giles
c0665ba58e
112 conversions across 19 .sx files using match, let-match, and pipe operators: match (17): type/value dispatch replacing cond/if chains - lib/vm.sx: HO form dispatch (for-each/map/filter/reduce/some/every?) - lib/tree-tools.sx: node-display, node-matches?, rename, count, replace, free-symbols - lib/types.sx: narrow-type, substitute-in-type, infer-type, resolve-type - web/engine.sx: default-trigger, resolve-target, classify-trigger - web/deps.sx: scan-refs-walk, scan-io-refs-walk let-match (89): dict destructuring replacing (get d "key") patterns - shared/page-functions.sx (20), blog/admin.sx (17), pub-api.sx (13) - events/ layouts/page/tickets/entries/forms (27 total) - specs-explorer.sx (7), federation/social.sx (3), lib/ small files (3) -> pipes (6): replacing triple-chained gets in lib/vm.sx - frame-closure → closure-code → code-bytecode chains Also: lib/vm.sx accessor upgrades (get vm "sp" → vm-sp vm throughout) 2650/2650 tests pass, zero regressions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Federation App
OAuth2 authorization server and ActivityPub social hub for the Rose Ash cooperative. Handles user authentication, fediverse federation, and social features (timeline, compose, follow, notifications).
Structure
app.py # Application factory (create_base_app + blueprints)
path_setup.py # Adds project root + app dir to sys.path
entrypoint.sh # Container entrypoint (optional migrations, Redis flush, start)
bp/
auth/ # Login, magic link, logout, OAuth2 authorize endpoint
identity/ # Actor profile management
social/ # Timeline, compose, search, follow/unfollow,
# like/boost, notifications, following/followers lists
fragments/ # Fragment endpoints
models/ # Re-export stubs pointing to shared/models/
services/ # register_domain_services() — wires all domains
templates/ # Federation-specific templates (override shared/)
OAuth2 SSO
Federation is the authorization server for all Rose Ash apps:
/oauth/authorize— authorization endpoint (PKCE supported)- Magic link login (passwordless email)
- All client apps auto-get
/auth/login,/auth/callback,/auth/logoutviashared/infrastructure/oauth.py - Per-app first-party session cookies (Safari ITP compatible)
ActivityPub
- Per-app actors: each app has its own AP actor (virtual projection of the same keypair)
- Actor endpoints: webfinger, actor profile, inbox, outbox, followers
- Social features: timeline, compose, search, follow/unfollow, like/boost, notifications
- Activities emitted to
ap_activitiestable, processed byEventProcessor - HTTP signatures + IPFS content addressing
Cross-domain communication
services.blog.*— post queries for content federationservices.calendar.*— event queriesservices.market.*— product queriesservices.cart.*— cart summary for context processor