Normalize * tidy up * pin to tag * move errors about just a little bit
2024-11-22 11:46:40 +00:00 · 2023-04-06 13:19:55 +02:00 · 2023-04-06 13:19:55 +02:00 · c54510bc74
parent 4f322f527f
commit c54510bc74
16 changed files with 665 additions and 293 deletions
--- a/go.mod
+++ b/go.mod
@ -42,7 +42,7 @@ require (
 	github.com/spf13/cobra v1.6.1
 	github.com/spf13/viper v1.15.0
 	github.com/stretchr/testify v1.8.2
-	github.com/superseriousbusiness/activity v1.2.1-gts
+	github.com/superseriousbusiness/activity v1.2.2-gts
 	github.com/superseriousbusiness/exif-terminator v0.5.0
 	github.com/superseriousbusiness/oauth2/v4 v4.3.2-SSB.0.20230227143000-f4900831d6c8
 	github.com/tdewolff/minify/v2 v2.12.5
--- a/go.sum
+++ b/go.sum
@ -543,8 +543,8 @@ github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o
 github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8=
 github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0=
 github.com/sunfish-shogi/bufseekio v0.0.0-20210207115823-a4185644b365/go.mod h1:dEzdXgvImkQ3WLI+0KQpmEx8T/C/ma9KeS3AfmU899I=
-github.com/superseriousbusiness/activity v1.2.1-gts h1:wh7v0zYa1mJmqB35PSfvgl4cs51Dh5PyfKvcZLSxMQU=
+github.com/superseriousbusiness/activity v1.2.2-gts h1:7duR8MCbYIKyM4UkeSkze2S/2+ve1XHs8kVfaFg58UI=
-github.com/superseriousbusiness/activity v1.2.1-gts/go.mod h1:AZw0Xb4Oju8rmaJCZ21gc5CPg47MmNgyac+Hx5jo8VM=
+github.com/superseriousbusiness/activity v1.2.2-gts/go.mod h1:AZw0Xb4Oju8rmaJCZ21gc5CPg47MmNgyac+Hx5jo8VM=
 github.com/superseriousbusiness/exif-terminator v0.5.0 h1:57SO/geyaOl2v/lJSQLVcQbdghpyFuK8ZTtaHL81fUQ=
 github.com/superseriousbusiness/exif-terminator v0.5.0/go.mod h1:d5IkskXco/3XRXzOrI73uGYn+wahJEqPlQSSqn6jxSw=
 github.com/superseriousbusiness/go-jpeg-image-structure/v2 v2.0.0-20220321154430-d89a106fdabe h1:ksl2oCx/Qo8sNDc3Grb8WGKBM9nkvhCm25uvlT86azE=
--- a/internal/federation/handshake.go
+++ b/internal/federation/handshake.go
@ -15,4 +15,21 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
-package federation
+package ap
 import "fmt"
 // ErrWrongType indicates that we tried to resolve a type into
 // an interface that it's not compatible with, eg a Person into
 // a Statusable.
 type ErrWrongType struct {
 	wrapped error
 }
 func (err *ErrWrongType) Error() string {
 	return fmt.Sprintf("wrong received type: %v", err.wrapped)
 }
 func newErrWrongType(err error) error {
 	return &ErrWrongType{wrapped: err}
 }
--- a/internal/ap/interfaces.go
+++ b/internal/ap/interfaces.go
@ -60,6 +60,7 @@ type Statusable interface {
 	WithSensitive
 	WithConversation
 	WithContent
 	WithSetContent
 	WithAttachment
 	WithTag
 	WithReplies
@ -281,6 +282,11 @@ type WithContent interface {
 	GetActivityStreamsContent() vocab.ActivityStreamsContentProperty
 }
 // WithSetContent represents an activity that can have content set on it.
 type WithSetContent interface {
 	SetActivityStreamsContent(vocab.ActivityStreamsContentProperty)
 }
 // WithPublished represents an activity with ActivityStreamsPublishedProperty
 type WithPublished interface {
 	GetActivityStreamsPublished() vocab.ActivityStreamsPublishedProperty
--- a/internal/ap/normalize.go
+++ b/internal/ap/normalize.go
@ -0,0 +1,116 @@
 // GoToSocial
 // Copyright (C) GoToSocial Authors admin@gotosocial.org
 // SPDX-License-Identifier: AGPL-3.0-or-later
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package ap
 import (
 	"github.com/superseriousbusiness/activity/pub"
 	"github.com/superseriousbusiness/activity/streams"
 )
 // NormalizeActivityObject normalizes the 'object'.'content' field of the given Activity.
 //
 // The rawActivity map should the freshly deserialized json representation of the Activity.
 //
 // This function is a noop if the type passed in is anything except a Create with a Statusable as its Object.
 func NormalizeActivityObject(activity pub.Activity, rawActivity map[string]interface{}) {
 	if activity.GetTypeName() != ActivityCreate {
 		// Only interested in Create right now.
 		return
 	}
 	withObject, ok := activity.(WithObject)
 	if !ok {
 		// Create was not a WithObject.
 		return
 	}
 	createObject := withObject.GetActivityStreamsObject()
 	if createObject == nil {
 		// No object set.
 		return
 	}
 	if createObject.Len() != 1 {
 		// Not interested in Object arrays.
 		return
 	}
 	// We now know length is 1 so get the first
 	// item from the iter.  We need this to be
 	// a Statusable if we're to continue.
 	i := createObject.At(0)
 	if i == nil {
 		// This is awkward.
 		return
 	}
 	t := i.GetType()
 	if t == nil {
 		// This is also awkward.
 		return
 	}
 	statusable, ok := t.(Statusable)
 	if !ok {
 		// Object is not Statusable;
 		// we're not interested.
 		return
 	}
 	object, ok := rawActivity["object"]
 	if !ok {
 		// No object in raw map.
 		return
 	}
 	rawStatusable, ok := object.(map[string]interface{})
 	if !ok {
 		// Object wasn't a json object.
 		return
 	}
 	// Pass in the statusable and its raw JSON representation.
 	NormalizeStatusableContent(statusable, rawStatusable)
 }
 // NormalizeStatusableContent replaces the Content of the given statusable
 // with the raw 'content' value from the given json object map.
 //
 // noop if there was no content in the json object map or the content was
 // not a plain string.
 func NormalizeStatusableContent(statusable Statusable, rawStatusable map[string]interface{}) {
 	content, ok := rawStatusable["content"]
 	if !ok {
 		// No content in rawStatusable.
