Builder: .signed_fetch_actor_id(uuid) sets instance-level signing actor.
Service: .signed_fetch(&url) performs a signed GET returning raw JSON.
Closes#2
#15 @context security vocab: actor JSON now uses actor_ap_context()
which includes W3C security vocab + Mastodon toot extensions
(manuallyApprovesFollowers, discoverable, featured).
Applied to actor_handler, actor_json(), broadcast_actor_update().
Activity JSON keeps plain AS context (no security vocab needed).
#17 HTTP Digest (documented, no code change): production mode
(debug=false) REQUIRES Digest header on inbound POSTs via
require_digest() in the non-compat normalization config.
Added doc comment to ApFederationConfig::new() to clarify.
#26 Integration tests: 3 new tokio tests in src/tests/integration.rs
using in-memory trait stubs. Tests cover:
- check_guards idempotency (duplicate activity rejected)
- check_guards domain block (blocked domain skipped)
- extract_and_dispatch_mentions (on_mention called for local actor)