 		// TODO: In future we might also
 		// look for "contentMap" property.
 		return
 	}
 	rawContent, ok := content.(string)
 	if !ok {
 		// Not interested in content arrays.
 		return
 	}
 	// Set normalized content property from the raw string; this
 	// will replace any existing content property on the statusable.
 	contentProp := streams.NewActivityStreamsContentProperty()
 	contentProp.AppendXMLSchemaString(rawContent)
 	statusable.SetActivityStreamsContent(contentProp)
 }
--- a/internal/ap/normalize_test.go
+++ b/internal/ap/normalize_test.go
@ -0,0 +1,110 @@
 // GoToSocial
 // Copyright (C) GoToSocial Authors admin@gotosocial.org
 // SPDX-License-Identifier: AGPL-3.0-or-later
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package ap_test
 import (
 	"context"
 	"encoding/json"
 	"testing"
 	"github.com/stretchr/testify/suite"
 	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/activity/streams/vocab"
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	"github.com/superseriousbusiness/gotosocial/testrig"
 )
 type NormalizeTestSuite struct {
 	suite.Suite
 }
 func (suite *NormalizeTestSuite) GetStatusable() (vocab.ActivityStreamsNote, map[string]interface{}) {
 	rawJson := `{
 		"@context": [
 		  "https://www.w3.org/ns/activitystreams",
 		  "https://example.org/schemas/litepub-0.1.jsonld",
 		  {
 			"@language": "und"
 		  }
 		],
 		"actor": "https://example.org/users/someone",
 		"attachment": [],
 		"attributedTo": "https://example.org/users/someone",
 		"cc": [
 		  "https://example.org/users/someone/followers"
 		],
 		"content": "UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the <a class=\"hashtag\" data-tag=\"twittermigration\" href=\"https://example.org/tag/twittermigration\" rel=\"tag ugc\">#TwitterMigration</a>.<br><br>In fact, 100,000 new accounts have been created since last night.<br><br>Since last night&#39;s spike 8,000-12,000 new accounts are being created every hour.<br><br>Yesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.",
 		"context": "https://example.org/contexts/01GX0MSHPER1E0FT022Q209EJZ",
 		"conversation": "https://example.org/contexts/01GX0MSHPER1E0FT022Q209EJZ",
 		"id": "https://example.org/objects/01GX0MT2PA58JNSMK11MCS65YD",
 		"published": "2022-11-18T17:43:58.489995Z",
 		"replies": {
 		  "items": [
 			"https://example.org/objects/01GX0MV12MGEG3WF9SWB5K3KRJ"
 		  ],
 		  "type": "Collection"
 		},
 		"repliesCount": 0,
 		"sensitive": null,
 		"source": "UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the #TwitterMigration.\r\n\r\nIn fact, 100,000 new accounts have been created since last night.\r\n\r\nSince last night's spike 8,000-12,000 new accounts are being created every hour.\r\n\r\nYesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.",
 		"summary": "",
 		"tag": [
 		  {
 			"href": "https://example.org/tags/twittermigration",
 			"name": "#twittermigration",
 			"type": "Hashtag"
 		  }
 		],
 		"to": [
 		  "https://www.w3.org/ns/activitystreams#Public"
 		],
 		"type": "Note"
 	  }`
 	var rawNote map[string]interface{}
 	err := json.Unmarshal([]byte(rawJson), &rawNote)
 	if err != nil {
 		panic(err)
 	}
 	t, err := streams.ToType(context.Background(), rawNote)
 	if err != nil {
 		panic(err)
 	}
 	return t.(vocab.ActivityStreamsNote), rawNote
 }
 func (suite *NormalizeTestSuite) TestNormalizeActivityObject() {
 	note, rawNote := suite.GetStatusable()
 	suite.Equal(`update: As of this morning there are now more than 7 million Mastodon users, most from the <a class="hashtag" data-tag="twittermigration" href="https://example.org/tag/twittermigration" rel="tag ugc">#TwitterMigration%3C/a%3E.%3Cbr%3E%3Cbr%3EIn%20fact,%20100,000%20new%20accounts%20have%20been%20created%20since%20last%20night.%3Cbr%3E%3Cbr%3ESince%20last%20night&%2339;s%20spike%208,000-12,000%20new%20accounts%20are%20being%20created%20every%20hour.%3Cbr%3E%3Cbr%3EYesterday,%20I%20estimated%20that%20Mastodon%20would%20have%208%20million%20users%20by%20the%20end%20of%20the%20week.%20That%20might%20happen%20a%20lot%20sooner%20if%20this%20trend%20continues.`, ap.ExtractContent(note))
 	create := testrig.WrapAPNoteInCreate(
 		testrig.URLMustParse("https://example.org/create_something"),
 		testrig.URLMustParse("https://example.org/users/someone"),
 		testrig.TimeMustParse("2022-11-18T17:43:58.489995Z"),
 		note,
 	)
 	ap.NormalizeActivityObject(create, map[string]interface{}{"object": rawNote})
 	suite.Equal(`UPDATE: As of this morning there are now more than 7 million Mastodon users, most from the <a class="hashtag" data-tag="twittermigration" href="https://example.org/tag/twittermigration" rel="tag ugc">#TwitterMigration</a>.<br><br>In fact, 100,000 new accounts have been created since last night.<br><br>Since last night&#39;s spike 8,000-12,000 new accounts are being created every hour.<br><br>Yesterday, I estimated that Mastodon would have 8 million users by the end of the week. That might happen a lot sooner if this trend continues.`, ap.ExtractContent(note))
 }
 func TestNormalizeTestSuite(t *testing.T) {
 	suite.Run(t, new(NormalizeTestSuite))
 }
--- a/internal/ap/resolve.go
+++ b/internal/ap/resolve.go
@ -0,0 +1,118 @@
 // GoToSocial
 // Copyright (C) GoToSocial Authors admin@gotosocial.org
 // SPDX-License-Identifier: AGPL-3.0-or-later
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package ap
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/activity/streams/vocab"
 )
 // ResolveStatusable tries to resolve the given bytes into an ActivityPub Statusable representation.
 // It will then perform normalization on the Statusable by calling NormalizeStatusable, so that
 // callers don't need to bother doing extra steps.
 //
 // Works for: Article, Document, Image, Video, Note, Page, Event, Place, Profile
 func ResolveStatusable(ctx context.Context, b []byte) (Statusable, error) {
 	rawStatusable := make(map[string]interface{})
 	if err := json.Unmarshal(b, &rawStatusable); err != nil {
 		return nil, fmt.Errorf("ResolveStatusable: error unmarshalling bytes into json: %w", err)
 	}
 	t, err := streams.ToType(ctx, rawStatusable)
 	if err != nil {
 		return nil, fmt.Errorf("ResolveStatusable: error resolving json into ap vocab type: %w", err)
 	}
 	var (
 		statusable Statusable
 		ok         bool
 	)
 	switch t.GetTypeName() {
 	case ObjectArticle:
 		statusable, ok = t.(vocab.ActivityStreamsArticle)
 	case ObjectDocument:
 		statusable, ok = t.(vocab.ActivityStreamsDocument)
 	case ObjectImage:
 		statusable, ok = t.(vocab.ActivityStreamsImage)
 	case ObjectVideo:
 		statusable, ok = t.(vocab.ActivityStreamsVideo)
 	case ObjectNote:
 		statusable, ok = t.(vocab.ActivityStreamsNote)
 	case ObjectPage:
 		statusable, ok = t.(vocab.ActivityStreamsPage)
 	case ObjectEvent:
 		statusable, ok = t.(vocab.ActivityStreamsEvent)
 	case ObjectPlace:
 		statusable, ok = t.(vocab.ActivityStreamsPlace)
 	case ObjectProfile:
 		statusable, ok = t.(vocab.ActivityStreamsProfile)
 	}
 	if !ok {
 		err = fmt.Errorf("ResolveStatusable: could not resolve %T to Statusable", t)
 		return nil, newErrWrongType(err)
 	}
 	NormalizeStatusableContent(statusable, rawStatusable)
 	return statusable, nil
 }
 // ResolveStatusable tries to resolve the given bytes into an ActivityPub Accountable representation.
 //
 // Works for: Application, Group, Organization, Person, Service
 func ResolveAccountable(ctx context.Context, b []byte) (Accountable, error) {
 	rawAccountable := make(map[string]interface{})
 	if err := json.Unmarshal(b, &rawAccountable); err != nil {
 		return nil, fmt.Errorf("ResolveAccountable: error unmarshalling bytes into json: %w", err)
 	}
 	t, err := streams.ToType(ctx, rawAccountable)
 	if err != nil {
 		return nil, fmt.Errorf("ResolveAccountable: error resolving json into ap vocab type: %w", err)
 	}
 	var (
 		accountable Accountable
 		ok          bool
 	)
 	switch t.GetTypeName() {
 	case ActorApplication:
 		accountable, ok = t.(vocab.ActivityStreamsApplication)
 	case ActorGroup:
 		accountable, ok = t.(vocab.ActivityStreamsGroup)
 	case ActorOrganization:
 		accountable, ok = t.(vocab.ActivityStreamsOrganization)
 	case ActorPerson:
 		accountable, ok = t.(vocab.ActivityStreamsPerson)
 	case ActorService:
 		accountable, ok = t.(vocab.ActivityStreamsService)
 	}
 	if !ok {
 		err = fmt.Errorf("ResolveAccountable: could not resolve %T to Accountable", t)
 		return nil, newErrWrongType(err)
 	}
 	return accountable, nil
 }
--- a/internal/federation/dereferencing/account.go
+++ b/internal/federation/dereferencing/account.go
@ -357,39 +357,13 @@ func (d *deref) enrichAccount(ctx context.Context, requestUser string, uri *url.
 // dereferenceAccountable calls remoteAccountID with a GET request, and tries to parse whatever
 // it finds as something that an account model can be constructed out of.
 //
 // Will work for Person, Application, or Service models.
 func (d *deref) dereferenceAccountable(ctx context.Context, transport transport.Transport, remoteAccountID *url.URL) (ap.Accountable, error) {
 	b, err := transport.Dereference(ctx, remoteAccountID)
 	if err != nil {
-		return nil, fmt.Errorf("DereferenceAccountable: error deferencing %s: %w", remoteAccountID.String(), err)
+		return nil, fmt.Errorf("dereferenceAccountable: error deferencing %s: %w", remoteAccountID.String(), err)
 	}
-	m := make(map[string]interface{})
+	return ap.ResolveAccountable(ctx, b)
 	if err := json.Unmarshal(b, &m); err != nil {
 		return nil, fmt.Errorf("DereferenceAccountable: error unmarshalling bytes into json: %w", err)
 	}
 	t, err := streams.ToType(ctx, m)
 	if err != nil {
 		return nil, fmt.Errorf("DereferenceAccountable: error resolving json into ap vocab type: %w", err)
 	}
 	//nolint:forcetypeassert
 	switch t.GetTypeName() {
 	case ap.ActorApplication:
 		return t.(vocab.ActivityStreamsApplication), nil
 	case ap.ActorGroup:
 		return t.(vocab.ActivityStreamsGroup), nil
 	case ap.ActorOrganization:
 		return t.(vocab.ActivityStreamsOrganization), nil
 	case ap.ActorPerson:
 		return t.(vocab.ActivityStreamsPerson), nil
 	case ap.ActorService:
 		return t.(vocab.ActivityStreamsService), nil
 	}
 	return nil, newErrWrongType(fmt.Errorf("DereferenceAccountable: type name %s not supported as Accountable", t.GetTypeName()))
 }
 func (d *deref) fetchRemoteAccountAvatar(ctx context.Context, tsport transport.Transport, avatarURL string, accountID string) (string, error) {
--- a/internal/federation/dereferencing/error.go
+++ b/internal/federation/dereferencing/error.go
@ -66,20 +66,6 @@ func newErrTransportError(err error) error {
 	return &ErrTransportError{wrapped: err}
 }
 // ErrWrongType indicates that an unexpected type was returned from a remote call;
 // for example, we were served a Person when we were looking for a statusable.
 type ErrWrongType struct {
 	wrapped error
 }
 func (err *ErrWrongType) Error() string {
 	return fmt.Sprintf("wrong received type: %v", err.wrapped)
 }
 func newErrWrongType(err error) error {
 	return &ErrWrongType{wrapped: err}
 }
 // ErrOther denotes some other kind of weird error, perhaps from a malformed json
 // or some other weird crapola.
 type ErrOther struct {
--- a/internal/federation/dereferencing/status.go
+++ b/internal/federation/dereferencing/status.go
@ -19,14 +19,11 @@
 import (
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net/url"
 	"strings"
 	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/activity/streams/vocab"
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
@ -161,78 +158,10 @@ func (d *deref) dereferenceStatusable(ctx context.Context, tsport transport.Tran
 	b, err := tsport.Dereference(ctx, remoteStatusID)
 	if err != nil {
-		return nil, fmt.Errorf("DereferenceStatusable: error deferencing %s: %s", remoteStatusID.String(), err)
+		return nil, fmt.Errorf("dereferenceStatusable: error deferencing %s: %w", remoteStatusID.String(), err)
 	}
-	m := make(map[string]interface{})
+	return ap.ResolveStatusable(ctx, b)
 	if err := json.Unmarshal(b, &m); err != nil {
 		return nil, fmt.Errorf("DereferenceStatusable: error unmarshalling bytes into json: %s", err)
 	}
 	t, err := streams.ToType(ctx, m)
 	if err != nil {
 		return nil, fmt.Errorf("DereferenceStatusable: error resolving json into ap vocab type: %s", err)
 	}
 	// Article, Document, Image, Video, Note, Page, Event, Place, Mention, Profile
 	switch t.GetTypeName() {
 	case ap.ObjectArticle:
 		p, ok := t.(vocab.ActivityStreamsArticle)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsArticle")
 		}
 		return p, nil
 	case ap.ObjectDocument:
 		p, ok := t.(vocab.ActivityStreamsDocument)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsDocument")
 		}
 		return p, nil
 	case ap.ObjectImage:
 		p, ok := t.(vocab.ActivityStreamsImage)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsImage")
 		}
 		return p, nil
 	case ap.ObjectVideo:
 		p, ok := t.(vocab.ActivityStreamsVideo)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsVideo")
 		}
 		return p, nil
 	case ap.ObjectNote:
 		p, ok := t.(vocab.ActivityStreamsNote)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsNote")
 		}
 		return p, nil
 	case ap.ObjectPage:
 		p, ok := t.(vocab.ActivityStreamsPage)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsPage")
 		}
 		return p, nil
 	case ap.ObjectEvent:
 		p, ok := t.(vocab.ActivityStreamsEvent)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsEvent")
 		}
 		return p, nil
 	case ap.ObjectPlace:
 		p, ok := t.(vocab.ActivityStreamsPlace)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsPlace")
 		}
 		return p, nil
 	case ap.ObjectProfile:
 		p, ok := t.(vocab.ActivityStreamsProfile)
 		if !ok {
 			return nil, errors.New("DereferenceStatusable: error resolving type as ActivityStreamsProfile")
 		}
 		return p, nil
 	}
 	return nil, newErrWrongType(fmt.Errorf("DereferenceStatusable: type name %s not supported as Statusable", t.GetTypeName()))
 }
 // populateStatusFields fetches all the information we temporarily pinned to an incoming
--- a/internal/federation/federatingactor.go
+++ b/internal/federation/federatingactor.go
@ -19,133 +19,218 @@
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 	"strings"
 	"codeberg.org/gruf/go-kv"
 	"github.com/superseriousbusiness/activity/pub"
 	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/activity/streams/vocab"
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	"github.com/superseriousbusiness/gotosocial/internal/log"
 )
-// federatingActor implements the go-fed federating protocol interface
+// Potential incoming Content-Type header values; be
-type federatingActor struct {
+// lenient with whitespace and quotation mark placement.
-	actor pub.FederatingActor
+var activityStreamsMediaTypes = []string{
 	"application/activity+json",
 	"application/ld+json;profile=https://www.w3.org/ns/activitystreams",
 	"application/ld+json;profile=\"https://www.w3.org/ns/activitystreams\"",
 	"application/ld+json ;profile=https://www.w3.org/ns/activitystreams",
 	"application/ld+json ;profile=\"https://www.w3.org/ns/activitystreams\"",
 	"application/ld+json ; profile=https://www.w3.org/ns/activitystreams",
 	"application/ld+json ; profile=\"https://www.w3.org/ns/activitystreams\"",
 	"application/ld+json; profile=https://www.w3.org/ns/activitystreams",
 	"application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"",
 }
-// newFederatingProtocol returns the gotosocial implementation of the GTSFederatingProtocol interface
+// federatingActor wraps the pub.FederatingActor interface
 // with some custom GoToSocial-specific logic.
 type federatingActor struct {
 	sideEffectActor pub.DelegateActor
 	wrapped         pub.FederatingActor
 }
 // newFederatingProtocol returns a new federatingActor, which
 // implements the pub.FederatingActor interface.
 func newFederatingActor(c pub.CommonBehavior, s2s pub.FederatingProtocol, db pub.Database, clock pub.Clock) pub.FederatingActor {
-	actor := pub.NewFederatingActor(c, s2s, db, clock)
+	sideEffectActor := pub.NewSideEffectActor(c, s2s, nil, db, clock)
 	customActor := pub.NewCustomActor(sideEffectActor, false, true, clock)
 	return &federatingActor{
-		actor: actor,
+		sideEffectActor: sideEffectActor,
 		wrapped:         customActor,
 	}
 }
 // Send a federated activity.
 //
 // The provided url must be the outbox of the sender. All processing of
 // the activity occurs similarly to the C2S flow:
 //   - If t is not an Activity, it is wrapped in a Create activity.
 //   - A new ID is generated for the activity.
 //   - The activity is added to the specified outbox.
 //   - The activity is prepared and delivered to recipients.
 //
 // Note that this function will only behave as expected if the
 // implementation has been constructed to support federation. This
 // method will guaranteed work for non-custom Actors. For custom actors,
 // care should be used to not call this method if only C2S is supported.
 func (f *federatingActor) Send(c context.Context, outbox *url.URL, t vocab.Type) (pub.Activity, error) {
 	log.Infof(c, "send activity %s via outbox %s", t.GetTypeName(), outbox)
-	return f.actor.Send(c, outbox, t)
+	return f.wrapped.Send(c, outbox, t)
 }
 // PostInbox returns true if the request was handled as an ActivityPub
 // POST to an actor's inbox. If false, the request was not an
 // ActivityPub request and may still be handled by the caller in
 // another way, such as serving a web page.
 //
 // If the error is nil, then the ResponseWriter's headers and response
 // has already been written. If a non-nil error is returned, then no
 // response has been written.
 //
 // If the Actor was constructed with the Federated Protocol enabled,
 // side effects will occur.
 //
 // If the Federated Protocol is not enabled, writes the
 // http.StatusMethodNotAllowed status code in the response. No side
 // effects occur.
 func (f *federatingActor) PostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
-	return f.actor.PostInbox(c, w, r)
+	return f.PostInboxScheme(c, w, r, "https")
 }
-// PostInboxScheme is similar to PostInbox, except clients are able to
+// PostInboxScheme is a reimplementation of the default baseActor
-// specify which protocol scheme to handle the incoming request and the
+// implementation of PostInboxScheme in pub/base_actor.go.
-// data stored within the application (HTTP, HTTPS, etc).
+//
-func (f *federatingActor) PostInboxScheme(c context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) {
+// Key differences from that implementation:
-	return f.actor.PostInboxScheme(c, w, r, scheme)
+//   - More explicit debug logging when a request is not processed.
 //   - Normalize content of activity object.
 //   - Return code 202 instead of 200 on successful POST, to reflect
 //     that we process most side effects asynchronously.
 func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) {
 	l := log.
 		WithContext(ctx).
 		WithFields([]kv.Field{
 			{"userAgent", r.UserAgent()},
 			{"path", r.URL.Path},
 		}...)
 	// Do nothing if this is not an ActivityPub POST request.
 	if !func() bool {
 		if r.Method != http.MethodPost {
 			l.Debugf("inbox request was %s rather than required POST", r.Method)
 			return false
 		}
 		contentType := r.Header.Get("Content-Type")
 		for _, mediaType := range activityStreamsMediaTypes {
 			if strings.Contains(contentType, mediaType) {
 				return true
 			}
 		}
 		l.Debugf("inbox POST request content-type %s was not recognized", contentType)
 		return false
 	}() {
 		return false, nil
 	}
 	// Check the peer request is authentic.
 	ctx, authenticated, err := f.sideEffectActor.AuthenticatePostInbox(ctx, w, r)
 	if err != nil {
 		return true, err
 	} else if !authenticated {
 		return true, nil
 	}
 	// Begin processing the request, but note that we have
 	// not yet applied authorization (ex: blocks).
 	//
 	// Obtain the activity and reject unknown activities.
 	b, err := io.ReadAll(r.Body)
 	if err != nil {
 		err = fmt.Errorf("PostInboxScheme: error reading request body: %w", err)
 		return true, err
 	}
 	var rawActivity map[string]interface{}
 	if err := json.Unmarshal(b, &rawActivity); err != nil {
 		err = fmt.Errorf("PostInboxScheme: error unmarshalling request body: %w", err)
 		return true, err
 	}
 	t, err := streams.ToType(ctx, rawActivity)
 	if err != nil {
 		if !streams.IsUnmatchedErr(err) {
 			// Real error.
 			err = fmt.Errorf("PostInboxScheme: error matching json to type: %w", err)
 			return true, err
 		}
 		// Respond with bad request; we just couldn't
 		// match the type to one that we know about.
 		l.Debug("json could not be resolved to ActivityStreams value")
 		w.WriteHeader(http.StatusBadRequest)
 		return true, nil
 	}
 	activity, ok := t.(pub.Activity)
 	if !ok {
 		err = fmt.Errorf("ActivityStreams value with type %T is not a pub.Activity", t)
 		return true, err
 	}
 	if activity.GetJSONLDId() == nil {
 		l.Debugf("incoming Activity %s did not have required id property set", activity.GetTypeName())
 		w.WriteHeader(http.StatusBadRequest)
 		return true, nil
 	}
 	// If activity Object is a Statusable, we'll want to replace the
 	// parsed `content` value with the value from the raw JSON instead.
 	// See https://github.com/superseriousbusiness/gotosocial/issues/1661
 	ap.NormalizeActivityObject(activity, rawActivity)
 	// Allow server implementations to set context data with a hook.
 	ctx, err = f.sideEffectActor.PostInboxRequestBodyHook(ctx, r, activity)
 	if err != nil {
 		return true, err
 	}
 	// Check authorization of the activity.
 	authorized, err := f.sideEffectActor.AuthorizePostInbox(ctx, w, activity)
 	if err != nil {
 		return true, err
 	} else if !authorized {
 		return true, nil
 	}
 	// Copy existing URL + add request host and scheme.
 	inboxID := func() *url.URL {
 		id := &url.URL{}
 		*id = *r.URL
 		id.Host = r.Host
 		id.Scheme = scheme
 		return id
 	}()
 	// Post the activity to the actor's inbox and trigger side effects for
 	// that particular Activity type. It is up to the delegate to resolve
 	// the given map.
 	if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil {
 		// Special case: We know it is a bad request if the object or
 		// target properties needed to be populated, but weren't.
 		//
 		// Send the rejection to the peer.
 		if err == pub.ErrObjectRequired || err == pub.ErrTargetRequired {
 			l.Debugf("malformed incoming Activity: %s", err)
 			w.WriteHeader(http.StatusBadRequest)
 			return true, nil
 		}
 		err = fmt.Errorf("PostInboxScheme: error calling sideEffectActor.PostInbox: %w", err)
 		return true, err
 	}
 	// Our side effects are complete, now delegate determining whether to do inbox forwarding, as well as the action to do it.
 	if err := f.sideEffectActor.InboxForwarding(ctx, inboxID, activity); err != nil {
 		err = fmt.Errorf("PostInboxScheme: error calling sideEffectActor.InboxForwarding: %w", err)
 		return true, err
 	}
 	// Request is now undergoing processing.
 	// Respond with an Accepted status.
 	w.WriteHeader(http.StatusAccepted)
 	return true, nil
 }
 // GetInbox returns true if the request was handled as an ActivityPub
 // GET to an actor's inbox. If false, the request was not an ActivityPub
 // request and may still be handled by the caller in another way, such
 // as serving a web page.
 //
 // If the error is nil, then the ResponseWriter's headers and response
 // has already been written. If a non-nil error is returned, then no
 // response has been written.
 //
 // If the request is an ActivityPub request, the Actor will defer to the
 // application to determine the correct authorization of the request and
 // the resulting OrderedCollection to respond with. The Actor handles
 // serializing this OrderedCollection and responding with the correct
 // headers and http.StatusOK.
 func (f *federatingActor) GetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
-	return f.actor.GetInbox(c, w, r)
+	return f.wrapped.GetInbox(c, w, r)
 }
 // PostOutbox returns true if the request was handled as an ActivityPub
 // POST to an actor's outbox. If false, the request was not an
 // ActivityPub request and may still be handled by the caller in another
 // way, such as serving a web page.
 //
 // If the error is nil, then the ResponseWriter's headers and response
 // has already been written. If a non-nil error is returned, then no
 // response has been written.
 //
 // If the Actor was constructed with the Social Protocol enabled, side
 // effects will occur.
 //
 // If the Social Protocol is not enabled, writes the
 // http.StatusMethodNotAllowed status code in the response. No side
 // effects occur.
 //
 // If the Social and Federated Protocol are both enabled, it will handle
 // the side effects of receiving an ActivityStream Activity, and then
 // federate the Activity to peers.
 func (f *federatingActor) PostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
-	return f.actor.PostOutbox(c, w, r)
+	return f.wrapped.PostOutbox(c, w, r)
 }
 // PostOutboxScheme is similar to PostOutbox, except clients are able to
 // specify which protocol scheme to handle the incoming request and the
 // data stored within the application (HTTP, HTTPS, etc).
 func (f *federatingActor) PostOutboxScheme(c context.Context, w http.ResponseWriter, r *http.Request, scheme string) (bool, error) {
-	return f.actor.PostOutboxScheme(c, w, r, scheme)
+	return f.wrapped.PostOutboxScheme(c, w, r, scheme)
 }
 // GetOutbox returns true if the request was handled as an ActivityPub
 // GET to an actor's outbox. If false, the request was not an
 // ActivityPub request.
 //
 // If the error is nil, then the ResponseWriter's headers and response
 // has already been written. If a non-nil error is returned, then no
 // response has been written.
 //
 // If the request is an ActivityPub request, the Actor will defer to the
 // application to determine the correct authorization of the request and
 // the resulting OrderedCollection to respond with. The Actor handles
 // serializing this OrderedCollection and responding with the correct
 // headers and http.StatusOK.
 func (f *federatingActor) GetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (bool, error) {
-	return f.actor.GetOutbox(c, w, r)
+	return f.wrapped.GetOutbox(c, w, r)
 }
--- a/internal/federation/federatingprotocol.go
+++ b/internal/federation/federatingprotocol.go
@ -24,7 +24,6 @@
 	"net/http"
 	"net/url"
 	"codeberg.org/gruf/go-kv"
 	"github.com/superseriousbusiness/activity/pub"
 	"github.com/superseriousbusiness/activity/streams"
 	"github.com/superseriousbusiness/activity/streams/vocab"
@ -138,74 +137,80 @@ func (f *federator) PostInboxRequestBodyHook(ctx context.Context, r *http.Reques
 // authenticated must be true and error nil. The request will continue
 // to be processed.
 func (f *federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWriter, r *http.Request) (context.Context, bool, error) {
-	l := log.WithContext(ctx).
+	log.Tracef(ctx, "received request to authenticate inbox %s", r.URL.String())
 		WithFields(kv.Fields{
 			{"useragent", r.UserAgent()},
 			{"url", r.URL.String()},
 		}...)
 	l.Trace("received request to authenticate")
 	if !uris.IsInboxPath(r.URL) {
 		return nil, false, fmt.Errorf("path %s was not an inbox path", r.URL.String())
 	}
 	// Ensure this is an inbox path, and fetch the inbox owner
 	// account by parsing username from `/users/{username}/inbox`.
 	username, err := uris.ParseInboxPath(r.URL)
 	if err != nil {
-		return nil, false, fmt.Errorf("could not parse path %s: %s", r.URL.String(), err)
+		err = fmt.Errorf("AuthenticatePostInbox: could not parse %s as inbox path: %w", r.URL.String(), err)
 		return nil, false, err
 	}
 	if username == "" {
-		return nil, false, errors.New("username was empty")
+		err = errors.New("AuthenticatePostInbox: inbox username was empty")
 		return nil, false, err
 	}
 	receivingAccount, err := f.db.GetAccountByUsernameDomain(ctx, username, "")
 	if err != nil {
-		return nil, false, fmt.Errorf("could not fetch receiving account with username %s: %s", username, err)
+		err = fmt.Errorf("AuthenticatePostInbox: could not fetch receiving account %s: %w", username, err)
 		return nil, false, err
 	}
 	// Check who's delivering by inspecting the http signature.
 	publicKeyOwnerURI, errWithCode := f.AuthenticateFederatedRequest(ctx, receivingAccount.Username)
 	if errWithCode != nil {
 		switch errWithCode.Code() {
 		case http.StatusUnauthorized, http.StatusForbidden, http.StatusBadRequest:
-			// if 400, 401, or 403, obey the interface by writing the header and bailing
+			// If codes 400, 401, or 403, obey the go-fed
 			// interface by writing the header and bailing.
 			w.WriteHeader(errWithCode.Code())
 			return ctx, false, nil
 		case http.StatusGone:
-			// if the requesting account has gone (http 410) then likely
+			// If the requesting account's key has gone
-			// inbox post was a delete, we can just write 202 and leave,
+			// (410) then likely inbox post was a delete.
-			// since we didn't know about the account anyway, so we can't
+			//
-			// do any further processing
+			// We can just write 202 and leave: we didn't
 			// know about the account anyway, so we can't
 			// do any further processing.
 			w.WriteHeader(http.StatusAccepted)
 			return ctx, false, nil
 		default:
-			// if not, there's been a proper error
+			// Proper error.
 			return ctx, false, err
 		}
 	}
-	// authentication has passed, so add an instance entry for this instance if it hasn't been done already
+	// Authentication has passed, check if we need to create a
-	i := &gtsmodel.Instance{}
+	// new instance entry for the Host of the requesting account.
-	if err := f.db.GetWhere(ctx, []db.Where{{Key: "domain", Value: publicKeyOwnerURI.Host}}, i); err != nil {
+	if _, err := f.db.GetInstance(ctx, publicKeyOwnerURI.Host); err != nil {
-		if err != db.ErrNoEntries {
+		if !errors.Is(err, db.ErrNoEntries) {
-			// there's been an actual error
+			// There's been an actual error.
-			return ctx, false, fmt.Errorf("error getting requesting account with public key id %s: %s", publicKeyOwnerURI.String(), err)
+			err = fmt.Errorf("AuthenticatePostInbox: error getting instance %s: %w", publicKeyOwnerURI.Host, err)
 			return ctx, false, err
 		}
-		// we don't have an entry for this instance yet so dereference it
+		// We don't yet have an entry for
-		i, err = f.GetRemoteInstance(transport.WithFastfail(ctx), username, &url.URL{
+		// the instance, go dereference it.
 		instance, err := f.GetRemoteInstance(transport.WithFastfail(ctx), username, &url.URL{
 			Scheme: publicKeyOwnerURI.Scheme,
 			Host:   publicKeyOwnerURI.Host,
 		})
 		if err != nil {
-			return nil, false, fmt.Errorf("could not dereference new remote instance %s during AuthenticatePostInbox: %s", publicKeyOwnerURI.Host, err)
+			err = fmt.Errorf("AuthenticatePostInbox: error dereferencing instance %s: %w", publicKeyOwnerURI.Host, err)
 			return nil, false, err
 		}
-		// and put it in the db
+		if err := f.db.Put(ctx, instance); err != nil {
-		if err := f.db.Put(ctx, i); err != nil {
+			err = fmt.Errorf("AuthenticatePostInbox: error inserting instance entry for %s: %w", publicKeyOwnerURI.Host, err)
-			return nil, false, fmt.Errorf("error inserting newly dereferenced instance %s: %s", publicKeyOwnerURI.Host, err)
+			return nil, false, err
 		}
 	}
 	// We know the public key owner URI now, so we can
 	// dereference the remote account (or just get it
 	// from the db if we already have it).
 	requestingAccount, err := f.GetAccountByURI(
 		transport.WithFastfail(ctx), username, publicKeyOwnerURI, false,
 	)
@ -220,9 +225,12 @@ func (f *federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr
 			w.WriteHeader(http.StatusAccepted)
 			return ctx, false, nil
 		}
-		return nil, false, fmt.Errorf("couldn't get requesting account %s: %s", publicKeyOwnerURI, err)
+		err = fmt.Errorf("AuthenticatePostInbox: couldn't get requesting account %s: %w", publicKeyOwnerURI, err)
 		return nil, false, err
 	}
 	// We have everything we need now, set the requesting
 	// and receiving accounts on the context for later use.
 	withRequesting := context.WithValue(ctx, ap.ContextRequestingAccount, requestingAccount)
 	withReceiving := context.WithValue(withRequesting, ap.ContextReceivingAccount, receivingAccount)
 	return withReceiving, true, nil
@ -351,14 +359,15 @@ func (f *federator) Blocked(ctx context.Context, actorIRIs []*url.URL) (bool, er
 // type and extension. The unhandled ones are passed to DefaultCallback.
 func (f *federator) FederatingCallbacks(ctx context.Context) (wrapped pub.FederatingWrappedCallbacks, other []interface{}, err error) {
 	wrapped = pub.FederatingWrappedCallbacks{
-		// OnFollow determines what action to take for this particular callback
+		// OnFollow determines what action to take for this
-		// if a Follow Activity is handled.
+		// particular callback if a Follow Activity is handled.
 		//
-		// For our implementation, we always want to do nothing because we have internal logic for handling follows.
+		// For our implementation, we always want to do nothing
 		// because we have internal logic for handling follows.
 		OnFollow: pub.OnFollowDoNothing,
 	}
-	// override some default behaviors and trigger our own side effects
+	// Override some default behaviors to trigger our own side effects.
 	other = []interface{}{
 		func(ctx context.Context, undo vocab.ActivityStreamsUndo) error {
 			return f.FederatingDB().Undo(ctx, undo)
@ -385,11 +394,7 @@ func(ctx context.Context, announce vocab.ActivityStreamsAnnounce) error {
 // type and extension, so the unhandled ones are passed to
 // DefaultCallback.
 func (f *federator) DefaultCallback(ctx context.Context, activity pub.Activity) error {
-	l := log.WithContext(ctx).
+	log.Debugf(ctx, "received unhandle-able activity type (%s) so ignoring it", activity.GetTypeName())
 		WithFields(kv.Fields{
 			{"aptype", activity.GetTypeName()},
 		}...)
 	l.Debug("received unhandle-able activity type so ignoring it")
 	return nil
 }
--- a/internal/processing/search.go
+++ b/internal/processing/search.go
@ -25,6 +25,7 @@
 	"strings"
 	"codeberg.org/gruf/go-kv"
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
@ -131,9 +132,10 @@ func (p *Processor) SearchGet(ctx context.Context, authed *oauth.Auth, search *a
 				// check if it's a status...
 				foundStatus, err := p.searchStatusByURI(ctx, authed, uri)
 				if err != nil {
 					// Check for semi-expected error types.
 					var (
 						errNotRetrievable *dereferencing.ErrNotRetrievable
-						errWrongType      *dereferencing.ErrWrongType
+						errWrongType      *ap.ErrWrongType
 					)
 					if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) {
 						return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up status: %w", err))
@ -148,9 +150,10 @@ func (p *Processor) SearchGet(ctx context.Context, authed *oauth.Auth, search *a
 				if !foundOne {
 					foundAccount, err := p.searchAccountByURI(ctx, authed, uri, search.Resolve)
 					if err != nil {
 						// Check for semi-expected error types.
 						var (
 							errNotRetrievable *dereferencing.ErrNotRetrievable
-							errWrongType      *dereferencing.ErrWrongType
+							errWrongType      *ap.ErrWrongType
 						)
 						if !errors.As(err, &errNotRetrievable) && !errors.As(err, &errWrongType) {
 							return nil, gtserror.NewErrorInternalError(fmt.Errorf("error looking up account: %w", err))
--- a/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go
+++ b/vendor/github.com/superseriousbusiness/activity/pub/base_actor.go
@ -67,7 +67,8 @@ func NewSocialActor(c CommonBehavior,
 	db Database,
 	clock Clock) Actor {
 	return &baseActor{
-		delegate: &sideEffectActor{
+		// Use SideEffectActor without s2s.
 		delegate: &SideEffectActor{
 			common: c,
 			c2s:    c2s,
 			db:     db,
@ -96,7 +97,8 @@ func NewFederatingActor(c CommonBehavior,
 	clock Clock) FederatingActor {
 	return &baseActorFederating{
 		baseActor{
-			delegate: &sideEffectActor{
+			// Use SideEffectActor without c2s.
 			delegate: &SideEffectActor{
 				common: c,
 				s2s:    s2s,
 				db:     db,
@ -124,13 +126,7 @@ func NewActor(c CommonBehavior,
 	clock Clock) FederatingActor {
 	return &baseActorFederating{
 		baseActor{
-			delegate: &sideEffectActor{
+			delegate:                NewSideEffectActor(c, s2s, c2s, db, clock),
 				common: c,
 				c2s:    c2s,
 				s2s:    s2s,
 				db:     db,
 				clock:  clock,
 			},
 			enableSocialProtocol:    true,
 			enableFederatedProtocol: true,
 			clock:                   clock,
@ -147,6 +143,9 @@ func NewActor(c CommonBehavior,
 //
 // It is possible to create a DelegateActor that is not ActivityPub compliant.
 // Use with due care.
 //
 // If you find yourself passing a SideEffectActor in as the DelegateActor,
 // consider using NewActor, NewFederatingActor, or NewSocialActor instead.
 func NewCustomActor(delegate DelegateActor,
 	enableSocialProtocol, enableFederatedProtocol bool,
 	clock Clock) FederatingActor {
--- a/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go
+++ b/vendor/github.com/superseriousbusiness/activity/pub/side_effect_actor.go
@ -12,16 +12,16 @@
 )
 // sideEffectActor must satisfy the DelegateActor interface.
-var _ DelegateActor = &sideEffectActor{}
+var _ DelegateActor = &SideEffectActor{}
-// sideEffectActor is a DelegateActor that handles the ActivityPub
+// SideEffectActor is a DelegateActor that handles the ActivityPub
 // implementation side effects, but requires a more opinionated application to
 // be written.
 //
-// Note that when using the sideEffectActor with an application that good-faith
+// Note that when using the SideEffectActor with an application that good-faith
 // implements its required interfaces, the ActivityPub specification is
 // guaranteed to be correctly followed.
-type sideEffectActor struct {
+type SideEffectActor struct {
 	common CommonBehavior
 	s2s    FederatingProtocol
 	c2s    SocialProtocol
@ -29,49 +29,73 @@ type sideEffectActor struct {
 	clock  Clock
 }
 // NewSideEffectActor returns a new SideEffectActor, which satisfies the
 // DelegateActor interface. Most of the time you will not need to call this
 // function, and should instead rely on the NewSocialActor, NewFederatingActor,
 // and NewActor functions, all of which use a SideEffectActor under the hood.
 // Nevertheless, this function is exposed in case application developers need
 // a SideEffectActor for some other reason (tests, monkey patches, etc).
 //
 // If you are using the returned SideEffectActor for federation, ensure that s2s
 // is not nil. Likewise, if you are using it for the social protocol, ensure
 // that c2s is not nil. 
 func NewSideEffectActor(c CommonBehavior,
 	s2s FederatingProtocol,
 	c2s SocialProtocol,
 	db Database,
 	clock Clock) *SideEffectActor {
 	return &SideEffectActor{
 		common: c,
 		s2s:    s2s,
 		c2s:    c2s,
 		db:     db,
 		clock:  clock,
 	}
 }
 // PostInboxRequestBodyHook defers to the delegate.
-func (a *sideEffectActor) PostInboxRequestBodyHook(c context.Context, r *http.Request, activity Activity) (context.Context, error) {
+func (a *SideEffectActor) PostInboxRequestBodyHook(c context.Context, r *http.Request, activity Activity) (context.Context, error) {
 	return a.s2s.PostInboxRequestBodyHook(c, r, activity)
 }
 // PostOutboxRequestBodyHook defers to the delegate.
-func (a *sideEffectActor) PostOutboxRequestBodyHook(c context.Context, r *http.Request, data vocab.Type) (context.Context, error) {
+func (a *SideEffectActor) PostOutboxRequestBodyHook(c context.Context, r *http.Request, data vocab.Type) (context.Context, error) {
 	return a.c2s.PostOutboxRequestBodyHook(c, r, data)
 }
 // AuthenticatePostInbox defers to the delegate to authenticate the request.
-func (a *sideEffectActor) AuthenticatePostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
+func (a *SideEffectActor) AuthenticatePostInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
 	return a.s2s.AuthenticatePostInbox(c, w, r)
 }
 // AuthenticateGetInbox defers to the delegate to authenticate the request.
-func (a *sideEffectActor) AuthenticateGetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
+func (a *SideEffectActor) AuthenticateGetInbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
 	return a.common.AuthenticateGetInbox(c, w, r)
 }
 // AuthenticatePostOutbox defers to the delegate to authenticate the request.
-func (a *sideEffectActor) AuthenticatePostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
+func (a *SideEffectActor) AuthenticatePostOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
 	return a.c2s.AuthenticatePostOutbox(c, w, r)
 }
 // AuthenticateGetOutbox defers to the delegate to authenticate the request.
-func (a *sideEffectActor) AuthenticateGetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
+func (a *SideEffectActor) AuthenticateGetOutbox(c context.Context, w http.ResponseWriter, r *http.Request) (out context.Context, authenticated bool, err error) {
 	return a.common.AuthenticateGetOutbox(c, w, r)
 }
 // GetOutbox delegates to the SocialProtocol.
-func (a *sideEffectActor) GetOutbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
+func (a *SideEffectActor) GetOutbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
 	return a.common.GetOutbox(c, r)
 }
 // GetInbox delegates to the FederatingProtocol.
-func (a *sideEffectActor) GetInbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
+func (a *SideEffectActor) GetInbox(c context.Context, r *http.Request) (vocab.ActivityStreamsOrderedCollectionPage, error) {
 	return a.s2s.GetInbox(c, r)
 }
 // AuthorizePostInbox defers to the federating protocol whether the peer request
 // is authorized based on the actors' ids.
-func (a *sideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseWriter, activity Activity) (authorized bool, err error) {
+func (a *SideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseWriter, activity Activity) (authorized bool, err error) {
 	authorized = false
 	actor := activity.GetActivityStreamsActor()
 	if actor == nil {
@ -105,7 +129,7 @@ func (a *sideEffectActor) AuthorizePostInbox(c context.Context, w http.ResponseW
 // PostInbox handles the side effects of determining whether to block the peer's
 // request, adding the activity to the actor's inbox, and triggering side
 // effects based on the activity's type.
-func (a *sideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activity Activity) error {
+func (a *SideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activity Activity) error {
 	isNew, err := a.addToInboxIfNew(c, inboxIRI, activity)
 	if err != nil {
 		return err
@ -142,7 +166,7 @@ func (a *sideEffectActor) PostInbox(c context.Context, inboxIRI *url.URL, activi
 // outbound requests as a side effect.
 //
 // InboxForwarding sets the federated data in the database.
-func (a *sideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL, activity Activity) error {
+func (a *SideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL, activity Activity) error {
 	// 1. Must be first time we have seen this Activity.
 	//
 	// Obtain the id of the activity
@ -322,7 +346,7 @@ func (a *sideEffectActor) InboxForwarding(c context.Context, inboxIRI *url.URL,
 //
 // This implementation assumes all types are meant to be delivered except for
 // the ActivityStreams Block type.
-func (a *sideEffectActor) PostOutbox(c context.Context, activity Activity, outboxIRI *url.URL, rawJSON map[string]interface{}) (deliverable bool, err error) {
+func (a *SideEffectActor) PostOutbox(c context.Context, activity Activity, outboxIRI *url.URL, rawJSON map[string]interface{}) (deliverable bool, err error) {
 	// TODO: Determine this if c2s is nil
 	deliverable = true
 	if a.c2s != nil {
@ -363,7 +387,7 @@ func (a *sideEffectActor) PostOutbox(c context.Context, activity Activity, outbo
 // AddNewIDs creates new 'id' entries on an activity and its objects if it is a
 // Create activity.
-func (a *sideEffectActor) AddNewIDs(c context.Context, activity Activity) error {
+func (a *SideEffectActor) AddNewIDs(c context.Context, activity Activity) error {
 	id, err := a.db.NewID(c, activity)
 	if err != nil {
 		return err
@ -399,7 +423,7 @@ func (a *sideEffectActor) AddNewIDs(c context.Context, activity Activity) error
 // another server.
 //
 // Must be called if at least the federated protocol is supported.
-func (a *sideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activity Activity) error {
+func (a *SideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activity Activity) error {
 	recipients, err := a.prepare(c, outboxIRI, activity)
 	if err != nil {
 		return err
@ -408,7 +432,7 @@ func (a *sideEffectActor) Deliver(c context.Context, outboxIRI *url.URL, activit
 }
 // WrapInCreate wraps an object with a Create activity.
-func (a *sideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outboxIRI *url.URL) (create vocab.ActivityStreamsCreate, err error) {
+func (a *SideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outboxIRI *url.URL) (create vocab.ActivityStreamsCreate, err error) {
 	var unlock func()
 	unlock, err = a.db.Lock(c, outboxIRI)
 	if err != nil {
@ -426,7 +450,7 @@ func (a *sideEffectActor) WrapInCreate(c context.Context, obj vocab.Type, outbox
 // deliverToRecipients will take a prepared Activity and send it to specific
 // recipients on behalf of an actor.
-func (a *sideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL, activity Activity, recipients []*url.URL) error {
+func (a *SideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL, activity Activity, recipients []*url.URL) error {
 	m, err := streams.Serialize(activity)
 	if err != nil {
 		return err
@ -444,7 +468,7 @@ func (a *sideEffectActor) deliverToRecipients(c context.Context, boxIRI *url.URL
 // addToOutbox adds the activity to the outbox and creates the activity in the
 // internal database as its own entry.
-func (a *sideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, activity Activity) error {
+func (a *SideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, activity Activity) error {
 	// Set the activity in the database first.
 	id := activity.GetJSONLDId()
 	unlock, err := a.db.Lock(c, id.Get())
@ -488,7 +512,7 @@ func (a *sideEffectActor) addToOutbox(c context.Context, outboxIRI *url.URL, act
 // It does not add the activity to this database's know federated data.
 //
 // Returns true when the activity is novel.
-func (a *sideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL, activity Activity) (isNew bool, err error) {
+func (a *SideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL, activity Activity) (isNew bool, err error) {
 	// Acquire a lock to read the inbox. Defer release.
 	var unlock func()
 	unlock, err = a.db.Lock(c, inboxIRI)
@ -528,7 +552,7 @@ func (a *sideEffectActor) addToInboxIfNew(c context.Context, inboxIRI *url.URL,
 //
 // Recursion may be limited by providing a 'maxDepth' greater than zero. A
 // value of zero or a negative number will result in infinite recursion.
-func (a *sideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI *url.URL, val vocab.Type, maxDepth, currDepth int) (bool, error) {
+func (a *SideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI *url.URL, val vocab.Type, maxDepth, currDepth int) (bool, error) {
 	// Stop recurring if we are exceeding the maximum depth and the maximum
 	// is a positive number.
 	if maxDepth > 0 && currDepth >= maxDepth {
@ -615,7 +639,7 @@ func (a *sideEffectActor) hasInboxForwardingValues(c context.Context, inboxIRI *
 // hidden recipients ("bto" and "bcc") stripped from it.
 //
 // Only call if both the social and federated protocol are supported.
-func (a *sideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activity Activity) (r []*url.URL, err error) {
+func (a *SideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activity Activity) (r []*url.URL, err error) {
 	// Get inboxes of recipients
 	if to := activity.GetActivityStreamsTo(); to != nil {
 		for iter := to.Begin(); iter != to.End(); iter = iter.Next() {
@ -774,7 +798,7 @@ func (a *sideEffectActor) prepare(c context.Context, outboxIRI *url.URL, activit
 // dereference the collection, WITH the user's credentials.
 //
 // Note that this also applies to CollectionPage and OrderedCollectionPage.
-func (a *sideEffectActor) resolveActors(c context.Context, t Transport, r []*url.URL, depth, maxDepth int) (actors []vocab.Type, err error) {
+func (a *SideEffectActor) resolveActors(c context.Context, t Transport, r []*url.URL, depth, maxDepth int) (actors []vocab.Type, err error) {
 	if maxDepth > 0 && depth >= maxDepth {
 		return
 	}
@ -806,7 +830,7 @@ func (a *sideEffectActor) resolveActors(c context.Context, t Transport, r []*url
 //
 // The returned actor could be nil, if it wasn't an actor (ex: a Collection or
 // OrderedCollection).
-func (a *sideEffectActor) dereferenceForResolvingInboxes(c context.Context, t Transport, actorIRI *url.URL) (actor vocab.Type, moreActorIRIs []*url.URL, err error) {
+func (a *SideEffectActor) dereferenceForResolvingInboxes(c context.Context, t Transport, actorIRI *url.URL) (actor vocab.Type, moreActorIRIs []*url.URL, err error) {
 	var resp []byte
 	resp, err = t.Dereference(c, actorIRI)
 	if err != nil {
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -445,7 +445,7 @@ github.com/stretchr/testify/suite
 # github.com/subosito/gotenv v1.4.2
 ## explicit; go 1.18
 github.com/subosito/gotenv
-# github.com/superseriousbusiness/activity v1.2.1-gts
+# github.com/superseriousbusiness/activity v1.2.2-gts
 ## explicit; go 1.18
 github.com/superseriousbusiness/activity/pub
 github.com/superseriousbusiness/activity/streams